Loading ...

Play interactive tourEdit tour

Analysis Report firefox-3.0.0.zip

Overview

General Information

Sample Name:firefox-3.0.0.zip
Analysis ID:356596
MD5:0843e8551bc7a922b97a0768bdf10d95
SHA1:5d710aa96aac8550fcd64d70139686baabd4265f
SHA256:bea70100c2a98c2e7624e3718a3c552dbfd3cec749aba8bc696d49df4435be33

Most interesting Screenshot:

Detection

Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Drops executable to a common third party application directory
Hijacks the control flow in another process
Maps a DLL or memory area into another process
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
Queries memory information (via WMI often done to detect virtual machines)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
Contains capabilities to detect virtual machines
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to launch a process as a different user
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Drops certificate files (DER)
Drops files with a non-matching file extension (content does not match file extension)
Found dropped PE file which has not been started or loaded
Found evasive API chain checking for process token information
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains sections with non-standard names
PE file does not import any functions
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Startup

  • System is w10x64
  • unarchiver.exe (PID: 6236 cmdline: 'C:\Windows\SysWOW64\unarchiver.exe' 'C:\Users\user\Desktop\firefox-3.0.0.zip' MD5: 8B435F8731563566F3F49203BA277865)
    • 7za.exe (PID: 6260 cmdline: 'C:\Windows\System32\7za.exe' x -pinfected -y -o'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm' 'C:\Users\user\Desktop\firefox-3.0.0.zip' MD5: 77E556CDFDC5C592F5C46DB4127C6F4C)
      • conhost.exe (PID: 6276 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • cmd.exe (PID: 6632 cmdline: 'cmd.exe' /C 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe' MD5: F3BDBE3BB6F734E357235F4D5898582D)
      • conhost.exe (PID: 6640 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • firefox.exe (PID: 6668 cmdline: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe MD5: 4EF66E229568D79CCE138C20A04BC4E3)
        • flashplayer.app (PID: 6732 cmdline: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remote MD5: 13CAB11973C6D733459748EB78B7E60A)
          • flashplayer.app (PID: 6752 cmdline: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remote MD5: 13CAB11973C6D733459748EB78B7E60A)
            • flashplayer.app (PID: 4356 cmdline: 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tab MD5: 13CAB11973C6D733459748EB78B7E60A)
            • flashplayer.app (PID: 1288 cmdline: 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tab MD5: 13CAB11973C6D733459748EB78B7E60A)
            • flashplayer.app (PID: 5888 cmdline: 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tab MD5: 13CAB11973C6D733459748EB78B7E60A)
            • flashplayer.app (PID: 5996 cmdline: 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tab MD5: 13CAB11973C6D733459748EB78B7E60A)
            • flashplayer.app (PID: 6312 cmdline: 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tab MD5: 13CAB11973C6D733459748EB78B7E60A)
            • flashplayer.app (PID: 408 cmdline: 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tab MD5: 13CAB11973C6D733459748EB78B7E60A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

Compliance:

barindex
Creates install or setup log fileShow sources
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashInstall32.logJump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashInstall64.logJump to behavior
Uses new MSVCR DllsShow sources
Source: C:\Windows\SysWOW64\unarchiver.exeFile opened: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_d08c58b4442ba54f\MSVCR80.dllJump to behavior
Uses secure TLS version for HTTPS connectionsShow sources
Source: unknownHTTPS traffic detected: 34.218.7.136:443 -> 192.168.2.7:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.216.198.143:443 -> 192.168.2.7:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.223.130.205:443 -> 192.168.2.7:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 99.86.159.5:443 -> 192.168.2.7:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.216.80.151:443 -> 192.168.2.7:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.89.2.78:443 -> 192.168.2.7:49771 version: TLS 1.2
Binary contains paths to debug symbolsShow sources
Source: Binary string: vcruntime140.i386.pdb source: flashplayer.app, 00000008.00000002.282884699.0000000072C11000.00000020.00020000.sdmp
Source: Binary string: vcruntime140.i386.pdbGCTL source: flashplayer.app, 00000008.00000002.282884699.0000000072C11000.00000020.00020000.sdmp
Source: Binary string: /builds/worker/workspace/obj-build/browser/app/firefox.pdb source: flashplayer.app, 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000009.00000000.276158888.0000000000BF0000.00000002.00020000.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdb source: flashplayer.app, 00000009.00000003.307045781.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: /builds/worker/workspace/obj-build/mozglue/build/mozglue.pdb source: flashplayer.app, 00000008.00000002.282760172.000000006F5B1000.00000002.00020000.sdmp
Source: Binary string: msvcp140.i386.pdbGCTL source: flashplayer.app, 00000008.00000002.282796405.000000006F671000.00000020.00020000.sdmp
Source: Binary string: /builds/worker/workspace/obj-build/media/ffvpx/libavutil/mozavutil.pdb source: flashplayer.app, 00000011.00000002.446681669.0000000065B47000.00000002.00020000.sdmp
Source: Binary string: detoured.pdb source: flashplayer.app, 00000008.00000002.282760172.000000006F5B1000.00000002.00020000.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdbGathers the profile data from the current profiling session.The path appended to the end of the generated URL. source: flashplayer.app, 00000009.00000003.285554134.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: wUxTheme.pdbUGP source: flashplayer.app, 00000009.00000003.365013800.0000000013C35000.00000004.00000001.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdbThis setting controls whether the document's fonts are used. source: flashplayer.app, 00000009.00000003.287711385.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: msvcp140.i386.pdb source: flashplayer.app, 00000008.00000002.282796405.000000006F671000.00000020.00020000.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdbThis setting controls whether the document's fonts are used. source: flashplayer.app, 00000009.00000003.307045781.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: wUxTheme.pdb source: flashplayer.app, 00000009.00000003.365013800.0000000013C35000.00000004.00000001.sdmp
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzmJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeCode function: 4x nop then jmp 00F8097Fh0_2_00F802A8
Source: C:\Windows\SysWOW64\unarchiver.exeCode function: 4x nop then jmp 00F8097Eh0_2_00F802A8
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 4x nop then push 1A709C00h9_3_2000B08B
Source: Joe Sandbox ViewIP Address: 35.244.181.201 35.244.181.201
Source: Joe Sandbox ViewJA3 fingerprint: a72f351cf3c3cd1edb345f7dc071d813
Source: global trafficHTTP traffic detected: GET /success.txt HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0Accept: */*Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0Accept: */*Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /success.txt HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0Accept: */*Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0Accept: */*Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: flashplayer.app, 00000009.00000003.387208611.000000001C741000.00000004.00000001.sdmpString found in binary or memory: {"defaultHandlersVersion":{"en-US":4,"es-ES":4},"mimeTypes":{"application/pdf":{"action":2,"extensions":["pdf"],"handlers":[{"name":"AcroRd32.exe","path":"C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe"}]}},"schemes":{"ircs":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]},"mailto":{"action":4,"handlers":[null,{"name":"Yahoo! Mail","uriTemplate":"https://compose.mail.yahoo.com/?To=%s"},{"name":"Gmail","uriTemplate":"https://mail.google.com/mail/?extsrc=mailto&url=%s"}]},"irc":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]}}} equals www.yahoo.com (Yahoo)
Source: unknownDNS traffic detected: queries for: detectportal.firefox.com
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://code.google.com/p/arc90labs-readability
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: http://consent.google.com/
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: http://consent.google.es/
Source: flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://crl.pki.goog/GTS1O1core.crl0
Source: flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crl0?
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.cr
Source: flashplayer.app, 00000009.00000003.378415915.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0=
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://dev.w3.org/html5/spec/rendering.html#rendering
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/Localization_and_Plurals
Source: flashplayer.app, 00000011.00000002.340951106.0000000004DA8000.00000004.00000001.sdmpString found in binary or memory: http://exslt.org/common
Source: flashplayer.app, 00000011.00000002.340820291.0000000004D86000.00000004.00000001.sdmpString found in binary or memory: http://exslt.org/dates-and-times
Source: flashplayer.app, 00000011.00000002.340951106.0000000004DA8000.00000004.00000001.sdmpString found in binary or memory: http://exslt.org/math
Source: flashplayer.app, 00000011.00000002.340303173.0000000004D00000.00000004.00000001.sdmpString found in binary or memory: http://exslt.org/regular-expressions
Source: flashplayer.app, 00000011.00000002.340303173.0000000004D00000.00000004.00000001.sdmpString found in binary or memory: http://exslt.org/sets
Source: flashplayer.app, 00000011.00000002.340951106.0000000004DA8000.00000004.00000001.sdmpString found in binary or memory: http://exslt.org/strings
Source: flashplayer.app, 00000009.00000003.355686247.00000000185C3000.00000004.00000001.sdmpString found in binary or memory: http://fb.me/use-check-prop-types
Source: firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289978288.00000000114E0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpString found in binary or memory: http://gasnatural.sharepoint.com/
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: http://geocode.arcgis.com/
Source: firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpString found in binary or memory: http://idena.navarra.es/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://iovs.arvojournals.org/article.aspx?articleid=2166061
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: http://links.esri.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: http://maps.google.com/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://mozilla.org/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0
Source: flashplayer.appString found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: flashplayer.app, 00000009.00000003.379107759.000000001B305000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com
Source: flashplayer.app, 00000009.00000003.379107759.000000001B305000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com/
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: flashplayer.app, 00000009.00000003.378415915.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0K
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0N
Source: flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.pki.goog/gsr202
Source: flashplayer.app, 00000009.00000003.378440133.000000001B463000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.378115747.000000001B2EA000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.pki.goog/gts1o1core
Source: flashplayer.app, 00000009.00000003.378440133.000000001B463000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.pki.goog/gts1o1core0
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://opensearch.a9.com/spec/1.1/querysyntax/#core
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://opensearch.a9.com/spec/1.1/querysyntax/#urltag
Source: firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpString found in binary or memory: http://ovc.catastro.meh.es/
Source: flashplayer.app, 00000009.00000003.378440133.000000001B463000.00000004.00000001.sdmpString found in binary or memory: http://pki.goog/gsr2/GTS1O1.crt
Source: flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpString found in binary or memory: http://pki.goog/gsr2/GTS1O1.crt0
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://promises-aplus.github.com/promises-spec/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpString found in binary or memory: http://sampleserver4.arcgisonline.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: http://services.arcgisonline.com/
Source: flashplayer.app, 00000009.00000003.285748533.000000000F239000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.306927743.000000000F41E000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.307045781.000000000D4DA000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.286960776.000000000F41E000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.287129291.000000000D4DD000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.285446337.000000000F404000.00000004.00000001.sdmpString found in binary or memory: http://src.chromium.org/viewvc/chrome/trunk/src/third_party/cld/languages/internal/languages.cc
Source: flashplayer.app, 00000009.00000003.355686247.00000000185C3000.00000004.00000001.sdmpString found in binary or memory: http://stackoverflow.com/questions/30030031)
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://sub.mozilla.org/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpString found in binary or memory: http://tasks.arcgisonline.com/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://whatwg.org/specs/web-apps/current-work/#ping
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.alanwood.net/unicode/fonts.html
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.ethiopic.org/Collation/OrderedLists.html.
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.faqs.org/rfcs/rfc1738.html
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.faqs.org/rfcs/rfc2396.html
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.foo.com
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.foo.com/bar
Source: flashplayer.app, 00000009.00000003.285446337.000000000F404000.00000004.00000001.sdmpString found in binary or memory: http://www.google.com
Source: firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpString found in binary or memory: http://www.idee.es/wms/
Source: flashplayer.app, 00000008.00000002.282760172.000000006F5B1000.00000002.00020000.sdmpString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-update
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmp, flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul);
Source: flashplayer.app, 00000009.00000003.330979525.000000000F41E000.00000004.00000001.sdmpString found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml);
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://www.openh264.org/
Source: flashplayer.app, 00000009.00000003.296669072.000000000D469000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.296912491.000000000E344000.00000004.00000001.sdmpString found in binary or memory: http://www.proyectonave.es/))
Source: flashplayer.app, 00000009.00000003.296669072.000000000D469000.00000004.00000001.sdmpString found in binary or memory: http://www.proyectonave.es/))Attempt
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.timeanddate.com/time/zones/hast)
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: http://www.timeanddate.com/time/zones/ndt)
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: http://xhr.spec.whatwg.org/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
Source: flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpString found in binary or memory: https://...)
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
Source: flashplayer.app, 00000009.00000003.296912491.000000000E344000.00000004.00000001.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/3379635/espanol_espana_language_pack-68.0buildid20
Source: flashplayer.app, 00000009.00000003.296669072.000000000D469000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.296912491.000000000E344000.00000004.00000001.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/3575137/diccionario_de_espanolespana-2.5.xpi
Source: flashplayer.app, 00000009.00000003.296669072.000000000D469000.00000004.00000001.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/3575137/diccionario_de_espanolespana-2.5.xpiSets
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://apis.google.com/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
Source: flashplayer.app, 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000009.00000000.276158888.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000011.00000002.340303173.0000000004D00000.00000004.00000001.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
Source: flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpString found in binary or memory: https://bug1308309.bmoattachments.org/attachment.cgi?id=8814612
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://bugzil.la/marionette-window-tracking
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1368583#c21
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1403293
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1532246
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1592344
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1637089
Source: flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=570012
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://code.cdn.mozilla.net/devices/devices.json
Source: flashplayer.app, 00000009.00000003.387208611.000000001C741000.00000004.00000001.sdmpString found in binary or memory: https://compose.mail.yahoo.com/?To=%s
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://consent.google.com/
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://consent.google.es/
Source: flashplayer.app, 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000009.00000000.276158888.0000000000BF0000.00000002.00020000.sdmpString found in binary or memory: https://crash-reports.mozilla.com/submit?id=
Source: flashplayer.app, 00000011.00000002.357826913.0000000007DE0000.00000002.00000001.sdmpString found in binary or memory: https://ct.grahamedgecombe.com/logs.json)
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/Mozilla/JavaScript_code_modules/Promise.jsm/Promise
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Performance/ScrollLinkedEffects
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryption
Source: flashplayer.app, 00000009.00000003.353309632.000000000EA91000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.377672561.000000001BB8E000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/right#Values.
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/en/Optimizing_Your_Pages_for_Speculative_Parsing
Source: flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpString found in binary or memory: https://developer.mozilla.org/en/docs/Localization_and_Plurals
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
Source: flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpString found in binary or memory: https://dle.rae.es/
Source: flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpString found in binary or memory: https://dle.rae.es/?w=
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://domain.com:port
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://drafts.csswg.org/css-lists-3/#ua-stylesheet
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://drafts.csswg.org/css-scoping/#slots-in-shadow-tree
Source: flashplayer.app, 00000009.00000003.355722008.00000000185AB000.00000004.00000001.sdmpString found in binary or memory: https://fb.me/react-polyfills
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/remote/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/data/ecosystem-telemetry.html
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/data/event-ping.html
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/data/main-ping.html
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/data/prio-ping.html
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox.dns.nextdns.io/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/reco
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://fonts.gstatic.com/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://foo.com
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://foo.com/search.php?q=bar).
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/mozilla.org/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.x
Source: firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289978288.00000000114E0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpString found in binary or memory: https://gasnatural.sharepoint.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://geo0.ggpht.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://geo1.ggpht.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://geo2.ggpht.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://geo3.ggpht.com/
Source: firefox.exeString found in binary or memory: https://geocode.arcgis.com
Source: firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://geocode.arcgis.com/
Source: flashplayer.app, 00000009.00000003.288195459.000000000D4B1000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.287385012.000000000D4B1000.00000004.00000001.sdmpString found in binary or memory: https://github.com/google/re2/blob/master/doc/syntax.txt
Source: flashplayer.app, 00000009.00000003.296912491.000000000E344000.00000004.00000001.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
Source: flashplayer.app, 00000009.00000003.296669072.000000000D469000.00000004.00000001.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshotsClears
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/mozilla/ichnaea/blob/874e8284f0dfa1868e79aae64e14707eed660efe/ichnaea/geocode.py#
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/mozilla/readability
Source: flashplayer.app, 00000009.00000003.296669072.000000000D469000.00000004.00000001.sdmpString found in binary or memory: https://github.com/mozilla/webcompat-reporter
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/mstange/profiler-get-symbols.
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/mstange/profiler-get-symbols/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/mstange/profiler-get-symbols/commit/90ee39f1d18d2727f07dc57bd93cff6bc73ce8a0
Source: firefox.exe, 00000007.00000002.289493290.0000000011466000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289727819.0000000011494000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289796633.00000000114AA000.00000004.00000001.sdmpString found in binary or memory: https://github.com/portapps/firefox-portable
Source: firefox.exe, 00000007.00000002.289959043.00000000114D2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289740206.0000000011498000.00000004.00000001.sdmpString found in binary or memory: https://github.com/portapps/firefox-portable)
Source: firefox.exe, 00000007.00000002.289740206.0000000011498000.00000004.00000001.sdmpString found in binary or memory: https://github.com/portapps/firefox-portable)Publisher:
Source: firefox.exe, 00000007.00000002.289740206.0000000011498000.00000004.00000001.sdmpString found in binary or memory: https://github.com/portapps/firefox-portable)Root
Source: firefox.exe, 00000007.00000002.289727819.0000000011494000.00000004.00000001.sdmpString found in binary or memory: https://github.com/portapps/firefox-portableOperating
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/1072
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4645)
Source: flashplayer.app, 00000009.00000003.355686247.00000000185C3000.00000004.00000001.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/l10n/compare-locales/file/default/compare_locales/plurals.py
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/mozilla-central/annotate/def6ed9d1c1a/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/mozilla-central/file/44344099d119
Source: flashplayer.app, 00000011.00000002.431217994.000000000B3BA000.00000004.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/mozilla-central/rev/6256ec9113c1
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/projects/htmlparser/file/1f633cef7de7/src/nu/validator/htmlparser/impl/ErrorR
Source: flashplayer.app, 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000009.00000000.276158888.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000011.00000002.434355507.000000000BE00000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.340303173.0000000004D00000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.431217994.000000000B3BA000.00000004.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/0df30c09d098468f2f4632e62aec0954b6174dc5
Source: flashplayer.app, 00000011.00000002.434355507.000000000BE00000.00000004.00000001.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/0df30c09d098468f2f4632e62aec0954b6174dc5/shims/g
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://html.spec.whatwg.org/#flow-content-3
Source: flashplayer.app, 00000009.00000003.382274582.000000001BEBE000.00000004.00000001.sdmpString found in binary or memory: https://ib.absa.co.za/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/open-uri
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
Source: flashplayer.appString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-launcher-process/launcher-process-failure/1/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/sslreports/
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://kh.google.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://links.esri.com/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
Source: flashplayer.app, 00000009.00000003.387208611.000000001C741000.00000004.00000001.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://maps.google.com/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://maps.googleapis.com/
Source: firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://maps.gstatic.com/
Source: flashplayer.app, 00000009.00000003.343940992.0000000013EB1000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://mathiasbynens.be/
Source: flashplayer.app, 00000009.00000003.343940992.0000000013EB1000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://mathiasbynens.be/notes/javascript-encoding#surrogate-formulae
Source: flashplayer.app, 00000009.00000003.343940992.0000000013EB1000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://mathiasbynens.be/notes/javascript-escapes#single
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: https://mozilla.o2hJ
Source: flashplayer.app, 00000009.00000003.343940992.0000000013EB1000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://mths.be/jsesc
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://ogs.google.com/
Source: flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpString found in binary or memory: https://pki.goog/repository/0
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://play.google.com/
Source: flashplayer.app, 00000009.00000003.306953606.000000000D4EE000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://profiler.firefox.com
Source: flashplayer.app, 00000009.00000003.306953606.000000000D4EE000.00000004.00000001.sdmpString found in binary or memory: https://profiler.firefox.comWebChannelMessageToContentInsecure
Source: flashplayer.app, 00000009.00000003.354143537.0000000019278000.00000004.00000001.sdmpString found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
Source: flashplayer.app, 00000009.00000003.379107759.000000001B305000.00000004.00000001.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
Source: flashplayer.app, 00000009.00000003.378951557.000000001B327000.00000004.00000001.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpString found in binary or memory: https://sampleserver4.arcgisonline.com/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
Source: flashplayer.app, 00000011.00000002.434355507.000000000BE00000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.434615302.000000000BE11000.00000004.00000001.sdmpString found in binary or memory: https://screenshots.firefox.com/
Source: flashplayer.app, 00000009.00000003.306927743.000000000F41E000.00000004.00000001.sdmpString found in binary or memory: https://screenshots.firefox.com/additional_backgrounds_tiling
Source: flashplayer.app, 00000009.00000003.306927743.000000000F41E000.00000004.00000001.sdmpString found in binary or memory: https://screenshots.firefox.com/additional_backgrounds_tilingThe
Source: flashplayer.app, 00000009.00000003.306953606.000000000D4EE000.00000004.00000001.sdmpString found in binary or memory: https://screenshots.firefox.com/defaultGenerateBundlesSync
Source: flashplayer.app, 00000009.00000003.306953606.000000000D4EE000.00000004.00000001.sdmpString found in binary or memory: https://screenshots.firefox.com/defaultGenerateBundlesSyncfetchFile/this.cache
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://services.arcgisonline.com/
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://settings.stage.mozaws.net/v1/buckets/main-preview/collections/search-config/records
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://settings.stage.mozaws.net/v1/buckets/main/collections/search-config/records
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://ssl.gstatic.com/
Source: flashplayer.app, 00000009.00000003.356284679.00000000178E0000.00000004.00000001.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/81.0.1/WINNT/es-ES/
Source: flashplayer.app, 00000009.00000003.377349036.000000001B3AB000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.374680986.000000001A8FC000.00000004.00000001.sdmpString found in binary or memory: https://support.mozilla.org/es-ES/products/firefox
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windows
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://svgwg.org/svg2-draft/struct.html#SymbolNotes:
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpString found in binary or memory: https://tasks.arcgisonline.com/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-davidben-http2-tls13-00
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-01
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-thomson-http-encryption-02
Source: flashplayer.app, 00000009.00000003.285793728.000000000F261000.00000004.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-west-first-party-cookies).
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7469#section-4.1
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://tpc.googlesyndication.com/
Source: flashplayer.app, 00000009.00000003.297095034.000000000E314000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://url.spec.whatwg.org
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://webcompat.com/issues/new
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
Source: flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpString found in binary or memory: https://website-archive.mozilla.org/www.mozilla.org/access/access/keyboard/
Source: flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://wiki.mozilla.org/CA/Upcoming_Distrust_Actions
Source: flashplayer.app, 00000009.00000003.357827765.0000000015375000.00000004.00000001.sdmpString found in binary or memory: https://wiki.mozilla.org/CA/Upcoming_Distrust_Actionsmidi.Allow.labelPermitirmidi.Allow.accesskeyPmi
Source: flashplayer.app, 00000011.00000002.431217994.000000000B3BA000.00000004.00000001.sdmpString found in binary or memory: https://wiki.mozilla.org/Platform/Channel-specific_build_defines
Source: flashplayer.app, 00000009.00000003.306953606.000000000D4EE000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.286984938.000000000D4F6000.00000004.00000001.sdmpString found in binary or memory: https://www.certificate-transparency.org/what-is-ct
Source: flashplayer.app, 00000009.00000003.360021221.00000000052EF000.00000004.00000001.sdmpString found in binary or memory: https://www.digicert.com/CPS0
Source: flashplayer.app, 00000009.00000003.378887945.000000001B341000.00000004.00000001.sdmpString found in binary or memory: https://www.ebay.com/sch/
Source: flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://www.google.com/maps
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://www.google.com/maps/
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://www.google.com/maps/place
Source: firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://www.google.com/maps/place/
Source: flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpString found in binary or memory: https://www.google.com/search
Source: flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://www.google.com/search?q=caff%C3%A8&client=firefox
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://www.google.com/supported_domains
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
Source: firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpString found in binary or memory: https://www.gstatic.com/
Source: flashplayer.app, 00000009.00000003.387208611.000000001C741000.00000004.00000001.sdmpString found in binary or memory: https://www.mibbit.com/?url=%s
Source: flashplayer.app, 00000009.00000003.377349036.000000001B3AB000.00000004.00000001.sdmpString found in binary or memory: https://www.mozilla.org/es-ES/about/
Source: flashplayer.app, 00000009.00000003.377349036.000000001B3AB000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.374680986.000000001A8FC000.00000004.00000001.sdmpString found in binary or memory: https://www.mozilla.org/es-ES/contribute/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
Source: flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpString found in binary or memory: https://www.unicode.org/reports/tr39/#Restriction_Level_Detection
Source: flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpString found in binary or memory: https://zealous-rosalind-a98ce8.netlify.com/wasm/8f7ca2f70e1cd21b5a2dbe96545672752887bfbd4e7b3b9437e
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownHTTPS traffic detected: 34.218.7.136:443 -> 192.168.2.7:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.216.198.143:443 -> 192.168.2.7:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.223.130.205:443 -> 192.168.2.7:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 99.86.159.5:443 -> 192.168.2.7:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.216.80.151:443 -> 192.168.2.7:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.89.2.78:443 -> 192.168.2.7:49771 version: TLS 1.2
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\0FA748B17A57319DE99D14E1AC707B3BC2835282Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\BFCA81427BCE6118164753421C502B793793226FJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\5018CE87FDB9337BABD18226821E908BCF9B0BC6Jump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\META-INF\mozilla.rsaJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\27392C6C5AEF218B90C10AAAA3C7BD50F39BEA33Jump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\META-INF\mozilla.rsaJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\77A2BB5B444A76C27B9CF870B678DA85F34ED477Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\5FC60CEA59DC8B62D6257FCF0C882A588E07B7E4Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\18535273C443166C2790425502B0723E571ADEABJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\B01E1322CAAB683F00874F3C73B6AD593B99CC5EJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\D74C81922056996BF2DAF5A41FB108B23E33EB81Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\52F66590D9E90C1104F34304CCCD36DE9F67860DJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\C78FA2F61C6A2D6478BFDC089BFF4292DE0A9443Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BBE0D0 RtlInitUnicodeString,NtOpenFile,CreateFileW,FindCloseChangeNotification,GetLastError,8_2_00BBE0D0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB3DD0 towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,NtQueryInformationProcess,OpenProcess,CloseHandle,getenv,GetLastError,GetCurrentProcess,CloseHandle,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,towlower,getenv,_wgetenv,SetProcessMitigationPolicy,DebugBreak,wcstoul,GetCurrentProcessId,Sleep,__Init_thread_header,__Init_thread_footer,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,GetStdHandle,GetStdHandle,GetStdHandle,GetStdHandle,CreateProcessW,ResumeThread,WaitForSingleObject,GetExitCodeProcess,CloseHandle,CloseHandle,DeleteProcThreadAttributeList,free,free,CloseHandle,CreateProcessAsUserW,GetLastError,GetLastError,TerminateProcess,IsDebuggerPresent,GetTickCount,GetTickCount,SetLastError,WaitForInputIdle,GetLastError,Sleep,free,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,getenv,getenv,8_2_00BB3DD0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BC0120 RtlInitUnicodeString,NtQueryInformationProcess,RtlCompareUnicodeString,8_2_00BC0120
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB92A0 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,8_2_00BB92A0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BC0A90 NtQueryVirtualMemory,memmove,8_2_00BC0A90
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BC0A00 NtQueryVirtualMemory,RtlDuplicateUnicodeString,8_2_00BC0A00
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BBEE50 NtQueryVirtualMemory,NtUnmapViewOfSection,RtlCompareUnicodeString,RtlDuplicateUnicodeString,RtlFreeUnicodeString,memset,RtlGetVersion,RtlFreeUnicodeString,RtlAcquireSRWLockExclusive,RtlEqualUnicodeString,RtlAllocateHeap,RtlReleaseSRWLockExclusive,RtlRunOnceExecuteOnce,memcpy,free,free,RtlFreeUnicodeString,RtlDuplicateUnicodeString,RtlCompareMemory,8_2_00BBEE50
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB97B0 rand_s,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,8_2_00BB97B0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEC780 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,8_2_00BEC780
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BB3DD0 towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,NtQueryInformationProcess,OpenProcess,CloseHandle,getenv,GetLastError,GetCurrentProcess,CloseHandle,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,towlower,getenv,_wgetenv,DebugBreak,wcstoul,GetCurrentProcessId,Sleep,__Init_thread_header,__Init_thread_footer,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,GetStdHandle,GetStdHandle,GetStdHandle,GetStdHandle,CreateProcessW,ResumeThread,WaitForSingleObject,GetExitCodeProcess,CloseHandle,CloseHandle,DeleteProcThreadAttributeList,free,free,CloseHandle,CreateProcessAsUserW,GetLastError,GetLastError,TerminateProcess,IsDebuggerPresent,GetTickCount,GetTickCount,SetLastError,GetLastError,Sleep,free,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,getenv,getenv,17_2_00BB3DD0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BBEE50 NtMapViewOfSection,NtQueryVirtualMemory,NtUnmapViewOfSection,RtlCompareUnicodeString,RtlDuplicateUnicodeString,RtlFreeUnicodeString,memset,RtlGetVersion,RtlFreeUnicodeString,RtlAcquireSRWLockExclusive,RtlEqualUnicodeString,RtlAllocateHeap,RtlReleaseSRWLockExclusive,RtlRunOnceExecuteOnce,memcpy,free,free,RtlFreeUnicodeString,RtlDuplicateUnicodeString,RtlCompareMemory,17_2_00BBEE50
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE3790 NtMapViewOfSection,NtUnmapViewOfSection,17_2_00BE3790
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BBE0D0 RtlInitUnicodeString,NtOpenFile,CreateFileW,CloseHandle,GetLastError,17_2_00BBE0D0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE4060 RtlFreeHeap,NtFreeVirtualMemory,17_2_00BE4060
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BC0120 RtlInitUnicodeString,NtQueryInformationProcess,RtlCompareUnicodeString,17_2_00BC0120
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BB92A0 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,17_2_00BB92A0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BC0A90 NtQueryVirtualMemory,memmove,17_2_00BC0A90
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BC0A00 NtQueryVirtualMemory,RtlDuplicateUnicodeString,17_2_00BC0A00
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE4330 RtlAllocateHeap,NtQueryVirtualMemory,RtlFreeHeap,RtlFreeHeap,17_2_00BE4330
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE44A0 NtProtectVirtualMemory,17_2_00BE44A0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BD6C30 NtProtectVirtualMemory,17_2_00BD6C30
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE45C0 NtQueryObject,RtlAllocateHeap,NtQueryObject,RtlFreeHeap,RtlAllocateHeap,RtlFreeHeap,17_2_00BE45C0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE4500 NtProtectVirtualMemory,17_2_00BE4500
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE3E90 NtQueryInformationProcess,NtQueryInformationProcess,17_2_00BE3E90
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE46E0 RtlAllocateHeap,NtAllocateVirtualMemory,NtAllocateVirtualMemory,17_2_00BE46E0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE66D0 NtWaitForSingleObject,WaitForSingleObject,17_2_00BE66D0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE8EC0 _TargetNtMapViewOfSection@44,NtUnmapViewOfSection,_strnicmp,strlen,_strnicmp,17_2_00BE8EC0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BB97B0 rand_s,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,17_2_00BB97B0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BEC780 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,17_2_00BEC780
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE67F0 NtSignalAndWaitForSingleObject,WaitForSingleObject,NtWaitForSingleObject,NtWaitForSingleObject,WaitForSingleObject,SignalObjectAndWait,memcpy,17_2_00BE67F0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BE3F20 NtDuplicateObject,NtQuerySection,NtClose,17_2_00BE3F20
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB3DD0 towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,NtQueryInformationProcess,OpenProcess,CloseHandle,getenv,GetLastError,GetCurrentProcess,CloseHandle,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,towlower,getenv,_wgetenv,SetProcessMitigationPolicy,DebugBreak,wcstoul,GetCurrentProcessId,Sleep,__Init_thread_header,__Init_thread_footer,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,GetStdHandle,GetStdHandle,GetStdHandle,GetStdHandle,CreateProcessW,ResumeThread,WaitForSingleObject,GetExitCodeProcess,CloseHandle,CloseHandle,DeleteProcThreadAttributeList,free,free,CloseHandle,CreateProcessAsUserW,GetLastError,GetLastError,TerminateProcess,IsDebuggerPresent,GetTickCount,GetTickCount,SetLastError,WaitForInputIdle,GetLastError,Sleep,free,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,getenv,getenv,8_2_00BB3DD0
Source: C:\Windows\SysWOW64\unarchiver.exeCode function: 0_2_00F802A80_2_00F802A8
Source: C:\Windows\SysWOW64\unarchiver.exeCode function: 0_2_00F802990_2_00F80299
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB3DD08_2_00BB3DD0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BBA9908_2_00BBA990
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BC81308_2_00BC8130
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BC2D208_2_00BC2D20
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BC4D108_2_00BC4D10
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BBEE508_2_00BBEE50
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 9_3_1FEC154A9_3_1FEC154A
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 9_3_1FECA2BA9_3_1FECA2BA
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BB3DD017_2_00BB3DD0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BBEE5017_2_00BBEE50
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BBA99017_2_00BBA990
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BC813017_2_00BC8130
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BC2D2017_2_00BC2D20
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BC4D1017_2_00BC4D10
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BC20C0 appears 64 times
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BBA740 appears 34 times
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BEF798 appears 36 times
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BC1FF0 appears 44 times
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BD5BD0 appears 48 times
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BEB3D0 appears 64 times
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: String function: 00BCAA70 appears 48 times
Source: api-ms-win-core-file-l1-2-0.dll.1.drStatic PE information: No import functions for PE file found
Source: classification engineClassification label: mal68.evad.winZIP@25/293@71/14
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB2BD0 moz_xmalloc,CreateToolhelp32Snapshot,_beginthreadex,CloseHandle,8_2_00BB2BD0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phyrox Portable.lnkJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeMutant created: \Sessions\1\BaseNamedObjects\Portappsphyrox-portable
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6640:120:WilError_01
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6276:120:WilError_01
Source: C:\Windows\SysWOW64\unarchiver.exeFile created: C:\Users\user\AppData\Local\Temp\iw2shr2z.nfwJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeSection loaded: C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9603718106bd57ecfbb18fefd769cab4\mscorlib.ni.dllJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeSection loaded: C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlpJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeSection loaded: C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlpJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile read: C:\Program Files (x86)\desktop.iniJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: flashplayer.app, 00000009.00000003.377879994.000000001BB39000.00000004.00000001.sdmpBinary or memory string: SELECT index_data_values FROM object_data WHERE object_store_id = :object_store_id AND key = :key;
Source: flashplayer.app, 00000009.00000003.383858063.000000001C797000.00000004.00000001.sdmpBinary or memory string: UPDATE object_data SET index_data_values = update_index_data_values (key, index_data_values, file_ids, data) WHERE object_store_id = :object_store_id;
Source: flashplayer.app, 00000009.00000003.378969106.000000001B32F000.00000004.00000001.sdmpBinary or memory string: INSERT OR IGNORE INTO index_data (index_id, value, object_data_key, object_store_id, value_locale) VALUES (:index_id, :value, :object_data_key, :object_store_id, :value_locale);
Source: flashplayer.app, 00000009.00000003.378969106.000000001B32F000.00000004.00000001.sdmpBinary or memory string: INSERT OR REPLACE INTO object_data (object_store_id, key, file_ids, data) VALUES (:object_store_id, :key, :file_ids, :data);
Source: flashplayer.app, 00000009.00000003.383858063.000000001C797000.00000004.00000001.sdmpBinary or memory string: INSERT INTO object_store (id, auto_increment, name, key_path) VALUES (:id, :auto_increment, :name, :key_path);
Source: firefox.exeString found in binary or memory: in to finalizer untyped args -thread limit .WithDeadline(.in-addr.arpa.1907348632812595367431640625: extra text: ; SameSite=Lax<not Stringer>@DRIVE_LETTER@Accept-CharsetCertCloseStoreCoInitializeExCoUninitializeCommand failedContent-LengthControlServiceCrea
Source: firefox.exeString found in binary or memory: ompare: block device requiredbufio: negative countcannot marshal type: checkdead: runnable gcommand not supportedconcurrent map writescouldn't write headerdecompression failuredefer on system stackexec: already startedexpected DOCUMENT-ENDexpected STREAM-START
Source: firefox.exeString found in binary or memory: E-START, MAPPING-START, or ALIAS, but got %vhttp2: Transport conn %p received error from processing frame %v: %vhttp2: Transport received unsolicited DATA frame; closing connectionhttp: message cannot contain multiple Content-Length headers; got %qpadding byte
Source: firefox.exeString found in binary or memory: nd expected <stream-start>did not find expected version numberdocument contains excessive aliasingexceeded maximum template depth (%v)expected an ECDSA public key, got %Thttp: no Location header in responsehttp: unexpected EOF reading trailerhttps://*.net.gasn
Source: firefox.exeString found in binary or memory: nent too largecrypto/rsa: public exponent too smallcrypto/rsa: unsupported hash functioncrypto: Size of unknown hash functiondereference of nil pointer of type %sexec: StdinPipe after process startedexpected DOCUMENT-START or STREAM-ENDexplicitly tagged member
Source: unknownProcess created: C:\Windows\SysWOW64\unarchiver.exe 'C:\Windows\SysWOW64\unarchiver.exe' 'C:\Users\user\Desktop\firefox-3.0.0.zip'
Source: unknownProcess created: C:\Windows\SysWOW64\7za.exe 'C:\Windows\System32\7za.exe' x -pinfected -y -o'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm' 'C:\Users\user\Desktop\firefox-3.0.0.zip'
Source: unknownProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Windows\SysWOW64\cmd.exe 'cmd.exe' /C 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe'
Source: unknownProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remote
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remote
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tab
Source: C:\Windows\SysWOW64\unarchiver.exeProcess created: C:\Windows\SysWOW64\7za.exe 'C:\Windows\System32\7za.exe' x -pinfected -y -o'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm' 'C:\Users\user\Desktop\firefox-3.0.0.zip'Jump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess created: C:\Windows\SysWOW64\cmd.exe 'cmd.exe' /C 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe'Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remoteJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remoteJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32Jump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile written: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\application.iniJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: firefox-3.0.0.zipStatic file information: File size 102871757 > 1048576
Source: C:\Windows\SysWOW64\unarchiver.exeFile opened: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_d08c58b4442ba54f\MSVCR80.dllJump to behavior
Source: Binary string: vcruntime140.i386.pdb source: flashplayer.app, 00000008.00000002.282884699.0000000072C11000.00000020.00020000.sdmp
Source: Binary string: vcruntime140.i386.pdbGCTL source: flashplayer.app, 00000008.00000002.282884699.0000000072C11000.00000020.00020000.sdmp
Source: Binary string: /builds/worker/workspace/obj-build/browser/app/firefox.pdb source: flashplayer.app, 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000009.00000000.276158888.0000000000BF0000.00000002.00020000.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdb source: flashplayer.app, 00000009.00000003.307045781.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: /builds/worker/workspace/obj-build/mozglue/build/mozglue.pdb source: flashplayer.app, 00000008.00000002.282760172.000000006F5B1000.00000002.00020000.sdmp
Source: Binary string: msvcp140.i386.pdbGCTL source: flashplayer.app, 00000008.00000002.282796405.000000006F671000.00000020.00020000.sdmp
Source: Binary string: /builds/worker/workspace/obj-build/media/ffvpx/libavutil/mozavutil.pdb source: flashplayer.app, 00000011.00000002.446681669.0000000065B47000.00000002.00020000.sdmp
Source: Binary string: detoured.pdb source: flashplayer.app, 00000008.00000002.282760172.000000006F5B1000.00000002.00020000.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdbGathers the profile data from the current profiling session.The path appended to the end of the generated URL. source: flashplayer.app, 00000009.00000003.285554134.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: wUxTheme.pdbUGP source: flashplayer.app, 00000009.00000003.365013800.0000000013C35000.00000004.00000001.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdbThis setting controls whether the document's fonts are used. source: flashplayer.app, 00000009.00000003.287711385.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: msvcp140.i386.pdb source: flashplayer.app, 00000008.00000002.282796405.000000006F671000.00000020.00020000.sdmp
Source: Binary string: The name of the library's debug file. For example, 'xul.pdbThis setting controls whether the document's fonts are used. source: flashplayer.app, 00000009.00000003.307045781.000000000D4DA000.00000004.00000001.sdmp
Source: Binary string: wUxTheme.pdb source: flashplayer.app, 00000009.00000003.365013800.0000000013C35000.00000004.00000001.sdmp
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB9890 LoadLibraryW,GetProcAddress,FreeLibrary,8_2_00BB9890
Source: AccessibleHandler.dll.1.drStatic PE information: section name: .00cfg
Source: AccessibleHandler.dll.1.drStatic PE information: section name: .orpc
Source: AccessibleMarshal.dll.1.drStatic PE information: section name: .00cfg
Source: AccessibleMarshal.dll.1.drStatic PE information: section name: .orpc
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEEEB6 push ecx; ret 8_2_00BEEEC9
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 9_3_20006C40 push ebp; iretd 9_3_20006C48
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 9_3_20007045 push eax; retf 9_3_2000704D
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 18_3_0ECD949B push edx; retf 18_3_0ECD949D
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 18_3_0EC5B5BE push edi; ret 18_3_0EC5B5BF
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 18_3_0EC5C747 push eax; ret 18_3_0EC5C74E
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 18_3_0EC5B67C push FFFFFF8Eh; iretd 18_3_0EC5B67F
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 18_3_0EC5A621 pushfd ; retf 0000h18_3_0EC5A809
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 18_3_0EC5A23B pushfd ; retf 18_3_0EC5A343

Persistence and Installation Behavior:

barindex
Drops executable to a common third party application directoryShow sources
Source: C:\Windows\SysWOW64\7za.exeFile written: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile written: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile written: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile written: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\default-browser-agent.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\mozavutil.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-hang-ui.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\mozavcodec.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\ucrtbase.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil64_32_0_0_371_Plugin.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-container.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\msvcp140.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\NPSWF32_32_0_0_371.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\libEGL.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleMarshal.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\vcruntime140.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\qipcap.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-private-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\freebl3.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.tmpJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\IA2Marshal.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\gmp-clearkey\0.1\clearkey.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\osclientcerts.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\softokn3.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashPlayerUpdateService.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\nssckbi.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\pingsender.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\xul.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\lgpllibs.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l1-2-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil32_32_0_0_371_Plugin.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll.tmpJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\nss3.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashPlayerPlugin_32_0_0_371.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\breakpadinjector.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil32_32_0_0_371_Plugin.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\d3dcompiler_47.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\mozglue.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-multibyte-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleHandler.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l2-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\minidump-analyzer.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil64_32_0_0_371_Plugin.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\NPSWF64_32_0_0_371.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\libGLESv2.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashInstall32.logJump to behavior
Source: C:\Windows\SysWOW64\7za.exeFile created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashInstall64.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phyrox Portable.lnkJump to behavior

Hooking and other Techniques for Hiding and Protection:

barindex
Overwrites code with unconditional jumps - possibly settings hooks in foreign processShow sources
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6752 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6752 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 4356 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 4356 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 1288 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 1288 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5888 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5888 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5996 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5996 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6312 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6312 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 408 base: 77309780 value: E9 CB 56 8B 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 408 base: 772D7840 value: E9 5B 73 8E 89 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion:

barindex
Queries memory information (via WMI often done to detect virtual machines)Show sources
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_PhysicalMemoryArray
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)Show sources
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_PhysicalMemoryArray
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened / queried: SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}Jump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\default-browser-agent.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-hang-ui.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\pingsender.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil64_32_0_0_371_Plugin.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-container.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l1-2-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil32_32_0_0_371_Plugin.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll.tmpJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\libEGL.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashPlayerPlugin_32_0_0_371.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleMarshal.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\breakpadinjector.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\qipcap.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil32_32_0_0_371_Plugin.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-private-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.tmpJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-multibyte-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleHandler.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\IA2Marshal.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\minidump-analyzer.exeJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l2-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil64_32_0_0_371_Plugin.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\gmp-clearkey\0.1\clearkey.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\osclientcerts.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\libGLESv2.dllJump to dropped file
Source: C:\Windows\SysWOW64\7za.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashPlayerUpdateService.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_8-21365
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appAPI coverage: 7.1 %
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appAPI coverage: 6.2 %
Source: C:\Windows\SysWOW64\unarchiver.exe TID: 6256Thread sleep time: -922337203685477s >= -30000sJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000409Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB94B0 __Init_thread_header,GetSystemInfo,__Init_thread_footer,8_2_00BB94B0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzmJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: flashplayer.app, 00000011.00000002.341345022.00000000067F0000.00000004.00000001.sdmpBinary or memory string: Hyper-V RAW
Source: flashplayer.app, 00000011.00000002.341345022.00000000067F0000.00000004.00000001.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BBEBA0 RtlDuplicateUnicodeString,RtlQueryPerformanceCounter,RtlRunOnceExecuteOnce,LdrLoadDll,17_2_00BBEBA0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB3DD0 towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,NtQueryInformationProcess,OpenProcess,CloseHandle,getenv,GetLastError,GetCurrentProcess,CloseHandle,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,towlower,getenv,_wgetenv,SetProcessMitigationPolicy,DebugBreak,wcstoul,GetCurrentProcessId,Sleep,__Init_thread_header,__Init_thread_footer,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,GetStdHandle,GetStdHandle,GetStdHandle,GetStdHandle,CreateProcessW,ResumeThread,WaitForSingleObject,GetExitCodeProcess,CloseHandle,CloseHandle,DeleteProcThreadAttributeList,free,free,CloseHandle,CreateProcessAsUserW,GetLastError,GetLastError,TerminateProcess,IsDebuggerPresent,GetTickCount,GetTickCount,SetLastError,WaitForInputIdle,GetLastError,Sleep,free,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,towlower,getenv,getenv,8_2_00BB3DD0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB9890 LoadLibraryW,GetProcAddress,FreeLibrary,8_2_00BB9890
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BD5880 GetProcessHeaps,GetProcessHeaps,??2@YAPAXI@Z,GetProcessHeaps,??3@YAXPAX@Z,8_2_00BD5880
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEEB38 SetUnhandledExceptionFilter,8_2_00BEEB38
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEF144 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_00BEF144
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEEB44 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00BEEB44
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 17_2_00BEF144 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,17_2_00BEF144
Source: C:\Windows\SysWOW64\unarchiver.exeMemory allocated: page read and write | page guardJump to behavior

HIPS / PFW / Operating System Protection Evasion:

barindex
Hijacks the control flow in another processShow sources
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6752 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6752 base: 772D7840 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 4356 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 4356 base: 772D7840 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 1288 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 1288 base: 772D7840 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5888 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5888 base: 772D7840 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5996 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 5996 base: 772D7840 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6312 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 6312 base: 772D7840 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 408 base: 77309780 value: E9Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appMemory written: PID: 408 base: 772D7840 value: E9Jump to behavior
Maps a DLL or memory area into another processShow sources
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appSection loaded: unknown target: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app protection: execute and readJump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess created: C:\Windows\SysWOW64\7za.exe 'C:\Windows\System32\7za.exe' x -pinfected -y -o'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm' 'C:\Users\user\Desktop\firefox-3.0.0.zip'Jump to behavior
Source: C:\Windows\SysWOW64\unarchiver.exeProcess created: C:\Windows\SysWOW64\cmd.exe 'cmd.exe' /C 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe'Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remoteJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remoteJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tabJump to behavior
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tab
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tab
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appProcess created: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tabJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BB6280 GetCurrentProcess,OpenProcessToken,GetTokenInformation,GetLastError,moz_xmalloc,memset,GetTokenInformation,GetTokenInformation,GetLastError,moz_xmalloc,memset,GetTokenInformation,InitializeSecurityDescriptor,CreateWellKnownSid,CreateWellKnownSid,SetEntriesInAclW,SetSecurityDescriptorDacl,SetSecurityDescriptorOwner,SetSecurityDescriptorGroup,LocalFree,free,free,CloseHandle,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,CreateWellKnownSid,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,free,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,8_2_00BB6280
Source: flashplayer.app, 00000009.00000003.365013800.0000000013C35000.00000004.00000001.sdmpBinary or memory string: ADWMWINDOWDWMTOUCHThemeInitApiHook%s\uxtheme.dllDllNameThemeActiveLoadedBeforeLastUserLangIDLastLoadedDPILastLoadedDPIPlateausLastLoadedPPIColorNameSizeNameSoftware\Microsoft\Windows\CurrentVersion\Policies\System SetVisualStyle\rundll32.exeThemeDebuggeesshakeShell_TrayWndTEXTGLOW%s::%s%s\*.*..%s\%s\%s.msstylesLMVersionLMOverRide
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEECC1 cpuid 8_2_00BEECC1
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: GetCurrentProcess,TerminateProcess,RevertToSelf,GetCurrentProcess,TerminateProcess,GetCurrentProcess,TerminateProcess,RegDisablePredefinedCache,GetCurrentProcess,TerminateProcess,GetUserDefaultLangID,GetUserDefaultLCID,GetUserDefaultLocaleName,GetCurrentProcess,TerminateProcess,_TargetGdiDllInitialize@12,EnumSystemLocalesEx,HeapDestroy,GetCurrentProcess,TerminateProcess,GetCurrentProcess,TerminateProcess,8_2_00BE99D0
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: GetCurrentProcess,TerminateProcess,RevertToSelf,GetCurrentProcess,TerminateProcess,GetCurrentProcess,TerminateProcess,RegDisablePredefinedCache,GetCurrentProcess,TerminateProcess,GetUserDefaultLangID,GetUserDefaultLCID,GetUserDefaultLocaleName,GetCurrentProcess,TerminateProcess,_TargetGdiDllInitialize@12,EnumSystemLocalesEx,HeapDestroy,GetCurrentProcess,TerminateProcess,GetCurrentProcess,TerminateProcess,17_2_00BE99D0
Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\portapp.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\defaults\pref\channel-prefs.js VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\defaults\pref\autoconfig.js VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\prefs.js VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\distribution\policies.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extensions.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extension-preferences.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\GILSANUB.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\GILLUBCD.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\ProgramData\Mozilla VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0018~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0015~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\.startup-incomplete VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2 VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\compatibility.ini VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cookies.sqlite VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\crashes VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extension-preferences.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\security_state VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\security_state VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\security_state VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extensions VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extensions.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\handlers.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\minidumps VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\parent.lock VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\permissions.sqlite VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\pluginreg.dat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\prefs.js VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\sessionCheckpoints.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\startupCache VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage.sqlite VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\times.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\handlers.json VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\sessionstore-backups\recovery.jsonlz4 VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tmpaddon VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tmpaddon-72fcce VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tmpaddon VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Crash Reports\events VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\crashes\events VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package01~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\segoeuil.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appQueries volume information: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BD7810 CreateNamedPipeW,GetCurrentProcess,DuplicateHandle,8_2_00BD7810
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BEF4B5 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,8_2_00BEF4B5
Source: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.appCode function: 8_2_00BCB820 __Init_thread_header,memset,GetVersionExW,GetProductInfo,??2@YAPAXI@Z,__Init_thread_footer,8_2_00BCB820
Source: C:\Windows\SysWOW64\unarchiver.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid Accounts1Windows Management Instrumentation3Valid Accounts1Valid Accounts1Disable or Modify Tools1Credential API Hooking1System Time Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumIngress Tool Transfer1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsNative API2Registry Run Keys / Startup Folder1Access Token Manipulation1Deobfuscate/Decode Files or Information1LSASS MemoryFile and Directory Discovery3Remote Desktop ProtocolCredential API Hooking1Exfiltration Over BluetoothEncrypted Channel12Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsCommand and Scripting Interpreter12Logon Script (Windows)Process Injection213Obfuscated Files or Information3Security Account ManagerSystem Information Discovery145SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Registry Run Keys / Startup Folder1Masquerading111NTDSQuery Registry1Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol3SIM Card SwapCarrier Billing Fraud
Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptValid Accounts1LSA SecretsSecurity Software Discovery231SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
Replication Through Removable MediaLaunchdRc.commonRc.commonAccess Token Manipulation1Cached Domain CredentialsVirtualization/Sandbox Evasion13VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
External Remote ServicesScheduled TaskStartup ItemsStartup ItemsVirtualization/Sandbox Evasion13DCSyncProcess Discovery2Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobProcess Injection213Proc FilesystemRemote System Discovery1Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 356596 Sample: firefox-3.0.0.zip Startdate: 23/02/2021 Architecture: WINDOWS Score: 68 55 prod.detectportal.prod.cloudops.mozgcp.net 2->55 10 unarchiver.exe 5 2->10         started        process3 process4 12 cmd.exe 1 10->12         started        14 7za.exe 144 10->14         started        file5 18 firefox.exe 12 12->18         started        20 conhost.exe 12->20         started        45 C:\Users\user\AppData\Local\...\firefox.exe, PE32 14->45 dropped 47 C:\Users\user\AppData\...\flashplayer.app, PE32 14->47 dropped 49 C:\Users\user\...49PSWF64_32_0_0_371.dll, PE32+ 14->49 dropped 51 55 other files (none is malicious) 14->51 dropped 77 Drops executable to a common third party application directory 14->77 22 conhost.exe 14->22         started        signatures6 process7 process8 24 flashplayer.app 2 1 18->24         started        signatures9 63 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 24->63 65 Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines) 24->65 67 Hijacks the control flow in another process 24->67 69 3 other signatures 24->69 27 flashplayer.app 9 393 24->27         started        process10 dnsIp11 57 ocsp.pki.goog 27->57 59 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49728, 49732, 80 GOOGLEUS United States 27->59 61 26 other IPs or domains 27->61 41 C:\Users\user\AppData\...\widevinecdm.dll.tmp, PE32 27->41 dropped 43 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32 27->43 dropped 71 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 27->71 73 Hijacks the control flow in another process 27->73 75 Maps a DLL or memory area into another process 27->75 32 flashplayer.app 27->32         started        35 flashplayer.app 27->35         started        37 flashplayer.app 27->37         started        39 3 other processes 27->39 file12 signatures13 process14 dnsIp15 53 192.168.2.1 unknown unknown 32->53

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
firefox-3.0.0.zip4%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleHandler.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleMarshal.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\IA2Marshal.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l1-2-0.dll0%MetadefenderBrowse
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l1-2-0.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l2-1-0.dll0%MetadefenderBrowse
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l2-1-0.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-localization-l1-2-0.dll0%MetadefenderBrowse
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-localization-l1-2-0.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-processthreads-l1-1-1.dll0%MetadefenderBrowse
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-processthreads-l1-1-1.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-synch-l1-2-0.dll0%MetadefenderBrowse
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-synch-l1-2-0.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-timezone-l1-1-0.dll0%MetadefenderBrowse
C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-timezone-l1-1-0.dll0%ReversingLabs

Unpacked PE Files

SourceDetectionScannerLabelLinkDownload
7.2.firefox.exe.400000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File
7.0.firefox.exe.400000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File

Domains

SourceDetectionScannerLabelLink
prod.balrog.prod.cloudops.mozgcp.net1%VirustotalBrowse
prod.detectportal.prod.cloudops.mozgcp.net0%VirustotalBrowse
ocsp.pki.goog0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://www.foo.com/bar1%VirustotalBrowse
http://www.foo.com/bar0%Avira URL Cloudsafe
http://www.idee.es/wms/0%Avira URL Cloudsafe
http://ocsp.pki.goog/gts1o1core00%URL Reputationsafe
http://ocsp.pki.goog/gts1o1core00%URL Reputationsafe
http://ocsp.pki.goog/gts1o1core00%URL Reputationsafe
http://crl.pki.goog/GTS1O1core.crl00%URL Reputationsafe
http://crl.pki.goog/GTS1O1core.crl00%URL Reputationsafe
http://crl.pki.goog/GTS1O1core.crl00%URL Reputationsafe
https://firefox.dns.nextdns.io/0%Avira URL Cloudsafe
http://exslt.org/sets0%Avira URL Cloudsafe
https://foo.com/search.php?q=bar).0%Avira URL Cloudsafe
http://exslt.org/common0%URL Reputationsafe
http://exslt.org/common0%URL Reputationsafe
http://exslt.org/common0%URL Reputationsafe
https://domain.com:port0%Avira URL Cloudsafe
http://exslt.org/dates-and-times0%Avira URL Cloudsafe
http://pki.goog/gsr2/GTS1O1.crt00%URL Reputationsafe
http://pki.goog/gsr2/GTS1O1.crt00%URL Reputationsafe
http://pki.goog/gsr2/GTS1O1.crt00%URL Reputationsafe
https://mths.be/jsesc0%Avira URL Cloudsafe
http://ocsp.pki.goog/gsr2020%URL Reputationsafe
http://ocsp.pki.goog/gsr2020%URL Reputationsafe
http://ocsp.pki.goog/gsr2020%URL Reputationsafe
https://pki.goog/repository/00%URL Reputationsafe
https://pki.goog/repository/00%URL Reputationsafe
https://pki.goog/repository/00%URL Reputationsafe
http://gasnatural.sharepoint.com/0%Avira URL Cloudsafe
http://pki.goog/gsr2/GTS1O1.crt0%URL Reputationsafe
http://pki.goog/gsr2/GTS1O1.crt0%URL Reputationsafe
http://pki.goog/gsr2/GTS1O1.crt0%URL Reputationsafe
https://bug1308309.bmoattachments.org/attachment.cgi?id=88146120%Avira URL Cloudsafe
http://crl.pki.goog/gsr2/gsr2.crl0?0%URL Reputationsafe
http://crl.pki.goog/gsr2/gsr2.crl0?0%URL Reputationsafe
http://crl.pki.goog/gsr2/gsr2.crl0?0%URL Reputationsafe
http://exslt.org/strings0%Avira URL Cloudsafe
http://www.ethiopic.org/Collation/OrderedLists.html.0%Avira URL Cloudsafe
http://ocsp.pki.goog/gts1o1core0%Avira URL Cloudsafe
https://profiler.firefox.comWebChannelMessageToContentInsecure0%Avira URL Cloudsafe
https://webcompat.com/issues/new0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
prod.balrog.prod.cloudops.mozgcp.net
35.244.181.201
truefalseunknown
prod.detectportal.prod.cloudops.mozgcp.net
34.107.221.82
truefalseunknown
shavar.prod.mozaws.net
34.216.80.151
truefalse
    high
    autopush.prod.mozaws.net
    52.32.39.224
    truefalse
      high
      d1zkz3k4cclnv6.cloudfront.net
      13.226.162.32
      truefalse
        high
        pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com
        52.89.2.78
        truefalse
          high
          services.prod.mozaws.net
          34.218.7.136
          truefalse
            high
            d34chcsvb7ug62.cloudfront.net
            99.86.159.5
            truefalse
              high
              mozilla.org
              44.235.246.155
              truefalse
                high
                d2nxq2uap88usk.cloudfront.net
                99.86.159.30
                truefalse
                  high
                  fennec-catalog-cdn.prod.mozaws.net
                  13.226.162.116
                  truefalse
                    high
                    locprod2-elb-us-west-2.prod.mozaws.net
                    34.216.198.143
                    truefalse
                      high
                      firefox.settings.services.mozilla.com
                      143.204.2.25
                      truefalse
                        high
                        services.addons.mozilla.org
                        unknown
                        unknownfalse
                          high
                          detectportal.firefox.com
                          unknown
                          unknownfalse
                            high
                            ocsp.pki.goog
                            unknown
                            unknowntrueunknown
                            ftp.mozilla.org
                            unknown
                            unknownfalse
                              high
                              content-signature-2.cdn.mozilla.net
                              unknown
                              unknownfalse
                                high
                                push.services.mozilla.com
                                unknown
                                unknownfalse
                                  high
                                  shavar.services.mozilla.com
                                  unknown
                                  unknownfalse
                                    high
                                    firefox-settings-attachments.cdn.mozilla.net
                                    unknown
                                    unknownfalse
                                      high

                                      Contacted URLs

                                      NameMaliciousAntivirus DetectionReputation
                                      http://detectportal.firefox.com/success.txtfalse
                                        high

                                        URLs from Memory and Binaries

                                        NameSourceMaliciousAntivirus DetectionReputation
                                        https://consent.google.es/firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                          high
                                          https://html.spec.whatwg.org/#flow-content-3flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                            high
                                            https://github.com/mstange/profiler-get-symbols/commit/90ee39f1d18d2727f07dc57bd93cff6bc73ce8a0flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                              high
                                              https://developer.mozilla.org/Mozilla/JavaScript_code_modules/Promise.jsm/Promiseflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                high
                                                https://geocode.arcgis.com/firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                                  high
                                                  http://developer.mozilla.org/en/docs/DOM:element.removeEventListenerflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                    high
                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=570012flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpfalse
                                                      high
                                                      https://wiki.mozilla.org/CA/Upcoming_Distrust_Actionsflashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                        high
                                                        https://dle.rae.es/?w=flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpfalse
                                                          high
                                                          https://hg.mozilla.org/releases/mozilla-release/rev/0df30c09d098468f2f4632e62aec0954b6174dc5flashplayer.app, 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000009.00000000.276158888.0000000000BF0000.00000002.00020000.sdmp, flashplayer.app, 00000011.00000002.434355507.000000000BE00000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.340303173.0000000004D00000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.431217994.000000000B3BA000.00000004.00000001.sdmpfalse
                                                            high
                                                            http://dev.w3.org/html5/spec/rendering.html#renderingflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                              high
                                                              https://blocked.cdn.mozilla.net/%blockID%.htmlflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                high
                                                                https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                  high
                                                                  https://mathiasbynens.be/notes/javascript-escapes#singleflashplayer.app, 00000009.00000003.343940992.0000000013EB1000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                    high
                                                                    https://identity.mozilla.com/cmd/open-uriflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                      high
                                                                      http://www.foo.com/barflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                      • 1%, Virustotal, Browse
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      http://www.idee.es/wms/firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      http://ocsp.pki.goog/gts1o1core0flashplayer.app, 00000009.00000003.378440133.000000001B463000.00000004.00000001.sdmpfalse
                                                                      • URL Reputation: safe
                                                                      • URL Reputation: safe
                                                                      • URL Reputation: safe
                                                                      unknown
                                                                      http://crl.pki.goog/GTS1O1core.crl0flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpfalse
                                                                      • URL Reputation: safe
                                                                      • URL Reputation: safe
                                                                      • URL Reputation: safe
                                                                      unknown
                                                                      https://firefox.dns.nextdns.io/flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      https://github.com/zertosh/loose-envify)flashplayer.app, 00000009.00000003.355686247.00000000185C3000.00000004.00000001.sdmpfalse
                                                                        high
                                                                        http://whatwg.org/specs/web-apps/current-work/#pingflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                          high
                                                                          https://tools.ietf.org/html/draft-davidben-http2-tls13-00flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                            high
                                                                            https://github.com/mozilla-services/screenshotsflashplayer.app, 00000009.00000003.296912491.000000000E344000.00000004.00000001.sdmpfalse
                                                                              high
                                                                              https://services.addons.mozilla.org/api/v4/addons/addon/flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                high
                                                                                http://tasks.arcgisonline.com/firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpfalse
                                                                                  high
                                                                                  http://exslt.org/setsflashplayer.app, 00000011.00000002.340303173.0000000004D00000.00000004.00000001.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  unknown
                                                                                  https://dle.rae.es/flashplayer.app, 00000009.00000003.372960653.000000001A717000.00000004.00000001.sdmpfalse
                                                                                    high
                                                                                    https://geo1.ggpht.com/firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                                                                      high
                                                                                      https://developer.mozilla.org/docs/Mozilla/Performance/ScrollLinkedEffectsflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                        high
                                                                                        https://foo.com/search.php?q=bar).flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        unknown
                                                                                        http://src.chromium.org/viewvc/chrome/trunk/src/third_party/cld/languages/internal/languages.ccflashplayer.app, 00000009.00000003.285748533.000000000F239000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.306927743.000000000F41E000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.307045781.000000000D4DA000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.286960776.000000000F41E000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.287129291.000000000D4DD000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.285446337.000000000F404000.00000004.00000001.sdmpfalse
                                                                                          high
                                                                                          https://github.com/google/re2/blob/master/doc/syntax.txtflashplayer.app, 00000009.00000003.288195459.000000000D4B1000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.287385012.000000000D4B1000.00000004.00000001.sdmpfalse
                                                                                            high
                                                                                            https://drafts.csswg.org/css-lists-3/#ua-stylesheetflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                              high
                                                                                              http://www.mozilla.com/en-US/blocklist/flashplayer.app, 00000008.00000002.282760172.000000006F5B1000.00000002.00020000.sdmpfalse
                                                                                                high
                                                                                                http://mozilla.org/MPL/2.0flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                  high
                                                                                                  https://ct.grahamedgecombe.com/logs.json)flashplayer.app, 00000011.00000002.357826913.0000000007DE0000.00000002.00000001.sdmpfalse
                                                                                                    high
                                                                                                    https://api.accounts.firefox.com/v1flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                      high
                                                                                                      http://exslt.org/commonflashplayer.app, 00000011.00000002.340951106.0000000004DA8000.00000004.00000001.sdmpfalse
                                                                                                      • URL Reputation: safe
                                                                                                      • URL Reputation: safe
                                                                                                      • URL Reputation: safe
                                                                                                      unknown
                                                                                                      https://domain.com:portflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      low
                                                                                                      https://firefox-source-docs.mozilla.org/remote/flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                        high
                                                                                                        https://code.cdn.mozilla.net/devices/devices.jsonflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                          high
                                                                                                          http://exslt.org/dates-and-timesflashplayer.app, 00000011.00000002.340820291.0000000004D86000.00000004.00000001.sdmpfalse
                                                                                                          • Avira URL Cloud: safe
                                                                                                          unknown
                                                                                                          https://settings.stage.mozaws.net/v1/buckets/main/collections/search-config/recordsflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                            high
                                                                                                            http://pki.goog/gsr2/GTS1O1.crt0flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpfalse
                                                                                                            • URL Reputation: safe
                                                                                                            • URL Reputation: safe
                                                                                                            • URL Reputation: safe
                                                                                                            unknown
                                                                                                            https://mths.be/jsescflashplayer.app, 00000009.00000003.343940992.0000000013EB1000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            unknown
                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=1532246flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                              high
                                                                                                              https://sampleserver4.arcgisonline.com/firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpfalse
                                                                                                                high
                                                                                                                https://github.com/portapps/firefox-portable)firefox.exe, 00000007.00000002.289959043.00000000114D2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289740206.0000000011498000.00000004.00000001.sdmpfalse
                                                                                                                  high
                                                                                                                  http://ocsp.pki.goog/gsr202flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpfalse
                                                                                                                  • URL Reputation: safe
                                                                                                                  • URL Reputation: safe
                                                                                                                  • URL Reputation: safe
                                                                                                                  unknown
                                                                                                                  https://pki.goog/repository/0flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpfalse
                                                                                                                  • URL Reputation: safe
                                                                                                                  • URL Reputation: safe
                                                                                                                  • URL Reputation: safe
                                                                                                                  unknown
                                                                                                                  https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-01flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                    high
                                                                                                                    https://firefox.settings.services.mozilla.com/v1flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                      high
                                                                                                                      https://github.com/w3c/csswg-drafts/issues/4645)flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                        high
                                                                                                                        http://gasnatural.sharepoint.com/firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289978288.00000000114E0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpfalse
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        unknown
                                                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1368583#c21flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                          high
                                                                                                                          https://github.com/mozilla/ichnaea/blob/874e8284f0dfa1868e79aae64e14707eed660efe/ichnaea/geocode.py#flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                            high
                                                                                                                            https://url.spec.whatwg.orgflashplayer.app, 00000009.00000003.297095034.000000000E314000.00000004.00000001.sdmp, flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                              high
                                                                                                                              http://promises-aplus.github.com/promises-spec/flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                high
                                                                                                                                http://ovc.catastro.meh.es/firefox.exe, 00000007.00000002.289982884.00000000114E2000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.289997974.00000000114EC000.00000004.00000001.sdmpfalse
                                                                                                                                  high
                                                                                                                                  http://opensearch.a9.com/spec/1.1/querysyntax/#coreflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                    high
                                                                                                                                    http://www.timeanddate.com/time/zones/ndt)flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                      high
                                                                                                                                      https://www.mibbit.com/?url=%sflashplayer.app, 00000009.00000003.387208611.000000001C741000.00000004.00000001.sdmpfalse
                                                                                                                                        high
                                                                                                                                        http://links.esri.com/firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                                                                                                                          high
                                                                                                                                          https://services.arcgisonline.com/firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                                                                                                                            high
                                                                                                                                            http://pki.goog/gsr2/GTS1O1.crtflashplayer.app, 00000009.00000003.378440133.000000001B463000.00000004.00000001.sdmpfalse
                                                                                                                                            • URL Reputation: safe
                                                                                                                                            • URL Reputation: safe
                                                                                                                                            • URL Reputation: safe
                                                                                                                                            unknown
                                                                                                                                            http://www.alanwood.net/unicode/fonts.htmlflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                              high
                                                                                                                                              https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/data/prio-ping.htmlflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                high
                                                                                                                                                https://github.com/mstange/profiler-get-symbols/flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                  high
                                                                                                                                                  https://www.unicode.org/reports/tr39/#Restriction_Level_Detectionflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                    high
                                                                                                                                                    https://bug1308309.bmoattachments.org/attachment.cgi?id=8814612flashplayer.app, 00000009.00000003.357674723.000000001538C000.00000004.00000001.sdmpfalse
                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                    unknown
                                                                                                                                                    https://github.com/mstange/profiler-get-symbols.flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                      high
                                                                                                                                                      http://services.arcgisonline.com/firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmp, firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                                                                                                                                        high
                                                                                                                                                        https://github.com/portapps/firefox-portable)Publisher:firefox.exe, 00000007.00000002.289740206.0000000011498000.00000004.00000001.sdmpfalse
                                                                                                                                                          high
                                                                                                                                                          https://tools.ietf.org/html/rfc7469#section-4.1flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                            high
                                                                                                                                                            https://www.ebay.com/sch/flashplayer.app, 00000009.00000003.378887945.000000001B341000.00000004.00000001.sdmpfalse
                                                                                                                                                              high
                                                                                                                                                              http://crl.pki.goog/gsr2/gsr2.crl0?flashplayer.app, 00000009.00000003.377992282.000000001B458000.00000004.00000001.sdmpfalse
                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                              unknown
                                                                                                                                                              http://www.faqs.org/rfcs/rfc2396.htmlflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                high
                                                                                                                                                                https://services.addons.mozilla.org/api/v4/abuse/report/addon/flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                  high
                                                                                                                                                                  https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                    high
                                                                                                                                                                    https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/data/event-ping.htmlflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                      high
                                                                                                                                                                      https://compose.mail.yahoo.com/?To=%sflashplayer.app, 00000009.00000003.387208611.000000001C741000.00000004.00000001.sdmpfalse
                                                                                                                                                                        high
                                                                                                                                                                        http://exslt.org/stringsflashplayer.app, 00000011.00000002.340951106.0000000004DA8000.00000004.00000001.sdmpfalse
                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                        unknown
                                                                                                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1403293flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                          high
                                                                                                                                                                          http://sampleserver4.arcgisonline.com/firefox.exe, firefox.exe, 00000007.00000002.290003815.00000000114F0000.00000004.00000001.sdmpfalse
                                                                                                                                                                            high
                                                                                                                                                                            https://github.com/portapps/firefox-portable)Rootfirefox.exe, 00000007.00000002.289740206.0000000011498000.00000004.00000001.sdmpfalse
                                                                                                                                                                              high
                                                                                                                                                                              https://settings.stage.mozaws.net/v1/buckets/main-preview/collections/search-config/recordsflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                high
                                                                                                                                                                                http://www.ethiopic.org/Collation/OrderedLists.html.flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                unknown
                                                                                                                                                                                http://ocsp.pki.goog/gts1o1coreflashplayer.app, 00000009.00000003.378440133.000000001B463000.00000004.00000001.sdmp, flashplayer.app, 00000009.00000003.378115747.000000001B2EA000.00000004.00000001.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                unknown
                                                                                                                                                                                https://support.mozilla.org/1/firefox/81.0.1/WINNT/es-ES/flashplayer.app, 00000009.00000003.356284679.00000000178E0000.00000004.00000001.sdmpfalse
                                                                                                                                                                                  high
                                                                                                                                                                                  https://profiler.firefox.comWebChannelMessageToContentInsecureflashplayer.app, 00000009.00000003.306953606.000000000D4EE000.00000004.00000001.sdmpfalse
                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                  unknown
                                                                                                                                                                                  https://tools.ietf.org/html/draft-thomson-http-encryption-02flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                    high
                                                                                                                                                                                    http://www.faqs.org/rfcs/rfc1738.htmlflashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                      high
                                                                                                                                                                                      https://hg.mozilla.org/mozilla-central/file/44344099d119flashplayer.app, 00000011.00000002.351872627.00000000073E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                        high
                                                                                                                                                                                        http://geocode.arcgis.com/firefox.exe, 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmpfalse
                                                                                                                                                                                          high
                                                                                                                                                                                          https://bugzilla.mozilla.org/show_bug.cgi?id=1637089flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                            high
                                                                                                                                                                                            http://xhr.spec.whatwg.org/flashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                              high
                                                                                                                                                                                              https://webcompat.com/issues/newflashplayer.app, 00000011.00000002.341787114.00000000069E0000.00000002.00000001.sdmpfalse
                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                              unknown
                                                                                                                                                                                              http://mozilla.org/MPL/2.0/.flashplayer.appfalse
                                                                                                                                                                                                high

                                                                                                                                                                                                Contacted IPs

                                                                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                                                                Public

                                                                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                34.218.7.136
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                34.223.130.205
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                34.107.221.82
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                15169GOOGLEUSfalse
                                                                                                                                                                                                52.89.2.78
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                35.244.181.201
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                15169GOOGLEUSfalse
                                                                                                                                                                                                99.86.159.5
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                143.204.2.25
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                13.226.162.32
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                34.216.198.143
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                34.216.80.151
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                99.86.159.30
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse
                                                                                                                                                                                                13.226.162.116
                                                                                                                                                                                                unknownUnited States
                                                                                                                                                                                                16509AMAZON-02USfalse

                                                                                                                                                                                                Private

                                                                                                                                                                                                IP
                                                                                                                                                                                                192.168.2.1
                                                                                                                                                                                                127.0.0.1

                                                                                                                                                                                                General Information

                                                                                                                                                                                                Joe Sandbox Version:31.0.0 Emerald
                                                                                                                                                                                                Analysis ID:356596
                                                                                                                                                                                                Start date:23.02.2021
                                                                                                                                                                                                Start time:11:58:37
                                                                                                                                                                                                Joe Sandbox Product:CloudBasic
                                                                                                                                                                                                Overall analysis duration:0h 15m 40s
                                                                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                                                                Report type:full
                                                                                                                                                                                                Sample file name:firefox-3.0.0.zip
                                                                                                                                                                                                Cookbook file name:defaultwindowsfilecookbook.jbs
                                                                                                                                                                                                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                                                                                                                Run name:Without Tracing
                                                                                                                                                                                                Number of analysed new started processes analysed:32
                                                                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                                                                Number of injected processes analysed:0
                                                                                                                                                                                                Technologies:
                                                                                                                                                                                                • HCA enabled
                                                                                                                                                                                                • EGA enabled
                                                                                                                                                                                                • HDC enabled
                                                                                                                                                                                                • AMSI enabled
                                                                                                                                                                                                Analysis Mode:default
                                                                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                                                                Detection:MAL
                                                                                                                                                                                                Classification:mal68.evad.winZIP@25/293@71/14
                                                                                                                                                                                                EGA Information:
                                                                                                                                                                                                • Successful, ratio: 33.3%
                                                                                                                                                                                                HDC Information:
                                                                                                                                                                                                • Successful, ratio: 57% (good quality ratio 53.8%)
                                                                                                                                                                                                • Quality average: 75.3%
                                                                                                                                                                                                • Quality standard deviation: 27.6%
                                                                                                                                                                                                HCA Information:Failed
                                                                                                                                                                                                Cookbook Comments:
                                                                                                                                                                                                • Adjust boot time
                                                                                                                                                                                                • Enable AMSI
                                                                                                                                                                                                • Found application associated with file extension: .zip
                                                                                                                                                                                                Warnings:
                                                                                                                                                                                                Show All
                                                                                                                                                                                                • Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                • Excluded IPs from analysis (whitelisted): 51.104.139.180, 131.253.33.200, 13.107.22.200, 52.255.188.83, 13.88.21.125, 104.43.193.48, 92.122.145.220, 104.43.139.144, 23.218.208.56, 8.253.95.120, 8.248.113.254, 8.248.119.254, 8.253.204.120, 8.253.207.120, 51.103.5.186, 8.253.95.121, 8.253.95.249, 8.253.204.249, 8.253.204.121, 8.248.135.254, 40.88.32.150, 168.61.161.212, 93.184.220.29, 142.250.185.106, 142.250.185.227, 142.250.186.131, 92.122.213.194, 92.122.213.247, 142.250.186.174, 2.20.142.253, 2.20.142.202, 173.194.164.170, 52.155.217.156
                                                                                                                                                                                                • Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, cs9.wac.phicdn.net, aus5.mozilla.org, fs-wildcard.microsoft.com.edgekey.net, a19.dscg10.akamai.net, skypedataprdcoleus15.cloudapp.net, ocsp.digicert.com, www-bing-com.dual-a-0001.a-msedge.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, au-bg-shim.trafficmanager.net, www.bing.com, fs.microsoft.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, displaycatalog.md.mp.microsoft.com.akadns.net, skypedataprdcolcus17.cloudapp.net, skypedataprdcolcus16.cloudapp.net, pki-goog.l.google.com, r4.sn-4g5edned.gvt1.com, skypedataprdcolcus15.cloudapp.net, dual-a-0001.dc-msedge.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, location.services.mozilla.com, tracking-protection.cdn.mozilla.net, ciscobinary.openh264.org, incoming.telemetry.mozilla.org, store-images.s-microsoft.com-c.edgekey.net, a17.rackcdn.com.mdc.edgesuite.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, r4---sn-4g5edned.gvt1.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, wns.notify.trafficmanager.net, redirector.gvt1.com, safebrowsing.googleapis.com, displaycatalog.mp.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, client.wns.windows.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, skypedataprdcoleus17.cloudapp.net, a-0001.a-afdentry.net.trafficmanager.net, skypedataprdcolwus15.cloudapp.net, vip2-par02p.wns.notify.trafficmanager.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                                                                                                                                                                                                • Execution Graph export aborted for target firefox.exe, PID 6668 because there are no executed function
                                                                                                                                                                                                • Execution Graph export aborted for target flashplayer.app, PID 1288 because there are no executed function
                                                                                                                                                                                                • Execution Graph export aborted for target flashplayer.app, PID 6752 because there are no executed function
                                                                                                                                                                                                • Execution Graph export aborted for target unarchiver.exe, PID 6236 because it is empty
                                                                                                                                                                                                • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                • Report size getting too big, too many NtWriteFile calls found.

                                                                                                                                                                                                Simulations

                                                                                                                                                                                                Behavior and APIs

                                                                                                                                                                                                TimeTypeDescription
                                                                                                                                                                                                12:00:37API Interceptor1x Sleep call for process: flashplayer.app modified

                                                                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                                                                IPs

                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                35.244.181.201http://37.46.150.184/high/imanGet hashmaliciousBrowse
                                                                                                                                                                                                  http://104.168.245.85/mipsGet hashmaliciousBrowse
                                                                                                                                                                                                    http://104.140.242.38/SBIDIOT/x86Get hashmaliciousBrowse
                                                                                                                                                                                                      8iAbuSGbC4.exeGet hashmaliciousBrowse
                                                                                                                                                                                                        http://54.37.70.249/dota2.tar.gzGet hashmaliciousBrowse
                                                                                                                                                                                                          http://31.13.195.251/ECHO/ECHOBOT.mipsGet hashmaliciousBrowse
                                                                                                                                                                                                            34.216.198.143H5MmXCKkB1.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              34.107.221.82H5MmXCKkB1.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • detectportal.firefox.com/success.txt?ipv4
                                                                                                                                                                                                              8iAbuSGbC4.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • detectportal.firefox.com/success.txt

                                                                                                                                                                                                              Domains

                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                              prod.balrog.prod.cloudops.mozgcp.nethttp://37.46.150.184/high/imanGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.244.181.201
                                                                                                                                                                                                              http://104.168.245.85/mipsGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.244.181.201
                                                                                                                                                                                                              http://104.140.242.38/SBIDIOT/x86Get hashmaliciousBrowse
                                                                                                                                                                                                              • 35.244.181.201
                                                                                                                                                                                                              8iAbuSGbC4.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.244.181.201
                                                                                                                                                                                                              http://54.37.70.249/dota2.tar.gzGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.244.181.201
                                                                                                                                                                                                              shavar.prod.mozaws.net8iAbuSGbC4.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 44.241.216.67
                                                                                                                                                                                                              3rbDKSjFvH.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.201.6.28
                                                                                                                                                                                                              Invoice.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.25.189.61
                                                                                                                                                                                                              28photo.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.201.6.28
                                                                                                                                                                                                              17Payment copy.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.191.240.183
                                                                                                                                                                                                              12invoice copy.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.34.90.23
                                                                                                                                                                                                              20order PO-010816-WA0002.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.201.6.28
                                                                                                                                                                                                              33Order Specification.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.187.147.167
                                                                                                                                                                                                              3Purchase order.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.35.21.241
                                                                                                                                                                                                              3Order 578653.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.191.20.229
                                                                                                                                                                                                              22New Order2.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.71.218.22
                                                                                                                                                                                                              25Order.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.43.148.74
                                                                                                                                                                                                              1SWIFT.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.187.147.167
                                                                                                                                                                                                              30IMG_BILL_DRAFTCOPY_595986876.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.201.6.28
                                                                                                                                                                                                              30IMG_BILL_DRAFTCOPY_595986876.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.38.215.55
                                                                                                                                                                                                              15Swift.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.187.197.166
                                                                                                                                                                                                              34PO#59652597.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.191.240.183
                                                                                                                                                                                                              34Invoice-U6AI017400.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.35.21.241
                                                                                                                                                                                                              34Invoice-U6AI017400.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.38.215.55
                                                                                                                                                                                                              42Bank Detail.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.34.90.23
                                                                                                                                                                                                              prod.detectportal.prod.cloudops.mozgcp.netH5MmXCKkB1.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.107.221.82
                                                                                                                                                                                                              8iAbuSGbC4.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.107.221.82
                                                                                                                                                                                                              d1zkz3k4cclnv6.cloudfront.net3rbDKSjFvH.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.32.223.248
                                                                                                                                                                                                              Invoice.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.229.31
                                                                                                                                                                                                              28photo.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.85.51.16
                                                                                                                                                                                                              17Payment copy.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.101.95
                                                                                                                                                                                                              12invoice copy.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.222.150.152
                                                                                                                                                                                                              20order PO-010816-WA0002.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.222.150.152
                                                                                                                                                                                                              33Order Specification.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.222.150.117
                                                                                                                                                                                                              3Purchase order.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.32.8.67
                                                                                                                                                                                                              3Order 578653.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.32.8.105
                                                                                                                                                                                                              22New Order2.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.230.9.222
                                                                                                                                                                                                              25Order.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.222.168.222
                                                                                                                                                                                                              1SWIFT.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.247.50
                                                                                                                                                                                                              30IMG_BILL_DRAFTCOPY_595986876.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.247.50
                                                                                                                                                                                                              30IMG_BILL_DRAFTCOPY_595986876.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.247.105
                                                                                                                                                                                                              15Swift.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.247.105
                                                                                                                                                                                                              34PO#59652597.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.32.223.63
                                                                                                                                                                                                              34Invoice-U6AI017400.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.222.150.229
                                                                                                                                                                                                              34Invoice-U6AI017400.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.222.150.229
                                                                                                                                                                                                              42Bank Detail.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.32.223.63
                                                                                                                                                                                                              Veracod-Church Mutual Non-Disclosure Confidentiality Agreement.docGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.32.14.164
                                                                                                                                                                                                              autopush.prod.mozaws.netH5MmXCKkB1.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 44.238.119.68

                                                                                                                                                                                                              ASN

                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                              AMAZON-02USMT OCEAN STAR ISO 8217 2005.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.62.204
                                                                                                                                                                                                              QTN3C2AF414EDF9_041873.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.57.196.177
                                                                                                                                                                                                              TIC ENQ2040 FCl.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.57.56
                                                                                                                                                                                                              MV ASIA EMERALD II.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.57.56
                                                                                                                                                                                                              TRANSIT MANIFEST CARGO FORM.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.120.65
                                                                                                                                                                                                              8TD8GfTtaW.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 104.192.141.1
                                                                                                                                                                                                              R4VugGhHOo.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 18.197.52.125
                                                                                                                                                                                                              RFQ.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.58.78.16
                                                                                                                                                                                                              ORDER SPECIFICATIONS.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.57.130.120
                                                                                                                                                                                                              22 FEB -PROCESSING.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.158.240.78
                                                                                                                                                                                                              ORDER LIST.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.62.204
                                                                                                                                                                                                              BL + PL + CI.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.120.65
                                                                                                                                                                                                              #U007einvoice#U007eSC00978656.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.57.56
                                                                                                                                                                                                              FortPlayerInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.224.94.78
                                                                                                                                                                                                              RGB HeroInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 99.86.159.18
                                                                                                                                                                                                              Buff-Installer.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.224.195.128
                                                                                                                                                                                                              PO_210222.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.58.78.16
                                                                                                                                                                                                              Order83930.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 3.131.252.17
                                                                                                                                                                                                              rieuro.dllGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.4.74
                                                                                                                                                                                                              AWB-INVOICE_PDF.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.213.114.86
                                                                                                                                                                                                              AMAZON-02USMT OCEAN STAR ISO 8217 2005.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.62.204
                                                                                                                                                                                                              QTN3C2AF414EDF9_041873.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.57.196.177
                                                                                                                                                                                                              TIC ENQ2040 FCl.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.57.56
                                                                                                                                                                                                              MV ASIA EMERALD II.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.57.56
                                                                                                                                                                                                              TRANSIT MANIFEST CARGO FORM.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.120.65
                                                                                                                                                                                                              8TD8GfTtaW.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 104.192.141.1
                                                                                                                                                                                                              R4VugGhHOo.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 18.197.52.125
                                                                                                                                                                                                              RFQ.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.58.78.16
                                                                                                                                                                                                              ORDER SPECIFICATIONS.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.57.130.120
                                                                                                                                                                                                              22 FEB -PROCESSING.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.158.240.78
                                                                                                                                                                                                              ORDER LIST.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.62.204
                                                                                                                                                                                                              BL + PL + CI.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.120.65
                                                                                                                                                                                                              #U007einvoice#U007eSC00978656.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 54.67.57.56
                                                                                                                                                                                                              FortPlayerInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.224.94.78
                                                                                                                                                                                                              RGB HeroInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 99.86.159.18
                                                                                                                                                                                                              Buff-Installer.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 13.224.195.128
                                                                                                                                                                                                              PO_210222.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.58.78.16
                                                                                                                                                                                                              Order83930.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 3.131.252.17
                                                                                                                                                                                                              rieuro.dllGet hashmaliciousBrowse
                                                                                                                                                                                                              • 143.204.4.74
                                                                                                                                                                                                              AWB-INVOICE_PDF.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.213.114.86
                                                                                                                                                                                                              GOOGLEUSMT OCEAN STAR ISO 8217 2005.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              fedex.apkGet hashmaliciousBrowse
                                                                                                                                                                                                              • 142.250.186.138
                                                                                                                                                                                                              Malody-4.3.7.apkGet hashmaliciousBrowse
                                                                                                                                                                                                              • 142.250.186.74
                                                                                                                                                                                                              Malody-4.3.7.apkGet hashmaliciousBrowse
                                                                                                                                                                                                              • 142.250.186.42
                                                                                                                                                                                                              Quote_13940007.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 216.239.32.21
                                                                                                                                                                                                              0O9BJfVJi6fEMoS.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              Payment Transfer Copy of $274,876.00 for the invoice shipments.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              dex.dexGet hashmaliciousBrowse
                                                                                                                                                                                                              • 142.250.185.202
                                                                                                                                                                                                              dex.dexGet hashmaliciousBrowse
                                                                                                                                                                                                              • 142.250.185.170
                                                                                                                                                                                                              SKBM 0222.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 216.239.32.21
                                                                                                                                                                                                              lpdKSOB78u.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              vBugmobiJh.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              ORDER SPECIFICATIONS.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              crypted.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 216.239.32.21
                                                                                                                                                                                                              NewOrder.xlsmGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              Order_20180218001.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              22 FEB -PROCESSING.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              SOA.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 35.186.238.101
                                                                                                                                                                                                              ORDER LIST.xlsxGet hashmaliciousBrowse
                                                                                                                                                                                                              • 34.102.136.180
                                                                                                                                                                                                              File Downloader [14.5].apkGet hashmaliciousBrowse
                                                                                                                                                                                                              • 142.250.186.74

                                                                                                                                                                                                              JA3 Fingerprints

                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                              a72f351cf3c3cd1edb345f7dc071d813H5MmXCKkB1.exeGet hashmaliciousBrowse
                                                                                                                                                                                                              • 52.89.2.78
                                                                                                                                                                                                              • 34.218.7.136
                                                                                                                                                                                                              • 35.244.181.201
                                                                                                                                                                                                              • 99.86.159.5

                                                                                                                                                                                                              Dropped Files

                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l1-2-0.dllwno5UOP8TJ.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                LineInst.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                  WnrMsg.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                    HdaPJuN3ad.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                      VooVMeeting_1410000197_1.6.0.530.publish.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                        Coronavirus_Informations.docGet hashmaliciousBrowse
                                                                                                                                                                                                                          https://www.dropbox.com/l/AAAs46BVQ-wpiFRF6sxSaIkakq-T59TjYbM/loginGet hashmaliciousBrowse
                                                                                                                                                                                                                            LineInst.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                              VooVMeeting_1.4.7.510.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                DashlaneInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                  ResistanceWallet-windows-2.2.7.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                    DashlaneInst.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                      DropboxInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                        https://www.satogo.com:443/SAToGo-en.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                          DashlaneInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                            DropboxInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                              DropboxInstaller.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                installer.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                  installer.exeGet hashmaliciousBrowse
                                                                                                                                                                                                                                                    DropboxInstaller.exeGet hashmaliciousBrowse

                                                                                                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\unarchiver.exe.log
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\unarchiver.exe
                                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):388
                                                                                                                                                                                                                                                      Entropy (8bit):5.2529463157768355
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12:Q3LaJU20NaL10U29hJ5g1B0U2ukyrFk7v:MLF20NaL329hJ5g522r0
                                                                                                                                                                                                                                                      MD5:FF3B761A021930205BEC9D7664AE9258
                                                                                                                                                                                                                                                      SHA1:1039D595C6333358D5F7EE5619FE6794E6F5FDB1
                                                                                                                                                                                                                                                      SHA-256:A3517BC4B1E6470905F9A38466318B302186496E8706F1976F1ED76F3E87AF0F
                                                                                                                                                                                                                                                      SHA-512:1E77D09CF965575EF9800B1EE8947A02D98F88DBFA267300330860757A0C7350AF857A2CB7001C49AFF1F5BD1E0AE6E90F643B27054522CADC730DD14BC3DE11
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Reputation:moderate, very likely benign file
                                                                                                                                                                                                                                                      Preview: 1,"fusion","GAC",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1ffc437de59fb69ba2b865ffdc98ffd1\System.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d944b3ca0ea1188d700fbd8089726b\System.Drawing.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\bd8d59c984c9f5f2695f64341115cdf0\System.Windows.Forms.ni.dll",0..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\iw2shr2z.nfw\unarchiver.log
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\unarchiver.exe
                                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1633
                                                                                                                                                                                                                                                      Entropy (8bit):5.090257910864918
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:sUkGVPGb5GVPGpTPGvSGVPGpbGb3GMGBGKGVPGiGVPGvGmGsGvQY2v:Z9lEkbvgJ6v
                                                                                                                                                                                                                                                      MD5:7DCB0745E1481F4C7910A88EBF9CE1D6
                                                                                                                                                                                                                                                      SHA1:641C3A9C781FF172C6E432EFA3C1E888EB413BB4
                                                                                                                                                                                                                                                      SHA-256:BDBB12629838B68D09C96BDD240CFF9DD85DB6E8050DEE27DAE2872E48831328
                                                                                                                                                                                                                                                      SHA-512:B938773CA43ACB0AC6096652F5F501E3F80246BE30F68C6FECDB1F4828C271069319C6E6493382F101856116222CF585C9A99F23D0239ECD0F8B2A7664C1CAAA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                      Preview: 02/23/2021 11:59 AM: Unpack: C:\Users\user\Desktop\firefox-3.0.0.zip..02/23/2021 11:59 AM: Tmp dir: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm..02/23/2021 11:59 AM: Received from standard out: ..02/23/2021 11:59 AM: Received from standard out: 7-Zip 18.05 (x86) : Copyright (c) 1999-2018 Igor Pavlov : 2018-04-30..02/23/2021 11:59 AM: Received from standard out: ..02/23/2021 11:59 AM: Received from standard out: Scanning the drive for archives:..02/23/2021 11:59 AM: Received from standard out: 1 file, 102871757 bytes (99 MiB)..02/23/2021 11:59 AM: Received from standard out: ..02/23/2021 11:59 AM: Received from standard out: Extracting archive: C:\Users\user\Desktop\firefox-3.0.0.zip..02/23/2021 11:59 AM: Received from standard out: --..02/23/2021 11:59 AM: Received from standard out: Path = C:\Users\user\Desktop\firefox-3.0.0.zip..02/23/2021 11:59 AM: Received from standard out: Type = zip..02/23/2021 11:59 AM: Received from standard out: Physical Size = 102871757
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ISO Media, MP4 Base Media v1 [IS0 14496-12:2003]
                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                      Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                      MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                      SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                      SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                      SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Reputation:moderate, very likely benign file
                                                                                                                                                                                                                                                      Preview: ... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\mz_etilqs_3DKBm6yBkhgKkJr
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3665400
                                                                                                                                                                                                                                                      Entropy (8bit):5.578542256791659
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:UbnUnoagiVEBp0rsZ/WgcXtXZNlDbn4peJT136XFG8kObU93D7cmTDzPPmY4P9gV:UN2
                                                                                                                                                                                                                                                      MD5:064882AE7C637A0075AC63894557F125
                                                                                                                                                                                                                                                      SHA1:060EA4E4D379821B1D53BAF641212468A0DD9BD4
                                                                                                                                                                                                                                                      SHA-256:0F98A93B21163D0ECED53E91D2761C0481BC9843102053B8B0D1A350C422C9AE
                                                                                                                                                                                                                                                      SHA-512:A4FD9A6A175C9925D5D1B7CC2A263912D375047E60B828925B97F9F252363FC3F6E74CD93D9FF4DB65AF547CBC569B5B02AB31E49067AD79A0127807AF378452
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                      Preview: ....SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file WHERE id = OLD.id; END.Y...A#..Ytriggerobject_data_de
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\mz_etilqs_C8XpNaOyUm4Fpez
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):610900
                                                                                                                                                                                                                                                      Entropy (8bit):5.922863400078789
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:qinIBv4WOiz9nwPn5lpIHMtdngLaAz04tvn+4XkQzvvxkXNvtvkQxA6TleGtrvtJ:n7T6FC
                                                                                                                                                                                                                                                      MD5:B65EAB87BA2C96CA15C11CD91613A232
                                                                                                                                                                                                                                                      SHA1:165E92A760AF5667BB75CB782E0767B23F748ABE
                                                                                                                                                                                                                                                      SHA-256:C84875A54DFD2C96A45D22EF4F2E04773F6D490C99B1318DD2E6218496C04114
                                                                                                                                                                                                                                                      SHA-512:2CC967B1F0FAB426C300E2D37932A6AD137C6A4F858F65408D56FC0ACC149386CE110A8280A997B4A66F68DFE50D7E734D45D2B3C86ABE82AA8FC640ACFD862B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                      Preview: ..."...............R....................................................v...p.cmpdlmjtut0hgy.0::39d9:9.5:52.666e.f613.65b:1f:f6482............4............os.........All......<schema....3..uB...vendor..( 0x8086....8 block.u......vf..H.cmpdlmjtut0hgy.096:36e71.e15f.....\..vf..r.cmpdlmjtut0hgy.048ggdd55.1e14.792f.7:cg.9:d49222gdee..0cmpdlmjtut0hgy....cmpdlmjtut0hgy...u..................4............os........ WINNT 5.1.......<schema...@..uB...vendor.( 0x8086....8 blockID.....g51.[. .details.n.....(.bug...3..Hhttps://bugzilla.mo..dorg/show_bug.cgi?id=951422.@.P.who.....PDAll Firefox users....0.y.....0 Stability.(...name.).7.(.Intel driver < 6.14.10.5216 for DIRECT3D_9_LAYERS on XP5. created...PL2013-12-18T14:29:36Z.p.......9H.vices.......%.... 0enabled........ feature...pB...R..... .d..(Version.........8.3.0.`.Statu.....0`BLOCKED_DRIVER_VERSION.... 2h.$ComparatorU. LESS_THAN.m.....A..id.....$...37ffcc44-0d03-681e-69bf-89c38111fcd.2..,last_modifie......uB1.._c.b...`E.Hlists/gfx.......
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\mz_etilqs_DqH59Hu4DVImO6g
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):4157400
                                                                                                                                                                                                                                                      Entropy (8bit):5.768384654264208
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:Rd5lsmKn4jJ34EsJlHxQqqAXZ8KkEkZippa+vfkZR5l:Rd5lsmKnSJoJHxQqqAXZ8KkEkZmpFA5l
                                                                                                                                                                                                                                                      MD5:3679798B7AE64C72226070F50141D1A2
                                                                                                                                                                                                                                                      SHA1:EC7A57B59B5FE0FF7BE014085866B461D851AC80
                                                                                                                                                                                                                                                      SHA-256:DDE5D89E7C36F4218558986A386BE6DC3110372608234D3D9ED44071ED4CA0E3
                                                                                                                                                                                                                                                      SHA-512:127F99BFCE218BF1826407E6A414B08516281F62FAA5586CCECDB8A1FB9AD559F36DBB65664CA03B3074730D0A44AE07CBC632B743E0CDC1CA23A88D469D5DDD
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                      Preview: ...F......`....R...`.f.=...D.g.........................................................................8............nbjo0gynpojups.csfbdift.0def:29c5.4879.5d98.:46d.g4e3g11:4e9f..0nbjo0gynpojups.csfbdift.. .nbjo0gynpojups.csfbdift...v.C...............<............Name...... MyHeritag........ Domain......myh.(..com.(@schema....{.C.vB..0@PwnCount>.{.........AddedDat.o.....X2019-02-20T21:04:04Z......Breach.9..$2017-10-26.......P,DataClasses...................((Email addre.,..... ...Password.F.........@.id...$...cde918b4-3768-4c87-935c-f3d2f0093d8.....0,last_modifie.K..%H... ._c.b....<main/fxmonitor-b%.(es............A. ........@.nbjo0gynpojups.csfbdift.0e529c8g2.f6fb.5c8f.9945.:b6:18f3e8ec..0nbjo0gynpojups.csfbdift..!.nbjo0gynpojups.csfbdift...v.C................<............Name.......VNG....... Domain......zing.vn. @schema......C.vB..(@PwnCountZ={.........AddedDat.u.......L2018-04-28T07:49:02Z. ... .Breach.9..$2015-05-19.......0(DataClasses.........%......(<es of birth...... ... (Email
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\CHANGELOG.md
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2868
                                                                                                                                                                                                                                                      Entropy (8bit):4.973857719906589
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:EWtA+Vvs/+YPoe7F9vIpHP5MQSnpC0hehMdhfQWEyfxFmqYsFq3wDdHGOvn:E2bV0/+GomFCpv5MrhehchfQly+JYn
                                                                                                                                                                                                                                                      MD5:746599EA95B567EC39D4AD409A7C9B57
                                                                                                                                                                                                                                                      SHA1:AAFC4A54DC1DAE18BC5131B4E55CF060354D496D
                                                                                                                                                                                                                                                      SHA-256:F5C902F0917DF242B2A08842A22A55C85790082CA9A1C8D5BC11BBEE9C7456E2
                                                                                                                                                                                                                                                      SHA-512:2B0B1B029B3F5308727515EF6E0F994BAD0309527F9FFE64009C7CA4D666A3338A8328C6B89FF86E361B210DD572E0E9AF72B103CDECFB7E072A9E095B6F4193
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: # Changelog..## 80.0-47 (2020/08/24)..* Firefox 80.0.* Portapps 2.6.0..## 79.0-47 (2020/07/31)..* Firefox 79.0..## 78.0.2-46 (2020/07/20)..* Firefox 78.0.2..## 78.0.1-45 (2020/07/08)..* Firefox 78.0.1..## 78.0-44 (2020/06/29)..* Firefox 78.0..## 77.0.1-43 (2020/06/13)..* Firefox 77.0.1..## 76.0.1-42 (2020/05/29)..* Fix addons startup (#3) .* Portapps 2.4.4..## 76.0.1-41 (2020/05/10)..* Firefox 76.0.1.* Allow custom `policies.json` (#25).* `DisableTelemetry` and `DisableFirefoxStudies` removed (use policies file instead).* Portapps 2.2.4..## 75.0-40 (2020/04/12)..* Firefox 75.0.* Portapps 2.0.5..## 74.0.1-39 (2020/04/12)..* Firefox 74.0.1.* Portapps 2.0.2..## 74.0-38 (2020/03/12)..* Firefox 74.0..## 73.0.1-37 (2020/02/24)..* Firefox 73.0.1..## 73.0-36 (2020/02/12)..* Firefox 73.0..## 72.0.2-35 (2020/01/25)..* Firefox 72.0.2..## 72.0.1-34 (2020/01/09)..* Firefox 72.0.1..## 72.0-33 (2020/01/06)..* Firefox 72.0.* Add `cleanup` config.* Portapps 1.31.0..## 71.0-32 (2019/12/03)..* Firefox 71
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\README.md
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2599
                                                                                                                                                                                                                                                      Entropy (8bit):5.080990228576569
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:Y9zH05kj4/9GsgoKEVuO7EAJvElqDZ90KvkisdWR6CB:YRH05kj4/9GWKEVFElqDZqqHrB
                                                                                                                                                                                                                                                      MD5:313C836AA8D948A7878A0662C6BB4538
                                                                                                                                                                                                                                                      SHA1:DCAC7E0CED89476A4D429EBAA4F7C9404B575EDF
                                                                                                                                                                                                                                                      SHA-256:14934328FC7BD450A7CD56D8026FEC43C8A28BA72B9C2A3E371DBB6DC19FEBBD
                                                                                                                                                                                                                                                      SHA-512:5704B924D65E1B379623F4AE10EB82AEE3FC81717AC25761EACBABF629BB9A676EA717B02C6D36DFE21C544E3DB236BBA80C8A193678E7766FE9EC25BE5D2E98
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: <p align="center"><a href="https://portapps.io/app/phyrox-portable/" target="_blank"><img width="100" src="https://github.com/portapps/phyrox-portable/blob/master/res/papp.png"></a></p>..<p align="center">. <a href="https://portapps.io/app/phyrox-portable/#download"><img src="https://img.shields.io/github/release/portapps/phyrox-portable.svg?style=flat-square" alt="GitHub release"></a>. <a href="https://portapps.io/app/phyrox-portable/#download"><img src="https://img.shields.io/github/downloads/portapps/phyrox-portable/total.svg?style=flat-square" alt="Total downloads"></a>. <a href="https://travis-ci.com/portapps/phyrox-portable"><img src="https://img.shields.io/travis/com/portapps/phyrox-portable/master.svg?style=flat-square" alt="Build Status"></a>. <a href="https://goreportcard.com/report/github.com/portapps/phyrox-portable"><img src="https://goreportcard.com/badge/github.com/portapps/phyrox-portable?style=flat-square" alt="Go Report"></a>. <a href="https://app.codacy.com/gh/p
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\Accessible.tlb
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3008
                                                                                                                                                                                                                                                      Entropy (8bit):3.5897730178715066
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:AYSuexkZAhNR5qnFNg51ngu5siU0IIyUk:AYSrQAnRYg5y0gITk
                                                                                                                                                                                                                                                      MD5:E49AEB412AAB7C49A27E6FEAA0CA40CE
                                                                                                                                                                                                                                                      SHA1:6A2F6EA9FACC48A3F736E03FDA2C1CE44B744AF3
                                                                                                                                                                                                                                                      SHA-256:754FD922F8C93B66F723C30D39083A6A1FE33FA4B6439D55AD2459BE40C3151E
                                                                                                                                                                                                                                                      SHA-512:8C3F957D032FA8EDB523CD3F473A57E2CC020C9E6E33AEA183CAD8B435777660F4C7E87BA62C67BBB1AEF726D109F0F34B2D86C159CA9BD98BFAD43C89AF7AD2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MSFT................A............................................... ...................d.......,.......X...............................................................L...............................t...............t...<...............................`........................... ...T...........t...$............................................B..........................................`.......................................d................B..h.......................................x.......0................................................!..................................................D...............................H................!..................................................T................................................B..t...............................................................................d...............x.......................`.......................................................................H...........................0....|....E....^.B.........e.w.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleHandler.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):152272
                                                                                                                                                                                                                                                      Entropy (8bit):6.514752376941393
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3072:nxgpXbVePO5W1EdNIfpHMd5olrXdx3zKMx43B:xgpXbV+OEeGpmyWJB
                                                                                                                                                                                                                                                      MD5:D71CB882D0AA21E6F143FE67D62B9ABC
                                                                                                                                                                                                                                                      SHA1:F79F520372A72AA27724B37D0E7DBAE230BB5D4D
                                                                                                                                                                                                                                                      SHA-256:F1EC5BEB862E69F693F92C694BCA9D590E2F5747FD20415E62BBF65ABAF668E4
                                                                                                                                                                                                                                                      SHA-512:AD66BEE667340FD01DCB95B9F7C7A854BFC6BA9AAE814B5E4A306951ADC5FD8BFC4E219D3564748F475241C4715F026E2EFF8CE3C44D7AAC771BF0F6ECC6F02E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...H.t_.........."!.....p...............................................................@A........................L................P..p............0..."...p..L......................................................@............................text...Bn.......p.................. ..`.rdata..|............t..............@..@.data...............................@....00cfg....... ......................@..@.orpc........0...................... ..`.tls.........@......................@....rsrc...p....P......................@..@.reloc..L....p......................@..B........................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\AccessibleMarshal.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):28368
                                                                                                                                                                                                                                                      Entropy (8bit):5.88591185248288
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:tOikwbOrJkVMfIGfAuGesocyB5AEEOvDG8uK6jSCp1pK:oikaOrGVDGVGeeys7YDGBKgf1pK
                                                                                                                                                                                                                                                      MD5:A4A9F3AA624095F99E3F6C3F90633BC7
                                                                                                                                                                                                                                                      SHA1:B4B998AB799516A9D438E31CA90E59A9306AE1CF
                                                                                                                                                                                                                                                      SHA-256:BB68B17C1CBF8EE5F0E3A17FBCAA44F1906E4D145DE56237C399C19AFF43414A
                                                                                                                                                                                                                                                      SHA-512:ED4BBF919E5F63A6248D7D2E16088CDFE1CBB30CA5B9F36EB0A25D38CBAB3824A831D51A94D4A9AFC6D110E2546DD3F525DF8951760F58FBC4E7076124C9E3AA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...H.t_.........."!.........6......0...............................................0.....@A.........................).......*..x....p...............L..."......X....(............................... ...............+...............................text............................... ..`.rdata....... ......................@..@.data...H....@.......&..............@....00cfg.......P.......(..............@..@.orpc........`.......*.............. ..`.rsrc........p.......,..............@..@.reloc..X............H..............@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\IA2Marshal.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):72912
                                                                                                                                                                                                                                                      Entropy (8bit):5.359212092128512
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:768:4SEuoR+4HYu4GkaT4/6uRzLr1HDEB6aFQDGBKgdx:TEr4RGkaTS+B6aX9
                                                                                                                                                                                                                                                      MD5:AB1FB39F725A2D3EDAC6EBF4DB426506
                                                                                                                                                                                                                                                      SHA1:21EF031C477E7234204FC5974465D392C0AF67C8
                                                                                                                                                                                                                                                      SHA-256:991A30F8E6FFE445CAA9ADBD0D6C93A196AC5CE7FEF6DCCCCE13163C5B686697
                                                                                                                                                                                                                                                      SHA-512:9952928BE44037ADB2333509A1B13E07AE3B6E6E33645127092A3524A1B9B49B3F3DE3B1D9828C8ACBAD37A4B50308702180659C362825D7D43EDE64BEB8D4A8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...G.t_.........."!.........................................................0............@A........................@f.......g..........hx..............."... .......d............................... ...............h...............................text............................... ..`.rdata...O... ...P..................@..@.data........p.......d..............@....00cfg...............n..............@..@.orpc................p.............. ..`.rsrc...hx.......z...v..............@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\META-INF\cose.manifest
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):310129
                                                                                                                                                                                                                                                      Entropy (8bit):5.770515809100645
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3072:DaMVto05wZVdkkENmFTTcj/G/LftmfQtsvYGGylvcy+6Aoqn:DamqHkkneapGQtsvSkcX6AHn
                                                                                                                                                                                                                                                      MD5:98A3B7F60563EC93759EAD563DBC4B0B
                                                                                                                                                                                                                                                      SHA1:098844CC474A4610EA2B9A4469E85D58899ACFAF
                                                                                                                                                                                                                                                      SHA-256:EF6C46A356D63A18580C4E8E12EE786BC14E54BF8A54FDEB4FA223F82149DED3
                                                                                                                                                                                                                                                      SHA-512:10A95C116B3B9C238A3BE29D06A243972D4CE15D43D80E9BE8177601E38CD692687086E20651218F33A11E4287CCC8F9FCA067D9A85A50254FCE818E059BCAFF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Manifest-Version: 1.0..Name: greprefs.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: bQSVcQ3OLaeBtHcJZJdM0ApwVAo=.SHA256-Digest: Vkp1jCZ77v17hDHRrWtYybZtPqITt2PNX70EBugR3Ek=..Name: chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: CJLvM0fQY5IoxTbdRl1LE9f3wSc=.SHA256-Digest: qUb6sqB+1ehcMl37UEBjvuz772xZcXCll3QB0HK6uMQ=..Name: chrome/chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: RQPktuswk45SPqHO1vvdUg8JUfY=.SHA256-Digest: E9I3D1BiGdwlwba7ooM6ffaQPwcWpaP3NcJtYe0NiAk=..Name: update.locale.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: xKsBObpw2lIlOkm1UQl7wxxLma4=.SHA256-Digest: RrpqqdPVQVbLO4vuNGcd9FawR7Y+173OgfSJ50HMv8A=..Name: res/multilocale.txt.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: xKsBObpw2lIlOkm1UQl7wxxLma4=.SHA256-Digest: RrpqqdPVQVbLO4vuNGcd9FawR7Y+173OgfSJ50HMv8A=..Name: components/components.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: 9RbhpRhNByOeTdTAJOnXgyEMBH4=.SHA256-Digest: 5HydHNe7TFvG3OxXIGEM8PPxOBlx7R+dj4PM4KWsTHU=..Name: chrome/en-US/lo
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\META-INF\cose.sig
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3098
                                                                                                                                                                                                                                                      Entropy (8bit):7.554312223816929
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:96:m73WXZsnlXicZt81U1LR9AeMGXkh9mcZp:m7mXGnRZt6UDVUhokp
                                                                                                                                                                                                                                                      MD5:637243B2656127978FD7432D9375ADF1
                                                                                                                                                                                                                                                      SHA1:C26CE019993D7C9AF37DB2E081AAE5F004E3ED28
                                                                                                                                                                                                                                                      SHA-256:749D5D541547DC51924D40D735B80D69AAE7331945BC64A7B590E5694BC9DC94
                                                                                                                                                                                                                                                      SHA-512:19037A5FCFF7C5DD2767287710704B179EE24F5EF7956BFF55DC767F50523DD2501FF4F66993359808089A476E6A3450B20E10DB203126DDABEBF725B351D7B2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.Y.7...Y.10..-0.............0...*.H........0}1.0...U....US1.0...U....Mozilla Corporation1/0-..U...&Mozilla AMO Production Signing Service1.0...U....root-ca-production-amo0...150404000000Z..250404000000Z0..1.0...U....US1.0...U....Mozilla Corporation1/0-..U...&Mozilla AMO Production Signing Service1&0$..U....signingca1.addons.mozilla.org1!0...*.H........foxsec@mozilla.com0.."0...*.H.............0..........[....;........Z..v;.&{..z.bla.J_K..m.....D...xGO........A8Y.........L$..%~T...T.....]%...[p.~=.J......i.b3m.u.c4.B....yF{........j.x.o.M$.........hso...&...h......j..W.....==2]O.}.......n.j...I...S"$..7g.....I.p.4..JR..)...|.......{.)MIH..50.P>.....Y..4.'.X.Ik..^rMcx7.7.GC..o...U.q\....b!..2Y..&..e..6...2......&.1.5.....(.1..3YY.......6...>.#.M&.J....;.....g]..Q.....C.'z(....%..A.k..Cw...Zv.........X.....T...L.#....%....*..x...Hc.O/.tc....'...u.........RNVP6z.n....FP.(....).........0...0...U....0....0...U...........0...U.%.....0...+.......0...U.......>.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\META-INF\manifest.mf
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):310450
                                                                                                                                                                                                                                                      Entropy (8bit):5.7706331892851965
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3072:DaMVto05wZVdkkENmFTTcj/G/LftmfQtsvYGGylvcy+6Aoqe:DamqHkkneapGQtsvSkcX6AHe
                                                                                                                                                                                                                                                      MD5:E20DD23DD148F35DC31C077370A6AA8A
                                                                                                                                                                                                                                                      SHA1:980730C4F03E9D2B215D8D42B522BA1318BBE178
                                                                                                                                                                                                                                                      SHA-256:557AF1CBD7AC48D23C0F1BFEF1955A8256F1A9BFBEB873B59A49C1BD51D79003
                                                                                                                                                                                                                                                      SHA-512:1A239A880DE71C81CD4A081BA5E4F74A6C61B6DF67614A4C979F7ADC31DA242C653DFA5A323A2ECAEE5DDCEBF174D865E13D6B45BB9A8278CAD3FF260017ACAC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Manifest-Version: 1.0..Name: greprefs.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: bQSVcQ3OLaeBtHcJZJdM0ApwVAo=.SHA256-Digest: Vkp1jCZ77v17hDHRrWtYybZtPqITt2PNX70EBugR3Ek=..Name: chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: CJLvM0fQY5IoxTbdRl1LE9f3wSc=.SHA256-Digest: qUb6sqB+1ehcMl37UEBjvuz772xZcXCll3QB0HK6uMQ=..Name: chrome/chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: RQPktuswk45SPqHO1vvdUg8JUfY=.SHA256-Digest: E9I3D1BiGdwlwba7ooM6ffaQPwcWpaP3NcJtYe0NiAk=..Name: update.locale.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: xKsBObpw2lIlOkm1UQl7wxxLma4=.SHA256-Digest: RrpqqdPVQVbLO4vuNGcd9FawR7Y+173OgfSJ50HMv8A=..Name: res/multilocale.txt.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: xKsBObpw2lIlOkm1UQl7wxxLma4=.SHA256-Digest: RrpqqdPVQVbLO4vuNGcd9FawR7Y+173OgfSJ50HMv8A=..Name: components/components.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: 9RbhpRhNByOeTdTAJOnXgyEMBH4=.SHA256-Digest: 5HydHNe7TFvG3OxXIGEM8PPxOBlx7R+dj4PM4KWsTHU=..Name: chrome/en-US/lo
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\META-INF\mozilla.rsa
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):4365
                                                                                                                                                                                                                                                      Entropy (8bit):7.622417461522791
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:96:8Hr89Aeez2JXM1LS0t73WXZsnlXicZt81UQIAYy9v/:8L8azQ81L7mXGnRZt6UQIq/
                                                                                                                                                                                                                                                      MD5:6AE738D5C7F27C057F7EE6086FB39D77
                                                                                                                                                                                                                                                      SHA1:AA22D0B8D4557306516FB7D60558F9BC8B3DA040
                                                                                                                                                                                                                                                      SHA-256:3FCDE30624069D6651C89D5F2BBBDAF97713B6C3A7D44F35CE5B7237B3DFBDC5
                                                                                                                                                                                                                                                      SHA-512:9861DDB687F515B9FF92DE52A80FFBF4555A1C57830E9A06117863449612628F92506F072373D290849DAA49D516106F4107456A48CEC67E9C54C77E99ECB651
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0.....*.H..........0......1.0...`.H.e....0...*.H..........0..S0..;........9.{....0...*.H........0..1.0...U....US1.0...U....Mozilla Corporation1/0-..U...&Mozilla AMO Production Signing Service1&0$..U....signingca1.addons.mozilla.org1!0...*.H........foxsec@mozilla.com0...200930164454Z..300928164454Z0~1.0...U....US1.0...U....CA1.0...U....Mountain View1.0...U....Addons1.0...U....Mozilla Components1.0...U....omni.ja@mozilla.org0.."0...*.H.............0................._......I.5."UM5j[%.29l...L.i7....X.....~u....G..f..=..i..b.F.b.Q?wgt.\......o..i.....Vu....s...F.h*-.!...4.K3.I{y....'.:.dl,....QaS.iR...Y..y4..^..Il.....7{]g......c..n..pw....|.....!<..d.Y.H..!wab.v..2].$.a.*3.....t.O...=.`T. ..=..K&..#.C....&\#..q."t.wZ~.wF|.O...J......A$.....#.."..&c.AM..AH..C...L.U..=...%......ni...@..FAhV.*...|.P......Ce.0.p.....{..,P..{..q.<.5..aO..W.y08..ni...LC...w.1.+53.|[.].@3p..T.m..<^.;..;...M<w2....{p0......z.[............M...g..XfF.|.........0..0...U...........0.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\META-INF\mozilla.sf
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):144
                                                                                                                                                                                                                                                      Entropy (8bit):5.435919600159291
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:FwAPWXEsKhMNLKfFfduOCWN98/7s93/XJnELKfFxecrO9h9eO/tqUTLp3:+AemELKtfUOVkwBJELKt4t9RlR3
                                                                                                                                                                                                                                                      MD5:6A4DE10BC48F0B1C0B1C61CCC50CC486
                                                                                                                                                                                                                                                      SHA1:99465276575CFD7D3F909849CE905517EE1A0260
                                                                                                                                                                                                                                                      SHA-256:DA2CCCC5D51A48CEB8F63988928C3056B71809BD8EA2589339873925AFB1113C
                                                                                                                                                                                                                                                      SHA-512:A9A818D0B327ED0F4B51C84526C1D41B87548C3A5F751899218A7D44AB577ACEC35FD4484B26788873738E08A98D7CE473037E275B4A3D8164B808C6D63EAF5A
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Signature-Version: 1.0.SHA1-Digest-Manifest: mAcwxPA+nSshXY1CtSK6Exi74Xg=.SHA256-Digest-Manifest: VXrxy9esSNI8Dxv+8ZVaglbxqb++uHO1mknBvVHXkAM=..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l1-2-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18184
                                                                                                                                                                                                                                                      Entropy (8bit):7.10604544921595
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:Y+W1hWifcvHCjdks/nGfe4pBjSYA89sX5W5RKTt3E2sVWQ4GWFuLOgVqnaj6uDp6:Y+W1hWoQim0GftpBj7sIm3SFOslD16hP
                                                                                                                                                                                                                                                      MD5:79EE4A2FCBE24E9A65106DE834CCDA4A
                                                                                                                                                                                                                                                      SHA1:FD1BA674371AF7116EA06AD42886185F98BA137B
                                                                                                                                                                                                                                                      SHA-256:9F7BDA59FAAFC8A455F98397A63A7F7D114EFC4E8A41808C791256EBF33C7613
                                                                                                                                                                                                                                                      SHA-512:6EF7857D856A1D23333669184A231AD402DC62C8F457A6305FE53ED5E792176CA6F9E561375A707DA0D7DD27E6EA95F8C4355C5DC217E847E807000B310AA05C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                                                                                                                      • Filename: wno5UOP8TJ.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: LineInst.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: WnrMsg.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: HdaPJuN3ad.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: VooVMeeting_1410000197_1.6.0.530.publish.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: Coronavirus_Informations.doc, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: LineInst.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: VooVMeeting_1.4.7.510.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DashlaneInstaller.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: ResistanceWallet-windows-2.2.7.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DashlaneInst.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DropboxInstaller.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DashlaneInstaller.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DropboxInstaller.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DropboxInstaller.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: installer.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: installer.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      • Filename: DropboxInstaller.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L....I.O...........!......................... ...............................0............@.............................L............ ...................=..............T............................................................................text...<........................... ..`.rsrc........ ......................@..@.....I.O........8...T...T........I.O........d................I.O....................RSDSyN'.;rC......l{.....api-ms-win-core-file-l1-2-0.pdb.........T....rdata..T........rdata$zzzdbg.......L....edata... ..`....rsrc$01....` .......rsrc$02.........I.O....@...................(...8...l...............`.......................api-ms-win-core-file-l1-2-0.dll.CreateFile2.kernel32.CreateFile2.GetTempPathW.kernel32.GetTempPathW.GetVolumeNameForVolumeMountPointW.kernel32.GetVolumeNameForVolumeMou
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-file-l2-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18184
                                                                                                                                                                                                                                                      Entropy (8bit):7.161194839446203
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:FZkW1hWiecvHCjdks/nGfe4pBjSYo3Vq34W5RKTt3E2sVWQ4GW2rOqnajd2siD+k:MW1hWdQim0GftpBj4VuFm3SWlg+0mw
                                                                                                                                                                                                                                                      MD5:3F224766FE9B090333FDB43D5A22F9EA
                                                                                                                                                                                                                                                      SHA1:548D1BB707AE7A3DFCCC0C2D99908561A305F57B
                                                                                                                                                                                                                                                      SHA-256:AE5E73416EB64BC18249ACE99F6847024ECEEA7CE9C343696C84196460F3A357
                                                                                                                                                                                                                                                      SHA-512:C12EA6758071B332368D7EF0857479D2B43A4B27CEEAB86CBB542BD6F1515F605EA526DFA3480717F8F452989C25D0EE92BF3335550B15ECEC79E9B25E66A2CA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...%..r...........!......................... ...............................0.......`....@.......................................... ...................=..............T............................................................................text...}........................... ..`.rsrc........ ......................@..@....%..r........8...T...T.......%..r........d...............%..r....................RSDS..Vf0....<...j\....api-ms-win-core-file-l2-1-0.pdb.........T....rdata..T........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02........%..r........................D...p...............#...P...................;...g...................<...m...............%...Z.........................api-ms-win-core-file-l2-1-0.dll.CopyFile2.kernel32.CopyFile2.CopyFileExW.kernel32.CopyFileExW.Crea
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-localization-l1-2-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):20744
                                                                                                                                                                                                                                                      Entropy (8bit):7.082681710664215
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:9OMw3zdp3bwjGjue9/0jCRrndb5W1hW54wm0GftpBjvTNvwm3SBMltZ2m:9OMwBprwjGjue9/0jCRrndboUFViZ2Vu
                                                                                                                                                                                                                                                      MD5:23BD405A6CFD1E38C74C5150EEC28D0A
                                                                                                                                                                                                                                                      SHA1:1D3BE98E7DFE565E297E837A7085731ECD368C7B
                                                                                                                                                                                                                                                      SHA-256:A7FA48DE6C06666B80184AFEE7E544C258E0FB11399AB3FE47D4E74667779F41
                                                                                                                                                                                                                                                      SHA-512:C52D487727A34FBB601B01031300A80ECA7C4A08AF87567DA32CB5B60F7A41EB2CAE06697CD11095322F2FC8307219111EE02B60045904B5C9B1F37E48A06A21
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...c..@...........!......................... ...............................0......<H....@.......................................... ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@....c..@........@...T...T.......c..@........d...............c..@....................RSDS......@..&...$&....api-ms-win-core-localization-l1-2-0.pdb.........T....rdata..T........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02................c..@....v.......;...;...(.......................<...f.......................5...]...................!...I...q...................N.............../...j.............../...^.................../...\...................8...`...........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-processthreads-l1-1-1.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18696
                                                                                                                                                                                                                                                      Entropy (8bit):7.114763903791775
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:NS8DfIelW1hWu4wm0GftpBjBFm3SzlJrI:NSLecfFViRTs
                                                                                                                                                                                                                                                      MD5:95C5B49AF7F2C7D3CD0BC14B1E9EFACB
                                                                                                                                                                                                                                                      SHA1:C400205C81140E60DFFA8811C1906CE87C58971E
                                                                                                                                                                                                                                                      SHA-256:FF9B51AFF7FBEC8D7FE5CC478B12492A59B38B068DC2B518324173BB3179A0E1
                                                                                                                                                                                                                                                      SHA-512:F320937B90068877C46D30A15440DC9ACE652C3319F5D75E0C8BB83F37E78BE0EFB7767B2BD713BE6D38943C8DB3D3D4C3DA44849271605324E599E1242309C3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...Z..s...........!......................... ...............................0............@.......................................... ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@....Z..s........B...T...T.......Z..s........d...............Z..s....................RSDS..j....O.m.h....api-ms-win-core-processthreads-l1-1-1.pdb...........T....rdata..T........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02............Z..s....................(...`...........-...l..........."...W...................N...................P...............F...q...............3...r...................................api-ms-win-core-processthreads-l1-1-1.dll.FlushInstr
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-synch-l1-2-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18696
                                                                                                                                                                                                                                                      Entropy (8bit):7.137566982908939
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:DtZ3UW1hWxDzDm0GftpBjEILkm3ScrlPpU9:n0ViIQxi
                                                                                                                                                                                                                                                      MD5:6E704280D632C2F8F2CADEFCAE25AD85
                                                                                                                                                                                                                                                      SHA1:699C5A1C553D64D7FF3CF4FE57DA72BB151CAEDE
                                                                                                                                                                                                                                                      SHA-256:758A2F9EF6908B51745DB50D89610FE1DE921D93B2DBEA919BFDBA813D5D8893
                                                                                                                                                                                                                                                      SHA-512:ADE85A6CD05128536996705FD60C73F04BAB808DAFB5D8A93C45B2EE6237B6B4DDB087F1A009A9D289C868C98E61BE49259157F5161FECCF9F572FD306B460E6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L....>.............!......................... ...............................0......R.....@.............................v............ ...................=..............T............................................................................text...v........................... ..`.rsrc........ ......................@..@.....>..........9...T...T........>..........d................>......................RSDS...*YJe....X..Q....api-ms-win-core-synch-l1-2-0.pdb............T....rdata..T........rdata$zzzdbg.......v....edata... ..`....rsrc$01....` .......rsrc$02.....................>......................(...l...........R...................W...............&...b...............$...W.......6...w...............;...|...............H...................A.....................................api-ms-win-core-synch-
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-core-timezone-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18696
                                                                                                                                                                                                                                                      Entropy (8bit):7.1338859952744516
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:rWW1hWv4wm0GftpBjgpm3SSP9lndaYhpwe/:ReFVi02vZ
                                                                                                                                                                                                                                                      MD5:C9A55DE62E53D747C5A7FDDEDEF874F9
                                                                                                                                                                                                                                                      SHA1:C5C5A7A873A4D686BFE8E3DA6DC70F724CE41BAD
                                                                                                                                                                                                                                                      SHA-256:B5C725BBB475B5C06CC6CB2A2C3C70008F229659F88FBA25CCD5D5C698D06A4B
                                                                                                                                                                                                                                                      SHA-512:ADCA0360A1297E80A8D3C2E07F5FBC06D2848F572F551342AD4C9884E4AB4BD1D3B3D9919B4F2B929E2848C1A88A4E844DD38C86067CACE9685F9640DB100EFB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                      • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L....}.............!......................... ...............................0......a9....@.............................E............ ...................=..............T............................................................................text...E........................... ..`.rsrc........ ......................@..@.....}..........<...T...T........}..........d................}......................RSDSfb.f.{....A...~}....api-ms-win-core-timezone-l1-1-0.pdb.........T....rdata..T........rdata$zzzdbg.......E....edata... ..`....rsrc$01....` .......rsrc$02.....................}......................(...\...........*...f...........C...............9.......................H...........%...j...............b.....................................api-ms-win-core-timezone-l1-1-0.dll.EnumDynamicTimeZoneInforma
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-conio-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):19208
                                                                                                                                                                                                                                                      Entropy (8bit):7.088979240841937
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:tW1hWv4wm0GftpBjp+m3S1ZXlndaYhpt1:k+FVib+ZvN
                                                                                                                                                                                                                                                      MD5:A668C5EE307457729203AE00EDEBB6B3
                                                                                                                                                                                                                                                      SHA1:2114D84CF3EC576785EBBE6B2184B0D634B86D71
                                                                                                                                                                                                                                                      SHA-256:A95B1AF74623D6D5D892760166B9BFAC8926929571301921F1E62458E6D1A503
                                                                                                                                                                                                                                                      SHA-512:73DC1A1C2CEB98CA6D9DDC7611FC44753184BE00CFBA07C4947D675F0B154A09E6013E1EF54AC7576E661FC51B4BC54FDD96A0C046AB4EE58282E711B1854730
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...x..............!......................... ...............................0............@.......................................... ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@v...................x...........8...d...d.......x...........d...............x.......................RSDS....~3..&L..........api-ms-win-crt-conio-l1-1-0.pdb.........d....rdata..d........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02........x.......T...............(.......................>...w.........../...W...p...........................,...L...l.......................,...L...m...............t...........'...^...............P...g...........................$...=...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-convert-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):22280
                                                                                                                                                                                                                                                      Entropy (8bit):6.929682118101382
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:FuyhW1hWF4wm0GftpBjErIm3StlndaYhpFeD:4cFViUIbi
                                                                                                                                                                                                                                                      MD5:9DDEA3CC96E0FDD3443CC60D649931B3
                                                                                                                                                                                                                                                      SHA1:AF3CB7036318A8427F20B8561079E279119DCA0E
                                                                                                                                                                                                                                                      SHA-256:B7C3EBC36C84630A52D23D1C0E79D61012DFA44CDEBDF039AF31EC9E322845A5
                                                                                                                                                                                                                                                      SHA-512:1427193B31B64715F5712DB9C431593BDC56EF512FE353147DDB7544C1C39DED4371CD72055D82818E965AFF0441B7CBE0B811D828EFB0ECE28471716659E162
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L....F&............!.........................0...............................@......Y.....@..........................................0...................=..............T............................................................................text............................... ..`.rsrc........0......................@..@v....................F&.........:...d...d........F&.........d................F&.....................RSDSR .....[X.+~......api-ms-win-crt-convert-l1-1-0.pdb...........d....rdata..d........rdata$zzzdbg............edata...0..`....rsrc$01....`0.......rsrc$02.....................F&.............z...z...8... .......(...C...^...y...........................1...N...k...............................*...E...`...y...............................5...R...o.......................,...M...n...........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-environment-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18696
                                                                                                                                                                                                                                                      Entropy (8bit):7.080577478918243
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:4rW1hWiSu7jCjdks/nGfe4pBjSYC69poCxW5RKTt3E2sVWQ4GWmEsSC9qnajuZDW:AW1hW6am0GftpBjtBQm3SzSKlUKTT
                                                                                                                                                                                                                                                      MD5:39325E5F023EB564C87D30F7E06DFF23
                                                                                                                                                                                                                                                      SHA1:03DD79A7FBE3DE1A29359B94BA2D554776BDD3FE
                                                                                                                                                                                                                                                      SHA-256:56D8B7EE7619579A3C648EB130C9354BA1BA5B33A07A4F350370EE7B3653749A
                                                                                                                                                                                                                                                      SHA-512:087B9DCB744AD7D330BACB9BDA9C1A1DF28EBB9327DE0C5DC618E79929FD33D1B1FF0E1EF4C08F8B3EA8118B968A89F44FE651C66CBA4ECBB3216CD4BCCE3085
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L......#...........!......................... ...............................0............@............................."............ ...................=..............T............................................................................text...2........................... ..`.rsrc........ ......................@..@v......................#........>...d...d..........#........d..................#....................RSDS.."X...P....`R......api-ms-win-crt-environment-l1-1-0.pdb...........d....rdata..d........rdata$zzzdbg......."....edata... ..`....rsrc$01....` .......rsrc$02...................#....................8...............C...d...........................3...O...l....................... .......5...Z...w.......................)...F...a...........................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-filesystem-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):20232
                                                                                                                                                                                                                                                      Entropy (8bit):7.078362597786606
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:Cq6nWm5CZW1hW9YBm0GftpBjVem3SuPvlg+0Pd:T6nWm5CIhViDeKPmd
                                                                                                                                                                                                                                                      MD5:228C6BBE1BCE84315E4927392A3BAEE5
                                                                                                                                                                                                                                                      SHA1:BA274AA567AD1EC663A2F9284AF2E3CB232698FB
                                                                                                                                                                                                                                                      SHA-256:AC0CEC8644340125507DD0BC9A90B1853A2D194EB60A049237FB5E752D349065
                                                                                                                                                                                                                                                      SHA-512:37A60CCE69E81F68EF62C58BBA8F2843E99E8BA1B87DF9A5B561D358309E672AE5E3434A10A3DDE01AE624D1638DA226D42C64316F72F3D63B08015B43C56CAB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L.....E............!......................... ...............................0.......P....@.......................................... ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@v.....................E.........=...d...d.........E.........d.................E.....................RSDS.(..H....]U.......api-ms-win-crt-filesystem-l1-1-0.pdb............d....rdata..d........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02..................E.............A...A...8...<...@...........$...=...V...q...................)...M...q......................./...O...o...........................7...X...v...........................6...U...r.......................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-heap-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):19208
                                                                                                                                                                                                                                                      Entropy (8bit):7.061759931417666
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:XY3eBW1hWqvm0GftpBjtzsxm3SKulndaYhp6s:zQzViATv
                                                                                                                                                                                                                                                      MD5:1776A2B85378B27825CF5E5A3A132D9A
                                                                                                                                                                                                                                                      SHA1:626F0E7F2F18F31EC304FE7A7AF1A87CBBEBB1DF
                                                                                                                                                                                                                                                      SHA-256:675B1B82DD485CC8C8A099272DB9241D0D2A7F45424901F35231B79186EC47EE
                                                                                                                                                                                                                                                      SHA-512:541A5DD997FC5FEC31C17B4F95F03C3A52E106D6FB590CB46BDF5ADAD23ED4A895853768229F3FBB9049F614D9BAE031E6C43CEC43FB38C89F13163721BB8348
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...(..............!......................... ...............................0......V0....@.......................................... ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@v...................(...........7...d...d.......(...........d...............(.......................RSDS.......y..g........api-ms-win-crt-heap-l1-1-0.pdb..........d....rdata..d........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02........(.......6...............(...........c...................S.......................1...V...y.......................<...c...........................U...z...............:...u...................&...E...p.......................,...U...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-locale-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18696
                                                                                                                                                                                                                                                      Entropy (8bit):7.13232650628006
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:lW1hWi6+49Cjdks/nGfe4pBjSY38yMsW5RKTt3E2sVWQ4GWbGBfqnajE49dRX3tK:lW1hWa4wm0GftpBjlWm3S7dlPptZA
                                                                                                                                                                                                                                                      MD5:034379BCEA45EB99DB8CDFEACBC5E281
                                                                                                                                                                                                                                                      SHA1:BBF93D82E7E306E827EFEB9612E8EAB2B760E2B7
                                                                                                                                                                                                                                                      SHA-256:8B543B1BB241F5B773EB76F652DAD7B12E3E4A09230F2E804CD6B0622E8BAF65
                                                                                                                                                                                                                                                      SHA-512:7EA6EFB75B0C59D3120D5B13DA139042726A06D105C924095ED252F39AC19E11E8A5C6BB1C45FA7519C0163716745D03FB9DAAACA50139A115235AB2815CC256
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L.....Q............!......................... ...............................0.......N....@.............................e............ ...................=..............T............................................................................text...u........................... ..`.rsrc........ ......................@..@v.....................Q.........9...d...d.........Q.........d.................Q.....................RSDS...5m(....nf.......api-ms-win-crt-locale-l1-1-0.pdb............d....rdata..d........rdata$zzzdbg.......e....edata... ..`....rsrc$01....` .......rsrc$02......................Q.....................8...........5...h...............E...................$...N...t...................$...D...b...!...R............... ...s...................:...k.......................9...X...................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-math-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):28936
                                                                                                                                                                                                                                                      Entropy (8bit):6.668155103564419
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:jOTEmbM4Oe5grykfIgTmLmW1hWSsngm0GftpBjGm3SAlD16hX:lEMq5grxfIndCngVis5
                                                                                                                                                                                                                                                      MD5:8DA414C3524A869E5679C0678D1640C1
                                                                                                                                                                                                                                                      SHA1:60CF28792C68E9894878C31B323E68FEB4676865
                                                                                                                                                                                                                                                      SHA-256:39723E61C98703034B264B97EE0FE12E696C6560483D799020F9847D8A952672
                                                                                                                                                                                                                                                      SHA-512:6EF3F81206E7D4DCA5B3C1FAFC9AA2328B717E61EE0ACCE30DFB15AD0FE3CB59B2BD61F92BF6046C0AAE01445896DCB1485AD8BE86629D22C3301A1B5F4F2CFA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L.................!.........................@...............................P............@..............................+...........@...............4...=..............T............................................................................text....,.......................... ..`.rsrc........@.......0..............@..@v..............................7...d...d..................d......................................RSDS9.......2..R1E....api-ms-win-crt-math-l1-1-0.pdb..........d....rdata..d........rdata$zzzdbg........+...edata...@..`....rsrc$01....`@.......rsrc$02...............l.......:...:...(...................................(...@...X...q...............................4...M...g........................ ..= ..i ... ... ... ...!..E!..o!...!...!...!..."..F"..s"..."..."..."...#..E#..o#...#...#..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-multibyte-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):26376
                                                                                                                                                                                                                                                      Entropy (8bit):6.711200183934711
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:2y+Kr6aLPmIHJI6/CpG3t2G3t4odXLNW1hWOXRm0GftpBjVm3SKlDCEIy:2ZKrZPmIHJI6abVi/Q1Iy
                                                                                                                                                                                                                                                      MD5:19D7F2D6424C98C45702489A375D9E17
                                                                                                                                                                                                                                                      SHA1:310BC4ED49492383E7C669AC9145BDA2956C7564
                                                                                                                                                                                                                                                      SHA-256:A6B83B764555D517216E0E34C4945F7A7501C1B7A25308D8F85551FE353F9C15
                                                                                                                                                                                                                                                      SHA-512:01C09EDEF90C60C9E6CDABFF918F15AFC9B728D6671947898CE8848E3D102F300F3FB4246AF0AC9C6F57B3B85B24832D7B40452358636125B61EB89567D3B17E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L....2.............!.....$...................@...............................P...........@.............................. ...........@...............*...=..............T............................................................................text....".......$.................. ..`.rsrc........@.......&..............@..@v....................2..........<...d...d........2..........d................2......................RSDS .Nq...6....,.F.....api-ms-win-crt-multibyte-l1-1-0.pdb.........d....rdata..d........rdata$zzzdbg........ ...edata...@..`....rsrc$01....`@.......rsrc$02.....................2......................8...X...x...;...`.......................1...T...w...................'...L...q.......................B...e.......................7...Z...}...................+...L...m.......................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-private-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):72968
                                                                                                                                                                                                                                                      Entropy (8bit):5.833846377658087
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:1536:g0DjXDe5c4bFE2Jy2cvxXWpD9d3334BkZnVPL9VG:XjDe5c4bFE2Jy2cvxXWpD9d3334BkZnI
                                                                                                                                                                                                                                                      MD5:3D139F57ED79D2C788E422CA26950446
                                                                                                                                                                                                                                                      SHA1:788E4FB5D1F46B0F1802761D0AE3ADDB8611C238
                                                                                                                                                                                                                                                      SHA-256:DC25A882AC454A0071E4815B0E939DC161BA73B5C207B84AFD96203C343B99C7
                                                                                                                                                                                                                                                      SHA-512:12ED9216F44AA5F245C707FE39AED08DC18EA675F5A707098F1A1DA42B348A649846BC919FD318DE7954EA9097C01F22BE76A5D85D664EF030381E7759840765
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...2..............!................................................................K.....@..............................................................=..............T............................................................................text............................... ..`.rsrc...............................@..@v...................2...........:...d...d.......2...........d...............2.......................RSDSTrXT..{...b.........api-ms-win-crt-private-l1-1-0.pdb...........d....rdata..d........rdata$zzzdbg............edata......`....rsrc$01....`........rsrc$02....................2........>..............8...d#...5...>...?..-?..U?...?...?...?...@..L@...@...@...@..!A..RA...A...A...A...B..BB...B...B...C..>C..vC...C...C...C...D..>D..wD...D...E..[E...E...E...E..'F..]F...F...F...F..8G..kG...G..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-process-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):19208
                                                                                                                                                                                                                                                      Entropy (8bit):7.073487666122886
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:hRQqjd7hW1hWif+49Cjdks/nGfe4pBjSYr+c24QLW5RKTt3E2sVWQ4GWw899qnaP:hKwW1hWZ4wm0GftpBjh24Jm3SwlUKTw2
                                                                                                                                                                                                                                                      MD5:9D3D6F938C8672A12AEA03F85D5330DE
                                                                                                                                                                                                                                                      SHA1:6A7D6E84527EAF54D6F78DD1A5F20503E766A66C
                                                                                                                                                                                                                                                      SHA-256:707C9A384440D0B2D067FC0335273F8851B02C3114842E17DF9C54127910D7FB
                                                                                                                                                                                                                                                      SHA-512:0E1681B16CD9AF116BCC5C6B4284C1203B33FEBB197D1D4AB8A649962C0E807AF9258BDE91C86727910624196948E976741411843DD841616337EA93A27DE7CB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L................!......................... ...............................0............@.............................x............ ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@v.............................:...d...d.................d.....................................RSDS=..7..n............api-ms-win-crt-process-l1-1-0.pdb...........d....rdata..d........rdata$zzzdbg.......x....edata... ..`....rsrc$01....` .......rsrc$02..................................$...$...8.......X...................&...@...Y...q...........................*...E..._...z.......................!...<...V...q...........................9...V...t.......................7...R...i...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-runtime-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):22792
                                                                                                                                                                                                                                                      Entropy (8bit):6.939823426760396
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:Lb7hrKkW1hW54wm0GftpBjGOm3SdWlmTwhctW:LbNrKn8FVinhZW
                                                                                                                                                                                                                                                      MD5:FB0CA6CBFFF46BE87AD729A1C4FDE138
                                                                                                                                                                                                                                                      SHA1:2C302D1C535D5C40F31C3A75393118B40E1B2AF9
                                                                                                                                                                                                                                                      SHA-256:1EE8E99190CC31B104FB75E66928B8C73138902FEFEDBCFB54C409DF50A364DF
                                                                                                                                                                                                                                                      SHA-512:99144C67C33E89B8283C5B39B8BF68D55638DAA6ACC2715A2AC8C5DBA4170DD12299D3A2DFFB39AE38EF0872C2C68A64D7CDC6CEBA5E660A53942761CB9ECA83
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L..................!.........................0...............................@............@..........................................0...................=..............T............................................................................text............................... ..`.rsrc........0......................@..@v...............................:...d...d...................d.......................................RSDS.m.q|3.;./>.n5^.....api-ms-win-crt-runtime-l1-1-0.pdb...........d....rdata..d........rdata$zzzdbg............edata...0..`....rsrc$01....`0.......rsrc$02............................f.......k...k...8...............................4...S...s.......................E...g.......................)...N...n...................&...E...f...................'...D...j.......................>.......
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-stdio-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):24328
                                                                                                                                                                                                                                                      Entropy (8bit):6.867867660778997
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:/ZpFVhHW1hWxgYBm0GftpBjMm3SNlndaYhpn3p:boEVi6DBp
                                                                                                                                                                                                                                                      MD5:D5166AB3034F0E1AA679BFA1907E5844
                                                                                                                                                                                                                                                      SHA1:851DD640CB34177C43B5F47B218A686C09FA6B4C
                                                                                                                                                                                                                                                      SHA-256:7BCAB4CA00FB1F85FEA29DD3375F709317B984A6F3B9BA12B8CF1952F97BEEE5
                                                                                                                                                                                                                                                      SHA-512:8F2D7442191DE22457C1B8402FAAD594AF2FE0C38280AAAFC876C797CA79F7F4B6860E557E37C3DBE084FE7262A85C358E3EEAF91E16855A91B7535CB0AC832E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L......G...........!.........................0...............................@............@.............................a............0..............."...=..............T............................................................................text...a........................... ..`.rsrc........0......................@..@v......................G........8...d...d..........G........d..................G....................RSDS9uG.l..k..y.........api-ms-win-crt-stdio-l1-1-0.pdb.........d....rdata..d........rdata$zzzdbg.......a....edata...0..`....rsrc$01....`0.......rsrc$02...........G....^...............(....... ...................<...y...........)...h........... ...]...............H...............)...D...^...v...............................T...u.......................9...Z...{...................0...Q...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-string-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):24328
                                                                                                                                                                                                                                                      Entropy (8bit):6.865312371416882
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:jiFMx0C5yguNvZ5VQgx3SbwA7yMVIkFGlbW1hWS4wm0GftpBjwwO5m3S9lJrm:j6S5yguNvZ5VQgx3SbwA71IkFhbFViWs
                                                                                                                                                                                                                                                      MD5:AD99C2362F64CDE7756B16F9A016A60F
                                                                                                                                                                                                                                                      SHA1:07C9A78EE658BFA81DB61DAB039CFFC9145CC6CB
                                                                                                                                                                                                                                                      SHA-256:73AB2161A7700835B2A15B7487045A695706CC18BCEE283B114042570BB9C0AA
                                                                                                                                                                                                                                                      SHA-512:9C72F239ADDA1DE11B4AD7028F3C897C93859EF277658AEAA141F09B7DDFE788D657B9CB1E2648971ECD5D27B99166283110CCBA437D461003DBB9F6885451F7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L...b.MG...........!.........................0...............................@......P.....@..........................................0..............."...=..............T............................................................................text............................... ..`.rsrc........0......................@..@v...................b.MG........9...d...d.......b.MG........d...............b.MG....................RSDS..'.......!...k....api-ms-win-crt-string-l1-1-0.pdb............d....rdata..d........rdata$zzzdbg............edata...0..`....rsrc$01....`0.......rsrc$02....................b.MG....,...............8...........W...s.......................#...B...a...........................<...[...z.......................;...[...{................... ...A...b...........................<...X...r.......
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-time-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):20744
                                                                                                                                                                                                                                                      Entropy (8bit):7.011893707747583
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:iUW1hWQ4wm0GftpBjddQxm3SLDlD16h1S:eRFViexn1
                                                                                                                                                                                                                                                      MD5:9B79FDA359A269C63DCAC69B2C81CAA4
                                                                                                                                                                                                                                                      SHA1:A38C81B7A2EC158DFCFEB72CB7C04B3EB3CCC0FB
                                                                                                                                                                                                                                                      SHA-256:4D0F0EA6E8478132892F9E674E27E2BC346622FC8989C704E5B2299A18C1D138
                                                                                                                                                                                                                                                      SHA-512:E69D275C5EC5EAE5C95B0596F0CC681B7D287B3E2F9C78A9B5E658949E6244F754F96AD7D40214D22ED28D64E4E8BD507363CDF99999FEA93CFE319078C1F541
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L....#.............!......................... ...............................0............@.......................................... ...................=..............T............................................................................text............................... ..`.rsrc........ ......................@..@v....................#..........7...d...d........#..........d................#......................RSDS.V.m.w:.d..9.|]m....api-ms-win-crt-time-l1-1-0.pdb..........d....rdata..d........rdata$zzzdbg............edata... ..`....rsrc$01....` .......rsrc$02.........#..............H...H...(...H...h... ...=...\...z.......................8...V...s.......................&...D...a...~.......................?...b.......................!...F...k.......................0...N...k...................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\api-ms-win-crt-utility-l1-1-0.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18696
                                                                                                                                                                                                                                                      Entropy (8bit):7.124120649956731
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:UfHQdurW1hWiSuDz7eCjdks/nGfe4pBjSYp2VZGW5RKTt3E2sVWQ4GWO3uDVqna9:UfVW1hWKDzDm0GftpBjYLm3Sy5lD16hC
                                                                                                                                                                                                                                                      MD5:70E9104E743069B573CA12A3CD87EC33
                                                                                                                                                                                                                                                      SHA1:4290755B6A49212B2E969200E7A088D1713B84A2
                                                                                                                                                                                                                                                      SHA-256:7E6B33A4C0C84F18F2BE294EC63212245AF4FD8354636804FFE5EE9A0D526D95
                                                                                                                                                                                                                                                      SHA-512:E979F28451D271F405B780FC2025707C8A29DCB4C28980CA42E33D4033666DE0E4A4644DEFEC6C1D5D4BDD3C73D405FAFCFFE3320C60134681F62805C965BFD9
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3A..w e.w e.w e..De.v e..Da.u e..D..v e..Dg.v e.Richw e.PE..L..................!......................... ...............................0......N.....@.............................^............ ...................=..............T............................................................................text...n........................... ..`.rsrc........ ......................@..@v...............................:...d...d...................d.......................................RSDS.R.dY.D.....F.......api-ms-win-crt-utility-l1-1-0.pdb...........d....rdata..d........rdata$zzzdbg.......^....edata... ..`....rsrc$01....` .......rsrc$02............................d...............8.......(...................#...<...U...l...............................+...@...[...r...................................4...I..._.......................3...N...e...|.......................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\application.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):895
                                                                                                                                                                                                                                                      Entropy (8bit):5.667943083128907
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:SBwqHsIsfJRC2cMIMdCv9+ytFHeRkQC3rcrvzIUv:SGqJsXcMIm0+RkQC3grLZv
                                                                                                                                                                                                                                                      MD5:B8B32B772B0D007CA3379E0E61E82217
                                                                                                                                                                                                                                                      SHA1:1CD35145AFA174B45BFFC495403B4B0F52E66469
                                                                                                                                                                                                                                                      SHA-256:D9CE39E4B4B2E169EA3A7D18D6EE7978B7ED7EC00952425DCFA3C6C0DB6D3FDA
                                                                                                                                                                                                                                                      SHA-512:B81FDD617D9DE3529ED3416AB09E8F8631ADFA9F956C9BD9198016B4E7A36F0023AB5DD463F1874C6603245C1A8CA120C0883A42F4EEFF673D6410309F9F04B2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ; This file is not used. If you modify it and want the application to use.; your modifications, move it under the browser/ subdirectory and start with.; the "-app /path/to/browser/application.ini" argument..[App].Vendor=Mozilla.Name=Firefox.RemotingName=firefox.Version=81.0.1.BuildID=20200930150533.SourceRepository=https://hg.mozilla.org/releases/mozilla-release.SourceStamp=0df30c09d098468f2f4632e62aec0954b6174dc5.ID={ec8030f7-c20a-464f-9b0e-13a3a9e97384}..[Gecko].MinVersion=81.0.1.MaxVersion=81.0.1..[XRE].EnableProfileMigrator=1..[Crash Reporter].Enabled=1.ServerURL=https://crash-reports.mozilla.com/submit?id={ec8030f7-c20a-464f-9b0e-13a3a9e97384}&version=81.0.1&buildid=20200930150533..[AppUpdate].URL=https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%SYSTEM_CAPABILITIES%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\breakpadinjector.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):124112
                                                                                                                                                                                                                                                      Entropy (8bit):6.592703259440694
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3072:cPIsj4pXkmwD607NUDKP8vPye/loXK6gcrrUUOm:8joXpC6W+DJPTHc/UUOm
                                                                                                                                                                                                                                                      MD5:EF96E01A6ACBAE77849132258AE453CA
                                                                                                                                                                                                                                                      SHA1:69C7D77510B89EA4E3CE6957275CFE9E71333810
                                                                                                                                                                                                                                                      SHA-256:F7C38889C15F95380281491560B76A3D04A878C0C47238A8A72E721158AD6228
                                                                                                                                                                                                                                                      SHA-512:775416F0969C5A79402AE9CE5D41697D6053BC397EC090E35A4F7050EA758EF9E94BD410EC5FA549FE26B9B527E4B199BF0765E94F0FC47E46921E7CC569B511
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...8.t_.........."!.....0..........................................................6C....@A............................Q.......(........................"..........................................r..............x...@............................text............0.................. ..`.rdata...j...@...l...4..............@..@.data...............................@....00cfg..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\META-INF\cose.manifest
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):826091
                                                                                                                                                                                                                                                      Entropy (8bit):5.68912638485432
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:otncrITaRljhSXTXg/VERspJPk6SOO/CEBaItM6F6:oGYWxksyjam30
                                                                                                                                                                                                                                                      MD5:DE229913BBCF8C647A44F93697012CFC
                                                                                                                                                                                                                                                      SHA1:2029EEEF8E601321D595C15BE7FF9D3E146027C7
                                                                                                                                                                                                                                                      SHA-256:FC77B640573593FB7059DBD3C8DBB350625C2ED723804527C59A075299AEF3C6
                                                                                                                                                                                                                                                      SHA-512:F4FFC1E287CB8597419AB976A14E4F109F2169E9A3EC790FE43923DC3734F87DEA8966F569D25F199302076AEF49543F7E34768977AA2F440AC661092764B279
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Manifest-Version: 1.0..Name: defaults/preferences/firefox.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: 6X0Nd8e7AUNX48LxLXENaCXpU4M=.SHA256-Digest: SFS3uAHPtVnRZfCME01G/dZl4Yk8A430YWEuBmhtqAE=..Name: defaults/preferences/firefox-l10n.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: iSVbewmckCR8scgueWVsiI4tNlY=.SHA256-Digest: 1QMlkSlyqd47oUgCGHpfMR73c7CDDkS2A8WfQlbedDc=..Name: defaults/preferences/firefox-branding.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: Oczxu6XfdXOauFeqDKuiEgMfQsI=.SHA256-Digest: Ry2AY/D9hryIEiOreOr7iAmsMyQ+CcHNAnWpkpNmvkQ=..Name: defaults/preferences/debugger.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: pGOYCm5WPBilkxb4NN/VEmxYvpY=.SHA256-Digest: n0PwF93djOELhctpxPkeovB1W9iNEb2l9K/V+b30aXw=..Name: chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: CJLvM0fQY5IoxTbdRl1LE9f3wSc=.SHA256-Digest: qUb6sqB+1ehcMl37UEBjvuz772xZcXCll3QB0HK6uMQ=..Name: chrome/chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: VFT1cbo3ojxGxTbH7nAFXPNLE14=.SHA256-Digest: +
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\META-INF\cose.sig
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3098
                                                                                                                                                                                                                                                      Entropy (8bit):7.558400028026554
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:djMcXg3h/0XZaOYaibboKlXicZt81Uof/VDis5WetKiNVZG74TU1:m73WXZsnlXicZt81UKD9Aet3Xg4u
                                                                                                                                                                                                                                                      MD5:07F1FE8DFFBF5CF6A11DAFE952C80D42
                                                                                                                                                                                                                                                      SHA1:28C977616C14D082DFA97AB2CD4FD005A1721EA6
                                                                                                                                                                                                                                                      SHA-256:129B9FB62CEF5FA1F355FF826AA9FD567A33A9A6DE3559F4CE34F8F13FBBC832
                                                                                                                                                                                                                                                      SHA-512:E1002D9D6E51AEA4DB923A660965EE54374E6907AC43EF27B19BC3A84CA2A2CA86FF97FD909B7F04FDC81CEC19F303DA46F56428A2694632FB98D9610520115B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.Y.7...Y.10..-0.............0...*.H........0}1.0...U....US1.0...U....Mozilla Corporation1/0-..U...&Mozilla AMO Production Signing Service1.0...U....root-ca-production-amo0...150404000000Z..250404000000Z0..1.0...U....US1.0...U....Mozilla Corporation1/0-..U...&Mozilla AMO Production Signing Service1&0$..U....signingca1.addons.mozilla.org1!0...*.H........foxsec@mozilla.com0.."0...*.H.............0..........[....;........Z..v;.&{..z.bla.J_K..m.....D...xGO........A8Y.........L$..%~T...T.....]%...[p.~=.J......i.b3m.u.c4.B....yF{........j.x.o.M$.........hso...&...h......j..W.....==2]O.}.......n.j...I...S"$..7g.....I.p.4..JR..)...|.......{.)MIH..50.P>.....Y..4.'.X.Ik..^rMcx7.7.GC..o...U.q\....b!..2Y..&..e..6...2......&.1.5.....(.1..3YY.......6...>.#.M&.J....;.....g]..Q.....C.'z(....%..A.k..Cw...Zv.........X.....T...L.#....%....*..x...Hc.O/.tc....'...u.........RNVP6z.n....FP.(....).........0...0...U....0....0...U...........0...U.%.....0...+.......0...U.......>.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\META-INF\manifest.mf
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):826412
                                                                                                                                                                                                                                                      Entropy (8bit):5.68922953283087
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:otncrITaRljhSXTXg/VERspJPk6SOO/CEBaItM6FJ:oGYWxksyjam3X
                                                                                                                                                                                                                                                      MD5:C471B7877818B6B77C7866C7DCB23B03
                                                                                                                                                                                                                                                      SHA1:CCDD9DC5B5F0ADCD6C567B1E82687C45F9B9158F
                                                                                                                                                                                                                                                      SHA-256:1276353E3C8253D738C7B5943014D51BADC3428AB8519D7EAA869D2D14559845
                                                                                                                                                                                                                                                      SHA-512:A5774B009DDA45DA05DFF7C326104DB0FE28041082E223EA1018B2027AB0B4D8AEC7BB8F1CEA6CB042634C3820670ACD7AA31D05BD3E431B65DC8837DB7D340B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Manifest-Version: 1.0..Name: defaults/preferences/firefox.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: 6X0Nd8e7AUNX48LxLXENaCXpU4M=.SHA256-Digest: SFS3uAHPtVnRZfCME01G/dZl4Yk8A430YWEuBmhtqAE=..Name: defaults/preferences/firefox-l10n.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: iSVbewmckCR8scgueWVsiI4tNlY=.SHA256-Digest: 1QMlkSlyqd47oUgCGHpfMR73c7CDDkS2A8WfQlbedDc=..Name: defaults/preferences/firefox-branding.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: Oczxu6XfdXOauFeqDKuiEgMfQsI=.SHA256-Digest: Ry2AY/D9hryIEiOreOr7iAmsMyQ+CcHNAnWpkpNmvkQ=..Name: defaults/preferences/debugger.js.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: pGOYCm5WPBilkxb4NN/VEmxYvpY=.SHA256-Digest: n0PwF93djOELhctpxPkeovB1W9iNEb2l9K/V+b30aXw=..Name: chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: CJLvM0fQY5IoxTbdRl1LE9f3wSc=.SHA256-Digest: qUb6sqB+1ehcMl37UEBjvuz772xZcXCll3QB0HK6uMQ=..Name: chrome/chrome.manifest.Digest-Algorithms: SHA1 SHA256.SHA1-Digest: VFT1cbo3ojxGxTbH7nAFXPNLE14=.SHA256-Digest: +
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\META-INF\mozilla.rsa
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):4365
                                                                                                                                                                                                                                                      Entropy (8bit):7.622847863873069
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:96:8RD9AepTMbkCJVXsCnqH73WXZsnlXicZt81UAI+/:8xObRLcCnqH7mXGnRZt6UAx
                                                                                                                                                                                                                                                      MD5:07758BA408D1F18A55D3EA85C5360107
                                                                                                                                                                                                                                                      SHA1:7BE3AD639BA8FCAC9443A092490FD58D7E1CF02D
                                                                                                                                                                                                                                                      SHA-256:262A51D7A812A5808F812C9BE12E4F8F640848D4E648A0A94A95C132BA7D5E88
                                                                                                                                                                                                                                                      SHA-512:79BCBA0D377E5A9D2C5F0984AF71E0DC0F0912F6F91E5E876BBB97698248257B2F8A9AD287997649D3BDC1148FC44E394B03252C9A7021E7FAF0017141F4C9FB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0.....*.H..........0......1.0...`.H.e....0...*.H..........0..S0..;........9.{f.M.0...*.H........0..1.0...U....US1.0...U....Mozilla Corporation1/0-..U...&Mozilla AMO Production Signing Service1&0$..U....signingca1.addons.mozilla.org1!0...*.H........foxsec@mozilla.com0...200930164455Z..300928164455Z0~1.0...U....US1.0...U....CA1.0...U....Mountain View1.0...U....Addons1.0...U....Mozilla Components1.0...U....omni.ja@mozilla.org0.."0...*.H.............0.........3.o.......\.7.Uy....H..sq....(..../Iz.....&.D..c....9....Y..x...+OF..#..Y../.4...9e|=/c...F.....Y.N..^Q.{....0J..+.....F.$...P;..U....vzb.|...I..D.R...6.;=0.1`k>...A.W...K+..g...$g}..8..w=.j..B.8..T.D......sHPi..z.]....M.-q<....*].n..m?..R...B..._...rp8"b.w.SG........x.`%......z..%..,.P.).....i..f.....C+M...>..8..>......3r!...wjwmB....8,...<.....g...._xT...M...k../=.K0.......o..}.T.8}....;....$...q;..3.O....^/.p..ir.&9.+5...+D).c.(...*.2uT.Fc."..(.).Y..w..6...^......y..x1.-..f.O........0..0...U...........0.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\META-INF\mozilla.sf
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):144
                                                                                                                                                                                                                                                      Entropy (8bit):5.63728392253672
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:FwAPWXEsKhMNLKfFLBElYuWnELKfFO3ZY1mKX89Igtn:+AemELKtSXWELKtUbKM9Ie
                                                                                                                                                                                                                                                      MD5:3C1D1C9CCF6D64496EFA8E3D6849FF1A
                                                                                                                                                                                                                                                      SHA1:AE0BC82E127CC9549310A9307AF1289F2BC06039
                                                                                                                                                                                                                                                      SHA-256:E3E08FA1ECAD88D479919BFEF3A3BFB95509652CA52E91662BD501BFB0789FD9
                                                                                                                                                                                                                                                      SHA-512:7532AAA7D2CF811BEBFCE6E1F22BCF34811EC96C3EBA5E70D4FFAAF4A5A9384F10EE54D3A87B3EA70FC25EA3CED150EF38DE31E9999099A2D9AAF77A7C6D61E3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Signature-Version: 1.0.SHA1-Digest-Manifest: zN2dxbXwrc1sVnsegmh8Rfm5FY8=.SHA256-Digest-Manifest: EnY1PjyCU9c4x7WUMBTVG63DQoq4UZ1+qoadLRRVmEU=..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\VisualElements\VisualElements_150.png
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PNG image data, 270 x 270, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):23037
                                                                                                                                                                                                                                                      Entropy (8bit):7.974176474335876
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:5DBDCcL5TPpQhJjOJ/IrXjFz7mQ9bDxttGHcxq+QaxOmkfk428wfzd6p8wHAWLLd:jDCcL5l2JRJmQ9bdtXO1ftif8p8w3LLd
                                                                                                                                                                                                                                                      MD5:8E058139E0576B4AD8D424BB21071063
                                                                                                                                                                                                                                                      SHA1:F584D2412C935AA8A7CF73ECDFAAA6A3CF87C064
                                                                                                                                                                                                                                                      SHA-256:E86EE493E89F5DFCE2CE8817AC5D1C04D8BA2B07A06FF0F967C0167562510DF7
                                                                                                                                                                                                                                                      SHA-512:9CE457AA516FB2D3CB7B4A08F2DD81573DE301FEFC6DDC877142A35851151407367605F00862FB77067D0969BA745BC6BC612A4440AA3017E508E572EC88F2FC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .PNG........IHDR.............x.....Y.IDATx.....@......&....I.^...I2..............................q...lI.0..{..c....f.?...$..,?\.33...............\..n..h..."..<..f>SY.r...'1=..5...A.C.Y.1.311....}...PFn...\....YOL.. .i..W.@AY.*....g....T9....kD./..`...1q...#..|.#=.@B........':..G../'M........}....8bb...JoB5",.4...V.H....&&...i.........U...E..]. f.$.L%&.jBb~E.lB...6...Q....K.....@...cmB...V..?"..z.CO...B..'.Y..Qd.k...,.b(.....V....4.......[L..FC.H.i..&...i...hP..v...E$.Yh.Vr.T..!Z-.8.hP<.<.*.h=..B..%"...C..*.j..\.N....Q.8....i0..G..w......EG.=..}.#.EY$.......N...[8Dq..]\...9..u.e...@...".&/@u.Ctq+.Q._x..l...j..'.....|.R. .-../2'....h.....@+E@.!.-.........F.}.Ctv....Q.n}.#.*......X4.(#%..r;...1(.,....N.Z.V.../....>.....#N.<.k.:Dg..O.....s....._.$...k'I@.... 4..o.....;..9..}.#...c.c@A..x..D=...p......u..J...:v9:...".....q!P1..h....b.m..eF..Q..^......D..@*.....A...+..qUT......#....'y...*..r<..W..y;7xRL...dO.....3C....P...9L..".../...YL.....`T.?$..x.Z)<.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\VisualElements\VisualElements_70.png
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):8763
                                                                                                                                                                                                                                                      Entropy (8bit):7.957193178209543
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:SoUKYyFAmxdJRHmy4j7IZ89EOha19PdgpYFtZtm:S1KYy3/JR8ji8j0fPdgme
                                                                                                                                                                                                                                                      MD5:1A340E565E697E63B5A4CE51F7297119
                                                                                                                                                                                                                                                      SHA1:CDB4CA85700ED81DB13B15D4BD5B77D41BB20D34
                                                                                                                                                                                                                                                      SHA-256:C4BB210E61CD35F9A0A54FB941EA2E3BF6ABDE799BEA1C78D24C761C9A3BC429
                                                                                                                                                                                                                                                      SHA-512:92478FE26F9EA7454206A3106632534C5608D6940588F01FECFD799DE636F11B003FFD1E5C762201F9A14F4EBB7FA6A711D99312B03914DE817246A6008C7B35
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .PNG........IHDR...~...~......#....".IDATx...........kCX..........w.Pr......=3K.]1.cv.9..~...133333333....I......._.T..>.x..d)o.;..[.......Uu..Y....g...~`..8.N}<.a.O.l...\..$........?G....(..C..;...Hm6..}].."b.?....E.z.V....|..`..KI.<.r.9>36h@.^.h'f..b.D5Fx;....0..s.._B.9...#..L.>=.....P..H._df.3..tTw.2..fY...8.H(fl...nd...a\.:@=..4..q........tr.U.[My..v....y..........MP...P.Q.).*.N..8..9..=x...WzOan..D.H..M.8*....nEm.N2..<.x..ol.......He.U\_s|]t(.<q$D.6.m.xe{>...2&Z.x.....h>.(..V..{r8_.P.......U..B.5.'.z.L...e.r8..P<............)../.....7@...).u..<=.dR..9.oh(.8....bW......)........g...0nj.Jm..M./....|"..OD..mvf....B"..Vt-..-.~.V..XWX...../..../p..>!..K.f.<...s.y...Mg.......>".o..8.T............E..&;?.......vq.;{.2..s~.s..`<...'0...s..A"..G...,.y..~]...(.V.E;.:.......hb.p..Wf./y...d.e.......u....|).@B....i.>....2.!.... ...X.j_....u...I?&qw...d....S.<.|..0.&wq..G......[....Gi....../.3u.................E.....#... I.O....4...q8.........1..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\crashreporter-override.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Windows setup INFormation, UTF-8 Unicode text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):680
                                                                                                                                                                                                                                                      Entropy (8bit):4.649237968879581
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12:ShrmssT8XxRiK7KxYAq+WSW8OSkVVWE5Foq+WSW8bkzCIa:ShrmEXZASGOJoE7oSG+CIa
                                                                                                                                                                                                                                                      MD5:0FD4A0F6EB6EB0E10690EB3021FABC31
                                                                                                                                                                                                                                                      SHA1:9D4A99759BF87C4001A655DD125A9FE190DA59A1
                                                                                                                                                                                                                                                      SHA-256:95110691F08C0A96A66FBE19CC712A5463D85AB7D74D7BC7C87C297D58C5FB17
                                                                                                                                                                                                                                                      SHA-512:953D51A67166DE7AFF6E674EA3F063A41D52E40FFC0372D276C86003D8CBCA0604D1F9C96FAE81996AB58D71A056000B2B96AE5CEE2CB3A25E0A83B8B79FC715
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ; This Source Code Form is subject to the terms of the Mozilla Public.; License, v. 2.0. If a copy of the MPL was not distributed with this.; file, You can obtain one at http://mozilla.org/MPL/2.0/...[Strings].CrashReporterProductErrorText2=Firefox ha tenido un fallo y se ha cerrado. Se intentar.n restaurar las pesta.as y ventanas cuando se reinicie.\n\nDesafortunadamente, no se ha podido enviar su informe.\n\nDetalles: %s.CrashReporterDescriptionText2=Firefox ha tenido un fallo y se ha cerrado. Se intentar.n restaurar las pesta.as y ventanas cuando se reinicie.\n\nPara ayudarnos a diagnosticar el problema e intentar arreglarlo, puede mandarnos el informe del fallo..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\features\doh-rollout@mozilla.org.xpi
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v1.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):483
                                                                                                                                                                                                                                                      Entropy (8bit):4.944949508801855
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12:5W4ln/o/Ll73kLsZZW07FMexZH19a7hv1sK4so4ln/otm/am:Xng/Ll73kAh7FMk19a7hv1sK48ngtmz
                                                                                                                                                                                                                                                      MD5:BC16688F43E8B8EA3073A88E38ED5C80
                                                                                                                                                                                                                                                      SHA1:E14D73413E18100157DA51ABE2E1AE117D6D641E
                                                                                                                                                                                                                                                      SHA-256:0BD90CCF1D678BDD2D27AACE040B15D22303856A7CA5EC9A371954AE07B3B0C4
                                                                                                                                                                                                                                                      SHA-512:CD6AA336C1EEDC7B14FDE0AA0194C3A83B423AF5F407CCE01F7B416F5ED1DCDED5E5163E117981284AE77552BDEE97D2AAFBC90E7B909E2146D3B1F9B1F6A9DA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK..........!<;...g...g.......manifest.json{. "manifest_version": 2,. "name": "DoH Roll-Out",. "description": "This used to be a Mozilla add-on that supported the roll-out of DoH, but now only exists as a stub to enable migrations.",. "version": "2.0.0",.. "hidden": true,.. "applications": {. "gecko": {. "id": "doh-rollout@mozilla.org",. "strict_min_version": "72.0a1". }. }.}.PK............!<;...g...g.....................manifest.jsonPK..........;.........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\features\formautofill@mozilla.org.xpi
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):685698
                                                                                                                                                                                                                                                      Entropy (8bit):5.655884181172247
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:06rcBQO/BPALCjQBacGJXeIxOVhpB9MxLJvT1AgKh6iGbyoWDAVuM8/ptSA1XZRt:0OfHVhpB9CN1bZWD1xtVyIEIV7EKbB
                                                                                                                                                                                                                                                      MD5:4CBEDB1FF26441B25FA17F5854388FD9
                                                                                                                                                                                                                                                      SHA1:842560777F9B41714B0FC5E114CC2834938D1C9C
                                                                                                                                                                                                                                                      SHA-256:08DA46AED5E0C4E8BCFF6FC5E06227B5E6E740663BD99632EF5C39621567D17D
                                                                                                                                                                                                                                                      SHA-512:6C9532AE897DEBA7DB215FF6155A8AA97734CAC8BE0C451346B2FE0D1D7C2FD251E75AFA1E94FAEAF22F93C0C8D8849CA9DD7E5AFAD6ACD19964ACEE1BC0A6C1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .>..PK............!<.vh.(...(.....................api.jsPK............!<G.........................7/..chrome.manifestPK............!<$...<...<..."............../..chrome/res/FormAutofillStorage.jsmPK............!<.AI.S...S..................>..background.jsPK............!<...B.N...N..#..............@..chrome/content/autofillEditForms.jsPK............!<..e.]2..]2.. ................chrome/content/customElements.jsPK............!<.!(v........ .............]...chrome/content/editAddress.xhtmlPK............!<]%.........#.............l...chrome/content/editCreditCard.xhtmlPK............!<..2%......................7...chrome/content/editDialog.jsPK............!<Fqv...........................chrome/content/formautofill.cssPK............!<.iet........".............p...chrome/content/formfill-anchor.svgPK............!<..@.(I..(I..".............I...chrome/content/heuristicsRegexp.jsPK............!<...........$..............S..chrome/content/icon-address-save.svgPK............!<SO.[........&....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\features\screenshots@mozilla.org.xpi
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v1.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):340168
                                                                                                                                                                                                                                                      Entropy (8bit):5.024518689391219
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:hOB0pLn8HPInh+qWohMXzgv/wRmzlBPkAU6FVmWUlzQfcyTFqNDZVXxf+4wK9L:HQHPInh+qWh3RmZKA5q79L
                                                                                                                                                                                                                                                      MD5:856E1C6C29AA2B8FEDCE105080BE72BC
                                                                                                                                                                                                                                                      SHA1:105857CAD197FB882445B0620094667191D2D10E
                                                                                                                                                                                                                                                      SHA-256:AE37D11F2A2299DE32A230EF39DECFC5E4F24D51422215282859DFADEC5E914A
                                                                                                                                                                                                                                                      SHA-512:75555B2663833B3A41DF4A195228CC46423C953DA1034F29D36ED63041B3117C29278A09C5B4576FA244FDC09B7E97C1EC20233FD890A194FA5093F12D932CBD
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK..........!<.V..x...x.......assertIsBlankDocument.js/* This Source Code Form is subject to the terms of the Mozilla Public. * License, v. 2.0. If a copy of the MPL was not distributed with this file,. * You can obtain one at http://mozilla.org/MPL/2.0/. */../** For use inside an iframe onload function, throws an Error if iframe src is not blank.html.. Should be applied *inside* catcher.watchFunction.*/.this.assertIsBlankDocument = function assertIsBlankDocument(doc) {. if (doc.documentURI !== browser.extension.getURL("blank.html")) {. const exc = new Error("iframe URL does not match expected blank.html");. exc.foundURL = doc.documentURI;. throw exc;. }.};.null;.PK..........!<JV..g...g.......assertIsTrusted.js/* This Source Code Form is subject to the terms of the Mozilla Public. * License, v. 2.0. If a copy of the MPL was not distributed with this file,. * You can obtain one at http://mozilla.org/MPL/2.0/. */../** For use with addEventListener, assures that any events h
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\features\webcompat-reporter@mozilla.org.xpi
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):28324
                                                                                                                                                                                                                                                      Entropy (8bit):5.036847169436467
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:384:oum8SBtaUz9B9/LysyxX48ewv5IOHMJu/yABrNutqBXMMrHpNX7SXtcsMsNPyVI9:ncAo8eCn3hzPX1zU/R0gHPxV
                                                                                                                                                                                                                                                      MD5:8EC49DF6884D8E8D22E586BDB48606C5
                                                                                                                                                                                                                                                      SHA1:3C935BA480F1C6E055F816C2426FFA243092D56C
                                                                                                                                                                                                                                                      SHA-256:B2E722523E4E40B959B1E557275280574EED4C7E668161F8D0F4AABAE2D3E5A1
                                                                                                                                                                                                                                                      SHA-512:E1ED7C36000ED680E63FD3903A9A980865D6E5AA016525230B6D15769F8AD53465BA64B09C4A32104E22E39C6A6F25D07FF6209836FCEBE5CB419FC7D997D1CF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....PK............!<sf_.X...X...$.................experimentalAPIs/pageActionExtras.jsPK............!<..."........$.............c...experimentalAPIs/aboutConfigPrefs.jsPK............!<u..|..........................experimentalAPIs/l10n.jsPK............!<AM..3...3.....................chrome.manifestPK............!<..T.J...J...'.............|...es-ES/locale/es-ES/webcompat.propertiesPK............!<)G$j..........................background.jsPK............!<lYi.-...-...&.................experimentalAPIs/aboutConfigPrefs.jsonPK............!<.ej.........*.............O2..experimentalAPIs/actors/tabExtrasActor.jsmPK............!<..z......................9A..experimentalAPIs/browserInfo.jsPK............!<..f.........!.............,J..experimentalAPIs/browserInfo.jsonPK............!<".b........................O..experimentalAPIs/l10n.jsonPK............!<............&..............R..experimentalAPIs/pageActionExtras.jsonPK............!<..........................dV..experimentalAPIs/tabExtras.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\features\webcompat@mozilla.org.xpi
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):178028
                                                                                                                                                                                                                                                      Entropy (8bit):5.1059785259079495
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:1536:73wwgbUIV+KE0X/hQEQRmr+XozRJDktBkDNUv6fT47Ckg84u5jvm5XxhSBaZV2+g:72JV+KNC1vcem5nrYn1
                                                                                                                                                                                                                                                      MD5:CE3168B223401DDA0EC8EC6F00C0BD5A
                                                                                                                                                                                                                                                      SHA1:FBA83037C87EEF68842F4D5E51C592F146F283D7
                                                                                                                                                                                                                                                      SHA-256:D8B176FEF41916BE476F625B08CFEB49DFB3F35F1F83A6CEB75ED841312E787E
                                                                                                                                                                                                                                                      SHA-512:527DFB6ED2C693B58755C18D60D8BCF0080B2DDF46A4D63D3CB9A988B8852DA0ECC679336C502893E2C24565121697935CB67AE5C81B36BBBB5E804F02EDAD96
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .G..PK............!<.JN...........................about-compat/aboutPage.jsPK............!<.!........................ !..experiment-apis/appConstants.jsPK............!<m..s........#..............%..experiment-apis/aboutConfigPrefs.jsPK............!<m...........#..............,..experiment-apis/pictureInPicture.jsPK............!<x...4...4...%.............+5..experiment-apis/trackingProtection.jsPK............!<...C.......................G..about-compat/AboutCompat.jsmPK............!<.Q.`A...A................._L..about-compat/aboutCompat.cssPK............!<Pp.>.......................Y..about-compat/aboutCompat.htmlPK............!<*.........................3_..about-compat/aboutCompat.jsPK............!<u!o._..._..................p..about-compat/aboutPage.jsonPK............!<...d........&..............p..about-compat/aboutPageProcessScript.jsPK............!<y.U..'...'.................t..data/injections.jsPK............!<pcP.5...5...$................data/picture_in_picture_overrides.jsPK..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser\omni.ja
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):46310223
                                                                                                                                                                                                                                                      Entropy (8bit):6.077678744724405
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:196608:fnxnwk8kN27994QNQxIjh3nyOTPtXetxNoFbMBb5Bhm21cdF00ps6nnI5+dO+l:vt89FfhyOxoBbjhm21cdF00psMIIFl
                                                                                                                                                                                                                                                      MD5:149226AD13A768AEE5B870827EA9BC37
                                                                                                                                                                                                                                                      SHA1:48056B2E3A41C7FD89403E424C8AF620AC3390B6
                                                                                                                                                                                                                                                      SHA-256:F9810FB112820A26C34C52FC1EADEDD2091C7380E7A1AAD06D960BD3517DE31C
                                                                                                                                                                                                                                                      SHA-512:39233B8DAD345CDC311743258262CF320F417580FB93DA59AC5B457B7CA780F9CE811359A4B067C5F3BB079857B173EBB869441951E3109D433AF9716C9045D2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....PK............!<..g.....................D...defaults/preferences/firefox.jsPK............!<..u........$.............O...defaults/preferences/firefox-l10n.jsPK............!<..;.o...o...(.............+...defaults/preferences/firefox-branding.jsPK............!<...P...P... ................defaults/preferences/debugger.jsPK............!<..Y.H...H.................n...chrome.manifestPK............!<..K.9...9....................chrome/chrome.manifestPK............!<wo........................P...components/components.manifestPK............!<...M........3.............N...chrome/browser/content/browser/built_in_addons.jsonPK............!<.*.q........-.............L...chrome/es-ES/locale/branding/brand.propertiesPK............!<............*.................localization/es-ES/browser/screenshots.ftlPK............!<#.r........%.................localization/es-ES/branding/brand.ftlPK............!<..,.........2.................localization/es-ES/browser/branding/sync-brand.ftlPK...........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\d3dcompiler_47.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3657992
                                                                                                                                                                                                                                                      Entropy (8bit):6.5802610834563815
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:49152:zjmJAksRXmBNgC9ITPPE8WHmy0HRZ+kyOzDJn5c5v5H3pqC23u6q+25omPEyXzjS:zy2Ckrj+kyOv2MJ+6q8kbqS/AF
                                                                                                                                                                                                                                                      MD5:587A415CD5AC2069813ADEF5F7685021
                                                                                                                                                                                                                                                      SHA1:CA0E2FE1922B3CDC9E96E636A73E5C85A838E863
                                                                                                                                                                                                                                                      SHA-256:2AD0D4987FC4624566B190E747C9D95038443956ED816ABFD1E2D389B5EC0851
                                                                                                                                                                                                                                                      SHA-512:0FA0E89EA1C1CB27AC7F621FEB484438E378A8F5675ECA7A91F24E0569174BD848D470D6B3E237FE6AB27CA1EB1ECC09B5F044E53A6D98BF908E77AC511183E2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........,..............c......s.......s........~........j.....~......~......~......~......~/............~....Rich............................PE..L.................!.....<5.........0.*......P5..............................P8.......8...@A........................@G5.u....C6.d....`6.@.............7..=...p6.t...@...T...........................8...@............@6..............................text....:5......<5................. ..`.data........P5..d...@5.............@....idata.......@6.......5.............@..@.rsrc...@....`6.......5.............@..@.reloc..t....p6.......5.............@..B........................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\default-browser-agent.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):600784
                                                                                                                                                                                                                                                      Entropy (8bit):6.424731431838216
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:2WRUUi+2iws8mAvDk9dUyRPfJdPECb39M4GgnXjHLGmJLB1FEyYmysix7nHxHPc4:Rl2J5snJSCb3nXzFBDuCvkuMpA8Mf3O7
                                                                                                                                                                                                                                                      MD5:678BB362EF1CD46FC07248BD41582E89
                                                                                                                                                                                                                                                      SHA1:5B6C06BA4A40A7D09286350FF487EB7DA55DC028
                                                                                                                                                                                                                                                      SHA-256:4882536E888477C291F95F519B47C70EF526BD26AC04006D55B880C10BA1153B
                                                                                                                                                                                                                                                      SHA-512:F346124B9AEFEDA88D50A1FD387F8AAD5A7BF7CA2DC1C66AD8C1C1536BC35162D457FEC357DADA452990491FFC574B08EB9EBCBF5B58B982967D0EEFCE935A81
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....t_.........."......j...........r............@..........................`............@.............................................`................"... ..X5..........................h~......................x................................text....h.......j.................. ..`.rdata...S.......T...n..............@..@.data...............................@....00cfg..............................@..@.tls................................@....rsrc...`...........................@..@.reloc..X5... ...6..................@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\defaultagent.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Windows setup INFormation, UTF-8 Unicode text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):854
                                                                                                                                                                                                                                                      Entropy (8bit):4.97009138173811
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:ShrmEMl+Do3QQN1c8vRJIzryfOqHXVXVSdWeWIxdWeWIs:S9TggQjd6OWk1JDJn
                                                                                                                                                                                                                                                      MD5:2AD9E629738FAE20A2A1485D3183F05F
                                                                                                                                                                                                                                                      SHA1:832B290BF26C120C40310E9AB47927EE89F600DC
                                                                                                                                                                                                                                                      SHA-256:EC696E730393E44748A4CC88DEE9FA34CF4D298E284BD3CE5B214F302944A855
                                                                                                                                                                                                                                                      SHA-512:E75F81035BE4259C4A723A1F0B0B1434679AD3CACA40C59576F4E636DA2C6A7CAF0CA59E1521126B025B970CA420D025F53061403F6D816035AA9D398044AA6C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ; This Source Code Form is subject to the terms of the Mozilla Public.; License, v. 2.0. If a copy of the MPL was not distributed with this.; file, You can obtain one at http://mozilla.org/MPL/2.0/...; This file is in the UTF-8 encoding.[Strings].DefaultBrowserNotificationTitle=Switch back to Firefox?.DefaultBrowserNotificationText=Your default browser was recently changed..DefaultBrowserNotificationRemindMeLater=Remind me later.DefaultBrowserNotificationMakeFirefoxDefault=Yes, switch back.DefaultBrowserNotificationDontShowAgain=Don.t show again..; IMPORTANT: This file should always start with a newline in case a locale.; provided INI does not end with a newline...[Nonlocalized].InitialToastRelativeImagePath=browser/VisualElements/VisualElements_150.png.FollowupToastRelativeImagePath=browser/VisualElements/VisualElements_150.png.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\defaultagent_localized.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:UTF-8 Unicode text, with very long lines
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):825
                                                                                                                                                                                                                                                      Entropy (8bit):4.727619040947214
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:qhrm8sl+Dcw60vxtJyaLFmh43CREHV8MbpKW:6LAHT0XJzmh4yaV8Mbpl
                                                                                                                                                                                                                                                      MD5:ED0500400CC6556D011E580E4150AD2D
                                                                                                                                                                                                                                                      SHA1:DA1175B730C4A418905CDCFD16906E117C5C40DB
                                                                                                                                                                                                                                                      SHA-256:FA314BA4BF98C90F2F44CFA22E0736EDF8BB42345FBED35E6276D2B0A54ACFCD
                                                                                                                                                                                                                                                      SHA-512:069FD271CAFF5D31BA0C70AA7B76876CD3A9E6C3FE8D2EBF0E4DF994B1D8EEEED38C22E872BDFF6F0D2AE7642778F074E1B3147C0CA2FF46063A7421DE31113F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: # This Source Code Form is subject to the terms of the Mozilla Public.# License, v. 2.0. If a copy of the MPL was not distributed with this.# file, You can obtain one at http://mozilla.org/MPL/2.0/...# This file is in the UTF-8 encoding.[Strings].DefaultBrowserAgentTaskDescription=La tarea del agente del navegador predeterminado verifica cuando el valor predeterminado cambia de Firefox a otro navegador. Si el cambio ocurre en circunstancias sospechosas, pedir. que los usuarios vuelvan a cambiar a Firefox no m.s de dos veces. Firefox instala esta tarea autom.ticamente y se reinstala cuando se actualiza Firefox. Para desactivar esta tarea, actualice la preferencia .default-browser-agent.enabled. en la p.gina about:config o la configuraci.n de pol.tica empresarial Firefox .DisableDefaultBrowserAgent...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\defaults\pref\autoconfig.js
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):92
                                                                                                                                                                                                                                                      Entropy (8bit):4.5175652621852525
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:R6hDuE8LzLpF1KBE/HDEfvVcDuE8Lxm0we:IDoN3KC4H6Do1
                                                                                                                                                                                                                                                      MD5:ACFC9342A2DE035B52A1E8FC765C82DB
                                                                                                                                                                                                                                                      SHA1:D1DCEF69EE7AEABDDE68997AFB02EF50ED1FFBF0
                                                                                                                                                                                                                                                      SHA-256:8C56ADB70EA648AB36102E2637D69D52885820CD5FAF5C792CD05CF6D4096B3D
                                                                                                                                                                                                                                                      SHA-512:3E36D6B8E8C1A5A193E5812F3486DE6E1BB6AA5C9D0E4264798CC31B2D83C26835CE692DB1C84301817C722092F7C7580A8E090A691FC0256B081E8CA8E7060D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: //.pref("general.config.filename", "portapps.cfg");.pref("general.config.obscure_value", 0);
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\defaults\pref\channel-prefs.js
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):429
                                                                                                                                                                                                                                                      Entropy (8bit):4.824329810632049
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12:UffrmssQiG8XxmcuWCS65UxT/G2D+tczFWA1Ge:wfrmokmDTUxT/lDeze
                                                                                                                                                                                                                                                      MD5:3D84D108D421F30FB3C5EF2536D2A3EB
                                                                                                                                                                                                                                                      SHA1:0F3B02737462227A9B9E471F075357C9112F0A68
                                                                                                                                                                                                                                                      SHA-256:7D9D37EFF1DC4E59A6437026602F1953EF58EE46FF3D81DBB8E13B0FD0BEC86B
                                                                                                                                                                                                                                                      SHA-512:76CB3D59B08B0E546034CBB4FB11D8CFBB80703430DFE6C9147612182BA01910901330DB7F0F304A90474724F32FD7B9D102C351218F7A291D28B3A80B7AC1E5
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: /* This Source Code Form is subject to the terms of the Mozilla Public. * License, v. 2.0. If a copy of the MPL was not distributed with this. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */.//.// This pref is in its own file for complex reasons. See the comment in.// browser/app/Makefile.in, bug 756325, and bug 1431342 for details. Do not add.// other prefs to this file...pref("app.update.channel", "release");.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\dependentlibs.list
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                                      Entropy (8bit):4.154217248884051
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:8McUdLqIAIamVsU58sU4NIfsUtJAJzsUVzisUvKC6UIVsU4qyosUf2e/osUyvwUs:8MS9Ia0JIi9+sUH+2YYQI6RJ1z3W1bv
                                                                                                                                                                                                                                                      MD5:C35D2DA6DF0F7ABB4D0BD534C5D5B6B0
                                                                                                                                                                                                                                                      SHA1:A4DA4CA15D97746796412C2BAD3FC8FBEA716869
                                                                                                                                                                                                                                                      SHA-256:CE638D544EFE50176888E17BFBF78F118DC733CE5C2FEE2EB66436BA96341345
                                                                                                                                                                                                                                                      SHA-512:D27F58FB344B2303DB2F4A48A153C9F11EEC1663020BA8B5B973FD001C4A8C27C11E29A54B6D1913888B4DDF376AA7F45C8218378ABE39A64EBDAE4FEB6B25CC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: api-ms-win-crt-runtime-l1-1-0.dll.api-ms-win-crt-stdio-l1-1-0.dll.api-ms-win-crt-math-l1-1-0.dll.api-ms-win-crt-filesystem-l1-1-0.dll.api-ms-win-crt-convert-l1-1-0.dll.api-ms-win-crt-string-l1-1-0.dll.api-ms-win-crt-heap-l1-1-0.dll.api-ms-win-crt-environment-l1-1-0.dll.api-ms-win-crt-utility-l1-1-0.dll.mozglue.dll.api-ms-win-crt-time-l1-1-0.dll.api-ms-win-crt-multibyte-l1-1-0.dll.nss3.dll.lgpllibs.dll.api-ms-win-crt-locale-l1-1-0.dll.xul.dll.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\distribution\policies.json
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2792
                                                                                                                                                                                                                                                      Entropy (8bit):4.418537847315479
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:dwbzFxL6jK0IdF/kA0XxJ06zMEgzE6pktpDCER0QRJWvl6bK9b6CxnDX:WbzDLR0IdNkAeJ06zMZzzoVCe0KJixHX
                                                                                                                                                                                                                                                      MD5:6ED63332D23867E11B2F99B8B89EEA9D
                                                                                                                                                                                                                                                      SHA1:FAAF226E9BE82E496DCE45F74ADA5B4C20AC6597
                                                                                                                                                                                                                                                      SHA-256:10BBDC5097919786DE7BF854E7EE7ABB960CF175D1D7D2AFF3317E2CECF31AC4
                                                                                                                                                                                                                                                      SHA-512:BFBE8B23112F6E6226CD59C1A802CC01AAFAF3C62CB2FB022238E9BB77CCF66C151EFB33462A86A148AE46B89EDE57C2CE32ECFE8D27C8AEBEB8B37EE7944A2E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {. "policies": {. "BlockAboutAddons": true,. "BlockAboutConfig": true,. "DisableAppUpdate": true,. "DontCheckDefaultBrowser": true,. "WebsiteFilter": {. "Block": [. "\u003call_urls\u003e". ],. "Exceptions": [. "http://*.intranet.gasnatural.com/*",. "http://*.intranet.naturgy.com/*",. "https://*.intranet.naturgy.com/*",. "https://*.gasnaturalfenosa.com/*",. "https://*.gasnatural.com/*",. "http://*.gasnatural.com/*",. "https://*.successfactors.eu/*",. "https://*.intranet.gasnatural.com/*",. "http://*.intranet.gasnaturalfenosa.com/*",. "https://*.intranet.gasnaturalfenosa.com/*",. "http://gasnatural.sharepoint.com/*",. "https://gasnatural.sharepoint.com/*",. "http://*.net.gasnaturalfenosa.com/*",. "https://*.net.gasnaturalfenosa.com/*",. "https://*.desarrollo.net.gasnaturalfenosa.com/*",. "http://*.desarrollo.net.gasnaturalfenosa.com/*",.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\firefox.VisualElementsManifest.xml
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:exported SGML document, ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):557
                                                                                                                                                                                                                                                      Entropy (8bit):5.177986090981083
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12:Krmssx8XxCMKqPvLbWH4Dw+WjWI7Pw+WjW5r+kCabF6:KrmeTvLbWH4Dw+WjWI7o+WjW5r+kE
                                                                                                                                                                                                                                                      MD5:0AA43576F0420593451B10AB3B7582EC
                                                                                                                                                                                                                                                      SHA1:B5F535932053591C7678FAA1CD7CC3A7DE680D0D
                                                                                                                                                                                                                                                      SHA-256:3B25AE142729ED15F3A10EBCE2621BFA07FDA5E4D76850763987A064122F7AE6
                                                                                                                                                                                                                                                      SHA-512:6EFB63C66F60E039CF99BFAF2E107C3C5ED4B6F319F3D5E4EF9316C1F26298B90D33C60B48B03699059D28B835FBC589417AC955FC45A2BC4C116A5200DFDC32
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: This Source Code Form is subject to the terms of the Mozilla Public. - License, v. 2.0. If a copy of the MPL was not distributed with this file,. - You can obtain one at http://mozilla.org/MPL/2.0/. -->..<Application xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'>. <VisualElements. ShowNameOnSquare150x150Logo='on'. Square150x150Logo='browser\VisualElements\VisualElements_150.png'. Square70x70Logo='browser\VisualElements\VisualElements_70.png'. ForegroundText='light'. BackgroundColor='#20123a'/>.</Application>.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\firefox.exe.sig
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1449
                                                                                                                                                                                                                                                      Entropy (8bit):7.536401230400753
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:F0wGKW1lQ7MJLwWSFBfv57/erinmxV5QCmrusQ/XiYAJsQOq:Kw6wMRSFP7KimxH+ub/LAD
                                                                                                                                                                                                                                                      MD5:21D54C394D9D45E757A368B45C8BAA93
                                                                                                                                                                                                                                                      SHA1:8EB72FE0633AEACDA23130280EBB5D2B35898932
                                                                                                                                                                                                                                                      SHA-256:C3D7220E42D7907E9357E0E39C06A0292EFC6C76DF4796A01BB11530A7AD8227
                                                                                                                                                                                                                                                      SHA-512:579180BC7EC221402F3BDE99B708BF4D04400E341789D7F53C722623C014FD5BEA3C253865637C21959F8FD987A01671128A37EF12B5F08DB9B6637C18733EF3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....0...0..........+.*...H..p3..C.50...*.H........0}1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1"0 ..U....widevine-codesign-root-ca0...170727225147Z..270725225147Z0..1.0...U....US1.0...U....California1.0...U....Mountain View1.0...U....Mozilla1.0...U....Release Engineering1.0...U....mozilla.com1"0 ..*.H........release@mozilla.com0.."0...*.H.............0.........5...c....U.R.....8....zSQ..."v.$.t.G:B.........4-..V.<1..0.M..j.U.6....n.z.3.......F.O./<..$....(b..HfG..a..NO.L.7....{..."..}..~R;.....-k....@...`..E3.u..0.9....f. ........a....O.R........F.H......'*...0.l...wH...`..mOZzV.....y.*.).]{.u.o.:,..........o0m0...U......T.4....>...{......0...U.#..0....=..tW....!.B.#U).0...U....0.0...U........0...U.%..0...+.......0...*.H.............-P k]1 .&..2i......v.<..[..n....+..).n..a..J....u.....i.`i{R9[.l.5......bQ...}...].Tp..........iw.Kr~i............6.k.j.df-.....@..\r..Hh=mc...s.jd.43?.....p2.r\3.....,.....!.JN....e.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):525520
                                                                                                                                                                                                                                                      Entropy (8bit):7.025885183188115
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:qKek2d0TNcr4VeY9dIcdvzwHJem7OzwHJeAz3A:qc2iOrvYccdbwpemIwpeAz3A
                                                                                                                                                                                                                                                      MD5:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      SHA1:D15E4B4E63C2856EF1F9CED8F4D1B736397EF5BC
                                                                                                                                                                                                                                                      SHA-256:85C495C01070938D6E402C490A2BEC5098EDCEE8F6695C4084117A85DEC7D670
                                                                                                                                                                                                                                                      SHA-512:FED4D82DF679513823F0B8EDD16FEE7696F41E7DB65A8CD927B69EB6A36E8515F51066F9344BB84CFD886820E9EC5B66EEF04952EB923671FF3E4C17604DE7A4
                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...J.t_..........".................`.............@..........................P............@..........................^.......f..h........%..............."... ...)...U...............................................n......p[.......................text............................... ..`.rdata..............................@..@.data...............................@....00cfg..............................@..@.freestd............................@..@.tls................................@....rsrc....%.......&..................@..@.reloc...)... ...*..................@..B........................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\fonts\TwemojiMozilla.ttf
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:TrueType Font data, 17 tables, 1st "COLR", 12 names, Macintosh, type 1 string
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1324332
                                                                                                                                                                                                                                                      Entropy (8bit):6.332844304279894
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24576:oUxU2vjzy6D6ZUrj+ti8C0eT/0TTXvBkrIvRKsUgWFg:+SHrEJsTvIAgWFg
                                                                                                                                                                                                                                                      MD5:84F66D1842D3187D6803242430D4F9F3
                                                                                                                                                                                                                                                      SHA1:4BF59E07298F03D90BBCD6257C9810C2C4D7B72E
                                                                                                                                                                                                                                                      SHA-256:860B69E096E5805015CF5B5D64E4ECE06C5B987DC05DA1F97835C79D9CC79B10
                                                                                                                                                                                                                                                      SHA-512:5524850540279AE84139E973DFB2E5E64F50A20E146EE16A735C2D43E36CAE2F36BD96E8ED807362BF47F8B237C866E215F6B33EDE35DF1B1914714EC746FC3B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............COLR/.l........DCPAL.cx.........FFTM...=........GDEF.'0.........GSUB.......8..W.OS/24..........`cmap%=.>..c.....cvt ...D..o.....gasp............glyf^..A..1L...thead..Z........6hhea.......T...$hmtx.8........a loca"A.<..o....4maxp1'.....x... name...........post.*eo................j,._.<...........M?......M=............................................................0....Y...............@.................L.f...G.L.f.........................A.........PfEd...#...........[............... ..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\freebl3.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):657616
                                                                                                                                                                                                                                                      Entropy (8bit):6.793648125959828
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:oMwxpO1R92zIQH1emvI3+dSCb53F0kPBhsHHnHHJL9vJvktsoRYxscuDb76WhiAZ:oMwjO1jmIQK//H+AIDrfFdQO4R8Bj0+j
                                                                                                                                                                                                                                                      MD5:B03019A7E098E8D7CA8BD0D15489E0BF
                                                                                                                                                                                                                                                      SHA1:CDF909DF88C47F87E264D208CCE83F1E0C19FE54
                                                                                                                                                                                                                                                      SHA-256:4997B6E3160D7A3638DDAC9A1EF04AA5A4B09B04CBA6FCF38E44505AF247E211
                                                                                                                                                                                                                                                      SHA-512:083A5A987CBAFCE5E8E3E596BBBF1BD1AACE6751F4B9A7A63C279C0D5D93F4DCEC4ED997940F61A672C57C1FBE7B8468ED6170D7FF3782A81B7D809B2F5EB7AA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...r.t_.........."!.........2......`........................................p.......a....@A............................S............0..x................"...@...!......................................................@............................text............................... ..`.rdata..$...........................@..@.data...0F..........................@....00cfg....... ......................@..@.rsrc...x....0......................@..@.reloc...!...@..."..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\gmp-clearkey\0.1\clearkey.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):87248
                                                                                                                                                                                                                                                      Entropy (8bit):6.594047131720971
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:1536:RI1epOutmsHyaHbuqZ2JzHopflWgkmyRDiVOeSEDY0kZK:6utRzbuqZCzIomBO5EDY0k4
                                                                                                                                                                                                                                                      MD5:84B7688F38ABAD0095E714CE7D6FF284
                                                                                                                                                                                                                                                      SHA1:421A24955F1597DE866292C0668545454197930A
                                                                                                                                                                                                                                                      SHA-256:26C8B0D141B91F7C00A087A15B63B0828D29DAE0C0271E7FA5BCC605654AC612
                                                                                                                                                                                                                                                      SHA-512:9B40156A0B1CE2FD99D67AAFBFBCFC523BC568C1AB48F7F74E22FD8E66E34B7EEFC05C190DB642CF238534038554E669F651DAF01276CCFE7208DAAD2494AE0D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...q.t_.........."!.........6......`........................................p............@A................................_........P...............2..."...`..|....................................................................................text...B........................... ..`.rdata..,........ ..................@..@.data........0......................@....00cfg.......@.......$..............@..@.rsrc........P.......&..............@..@.reloc..|....`.......*..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\gmp-clearkey\0.1\clearkey.dll.sig
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1449
                                                                                                                                                                                                                                                      Entropy (8bit):7.573179326905175
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:F0wGKW1lQ7MJLwWSFBfv57/erinmxV5QCmrusGXVsoS2HGwIoPE1cO:Kw6wMRSFP7KimxH+uvVo0nO
                                                                                                                                                                                                                                                      MD5:9E66F8B862263EAFE196276299E82A29
                                                                                                                                                                                                                                                      SHA1:1DFAE6E8DCE5C8ED09349BB674C22626B8D0A0F4
                                                                                                                                                                                                                                                      SHA-256:5ED86FF5F76222F0DD843B2183BB9073058276A9BF7D5D413CF5890748DAB77C
                                                                                                                                                                                                                                                      SHA-512:DB7A89FFCF64DCD5060FCE70C3875D1A2ECD7D51BA9F26DCB880DFB0A177ED148D2C4249F3317451B46B5DE58E53DC28180D202743E5721A7871B00F38C40947
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....0...0..........+.*...H..p3..C.50...*.H........0}1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1"0 ..U....widevine-codesign-root-ca0...170727225147Z..270725225147Z0..1.0...U....US1.0...U....California1.0...U....Mountain View1.0...U....Mozilla1.0...U....Release Engineering1.0...U....mozilla.com1"0 ..*.H........release@mozilla.com0.."0...*.H.............0.........5...c....U.R.....8....zSQ..."v.$.t.G:B.........4-..V.<1..0.M..j.U.6....n.z.3.......F.O./<..$....(b..HfG..a..NO.L.7....{..."..}..~R;.....-k....@...`..E3.u..0.9....f. ........a....O.R........F.H......'*...0.l...wH...`..mOZzV.....y.*.).]{.u.o.:,..........o0m0...U......T.4....>...{......0...U.#..0....=..tW....!.B.#U).0...U....0.0...U........0...U.%..0...+.......0...*.H.............-P k]1 .&..2i......v.<..[..n....+..).n..a..J....u.....i.`i{R9[.l.5......bQ...}...].Tp..........iw.Kr~i............6.k.j.df-.....@..\r..Hh=mc...s.jd.43?.....p2.r\3.....,.....!.JN....e.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\gmp-clearkey\0.1\manifest.json
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):229
                                                                                                                                                                                                                                                      Entropy (8bit):4.455107948108694
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6:ve0Qe/WMQQExXiFYS1oa5W8eMu4HPR4x16Dg:20PKQExXil1orRmRUmg
                                                                                                                                                                                                                                                      MD5:CFFDADFAEEAAF0A5A78E7F9A299AA7F1
                                                                                                                                                                                                                                                      SHA1:7A8F06D7C91877484301CE8474DFBB1BDE08A040
                                                                                                                                                                                                                                                      SHA-256:EF47E83036753B53F59D079FEF62BFEDC749ABDBCDB0FE16F448D9920F11114C
                                                                                                                                                                                                                                                      SHA-512:5A11E448389326DDBD3BE792D9A10AE746C66E4A41F9C96F4979EC71FDE385FC4DEB205A40F1B4F24415ABD9D41C453CA1285F4B813005B1D12A2701F214DB85
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {. "name": "clearkey",. "description": "ClearKey Gecko Media Plugin",. "version": "1",. "x-cdm-module-versions": "4",. "x-cdm-interface-versions": "10",. "x-cdm-host-versions": "10",. "x-cdm-codecs": "avc1".}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\langs\es-ES.xpi
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):515152
                                                                                                                                                                                                                                                      Entropy (8bit):7.898077162301601
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:Aqtbzz1AGb9MWwBpffXvkGZv95hTfNa5Cqg5CqkYk:A6H1AKDwBFf/tFPlaUqgUqZk
                                                                                                                                                                                                                                                      MD5:9F3054C470BB5F7F4995C007EFF5E496
                                                                                                                                                                                                                                                      SHA1:54C7C75BFD9FE41D9601728B72B6742DBCBA75F8
                                                                                                                                                                                                                                                      SHA-256:927DC690A463CEC0FED9031B5E08B4600EDF9DFB852861D04FAF5AACAC22936F
                                                                                                                                                                                                                                                      SHA-512:D23CD6C07D70826CEB432D392D23E46C2A76A070E08017AD472A9A0EB4BDEEC154B69216D47C37212615F846897EEE0FCC4327E3209A9CBFB26CAF7EEE178479
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK........................*...chrome/es-ES/locale/es-ES/alerts/alert.dtdD..j.A.D.~E....A. ....x.8;..avz..$..O..D0.zUo3.*..V.J.....,y.+.4o..&..`.G.t..(....4...@...JJK.;...a..#..q.N.\."..e..M1jqe.`..m..HK\. ..i.s.$.7.f.C]...'....C.v......f..r./.Q..#es&..',v... 5.k......+-......^]..E,v.:.K.7......PK..........8...PK........................1...chrome/es-ES/locale/es-ES/alerts/alert.propertiesT..n.A.D...%...#R.!(.....c.l......'..._...%..`.q..U.j.O....jb<..x...........\...O.'.&9.V....KI\......7..G.......2.u.b^.o.....|.........!Q..NR..A..}.....u.=...m..b.)....%.xf..k..(.hy.2..q........'.. F}.G...l.....S=..Q.%...q...N..._?.W._./..l...n.s...!...x.....QE.G..2.9.K;V.1*K.$.......PK....k.6.......PK........................:...chrome/es-ES/locale/es-ES/autoconfig/autoconfig.properties..Oj.=...}...3j...._....`o...H....F*......}.0..L0Yd.?.W.'m.2J..........'HA........a.......K......f..xN....p...{...?>.n.7*Hj.R,.......QJ.A/...U+<%..H.41.0.....f.yh...q.k....5.2..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\lgpllibs.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):34000
                                                                                                                                                                                                                                                      Entropy (8bit):6.600130139623103
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:768:hdKCWzmKMS0Q0CMTY32rzVCMBo15sK5QDGBKg0l:vKHS7wMfVCMW5Jn6l
                                                                                                                                                                                                                                                      MD5:A9A87CE0B0A5D8D914F1E645FBAD7229
                                                                                                                                                                                                                                                      SHA1:D1A933D31CFF85C61194D780A41ADC662BFD814F
                                                                                                                                                                                                                                                      SHA-256:4DD3B0C7F6F90BE40D9EEFE2FE5B30F938FD6967826EFC35105E0EE377AF5C30
                                                                                                                                                                                                                                                      SHA-512:1286FDB6FBDE8B42119AD985711418D07E86530258A0D6C8470E0D43B18F726603744EB0A8D349326BD0ED927A62FF85DF2715FF2C93EC5F5178DAE034D7E9E0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...K.t_.........."!.....@..........@E....................................................@A.........................U......w\..x....................b..."......P....S...............................P...............]...............................text....>.......@.................. ..`.rdata.......P.......D..............@..@.data........p.......V..............@....00cfg...............X..............@..@.rsrc................Z..............@..@.reloc..P............^..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\libEGL.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):39120
                                                                                                                                                                                                                                                      Entropy (8bit):6.4139794932358605
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:768:CWjPFYVOGjvIg1NS/DEcyvd6378cAIvzK19oQm7KlFgoPXK+NMtULzuEFUt4h77u:Y+2DtwQu2ylxbOgIc
                                                                                                                                                                                                                                                      MD5:C7122865C92C6195B285CE8FA5144FC0
                                                                                                                                                                                                                                                      SHA1:076F741058373E0E08DC28F416D1ECFC37826878
                                                                                                                                                                                                                                                      SHA-256:E62952A6C1529FD5E53620233FF0CDC500DCC53077ADCD8DB2F8593E11B7E1AE
                                                                                                                                                                                                                                                      SHA-512:6FC3439F0CCD7C1C1F39DC1C88F3016317AAFBB42E4DE24AEC14593411835D4FC69B2FB7097A843AC46ACD914F7B1BD03AD3C379EE82DCB7D87C0E7DEFC853A4
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....t_.........."!.....B...0......PN..............................................V.....@A........................8k..C...{u..x....... ............v...".......... i...............................`...............v...............................text...&@.......B.................. ..`.rdata.......`.......F..............@..@.data................b..............@....00cfg...............d..............@..@.rsrc... ............f..............@..@.reloc...............l..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\libGLESv2.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3385552
                                                                                                                                                                                                                                                      Entropy (8bit):6.661159551921651
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:49152:PJklA781fsOhe9trMVcHmXgcPlimVmcAgGk7HXjgHB4kZ9PkoMJvvN+:4QMVcGwcPl3Re
                                                                                                                                                                                                                                                      MD5:D54F7AF903F84AE68513F4E471722FDA
                                                                                                                                                                                                                                                      SHA1:65FC2ED4B109CEC0C7C0F05EFDB83B0B2AE2B453
                                                                                                                                                                                                                                                      SHA-256:A64388F06234BBC49A5EB475BFD4A28E92A04BCFA7F99D882932EB480840E9DC
                                                                                                                                                                                                                                                      SHA-512:963EB07126B5811F3A0421A53EC89FD879299347E4A7E5D86C11CE773A4F293B7C4653DE332AF828E8D42D7EA800FF21E4ED492A5A29CB0D91D10DDA3938F215
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...J.t_.........."!.....b%.. ......pj%...................................... 4.......4...@A.........................L..T...L+0.......1.8.............3.."....1..#....-.......................+.......%............../0.D............................text...<`%......b%................. ..`.rdata..t.....%......f%.............@..@.data....`...P0..&...20.............@....00cfg........1......X1.............@..@.tls..........1......Z1.............@....rsrc...8.....1......\1.............@..@.reloc...#....1..$...b1.............@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\locale.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):22
                                                                                                                                                                                                                                                      Entropy (8bit):3.5160276412662306
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:9/E6YAPD:lPD
                                                                                                                                                                                                                                                      MD5:099325F9672B570F01B1A5FB47699D9A
                                                                                                                                                                                                                                                      SHA1:AEFBBF5E12E1F8B849B7C91D6FC4E4DCDC7179CF
                                                                                                                                                                                                                                                      SHA-256:ABF65DE11183C9D994B4AC9EE9EA19FD30C7EE13703B9B3DF3C84BB422B41240
                                                                                                                                                                                                                                                      SHA-512:0FD906831E8C8184FB0DDE450C31575AFA231CD945FD846D07895B096AC795A433C4CA0E2C3F76357CF71CA458331AEAA62CBC14D9D330C39BA25D34B5579A18
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: [locale].locale=es-ES.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\minidump-analyzer.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):654032
                                                                                                                                                                                                                                                      Entropy (8bit):5.376081428839904
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:UHw/AHZOMG4xH+4JL0/oA0Ck8LplpmWj4rlWAi298jeybUdGbBN:U6gS4x+YvA0GHv4rlWlCybUQT
                                                                                                                                                                                                                                                      MD5:F028AA0B72C792A12ACC243047F1B9C3
                                                                                                                                                                                                                                                      SHA1:E45F442ADDAE81CE93A3C0F2D98CF5E18CB58891
                                                                                                                                                                                                                                                      SHA-256:FC6EA69DC2819E49987ABF6A5F47FBFA09F3E6BADB27FAB3B446D7F010C03B71
                                                                                                                                                                                                                                                      SHA-512:D0718B8B2523428B8D9905F7399A7D9E6D34EB1BD75E79F113EB0DECBDC2073C5144784FBCF4E121C426BAA86B35A67348FF963EA910C577F112FC8609BD9D78
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...8.t_.........."......p...d......@{............@.......................... ............@.................................x(...........................".......d...#..............................................$,...............................text....o.......p.................. ..`.rdata..L............t..............@..@.data..../...P...,...:..............@....00cfg...............f..............@..@.tls.................h..............@....rsrc................j..............@..@.reloc...d.......f...r..............@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\mozavcodec.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1934544
                                                                                                                                                                                                                                                      Entropy (8bit):6.770010792708354
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:49152:w1rE6yG1C6nGGxeQhSKkTtOo3Mql0kKtOa3nxGuhM59ZlNX9l:urE6yGk+lxVvYuhaZH
                                                                                                                                                                                                                                                      MD5:538DB41D622E77B35E48BCE99C6337C2
                                                                                                                                                                                                                                                      SHA1:DBDF564E9841E106AB23540C4BF2A06C2DFE7F0B
                                                                                                                                                                                                                                                      SHA-256:957369CF62B0145377F8D79CC4F893CDBBD644890C86F5E4B8AF2E45E52C727D
                                                                                                                                                                                                                                                      SHA-512:54A54644038BD4A9E6513D0EB890D6D39E902B652267FB50B2283B7FABF317E6D965C099BCAB044A4859A3C7C2F0D38C566ACC3D95AEC0148112FAECCA734679
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...L.t_.........."!.........X......p........................................ ).....\4....@A.........................n.......|.......0(..............b..."...@(.H.../H..................................................|............................text............................... ..`.rdata..<o... ...p..................@..@.data................z..............@....00cfg....... (......~..............@..@.rsrc........0(.....................@..@.reloc..H....@(.....................@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\mozavutil.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):176336
                                                                                                                                                                                                                                                      Entropy (8bit):6.102604199318
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3072:xtgZ0BRAachdV1kFn1UqmzsX9GqgMsWCs0/84giO4ztk:0Z0BKachdV6F1BmzstGqgMsWCseKiOk6
                                                                                                                                                                                                                                                      MD5:18A1B0FF50BFF92234DD0BFFD1EC0AA1
                                                                                                                                                                                                                                                      SHA1:83DF20D384ACD9D82D7949D0B1F10797DA06A220
                                                                                                                                                                                                                                                      SHA-256:93634E04FB10352B0EDB53448F28ECB85E390640DBBCA5BBA96C096278CDC005
                                                                                                                                                                                                                                                      SHA-512:DB1F93BB0A0DA515788AD1A65281219BC1BF501BA39C59BF3C0B91839B135C890548F06B5AA096503198237B321212D36F5631A40F74ADED62E89D1461BA5CEE
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...).t_.........."!.....^...,......._.......................................P......`$....@A.........................K..>$...p....... ..................."...0......)E..............................(p...............r...............................text....\.......^.................. ..`.rdata..4....p.......b..............@..@.data................p..............@....00cfg...............r..............@..@.rsrc........ .......t..............@..@.reloc.......0.......x..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\mozglue.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):477392
                                                                                                                                                                                                                                                      Entropy (8bit):6.762838479121722
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:he1j91rTRlaDHzt2Ah3gZZt03lazqhTpPmzHs:he1jbrTRlaDx2u3g103lazqhTYzHs
                                                                                                                                                                                                                                                      MD5:0D05CE291AC830E7FA867FC54122AB14
                                                                                                                                                                                                                                                      SHA1:AC747CB4DA1E6B168B52DE751474EE2198D56961
                                                                                                                                                                                                                                                      SHA-256:4BA0D20EFC78EA34374675E958BDF498D684F743392539781E588881CB2B6025
                                                                                                                                                                                                                                                      SHA-512:A197B20D36FB6FD423193315C0D024CC82D8FA3673348EE328B0D0F5C89E1D7310FEE0B998E680BA1C5792FD3AA3510E727BB1E621D4F7BBDFC992B800E55564
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....t_.........."!.........0............................................................@A............................[..n...|....0...............&..."...@...2...x......................<1..............................T...@....................text............................... ..`.rdata..............................@..@.data...............................@....00cfg..............................@..@.tls......... ......................@....rsrc........0......................@..@.reloc...2...@...4..................@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\msvcp140.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):453416
                                                                                                                                                                                                                                                      Entropy (8bit):6.666716432959362
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:B6Z1JFeuKLOU7oiz28hUgiW6QR7t5s03Ooc8dHkC2eskHA1:sZDF3U7oiz2b03Ooc8dHkC2e5HA1
                                                                                                                                                                                                                                                      MD5:9DDA681B0406C3575E666F52CBDE4F80
                                                                                                                                                                                                                                                      SHA1:1951C5B2C689534CDC2FBFBC14ABBF9600A66086
                                                                                                                                                                                                                                                      SHA-256:1ECD899F18B58A7915069E17582B8BF9F491A907C3FDF22B1BA1CBB2727B69B3
                                                                                                                                                                                                                                                      SHA-512:753D0AF201D5C91B50E7D1ED54F44EE3C336F8124BA7A5E86B53836DF520EB2733B725B877F83FDA6A9A7768379B5F6FAFA0BD3890766B4188EBD337272E9512
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......4.m.p...p...p....S.r...y...f...p...........s.......x.......{.......f...............q.......q.......q...Richp...........................PE..L.....>[.........."!.....6..........p........P......................................|j....@A........................ v.................................(?.......>..Pw..8............................-..@....................r..@....................text....5.......6.................. ..`.data...D(...P.......:..............@....idata...............R..............@..@.didat..4............f..............@....rsrc................h..............@..@.reloc...>.......@...l..............@..B........................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\nss3.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2074832
                                                                                                                                                                                                                                                      Entropy (8bit):6.738411212832772
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:49152:6NE4i17ZsvWCNCAYOgk+tH72bBcvaZ83kua:GDi17Z9/k+BzCZ83q
                                                                                                                                                                                                                                                      MD5:D463F3B200559B7947733923A5B21256
                                                                                                                                                                                                                                                      SHA1:FBEA205F86D565DF9F7B09A267161830715D1F06
                                                                                                                                                                                                                                                      SHA-256:CB285FF22EB02F4F8168F080E489E1A585823E5818D6FEEA2329107C01F01FFE
                                                                                                                                                                                                                                                      SHA-512:D95AFEFC92ABA2D34EF4A27B96EBCC65BB337BD02CA77746D5B827CB1EBD057CAD37CDE6BC3BC098D66CF25EB9F6BF27BEA501BD44B96CCFEC72BF028A6EC645
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...K.t_.........."!.....x..........@u..............................................#. ...@A.........................T......8...T....p..x................"......Dd...1...............................................................................text....v.......x.................. ..`.rdata..tx.......z...|..............@..@.data...xG.......$..................@....00cfg.......`......................@..@.rsrc...x....p......................@..@.reloc..Dd.......f... ..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\nssckbi.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):364752
                                                                                                                                                                                                                                                      Entropy (8bit):7.029277551058171
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:u8xLn9BxVnppmbkTHHDEpc+J2Af7hAqDgiVXH9I:bLnvnppX7HC2UAqDgiVXH9I
                                                                                                                                                                                                                                                      MD5:6A3B9773418EBE4DE31CB284ACAB7268
                                                                                                                                                                                                                                                      SHA1:306AB2E0F344979B33944C3D743D7E2DC1B66206
                                                                                                                                                                                                                                                      SHA-256:742A9170A0F953D04443685FD414770CA7A0D7B2A0C2051FF47FB7BA5AFB41C3
                                                                                                                                                                                                                                                      SHA-512:1104A744CF4AF6F8ADA4C91160366D1E95CB7D3393B9CE15331FA3E8AE092FADD25B40D0167C5CCE0F9D0E22B0EA9AE08F7F7A80BD58C54C87A9A4FB92A57CEF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...p.t_.........."!................p...............................................NV....@A............................T.......d....@..x............n..."...P...U.................................................. ................................text...&........................... ..`.rdata..t...........................@..@.data....K.......J..................@....00cfg.......0......................@..@.rsrc...x....@......................@..@.reloc...U...P...V..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\omni.ja
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):26076083
                                                                                                                                                                                                                                                      Entropy (8bit):5.846208062421384
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:196608:Eh18w2soNryrcryj/KcCOf2B/wJXFNkWYUhghHd0Tl8uq1cf:CnoFNXcCOf2BUhghhhOf
                                                                                                                                                                                                                                                      MD5:0F7146F5EA263C041C659B34D3A870D3
                                                                                                                                                                                                                                                      SHA1:7639260EFB9AB0E8D245285DB95952BF3F541845
                                                                                                                                                                                                                                                      SHA-256:B01A3980030556557B0CF7601A2AE18323521FE54F275CC0B9967401FCCAD0E9
                                                                                                                                                                                                                                                      SHA-512:7C2366C710E025BC839654698E6869D26C3F0AD69D103398775DCE516235785F5FEE58F80EA45693A6ED0AAFABE6122D7EEC67A16077AC95EB60CF7D768F6182
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .o..PK............!<.z.&......................>_..greprefs.jsPK............!<..Y.H...H..................C..chrome.manifestPK............!<.$. 7...7.................tD..chrome/chrome.manifestPK............!<.z.........................N..update.localePK............!<...f.......................O..res/multilocale.txtPK............!<;^..T...T.................MO..components/components.manifestPK............!<............0..............Z..chrome/es-ES/locale/es-ES/global/intl.propertiesPK............!<...)5...5.../..............\..chrome/es-ES/locale/es-ES/global/css.propertiesPK............!<.iK.?...?.../.............Mk..chrome/es-ES/locale/es-ES/global/xul.propertiesPK............!<.[..........9..............l..chrome/es-ES/locale/es-ES/global/layout_errors.propertiesPK............!<h..........;.............9...chrome/es-ES/locale/es-ES/global/layout/HtmlForm.propertiesPK............!<o...........4.................chrome/es-ES/locale/es-ES/global/printing.propertiesPK............!<ifd.6...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\osclientcerts.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):282320
                                                                                                                                                                                                                                                      Entropy (8bit):6.6243360920438015
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:b0wDsJ9dNjs+4IiZSaqdu32lQg7J9sDhsJC7:fofe+qZUiqZJ257
                                                                                                                                                                                                                                                      MD5:EFE59A4BD2528DD2ECC8F847822578E0
                                                                                                                                                                                                                                                      SHA1:30116A569B58D72E82F3ADA4681873171B30A470
                                                                                                                                                                                                                                                      SHA-256:7E4F2B962743965B53B18426745E8B1BA451D86F686A6D6A8C826514C3CBABDF
                                                                                                                                                                                                                                                      SHA-512:16756CEBF37E4C7F13D1A5B2C2E2B887DDFEB2E6D4E2439748A707F68582926936C1387F1214D9E553D34FCEC7026BAD45A6127E70A5B420267D72B601737B15
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...|.t_.........."!......................................................................@A............................Z...^........@...............,..."...P...)..........................t.......................H...H............................text....~.......................... ..`.rdata...s.......t..................@..@.data...............................@....00cfg....... ......................@..@.tls.........0......................@....rsrc........@......................@..@.reloc...)...P...*..................@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\pingsender.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):69328
                                                                                                                                                                                                                                                      Entropy (8bit):6.8176100296461914
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:1536:cjTnyTT/HQfibhcRZWqVcbxunToIfi2GuJkB:ynU2RZWz4TBfi29k
                                                                                                                                                                                                                                                      MD5:1EC4E1A52440FFEAC4C9521621801C34
                                                                                                                                                                                                                                                      SHA1:3FD7AB4D2AADC9AA72C9942556DDE34A0CA3A9C7
                                                                                                                                                                                                                                                      SHA-256:33F72A13A8C694C8167BD694A18EE273FD54CCC374384B6AD44B0776E9490462
                                                                                                                                                                                                                                                      SHA-512:4234282A30E2C1B14B56DB4DC7F7C551B8456E14BCE73ECB4A1AB3A9AF3794B573822B57B24A8C1474C9F86E4083CD877B6F4A444476057B594D79B74593FB4F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...6.t_.........."..........V......0.............@..........................P............@..........................................0..................."...@..l...........................0........................................................text............................... ..`.rdata...B.......D..................@..@.data... ...........................@....00cfg..............................@..@.tls......... ......................@....rsrc........0......................@..@.reloc..l....@......................@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\platform.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):166
                                                                                                                                                                                                                                                      Entropy (8bit):5.121062506476015
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:GB4vQM4+vv0wkwSsiXXDRMjR0WwiM+KLXSlQXGA0V4Bs2dRTGWCHfnP:GAv0AOdMjeWwiVK/XFs2dRTGznP
                                                                                                                                                                                                                                                      MD5:3874EB517FF3B150E8A5CAB84E44EAC3
                                                                                                                                                                                                                                                      SHA1:90261B244E9B44B10289B3D4848923609FD00443
                                                                                                                                                                                                                                                      SHA-256:E1C9C7F750B17CFC637088D94468CF82A3B32EDB2B52253352607143496BAF25
                                                                                                                                                                                                                                                      SHA-512:B38F0470491B604CCC492D9A377362232BBB34FC99CEB4E041D603065DF06F23EBB0030C48DB06FBE076BC139FA6BED141C29F606CD9AEB211818D5823DA4734
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: [Build].BuildID=20200930150533.Milestone=81.0.1.SourceRepository=https://hg.mozilla.org/releases/mozilla-release.SourceStamp=0df30c09d098468f2f4632e62aec0954b6174dc5.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-container.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):244432
                                                                                                                                                                                                                                                      Entropy (8bit):6.620823833967178
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:7304tVsIqZaBqLH9WtQosZjhsCkCUEcFMhXE:n3KasLH9BoQjhVpdZE
                                                                                                                                                                                                                                                      MD5:64C457D1DFA87709C5D1DE85E50B97D7
                                                                                                                                                                                                                                                      SHA1:62C28B87BD917CA56E34F46BFC0DB82E25BE6FC9
                                                                                                                                                                                                                                                      SHA-256:CAF96470BCFB24B65ADC46B4CEC75F165BC0D0CF95717A4ADE424B09F0CE0111
                                                                                                                                                                                                                                                      SHA-512:5F240470773AA2122ED56BF81B8C9F6CAF1919EC3816DE54B0D22563CF38D1ED78FE9054C0A48E1EF31B3C887F9FBBBB1B9448AE5DF9FA9A6A009C7AA787FD85
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...:.t_..........".................`.............@..................................,....@..........................F.......N..@.......P................"...........?.......................!.......................S.......E.......................text...W........................... ..`.rdata..db.......d..................@..@.data...<............f..............@....00cfg...............h..............@..@.tls.................j..............@....rsrc...P............l..............@..@.reloc...............z..............@..B................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-container.exe.sig
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1449
                                                                                                                                                                                                                                                      Entropy (8bit):7.562068209278441
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:F0wGKW1lQ7MJLwWSFBfv57/erinmxV5QCmrusUJ4JzL9F0:Kw6wMRSFP7KimxH+uA9Za
                                                                                                                                                                                                                                                      MD5:EF6FC165FA3FC2C3FD30EC33F8EEAEFC
                                                                                                                                                                                                                                                      SHA1:60D067B19B156331BC2E01B267BD39CE24F37473
                                                                                                                                                                                                                                                      SHA-256:AE082DDA3A0B744C747427A22AFD2B97B4AE889DF18A4E6355B4DEE2CFA6F1B5
                                                                                                                                                                                                                                                      SHA-512:CAA20E4B149AF9666430A38EFDB8700BC6DDD5313DA45EE30CB9CD684530BC3378192E405D3AA208E264C4C6B79DC9A920B9B541D8D121DD9FB0CD80B3D1B584
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....0...0..........+.*...H..p3..C.50...*.H........0}1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1"0 ..U....widevine-codesign-root-ca0...170727225147Z..270725225147Z0..1.0...U....US1.0...U....California1.0...U....Mountain View1.0...U....Mozilla1.0...U....Release Engineering1.0...U....mozilla.com1"0 ..*.H........release@mozilla.com0.."0...*.H.............0.........5...c....U.R.....8....zSQ..."v.$.t.G:B.........4-..V.<1..0.M..j.U.6....n.z.3.......F.O./<..$....(b..HfG..a..NO.L.7....{..."..}..~R;.....-k....@...`..E3.u..0.9....f. ........a....O.R........F.H......'*...0.l...wH...`..mOZzV.....y.*.).]{.u.o.:,..........o0m0...U......T.4....>...{......0...U.#..0....=..tW....!.B.#U).0...U....0.0...U........0...U.%..0...+.......0...*.H.............-P k]1 .&..2i......v.<..[..n....+..).n..a..J....u.....i.`i{R9[.l.5......bQ...}...].Tp..........iw.Kr~i............6.k.j.df-.....@..\r..Hh=mc...s.jd.43?.....p2.r\3.....,.....!.JN....e.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\plugin-hang-ui.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):33488
                                                                                                                                                                                                                                                      Entropy (8bit):6.413043899374863
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:768:98ROx5tI36ix+wsD73Zrv7R5Z7qv5DJcm3xj7tDGBKg7D:f6tEzZrZ2cm3xjwh
                                                                                                                                                                                                                                                      MD5:0C858D718296DC5487F884FAEEACCFCA
                                                                                                                                                                                                                                                      SHA1:850DBAF16E0C3B5EA7EF7315A8CFC9C8FF69DF8C
                                                                                                                                                                                                                                                      SHA-256:F932D14AF3B928243282EE4D320F192C5320481FA085D9A9BEA412AE5AC1E4E8
                                                                                                                                                                                                                                                      SHA-512:B032099E7DF3EB93408D63786A3E1717D463DBEE011F4577629E7744A4F62B3F1BFB94946FB924BA1328C129538FED69034F6BFF5872DA7BE850A7F8495EB0BA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...$.t_.........."......2...*......P6............@.................................3.....@.................................xT..........(............`..."...........S..............................0P..............$W...............................text....0.......2.................. ..`.rdata..,....P.......6..............@..@.data........p.......L..............@....00cfg...............N..............@..@.rsrc...(............P..............@..@.reloc...............\..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\portapps.cfg
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):363
                                                                                                                                                                                                                                                      Entropy (8bit):4.850006143035367
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6:jnQS9Kg3W19LLZEZTLHYcRpdO2TPKQJKvktJJFhQNNRF6VpJGDrRAwhSJF1sKQGv:jQjg3W32ZTLHdTPKz+KDFOG5EPQkPxUA
                                                                                                                                                                                                                                                      MD5:1F261EA530381BE74C7F51C7486D13C3
                                                                                                                                                                                                                                                      SHA1:09063A916AA8FD639D580F25C494EAEC1BB3625F
                                                                                                                                                                                                                                                      SHA-256:F3AF0B84B842B2A603729C7C46184C0CD363CDF834C64D1935BE860D13C50302
                                                                                                                                                                                                                                                      SHA-512:067E3F426377195E78DE5DBAC8AD01FC31428F112DAD488483E63BF1E6B7DA73B5B1043CDCB9E9E5CD89A1790AE71605650FE2B5F087CEF9F71F1E46E0796D32
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: // Set locale.pref("intl.locale.requested", "es-ES");..// Extensions scopes.lockPref("extensions.enabledScopes", 4);.lockPref("extensions.autoDisableScopes", 3);..// Don't show 'know your rights' on first run.pref("browser.rights.3.shown", true);..// Don't show WhatsNew on first run after every update.pref("browser.startup.homepage_override.mstone", "ignore");.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\precomplete
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3324
                                                                                                                                                                                                                                                      Entropy (8bit):4.784595606885478
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:r8rHtPiBHkS0W07wrN2KkH4J5iXJNdbrc8NV5oess:r8068NdzJ5YJ7bF5ols
                                                                                                                                                                                                                                                      MD5:9257592DB4AB806C5084BD5ECB4C2217
                                                                                                                                                                                                                                                      SHA1:559C402F107A76F305747280816BC84F07C05FD7
                                                                                                                                                                                                                                                      SHA-256:6A034A655992AC16788A0F02875BFB429FB427F74A26BEBA638C0512915015EF
                                                                                                                                                                                                                                                      SHA-512:6C46C698BF29ADDBF190B885F234DA9E2252DC346AB0674829A25F8A40C13F7A9CBAAB018B6DD3368D11CD3F4DAF35993C1A1769C1AC103A845CDAB16B43CD03
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: remove "xul.dll.sig".remove "xul.dll".remove "vcruntime140.dll".remove "updater.ini".remove "updater.exe".remove "uninstall/helper.exe".remove "ucrtbase.dll".remove "softokn3.dll".remove "removed-files".remove "qipcap.dll".remove "precomplete".remove "plugin-hang-ui.exe".remove "plugin-container.exe.sig".remove "plugin-container.exe".remove "platform.ini".remove "pingsender.exe".remove "osclientcerts.dll".remove "omni.ja".remove "nssckbi.dll".remove "nss3.dll".remove "msvcp140.dll".remove "mozglue.dll".remove "mozavutil.dll".remove "mozavcodec.dll".remove "minidump-analyzer.exe".remove "maintenanceservice_installer.exe".remove "maintenanceservice.exe".remove "locale.ini".remove "libGLESv2.dll".remove "libEGL.dll".remove "lgpllibs.dll".remove "gmp-clearkey/0.1/manifest.json".remove "gmp-clearkey/0.1/clearkey.dll.sig".remove "gmp-clearkey/0.1/clearkey.dll".remove "freebl3.dll".remove "fonts/TwemojiMozilla.ttf".remove "firefox.exe.sig".remove "firefox.exe".remove "firefox.VisualElementsMa
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\qipcap.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):17616
                                                                                                                                                                                                                                                      Entropy (8bit):6.363806811090196
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:192:murUCy1c5wjYgtoJba7+5XAQFMlNKMeD7x0KDWpHzOAAZa7vK6CYlLWwsUThU2wd:muukeYSoJ8+5nqlNKMepvDG8uK6jSsed
                                                                                                                                                                                                                                                      MD5:0C76A641FEA49E2108DC75231C608054
                                                                                                                                                                                                                                                      SHA1:C514071DCC8449A72302423D4CB1DEFC1EC06E4C
                                                                                                                                                                                                                                                      SHA-256:AC2CAB06BD46D2504F549A445C8CAA7D2D973784F3FB580F1A562614BEC6DE5D
                                                                                                                                                                                                                                                      SHA-512:506C5F1B301670EF51FC72D10ED620B2CD2FE0598018D9116EFDDC21100A097D63E3D5827FC84E786A6853E17B01C54469F6F0D23E531C4CBE484180C1E7437C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...:.t_.........."!................P........................................p......q.....@A................................d!..P....P..x............"..."...`..4.... ............................... ..............."..h............................text............................... ..`.rdata..d.... ......................@..@.data........0......................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..4....`....... ..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\removed-files
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                      Entropy (8bit):3.75
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:QnRvn:QRv
                                                                                                                                                                                                                                                      MD5:FEFBFAC37461BD30E05F5BEFAA1F7705
                                                                                                                                                                                                                                                      SHA1:74F9024662DB06184E645CAB76BFECB0E6897545
                                                                                                                                                                                                                                                      SHA-256:52523DA24287C4D459131C2E4818A713A732765E06E9BBBA1CF353888BA34F9F
                                                                                                                                                                                                                                                      SHA-512:874D6BDEF28DEA531C858443810D0B026A3A5667E0B9985BCE84B7C5AB63D06A015487BD1DA2A914D28AF7B6568335B1927F9FB9656715947929CD6671CCC4B7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: chrome.manifest.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\softokn3.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):244432
                                                                                                                                                                                                                                                      Entropy (8bit):6.651305931768412
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:EV6uVOXeoG5gmXw7VbrRKD49CD3JP+Ypepyc66AgNumG+U6Jmk7wa19WpcVRBmB8:EV8KD49i3JP+Ypep86BDU6Jmk7n/W2Vd
                                                                                                                                                                                                                                                      MD5:67DF9662E687C79554474D2CEF9CEBFB
                                                                                                                                                                                                                                                      SHA1:B851D9FB95A231582E3C11CA0B0BDA7B9078E485
                                                                                                                                                                                                                                                      SHA-256:6458CFC2248FDB07A6D04790315B9CFB0F27904044A660F7B6F2A72A85EAA7BE
                                                                                                                                                                                                                                                      SHA-512:49A927D01D9C68A121FE41F82BEC23FE8C134631FE4824AF4345C597A18AA9F81E43DF7D5864841B39273F4AC1C490E722736ADBC6150ED6A62A4D741D3EB3B4
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...r.t_.........."!................0.....................................................@A.........................W..S....X..........................."......x4..;R..............................................X\...............................text............................... ..`.rdata..............................@..@.data...@....p.......T..............@....00cfg...............\..............@..@.rsrc................^..............@..@.reloc..x4.......6...b..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\ucrtbase.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1172232
                                                                                                                                                                                                                                                      Entropy (8bit):6.803222047671955
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24576:Os974wcfeCepgb9qqu+XMO4nXIzvQVbe1SmcvIZPoy4/ZBVX:b96WghMOqI8Vbe1GZBVX
                                                                                                                                                                                                                                                      MD5:6343FF7874BA03F78BB0DFE20B45F817
                                                                                                                                                                                                                                                      SHA1:82221A9AC1C1B8006F3F5E8539E74E3308F10BCB
                                                                                                                                                                                                                                                      SHA-256:6F8F05993B8A25CADF5E301E58194C4D23402E467229B12E40956E4F128588B3
                                                                                                                                                                                                                                                      SHA-512:63C3D3207577D4761103DAF3F9901DD0A0AE8A89694AD1128FD7E054627CDD930D1020049317C5A898411735E2F75E2103AE303E7E514B6387A3C8463A4FB994
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........SH..2&@.2&@.2&@.J.@.2&@.2'@32&@.V.@.2&@.V"A.2&@.V&A.2&@.V%A.2&@.V#A.2&@.V(A.0&@.V.@.2&@.V$A.2&@Rich.2&@........PE..L....#.............!......................................................................@A................................l........ ...................=...0......P...T...............................@...............h............................text...P........................... ..`.data...............................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\update-settings.ini
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):132
                                                                                                                                                                                                                                                      Entropy (8bit):4.928073830085302
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:3:aiyBZVUDC5vMJLSeLXDcZVNl43Xksoip9fKd1EMJTXSP:a3Ue5vMFbLkTzJip9fKd6IA
                                                                                                                                                                                                                                                      MD5:1413131F8CFAD1E19D299667BF759087
                                                                                                                                                                                                                                                      SHA1:A0435CBF1A2817EC960C56A896D455E78ADC226D
                                                                                                                                                                                                                                                      SHA-256:C18489344FDC21AE366B4D957A0B9F11BE772483CA46F9FFAB6ED0356F946513
                                                                                                                                                                                                                                                      SHA-512:590B53AFF46903B1883C5FB14492CA85DB2C6E0E900D0FDF62C3E6DA10F1D10C3AA51224DC6DB50F4EB12D42DE017892F77E91D79AA16FCAEFBA10B27748748D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ; If you modify this file updates may fail..; Do not modify this file...[Settings].ACCEPTED_MAR_CHANNEL_IDS=firefox-mozilla-release.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\vcruntime140.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):82752
                                                                                                                                                                                                                                                      Entropy (8bit):6.874313648396849
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:1536:Szref/qblSclsganbQrl1cfJfkGuJnmxhpxv5YDanecbFKQhBVh:SGf/qbl55anbnfJX+neN5fnecbFKQh7
                                                                                                                                                                                                                                                      MD5:E79EF25890B214B13A7473E52330D0EC
                                                                                                                                                                                                                                                      SHA1:E47CBD0000A1F6132D74F5E767AD91973BD772D8
                                                                                                                                                                                                                                                      SHA-256:7A114A9C1CA86E532D7F38E81C48F24EF2BFE6084F6056B3D4C3566BA43003D6
                                                                                                                                                                                                                                                      SHA-512:DABED378FCCFABC10486747FC70CF51A4FCC5B88F869C8A2FA4DF30CAA83A3AF086C89E23806B7A291756DA957A97C80A9B834A05E1D8EE7BD5C7159458C537A
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................J.d....................v.....v.....v.......v.....v.......v.t.....v.......Rich....................PE..L.....>[.........."!......... ......P........................................@.......8....@A......................................... ..................@?...0....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\xul.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):105098960
                                                                                                                                                                                                                                                      Entropy (8bit):6.791925040792614
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:1572864:PVAwtSQjpMFp7bDcxZ+x55+BeytklkLJiSJEB2FtzLiU2:tVRIMG2TLiU2
                                                                                                                                                                                                                                                      MD5:5DF17560B91C525A72E05D8BF06EFC9F
                                                                                                                                                                                                                                                      SHA1:877DFD2A0FDE8AA2BE8D26C592469C3F578E2417
                                                                                                                                                                                                                                                      SHA-256:0F71255B6975C65763E0E9A77C0C6147B9E211C7B641391295583C06C893FCA5
                                                                                                                                                                                                                                                      SHA-512:7870B9C82A565ACD41BE5DE5E86A5797AFE7B52738C0162E7E8A9407C7FE5B31076FC7496E5B1EDC6F88065F145FF8719C5CF3545A2EC9431F2C0EDA4D1935B9
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...t.t_.........."!......t..........yt.......................................N.......D...@A.........................N8.q'...v8......0...&............C.."...`...I/...2......................~......H-u...............8.. ...F8......................text...O.t.......t................. ..`.rdata..d.....t.......t.............@..@.data.........9......p9.............@....00cfg.......0H......F=.............@..@.orpc...9....@H......H=............. ..`.rodata......PH......J=.............@..@.rodata.....`H......X=.............@....tls......... ......................@....rsrc....&...0...(..................@..@.reloc...I/..`...J/..B..............@..B........................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\xul.dll.sig
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1449
                                                                                                                                                                                                                                                      Entropy (8bit):7.566318874002339
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24:F0wGKW1lQ7MJLwWSFBfv57/erinmxV5QCmrus8XtjHOsa:Kw6wMRSFP7KimxH+ultjNa
                                                                                                                                                                                                                                                      MD5:2B644E04C590D57CD8BE3909C5E41CA1
                                                                                                                                                                                                                                                      SHA1:755E2DF9117C0165BA02EBFBE9DC666CAAB6F7FC
                                                                                                                                                                                                                                                      SHA-256:338CE687FC075671A06E9D85134A18771C73675CFD5B4B0277FEED7E907B89A0
                                                                                                                                                                                                                                                      SHA-512:727041183C917575F5E333ED4D6FE58FE23D6A6E35F1C550B06C2EB3322A90845888FFA47B46AD4F7930A2B7BFDCDE4C44ACF4ECB617B884AC37FD9AA52469B6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....0...0..........+.*...H..p3..C.50...*.H........0}1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1"0 ..U....widevine-codesign-root-ca0...170727225147Z..270725225147Z0..1.0...U....US1.0...U....California1.0...U....Mountain View1.0...U....Mozilla1.0...U....Release Engineering1.0...U....mozilla.com1"0 ..*.H........release@mozilla.com0.."0...*.H.............0.........5...c....U.R.....8....zSQ..."v.$.t.G:B.........4-..V.<1..0.M..j.U.6....n.z.3.......F.O./<..$....(b..HfG..a..NO.L.7....{..."..}..~R;.....-k....@...`..E3.u..0.9....f. ........a....O.R........F.H......'*...0.l...wH...`..mOZzV.....y.*.).]{.u.o.:,..........o0m0...U......T.4....>...{......0...U.#..0....=..tW....!.B.#U).0...U....0.0...U........0...U.%..0...+.......0...*.H.............-P k]1 .&..2i......v.<..[..n....+..).n..a..J....u.....i.`i{R9[.l.5......bQ...}...].Tp..........iw.Kr~i............6.k.j.df-.....@..\r..Hh=mc...s.jd.43?.....p2.r\3.....,.....!.JN....e.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashInstall32.log
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):11376
                                                                                                                                                                                                                                                      Entropy (8bit):3.630787334319327
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:96:WOx+wWLWhh4hVZs2Ph68h/hFtUghcNanWU+xNBXunhKhePSsPbOtfzHS:RJFKTLZV3/WDX+4uSsPbOtfzy
                                                                                                                                                                                                                                                      MD5:9EF1A598388B2CFC8E278F4DF71CBABF
                                                                                                                                                                                                                                                      SHA1:B2576B5AE2C81CF74A7BAC5A63425D4F2770D64D
                                                                                                                                                                                                                                                      SHA-256:A0FF825DC2E30585B746EB8640DFB7996076BE9F6113EFFA8022F4A83DA20F97
                                                                                                                                                                                                                                                      SHA-512:B749CF6DFE1A7C63CDCF253119F565A2EA61B8CEE4D26AE6C20FA04149C666F42A4CE2A3C1D6EB701CC9B61BF144653453C295B645E29EC40B981D9B9DBC4A1B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..=.O.=.=.=.=.=.=. .M./.3.2...0...0...4.6.8. .2.0.2.0.-.1.2.-.3.0.+.1.1.-.0.7.-.5.4...7.2.5. .=.=.=.=.=.=.=.=.....0.0.0.0. .[.I.]. .0.0.0.0.0.0.4.4.....0.0.0.1. .[.I.]. .0.0.0.0.0.0.4.5.....0.0.0.2. .[.W.]. .0.0.0.0.1.1.1.3. .C.:.\.U.s.e.r.s.\.U.s.u.a.r.i.o.\.A.p.p.D.a.t.a.\.R.o.a.m.i.n.g.\.M.a.c.r.o.m.e.d.i.a.\.F.l.a.s.h. .P.l.a.y.e.r.\.w.w.w...m.a.c.r.o.m.e.d.i.a...c.o.m.\.b.i.n.\.*. .3.....0.0.0.3. .[.I.]. .0.0.0.0.0.0.1.0. .".C.:.\.U.s.e.r.s.\.U.s.u.a.r.i.o.\.D.e.s.k.t.o.p.\.u.n.i.n.s.t.a.l.l._.f.l.a.s.h._.p.l.a.y.e.r...e.x.e.". .-.f.o.r.c.e. . .....0.0.0.4. .[.W.]. .0.0.0.0.1.0.3.6. .S.o.f.t.w.a.r.e.\.M.a.c.r.o.m.e.d.i.a.\.F.l.a.s.h.P.l.a.y.e.r.P.l.u.g.i.n./.P.l.a.y.e.r.P.a.t.h. .2.....0.0.0.5. .[.W.]. .0.0.0.0.1.0.3.6. .S.o.f.t.w.a.r.e.\.M.a.c.r.o.m.e.d.i.a.\.F.l.a.s.h.P.l.a.y.e.r.P.e.p.p.e.r./.P.l.a.y.e.r.P.a.t.h. .2.....0.0.0.6. .[.W.]. .0.0.0.0.1.0.3.6. .S.o.f.t.w.a.r.e.\.M.a.c.r.o.m.e.d.i.a.\.F.l.a.s.h.P.l.a.y.e.r.P.l.u.g.i.n./.P.l.a.y.e.r.P.a.t.h. .2.....0.0.0.7. .[.W.]. .0.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashInstall64.log
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3306
                                                                                                                                                                                                                                                      Entropy (8bit):3.7072712299794293
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:48:8dvxv0JWd+EqEGNfJGlfJ91fmSf3Uh8f3Uh2fJGgqfGfJGbqfJfJGwqfsfJRDf0g:0x8UdJqhJNhXhx8gMnbt
                                                                                                                                                                                                                                                      MD5:1F046B5B0F59192E43AF61D9DC3B6BE3
                                                                                                                                                                                                                                                      SHA1:DC33600A7DFC5E743550C864299B1EE077ED074B
                                                                                                                                                                                                                                                      SHA-256:E66EDB227027FEBB045C183BB301F683D4FE76064B219754FB540B377420B4A5
                                                                                                                                                                                                                                                      SHA-512:05D87B89F3B93B19D36F0667236BC705E2B523B648BAD6CD0A467778CF28BA871436943E0AE63132B6A59147F06048453ADA06F9F75899ABFADADDFF7A60F16F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..=.O.=.=.=.=.=.=. .M./.3.2...0...0...3.7.1. .2.0.2.1.-.0.1.-.2.6.+.1.4.-.3.5.-.2.8...2.9.8. .=.=.=.=.=.=.=.=.....0.0.0.0. .[.I.]. .0.0.0.0.0.0.4.4.....0.0.0.1. .[.I.]. .0.0.0.0.0.0.4.5.....0.0.0.2. .[.I.]. .0.0.0.0.0.0.4.7. .C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.p.l.u.g.i.n.s.....0.0.0.3. .[.W.]. .0.0.0.0.1.1.1.3. .C.:.\.W.I.N.D.O.W.S.\.s.y.s.t.e.m.3.2.\.M.a.c.r.o.m.e.d.\.F.l.a.s.h.\.\.*. .3.....0.0.0.4. .[.W.]. .0.0.0.0.1.1.1.3. .C.:.\.U.s.e.r.s.\.U.s.u.a.r.i.o.\.A.p.p.D.a.t.a.\.R.o.a.m.i.n.g.\.M.a.c.r.o.m.e.d.i.a.\.F.l.a.s.h. .P.l.a.y.e.r.\.w.w.w...m.a.c.r.o.m.e.d.i.a...c.o.m.\.b.i.n.\.*. .3.....0.0.0.5. .[.I.]. .0.0.0.0.0.0.1.0. .".C.:.\.W.I.N.D.O.W.S.\.s.y.s.t.e.m.3.2.\.M.a.c.r.o.m.e.d.\.T.e.m.p.\.{.A.5.1.A.3.F.C.E.-.6.C.F.C.-.4.4.B.3.-.B.2.3.A.-.5.E.A.4.2.C.B.5.F.E.A.3.}.\.I.n.s.t.a.l.l.F.l.a.s.h.P.l.a.y.e.r...e.x.e.". .-.i.n.s.t.a.l.l. .-.s.k.i.p.A.R.P.E.n.t.r.y. .-.i.v. .1. .-.a.u. .4.2.9.4.9.6.7.2.9.5.....0.0.0.6. .[.W.]. .0.0.0.0.1.0.3.6. .S.o.f.t.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashPlayerPlugin_32_0_0_371.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3454520
                                                                                                                                                                                                                                                      Entropy (8bit):5.8081170601523535
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24576:oloSuRuv2d7cqt2ZIC78G9l49/2L+SA7tr33eicljT0PYGaly:+uII7htbC782KF7tr33eicljT0PYGaly
                                                                                                                                                                                                                                                      MD5:1906CD374CBBFF2E6045A943D1BF5A03
                                                                                                                                                                                                                                                      SHA1:F3C8BCD99741BECD9A892B179E91A28E7528BD9D
                                                                                                                                                                                                                                                      SHA-256:13A96739FAC73A669413E6CD21FCE6FB1F2259F5B05E1353B2FB5E2BDB5DAD0B
                                                                                                                                                                                                                                                      SHA-512:5E2915EECB78DD4232C02E803C67F99819AC4DB7EAB8C51F43F65E45BD8090884B0975299FA11C171144698364EDCFD7760C78FAB3E3DF5C9F6304AB90ACFD78
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$...........p...p...p..n.t..p..n.v.tp..n.w..p..?)...p.......p......p.......p.......p.......p.......p...p..r.......p..s...9p..H.z..p...p...p..s....p..Rich.p..........................PE..L...QK.^.........."...........'......c.......0....@...........................5......q5...@.................................\n.......p................4.8....04.0...p...T...................$...........@............0...............................text............................... ..`.rdata..*n...0...p..................@..@.data...............................@....gfids.......P......................@..@.tls.........`......................@....rsrc........p......................@..@.reloc..0....04.......3.............@..B........................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashPlayerUpdateService.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):335416
                                                                                                                                                                                                                                                      Entropy (8bit):6.545018851836908
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:vkxeCVCo9zUekWDqvX001twP+RAOJ4jygANwmsu:vkx7Nkw0i+kmsu
                                                                                                                                                                                                                                                      MD5:A5AE53C0188888585AD2B39963CDF1C2
                                                                                                                                                                                                                                                      SHA1:171F5BC1625ECAEE652C7BE67AAFE2A1C578775D
                                                                                                                                                                                                                                                      SHA-256:F3927B47713F7595D77EAB3FAE8AFF0B73D5271C5AA12B222B564823D1F4EF1A
                                                                                                                                                                                                                                                      SHA-512:E3398DE5C894D1D060A6F130270E0A7AB443C2EB3838129BB8B798D4933BBE71945A6C6981BA4BC660D1C74FBF5F86A6659653F0911C71A5030F90B524804294
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......dR.. 3.H 3.H 3.H..EH-3.H..GH.3.H..FH=3.H.m.I53.H.m.I.3.H.m.I.3.H)K7H"3.H)K'H/3.H 3.H.3.H.m.I03.H.mKH!3.H 3#H"3.H.m.I!3.HRich 3.H................PE..L...lL.^.................>...........S.......P....@..........................P............@.................................4|...........:..............8........3...5..p...........................@6..@............P..L............................text....=.......>.................. ..`.rdata..j9...P...:...B..............@..@.data.... ...........|..............@....gfids..............................@..@.rsrc....:.......:..................@..@.reloc...3.......4..................@..B................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil32_32_0_0_371_Plugin.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):590904
                                                                                                                                                                                                                                                      Entropy (8bit):6.239140393381775
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:6144:rExI1zk3rbI7JHJDtVQWjAcjiVRJk1aA5e8MQJh3rtTAXTvZduxRNTBJkl/Cfp63:gxX3rh4efA5kQJ9rOXTvGRNTo4e
                                                                                                                                                                                                                                                      MD5:04F66795C8F92BE76CE5EB3990D3EAB9
                                                                                                                                                                                                                                                      SHA1:75AEE0713B147308E3D442E4C53A2ED4A5392951
                                                                                                                                                                                                                                                      SHA-256:B50AB173B4A2E544E89C6BE4F5EB826869E48B7804EB134F72AF842EBCB1DCC6
                                                                                                                                                                                                                                                      SHA-512:85D42B9D5179D02D71043B1A5C1E49C26A22BA5CE8BCA3DB3CB3CE4B9969316DCC92B0D3D2BB9CF452447D79EDD9D5871D91786ED91FF161440520F9A6A810C2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......M\2..=\..=\..=\.....=\....=\.....=\..dY..=\.2c_..=\.2cX..=\..E...=\..E...=\..=].R<\.2cY. =\.cY..=\.c\..=\.c...=\..=...=\.c^..=\.Rich.=\.........PE..L....H.^...........!......................... ............................... .......(....@..........................&..L....&.......p...y..............8.......`...p...T...............................@............ .......!.......................text............................... ..`.rdata..P.... ... ..................@..@.data........@.......&..............@....gfids..T....`.......:..............@..@.rsrc....y...p...z...<..............@..@.reloc..`........0..................@..B........................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil32_32_0_0_371_Plugin.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1458232
                                                                                                                                                                                                                                                      Entropy (8bit):7.150595511831703
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24576:i626osHaVPXRpTcH+VKT1SodVah5Z/wFsNtFCRhj8jQNj/Xhu:i62u6JRpTPykodgh5hIqOR58Ubu
                                                                                                                                                                                                                                                      MD5:9569D2503DACCA6823A2EF7CE6E527C3
                                                                                                                                                                                                                                                      SHA1:6A92163154507A0BFD3B1AFD2E37529612C373F0
                                                                                                                                                                                                                                                      SHA-256:9CB2AD03AF6EE4B74AA9AD748069E26B8B7AC88E797B072396CE3340C115D0B2
                                                                                                                                                                                                                                                      SHA-512:FB5A8283685DD1965FFD5436F9CE5B7EA41D065E4DAE211BBFEDF5852AD53CAA0CFEFC279ED1F00F4FFFCB10061FC25BF808DE4DD4AD9937A89788257CD1FA31
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......M......O...O...O..0O...O..2O...O..3O...O...O...O2@.N...O2@.N&..O2@.N...O.fBO...O.fRO...O...O...O.@.N...O.@.N...O.@>O...O..VO...O.@.N...ORich...O................PE..L...KL.^.................2..................P....@..........................p............@..................................u...........k..........."..8....0..03..."..T............................"..@............P..|............................text....1.......2.................. ..`.rdata...8...P...:...6..............@..@.data................p..............@....gfids..X...........................@..@.rsrc....k.......l..................@..@.reloc..03...0...4..................@..B................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil64_32_0_0_371_Plugin.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):675896
                                                                                                                                                                                                                                                      Entropy (8bit):6.0956471507227095
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:12288:aRZZa0uP+hMCsaJF3ODcpXTCoTi6InW0p9TUnWNqNih:K4+hM8F3ODcpXTCo26InffT6WNqNih
                                                                                                                                                                                                                                                      MD5:7B841E712A0C440C0F0484A0E7C2959F
                                                                                                                                                                                                                                                      SHA1:912E1F3A90B04397E891EB02472DE9840AA64214
                                                                                                                                                                                                                                                      SHA-256:4F0A034745D9EC1083E7749DEAAD9AE40CE199BCED82FE35E31940DE83B1AB43
                                                                                                                                                                                                                                                      SHA-512:0B304479B357FE3E14136799DFE525525E5B1F1CD7A6096C18E398E61F0EAEFE9D6037EF0495C9ACD5706CB7BAED883233A79A894A1CE685CD618E85B6DCB7A1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........;...U...U...U.dw....U.dw..\.U.dw....U.5.P...U..V...U..Q...U.....U.....U.....U...T...U..P...U.y.P...U.y.U...U.B.....U......U.y.W...U.Rich..U.........PE..d...;M.^.........." .........p.......B...............................................f....`.........................................0G..H...xG...........y.......;...2..8....p......@...T...................................................PA.......................text...|........................... ..`.rdata..r...........................@..@.data....+...p.......V..............@....pdata...;.......<...n..............@..@.gfids..............................@..@.rsrc....y.......z..................@..@.reloc.......p.......&..............@..B........................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\FlashUtil64_32_0_0_371_Plugin.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1028152
                                                                                                                                                                                                                                                      Entropy (8bit):6.438061481077381
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:24576:RAD5Qp/qmBdDdyJt+yTTfbkOjoQeDBCdB:WD5/mBdD2vTTzkOjFSBw
                                                                                                                                                                                                                                                      MD5:6BD2F1E84E1272A7C8146FC443650620
                                                                                                                                                                                                                                                      SHA1:9539B8962920639C74EF2F0E1F9FEB67AF40B233
                                                                                                                                                                                                                                                      SHA-256:D16526F075453C1ECF7B044E4340E71112104C4D7584941B13BDCE207E07B3CB
                                                                                                                                                                                                                                                      SHA-512:301AC6CB5FED0884386C7C7FE7359BBE12B5D4FDB7902B9EB4B129F64ACCF052058D80F1F6BFDAD31CC3AE526168840AAC1BD6EB935C2BC4C13B7441D439CCC2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.......{...?..?..?...ZQ.9...ZS.....ZR.*..6.'.>...fg.;......7.............(..6.#.<..6.3.0..?................&...._.>..?.7.=......>..Rich?..................PE..d....O.^.........."..................^.........@....................................l.....`.................................................\........0..4........,......8...........p...T............................................................................text............................... ..`.rdata..............................@..@.data....!..........................@....pdata...,..........................@..@.gfids....... ......................@..@.rsrc...4....0......................@..@.reloc..............................@..B................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\NPSWF32_32_0_0_371.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):19937336
                                                                                                                                                                                                                                                      Entropy (8bit):7.065429270341373
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:393216:k6AyvUwkDYgTFlvWEVtoT/8Je+XULxnwM87qWXZUWr1cuBlmiE:k6A4kDYyFFHoT/rLx7WJUNuXmiE
                                                                                                                                                                                                                                                      MD5:115FC472319126E8B000A4555E529114
                                                                                                                                                                                                                                                      SHA1:857ABC09830F5B78EE7220863A00EA8784D8B064
                                                                                                                                                                                                                                                      SHA-256:7E368E6FF47D9875B678E609DB5F4190688512381717AA554686694F98D39C56
                                                                                                                                                                                                                                                      SHA-512:B6C34C1915D71A4AB6720A1780D0E0E71791A7AF40FC5FACB963E5522DEFCF0FB938A03826ADA60B6E18C87D8A31A4D723FAF39054578CEC4F0F0E5B8B9EAB36
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@.u.......................!......+...U...Q....`......?......?.......?...;...?...&........................................#Yu......{......F.....#Y`.-...........#Yv......................................................Rich............................PE..L....L.^...........!..........h......k.......@...............................0@...../_0...@.........................@1.......=.......@1.@k............0.8.....6.$w.....T...........................(...@............@..H............................text............................... ..`.rodata...... ...................... ..`.rdata..H:<..@...<<.................@..@.data............L...Z..............@....gfids..H.....0....... .............@..@.tls.........01......4!.............@....rsrc...@k...@1..l...6!.............@..@.reloc..$w....6..x....&.............@..B........................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\NPSWF64_32_0_0_371.dll
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):26879032
                                                                                                                                                                                                                                                      Entropy (8bit):6.667221426028276
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:393216:ZQbXAMQu4KrXhtPdOjTuMg00f4KlAtC/ifZHb:2ltP4KlAtC/uHb
                                                                                                                                                                                                                                                      MD5:34BF278DA8A0D0CB49806C8ED11B48F9
                                                                                                                                                                                                                                                      SHA1:DADC9D3DA28767C2844DE68F6853328550F23118
                                                                                                                                                                                                                                                      SHA-256:D879DE01FB2DF566246E1C813153E5CF496601A158F7D0510501802523BA33AF
                                                                                                                                                                                                                                                      SHA-512:126293EAF01579BFE1D0E970CCD621188F271007FA5FF4FF97CCC81EA2177BC947781C9DA0DBB089AEF811027385A24839CC075809A0F7B1E83B0731A5F31BD0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...................................p...........!..L.!This program cannot be run in DOS mode....$.........}..l...l...l..J..?l..J...l..J...l...4...l..#...l..`...l...2...l...2...l...2...l...5...l...l...l..W2...l.......l.......l..l2...l....}..l....h..l.......l...l..\n.......l..W2..?n..W2..Ri..W2...l..l2..l...l...l..W2...l..Rich.l..........PE..d....O.^.........." .....l...L......4.........0....................................J.....`.........................................@.s.H.....s.|......@k...`..........8....@..<....].T...........................0.].................p............................text....d.......f.................. ..`.rodata.0............j.............. ..`.rdata....T.......T..p..............@..@.data...L.#..`s..>...6s.............@....pdata.......`.......t..............@..@.gfids......0.......D..............@..@_RDATA.............................@..@.rsrc...@k......l.................@..@.reloc..<....@.......@..............@..B........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\flashplayer.xpt
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:XPConnect Typelib version 1.2
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):856
                                                                                                                                                                                                                                                      Entropy (8bit):4.832169984162254
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A81FD3B03B8C6D6E5A14298110718D3F
                                                                                                                                                                                                                                                      SHA1:2A5EEDF714B4DC1E7281968D5E235737B26D7114
                                                                                                                                                                                                                                                      SHA-256:946C2D7808B0F256E5F6B62655246DC9C247833FB2F578519E4354F91DEB6E1B
                                                                                                                                                                                                                                                      SHA-512:494146BB31CF0E115A6E1C632A8ED5608046F5A8B2BBC900832BEFB07B8F142581483C222067E4405FC2755B5ACF722D576AC04B2B6D9F796E5A872FD5C7DDC9
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: XPCOM.TypeLib..........X..."...u................F............B..l+..c.....W.............X..Q.........W...8.......OnsISupports.FlashIObject........./...`........evaluate.FlashIScriptablePlugin...........`.........................`.........`.........................................................`...........`.........`....... .........%...............1...........;...........F...........Q...`......._...`.......m.........s.........}...............`...........................`.............`............................................IsPlaying.Play.StopPlay.TotalFrames.CurrentFrame.GotoFrame.Rewind.Back.Forward.Pan.PercentLoaded.FrameLoaded.FlashVersion.Zoom.SetZoomRect.LoadMovie.TGotoFrame.TGotoLabel.TCurrentFrame.TCurrentLabel.TPlay.TStopPlay.SetVariable.GetVariable.TSetProperty.TGetProperty.TGetPropertyAsNumber.TCallLabel.TCallFrame.SetWindow.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\mms.cfg
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):47
                                                                                                                                                                                                                                                      Entropy (8bit):4.27854271442153
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5246A94C265991426A0B8F9425CBEA42
                                                                                                                                                                                                                                                      SHA1:DE87196459F1CBB3CD37DA137273711F500998CA
                                                                                                                                                                                                                                                      SHA-256:2B5640814352DAD0B28FE962F1D4D4EFBDEB51EDA918AEEC8F1F3173F1145766
                                                                                                                                                                                                                                                      SHA-512:24FDA25C8CF388541C63B3E4C8B719773F7DA758628EC04A2FB43136964F4A1BE25B74D28BE3BC8309C382E800AAE75ECDD5BB892E3B2EDEE98F7195715F063B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SilentAutoUpdateEnable=0..AutoUpdateDisable=1..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\plugin.vch
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):154159
                                                                                                                                                                                                                                                      Entropy (8bit):5.068221678388439
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:EAC7A92975C9CAF595D074F8D1AEBF52
                                                                                                                                                                                                                                                      SHA1:77D86CA5ACB66B0ECD326EDEC371D09FBBA98CA5
                                                                                                                                                                                                                                                      SHA-256:03E407FE3B6DF1D4E316BB0DF5577DF3DA1D2974EBAF015D20D55F35DEC46BA6
                                                                                                                                                                                                                                                      SHA-512:3162E38476836C2AFC3B837D65B8822B0611C939630C70AA20CC3654EBD081A75EF23721EEB1FFE7D350D49AB45195AE11064E391261F75718BF33ECE8A707B6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..Z*..*.H.........Z.0..Z....1.0...`.H.e......0..EY..*.H.........EI...EDpfivxV4......4.T..................!.................................................................`..._........................................................................................................................................'...%...#...!..................................................................................................._...]...[...Y...g...e...c...a...O...M...K...I...W...U...S...Q...?...=...;...9...G...E...C...A.../...-...+...)...7...5...3...1.......................................................}...{...y...............o...m...k...i...w...u...s...q.......................................................................................................................................'...%...#...!..................................................................................................._...]...[...Y...g...e...c...a...O...M...K...I...W.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\addonStartup.json.lz4.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):6583
                                                                                                                                                                                                                                                      Entropy (8bit):6.495455115955751
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E172C0ECA5D10036144C7C6AA54548DB
                                                                                                                                                                                                                                                      SHA1:CC41843C2BA57D4F261AE53C3439D99B28B2C553
                                                                                                                                                                                                                                                      SHA-256:5AE7CE03AF58EFD5F39A18658B9AE369C0D4A0EB7FB3DD8C8C78CC7616FE18AC
                                                                                                                                                                                                                                                      SHA-512:4850DCD25A02AA23E97121766BBA2A5FFA74223E60D4EEFDFD499758A0637258028C1FCF2743326BFDBDA92DFA88CEE267B287398D003E34AE75CF7E19D04D99
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozLz40.U.....{"app-system-defaults":{"addon....doh-rollout@mozilla.org%..-dependencies":[],"enabled":true,"lastModifiedTime":160148930....,"loader":null,"path":r...d.xpi","rootURI":"jar:file:///C:/Users/user/AppData/Local/Temp/tlyk2yvt.zzm/firefox-win32/app/browser/features/...... !/...unInSafeMode...signedDate...telemetryKey..7%40T...:2.0.0","version":"....},"formautofill..T.s...........X.......(.W.....1......},"screenshots..T.r.....`.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....`.......(.]....=1.4+............9.)....p....i......1....4%.....}..0tag..%{}^.AC:\\+.%\\,.#\\-.!\\.. \\/.(\\0.)\\1.s\\app\\3.$\\4.1"},T.pbuiltin'..L..b.h-theme...'..N...-...9....presourc...gre/modules/q.#s/.....(..........B.qtype":"..."..1rtu.....0lwt......".P:{"id$..i..*.....c..},"darkTS..H...accentcolor":"hsl(240, 5%...)","icon_ ..rgb(249, ..p50, 0.7'..ntp_backgroun..s#2A2A2E..Otext@...;...popup":"#4a4a4f..`_borde..u#27272b...M..asideba6.`38383DF.....Q..rgba(255, ..00.1...@..d..........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\addons.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):48
                                                                                                                                                                                                                                                      Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9544642C420D38DE89132B0680A4DFF7
                                                                                                                                                                                                                                                      SHA1:AE9E5DB169C3599C7D0B73FD026368A1E36124A7
                                                                                                                                                                                                                                                      SHA-256:1E6F4F235D206E59D9E021F371D3FCE8398696A3325963DA2AF91911D3E59AD7
                                                                                                                                                                                                                                                      SHA-512:D38E0240455680B85F36D83060D85C796CC6CCD3199C102B32ACD407B328738A39BC9746C5644B4707B2C10FF9DE6153E99D31C7BA4FB8269BC562E2F4214CE6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"schema":6,"addons":[]}{"schema":6,"addons":[]}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\0FA748B17A57319DE99D14E1AC707B3BC2835282
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1087
                                                                                                                                                                                                                                                      Entropy (8bit):6.805042046793652
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B9728486FD560E82FA12DAB9640D07E3
                                                                                                                                                                                                                                                      SHA1:79D4B28E41487F47EE3AB9568601173E4803B871
                                                                                                                                                                                                                                                      SHA-256:50580A3EA6679FF49F0D4AD612338B697CECA6F077D667256A2941DA0801F752
                                                                                                                                                                                                                                                      SHA-512:0EECC6604C9A0A24C505CF6AED040198FEE12E6A6CEEAEBEC2A528894AC61061BE8B9CD8C9E232173260DFECE15AD06A09B8C488119A821F352C3F2BF1FC3FA1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0.........n....`......}..+..20210222130515Z0t0r0J0...+........BF0.'...p...s._f8.......n....`......}..+.....%...........J&....20210222130514Z....20210301120513Z0...*.H.............0..$`FXfEht;........j..`.C..u....v.8P.(.g.#.....|...S.l..i...y...p.A{.I.f..l...n.[..Y...LE^}......i({B...g...t..-..".../..h,q0.m;........V.....y...S~..(..z!n...#J..N..*.`.g....0.\..1.AY^...4&..e..j.+.9..@Ldub...e..7..C&..GS.f....0|...H....V.0.uY4...............`5^.`5^.B..f`61.........a,~1614110399,:http://ocsp.pki.goog/gts1o1core.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:43 GMT..Cache-Control: public, max-age=86400..Server: ocsp_responder..Content-Length: 472..X-XSS-Protection: 0..X-Frame-Options: SAMEORIGIN...original-response-headers.Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:43 GMT..Cache-Control: public, max-age=86400..Server: ocsp_respond
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\0FC25877B42B91EC00B7CCBA2ED45B52587179BC
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):10000
                                                                                                                                                                                                                                                      Entropy (8bit):6.063215046304023
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5E66C14A2566FF3AFA98B8C79DCC357A
                                                                                                                                                                                                                                                      SHA1:DFC4158D7E82A4769BF819F7DE76F73FA96A93CB
                                                                                                                                                                                                                                                      SHA-256:BB562E1F376D0AF6F8DC8B79E69BE2B304DD5B548567275AD1F54432E4CCA201
                                                                                                                                                                                                                                                      SHA-512:2C50EE55CA36BEA4B96DA31B4506F4397F081E385C09FDFB1D971A2E14F43CD526D97583F2E641291F7951D4BF889AEC3C5733678BEEA59504160B567106FED2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"data":[{"id":"1611c176-3998-f3df-07b7-c1858138d48b","last_modified":1611670765047,"bucket":"main","collection":"whats-new-panel","host":"firefox.settings.services.mozilla.com"}]}.}.~.........`5^.`5^.B..l`5^.........:https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=whats-new-panel&bucket=main.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMS4wLAYDVQQDEyVmaXJlZm94LnNldHRpbmdzLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCA
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\18535273C443166C2790425502B0723E571ADEAB
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.675932052031845
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E9F384EE8B5AF1E3694E45836BCB22DD
                                                                                                                                                                                                                                                      SHA1:90A32CC824379B553612F7ABE43373965145A9C8
                                                                                                                                                                                                                                                      SHA-256:95CE24DF4A34173A72FC5208A5AE4C0E1CBEA792D9DBE8747133473A0E50E28B
                                                                                                                                                                                                                                                      SHA-512:2139D5297C167EF3BAAFB6D299A62F309BD2E8499878AE4252C5096DC01A1B60FB9F7982389FA8FF26DDA7CFF56478C5BCF74D7D9549579A4FC0E19905A229FE
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0.......>.i...G..&....cd+...20210222215359Z0s0q0I0...+...........(..A..B..G@B.X....>.i...G..&....cd+....y.D.... .a_.k......20210222215359Z....20210301215359Z0...*.H..............&.........,.oS........6'.V0H..G.|v'.M.{.s.....2.r.....(..vq@.v....3F-2s.....`e.[Pb..0...(..`.r.o.-U.=.Q.+a&..5...<......Kv.....2i.L...K.)...P`c..x.K....c..,.>..t...0<i....;..]..I....(....Wu.M.h..mv..wk....Ua...BfK.c....T......K.ec0...`.EC'L..t........`5^.`5^.B..``7.....(....a,~1614110391,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 4545..Cache-Control: max-age=141493..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:34 GMT..Etag: "60345446-1d7"..Expires: Thu, 25 Feb 2021 02:18:47 GMT..Last-Modified: Tue, 23 Feb 2021 01:03:02 GMT..Server: ECS (via/F33E)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 4545..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\27392C6C5AEF218B90C10AAAA3C7BD50F39BEA33
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.629469754972056
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:033DF2606CD7325CD96864DA07FC3ADB
                                                                                                                                                                                                                                                      SHA1:252BAE92029E08551B78554461E6539D982146BA
                                                                                                                                                                                                                                                      SHA-256:10746654855BA1DEAAE0AD3DEE4A6545DD8EC6DD775BCC3CC8FBCA41F7F5A8C7
                                                                                                                                                                                                                                                      SHA-512:4C0A17DE7FEFAA311F269247C1C96EBFF9E5DB6B9A18761F22D9C01D6AB955D6F951F3780D3086A6B6D2966EC2CAF350C2E75684676A56A37EA7B8CC1F6B96AE
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0........a..1a./(.F8.,......20210223014502Z0s0q0I0...+........._.z....'.5..C.........a..1a./(.F8.,............|..L..M.W....20210223014502Z....20210302010002Z0...*.H.............[7dZ....l.g....Xz.W.g:Z..Rn]..Ll..Z.'...'....\2;.n.4.h..6f...{..8....s.w.1.S...p/N..../.E)I|.W(....v......%.G6.....n..`.&8M.SA..M.\....N.>n.$.............[.Wo.e..#..Q.....N$2.M..`......'...Ms.......9...ddr..Ye.%H...-.|.%..G5..M`..JhQ}..f.[d@].............`5^.`5^.B..s`7.....(....a,~1614110404,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 2280..Cache-Control: max-age=141720..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:01:02 GMT..Etag: "60345e1e-1d7"..Expires: Thu, 25 Feb 2021 02:23:02 GMT..Last-Modified: Tue, 23 Feb 2021 01:45:02 GMT..Server: ECS (via/F33E)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 2280..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\28D93F8DDF35F20561643C003D3670811E9EA418
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:PGP symmetric key encrypted data -
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):11220
                                                                                                                                                                                                                                                      Entropy (8bit):6.01682118964741
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:0679264B9748294C3D89DBE0BE35FDCA
                                                                                                                                                                                                                                                      SHA1:AD9F740E2EEA587C9E34DA2E934BF397038F42B3
                                                                                                                                                                                                                                                      SHA-256:A05F62DC84D22D1159F25E51D031780E5FDA5BEEA85F427EF739CEE5C3909DAB
                                                                                                                                                                                                                                                      SHA-512:C237E8F74B8D70CEB8E9776905FE493DFCD86069F66F1522343D7FBDF49D458FA9EE67D18BEDBBF1FF9AD8F18AF6FAE7F5592EFDFE0F85EF4B3C0ADFDFEC29BC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ...z........`5^.`5^.B..e.......I....:https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip.strongly-framed.0.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAmKMIIJhjCCCG6gAwIBAgIRAJqpJQj6G3+pBQAAAACHSiYwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczETMBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMTAxMjYwOTAxMDBaFw0yMTA0MjAwOTAwNTlaMGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT8QvapiMbhr4Y+4OFNjzBtA+z3RazinqH9g7wuPyCRyXUUngSqZ7tG1obEt4qJCHi1TbttnCyjlDDMVxMdaLmxo4IHHDCCBxgwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNTp8uOAUxKdFY2bcsGoeoQlgV08MB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgGCCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cvZ3RzMW8xY29yZTArBggrBg
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\2D42B0E3DFE234C553AC3C0AEA99F84BF5EBF4D2
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):29685
                                                                                                                                                                                                                                                      Entropy (8bit):6.053101543380091
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:1DEB817CFA7A7FB2F998B8C62AABA940
                                                                                                                                                                                                                                                      SHA1:D760776B963994A64FA274FC94CE66A9A51A6073
                                                                                                                                                                                                                                                      SHA-256:F0110BF9A6B2F53B569A9079E8306D7BD4D86F427BB05A3C69F73252BC520C6C
                                                                                                                                                                                                                                                      SHA-512:F4558C92746BF3BE372F985C8A3AF1F5F37452938A3C1D594DE1AD96F251834ED905E7C3162F2FD213E32CE197FEE470578E77D0310431FB63AD5A98203A5B53
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"permissions":{},"data":{"attachment":{"hash":"4997f1318d67d5e0ead41c715f64cef2869d6ebdc0ff674812dc23d320b53a6c","size":16966,"filename":"asrouter.ftl","location":"main-workspace/ms-language-packs/307f0a20-1347-4c99-b25e-d2d56b3d4929.ftl","mimetype":"application/octet-stream"},"id":"cfr-v1-es-ES","last_modified":1612869037318}}d............`5^.`5^.B..j`5^....q....:https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-es-ES.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBg
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\2F84D0A7F12AEB7DD61DD8E03DF3FB791416249F
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9840
                                                                                                                                                                                                                                                      Entropy (8bit):6.050996160023295
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:8F4C907E6EE01FFBA0458FA068570B6D
                                                                                                                                                                                                                                                      SHA1:FB48848E591990B7AA2393AF37219E89F720D6C1
                                                                                                                                                                                                                                                      SHA-256:E16B4817A23FF580CA2225AB147BE793F80B2685EECFAA324C84BBE428FBB83F
                                                                                                                                                                                                                                                      SHA-512:7A9D25E5D97A3254C0F68C196AE4BE41D192B7BA2099156EF18BD4E8BBCE2B8DF5CB7883079903D4E58F7C7AA4BEF851BF8769AD42A69652B580ED7645E2CD66
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"data":[]}*.xD8.........`5^.`5^.B.._`5^.........:https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=messaging-experiments&bucket=main.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMS4wLAYDVQQDEyVmaXJlZm94LnNldHRpbmdzLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4IgnAyJgSL8mv5UHYJoGEF7+ogfHf6ZzML/wa7rLhi6p+mTgItGCy7wzxJZksMFcAvHg68wPz6yVQdagp1tcM4//nV0XtnWH3SlOIwr1Hnlg3ZGSscmq9rxIOdKQFeAJqmbF/D+vK4L3D3kDwJnLzORrFO/Wgya
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\30DA536D4A5D56FF0D85DAA6CA4D6E70F41C5F38
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):492249
                                                                                                                                                                                                                                                      Entropy (8bit):7.998595836783101
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:27A076DA682B8E890CC18E61BFB9E66B
                                                                                                                                                                                                                                                      SHA1:8047EA972359E9556EC8F66DC7EDBEC338A14845
                                                                                                                                                                                                                                                      SHA-256:34F577CFF7F4FF01CE590205F357BE088C18D8AD64046750200B25A0AD17AE5D
                                                                                                                                                                                                                                                      SHA-512:3FE3FBC20C162C07C63604527CC78573FB73B0EF0723777D77BB9F6BBFC993584B722C4DFA0E59311290CCB429F430DACE488831DE05640747EAB517BEE4C817
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK........G.bN.b._.}..........gmpopenh264.dll..|T..~.l`.......Z.F.l.(h...Y.......bK.5.h..n.;{..[..RE..*....h.y$j.Q...Q&.....J..9gf......~..|.hv..s.9s....u..,M...2.iM..W....0.?.?M..}..&G..W,....ew.~.7. ...n.......{g.m...[|.5.?.}.M.....>./|...V.....&O..g&?G.[&.L..&k.f...>g_..d.}>3."..29 ......['...g.s.7..{....9..K..[...j.N....>.hZ.(.nk..y....pk.|F}j.q....>.n.9..z.+Z..K'i.pw.e...LH..$.....0Ik..i...U.a.8..W[......7-........p.N{.\M[t...o..A..........<.v...E3....'i..y..v...y;..=....q&*......MKo.Q..#..9.$...G....W.E.s...K..<.my.G.....7.W<..B.=..\X..sZ1..77:P...z....o9o...7V3...:..w.C...6=.B],..j:.6...3.}.(...D[.zd.E.u.......g.:..T...8..C....... .......7...[.^V..hf..B.@...P....[.....B/pu...,.}...p....E..m-[x}..W....S^.....?..e...D@....9~.f?...rg1.-4..00.9v....<....m..".....1..c-z......a..=.G.l\[h.g..z...'@..g.................o7..M.v."..p....~7|.....w.E[...0..l.6.........}l.`..9.@huU......H.p.]z.O...Unx..D..1R5.`l..D....D...`..2X];
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\340A10D652987DF5E54312E31F5C22F6E8DBA574
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):19841
                                                                                                                                                                                                                                                      Entropy (8bit):6.057623702246101
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E9396B48FF21E7F9750B9BEA68BDFC23
                                                                                                                                                                                                                                                      SHA1:C160CFD021990F72F444B6D59940D6B527A3C1C1
                                                                                                                                                                                                                                                      SHA-256:A4F16257BA77E7BB26627AB2CCF96BC1DEBB5F020D6278FEB78BE69DF8743866
                                                                                                                                                                                                                                                      SHA-512:9724E98A1215DA878952421CB6351C6666280D7A0FCF537A90BC4660A879D50E70A69E88A6E0BD6B0367F22B77FE124C6861FCF6B48A2BC6DA3CD805D89082B8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"data":[{"id":"8ee6692e-d686-a614-6e4f-23d71b55b7f3","last_modified":1612303475647,"bucket":"main","collection":"fxmonitor-breaches","host":"firefox.settings.services.mozilla.com"}]}.)M.N.........`5^.`5^.B..]`5^.........:https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=fxmonitor-breaches&bucket=main.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMS4wLAYDVQQDEyVmaXJlZm94LnNldHRpbmdzLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMII
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\4903E7ABE348ED39D98D1C844FB81A906D5ECA16
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9986
                                                                                                                                                                                                                                                      Entropy (8bit):6.065502818860335
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D0825E0A7C72A3881F03FC9D29371B09
                                                                                                                                                                                                                                                      SHA1:1300E26C83A1BAD81403A28B0E792F98405A3207
                                                                                                                                                                                                                                                      SHA-256:E136C20813D4336CA29314584E467F1ED897760E985F3BAEF08A1BB771150A85
                                                                                                                                                                                                                                                      SHA-512:984D1A50E2501E57D72B7ED09CD5FD8DC3645D70A5BEA6D2AB6D8B1676C98DC129005B3BAB27385CE4E780CD379A5B28BE005020C2B920D91A8C63B3F7CBABD6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"data":[{"id":"1d402bfe-4765-79b2-df44-da88d9c24c96","last_modified":1609784305674,"bucket":"main","collection":"cfr-fxa","host":"firefox.settings.services.mozilla.com"}]}3a.*.M........`5^.`5^.B..i`5^....|....:https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=cfr-fxa&bucket=main.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMS4wLAYDVQQDEyVmaXJlZm94LnNldHRpbmdzLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4IgnAyJgSL8m
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\4A83E89BF924F55C2FFF5F5BB0D1B439665C1700
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):20908
                                                                                                                                                                                                                                                      Entropy (8bit):7.501434023342634
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:7BED2B6B52F2A744E2B1262FA783F7F9
                                                                                                                                                                                                                                                      SHA1:84167EE0BDCCD2728877109F7A1044912CB5941C
                                                                                                                                                                                                                                                      SHA-256:A0B0D601C4864AF11D28762ED70D69FF995F670A087202B02041372503C370BA
                                                                                                                                                                                                                                                      SHA-512:9A01FF1902CF26BA20CAA0771DFB5DDD2573BD7508ECCB154446202E84C24E0D5C4D786A5DC6DE68B9E9584EB179C4DAD9259F3959CF8BCA11E5ABA1FC1F5F05
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK............................api.js.Y{o.9.....8.J.....9. 3vr9l.H<..[..l.Z.E.H*.]..~ ...-g.B.......U.b.....W....`h.....Z...dEk...*mg....i..WW+.W..w-......l../Fy.....o...$^.<'...b/./....86B.[..5Z..I.ka.N.....J~Bk.\.OVi.\|...?u.K.|K%]...........?....NS....q.v..c?hlP.dh.i.d..!?~.z.....v..d...nUM.WJ......$;...}......}......t..........%\rl....f....`n...{}....)........5........F@.A5......fg,..B2....9....{*...`[.6[.V..I.+*$...*..<..S.A...............v88......S#...J2..^.....,.......i,m[..A..JH..]S..|6N....{.....4;...l.j......a.`.."w..0.n..~r.[.h,.....Q.v..N9.Nys.5.j.^......B.vgP.Y.].)..;.6.3..z...h..l..o..0.9..bC.........P..... S..h..F....+..DPv.....1......r.`K....[%...I.q...%.Iq.e......0......3...a^.Y.FY.._.+..0.`y"."aL...J...:,..X.=&..`..a...*...:.'...>..B........s..YL.0ax..xL.j...>... q.o..f.......2....4u....).y.$.y.'Y.."..\.n.e....Y....5c$..P,..i...kh.....,M.$..,..I....N).r,.:.<....b.TqD."C.fUE.(..X.:I.2......f)I2..4e%..$!e....4L..........&iX...`Y
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\5018CE87FDB9337BABD18226821E908BCF9B0BC6
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1163
                                                                                                                                                                                                                                                      Entropy (8bit):6.7996123162368995
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:04228D9DFE559AF9E3328E279EDCB587
                                                                                                                                                                                                                                                      SHA1:3896E04B3423A0F8FDA3FBF6F29AB7EB6CFA14AC
                                                                                                                                                                                                                                                      SHA-256:C5866BBEDD6FCF94090A7EFE0744EF8A48BB0E2468A8A42D69DEE5E1D2A4644C
                                                                                                                                                                                                                                                      SHA-512:6F078AE9D4FE7D8F5C7631BAFC836645D78CAE029E91AD2049E69F88618F1A151AB7A9E9DC1D35EAC543A3587F096A004CDB4CB9FFE6B5E2742A1CA35C15EBD3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0.........n....`......}..+..20210222124233Z0s0q0I0...+........BF0.'...p...s._f8.......n....`......}..+..3..D..6......J`....20210222124232Z....20210301114231Z0...*.H..................ObbU....^..J.....|W_>,...N.0.9....1l...M...v*5..^.IAf..)....K..I..!A..2.-&........>.....r.D.t....b@.C......N_.......#pl..6".al.mbK9r.J...?x.).P6.W..#0...s...,...>M.{Vz.$'iW.Z...^}.....W..&.+./......W...{......-.Aw.6.s.2.dTi_.....Xn...'.NM4>.[%...........`5^.`5^.B..b`61....{....O^firstPartyDomain=safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla,a,~1614110393,:http://ocsp.pki.goog/gts1o1core.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:37 GMT..Cache-Control: public, max-age=86400..Server: ocsp_responder..Content-Length: 471..X-XSS-Protection: 0..X-Frame-Options: SAMEORIGIN...original-response-headers.Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\52F66590D9E90C1104F34304CCCD36DE9F67860D
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.715101260305153
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:1FB4C6F249242A11A642CE01768557E1
                                                                                                                                                                                                                                                      SHA1:26B21D0123098C59B0FC568B9867E70ED621202A
                                                                                                                                                                                                                                                      SHA-256:7E02F14B80DDF06CE2DB17168220BA3B466EE1D22C08D1DD63DE523EDCCEB0EB
                                                                                                                                                                                                                                                      SHA-512:D507BD1D2BF89BBC8C5B316C517A1011FD922139605671AFF2B0466F966E2816AF370C74AA3D7181FEF7DCCABA8668095F73F5E6314AAD2AA442814DC4DC679A
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0.......k....y......v....20210223044501Z0s0q0I0...+..........)........N........k....y......v......{.l..D38._'.....20210223044501Z....20210302040001Z0...*.H..............&..|.O*....b;..O.SBM..c.T.."....^.U`......yD...-.<D.@sA...2C.9...G........G.1...DnD^zo.l..q.."G..W....o..:....^ox....kJ.....Y.R.....;M.pl.....$K...Ti......M...Z.I...../........X...w.#......"|}....Y.@@$..N..K.Nr......B.d..v.....m....KhZ..s."..Z.....|LJ.........`5^.`5^.B..e`7?C...(....a,~1614110398,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 5110..Cache-Control: max-age=155369..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:42 GMT..Etag: "6034884d-1d7"..Expires: Thu, 25 Feb 2021 06:10:11 GMT..Last-Modified: Tue, 23 Feb 2021 04:45:01 GMT..Server: ECS (via/F33D)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 5110..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\569E61CA8714ED10AF7B9ADC9BD48C4C6CB07B95
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):133
                                                                                                                                                                                                                                                      Entropy (8bit):5.267861830039837
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E0E0F852C61624B6ECCA9078129BB7FF
                                                                                                                                                                                                                                                      SHA1:727175AF348D14792CAF291CB494E735A4473499
                                                                                                                                                                                                                                                      SHA-256:B397D74835FBD251383339B5C23B15C18F0B9FC85B3970F6080403C5AEC55AE1
                                                                                                                                                                                                                                                      SHA-512:D7068B187D03EE29C840A1C72696A2E41E0CEE78BC5B2DE93CC9AF92BD02E0257B2F19BB60E69A21745F5E5C6DC3DCA00917AC8EE73CE259EE6C6B4CB60957B0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..V.........`5^.`5^.B..c.......\....a,:https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\57BF39604380E151B67A8EE670B0D8486EB5024D
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):10749
                                                                                                                                                                                                                                                      Entropy (8bit):6.098159984853821
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A34C4F0E68E11375C6C720F655B3377C
                                                                                                                                                                                                                                                      SHA1:93AF06C1D20B1C85DEDBA685C0A08DE45A2BD20C
                                                                                                                                                                                                                                                      SHA-256:5E2BB26C01570B8488B6375E4055C06E9D6D8268D4AFE6EF420420AF23915EFB
                                                                                                                                                                                                                                                      SHA-512:4B3FBB045457F83704E574FAAE66C0F28F64044830FCD58D1C36D5FC819FE3DEDE3432442D7A949EF48A7616BE0B6AFCE45450E21EAF2E855EAEF3E72A668DF7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"metadata":{"signature":{"ref":"5u5gr5bgjhqqvd5adyem4jkk","x5u":"https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-04-12-15-03-53.chain","mode":"p384ecdsa","type":"contentsignaturepki","signature":"O0S9O8c5IcrDjxQxz19eJcha9IZ5oRuh496Juh9YVAB8af-DARBwVmpd10Ut30PSjNE0-O4KJ33YYRir1SMFxowE-Br0INc05nhtgIA-Vv4Uq6TAFz99QkXLfZwQR6PJ","signer_id":"remote-settings","public_key":""},"id":"cfr-fxa","last_modified":1613936510593},"timestamp":1609784305674,"changes":[{"groups":["cfr"],"weight":100,"content":{"cta":{"string_id":"cfr-doorhanger-bookmark-fxa-link-text"},"text":{"string_id":"cfr-doorhanger-bookmark-fxa-body"},"color":"white","title":{"string_id":"cfr-doorhanger-bookmark-fxa-header"},"bucket_id":"FXA_BOOKMARK_PANEL_71_plus","info_icon":{"tooltiptext":{"string_id":"cfr-doorhanger-bookmark-fxa-info-icon-tooltip"}},"close_button":{"tooltiptext":{"string_id":"cfr-doorhanger-bookmark-fxa-close-btn-tooltip"}},"background_color_1":"#7d31ae","
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\5FC60CEA59DC8B62D6257FCF0C882A588E07B7E4
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.672087938214146
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:2C6DFDCCFDC497168CB5B34AA5ECB855
                                                                                                                                                                                                                                                      SHA1:EB71602192B6695D5A0E9065A0A6DBF44F29A0AF
                                                                                                                                                                                                                                                      SHA-256:127A9ABC6D81146873DDA035E77647CC48A102F433D7A0C963224C7278E1CDE8
                                                                                                                                                                                                                                                      SHA-512:EF149EACBBDA7907173D7C459297B107E7FE7055E14A4A902B06EF52BDCC6440823A701C09413D2FB1955CE32ACB0DC52CC2769904024BF7B45E736781F060AD
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0........a..1a./(.F8.,......20210222205701Z0s0q0I0...+........._.z....'.5..C.........a..1a./(.F8.,.........K.X...".M;....20210222205701Z....20210301201201Z0...*.H.............t._...a..Y>t<7]u.GP.X...'e:.!Eh..,.2.u.....(x4....}M..*@..F.[.x.......ck.`..YQ..V..lf+.8...k..62D...J...3f.......,!.....Wr...t].$l.qY..3.vW...o...m..x..[.#..w...H~....fih.0m\!..?.......i.ZJ..5.....;T.7.G.B.......&...L........P.'H"...Pd.B../A]..i..........`5^.`5^.B..b`6.....(....a,~1614110396,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 1580..Cache-Control: max-age=123760..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:41 GMT..Etag: "60341a9d-1d7"..Expires: Wed, 24 Feb 2021 21:23:21 GMT..Last-Modified: Mon, 22 Feb 2021 20:57:01 GMT..Server: ECS (via/F33D)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 1580..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\6457155360E9CDDE270C1513097E494B423E0868
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):154388
                                                                                                                                                                                                                                                      Entropy (8bit):5.271547827752995
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A3229604C16EAC4764252FEC44C62AB4
                                                                                                                                                                                                                                                      SHA1:657E0484BAFE33154B3632E7EF1D070F0CE0C1CD
                                                                                                                                                                                                                                                      SHA-256:AF49422FD620A3B7DE80D71119DE159A98148608465C11DD0C7E65AAD563F3A0
                                                                                                                                                                                                                                                      SHA-512:2D4457F43B9BC95EFDBCFB13A561D0C5BB177F017B6478C82062FFC1FEA37EC360688725571BB3A9B0D60581D0CBA88FAA469819AE4724CFB1625BDF7E82ECB3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"metadata":{"sort":"-last_modified","signature":{"ref":"iki8g9u05s5nois6qr1k3agh","x5u":"https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-04-12-15-03-53.chain","mode":"p384ecdsa","type":"contentsignaturepki","signature":"V1A737h-d9mhCmQHR_puYwel6iP-dYl6WQizh1pq9Uenj9rttksZDpWKtolm-dXYzwydSnGx6CiMWaK9cq_WbZxSMgH8Wjh94N1p0BIKw_J8jnt6qki9iZ6cFfcXG_7r","signer_id":"remote-settings","public_key":""},"attachment":{"enabled":false,"required":false},"displayFields":["Name","Domain","BreachDate","PwnCount"],"id":"fxmonitor-breaches","last_modified":1613936505580},"timestamp":1612303475647,"changes":[{"Name":"Bonobos","Domain":"bonobos.com","schema":1612116456486,"PwnCount":2811929,"AddedDate":"2021-01-31T00:09:25Z","BreachDate":"2020-08-14","DataClasses":["Email addresses","Historical passwords","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"id":"fcaa3f6e-f924-4466-9f4f-24be81
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\77A2BB5B444A76C27B9CF870B678DA85F34ED477
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1353
                                                                                                                                                                                                                                                      Entropy (8bit):6.66695209950186
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:43F850549731B6E2834D50C27613B14B
                                                                                                                                                                                                                                                      SHA1:CD09895D532B379E3B53CBE7496F48EAC937CC8E
                                                                                                                                                                                                                                                      SHA-256:1199C5C021A2BCFA75EDA67CC1A572953348B00EAF5B12F68A5F14CACBAB114B
                                                                                                                                                                                                                                                      SHA-512:21867949367D23721061405D452C5987B5275D877499387B2FD6303310EEDBDDE191984CC43D978650C049B9884F04355A24C2F65139F181000BB300B3947C7A
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0........a..1a./(.F8.,......20210223093901Z0s0q0I0...+........._.z....'.5..C.........a..1a./(.F8.,.........1.n`c.5.........20210223093901Z....20210302085401Z0...*.H.............LiF-.~..r.(..g...DF.A.dq....d..W,.Q5....wm.d...3C..\..2&....zl#.O.......1..,...`?.......3.mZB..h..r..(...|H....]...|.j..f..s..R...e..vI.u.Bbh.....^.H%)...!.0Hd...[.......FLw]7..s.?X.}K...`.......5..*.j..LE..)`z..u.........}.Q.fz|FJI.c....@D}..g..o.B.$........`5^.`5^.B..j`7zL...u....O^firstPartyDomain=safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla,a,~1614110402,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 2583..Cache-Control: max-age=170475..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:49 GMT..Etag: "6034cd35-1d7"..Expires: Thu, 25 Feb 2021 10:22:04 GMT..Last-Modified: Tue, 23 Feb 2021 09:39:01 GMT..Server: ECS (via/F333)..X-Cache: HIT..Content-Length:
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\8652ADE6489D103C539044503307DDB7504170B9
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:PEM certificate
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):49547
                                                                                                                                                                                                                                                      Entropy (8bit):6.026722312285808
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5E9AD7D90CC9E17C4CEE0FB291042A9C
                                                                                                                                                                                                                                                      SHA1:37BAD201A385FD08F8C1D772613D0217DD116DB2
                                                                                                                                                                                                                                                      SHA-256:4CA407FFC787D9C967481036EECA43076B080217CAA0B51B31C1A2DA64A1D8FB
                                                                                                                                                                                                                                                      SHA-512:7EAB835BCA49086B46FC89116F5E78548D4A5BA30591650174B281D926438BC4DAC091BE981FB605AEC127A25610087C1A5295AADE0732958DF157B26C714D5F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: -----BEGIN CERTIFICATE-----.MIIDBjCCAougAwIBAgIIFmXLiaz0r/gwCgYIKoZIzj0EAwMwgaMxCzAJBgNVBAYT.AlVTMRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMS8wLQYDVQQLEyZNb3pp.bGxhIEFNTyBQcm9kdWN0aW9uIFNpZ25pbmcgU2VydmljZTFFMEMGA1UEAww8Q29u.dGVudCBTaWduaW5nIEludGVybWVkaWF0ZS9lbWFpbEFkZHJlc3M9Zm94c2VjQG1v.emlsbGEuY29tMB4XDTIxMDEyMjE1MDM1M1oXDTIxMDQxMjE1MDM1M1owgakxCzAJ.BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFp.biBWaWV3MRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMRcwFQYDVQQLEw5D.bG91ZCBTZXJ2aWNlczE2MDQGA1UEAxMtcmVtb3RlLXNldHRpbmdzLmNvbnRlbnQt.c2lnbmF0dXJlLm1vemlsbGEub3JnMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAElxL0.437Pxph8G67ORLOHjsUBLBXSFWOq2ADA22eWf/RcgTyCGIKL0JoP+R5EYYTn5H6s.Nj/LJCL3IGXLZPB3zsHsEKCbBXp2HrFTd7FTZEt8l2rQDlQ9FcDBTD2rQg4uo4GD.MIGAMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSME.GDAWgBSgHUoXT4zCKzVF8WPx2nBwp8744TA4BgNVHREEMTAvgi1yZW1vdGUtc2V0.dGluZ3MuY29udGVudC1zaWduYXR1cmUubW96aWxsYS5vcmcwCgYIKoZIzj0EAwMD.aQAwZgIxAJELCCCY4/xpB9OlzZTHIAYLM5AC/RCYl3j/GBKnutsWDYenEc+TPi
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\899F25224BD72D5011C60DBD5806B5E4571111CF
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1438
                                                                                                                                                                                                                                                      Entropy (8bit):6.653503485694669
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:33DC0F925A88316E12A07745EDD3BEA3
                                                                                                                                                                                                                                                      SHA1:B23B99C5FA6CFF22F08BB3BA5A02BBDC92EF8C28
                                                                                                                                                                                                                                                      SHA-256:5D382AF5E2A4FE9CC7F58B837594FD164509BC28F992C50C5AA921AFD348E371
                                                                                                                                                                                                                                                      SHA-512:4FE175A2A075B197A376074B76496B61CF214BF89A12183965995D4A59FCD092725FF9F1D8A1A81CB43C0F260C531F8EA128F3F28F4CA54215E98DF3D3B810A3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: :...........`5^.`5^............(....a,~1614110392,:http://ocsp.digicert.com/.......3D........`5^.`5^.B..`.......(....a,~1614110392,:http://ocsp.digicert.com/.....0..........0.....+.....0......0...0......=.P.....J`.e.!.......20210223031501Z0s0q0I0...+........I.....v....@-h;qj....=.P.....J`.e.!..........096.%.".........20210223031501Z....20210302023001Z0...*.H.............O;..%.......s..2..V.x..Ab.m.W......q.....Y.A..Q..B.C.}p...\{.,. ..]v..P..0....R....D..qo.=........i.e.?F.A.s....-...%..&..w.A).....i.%qRg.%.f.UO....1D.......3._.N..Am.Ac....O-...._.M{.&..:O.@.`h*.M$I.$5\E1.s.....4W..MQ......]uZ3........3..3..Q.}.0.".T........`5^.`5^.B..``7%....(....a,~1614110392,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 3808..Cache-Control: max-age=148674..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:35 GMT..Etag: "60347335-1d7"..Expires: Thu, 25 Feb 2021 04:18:29 GMT..Last-Modified:
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\A37B46D2734478011725ECC9AD9D9DEA933D942E
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):10560
                                                                                                                                                                                                                                                      Entropy (8bit):6.079372047471625
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:81D2C06C6E8347A6566F39B5BD0853DD
                                                                                                                                                                                                                                                      SHA1:32562ED7A8E536B920DCA6C3D7BB5176755BE87A
                                                                                                                                                                                                                                                      SHA-256:6D0DACB5B7CF8EECB0DA6A8DC6AC8920CA49CC4C906C5B6D32A2C023BDA6B7BE
                                                                                                                                                                                                                                                      SHA-512:DF5F1BAA6D49711B5D5D54AAB4F4CB791586867E6DEF3CC6EFDD62A3C5DC0569A987E390F169D1AC9E7859E681ABCFD53491AC14D1F4695A8DE3BFFAD22E9826
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"metadata":{"signature":{"ref":"12u31oluszlh53g3o18buiwp9f","x5u":"https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-04-12-15-03-53.chain","mode":"p384ecdsa","type":"contentsignaturepki","signature":"lwgZKA7iW4jwdL4aJ0uKPcV2tct2N9BJRyDs7wNNj9RNME2mM43YaQI9MwWUeDVHHMGQ2ztsf2mPFTpr7Jir4d4B4Z4WfajG4lyiWhn9Cjlea9dDf_EHIhX-WA7iNUOE","signer_id":"remote-settings","public_key":"MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAElxL0437Pxph8G67ORLOHjsUBLBXSFWOq2ADA22eWf/RcgTyCGIKL0JoP+R5EYYTn5H6sNj/LJCL3IGXLZPB3zsHsEKCbBXp2HrFTd7FTZEt8l2rQDlQ9FcDBTD2rQg4u"},"id":"message-groups","last_modified":1613936523957},"timestamp":1595616291726,"changes":[{"type":"remote-settings","enabled":true,"frequency":{"custom":[{"cap":1,"period":86400000}]},"id":"cfr-experiments","last_modified":1595616291726},{"type":"remote-settings","enabled":true,"userPreferences":["browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"],"id":"moments-pages","last_modified":15956
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\AA2516120DA1495C72C8C331752F607A83DA4BED
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):24784
                                                                                                                                                                                                                                                      Entropy (8bit):6.062537186319129
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:575B7F6CE44594756E7DFE0F04079FBD
                                                                                                                                                                                                                                                      SHA1:1E1D07EE99600E9E70254606B65AD727FABC982E
                                                                                                                                                                                                                                                      SHA-256:D11A365C9EFD561DC81BA557C6D26C8D07C61D313D6C6739E9EFD32E75ACE5A8
                                                                                                                                                                                                                                                      SHA-512:945441E81FB161CD7FF5C11A6D5A2B11D285FFE0AAABC9DF3F45B84A375DB33600B25348DFD00719D1902A884EB4D7B1B2CE44B5950BFE56B70CC960465C894F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: R...........`5^.`5^.B..^............a,:https://services.addons.mozilla.org/api/v3/addons/search/?guid=default-theme%40mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=es-ES.....{"page_size":25,"page_count":1,"count":0,"next":null,"previous":null,"results":[]}"y..Lt........`5^.`5^.B..^`5^.........a,:https://services.addons.mozilla.org/api/v3/addons/search/?guid=default-theme%40mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=es-ES.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAfvMIIH6zCCBtOgAwIBAgIQDdoFMDk27SUUIgKOAum/DjANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDQw
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\B01E1322CAAB683F00874F3C73B6AD593B99CC5E
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.683074853163262
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:854DDA269337B14C09511392CFB44890
                                                                                                                                                                                                                                                      SHA1:50865A83294E81932F733AC0C480BD3A567B3C13
                                                                                                                                                                                                                                                      SHA-256:E73C8A3F8D6E5DE42220FED33372D4B54492B174868E665ED8C31AB2AC046837
                                                                                                                                                                                                                                                      SHA-512:357C53CE66455D0F6E9253281A1C4D97267173A4D4AEBA7899F897A9B37D059BB5AFEFC136A43ED07F5EB1EFF386CAB61E9D6AF51A3183B5445EFBFBB1D36D0F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0........a..1a./(.F8.,......20210222205701Z0s0q0I0...+........._.z....'.5..C.........a..1a./(.F8.,.........K.X...".M;....20210222205701Z....20210301201201Z0...*.H.............t._...a..Y>t<7]u.GP.X...'e:.!Eh..,.2.u.....(x4....}M..*@..F.[.x.......ck.`..YQ..V..lf+.8...k..62D...J...3f.......,!.....Wr...t].$l.qY..3.vW...o...m..x..[.#..w...H~....fih.0m\!..?.......i.ZJ..5.....;T.7.G.B.......&...L........P.'H"...Pd.B../A].f...........`5^.`5^.B..b`6.....(....a,~1614110394,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 4448..Cache-Control: max-age=126631..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:38 GMT..Etag: "60341a9d-1d7"..Expires: Wed, 24 Feb 2021 22:11:09 GMT..Last-Modified: Mon, 22 Feb 2021 20:57:01 GMT..Server: ECS (via/F33E)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 4448..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\B555235EB5230B93242A83F624CFE5AF42CB966B
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):19829
                                                                                                                                                                                                                                                      Entropy (8bit):6.05715343189164
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:397435E258AB55ED3E4F95CCA97A880F
                                                                                                                                                                                                                                                      SHA1:D06F7F834B28548A4269FC538CFCC0FD4455DF4C
                                                                                                                                                                                                                                                      SHA-256:93E19E3C8CF921871F579E07107FDAF3115CC45D81364890ECDF37F4D9DFFCA3
                                                                                                                                                                                                                                                      SHA-512:2DA9843B9E0F9680DA49EBAEA91532E9DC97EB9FBED793D141A1028C1881A03C5992CAFE056C8D3B51C4280D3BD8D4FE3AE6FD971F1CF19AC769E1A32CE26959
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"data":[{"id":"8e0dffc7-d526-aa8d-759c-0882dfda733c","last_modified":1595616291726,"bucket":"main","collection":"message-groups","host":"firefox.settings.services.mozilla.com"}]}..". .........`5^.`5^.B..``5^.........:https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=message-groups&bucket=main.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMS4wLAYDVQQDEyVmaXJlZm94LnNldHRpbmdzLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\BE37FA5EE10BEC323F6635E1BEF99B4C70FA1C4C
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):25762
                                                                                                                                                                                                                                                      Entropy (8bit):5.897426384252239
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:FB5F1C35D01B26825B666BE5444F9DC9
                                                                                                                                                                                                                                                      SHA1:C55C6E4F35F76A8D914D209A73CCD32A2A740777
                                                                                                                                                                                                                                                      SHA-256:390B86936528BC3BB896D458898F105F78BEEEB5A1C7B3E45FE8EFA98BBD1B61
                                                                                                                                                                                                                                                      SHA-512:329C14F709BEB046A4659195DA80ABAFD1141D54BD9D97A0B46A9AAEF143920FC53088F286A88E6A00ECA424AF0CD98472691EF6F21212A40035B3C0825D979D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"metadata":{"signature":{"ref":"4fbwbho5627d24e17ub3rrf4h","x5u":"https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-04-12-15-03-53.chain","mode":"p384ecdsa","type":"contentsignaturepki","signature":"hjUOlYxYgIj4VX0Ud59YG1dPowY_KdnqlGDx99tVHllkwIL_ZPaQusCwCuDN-ifLXrluDAZkKXkvFr_EaBbXBWCGFCK1V38awAFHvzUqbTBY46A7MopvLHJFeAPsbQG_","signer_id":"remote-settings","public_key":"MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAElxL0437Pxph8G67ORLOHjsUBLBXSFWOq2ADA22eWf/RcgTyCGIKL0JoP+R5EYYTn5H6sNj/LJCL3IGXLZPB3zsHsEKCbBXp2HrFTd7FTZEt8l2rQDlQ9FcDBTD2rQg4u"},"id":"cfr","last_modified":1614006895853},"timestamp":1614006895805,"changes":[{"groups":["cfr"],"content":{"text":"","layout":"short_message","buttons":{"primary":{"event":"PROTECTION","label":{"string_id":"cfr-doorhanger-milestone-ok-button"},"action":{"type":"OPEN_PROTECTION_REPORT"}},"secondary":[{"event":"DISMISS","label":{"string_id":"cfr-doorhanger-milestone-close-button"},"action":{"type":"CANCEL"}}]
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\BFCA81427BCE6118164753421C502B793793226F
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1082
                                                                                                                                                                                                                                                      Entropy (8bit):6.841400464527588
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:22D0B4C62A3A38F901C91B5D8165B3BF
                                                                                                                                                                                                                                                      SHA1:6635BDBDDE35305C6EE484667792B522F3DC9F35
                                                                                                                                                                                                                                                      SHA-256:87B39F7A558340F7F11E5F7DC50BCED4BA1ED2C56C5CA49D0CE7703E62355F71
                                                                                                                                                                                                                                                      SHA-512:2691D2D9E499AEEF54B6C9D75F6F0283FA72C77924454F71ECA8EFA378E5F6752B5266145EF7E494992FE17B625BFEA9E089FE7C700542245FDC7333B81CF521
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0.........n....`......}..+..20210222124155Z0s0q0I0...+........BF0.'...p...s._f8.......n....`......}..+.._.....c..........20210222124154Z....20210301114153Z0...*.H..............M'H.,..9.A...#...M......1..|.b....<.0..L)......3D0.....#C#*..E.T...Q.T{.."........&.,N.DAp...N.8...ah..R.....UCG.[.1.....<)....D.~;:6..2..+.|..e....>:.u).+.a.....c.6e....f}..<..=.9/.....A.KG[..=...Wh.....'..t.....6..Z.."a.,.....-....R...a...*_.........`5^.`5^.B..g`61....*....a,~1614110400,:http://ocsp.pki.goog/gts1o1.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:45 GMT..Cache-Control: public, max-age=86400..Server: ocsp_responder..Content-Length: 471..X-XSS-Protection: 0..X-Frame-Options: SAMEORIGIN...original-response-headers.Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:45 GMT..Cache-Control: public, max-age=86400..Server: ocsp_responder..C
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\C78FA2F61C6A2D6478BFDC089BFF4292DE0A9443
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.664658161402703
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:7D3ADB1E5CE85FBF1924960353EE76DC
                                                                                                                                                                                                                                                      SHA1:486E2752D243DE0582ED102F4825C549CC5DCC77
                                                                                                                                                                                                                                                      SHA-256:1FBAFB61408DC45AB9E79CA8DF8479439C76BE5C635633F202867AFFEA791CAF
                                                                                                                                                                                                                                                      SHA-512:08F1E4211B0624DF4AFBCDE3DD7D31ABEB27A7A74897C8998CC929D351C4FF170F77538C21B2DC1D8C384986FC67B1F9149107675BD8F6F0085708DBE9AA6135
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0........a..1a./(.F8.,......20210222205701Z0s0q0I0...+........._.z....'.5..C.........a..1a./(.F8.,.........K.X...".M;....20210222205701Z....20210301201201Z0...*.H.............t._...a..Y>t<7]u.GP.X...'e:.!Eh..,.2.u.....(x4....}M..*@..F.[.x.......ck.`..YQ..V..lf+.8...k..62D...J...3f.......,!.....Wr...t].$l.qY..3.vW...o...m..x..[.#..w...H~....fih.0m\!..?.......i.ZJ..5.....;T.7.G.B.......&...L........P.'H"...Pd.B../A].IFk.........`5^.`5^.B..b`6.....(....a,~1614110395,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 4451..Cache-Control: max-age=126631..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:41 GMT..Etag: "60341a9d-1d7"..Expires: Wed, 24 Feb 2021 22:11:12 GMT..Last-Modified: Mon, 22 Feb 2021 20:57:01 GMT..Server: ECS (via/F33E)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 4451..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\CC272A84C437C06018182F241F266FFC52770F69
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9980
                                                                                                                                                                                                                                                      Entropy (8bit):6.062811953647961
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5F4AC4E8668909A37C3F24A870F37111
                                                                                                                                                                                                                                                      SHA1:FE805B54B7CA35573363AEF370DD38F12569AA32
                                                                                                                                                                                                                                                      SHA-256:7BB6ED3331C835EC9D62F1058F56CF71F45FE325945590C991F8EA9A3D051DE2
                                                                                                                                                                                                                                                      SHA-512:26F5082F7489F34F28CE9F96E38CDD25A8EF6E50875BAEE7924A1883C1DA2012019D6BF63A08080447F6BF3B792549669E8CBDF71669CE25DD1A1EA57D4FC5C6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"data":[{"id":"274942c0-0ac3-cabd-0eca-3889bdfa926b","last_modified":1614006895805,"bucket":"main","collection":"cfr","host":"firefox.settings.services.mozilla.com"}]}".*>..........`5^.`5^.B..k`5^....x....:https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=cfr&bucket=main.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAbvMIIG6zCCBdOgAwIBAgIQDAAiviv2M1ebAYv3uJs4rzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMDIxMDAwMDAwWhcNMjExMjE1MTIwMDAwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xFzAVBgNVBAsTDkNsb3VkIFNlcnZpY2VzMS4wLAYDVQQDEyVmaXJlZm94LnNldHRpbmdzLnNlcnZpY2VzLm1vemlsbGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4IgnAyJgSL8mv5UHYJoG
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\D74C81922056996BF2DAF5A41FB108B23E33EB81
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1276
                                                                                                                                                                                                                                                      Entropy (8bit):6.647431396572723
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:F4FBD094B2E58E4E64EFCE4B66E60147
                                                                                                                                                                                                                                                      SHA1:73EE9F21E3C236674587BB27D3D22BB4A30F2384
                                                                                                                                                                                                                                                      SHA-256:2197BBC7432D04C516FBCAA4D5EB9C97E61C6469172B70035B2FFD9AD717BAB9
                                                                                                                                                                                                                                                      SHA-512:CCE1063B7F19FA6C024F30F8822E16EA309A86CB6A61FE9FBC24DA4A6922130EB2A4F59E09B15060A3F0642BA41D7B7B8D58C01103446C028E4CC2246FA33CF5
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 0..........0.....+.....0......0...0........a..1a./(.F8.,......20210223054501Z0s0q0I0...+........._.z....'.5..C.........a..1a./(.F8.,.......i(./[..[....-/....20210223054501Z....20210302050001Z0...*.H...............7.f.*.....B......... ]=.d.f3a....'...iK..J.Q.cZ.S...q.xr.5g.B..n........>....2A.D..s...\.0. .-.(..s#m.........-..4...FT...[.0[...(.5<.7.Q.ph~.>..tG?o..'...3 .kF.......C..g.....<m.......F.....g...^9!.y..S.F5.6.^8. ."...b.._.6.|^T...-..Li...11.....HS..D2........`5^.`5^.B..e`7C....(....a,~1614110397,:http://ocsp.digicert.com/.strongly-framed.1.request-method.POST.response-head.HTTP/1.1 200 OK..Accept-Ranges: bytes..Age: 2614..Cache-Control: max-age=156472..Content-Type: application/ocsp-response..Date: Tue, 23 Feb 2021 11:00:42 GMT..Etag: "6034965d-1d7"..Expires: Thu, 25 Feb 2021 06:28:34 GMT..Last-Modified: Tue, 23 Feb 2021 05:45:01 GMT..Server: ECS (via/F33E)..X-Cache: HIT..Content-Length: 471...original-response-headers.Accept-Ranges: bytes..Age: 2614..Cache-Contro
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\D8D7FDE185B1DB8EE32C3872E06A36297CFB3610
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):16920
                                                                                                                                                                                                                                                      Entropy (8bit):6.081281885984959
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:887A6C29DA4E341309179A17E58D5C6B
                                                                                                                                                                                                                                                      SHA1:4B3FCF7872DECA7C1AE7AE546EFFD4C75D5CBFE9
                                                                                                                                                                                                                                                      SHA-256:E6FB6A962000CABDD64EA2C7FBCF91DC6B16C017145D02E83544A20EC0C866A3
                                                                                                                                                                                                                                                      SHA-512:BAB50A33E2E89A2E9C43D5882BE3496E9367E6FC01F220359FBD4F090B616C78E80BBCFC2BFB06F6234448324752AAA814E3837B03661589CA21149C6405B33A
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"metadata":{"signature":{"ref":"1lx7960uqucgf1svvjadcgrkjk","x5u":"https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-04-12-15-03-53.chain","mode":"p384ecdsa","type":"contentsignaturepki","signature":"nyLU4avKI_0kTcZoZUnGwzzeOrP8D1QXNKIM0obEsNoClnv-UjJ7CJw_azJc0Fj6NhmZ-W-d8uwuIT6bBdYlACvg2l3qMqJ8QrcZhR7wNAj8w3nG6OXkUMQF9q7fjlkS","signer_id":"remote-settings","public_key":"MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAElxL0437Pxph8G67ORLOHjsUBLBXSFWOq2ADA22eWf/RcgTyCGIKL0JoP+R5EYYTn5H6sNj/LJCL3IGXLZPB3zsHsEKCbBXp2HrFTd7FTZEt8l2rQDlQ9FcDBTD2rQg4u"},"id":"whats-new-panel","last_modified":1613936508976},"timestamp":1611670765047,"changes":[{"content":{"delay":300000,"action":{"id":"show-whatsnew-button"},"target":"whats-new-menu-button","bucket_id":"WHATS_NEW_BADGE_85","badgeDescription":{"string_id":"cfr-badge-reader-label-newfeature"}},"trigger":{"id":"toolbarBadgeUpdate"},"priority":5,"template":"toolbar_badge","frequency":{"lifetime":100},"targeting
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\ED97F46D4756D86882477971B2247A044E5A0F31
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5207870
                                                                                                                                                                                                                                                      Entropy (8bit):7.998334401308609
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E597298AA76DDC9553DCD9637565FD03
                                                                                                                                                                                                                                                      SHA1:33586A5B7676A4C54C1CF6309F69777BD816FA3E
                                                                                                                                                                                                                                                      SHA-256:14B900F1C1B16573FEE4DB42AF051CB75E3694EDBDB18A374754D85F224D8782
                                                                                                                                                                                                                                                      SHA-512:A552F0B7A57B87927B3D035D10CAA67A7020433F91F26DF84B6209EA59A07DE5787984389EFE899A25E35B7492396333A15CAF49FB10E9B8D9A32F918D416EB3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK.........rkOX...eBO.........widevinecdm.dll..\TU.?~.F.ut.t.)G..X`hL..Ra.xA%Q..yAMd..T...4.QYY.ZYYYi.iY1 .E.....>#....\.k.s.f.......=.....{.}..k...{.}......82.#.451.~F..c...&a......m.._...:q.hud.vA.+K.s_......WG-.P/.P...V/..?.S...X...G..<e....L...........7.~.e.6).v..UI.gn}......o.y..eb.....]...m.~..mP..!.w..d.;e+.7(..m..4.=a..X...A..&P"cV..fZ.J.>..%.;3.71.4\P1....%.:0L;FB.,.4?...s....`."bY.S.4...{'.e.c.z..^j..4....0I....r..~n(...j!]..+.3......1.......B.+..f...Q.^.y.6...:.oI..|~.?@......9.aL......Di....Y.....EEG...'...;..|.......,.w\..,....V..~.Mkm.h.s...-B.....|.....9.~"'',...RH.....Y..5...#>.sF...a.K.... .LN..H..&.,..H1.}..+iU..{..E..X...(".Kj....b........:.....C%I8)./.B.q.......K.X._B-.._.......Pz..pq..!.(..e.[s.\.I.(M).h..P.[./9..P\....b2....Q....S.......\..&..&Q..6.9m.......2...cgg..mrpa.O..v4..Ok...U....0A3..Z.JA....ZX...{pq...u....TV.h...fV..-.q...MI4.<qO.J..+i.......m.jTRw.......>...3\`5gkS.^zd...<9D..).+8%.:..>.~...J+I..0...`.)...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\F0A236A38D140906A5AA4B5958554578B1EBBCB8
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):25845
                                                                                                                                                                                                                                                      Entropy (8bit):5.588117275653395
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:894B82CD725F753408CE5F246F382CF4
                                                                                                                                                                                                                                                      SHA1:7A9F566CA72D64E094C461BCAB8EC7E4056C3450
                                                                                                                                                                                                                                                      SHA-256:4A5B2FB03AD1608BE2F3ECC3ACBCFF5D03C01C3CAF99EB1F49113FBFA92A4B19
                                                                                                                                                                                                                                                      SHA-512:41EAC28039A5A6EE6D734951334807A0704F52AD43479375EDFA78C58323CCAB1D1212CE6B04C2A3FDB514D4F9377A9E058DA5491A43327D663E31D71CB0E9C6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: # This Source Code Form is subject to the terms of the Mozilla Public.# License, v. 2.0. If a copy of the MPL was not distributed with this.# file, You can obtain one at http://mozilla.org/MPL/2.0/....## These messages are used as headings in the recommendation doorhanger..cfr-doorhanger-extension-heading = Extensi.n recomendada.cfr-doorhanger-feature-heading = Funci.n recomendada.cfr-doorhanger-pintab-heading = Intenta esto: Fijar pesta.a..##..cfr-doorhanger-extension-sumo-link =. .tooltiptext = .Por qu. estoy viendo esto?.cfr-doorhanger-extension-cancel-button = Ahora no. .accesskey = N.cfr-doorhanger-extension-ok-button = A.adir ahora. .accesskey = A.cfr-doorhanger-pintab-ok-button = Fijar esta pesta.a. .accesskey = A.cfr-doorhanger-extension-manage-settings-button = Administrar ajustes de recomendaciones. .accesskey = m.cfr-doorhanger-extension-never-show-recommendation = No mostrarme esta recomendaci.n. .accesskey = N.cfr-doorhanger-extension-learn-more-l
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):11014
                                                                                                                                                                                                                                                      Entropy (8bit):6.069144683900351
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9EA34BD7D1A07150090690DF1A2A5FC0
                                                                                                                                                                                                                                                      SHA1:8243EED2E5B2E83CAAA5FC2E9F1D5937796644B2
                                                                                                                                                                                                                                                      SHA-256:4DB0F876066F5C5556282B803049F9076DB38D0159D4FFFF7B117B4D92479776
                                                                                                                                                                                                                                                      SHA-512:A91FB47EB65CB5E4D52F180E426F1D3F8B94BB3463FC183B1E7B1415BD73FA56757E20ED147646B05F2254FD949D2A3E6DD7C5B0CAD445388843D9ECA47721A7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"project_name":"Remote Settings","project_version":"14.2.0","http_api_version":"1.22","project_docs":"https://remote-settings.readthedocs.io","url":"https://firefox.settings.services.mozilla.com/v1/","settings":{"batch_max_requests":25,"explicit_permissions":false,"readonly":true},"capabilities":{"blocklist-xml":{"description":"An endpoint to generate v2 and v3 XML blocklist export.","url":"https://github.com/mozilla-services/kinto-amo/","version":"1.0.1","resources":{"blocklist":{"addons":{"bucket":"blocklists","collection":"addons"},"plugins":{"bucket":"blocklists","collection":"plugins"},"gfx":{"bucket":"blocklists","collection":"gfx"},"certificates":{"bucket":"blocklists","collection":"certificates"}},"preview":{"addons":{"bucket":"blocklists-preview","collection":"addons"},"certificates":{"bucket":"blocklists-preview","collection":"certificates"},"gfx":{"bucket":"blocklists-preview","collection":"gfx"},"plugins":{"bucket":"blocklists-preview","collection":"plugins"}}}},"changes":
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cache2\entries\F98A47E45275698EC70F89BE23A96CDB41B14217
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):24328
                                                                                                                                                                                                                                                      Entropy (8bit):6.051540173344673
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B27137EAF9C17906F528F55B2223EDB2
                                                                                                                                                                                                                                                      SHA1:DB1C0009C654B34D02462E2BDF895E8B1AF84942
                                                                                                                                                                                                                                                      SHA-256:D4CEED1F223DA8E67E5E6C45E0A58A24C1780940644B7D45F0F7C3667823C8F7
                                                                                                                                                                                                                                                      SHA-512:58940B93AD07F356ED43B801AAB4C1C363DF5ECFAC825495276E33D23EB972E6DBA9E2A2A24D670E1AA2DF142287692BFAD6E9C512282DA7E23B7DF177139B14
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"page_size":25,"page_count":1,"count":0,"next":null,"previous":null,"results":[]}~..Lt........`5^.`5^.B..f`5^....p....a,:https://services.addons.mozilla.org/api/v3/addons/search/?guid=reset-search-defaults%40mozilla.com&lang=es-ES.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANQFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAfvMIIH6zCCBtOgAwIBAgIQDdoFMDk27SUUIgKOAum/DjANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDQwODAwMDAwMFoXDTIyMDYxNTEyMDAwMFowgfExHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMyNTQzNDM2MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEbMBkGA1UEChMSTW96aWxsYSBGb3VuZGF0aW9uMRcwFQYDVQQLEw5DbG91ZCBTZXJ2aWNlczEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEub3J
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cert9.db
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                      Size (bytes):1310720
                                                                                                                                                                                                                                                      Entropy (8bit):0.24789438488943913
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:98C8041EEAA25141B295E5539AC7D3A5
                                                                                                                                                                                                                                                      SHA1:E01535D20398A6A104E97647C4BDF219C17FACD5
                                                                                                                                                                                                                                                      SHA-256:966F46C3EF7C480C177FC2D0FEC4F0C731483DC5AD359BA101CA8B6EDA86D2BD
                                                                                                                                                                                                                                                      SHA-512:99513F99F880D2DD34AB881388C975CA92873EEEAC9E8DAD1BA9FD0D32059C1BA702604B63927A778EBAE69191EEB04A9C507B64FDAB435F6F21D51B66016ACE
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C......z..{...{.{j{*z.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cert9.db-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1086848
                                                                                                                                                                                                                                                      Entropy (8bit):0.22081639474703724
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:14FF9F4D78C14F7983EFA9C2B26F9727
                                                                                                                                                                                                                                                      SHA1:AC1F6D0C3BA9BD9107735F856784F276B9E40F3C
                                                                                                                                                                                                                                                      SHA-256:11181F2D74D7BFC5D0622ACCDA79B9D431BB36836C611D3EC11DA987B3266549
                                                                                                                                                                                                                                                      SHA-512:F8D61899ADC1F28336A6905E614A5CAEFCD29EC68C5E7DEF2578F615C557D8AFB60465F9A4D03E9FE3D5F258A0A2500949CA1FAE0D56D324B6F55E9A8A34C551
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .............An..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c....................Y............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\compatibility.ini
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Windows WIN.INI, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):268
                                                                                                                                                                                                                                                      Entropy (8bit):5.310935971030552
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A45C6952E06DA10DC49D1E519EEC253E
                                                                                                                                                                                                                                                      SHA1:27D1B74C5E2AE01ACD5CB3A8D88BA5604AF18F1E
                                                                                                                                                                                                                                                      SHA-256:7AA3F4BA4878F3584D6B36B7924ACE4CF26898B34A716387BD5A4761A93423E4
                                                                                                                                                                                                                                                      SHA-512:4F88DF1048DCACF4ACB527AF0B27B4F3FA42FDEAB0CD73C48EF0102DFD85D9785DF56590CD5D5171D4E56DBBEEE95DE9B1943A53D340AB9DD2A340DDD0E995DB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: [Compatibility]..LastVersion=81.0.1_20200930150533/20200930150533..LastOSABI=WINNT_x86-msvc..LastPlatformDir=C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app..LastAppDir=C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\containers.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):939
                                                                                                                                                                                                                                                      Entropy (8bit):4.6537982971213685
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:94A3843FAD8C45C48B0E07342DF3DFDC
                                                                                                                                                                                                                                                      SHA1:D55B650208BDA884D573AFEBD90830A3F4D7C201
                                                                                                                                                                                                                                                      SHA-256:854FF2076F71097B030C302A1EA71D8E851D2920B9FF5FC8DC8F16C91BA95B72
                                                                                                                                                                                                                                                      SHA-512:4D2A6B2A223AD81BB97195ABB27685CF88453CAF5769DE154B373486D5245F02E0C0F664281D8E3BB33BFCDF1D6F7B3D9602303864D4E56481382ADCB0B932DB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"version":4,"lastUserContextId":5,"identities":[{"userContextId":1,"public":true,"icon":"fingerprint","color":"blue","l10nID":"userContextPersonal.label","accessKey":"userContextPersonal.accesskey","telemetryId":1},{"userContextId":2,"public":true,"icon":"briefcase","color":"orange","l10nID":"userContextWork.label","accessKey":"userContextWork.accesskey","telemetryId":2},{"userContextId":3,"public":true,"icon":"dollar","color":"green","l10nID":"userContextBanking.label","accessKey":"userContextBanking.accesskey","telemetryId":3},{"userContextId":4,"public":true,"icon":"cart","color":"pink","l10nID":"userContextShopping.label","accessKey":"userContextShopping.accesskey","telemetryId":4},{"userContextId":5,"public":false,"icon":"","color":"","name":"userContextIdInternal.thumbnail","accessKey":""},{"userContextId":4294967295,"public":false,"icon":"","color":"","name":"userContextIdInternal.webextStorageLocal","accessKey":""}]}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\content-prefs.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 4, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):229376
                                                                                                                                                                                                                                                      Entropy (8bit):0.054765275911201845
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D5C29BFA9FD0FE2DC8B02EFC11D8A97D
                                                                                                                                                                                                                                                      SHA1:5B499945A06738C6A89021426B206DA036F57865
                                                                                                                                                                                                                                                      SHA-256:6F120172000F86130982EDBF70053D8FB331DD2B87D699CD7321C3DC7E9023E7
                                                                                                                                                                                                                                                      SHA-512:47F0FDB6244A663012CA5E4902C5CD728C1F2B54596C154720124BA0F1F9FB4C7F08C51B9F84A95464AE365A7A58AF5F0C801AF2F6DD684FB7800D6F6D6CE5B8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\content-prefs.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):524
                                                                                                                                                                                                                                                      Entropy (8bit):0.27937671757176796
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:2F52938FD88E9440B3AAC8FA10A1DAD2
                                                                                                                                                                                                                                                      SHA1:B3D67B685ADC4ABFEBD7A65E5230F6DB7335A2D6
                                                                                                                                                                                                                                                      SHA-256:E40C968980D4B2A29B53BCBFDDF80C49858AF428FCDDADAF42F6C47421CB2726
                                                                                                                                                                                                                                                      SHA-512:FBE464E087135844CA15C78F180D4CB9603A3601257D1BE5BDB9948270AEFA03917C3F90A9262A80E0B4E9EE3CF68FD8EBE77B59CB132AA29D74AA0565478BE6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..............m..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cookies.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):163840
                                                                                                                                                                                                                                                      Entropy (8bit):0.09904466197100412
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:227D140604B6968B7F0858E1835E16A7
                                                                                                                                                                                                                                                      SHA1:53512F3F0C0EEEC7D29B8F4C0992613F218C08C1
                                                                                                                                                                                                                                                      SHA-256:291D50D40C357E784A1B0C91250275A52A2D27A4B7D8CCAF202FAD9046E06E88
                                                                                                                                                                                                                                                      SHA-512:AE3807BCE0519762AB11A7A21A59A4CA291A3E7F5210C1F28DD536FCA63B8848E52B65F49CB0BF9A230D891F186C3CBE6606A2631E71E5D94411828074C945AF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\cookies.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):67112
                                                                                                                                                                                                                                                      Entropy (8bit):0.13391236351967603
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9F050F35EA62263DC72737770F1E1156
                                                                                                                                                                                                                                                      SHA1:225BBD9672E3BD84BDBC92C30D783BD6369D3F95
                                                                                                                                                                                                                                                      SHA-256:A08C0C7383A2D7F8E362BBAC8F1ABAFD2CF261ED1D29D6DB468B66D1592D6CC9
                                                                                                                                                                                                                                                      SHA-512:920773D7400B686B422EAFA3DD067F5BC4CC8BB224C7E07EBB1B3335FC956AF4A784B41B7E82C44DCE529D90248419FE4C7C4715BA353D7336B236500E259CA2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............>:iR.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................\.7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\crashes\store.json.mozlz4.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):66
                                                                                                                                                                                                                                                      Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                      SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                      SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                      SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\datareporting\aborted-session-ping.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):41417
                                                                                                                                                                                                                                                      Entropy (8bit):5.225949605409278
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:7E6E62489A3665C71528BC0500F60B5F
                                                                                                                                                                                                                                                      SHA1:58B97AF291A947FD67860A9631CC208D52FFA133
                                                                                                                                                                                                                                                      SHA-256:6A2B97A7A7CBC1B3E45801452931F77409E0E7333267940CB117805B4E65AD85
                                                                                                                                                                                                                                                      SHA-512:EA3846FFAF06F2A0DB81368DAE7CFA2D07480DAE344CB896B3DCAA993015C3679C010D29BEEC335AB9913D7676A4E0763C7618991959958B7211A9FA40D97FA4
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"type":"main","id":"f4994ea1-c09f-4c12-ad94-bfd76279d41e","creationDate":"2021-02-23T20:00:59.411Z","version":4,"application":{"architecture":"x86","buildId":"20200930150533","name":"Firefox","version":"81.0.1","displayVersion":"81.0.1","vendor":"Mozilla","platformVersion":"81.0.1","xpcomAbi":"x86-msvc","channel":"release"},"payload":{"ver":4,"simpleMeasurements":{"totalTime":72,"start":706,"main":1245,"selectProfile":1295,"afterProfileLocked":1303,"startupCrashDetectionBegin":2408,"firstPaint":22500,"firstPaint2":15724,"sessionRestoreInit":11929,"sessionRestored":40473,"createTopLevelWindow":8854,"AMI_startup_begin":2737,"XPI_startup_begin":2842,"XPI_bootstrap_addons_begin":7203,"XPI_bootstrap_addons_end":7223,"XPI_startup_end":7224,"AMI_startup_end":7230,"XPI_finalUIStartup":11936,"sessionRestoreInitialized":12012,"delayedStartupStarted":22517,"delayedStartupFinished":23499,"startupInterrupted":0,"maximalNumberOfConcurrentThreads":70,"debuggerAttached":0,"startupWindowVisibleReadByt
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\datareporting\session-state.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):162
                                                                                                                                                                                                                                                      Entropy (8bit):4.859790466317743
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:0C33D654CD5EFA8CA58680067AE43832
                                                                                                                                                                                                                                                      SHA1:99BAA63136DFAA2162C97681A81BB0C65E07B311
                                                                                                                                                                                                                                                      SHA-256:4EE3E6367B17E5D3126775C3A4CB23CFA601F9CCBDBEA27EA1C297D28C84725F
                                                                                                                                                                                                                                                      SHA-512:2221097316C671684217475C23C1FBDDD090460EC12C120C1090925261B82ED52157293B07DE5981F18BF229E8F5B3D813CE655710FE3C2263C4B407E3638DE5
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"sessionId":"15e4d21d-80be-4b26-9ac5-43477a80d1c5","subsessionId":"51a6c461-9e48-40da-8700-e1d5117c877c","profileSubsessionCounter":1,"newProfilePingSent":false}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\datareporting\state.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):110
                                                                                                                                                                                                                                                      Entropy (8bit):4.708220683248734
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:870991249092CB158FAD0463F4893E58
                                                                                                                                                                                                                                                      SHA1:CC42E7A8AD24AA0AD1B810DEF8349E9C10E8FFB5
                                                                                                                                                                                                                                                      SHA-256:F99B60A43023C46DE90FC2047629CD2C03864A554879FDDEF06821BE3BBDC70F
                                                                                                                                                                                                                                                      SHA-512:DDA0B6498DF0DFC16E249F17677D3A78B1D5B95B0D1CCD71EC5530BD427B76047F833BED4738BC88C7457758B535DC6F58FA1FC929878F9EE654F84FB2680CAB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"clientID":"a00ef626-d66a-41b8-ba38-f46c7da22ce1","ecosystemClientID":"45a2c69d-5b13-4ec9-9312-a9369cb1bfee"}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extension-preferences.json
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1200
                                                                                                                                                                                                                                                      Entropy (8bit):4.549496724810494
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C758A994B40D482C606A60D780188814
                                                                                                                                                                                                                                                      SHA1:04C24E45D8A20B67C30B92D0069D2A4C65258101
                                                                                                                                                                                                                                                      SHA-256:B8B58D3A4B1BABAD1F15BBC138047AA35191E205D0AA3517CA91BD05277DBC88
                                                                                                                                                                                                                                                      SHA-512:B95627B7F8509209F027BB2001010FA25632E25497F33A0DD721A94927CC1EF8118711BF5C5303BBE3D6C24AE89A13C06A382064D94AEB250897B54949BDBAA8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"formautofill@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"fxmonitor@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"screenshots@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"webcompat@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"default-theme@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"google@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"amazondotcom@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"bing@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"ddg@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"ebay@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"twitter@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extension-preferences.json (copy)
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2683
                                                                                                                                                                                                                                                      Entropy (8bit):4.5564266601306604
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:277FBEC64B7528879462C901D3A84E37
                                                                                                                                                                                                                                                      SHA1:33E19955529D18ED86E6C98AD66FC280673EB17E
                                                                                                                                                                                                                                                      SHA-256:F9B911B5A731260678EFCF107D6562C975DE79E8B92E37359F17074937E7CC1C
                                                                                                                                                                                                                                                      SHA-512:9ED3A1850B1C1085D6C704FD7F552E5ADE081D139A28D367C7ACADE37850379DE054780D02BC3C3E28D131F339A1A1641DE3C91BF0F727DDC43228AD6899FFF7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"formautofill@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"fxmonitor@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"screenshots@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"webcompat@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"default-theme@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"google@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"amazondotcom@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"bing@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"ddg@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"ebay@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"twitter@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extension-preferences.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2683
                                                                                                                                                                                                                                                      Entropy (8bit):4.5564266601306604
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:277FBEC64B7528879462C901D3A84E37
                                                                                                                                                                                                                                                      SHA1:33E19955529D18ED86E6C98AD66FC280673EB17E
                                                                                                                                                                                                                                                      SHA-256:F9B911B5A731260678EFCF107D6562C975DE79E8B92E37359F17074937E7CC1C
                                                                                                                                                                                                                                                      SHA-512:9ED3A1850B1C1085D6C704FD7F552E5ADE081D139A28D367C7ACADE37850379DE054780D02BC3C3E28D131F339A1A1641DE3C91BF0F727DDC43228AD6899FFF7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"formautofill@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"fxmonitor@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"screenshots@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"webcompat@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"default-theme@mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"google@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"amazondotcom@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"bing@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"ddg@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"ebay@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"origins":[]},"twitter@search.mozilla.org":{"permissions":["internal:privateBrowsingAllowed"],"
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extensions.json
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):76234
                                                                                                                                                                                                                                                      Entropy (8bit):5.426644000531381
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:DFAD6821A0A7AAB698231594EC6292AB
                                                                                                                                                                                                                                                      SHA1:431263839A852059DABD304C71D0EF306957C1F2
                                                                                                                                                                                                                                                      SHA-256:335CD59B1D557672DEB4448252A5880C9B49DD1CEC10380549E3E7C15297A128
                                                                                                                                                                                                                                                      SHA-512:B18EA83C7541B279A78DCD765D31ABBE5148F0D1A414F62A75E8EE7A55FFE5DA3FF4A5E7ED6B16C77403022B1DEC92350995C2CFF8B417D72DD4DF4AD81D8961
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"schemaVersion":31,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{3b460374-1db1-4f79-9cc1-bcd9c1f08aee}","version":"1.0","type":"extension","loader":null,"updateURL":null,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"installDate":1565716778000,"updateDate":1565716778000,"applyBackgroundUpdates":1,"path":"C:\\Users\\vmoralgu\\Downloads\\flashplayer-win64\\app\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"seen":true,"dependencies":[],"incognito":"spanning","userPermissions":{"permissions":[],"origins":[]},"icons"
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extensions.json (copy)
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):202680
                                                                                                                                                                                                                                                      Entropy (8bit):5.284490510521207
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9D47C79C5BE9153F093B2080C049AC97
                                                                                                                                                                                                                                                      SHA1:849FE8A9928550B584CA9B5F6411FE92B3484BE9
                                                                                                                                                                                                                                                      SHA-256:4060B07A08D8CD0E9E63201C9A036D09165F4A2729D6D1E3A6D40F09886BFA66
                                                                                                                                                                                                                                                      SHA-512:42B6DE4D23DA52D2ACB60D09240BA4D6661BAF539A754741B75ABD76A325929444323CF1F0BC6102612E24394EB36E1114BE6600FCCF65278C154358085DAD31
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"schemaVersion":32,"addons":[{"id":"screenshots@mozilla.org","syncGUID":"{5021265f-a622-452e-bd59-b9e9587ba264}","version":"39.0.0","type":"extension","loader":null,"updateURL":null,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Firefox Screenshots","description":"Take clips and screenshots from the Web and save them temporarily or permanently.","creator":"Mozilla <screenshots-feedback@mozilla.com>","homepageURL":"https://github.com/mozilla-services/screenshots","developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1565716778000,"updateDate":1565716778000,"applyBackgroundUpdates":1,"path":"C:\\Users\\vmoralgu\\Downloads\\flashplayer-win64\\app\\browser\\features\\screenshots@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":tru
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\extensions.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):202680
                                                                                                                                                                                                                                                      Entropy (8bit):5.284490510521207
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9D47C79C5BE9153F093B2080C049AC97
                                                                                                                                                                                                                                                      SHA1:849FE8A9928550B584CA9B5F6411FE92B3484BE9
                                                                                                                                                                                                                                                      SHA-256:4060B07A08D8CD0E9E63201C9A036D09165F4A2729D6D1E3A6D40F09886BFA66
                                                                                                                                                                                                                                                      SHA-512:42B6DE4D23DA52D2ACB60D09240BA4D6661BAF539A754741B75ABD76A325929444323CF1F0BC6102612E24394EB36E1114BE6600FCCF65278C154358085DAD31
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"schemaVersion":32,"addons":[{"id":"screenshots@mozilla.org","syncGUID":"{5021265f-a622-452e-bd59-b9e9587ba264}","version":"39.0.0","type":"extension","loader":null,"updateURL":null,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Firefox Screenshots","description":"Take clips and screenshots from the Web and save them temporarily or permanently.","creator":"Mozilla <screenshots-feedback@mozilla.com>","homepageURL":"https://github.com/mozilla-services/screenshots","developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1565716778000,"updateDate":1565716778000,"applyBackgroundUpdates":1,"path":"C:\\Users\\vmoralgu\\Downloads\\flashplayer-win64\\app\\browser\\features\\screenshots@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":tru
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\favicons.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):294912
                                                                                                                                                                                                                                                      Entropy (8bit):0.05982301925015446
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B86C257D5A8C6B448A65F995028C25B8
                                                                                                                                                                                                                                                      SHA1:CB20D66E9A9FDD33023DCC7004A14DAEC0004521
                                                                                                                                                                                                                                                      SHA-256:18C109AA00A372B54215BA8DF7C5DE35E90EA14E977CE0A393AEF6FBE8482CFE
                                                                                                                                                                                                                                                      SHA-512:EE2DA374EEF3BD6D0C3F78D44C45B3202AB250D0DE7BF90F69F3965E7A53BE1DB5AC3E71A35380851D6F98DEF627E880D3D0D799C00809C4DF6F57C64E834CB3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\favicons.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):33824
                                                                                                                                                                                                                                                      Entropy (8bit):0.029724928916813713
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:F9AF37943B379B67B6B1C21B644F7B30
                                                                                                                                                                                                                                                      SHA1:D13A827B3BADF94A23A76278BF78959130CDD986
                                                                                                                                                                                                                                                      SHA-256:C786AE09DA60A995800811B12BFC31A8F9A2EF6C8B5BE1897667951DC820B59A
                                                                                                                                                                                                                                                      SHA-512:63F5360E1714DB57F54215C64E44CB144983B09CB1D725EB6EB684E665AB6FAA073E47D14B9B6C3E2EA4E98E0BB5B66735D9BAA4D9F2954E5E0B35893059AAD3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................YT]............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\favicons.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1049408
                                                                                                                                                                                                                                                      Entropy (8bit):0.46657718089691813
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:3800FF87F7A08E90F40AC593AC57F9B6
                                                                                                                                                                                                                                                      SHA1:BA2CF267AC820293DEC3083A0197B6E3623E1B26
                                                                                                                                                                                                                                                      SHA-256:E5F4F2245F35E4E58689B9502C94D0F3339185A9B3460BCB9A994988468E4F46
                                                                                                                                                                                                                                                      SHA-512:6DED0FA9C2D3A5815FAFC9E36AD02803C34BF05773E6A39AD4B987717B2F84508EC3DB20228E4549B39F0C4D0BACF627CF790FD7160DF4FEE49FBBD76B576865
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-..........v..<.U..{..)0j........v..<.U...%;...SQLite format 3......@ ..........................................................................C......{..~.~p}.}>{...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\features\{9e030fb0-c902-4bf7-b443-8c4220de5207}\staged\reset-search-defaults@mozilla.com.xpi
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):10958
                                                                                                                                                                                                                                                      Entropy (8bit):7.868790580025631
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:6FCFA5761C4D396EB0225949577C824D
                                                                                                                                                                                                                                                      SHA1:6600568E6AE258AD55108E8651A3B3A997C2DE0C
                                                                                                                                                                                                                                                      SHA-256:75849FCCC04348376E4C82A6734136AADBE0778AC7CA55B789178AEE610E166C
                                                                                                                                                                                                                                                      SHA-512:3D32B5B3A2D89EA63BEE9462360A638FE905782C4EF66525319A972E7A3D6B8D29F9C1C82E51390E8B3F71797FA08CF90A88E9CE352D7C1279388FDECC6D42E2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK............................api.js.Y{o.9.....8.J.....9. 3vr9l.H<..[..l.Z.E.H*.]..~ ...-g.B.......U.b.....W....`h.....Z...dEk...*mg....i..WW+.W..w-......l../Fy.....o...$^.<'...b/./....86B.[..5Z..I.ka.N.....J~Bk.\.OVi.\|...?u.K.|K%]...........?....NS....q.v..c?hlP.dh.i.d..!?~.z.....v..d...nUM.WJ......$;...}......}......t..........%\rl....f....`n...{}....)........5........F@.A5......fg,..B2....9....{*...`[.6[.V..I.+*$...*..<..S.A...............v88......S#...J2..^.....,.......i,m[..A..JH..]S..|6N....{.....4;...l.j......a.`.."w..0.n..~r.[.h,.....Q.v..N9.Nys.5.j.^......B.vgP.Y.].)..;.6.3..z...h..l..o..0.9..bC.........P..... S..h..F....+..DPv.....1......r.`K....[%...I.q...%.Iq.e......0......3...a^.Y.FY.._.+..0.`y"."aL...J...:,..X.=&..`..a...*...:.'...>..B........s..YL.0ax..xL.j...>... q.o..f.......2....4u....).y.$.y.'Y.."..\.n.e....Y....5c$..P,..i...kh.....,M.$..,..I....N).r,.:.<....b.TqD."C.fUE.(..X.:I.2......f)I2..4e%..$!e....4L..........&iX...`Y
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1234896
                                                                                                                                                                                                                                                      Entropy (8bit):6.458979312777167
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D23F706F2EACC190F2D4B75B041670D5
                                                                                                                                                                                                                                                      SHA1:7DED6EE7912BAAD38A0D70E979E21A97DE8FD665
                                                                                                                                                                                                                                                      SHA-256:CED08CE5BC45DBE505FA94B3A4268C0830CCDA016A23C0ACB16DD7268CFA7A65
                                                                                                                                                                                                                                                      SHA-512:39035E281C875331AA6CB7726BE032FDE85683922BE66DBD0CA3224201CFBB2344685797DFFAAC09979169BC93CBAAC9331AB3307884219986348964097FE059
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G4.G.U...U...U..l1...U..l1...U..l1...U..l1...U...U..]U..Q=...U..Q=..7U..Q=...U...U..nU..j=...U..j=...U..Rich.U..........PE..L...=.z\...........!................P.....................................................@..........................=..,....>..(................................Q...'..T............................'..@...............h............................text............................... ..`.rdata...F.......H..................@..@.data....,...P.......6..............@....rodata. ............T..............@..@.reloc...Q.......R...h..............@..B................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-gmpopenh264\1.8.1.1\gmpopenh264.info.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):116
                                                                                                                                                                                                                                                      Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                      SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                      SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                      SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\LICENSE.txt.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):479
                                                                                                                                                                                                                                                      Entropy (8bit):4.381877948550338
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:49DDB419D96DCEB9069018535FB2E2FC
                                                                                                                                                                                                                                                      SHA1:62AA6FEA895A8B68D468A015F6E6AB400D7A7CA6
                                                                                                                                                                                                                                                      SHA-256:2AF127B4E00F7303DE8271996C0C681063E4DC7ABDC7B2A8C3FE5932B9352539
                                                                                                                                                                                                                                                      SHA-512:48386217DABF7556E381AB3F5924B123A0A525969FF98F91EFB03B65477C94E48A15D9ABCEC116B54616D36AD52B6F1D7B8B84C49C204E1B9B43F26F2AF92DA2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: "Google Inc. and its affiliates ("Google") own all legal right, title and.interest in and to the content decryption module software ("Software") and.related documentation, including any intellectual property rights in the.Software. You may not use, modify, sell, or otherwise distribute the Software.without a separate license agreement with Google. The Software is not open.source software...If you are interested in licensing the Software, please contact.widevine@google.com..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\manifest.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):374
                                                                                                                                                                                                                                                      Entropy (8bit):4.6020671885202
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B3D1C25BA27FC580D497EE7936FED44E
                                                                                                                                                                                                                                                      SHA1:7BC187C5119DDE0950ECEE2F3016BE7D57706EC3
                                                                                                                                                                                                                                                      SHA-256:20AAC87259D3A34207DEDF0C1A6832890E73F18AAB557D7EA593E889DA6AC15A
                                                                                                                                                                                                                                                      SHA-512:CF194BB0D4475D594E5B1F109423566EB346DEDEFC6A8B34FFE2AAFD914918DAB0AC26FF840E14114104EC7428F39006A8492EA640F76A8677FBA5ED3C657018
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {. "arch": "ia32",. "description": "Widevine Content Decryption Module",. "manifest_version": 2,. "name": "WidevineCdm",. "os": "win",. "version": "4.10.1582.2",. "x-cdm-codecs": "vp8,vp9.0,avc1,av01",. "x-cdm-host-versions": "10",. "x-cdm-interface-versions": "10",. "x-cdm-module-versions": "4",. "x-cdm-persistent-license-support": true.}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.lib.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:current ar archive
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):4988
                                                                                                                                                                                                                                                      Entropy (8bit):4.862023743011139
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:CD73BF55E2CF0F1CAA5F1A469D75D9DC
                                                                                                                                                                                                                                                      SHA1:5D6A740BCF7C1AC0E04FDEF739F7A9A27F7827A7
                                                                                                                                                                                                                                                      SHA-256:48CD8B46C785EA848E2056525B7F8C28B5C164888BF7145DB5B9ADE91A71F7F2
                                                                                                                                                                                                                                                      SHA-512:16C11FED2DEC28C44A4FF3B98684CB8A1F37B423B33763EB9580AE9829F818B6534E8071489887CA693FE4A8FA351FB905DA267FBAC623DCB62E3CEF111EDA86
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: !<arch>./ -1 0 858 `....%...>...x...............V...V...................*...*...>...>...v...v...........................z...z...R...R...................................2...2__IMPORT_DESCRIPTOR_widevinecdm.__NULL_IMPORT_DESCRIPTOR..widevinecdm_NULL_THUNK_DATA._InitializeCdmModule_4.__imp__InitializeCdmModule_4._DeinitializeCdmModule.__imp__DeinitializeCdmModule._CreateCdmInstance.__imp__CreateCdmInstance._GetCdmVersion.__imp__GetCdmVersion._VerifyCdmHost_0.__imp__VerifyCdmHost_0._GetHandleVerifier.__imp__GetHandleVerifier._CPUDetect.__imp__CPUDetect._CPUCaps.__imp__CPUCaps.__imp__avc_init._avc_init.__imp__avc_done._avc_done.__imp__avc_extra._avc_extra.__imp__avc_frame._avc_frame.__imp__avc_discontinuity._avc_discontinuity.__imp__avc_reset._avc_reset.__imp__avc_format._avc_format.__imp__avc_frameallocator._avc_frameallocator.__imp__avc_getcomplexity._avc_getcomplexity./ -1 0 868 `.....>...x.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.sig.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1427
                                                                                                                                                                                                                                                      Entropy (8bit):7.558654877969032
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:92C7EBA077938EF66CC7BD90619919E2
                                                                                                                                                                                                                                                      SHA1:55738997BB67BAC6776A5C0B6281A62DE6B577B2
                                                                                                                                                                                                                                                      SHA-256:CA5396DF5DB329682A778099EC40CE9C81846A97CFCB99B75A6013D19DF1FE2E
                                                                                                                                                                                                                                                      SHA-512:F8905EF8DF99B7E7797167FF9BCDC076A31D70A7FA6B9E755BF478A5C4A2BFEAFDABB311ABADC5CFAC74ED35E935211D98C58EDFB1050C1DB1F5B12F9C2F8A07
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....0...0...........6cd/+J.v{..B...0...*.H........0}1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1"0 ..U....widevine-codesign-root-ca0...171013173909Z..271011173909Z0y1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1.0...U....widevine-vmp-codesign0.."0...*.H.............0.........2F..8.e..-....$r...{^........0.%.HA...sA"D.q.=6...#.J.N.......&..k;.+...<xF.......B8.)S....o..|Ci.F.A6....J.......Y..4..{.5u.9N...=...#.M..s.F!j.f%&ld.R...?!Ot@......#.f..O..[.V.p0y....+...S.].....M.=.9...>.. ........>.:....1tl.....`D/c..j..........0..0...U......L...cC.E..R.n...$.0...U.#..0....=..tW....!.B.#U).0...U....0.0...U........0...U.%..0...+.......0...+.....y........0...*.H.............g.."..[..t{.4~.,.G....4K.....(x$...} .*...N..b|d......h..u6?.L.(&.Oup...$!...4R. 5.-...s...K/..U[..[.+.sAX*.~...^0..ba>;.#....x...b.-1...E..l....S.n.a....)U .q..C>d:...<[..F5...7...[.-.l}.T Lc.X..Qf...z..:.Q..e.m
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9445360
                                                                                                                                                                                                                                                      Entropy (8bit):7.0176089758126485
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:2C7A3B4C1883FAE5D8A71CD43A5A20AF
                                                                                                                                                                                                                                                      SHA1:C30FF2C95429A52C3B8C5D07BF4A64C311878B3C
                                                                                                                                                                                                                                                      SHA-256:DF721C9E00DC2557C7D4C464168E83367FDCB9690FF6D51BA51EB71A21E9AC79
                                                                                                                                                                                                                                                      SHA-512:C01ED859D15B231845BA1DB93673385731E30D3485A8306E01741B85F91AD1216B66E853B3C20CC133F77AA9EEE7CD3FB0529656329092DCBF10365624051A69
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.......A.6...X...X...X.j.[...X.j.]...X.j.\...X.......X...[...X...].?.X...\.$.X...\.v.X...X.G.X.j.Y...X...Y...X.9.].W.X.9.\..X.9.X...X.9....X.9.Z...X.Rich..X.................PE..L...~.].........."!.................................................................7....@..........................PA......RA...... ^.......................k..... 7A.8....................7A.......................-.d............................text.....-.......-................. ..`.rdata...r....-..r....-.............@..@.data...<....pA......PA.............@....rodata.......^......8Y.............@..@.rsrc........ ^......HY.............@..@.reloc...(...0^..(...NY.............@..@.text........`_......vZ............. ..`.data.....&...n...&...i.............@...........................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\handlers.json
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):672
                                                                                                                                                                                                                                                      Entropy (8bit):5.027936709239286
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5D6B4BE69E21759D96FDAB7A0CDEAD25
                                                                                                                                                                                                                                                      SHA1:938219ECD363420EC1A70D40F61A41588737826E
                                                                                                                                                                                                                                                      SHA-256:B88CC01D48D9A4AD159709ECBE3FC31548C3CB832A1030CFEF13B24DB3D9AEF3
                                                                                                                                                                                                                                                      SHA-512:D9370A656A4EA33804985625E451011F21635E09A3FA01BB4DC26F9BA242270F82AC2792855130B28F33F47CF72FFC5E21985F3EA5A3E09EEED53CD108A83445
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"defaultHandlersVersion":{"en-US":4,"es-ES":4},"mimeTypes":{"application/pdf":{"action":2,"extensions":["pdf"],"handlers":[{"name":"AcroRd32.exe","path":"C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe"}]}},"schemes":{"ircs":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]},"mailto":{"action":4,"handlers":[null,{"name":"Yahoo! Mail","uriTemplate":"https://compose.mail.yahoo.com/?To=%s"},{"name":"Gmail","uriTemplate":"https://mail.google.com/mail/?extsrc=mailto&url=%s"}]},"irc":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]}}}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\handlers.json (copy)
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):815
                                                                                                                                                                                                                                                      Entropy (8bit):4.996956956815852
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:03ED45A6CC6E96F780925C7A8D9571E7
                                                                                                                                                                                                                                                      SHA1:FBD74E1DAC62748197CB8569C1054DCB5643FF88
                                                                                                                                                                                                                                                      SHA-256:84A62D9D18BC86169040954AA1C3055C4FDA7C1FD77F305BE19981C2E90AAB87
                                                                                                                                                                                                                                                      SHA-512:CC4236B96A3932E20BC23C3C92B7EF955A623FE33F5BABDA597674F2B9D38A78337202F83B80943165A999A4D8992C9082B63AF5AD41F152AE905E0EE4977824
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"defaultHandlersVersion":{"en-US":4,"es-ES":4},"mimeTypes":{"application/pdf":{"action":2,"extensions":["pdf"],"handlers":[{"name":"AcroRd32.exe","path":"C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe"}]},"text/xml":{"action":3,"extensions":["xml"]},"image/svg+xml":{"action":3,"extensions":["svg"]},"image/webp":{"action":3,"extensions":["webp"]}},"schemes":{"ircs":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]},"mailto":{"action":4,"handlers":[null,{"name":"Yahoo! Mail","uriTemplate":"https://compose.mail.yahoo.com/?To=%s"},{"name":"Gmail","uriTemplate":"https://mail.google.com/mail/?extsrc=mailto&url=%s"}]},"irc":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]}}}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\handlers.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):815
                                                                                                                                                                                                                                                      Entropy (8bit):4.996956956815852
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:03ED45A6CC6E96F780925C7A8D9571E7
                                                                                                                                                                                                                                                      SHA1:FBD74E1DAC62748197CB8569C1054DCB5643FF88
                                                                                                                                                                                                                                                      SHA-256:84A62D9D18BC86169040954AA1C3055C4FDA7C1FD77F305BE19981C2E90AAB87
                                                                                                                                                                                                                                                      SHA-512:CC4236B96A3932E20BC23C3C92B7EF955A623FE33F5BABDA597674F2B9D38A78337202F83B80943165A999A4D8992C9082B63AF5AD41F152AE905E0EE4977824
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"defaultHandlersVersion":{"en-US":4,"es-ES":4},"mimeTypes":{"application/pdf":{"action":2,"extensions":["pdf"],"handlers":[{"name":"AcroRd32.exe","path":"C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe"}]},"text/xml":{"action":3,"extensions":["xml"]},"image/svg+xml":{"action":3,"extensions":["svg"]},"image/webp":{"action":3,"extensions":["webp"]}},"schemes":{"ircs":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]},"mailto":{"action":4,"handlers":[null,{"name":"Yahoo! Mail","uriTemplate":"https://compose.mail.yahoo.com/?To=%s"},{"name":"Gmail","uriTemplate":"https://mail.google.com/mail/?extsrc=mailto&url=%s"}]},"irc":{"action":2,"ask":true,"handlers":[null,{"name":"Mibbit","uriTemplate":"https://www.mibbit.com/?url=%s"}]}}}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\key4.db
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):327680
                                                                                                                                                                                                                                                      Entropy (8bit):0.12710750266898413
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:4CF5A3DDC5815B3E8FB390091F41A370
                                                                                                                                                                                                                                                      SHA1:853DBFC5C9FBE992C55632EFFFDAF8A1640ACE53
                                                                                                                                                                                                                                                      SHA-256:3DE1828ECF3EABD21CB79022B595179E613FB870970D92295CED7D2C788AE058
                                                                                                                                                                                                                                                      SHA-512:79661B4643282940E5374161CAC478A2B9E24DF0EFFC85B35994273F21279D1C17D6F6DEFE648EB808B0EC506261C50C74A034803AA95EA37E13600781D641B8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C......z..{...{.{a{.z.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\key4.db-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):33824
                                                                                                                                                                                                                                                      Entropy (8bit):0.45601227282521417
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:DAFA2731B346E5243BD7355AF9FB8B07
                                                                                                                                                                                                                                                      SHA1:425D5FC36A10C834717DF043FD5E467AD567138F
                                                                                                                                                                                                                                                      SHA-256:387276DCC76642763A54F61F508D7F5B6641F32B7A1749CFAC28C5649EF373A6
                                                                                                                                                                                                                                                      SHA-512:D46201980D0B7C26A377C58B98C0D72D09775A588B1CA1FAB732AC472F230D18039BCDE78240F16F08F672C4842A178484198C6E9E7B067B5F0C98A60C255705
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .............+j.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................}..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\permissions.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 11, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):163840
                                                                                                                                                                                                                                                      Entropy (8bit):0.06174830719411762
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:F3483DEE8C8A40187E2EC7A8C5812F6C
                                                                                                                                                                                                                                                      SHA1:F9026A6ED23B4DFC571721F2B5A4F6E4BA5063B5
                                                                                                                                                                                                                                                      SHA-256:C1B8476C1E048DA04516605FA728D1198B581B8BC00C6FAE72FBFB80C65CF75C
                                                                                                                                                                                                                                                      SHA-512:AA237DC009AFD3B519EF1982244FC43FD1C97D52399DC8E41595E1D76BE01FA44F983743F9806FBA6E2226AA202C6F52E3782752B719791539B91483D7EA972C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\permissions.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):67124
                                                                                                                                                                                                                                                      Entropy (8bit):0.06811605179132614
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:612C66D7068A8C15C6827E8A6782DA22
                                                                                                                                                                                                                                                      SHA1:62B0673E71A538A330D8B45F866115962EA3E477
                                                                                                                                                                                                                                                      SHA-256:725CE0D23E7BB423F85C5612CAB89F556BABAD99CAEA63B03A06276A8490DDCD
                                                                                                                                                                                                                                                      SHA-512:29C1B1CB67EDEFC1B510C64D27F017A8103C683FF9CD8879AE48544381F451439E1672591C62A80B6BD7F43F4211DEE2C279D9A3138C31CECF39356DD84F58BF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .............@T..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................X}o............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\pkcs11.txt
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):518
                                                                                                                                                                                                                                                      Entropy (8bit):5.428754693373905
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:788818EAE7ED16D5F2A2FD1D281639E1
                                                                                                                                                                                                                                                      SHA1:C9BE1651C79B6C394A6346D27AB3C7CAEB7910C7
                                                                                                                                                                                                                                                      SHA-256:FE4BCFE4DF8A2437DD76D9A6B34D255485CCE6F528374A4BD60E997C5AF71682
                                                                                                                                                                                                                                                      SHA-512:54B779893412E279340DA7B055C3D19293A981545C21F2B24980FB37E6D5711E4E9FB0DC366F96EA514CED8E8611EA905479769F8174BDCDEB4B333A8C7BB3EB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: library=..name=NSS Internal PKCS #11 Module..parameters=configdir='sql:C:\\Users\\user~1\\AppData\\Local\\Temp\\tlyk2yvt.zzm\\FIREFO~1\\data\\profile\\naturgy' certPrefix='' keyPrefix='' secmod='secmod.db' flags=optimizeSpace updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' ..NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[ECC,RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\places.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1212416
                                                                                                                                                                                                                                                      Entropy (8bit):0.07488528963567037
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:6E9B492DC6DD716A0BD5A61F7B984D7E
                                                                                                                                                                                                                                                      SHA1:5767E040B106102DF4C4B74A947CD93C816E51F6
                                                                                                                                                                                                                                                      SHA-256:A78FF7C767FDEBA58ECD537703D1356244AC9A5F244C9F9D1BA10E335D38BCA8
                                                                                                                                                                                                                                                      SHA-512:4853A696EBAD0E8E92FF520F9BC56DF8EE14A02A352677DDC317C957E5EBDBFBF46425923F3979AB87E9F43EF997E0A73779E5D10153332304B64AA8CD7943CF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\places.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):524
                                                                                                                                                                                                                                                      Entropy (8bit):0.27937671757176796
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:215F72D2D750C08CC0B71F60AFE2F384
                                                                                                                                                                                                                                                      SHA1:1F29FBC7346F946FBE5BC8E31C116B45CA5CB597
                                                                                                                                                                                                                                                      SHA-256:8205DF0C9911D763847814338ED651CC776711307E244520E7D0534B4D609EF6
                                                                                                                                                                                                                                                      SHA-512:568AC3D36F96BFC5095172C4D5E00D48293284116FDF578986329811E4D7C05037151EEE668D4DAFEFF306F4AF4F4F0287BC0D39924CCFD657EF695AC3B94B14
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..............ad.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\places.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3771144
                                                                                                                                                                                                                                                      Entropy (8bit):0.07213329925365378
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E2AA26BF7F56A9BD9FF3D2ECB51D5059
                                                                                                                                                                                                                                                      SHA1:03EBDE768B5BFF9275B787E7C29643C4986C21B4
                                                                                                                                                                                                                                                      SHA-256:5CCDA1587A3C6ACA7CE4AFB5EA0C8F9AB16B7C5F31E4361FF7DCAE7C61E15B82
                                                                                                                                                                                                                                                      SHA-512:3F67D014A8D53CA526F1D3BCC38481831999CD0F68A47E14D971FEDF3CC18502273D3BC191A32AE16B386F746169DCFEEEFCDF9AAF998CABBF68C54F22D589F7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-...........y.'c9....|.b............y.'c9..T....B.SQLite format 3......@ .......$...............................6..................................C.....#k......}$|.|N{.{sz.z{z.yAx.x!w.v.wZu7tNt.s.s\r.rJq.p.q.p.o.o.o.m.mal&k.k...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\pluginreg.dat.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):716
                                                                                                                                                                                                                                                      Entropy (8bit):5.6836971657819255
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:0E61D06FD77EF8F8DC9F8A4F595D3765
                                                                                                                                                                                                                                                      SHA1:3C8844E7004BFFFDDC686AF7A8627DFEDF77C548
                                                                                                                                                                                                                                                      SHA-256:32340EC57A33DBDCB5B6A83FEAD06E7969C5089382498BF10BDF485012C62190
                                                                                                                                                                                                                                                      SHA-512:36CC5BCB3D858CE20989A5C1E55E32EE77940A09852CFB8D27F22530810287A30EC70553D797A227A43DB8E2BDB15AC75716E2E0319C17AB57047CD2563768C0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Generated File. Do not edit...[HEADER].Version|0.19t|$.Arch|x86-msvc|$..[PLUGINS]..[INVALID].C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll|$.1556850806000|$.C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL|$.1438361800000|$.C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll|$.1584463468000|$.C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll|$.1561622673981|$.C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npdeployJava1.dll|$.1561622673809|$.C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\plugins\NPSWF64_32_0_0_371.dll|$.1611671734000|$.Generated File. Do not edit...[HEADER].Version|0.19t|$.Arch|x86-msvc|$..[PLUGINS]..[INVALID].
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\prefs-1.js
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):298039
                                                                                                                                                                                                                                                      Entropy (8bit):5.33772591887797
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:0D965BFC48521BC7B4CA1AF894138254
                                                                                                                                                                                                                                                      SHA1:F1430AD0DA8403A628558A4EB33F95007A4C559F
                                                                                                                                                                                                                                                      SHA-256:2969141BD75C8DE801CBCDC7AF262DEB24F61FD95D8D30ED383A3936583A10BF
                                                                                                                                                                                                                                                      SHA-512:EE8653036A638D118F3FB96E51C1D86A2221DFCD006336152DB59AEBE6FC187B4EAACD377F26180FBA0017AB45EE0E744D9BCA16CF834CDB66523516A6A7B190
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: // Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.startupRolloutPrefs.network.cookie.cookieBehavior", 4);..user_pref("app.normandy.user_id", "681d02d0-8b4c-4d52-bd01-54865d72a70b");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 0);..user_pref("app.update.lastUpdateTime.background-update-timer", 1606927391);..user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 0);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1606925461);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 16069
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\prefs.js
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9657
                                                                                                                                                                                                                                                      Entropy (8bit):5.337011488239681
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:CFDFF3C1281D9D2C7FBE48CC843F0E6F
                                                                                                                                                                                                                                                      SHA1:F0C7FA5907791DC3E8BBEE237C13F9E92B0AE249
                                                                                                                                                                                                                                                      SHA-256:05AA36A2959E10663829B287D474BB9269D8FE23F056159CA519FD0C3A71E16B
                                                                                                                                                                                                                                                      SHA-512:F60019C70C9415DE921E67359D9D465E5AEA274B8A7B2A25D7CB59AAA8DC1D06CD5AD09E879EA503FE1C5E6BF203BF619E83D4CF522EDF3C5F53639E9EBEA0BC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: // Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.startupRolloutPrefs.network.cookie.cookieBehavior", 4);..user_pref("app.normandy.user_id", "681d02d0-8b4c-4d52-bd01-54865d72a70b");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 0);..user_pref("app.update.lastUpdateTime.background-update-timer", 1606927391);..user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 0);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1606925461);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 16069
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\prefs.js (copy)
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):298039
                                                                                                                                                                                                                                                      Entropy (8bit):5.33772591887797
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:0D965BFC48521BC7B4CA1AF894138254
                                                                                                                                                                                                                                                      SHA1:F1430AD0DA8403A628558A4EB33F95007A4C559F
                                                                                                                                                                                                                                                      SHA-256:2969141BD75C8DE801CBCDC7AF262DEB24F61FD95D8D30ED383A3936583A10BF
                                                                                                                                                                                                                                                      SHA-512:EE8653036A638D118F3FB96E51C1D86A2221DFCD006336152DB59AEBE6FC187B4EAACD377F26180FBA0017AB45EE0E744D9BCA16CF834CDB66523516A6A7B190
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: // Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.startupRolloutPrefs.network.cookie.cookieBehavior", 4);..user_pref("app.normandy.user_id", "681d02d0-8b4c-4d52-bd01-54865d72a70b");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 0);..user_pref("app.update.lastUpdateTime.background-update-timer", 1606927391);..user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 0);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1606925461);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 16069
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\ads-track-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1972
                                                                                                                                                                                                                                                      Entropy (8bit):1.1019742773801506
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:3B346D8E66207DCCA3D827D5F13461DE
                                                                                                                                                                                                                                                      SHA1:982B7914544FED4795D37E3D8B1C7F797E56FA1A
                                                                                                                                                                                                                                                      SHA-256:BACCCB046FB3D524A828B0A5C5BDB88EF0BF9C8DFB0856402582AA37CD422BA3
                                                                                                                                                                                                                                                      SHA-512:179265B6F751B0DBF03A15B0304853C744F57F1629F1886F47DDC14EBBEF400BDAEF6642D2F523760594B242E3039AF9E9A6F47E260A1A3FB2D41A34CD169D10
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1................................_....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x......`...Q0..#..u.v=....x..uk...Q0.F.(....Q..@....x...{...Q0.F.(.....~.1......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\ads-track-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):54373
                                                                                                                                                                                                                                                      Entropy (8bit):7.996499446863367
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:ED1FD4549D4F52D35C0DEF336D78A261
                                                                                                                                                                                                                                                      SHA1:35B192AD6F992B45F4A16FBADFDC5BB670AA86DE
                                                                                                                                                                                                                                                      SHA-256:395BED27777C35D6AA850C8A8F8C2D1FBCD1543EC56B3D2F5EBEA0779294F4F8
                                                                                                                                                                                                                                                      SHA-512:89C185273370E4042A23F620F5CBCA59F40C79892EF3B0BD9B98CA9A57BA3EE83E3B04B37FCE5476046E0F00F14E18A9741A45C9C1E524346A287A4EAF4D9F5F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... @......z+...m....S..5..6..H.e..B...Yo..V..}B1.1k.........oS...y%....*.q.......A-@..R.,.m.....4......AS..F...b.. .V....o.Rs.3...ua...`...-.#,..{....D..RI.....'.Y.....<~..H.(.).}...7...#w..+...g..K.A6...a....$.'....45.N...P......o.}4.<......'.@py....U.......V.yb...n......E.>.....Y..(.xZ..}...aFfuj.x.......@....#...g.T..<BwH.t...4..#.jN:.....KJ..M....\._..mx'..........p..i...W.H..JQ.y\|3vD.~.).f.....U....X..3.}..*,.>..c."9o.<...C.....8u..H.....a..j..Xb..n...mR......D..qD#...w....f.O.?...Sx..W......v.>7v...>..g.{.......S.~,(.F."o.d.L.-P..h...v...\.....5X.....=....z'c..^..R.{..<...l...-...>..X.^..8..`...%.Y#.....s...R!C>.W.$.........v.....V$.D~..<....%.f`.q..M..jR.......H,.[........M.'4.>...R....0....VL.2.@.},.=.B7.y3..f........31.z}8...j..y.$..........:...L..M..nz.`S..W.Q...'..|./..^^.}=:...((.~.{[.y.../.Y... ..F...7.W.u..@W..iC.._....N=.T....Q....{......j......r.O.!>..b#\..p.../............3........P...o.7.'.E.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\allow-flashallow-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):236
                                                                                                                                                                                                                                                      Entropy (8bit):2.9057414104026487
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:DD0458514C9A922B45DA6A8BEBE47320
                                                                                                                                                                                                                                                      SHA1:2CEE1D5BE670877CF360E47F82F7E172D73E5311
                                                                                                                                                                                                                                                      SHA-256:D27D5B27030F4725249377951BEB89E84A90A0E8241F0D5FD80EA59C1606E761
                                                                                                                                                                                                                                                      SHA-512:5CE1B1EA4152DEC52EE9514F75F5F6C906763E0830A5F8F6832BBD7E76E7B36C10D8C9206249D30DFB931547497F4768F843E4B00B84E2B21EBC2E36D24DE838
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1..............................C.X....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.....Y.Y....x............x.s...D.D..2X........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\allow-flashallow-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):69
                                                                                                                                                                                                                                                      Entropy (8bit):4.426757427947567
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:DE0D88480C24350C59E1E9A3583DE0D1
                                                                                                                                                                                                                                                      SHA1:4E3C279344CB37DEB5E893AB24770982DE135789
                                                                                                                                                                                                                                                      SHA-256:01BA9F0B913E04ED10BD7166796483DD4F72005F249D6EE68B12117BE4B5D3C7
                                                                                                                                                                                                                                                      SHA-512:F627C69598BAA9BC60B036CEA03FDADC8B4CC424EF8CDF93614275A336DE05A60961F5E77553226C99C29EC2932272AE994327A4DA77D75D2464F6722CB700AA
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ...5...8........G...r.E...&Y...Z.;O...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\analytics-track-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):555
                                                                                                                                                                                                                                                      Entropy (8bit):2.508914971811567
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:743B2FE12038C5BEC5E02FCACC0704F0
                                                                                                                                                                                                                                                      SHA1:287A08C13ECB77D8C1DA1A0EF9F80F8DD525A33D
                                                                                                                                                                                                                                                      SHA-256:3AF6AAEE5BC791D613BD181F1574CBCF60B18017DC7010F217F2F85501EC6468
                                                                                                                                                                                                                                                      SHA-512:53759CF4FE44E0EF6228D5A7CFCC9742CE0E46DFE711C55000982CECD82B6D4939B64C3B12F0E3BA13DF2FA0B4555086CBF211E9612FFEFC322DFF43BDD11FA1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.....................4.......s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x..........rM....x.[.t...........x..8q....P].usssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssszuw....c.D.. V..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\analytics-track-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9893
                                                                                                                                                                                                                                                      Entropy (8bit):7.980806462229225
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:24781E9CADD8978D382D863EFA7511FD
                                                                                                                                                                                                                                                      SHA1:0B86957E69E687365BD2763BC552B11214A6B417
                                                                                                                                                                                                                                                      SHA-256:FADC2B7156030B7EEC6D2E5C07D861F1F5A338D5F3A1D6D80F25B61DBFBA5746
                                                                                                                                                                                                                                                      SHA-512:738BDCDB304C7DDE797330F0ADCF083A3A3A48A3D21DC9F4BA8F6349972EBD0E16FB33896A96049CCE4DBBCD5050CBEB61D8752EE4DCDD2E868182A5AF63F686
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... .&...7n....~<.g94...f....\.~..s[.s..h}...W@hC..6.B|xoU/VY.p.....4...Z7.15.J@h...Q..x....k.?.{..B..w...MEL.{..I.>Bm..O.....E._A........P..o..'...3......iA.......u< .<4../Hb.cP.m..Ao..6\..$......x....`R=.(H.e....U..".'..0..a.%%b..xKgw......s.....]^...b.#...%...f...o. .[...j...P-.i'......M...XzZs..../..W...6X^.....eP..n.1..,..~.0.8...;n.u f........P..M.v6.(........W..;..UG.....u....R......~....-...Mm....cc...d.(w..[M....*....B....!....m.)..R.RH.b.Q.[...|...P.....N6.c.A.#.S.2H.2f.......~.8...-R.'._<X....'..`n.;...@.#.S.....GG..\..V4.E....+.G.\..........z.\...Bd..Z. .....=hg.Y'$9.u.1(...%]..S.b......p^C....).f.%.`......`....E...r/.....p..f...O.0..w.......Q.1...XB..........{^..R#]..V}.,{.u...C.Z!7./.c..=....$....2...f.....1e........}..........wS..i..0h..C.......!..f..#..$! ...3.|..4.^........t......H3D[|!3.A.....4AS3}...O....UX.\..k..|.ff.d.}.Z..d.s.:.........hUhP^:1....2...e.....kp.:...I.4I....E.v..S.i........K.*y.K
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\base-cryptomining-track-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):315
                                                                                                                                                                                                                                                      Entropy (8bit):3.2895000647960058
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D6C5C2E242DF3EC5FF8E17DD8EE15F73
                                                                                                                                                                                                                                                      SHA1:13F64EE01E7C32CCCD0BCF9B9D4AD999C3EFAF92
                                                                                                                                                                                                                                                      SHA-256:F0C6512E42F2732B3AA401F9AB4DF84C0A89C9755968B158796706A48B9F492A
                                                                                                                                                                                                                                                      SHA-512:B942CC3AC555CC087102E9C03D160F3F1C05060E849AB4BF10C477B00778902B2B9EC2CD46CA979C97F017D217B239585403DDBADC5305ED3CF703E0268F5EAF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.....................G.......s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x..........Z....x.[..*..p.-.....x..8.*...N(8sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss/.._....T.kt..P.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\base-cryptomining-track-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2309
                                                                                                                                                                                                                                                      Entropy (8bit):7.919149691706303
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:92F27CB70B8E274A9F1BA257DF6B3FA7
                                                                                                                                                                                                                                                      SHA1:3ADDDBFA5ABD87652CD92412424F049A392F9A45
                                                                                                                                                                                                                                                      SHA-256:4CE7C02EAED6B8CBA105197C061A8EBC64220F4AAC93CA8D49855E69A530063B
                                                                                                                                                                                                                                                      SHA-512:AD89DCF8ECB5E29466693842A0DA17AA1A80F44AFDB159AEC93C0243168CC08BA99361F8434DA566FD7AA18E437CE842518690F23FBE31BC445D8C78D23B1220
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... .....>.u.u......h....._.3..F.>..2..:.].\h_P..*....\.. p....X..6.E/lc.D.(.. .M9.4<..rk......e..7/...G....d#..%#..(....tp.....~]|.17....U.i...!..N^%.D..(.\...G.<...C.g..i.H.g..h..-l....=v.=#w..NZI.........Z..\_....w...!".Kcl.....U...r....l.Xe....4!+.....8.:.."...E+...e......#.8.....A.......<e. zUq..}.v#..U...r.XCP+.G..K.`..3h7.....%...Ag^....#..6.....m..$.&.dV.&&.....S........rr&oh.kB.].....':.^..<........r..w...D...q.?..,C]a4.j4...j.Db&..i....,4W.t0..3..&S..P..YNb...~..:9....(D).C.6.B..^&U..k.."0.aX........I.*.?..X.._.F.t._K.JK....[..S.C...TBF....|=.v..}x..;.B.%..s7.Q..gD...X.. ...j.^.D..c.t...6G...G...:..Z....gFs.d.cz.....2A.zG..E(....F.J..]..gPYS..W.s.]....Jr..}p@A._..>...fG'P.......]...N.<..1..i:m..t.W...D.;_*.H....VY^....U.l[.^p-..}sO(..h....<.#X. ..8Ex..X....n......,.<.L.$..]I$.]Ja(>+....B;/..9Z...;`UI.9_Qn3.tE.&~..tCm.2....I.!....6g.dS.....I.B'...*.t..A.......3.._d...2G.%a.....F.n..CD=W6u.d...;.f$....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\base-fingerprinting-track-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):340
                                                                                                                                                                                                                                                      Entropy (8bit):3.2016900246562785
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B69C938BA6755FDE4CCD258CCEE0645A
                                                                                                                                                                                                                                                      SHA1:39A0B66A65B83F92E5F8E7E02D942D1512B01CDF
                                                                                                                                                                                                                                                      SHA-256:82C161C7DD814A0BF76E6B3612FEF90B849AD7F2D4E86847B6A0525E560EB4E8
                                                                                                                                                                                                                                                      SHA-512:3B6BD0743C36CFB3F9003676B71AA9363160D06BDB902ECD49175CA1CB1FE3CADCC7D1E358049AB8FC5AE82AE16AF9AA27333728F3B2788FE873A5BC279D8E57
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.....................`.........._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x....-....#.....x..u....~!Q.....x........o^!.....................................................................................................&...G.G:.N.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\base-fingerprinting-track-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3109
                                                                                                                                                                                                                                                      Entropy (8bit):7.939681877093555
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5814755EA2A61AFB74385A25828AEFAD
                                                                                                                                                                                                                                                      SHA1:1D8FD312F767E5BD85DCA15D7EDD233DCE899E5A
                                                                                                                                                                                                                                                      SHA-256:9CF7CC073B7F12F4885A6471A2CD6FF3DF3765C52CB513DB38E54F065FBECC21
                                                                                                                                                                                                                                                      SHA-512:C375D421436FF253441F15A17F3F300757096ACF2F6BBB8230382D044A10C40B52AFFE62528F9F494F04A90AA9E0C9801BD7587663DA81505223841E44373A8D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... .....7n....~<.g94...f....\.~..s[.s...w...MEL.{..I.>Bm..O.....E._A.......j......r.O.!>..b#\..p.../.6.-[g.....Ywd.A...F....../;. ..v...3S.N!..x ........hl+.........cc...d.(w..[M....*....B.....N6.c.A.#.S.2H.2f.......~.8...T.D.M..1..L..+`u.=...,.B..x[....Ik.E$...X..6..dx"....B?.......a..CO.Q....u.^...$.../...h'.~.....y.f..P..$5l....Q. .......H...Tf0o.0.......O:?"..f..^.Y.l=.:..e...Tu..@...0T-)e.!g.....$;..KDn..m..o.H.h.=Iq..(H.q...3..e_.@z.aM..u.....7l.]..Z.v5G5..%.B..[...4.d..s..0S.Lxor!....A.5p.v.0>9.q...D"<..2ow}qr..{..O`.~...^....2...l..3?D.....:s..Y...+.w'.N...5....'..x..8..o.<.A?...R.......7u....8.f...N20[O.....a...G.^...9;.-....r.&...H.....p`.......[.<TjseH4.&..4....W....=).rk$...w@9Vh$......Fl......Y....uh.bY`Dh...>.....5.'K.S.....L=.._...D..y.#.t.w.$....h.@%/6L...&..K.N.je.d.e...IY-V..*_.3......f.8Oi..t...h.M.;j.!.P...!/...Oat\.P3Z..r.+.K`@G"Hy.z._80.9C[.....P...u..Ph.`...S,...M...\..<...S.B....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\block-flash-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):451
                                                                                                                                                                                                                                                      Entropy (8bit):2.762437351902749
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9F6B331AA1E070DCFEED473E76CE56C3
                                                                                                                                                                                                                                                      SHA1:6A396EDC736905CDBB89DEFDFBBF77CD175D0756
                                                                                                                                                                                                                                                      SHA-256:7DBBEA2DD387EEB85E1F56E02FC9989ACDE570CD43BFEF2C2A827093BA87DA6D
                                                                                                                                                                                                                                                      SHA-512:FEAFB312E3401E5230123573887FDBB78FF419B2B10FD282D143D9669481ECE5340DBA9C522F1DA0B6ABE507297554B1BCB7601ACF715C091BC39426F8E2C0AC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.............................s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x....V..7.L.....x.[.tX..7q.l....x..8qX...(u@sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss.w L...*9.m L..$
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\block-flash-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):6661
                                                                                                                                                                                                                                                      Entropy (8bit):7.968273100820598
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:130B9AC2BEEC5ADA274561105D81AE36
                                                                                                                                                                                                                                                      SHA1:85A4785B34BB151DA41BC0DFED380CCEB7A29983
                                                                                                                                                                                                                                                      SHA-256:7D99FEC08182A5B95D18D1569EDAA2C60C2AAFBD15A56D8882F22F3B395E6460
                                                                                                                                                                                                                                                      SHA-512:CBF32630BFE48FE6DD0E815F2E9752CA75C066BDFB5F12941F3278883B0530F1736B2D179801AFC7AB4680BE6CA9976C6E2E3705147D95503EF32CF730194631
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... .....T..]..h...........t.V..@..'..hy..../..s:....@R$.Q...w..V.....Y..1...c./!>O.3!..2...f L.x.6..&F.}......ez.N.R..j....3.;.i....t.J....b.n...5aL...../....dm....5.S.k...y+.....T.....Q>..-..nj.p..z....g...^*T.........`.t9..(...@..'..u.8v%.d..^....Z>Z_.b.[).B!/..U.W.y!.G.u....@..WG...PAG.I=tsO.......`.N..f?..G....;.c.`X....z....j...K|.j....A-'v...].]-.....Q..L.4.J.{a...!.-#...7.b..\h*.4.~..=.f..{B.7...Bx.K..@.v...76."..h..;..Q.......!.<...Bd9I.....M.B.*.mFYTJ..5..yj".T.......... ..'.',1...D......".L/......e.Y.!W..C..W$........8h.A..Nr;}m.[..6n.ZkJ.....2........xn.*...,..8n..*-E.....s.|.N..2..Z......C.EI....21w.l...Q.p ....f...K....J..+.C:...v1...jo.7.......C."..c.].,@.....u.}.....~.w.e..r..T..=f...,...A/...:._.o.y.a.....(D.E)..Yhq.P..-.M.K.4..g........,k=.....ovI8.>W3..........F-Y...R./...xt.k..U.1.m.N.f.{....M.p...?(.3.a.m...9.~G..l.!C.Vk...0]k.p._...t.s@.g.gh...."|.?.....O...+Z.t.......c.d.O.."..9B.G
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\block-flashsubdoc-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2576
                                                                                                                                                                                                                                                      Entropy (8bit):0.9265903955490635
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B9556D03AFF392142AD5691D2F867310
                                                                                                                                                                                                                                                      SHA1:CFB48C873E3F7E21B441BF2B435EDA94A8460D32
                                                                                                                                                                                                                                                      SHA-256:CFD3909B41C1EE3CBCB8B7D2B1378065E7D3B543FFF1F2FB7A4F25C5FF41722C
                                                                                                                                                                                                                                                      SHA-512:B2318B55D2BE8F6143535A0C948086D8633BCA51B0E01413939A8575FCB54823FE6F48EA4A82F64342C6AD94CF30240AA39776D20430356400BCDE9797D4FBC8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.............................s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x......`...Q0.F.(....kIS.....x.[.t...Q0.F.(...`...G..5....x..8q...Q0.F.(...`...v...sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\block-flashsubdoc-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):73413
                                                                                                                                                                                                                                                      Entropy (8bit):7.997815266037866
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:40165280FF1345B5241EC2A9D1DA2AF0
                                                                                                                                                                                                                                                      SHA1:C49F9172A6BBA2DC4E91FA97DEFD161D9E87773E
                                                                                                                                                                                                                                                      SHA-256:F80BDD5341D8B1EE946E344E258EF2D35C3C0BB6B13EB7B3E6A77467DFA8B97F
                                                                                                                                                                                                                                                      SHA-512:B5EC96E5F786DE54976DE804491AAF01BD79DD48D81EC81E1A9D32157881B0E7690D3608EE18E60E4381291A1C179999F40E0B98F9483519084DA268B4904C8E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ......0...6....#....O......Rg.m../....Nt.*HO5..*... ..UM..7<.......R..Cl.&/ZM....L...n..9.k.7<....z+...m....S..5..6..H.e..B...Yo..V..}B1.1k.........oS...y%..a{.{..>...M.3....[.THR..>....b.K#.... ..!D.n...}...#k..N...q#..QD.:..",=(.....l.......7.O....*.q.......A-@..R.,.m.....4...Z....]..v..M.&.t...C.D.PA.h........AS..F...b.. .V....o.Rs.3...ua...`...-.#,..{....D..RI.....'.Y.....<~..H.(.).}...7...#w..N...P......o.}4.<......'.@py....U.......V.yb...n......E.>.....V..<.>>....r..In+....v. :L.~...Y..(.xZ..}...aFfuj.x.......@..h}...W@hC..6.B|xoU/VY.p.....4....#...g.T..<BwH.t...4..#.jN:....Z7.15.J@h...Q..x....k.?.{..B..p..i...W.H..JQ.y\|3vD.~.).f....)Z.ns.@......O..F...c.9[x.p...U....X..3.}..*,.>..c."9o.<...C.....8u..H.....a..j..Xb..n...mR......D..qD#...w....f.O.?...Sx..W......v.>7v...>..g.{.......S.~,(.F."o.d.L.-P..h...v...\.....5X.....=....z'c..^..R.{..<...l...-...>..X.^..8..`...%.Y#.....s...R!C>.W.$.........v.....V$.D~
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\content-track-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):735
                                                                                                                                                                                                                                                      Entropy (8bit):2.082024281531153
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:2BE5027A476EFB5FE011AE8257E6B428
                                                                                                                                                                                                                                                      SHA1:12B6EA060E5523E364FF4E82320F236E8B38490C
                                                                                                                                                                                                                                                      SHA-256:26D0EF7103DBC0516ADD2DA8029CA43567B98BDA1EF8D8E4CDA42F09AA9A4B36
                                                                                                                                                                                                                                                      SHA-512:A6DB3CCE3F6A408F4996A0E61E07878D1A02AB8395E7A5E9B2B26B59525134D1F082E823604BF86EF8BD1146C0F23240B1005A776A49525BBE5AFACA6C81F7F8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.............................s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.................x.[.t..{...x8.....x..8q..{......sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss...oQc..F.p.T.'
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\content-track-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):15557
                                                                                                                                                                                                                                                      Entropy (8bit):7.988706247065614
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:46570ED357823DBCD891F62E25655E02
                                                                                                                                                                                                                                                      SHA1:7B407DD47A9D9D50A2A87AA1090C2FF794EA08AA
                                                                                                                                                                                                                                                      SHA-256:DE82BA6C7316F5719EF896BA4106EF09F2CDE331745DC8C9AC8A06625607E456
                                                                                                                                                                                                                                                      SHA-512:CD3F63770B09FA48DFC5F6317360A2AB577151846689B5DEEC4F90C628857878D96370E05CC6594E12CDEEC4BA025FF208E0CE6B963A3DAD6169CC9D7CFBAA7C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... .<......Nt.*HO5..*... ..UM..7<.......R..Cl.&/ZM....L...n..9.k.7<..a{.{..>...M.3....[.THR..>....b.K#.... ..!D.n...}...#k..N.....Z....]..v..M.&.t...C.D.PA.h...V..<.>>....r..In+....v. :L.~....)Z.ns.@......O..F...c.9[x.p...6.C.Q...x..>H... .i.8P....^..=.......f....i....x.I..|.....vr .=.0N....1.......rC.4_[)|.d=.2...m-.%.=....!..Q.........jB7.....95....;.$Zxu...p.N..f..U.J]....2\. J.?....K)$...+.a.. .5h...?S&.5C...${.v.....=K.B...c..L.4n.V.0n.........r.O.h..O#/......,..r.6.C9F.......6.;Dq.p...[.A`6.?...g.a.z.=..Y.m........aQd....v.~\`..8.b.....:..D.Z.m3.v.......<....V.'..Q.%%c.KB.. 9.l.jvp.\......_.1..t>.)'....._...B["fh.X.........O.V.L..".8....Yt..Gp...cr..L..A\.**?..a...g...$.uN<...Gh..*J...<.03...X.eA..C..g......e*..oH...p...Q..`%..i...qz.E\8...M.N....Tu.|^...l.ti..pf.......(;:.T.....B.qh..d...va......l.$X1J..{.e....ez......u.v)...Z6O..bB.B....._.k.Y.y.i...7.G. N...q*...G..........2?|......,.rt.r......e.O>Ic.D.I...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\except-flash-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):240
                                                                                                                                                                                                                                                      Entropy (8bit):3.1762064368646667
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D5D6B4D59B4AE4E2DE4B40D0DA083571
                                                                                                                                                                                                                                                      SHA1:9D081D78F51273EE6E6D1E1952B351FC98AEBC4E
                                                                                                                                                                                                                                                      SHA-256:000E3A78C72A210CA3B5417A3CDD294FBCE2A31661601C9D594C75CF2800571C
                                                                                                                                                                                                                                                      SHA-512:28C0E46F591D73FA33F1B04F870B480369BEFF1065C377EF7B56953CCCF8C1517693CBC6CA9B92421A0F620C3C4BDB6F1FFF047A2DB525BC6B6EF97509035D55
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.............................s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.............x.[......K....x..8.....#ss!~qk.1..b..4..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\except-flash-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):101
                                                                                                                                                                                                                                                      Entropy (8bit):5.4498755917685076
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C2994D388F8780C87D35C352D9582985
                                                                                                                                                                                                                                                      SHA1:B4E9ECDF3ECCE53F072B7CE9E695FFCC17EA9F76
                                                                                                                                                                                                                                                      SHA-256:7ED09F7D2BD632F70077A4AE4F2BD2F3FB654B03CD72652F51678B0C7D027F25
                                                                                                                                                                                                                                                      SHA-512:60EDD83F6E0FF782AB251579E0F3C113D3D5FFF7BA7F3A8900CD4FD6BC7271921445E94B53073129DB9529F0210750615318348307DB650FD11FFAEDAEB7BD15
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... @...C..8.r..M.'j....-...~.B........_.P..........X+.s.........cWn...\..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\except-flashallow-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):236
                                                                                                                                                                                                                                                      Entropy (8bit):2.9057414104026487
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:DD0458514C9A922B45DA6A8BEBE47320
                                                                                                                                                                                                                                                      SHA1:2CEE1D5BE670877CF360E47F82F7E172D73E5311
                                                                                                                                                                                                                                                      SHA-256:D27D5B27030F4725249377951BEB89E84A90A0E8241F0D5FD80EA59C1606E761
                                                                                                                                                                                                                                                      SHA-512:5CE1B1EA4152DEC52EE9514F75F5F6C906763E0830A5F8F6832BBD7E76E7B36C10D8C9206249D30DFB931547497F4768F843E4B00B84E2B21EBC2E36D24DE838
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1..............................C.X....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.....Y.Y....x............x.s...D.D..2X........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\except-flashallow-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):69
                                                                                                                                                                                                                                                      Entropy (8bit):4.397771920701191
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:7194B6BFF691A056852A51E2E06CE8FE
                                                                                                                                                                                                                                                      SHA1:0ADB901D9E202EE31CE6A8131FF15E5ECCA834F7
                                                                                                                                                                                                                                                      SHA-256:CBE2DC6ABFE25BEAD60F4DFAF419FC0F441FF8A8DD4A2FEBF5553BE1CBD90C49
                                                                                                                                                                                                                                                      SHA-512:B0D8240050A25B2AB754E8F260361298D0017E3A938E965A34B6DB072380CB6167C4FA5E0C2293B46B1135207CE9242CE1441B77AF8B07A3212A49000E8BBD36
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ...U...f.....aJ.-.....b..rE..{.......
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\except-flashsubdoc-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):244
                                                                                                                                                                                                                                                      Entropy (8bit):3.2519358217373795
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:22698B4CF784DBBAE2D583F00491D43D
                                                                                                                                                                                                                                                      SHA1:BA29858CD3239E1D788AF4F89542CB195D919B5C
                                                                                                                                                                                                                                                      SHA-256:3849563088AE0677D61702A1310FDE26DE5DDD846D53037222D3EFE012197BF5
                                                                                                                                                                                                                                                      SHA-512:D10C140FF5DF88E4A6BCA244248CEDC7D82B1061E24EC614993457F71F30D4277DD9525636B512088E6572C2F1C15F1932F5244325A3C50B60701B194226B725
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1...............................yZ....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x..............x.........l....x..u...........6.e......u.. .
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\except-flashsubdoc-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):133
                                                                                                                                                                                                                                                      Entropy (8bit):5.930833563368576
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:0C0D67875BD75A0227C02DD8529BA01A
                                                                                                                                                                                                                                                      SHA1:2B12EFB5E31BDAC680B6283E2585EEEA096FE73C
                                                                                                                                                                                                                                                      SHA-256:614BE0169EC36E67223EB9645A98DA66DBFDE5DFBB89BB064F428AAEABDD9D97
                                                                                                                                                                                                                                                      SHA-512:8FB01246C4B7B4A2CF0379F931E0CD3EA5A32781078EFDC4C4A5AC3BC496697957F6D15A0B6DAAF562E48BD1B1FFBAFE0583C59962689B030C4C5543CF8E2CE5
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... `...#...).=..HZE.E.........9N..u3.....?\.I.u...Mk..<.......Ly.....J...t...{.6w..y.m......Xj....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google-trackwhite-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):46359
                                                                                                                                                                                                                                                      Entropy (8bit):0.098474398358665
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:FEC9BC354A7EE92C6FEEFE63E6B0FA26
                                                                                                                                                                                                                                                      SHA1:86BACB7F91F35422B67838F1561DB370F1D12BD8
                                                                                                                                                                                                                                                      SHA-256:258EF8E6994A09FFB54BD0D5AFEC97C13C31F2EEFB7FE90A2A4C487C87817519
                                                                                                                                                                                                                                                      SHA-512:C40FEBB9C732A4AC9F8261BEC828F732E112186566796D35694BFEC9CF730B2B3B359CFA731C829D9DE37BF564A3D6A0F595354C5A764F874045BA2D780A61C0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.....................{.......s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......D...x......... ..[\..U.............................................5%p..D...x......... ..y^..U.............................................5(...D...x...1........[..@.............................................5....ssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google-trackwhite-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1470341
                                                                                                                                                                                                                                                      Entropy (8bit):7.999856977332897
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E54E5B84194EEE15E64D2A03F1136BB7
                                                                                                                                                                                                                                                      SHA1:308413C74A49AF1A575BC6F64FEA33F9AD2F220D
                                                                                                                                                                                                                                                      SHA-256:07707B589BE3DBA3BB0BDAC67760A2B180EA3531E9D7976B73E4C1D8DF9DBB1E
                                                                                                                                                                                                                                                      SHA-512:F3BAE1816DB808C69871BD1A059236BF57982E90DA5706ADCC3359A200F1EC2C529BE516BE629FBDB5E7DA8C3EA80000815D99C8C2C347440CACD9237BDDD3B7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... `o..........Z...u../.V..b....j..c...a....+.L.......{.C......m.....b3ZfT..A..9%<.t...r.)%r)6.?<...^.j.J.uE.K...V.A_...*Dq.5......W......igI..63@..?G.H.:......5)..>.^.nY4.=..B....p..._......TV8.1..h@)..N.5.J..._.:BcT..#-bQ.b.y2...B........i.p....oR..S..q.z.4qF...Y=...lJ.?.F.....w/C..n..t...p.EM..F......[..OGrs...g..\...J.+5.O...D*f.|2..jt.C..5.%X.....0.o{A..[...g4f..#,4.=..x..st..JhB$vE..K..b.c......EK..&..6......Y|2U.,t.h^.J../f.uT...O..c...i.m..2@...'.o5.......}y"+..".1...O..q.Q.B..V........9....d....5...6.zc...)_..jq....^%....;.LabZ.v{.o.y.....fHk..A.,.Q.3Z....em...%..G.\... ..*....s1\.Z...3.....D.&_=..U|1.D..|(+#f-..*..V;_.y....U.....[.0.M^..1.fMw.-..7{p..Q.E<X......L..$.6.....................a...'&.k.$..#.Y... -..W..(....R...JB...y..3.....R..8 Tl....]y.%_.Q.|.9.$.?.ZG.mx..%.9]......6....!.1(..b.2A&.4I}..Ie.n.....=..].v.U/...7..b./988.%.o..U......HZ...#._0\gW...c}.C...y.(.0.7....U.sqv.=.......D(...".`...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-badbinurl-proto.metadata
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):134
                                                                                                                                                                                                                                                      Entropy (8bit):5.435273332151942
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5D000524469E3E0B3FE57FBC8691D5D8
                                                                                                                                                                                                                                                      SHA1:41C1256889E6A9E5240F7367627150174B1026D4
                                                                                                                                                                                                                                                      SHA-256:1BCA4DA99BA8922B9DEDE215CABFE46CAD10F03A3B7271DFE4FE45A43E02934C
                                                                                                                                                                                                                                                      SHA-512:BA48A7D70FB712DA5EEA76D27E99080E3694BF8E8EC0387306B382BB72203406CEDE190A11F9655D2DF4FB6AB37EBCD5EB528D40AB4986F01579B764D9629907
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............".0010.........d.c ...8..{..0B..jf3..x..c.\@Q......v;.............".0010.........d.c ...8..{..0B..jf3..x..c.\@Q......v;.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-badbinurl-proto.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1180184
                                                                                                                                                                                                                                                      Entropy (8bit):7.760879458206802
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:30E95AE15980703606841D0E4F7187A5
                                                                                                                                                                                                                                                      SHA1:278648B9E70147818F22DA194E1FD36AD42CC3E1
                                                                                                                                                                                                                                                      SHA-256:4E3F61B5C08C091B3CB49825EC3462FC72E9D92DCB1014AD0E740B8441EAA28F
                                                                                                                                                                                                                                                      SHA-512:774558697F9AA70D8A940A50FB68628A3D4C2BA5496E3EB3CD4D6AC3B161CF8B0A191B4E68489C744EBEDF5059962EAC53E3862D4A447E7F55B2C297B5A3DDF7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 5J.6........@...6 ..l-..Fr.... ..B+...B..._.Oxa.g.}.....~....2..?.."W..T...7t...`.......{#...=...N.&"T...l.x.y.`.|......&..bz..........=.......~............2.......s..0.$..,..TC...a...l...{.>Z.....5...Lx...o.......'..}.....%.7.@...G..J...K...V...d..nj..{u..Iw.\+..Z......!.......&...X...".%.Q.-..H7.L.<.^.>.U.G.}5N...\.WTi..N......}.......ho...x...u..j....d.....f...p........$ .w]+.e%-.q.3.dQM.H.j..Zt./O...........9P..........A...-....0..R."..y1..k:...C..._...}.7)...........&...#.......)...........$)..0...:..A.^QN..$S...Y.({Z..^\.u0z.........j*...7..v...J&...D...F...l.....`9.......+.\%:.Q.K.u.h.........z..O....\..i...`}..g$..........gV...$..lf.... ...+.z.0...7.j5=..r@...[...t.....c..d....;.........vF...&..+X......p..[u..Q.......H...x.#...?..q@.4.K..cc.A4..eE...t......%...0..J...R8......)......I....^..6...>>..GY....(.Vn0...1...4...D..-P...\..+k.Fsx..X.........<H.._q..b'......r........o...q..,.(..1.>.3..g5...>...B...G...N.E"V...X.{.f...s...z........s...~...........C..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-downloadwhite-proto.metadata
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):130
                                                                                                                                                                                                                                                      Entropy (8bit):5.296809975201839
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A3CF210B9DCAB8638BB557F1250EFA46
                                                                                                                                                                                                                                                      SHA1:0051DFD1D4C96D34832C39D81991D5FBD781DC6B
                                                                                                                                                                                                                                                      SHA-256:BB38A1A8320D3C4E67D591F07B6A60EC15CD925339ED93B830BC38A97DEE4FA6
                                                                                                                                                                                                                                                      SHA-512:D45B69FC2F187BD92E67BECBF45D176285B335A02ED634DE09C5499BEC4C1AD1FA750C1FE9ACCE1C1ED4085B63AD22877B9466D9FE845F69A9A1FB8220E5F7F1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............".0010.......'... .....O...L30q.Zs'/QI../..%.4...C.............".0010.......'... .....O...L30q.Zs'/QI../..%.4...C.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-downloadwhite-proto.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):68106
                                                                                                                                                                                                                                                      Entropy (8bit):7.99456579554659
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D991175CA1BC29A6C997981FBA795747
                                                                                                                                                                                                                                                      SHA1:4BE5F362934764995D5077D3D711E6450B83EFC9
                                                                                                                                                                                                                                                      SHA-256:E1228F4CC079240F38A42A42182D6E66466D85C8DE1655245595E1A879E98D0A
                                                                                                                                                                                                                                                      SHA-512:EA9B67AA4E22D7C0A24E21D6E097658BCDB09BDE626BD0C067DA11323751ED9647A4D44D645C9D69F7470E25537C965F3AE1DD8120BB2C014C7B60A39E803736
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 5J.6........................ ........Nt.*HO5..*... ..UM..7<.............~.'.....V.W..;B.......ST....Fv.^}@/3w1@..U...wWG.(.....V....(' .J...w....&1.D......n.&|.J=.......=...`H.l..G......... ..R..P.wS6.....\.D.<.....2..zH.dL...i.W..2.......%...2p..j<q......I..M..H*.O_.i...p....B..)..m..Oty}...`.f.l.4.^...%i..d.lZ.$<R.W...J......j.....a..g ,G".1...~.>.x.....7....J..@!t=..b..Q....;..l%8|.n.......2z.%..;..3J.;..S...VV..[.........%,....Yw...{`X..,._........,..V}v%G....D.B...)O....m_.....J...`.6..._B]..;....?.$@v....9.fd.ee.O.O.e..L..5[..?....?..y.%..g....~8.B..p!.$.U..Af..F...mu...(....D..!0].A..l59,....aa...T...QI{(....R.<....u...b.cQ.iJ].....mh.u@..G..D.|FLz./d=...U.K.p.}.9.U|Ib...(n.y._..9.d....OC.....b..C.A|.8...\,..s....L.`f.....e....g....C^2.....:...V.../J....c..fPB&.t.....Xd..`+..'....z_.[.......,....b.z9.[......O&.1%.7r..=}.*....c.5.......!.m....h}.h.u.l)......tY..F....o|......K.......S....C4al?.B1..c......t....<H./...0.n.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-malware-proto.metadata
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):134
                                                                                                                                                                                                                                                      Entropy (8bit):5.39266507883443
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C3179391C1923F6410F3D21FCDB658BA
                                                                                                                                                                                                                                                      SHA1:FA2EA55AF0E9433ADCA7EF13993E19281FE133AD
                                                                                                                                                                                                                                                      SHA-256:96589B1B95C0955C1E6A26DC7ED88D048701C0E5E7A2FB13E1DB66FF9EBBFC8B
                                                                                                                                                                                                                                                      SHA-512:AF9D861B0F40B5FE5E3EA14D85F3DC887B81090467B3A40203C7A73A00BB6519FAA56557F1D674ECB5DB7D5CA16F21B378BDFEDCB60A45ED7E9C743B3B9D8FC2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............".0010..........O.. ......t..0...\g.........n.?F..-<............".0010..........O.. ......t..0...\g.........n.?F..-<
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-malware-proto.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):233752
                                                                                                                                                                                                                                                      Entropy (8bit):7.998409747780147
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:2B53EB33A95BB0581FF072B38CE24D21
                                                                                                                                                                                                                                                      SHA1:D163800AC352E70E7AB8FE7F9B4DB09534509130
                                                                                                                                                                                                                                                      SHA-256:8128501F3F2BF45AB82F2D2073F9B3C9B8689F374E5A82547725C95130CC2D4A
                                                                                                                                                                                                                                                      SHA-512:FF06A6E709F2B0DBA70F6A102CD396FCD25D7F7D07F1B7CFF2F290BBFACB126A20C18EF39F1E7C044A38D2F4E8000E4BA7BCDDE9279B874D450871FFD7132288
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 5J.6.........r.........."V......d...........2......^q..RH..MT..........................a....#.Z9$...'...(.....[.2.W.4.n07..>..^?...A.<5B.k.G...I...L...M.p.M..hP.=_Z...Z.d.[.w.\...].3.^..a.Fvg.&.g.Jvh...i...j..&j.4.m.FTs...{..?..(r.......A..(....I..$u..c...}N..g.....la..U......AT...3........ @......7......J=.......r.........K..v............S...........u..<...{`..........RJ..r....r..{>..C....U.....C....}......R9..#....g......t....\...e.......n..Ay..61..og..L......SL......4...r. ..J#.CA$..f*..A,....../..#9.?SA...G.f.G...M.".O. .P...R..nS.{}T.y.T.v.Y.c.Y..r^..+h.<.i...l.N.n...n.7.s..nw...y.!.|./..........`..M....x..)....,..$......[....G..q...h@.....................K..pd..."..v..0l..A.......X...N...{......\/...h..............=........+.._r...[..*D..1....2......{l.. ..../..........U................'...@......y...q....D..H...S........+..i...........,....c ..G".'h#..U$..s$...+...0..A2.. 9.s-:.x_:...;...>.G~?..@C..0H..dH.._K.)'M...N.S.Q..DU...]..._...a...a...e.|.g..Bh...k.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-phish-proto.metadata
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):134
                                                                                                                                                                                                                                                      Entropy (8bit):5.356988070990204
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:8A1488006385AD930531473BFEE1A75E
                                                                                                                                                                                                                                                      SHA1:59CBB876FD068D07F96FAE5EDA35EE8B777078F0
                                                                                                                                                                                                                                                      SHA-256:801C78C0E169C985702871C989800172966CF4A1784B69C9A4C0CA26D9ACDD64
                                                                                                                                                                                                                                                      SHA-512:6CE89F815B32C1472738703FF2284FB1771F61DC7026085CF142E39FE53542A30A728EFEDDEA44AC859230C7104245B23169AD916A2486777B7C45EDCE40129D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............".0010.........#... ...0.N.B3a.b..e_....H..\3a.\.|.................".0010.........#... ...0.N.B3a.b..e_....H..\3a.\.|.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-phish-proto.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):13951588
                                                                                                                                                                                                                                                      Entropy (8bit):6.680266064081218
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:F8B0DFE9F95693613148E208FAE50A65
                                                                                                                                                                                                                                                      SHA1:F9DDC1BCB454D88A27F77ED53439C8F601C84463
                                                                                                                                                                                                                                                      SHA-256:A2C1ACC3CB3E99FB88F86B2FFCEB3F2BFFECDF3113BE5ACEF2B2E8534F3D9289
                                                                                                                                                                                                                                                      SHA-512:0513677E6D8B1613036A0129FF6B8DF3A98CA10C139E78169AB4FA7625F760B98A1F3E310498F850CFADD1ABB028DBA2EA92E004BFD4B9D8BC3FD88A38865420
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 5J.6.........m....3.....67..r........Q...7...C...e..........D..../...Z......LB ..."...$..S'.(.).0.+..)..L(0.}.2...4...7...9..s<.[}>...A...C...F.L.H..J...M..5O...Q...T...V.,.X...Z.Z.].w._.4.a...d.y.f.t.i...k...n...p.K.r...t...w...y...{...~.d...........M.....X,..w...\...x..........{.......].......f..p......j...)E..t...`N.........8......t..4....v..j7..2H..w....|.......}......?1...I......c6..wj.......;..i...=...=v.................m[...s..O...i...'l..r.......K...........J...s..A..................D, ...".zk%...'.4.*...,.. /..p1...4.D(6..\8.B.:..O=..?.].B..xD.3.G..8I..gK..jM.y.O.vhR..&U.}.W...Z.JK\.4.^...`.}Cc..e.7.h.k.j...m..io...q.V.t.&/v...x..>{..i}.:...>..:%...i..<..X..............&..Y...~..........s...7..I....p.....Vr.........d...1A..z...P... T..........<x...]..........Cc......9...K...p...yV...........e..:......./D..g_......j...........(...>....@...U..|................W..h........z......j....0.......N..}6......g1!...#...%...'..%*.o.,._&/...1.a.3.<.6..M8..i:.vs<...>.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-unwanted-proto.metadata
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):134
                                                                                                                                                                                                                                                      Entropy (8bit):5.524825570957912
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:053C03919A058E792E86DBC2DCE3CED0
                                                                                                                                                                                                                                                      SHA1:732A59FE0150B393209B6A85CC9F1690A5A77E1A
                                                                                                                                                                                                                                                      SHA-256:981C379F858EAEA22C28046EF17EF9175FC43790663C4B085626CD248119C670
                                                                                                                                                                                                                                                      SHA-512:FBA5FA2F720B389A90B2AA191CFFE50125EF88175CDF1A7886A5ABAAE1143E06C5FAFB07CE48DB747E455CFFF50DD120ED274536BB91625E08C0A7833759A0ED
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............".0010...........JR ....]...sq+..>.I2JO..r+n....EE*..............".0010...........JR ....]...sq+..>.I2JO..r+n....EE*..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\google4\goog-unwanted-proto.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):114968
                                                                                                                                                                                                                                                      Entropy (8bit):7.996735848112569
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:3EB5857B7FE33BD64616A08041FF9FE8
                                                                                                                                                                                                                                                      SHA1:3AB9B003DCD05ACF6CC6B28046DDA140855F11CF
                                                                                                                                                                                                                                                      SHA-256:0136B748F02A79DA68C4D46799D0B78A320811CF311B4C259A3D75F66D3CF3A5
                                                                                                                                                                                                                                                      SHA-512:467572457743A87ECAFCF2E16EE61DC56C0A3B450C0BA75E35E55D227871E68166CE48186396EBB4DEA12C6FFBCA58CF4C619C7DD8F7EE8C7220D42CF4FB1B64
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 5J.6.........8......o.......a.......{..................P....P...>#..\$.6S%.X.*...0.%^2...G...K.~'M..,M...O.N.Q.6.f...j.y;n..Qq..Sq.T.w...{.`,|.7.}.A........0..........j....Y.........%.......g$......G...7;...*...........1..........A1..P.......Wd......g....$...........$...Q.......*..b.!...&...2.%?4..w:.&NE...R..T.R.T..\X...].d.e.^.g..h.khs..8u...x..0...........f............p............|.....@..E...&..m\..8...m....*.........0A..u:...3......I.../=..........;................{.........[...........n...S."..$$...)...*..B-.../.^.;..(@.<{@..zK..)M..8N.=.P.J.Q...Q..U.#.W...\.L.\.z.\..._...d...e.$lj..~j..ek.@.n...r.0.s.................F........nK...b........er...........>..5...m..8b..r.......-......Zw......D...c...9[..~*.........]y..|........ ..8W..D....P...C......%T...G...X..(...+*..E...n...........&.$.P1-.%E0.@.2.2.4.%.;..HA...B...I...M.:.Q..].u._.H.b..kj.5.l..F..._...X......o..C.....#...?...@t..T..............d...=E..............M...7........8%...%.w"*...9...>...?.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\mozplugin-block-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):338
                                                                                                                                                                                                                                                      Entropy (8bit):3.200405177181756
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:519BEB1B01FC355BB388F1F75BE997FD
                                                                                                                                                                                                                                                      SHA1:9220887E0E3B09E8E6BC7765BE3753C9ED1182E5
                                                                                                                                                                                                                                                      SHA-256:FFE2D3077B81AE6F51B220C1C661B276C823FA67DAD1D64FC5F17249FC54BDC0
                                                                                                                                                                                                                                                      SHA-512:D6C8E0EE98CF273C8BAE00C973DB00BE848CF7390E2EC2BC1F7F1C05E45B47E448A76B7100D8FC48BE1127C38BE16848E389A77E07BFFE2A315C1A8D5E84864E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.....................^.......s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x....%..y.".....x.[.....>.<.....x..8......5?ssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss...d.ij......j..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\mozplugin-block-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3045
                                                                                                                                                                                                                                                      Entropy (8bit):7.93379571213243
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:FCC9C2C9B611A3264B68EBE180EB4248
                                                                                                                                                                                                                                                      SHA1:50D1A83CE69BB20D0D98F0CE80FC8DCA44E054C7
                                                                                                                                                                                                                                                      SHA-256:6ECD378A537EEFE350B45CFA353741383F407D99D776BF23155A7825DC5DD2BC
                                                                                                                                                                                                                                                      SHA-512:5A5BE2CA3DFB29CAB5E9BFBAFAF173105E4CC1A79DA6CF663CA0F8F7BF109A5B42A4CE5665150A97CADC22865860E0E6F8C708D83E5AA01D6211A7664E10D249
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ..........p.....a.....J.B..gZ...........+.O..!l$...K...aP....C.5.....;..t7p.'..qR..,....x..lP..Z...1.[.8..^...x.T)..}.Uj2.t..._.B.......1.f|....;.m..i.........Q....";...'N..o>....UD........Um..Uz"K...H`."e..|...'...L...v.B...`..r{@...J.*^....@r...B..}..A.......@..A.G.q...@.5.... Iod}..zV*D../xY..p..h.Z.`i&...$HWYI.;.~..m.~..5....`.$.J...)w.\...t.'[!....#...G~]..CS>.@{*$.u..%.H4....p\|..v..)........4.8....g.iQE...t.....z.X....N..5Feb).<@3Z._..f...e.y.....u..6;.')..K.0.b9G.2.n........eP.d..6]Y1_A]xZM.L./ozM1S^.a.s....P.H77......Oc......g.R....d9F.9.sY8.....[.-..............@.?....9.R,.j<.G..{.<.,.8..hW.V"../.<...#5../......@ij...8%0.gX..6.?.......V..Z\.)..P...w.f...-@....c.m.I...G.q.H.R.E.. .*G...B.#.B...z..d..,BKn...f?..\L...G.K... .......B..`47.ppK.K.L..H/.....S...P@......,.wJ....o9.IK...M.O..I...9f..s=.%.. W?..3..P....S.fM...j%.9....u.)..l.Y.Q..].8..*...m.......nJ7.....o..*R`.z..V.Ik}.......[.F.}l..E|j.jU.4....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\mozstd-trackwhite-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):9672
                                                                                                                                                                                                                                                      Entropy (8bit):0.31640541849731374
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:50B584B0296602806C7B162917643E35
                                                                                                                                                                                                                                                      SHA1:EDA00D3B1C62F582368E89429B1B4D0CBDC39388
                                                                                                                                                                                                                                                      SHA-256:5C2A066D3F977B6B8F2BCF2DBDFDC518A291EDEEBDE6B067B23A8BBC4D1793E1
                                                                                                                                                                                                                                                      SHA-512:69BE37080232760F4345CA1B9FD83B98365D245BE69B86667414C3EACD1BB0497A407351EB8CC423E4460688FA0B4C065496E409F9EAE50B9532DA7B21B2F5A0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1......................$.........`....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......!...x...1..........@...........xD..!...x...!..... ..._..(...........DlIM!...x...1.......V...@..............^.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\mozstd-trackwhite-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):299717
                                                                                                                                                                                                                                                      Entropy (8bit):7.9993818979644935
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A445B18469E1A4B8513D972E8ACA88A3
                                                                                                                                                                                                                                                      SHA1:F83C7389F87DECBAC66DFD231B05DE31163D2D90
                                                                                                                                                                                                                                                      SHA-256:74A3CE082655D83E89F6012CFBBE37F3790F051ED4EE33C6573CFFE4615C4F83
                                                                                                                                                                                                                                                      SHA-512:14AD5FC9E4C89CFB6E4295A08A0CC8847A28511B733160E7ABD2FEE2B54B9490294A0750137FC6B6DE1CA92721FA9ECE6CFDE425A64A0DBB88C8B58E54B517A6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ....."7..H&..6%.........7..*.ds.~..*.1.A..4.3...)...?.....TD...e...=..Gm.."..q.B.5h.^C...9,;uo..O.?Yj...br4...........J.Z!......DgH=.}..JS..k.>......hs.........I..u....?e|.j:o{~.....`S....}".M...+.UJ.)..r..{.t.....f..B.R2."..'..k..9/z..`7d..#BmeN.j..VX[r.......]9!..:..8x|.=.>..6B.`.-.A..j...2...Tn...3.'.0..b.&.-1.....7..[.UOS.W....=..R..k({...n...r!.<}.BD.xn....3..n.....r]y|..:8V..":,)L(..@8..Q2.n5?.h.9...R.<.hx`L.0.-.......t.L3..e...\.^.;2.......E...fB..v......0e..{..\.*Q.....d.U....}I..jUd.U..#.!~..Y. .......(...8`.H.xl.v...!B7..|...c..y!g...8.%..9..Y....<.........^..Z.6...b.'.k7.mD.=..a.(..b...[.e....N@A....t...~..C.ax..'.I..Y..s...&q......Y.m4.D.'..S~..w........(......7......h.5..P........4.._'}....L.~.n.~...i.......9..=#.u@.9.-21.*.x....Gs....^.Ep....'..._?...kC~L..[....].a...z.-.V.......xH./.%T..5#.;.+........_r.ZRlz.o....X!...../..........6..@cd.8..yW:...d......_.j...Z?...\...."..n..E3.b......
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-track-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):310
                                                                                                                                                                                                                                                      Entropy (8bit):3.2986848293379776
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:59D2D3A9FF42621AE974078BCAABD9BC
                                                                                                                                                                                                                                                      SHA1:A5F86062BD630E7633787138D759B15631B59491
                                                                                                                                                                                                                                                      SHA-256:7371E8534C31C4BFF73E340413D77C988593A0E559418B0F2A5B34B9C82DDDD2
                                                                                                                                                                                                                                                      SHA-512:C1141A3CF65CC2F8A78FC3031B96A2304E935F7CFFC9AC710F7286423EBCBDBC090D6CDC41B6CC2F2CBB895AB985DF824A129F03F4F802259FCD490C904DF7B6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.....................B.......s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......4.......x.[..R....*.....x..8.R....%cssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss..b.ye}..J"w...u
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-track-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2149
                                                                                                                                                                                                                                                      Entropy (8bit):7.903599757708749
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:03B1A3FBBD11C033A9022D395A5BCDE7
                                                                                                                                                                                                                                                      SHA1:E2C4614EFF11F9A2DEB3EDD052DD1FE86E5181EB
                                                                                                                                                                                                                                                      SHA-256:160FE8EBA1050982115B00A7F9F9437B7F1B0F2782BF688ECB0BECC642867B45
                                                                                                                                                                                                                                                      SHA-512:004FAB7075D234C973B3ABFE89422A8FB2D5EEE5C6A7AB0A09A8E69262C7B31FC627BE3490E6E835188C47FA4035945EF9F3D4BC4F3B40F437E9F710EBAE48F2
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... @.....0...6....#....O......Rg.m../.q#..QD.:..",=(.....l.......7.O...O~..?...$..7......a......s............90.....(.E].\z......Y.Q...:.AD..c'S.../f].>.X...fE.?.Z.....v.(5.;.......z...68...0....p.e..e.,...K..2...........6.........4...b9dS..1.P.....Qz..........Q..#z.{...38B.#....l."...JN........LR.1lZ..w.j....X!0...'b....U..ef3...n.J.pd#.041j.^.qvh.7....>2.n.Ff.p.^....5.2f.......(..Lq....Y.Mk....o7K..B.;8!..)..`h>..0..q..|.Awx7S.W..v;.:ip..L..5`.x.8,7R..!>.9P.H/X..re..m..TvR.x{.F0.e#....cC...v.bC.M.FLQ.?..H...Y...^<9<HD...%.$.C..v......I<!.......H[.v../g].#.".......(-.....R.X._......Kr.6J.q.tu.C].q...S6.S"9....h.#......^Jk...h.....E...SY..w.Z..'.........7...R%?.xl.V.u6........)D..."q....p..5=}.r.Z......&.....)..oI.P+....,.aHG..a....Y'....r.*.........!a.y...w....%..c..%h.!=....,..'sc....~'U...=....gba.....C ~.{..Le@=..!.`.x.H.1.c......u..bz...ha.+.Hrw.=.....*..w......g:...k...].G..3......:._...7t..C.n.@t01A
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-tracking-protection-facebook-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):257
                                                                                                                                                                                                                                                      Entropy (8bit):3.4068534312473746
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:58FBC7F7687CC8798AEA35B7066EB198
                                                                                                                                                                                                                                                      SHA1:27B0BB0EBA2A8D05C17275A6165DDACD599C54E5
                                                                                                                                                                                                                                                      SHA-256:3A2035AD8446C71242DAA9EAF3818B87F673D0429E4F5334621905B47A1C3DF5
                                                                                                                                                                                                                                                      SHA-512:5CC1B14AC42C24E04BABA19FAD5C4149B6261AA83259B334F588B128720F16F356D420C868F52C44568B74817B78305DBB955DF7EC18BF8CBC77F9364DC7BF5C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.............................s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...G..'..3....x.[.....C.......x..8....;...ssssssssssssss...T/...g.Tc.-..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-tracking-protection-facebook-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):485
                                                                                                                                                                                                                                                      Entropy (8bit):7.421085210617434
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:2C33349CA3700488BB6AEBF330914978
                                                                                                                                                                                                                                                      SHA1:F2466BF50B05FC5CE06B46C113698D5DD7889737
                                                                                                                                                                                                                                                      SHA-256:70DFE851C998126291E3417927D4D4972341D618F3135B657C7352937725B61A
                                                                                                                                                                                                                                                      SHA-512:BAED30CE8B5B9CD838D2A5A2F60F5BBC13367F670A106E5DBA404E3378A8A615FD7F7635404C7EB84C49B356F408058E04DE34A91996AC9443199C0A124A853E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ......r.].{...-.../...H.6g...tN..S.>.......Q..#z.{...38B.#....l.1j.^.qvh.7....>2.n.Ff.p.^....5.2f.......(..Lq....Y.Mk....oG...[.{...?WK .s..}.....Y....R.X._......Kr.6J.q.tu.C].q...S6.S"9....h.#......^Jk...h.....E...a.y...w....%..c..%h.!=....,..'s.D.'.u..]....36.....9.+..ry..'.Rr.ni....c..D...Z.......z'....2.,.8....ai.Y..jx...;..@.....>..o..l....`.....f..K..k8O.....P...m^...Z{.....qq...E..1..R...tEj.RR.s. ..P..{..(...8......}...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-tracking-protection-linkedin-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):248
                                                                                                                                                                                                                                                      Entropy (8bit):3.1964904631521285
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:EF243E3298CE36BAD786539F6B22679B
                                                                                                                                                                                                                                                      SHA1:657AE6E0162FB3713E79F0ADA7F7C986C2C0D2D9
                                                                                                                                                                                                                                                      SHA-256:016B81ED15F1646B64388D9DBE0BB5D6286228D1CC3CD8B3F0B25A14AF1B97C7
                                                                                                                                                                                                                                                      SHA-512:374B2BC1243B67CBED0BEED9C26532C21C3792AA584418C364B5D9E87A4A85D8DF822FDE10FA8846EB6C886144C1C62A37C4DEA0EFA4FA4973709E8575CA8916
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1...............................P_....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x..........}....x........$.A....x.cbbb...........#...Ty.K. ...IL
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-tracking-protection-linkedin-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):165
                                                                                                                                                                                                                                                      Entropy (8bit):6.186167091655153
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:09F3C98414F01828D019EEC5B11B0AFC
                                                                                                                                                                                                                                                      SHA1:9EE55E53DD698BA26F557C473FF0B7AAF9AE8BB3
                                                                                                                                                                                                                                                      SHA-256:674452B1EB3B9FBEA16D3950888906BBC6FCC499837C5704E23FE47179939C2B
                                                                                                                                                                                                                                                      SHA-512:2B553372BD9994C290E4CCB0EEB64FAFD4B10A24265A02979957BDC2B28CCE6CE0E958A6B5AB2B01EE6BA484CF4A4672DB2078EF36CA29579F1C7D187CC8BD3B
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ....e@=..!.`.x.H.1.c......u..bz.....e..g..tJ.....s.*G.%....MO...K..p.-.,...v...."...V..f_.4.Q...l.%.......J."].y.M.0......=19YFP.".
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-tracking-protection-twitter-digest256.sbstore
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):248
                                                                                                                                                                                                                                                      Entropy (8bit):3.336929909829352
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:373411CEBF6E3BCB89D8BFA632409BF1
                                                                                                                                                                                                                                                      SHA1:A92677564BAC4FAE12CFBD2A0BCB99DD71AE90F3
                                                                                                                                                                                                                                                      SHA-256:C1D5B95B18FF02514BDA0EC7865D9468C3A89E5C3BA2EBD3D4284FD8FCD463D4
                                                                                                                                                                                                                                                      SHA-512:5C2F7D6E5C39A831A0DA43648E7C25D800FBE31CDD33290DD79F2782494210F6B6357426AEA33A6900A3C67D9B7712C07C988E49123EC262084FFCF07ED848D4
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ;.1.............................s.._....x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x...........x.......k......x.[............x..8.......sssssss..2...~L.[.(..^
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\safebrowsing-updating\social-tracking-protection-twitter-digest256.vlpset
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):261
                                                                                                                                                                                                                                                      Entropy (8bit):6.807286481249442
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:81BB9EA266B9BDE3158E57964B462A5D
                                                                                                                                                                                                                                                      SHA1:9A9B41AD3124BC4E56CA6FC489365226ECE2D1EF
                                                                                                                                                                                                                                                      SHA-256:EF6BA0D8A2CBB6BEF62BDE8A89A7A7EDB58184E318720AD23A0C670B9FA4D427
                                                                                                                                                                                                                                                      SHA-512:84FCD67A97D0DEB69C0974C9DDFE4AC8FFF7A28554456DFA5738BCB74B6B5C92E2AED15763E41E5B4AE5268F569C00FBE9D0E378D83AB0AD152318BDE2BC4828
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .b.......................... ....u8..D=D.y...+f({1..`j.ZkO.|.2l..-Z..a.F.sl.....!(!p.<&#/...:.<.......Z..9~.]....E.wFI..AQ.6.......nU.....wq5W.j.....I.yc..BuD....Mm.......=R...DV.kcC0q./..'...h..YV.[.A. a.ERNu.l.}Y..0v%.....F..Z.q......R.q...Hq..^F.zVnB...<
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\search.json.mozlz4.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):350
                                                                                                                                                                                                                                                      Entropy (8bit):5.86000091814865
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:64A8C10C0B79D6B8BFAB65690FEE07F8
                                                                                                                                                                                                                                                      SHA1:9CC4DAF36A5AF167B5E04DDECF2ADBE9A99EC53B
                                                                                                                                                                                                                                                      SHA-256:D3C09884349622573A3FD1967A983A0FB52E7A979523D2026109C3B58D5A13FD
                                                                                                                                                                                                                                                      SHA-512:127B2922D143C3F68D19CC9C84C72A2154A7EAA1CE6EFC733D1836E7E75FA5CBBD9F7061C4378C359C0E406756F3B79F25E9C0A9C0F6C248B872F7876EC03728
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozLz40.......{"version":5,"buildID":"20200930150533","appV*..."81.0.1","locale":"es-ES"B..!tInEngineList":[{"id":"google@search.mozilla.orgH..default"},6.?dra4...wikipediam..&esh.Obing/......d3..Oebayg.....A],"eC..s@.@_namf..GC...","_isAppProvided":true,"_metaData":{}B..8...Diccionario RAEA...WR._ (es)@..0Bin.......uckDuckGor..OeBay6..4],"9.P":{}}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\sessionCheckpoints.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):143
                                                                                                                                                                                                                                                      Entropy (8bit):4.223691028533093
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C0E4C22C50DD21142F57714EF49B8713
                                                                                                                                                                                                                                                      SHA1:06B77307DCA5C889EA279243E74730CBC10801BE
                                                                                                                                                                                                                                                      SHA-256:6FE46B65B76B3DF32D8392853740B35ED75B6E23F4FBD6F45F3EFA1D496E6717
                                                                                                                                                                                                                                                      SHA-512:A4516B4F15EDB429F7B8CE3EA709D3777BFCC590838B1E113147E6BFB4DF0F34F0F2B24F6185D4E4277A77F75711BB470461B86AA507921AF037A6D22DF9278E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"profile-after-change":true,"final-ui-startup":true}{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\sessionstore-backups\recovery.jsonlz4.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1185
                                                                                                                                                                                                                                                      Entropy (8bit):6.154028496782901
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5DFE013FDCFE308D12B7BC6322C2538D
                                                                                                                                                                                                                                                      SHA1:FC7BDD549F1D6B6E7BA55BC8A48F08B4AE29BE01
                                                                                                                                                                                                                                                      SHA-256:F35FADBFF50F862C454EA20BD2A054B59476B4109C3C9DCEAB2B40CF2F63CBD8
                                                                                                                                                                                                                                                      SHA-512:B6BEADE1CCAA751C97226F46A5349040A7FA3D568432546E753FF262BBF3C9195FE9731E2BF1B8C602DC68E821D0973D36DD7C68AE8096A43008C39A14469C9D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie...,url":"about:home","title":"Nueva pesta.a","cacheKey":0,"ID...docshellUU...6"{f99256d3-daab-4ca8-94de-0657ff75d6cf}","resultPrincipalURI":null,"p...rToInherit_base64":"eyIwIjp7IjAiOiJtb3otbnVsbHByaW5jaXBhbDp7OTFiYzJlYmMtYjEzZS00MDllLTkzN2ItN2NhOWMxMmIyYjgzfSJ9fQ==","partitioned.....c..hasUserInteract....false,"triggeringB..%..z%.0fX0...6docIdentifier":1,"persist":true}],"lastAccessed":1614110440836,"hidde{..attribut@...{},"userContextId..Qindexi..requestedI....0,"image":"chrome://branding/cE..nt/icon32.png"..aselect...,"_closedT..u],"busy....width":1168,"height":924,"screenX":...Y..`izemod...maximized"...BeforeMin...&..workspace...0....1-189b-6726-a518-26670018110]..z...1...W...3................1":{..hUpdate...986,"startTim..`399465...centCrash...0},"global..Dcook.. ho...."addons.mozilla.org","valu*..A503ca704c1e5876145e5333986eb550da5d73016016d4d870f2560b970a6b53b","path":"/","na..a"taarI|.Recure...,"httponly..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\settings\main\ms-language-packs\asrouter.ftl.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:UTF-8 Unicode text, with very long lines
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):16966
                                                                                                                                                                                                                                                      Entropy (8bit):4.703644123314248
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:81B4136E3C57C49B8EBE15D22D1EA75F
                                                                                                                                                                                                                                                      SHA1:28E5888CF211EF953D88181264A5648324BD7396
                                                                                                                                                                                                                                                      SHA-256:4997F1318D67D5E0EAD41C715F64CEF2869D6EBDC0FF674812DC23D320B53A6C
                                                                                                                                                                                                                                                      SHA-512:A9ADB3360AB3CB53262B371AE75ED37335C49DBEEAA195E40F3FBC00870CABDF2BB1B916FB83246A4ABB6B8D9EA04BFD65FE77071E09CB666B4DC96BAEC8EF10
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: # This Source Code Form is subject to the terms of the Mozilla Public.# License, v. 2.0. If a copy of the MPL was not distributed with this.# file, You can obtain one at http://mozilla.org/MPL/2.0/....## These messages are used as headings in the recommendation doorhanger..cfr-doorhanger-extension-heading = Extensi.n recomendada.cfr-doorhanger-feature-heading = Funci.n recomendada.cfr-doorhanger-pintab-heading = Intenta esto: Fijar pesta.a..##..cfr-doorhanger-extension-sumo-link =. .tooltiptext = .Por qu. estoy viendo esto?.cfr-doorhanger-extension-cancel-button = Ahora no. .accesskey = N.cfr-doorhanger-extension-ok-button = A.adir ahora. .accesskey = A.cfr-doorhanger-pintab-ok-button = Fijar esta pesta.a. .accesskey = A.cfr-doorhanger-extension-manage-settings-button = Administrar ajustes de recomendaciones. .accesskey = m.cfr-doorhanger-extension-never-show-recommendation = No mostrarme esta recomendaci.n. .accesskey = N.cfr-doorhanger-extension-learn-more-l
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\shield-preference-experiments.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):18
                                                                                                                                                                                                                                                      Entropy (8bit):3.5724312513221195
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:285CDEFB3F582C224291F7A2530F3C4E
                                                                                                                                                                                                                                                      SHA1:F816C3E87AA007B6E6D31EB6A4618695A7D83439
                                                                                                                                                                                                                                                      SHA-256:704D28223A4320A853DF4A19D48C7015CF79D56A5317CC3475B6305FA43DCC05
                                                                                                                                                                                                                                                      SHA-512:8F1DECF1E4B5755FCE8F165DAAE115F45D6890985C9C4BBB33A6F724CBFD26DB75F6DA06F9EF675DE20FE755DA9B7F55E5EE37124296A12A520A393DA159BD58
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"experiments":{}}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\startupCache\scriptCache-child-new.bin
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2279246
                                                                                                                                                                                                                                                      Entropy (8bit):5.084396367739685
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:8CAA443C14C1FA98996D8D09C4175459
                                                                                                                                                                                                                                                      SHA1:993FD53DFA8251F0756F69ECF3123CEB93298D9C
                                                                                                                                                                                                                                                      SHA-256:2939525D96DCD7AEF3D6FF286198C8618273690B7E24672C4B9380C44DAF3A09
                                                                                                                                                                                                                                                      SHA-512:7CFB59F296D2AC01155E7F478B564FD1644819D6BB6501FA2B9D580161D14FF82078C6415AEC3D82513D20F9E08172D4D0CA2943930AE601D51CD9E8CFB7C77C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozXDRcachev002.M...*.chrome://global/content/process-content.js*.chrome://global/content/process-content.js.........'.resource:///modules/ContentObservers.js'.resource:///modules/ContentObservers.js.........).resource://gre/modules/ExtensionUtils.jsm>.jsloader/non-syntactic/resource/gre/modules/ExtensionUtils.jsmw....;...6.resource://gre/modules/extensionProcessScriptLoader.js6.resource://gre/modules/extensionProcessScriptLoader.jskO.......1.resource://gre/modules/ExtensionProcessScript.jsmF.jsloader/non-syntactic/resource/gre/modules/ExtensionProcessScript.jsm.R...X...).resource://gre/modules/MessageChannel.jsm>.jsloader/non-syntactic/resource/gre/modules/MessageChannel.jsm........ .resource://gre/modules/Timer.jsm5.jsloader/non-syntactic/resource/gre/modules/Timer.jsm.7..W....*.resource://gre/modules/ExtensionCommon.jsm?.jsloader/non-syntactic/resource/gre/modules/ExtensionCommon.jsmGN../....".resource://gre/modules/Schemas.jsm7.jsloader/non-syntactic/resource/gre/modules/Schemas.j
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\startupCache\scriptCache-new.bin
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):8416463
                                                                                                                                                                                                                                                      Entropy (8bit):5.198539615466371
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9BE9583202942EE7088300958CC82657
                                                                                                                                                                                                                                                      SHA1:0DEA922D37E9F0043078E3C2C6FB7D989E83EBB1
                                                                                                                                                                                                                                                      SHA-256:AC34BC9740C039B136C6DECA8ABA70D9C45BA50549BF5A3D986228FDF6C72626
                                                                                                                                                                                                                                                      SHA-512:476510E8E5B408E86CD877328A64BD81190D793078DB1DDFA9ED64D020B2BFEA7664B302818DB32BE4A2706116A4A43A89CC5143EF843DE8D39F2ECAB0278706
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozXDRcachev002..{../.resource://gre/modules/MainProcessSingleton.jsmD.jsloader/non-syntactic/resource/gre/modules/MainProcessSingleton.jsm.........#.resource://gre/modules/Services.jsm8.jsloader/non-syntactic/resource/gre/modules/Services.jsm....n....1.resource://gre/modules/CustomElementsListener.jsmF.jsloader/non-syntactic/resource/gre/modules/CustomElementsListener.jsmf...[....#.resource:///modules/BrowserGlue.jsm;.jsloader/non-syntactic/resource/app/modules/BrowserGlue.jsm........%.resource://gre/modules/XPCOMUtils.jsm:.jsloader/non-syntactic/resource/gre/modules/XPCOMUtils.jsm.....O...'.resource://gre/modules/AppConstants.jsm<.jsloader/non-syntactic/resource/gre/modules/AppConstants.jsm.........#.resource://gre/modules/XULStore.jsm8.jsloader/non-syntactic/resource/gre/modules/XULStore.jsm.....9...).resource://gre/modules/ComponentUtils.jsm>.jsloader/non-syntactic/resource/gre/modules/ComponentUtils.jsm_W..;....-.resource://gre/modules/ActorManagerParent.jsmB.jsloader/non-syntact
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\startupCache\urlCache-new.bin
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3379
                                                                                                                                                                                                                                                      Entropy (8bit):4.78307720354235
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E771B0381FFFD9BB6403E5BA84811C4F
                                                                                                                                                                                                                                                      SHA1:0E7A50DADAF44E7923942DF7A04737844D857DB9
                                                                                                                                                                                                                                                      SHA-256:5554CC242235F132477D5BD5B99C24135D3576F83E259A418354D52E26D37C89
                                                                                                                                                                                                                                                      SHA-512:EBE7D902EDA179B6D8A5A3C955234FBD11A53587747A46B969221C47EEF2F4F9DC887A6EC115A175185DFE4D4B7FA205317ABC2D0B0F91AF21647832FB0D8BA1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozURLcachev002......c.C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\xulstore.json._.C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\distribution\policies.json.3.chrome/browser/content/browser/built_in_addons.json.k.C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\addonStartup.json.lz4.0.chrome/es-ES/locale/es-ES/global/intl.properties.-.chrome/es-ES/locale/branding/brand.properties./.chrome/es-ES/locale/es-ES/global/css.properties./.chrome/es-ES/locale/es-ES/global/xul.properties.9.chrome/es-ES/locale/es-ES/global/layout_errors.properties.;.chrome/es-ES/locale/es-ES/global/layout/HtmlForm.properties.4.chrome/es-ES/locale/es-ES/global/printing.properties.3.chrome/es-ES/locale/es-ES/global/dom/dom.properties.=.chrome/es-ES/locale/es-ES/global/layout/htmlparser.properties.3.chrome/es-ES/locale/es-ES/global/svg/svg.properties.9.chrome/es-ES/locale/es-ES/global/commonDialogs.properties.9.chrom
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\startupCache\webext.sc.lz4.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):330672
                                                                                                                                                                                                                                                      Entropy (8bit):5.969621567706506
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:33217B009B80D3AAEC6A151B7DD86CFD
                                                                                                                                                                                                                                                      SHA1:500883277B3192BA3870558B720865682F7E0662
                                                                                                                                                                                                                                                      SHA-256:66572CB23C14CD9D1F78320A961C5EEC9DAC283362F7A035C64C16159735D658
                                                                                                                                                                                                                                                      SHA-512:174B021A3D918E0403CDEB0A31695BDCB4F9652FD18731404FDD97AAFF0F20A3C0BABCFE69CF4137A51DA00D0633A800FEC1C702F3028FF0CCC222A6E2B3D307
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: mozJSSCLz40v001.H... .... ..................other..........parentModules..... ...............X.S.....@..m:..p......bookmarkT.....8... .0url..#.0....chrome://browser/content/..U/ext-T.C.js.8..schema../...H...).(s/E.6on.H. op..q.......@.S.....X.baddon_.....G....`.@path...@..... ...P..Y.........namespaceName...@...8..G.`ActionU......4...8...!........T. .j...@.....7P..extensions...,..s..!_a.....3...`events...... .bupdate......X..uninstal...... ....`disabl..........manifest.... ........>..@.....@.......8..X..(..@...........5........ .qingData...@...3...@...T..?..@..P...=.Ring_dN..........U.0.......@......captivePorta...P..........W.....@......M.!_p.....3. .%....0......p...@......._settings_overridC.........@@......T..-d..-d........................... ....-.`.. .....enabling.........?....)."s/...a...X..p.....x.............._...............H..H.....qcommand<.. ..........L..........h...h..E..C.....X..X..X............@..x..@..h......p..(...... ..H..8..(...H..........8......devtool..2.L....*.E..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                      Entropy (8bit):1.363763455606215
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:5C703B33C53406F362305ECD1403337C
                                                                                                                                                                                                                                                      SHA1:7464997C6EC0E86F91780B242E1B4105A1663E4C
                                                                                                                                                                                                                                                      SHA-256:7A2E8064E6738059A1B234104C5E903A61A22C702C59AB1E998EA20091F8D119
                                                                                                                                                                                                                                                      SHA-512:433A69E822DC83DFA1EE80B916595CE3D3C7859B92D71F2A0EB97E2D3AD6FAB71F1A231B8DD8AC6A61B556B73F3D6CEAACB380B30FFDA153F9F26AD1DCD54EDC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C..............................................................................................................................................................................................................................................................................................................................]........tabledatabasedatabase.CREATE TABLE database( cache_version INTEGER NOT NULL DEFAULT 0)........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):6256
                                                                                                                                                                                                                                                      Entropy (8bit):0.6010348241951688
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C3182E125AFB940BC6DB75209B9A2C50
                                                                                                                                                                                                                                                      SHA1:C4460D9B596756A5185B4EB722DDF6739336683F
                                                                                                                                                                                                                                                      SHA-256:8F877F665C58EEDCA95AB1DF98AA709F2AF9308E9137E48E7A93F8F8824EB5A0
                                                                                                                                                                                                                                                      SHA-512:04994B100990FDBFCAFB81C66C6122F33F0B513E3E20D948266C7F9AC921950F12DF6559B39479D924B5792AF4499B7D0EA57E649B60AE266B4D2F60F3DDC6D8
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ...............;.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................nD.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\default\moz-extension+++4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295\.metadata-v2
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):8
                                                                                                                                                                                                                                                      Entropy (8bit):3.0
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:AB1418FD9B6B68C5BEB0D034AF1CA204
                                                                                                                                                                                                                                                      SHA1:7249DA52247EF2D01F3C422A33DE540E7E88C582
                                                                                                                                                                                                                                                      SHA-256:C36F4AB0DE8DFF0B355E342E474772245351F41F05F034778FF113D48AFA9FE6
                                                                                                                                                                                                                                                      SHA-512:BF9D68E263C7C617094A4B2B259722BA5505B6D556D9B4DF4ACE324CA5E43521A87E31220128B9557691AEB38A8477D18EE82AAD2264ED8277652EA744719FF1
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....^...
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\default\moz-extension+++4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295\.metadata-v2-tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):193
                                                                                                                                                                                                                                                      Entropy (8bit):4.9013175684824715
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:FADD178099740174BA3E5416D0FBF201
                                                                                                                                                                                                                                                      SHA1:6DDE64DA6FCBE278A4AC87820C42263129B3D489
                                                                                                                                                                                                                                                      SHA-256:79EB889D3E6244BB728F3DCFC52E8573E30BDBCB938F0150DED4FDFDE92CEE00
                                                                                                                                                                                                                                                      SHA-512:4725BB2656DD73EA4051A161616AAD32FEFE8053C51C115FB1CF1497288610B8D35DC9D13F724C4654155BDC6FB77F84AECD600AA8973ADD15973FEC01D6A859
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....^................^userContextId=4294967295...=4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295...Mmoz-extension://4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\default\moz-extension+++4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                      Entropy (8bit):0.656407308713548
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:FB39F2BB70E0BE4E9DB644072B751FFD
                                                                                                                                                                                                                                                      SHA1:0108DDAA9ECF2B0A956B6F216B4AD0D00C021CC0
                                                                                                                                                                                                                                                      SHA-256:79DBF0C62B2FDBD6A34D0AA6C361ADD3BB7C73230A08889B9D509601D46688C6
                                                                                                                                                                                                                                                      SHA-512:E87692294E4CD345CFDBE51F19E0AB459C83AF6B2A6BAE049C406FA2E7E4E83CC0301B3FE19341EB5A496AA0CEDBB5139EB7F00FB8C07C3C613F9AFBE5531FDC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\default\moz-extension+++4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.1598703184901309
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:439CBCB361FC006D2A729B51B651BAC9
                                                                                                                                                                                                                                                      SHA1:7B498750D7724B566EE697D58DB896DF07803D15
                                                                                                                                                                                                                                                      SHA-256:9DCC63A826C0B2A5C9C1C6C24A03AA4BC6C96027619979838FE921D174942F9C
                                                                                                                                                                                                                                                      SHA-512:5365AF9E470787B93A707BA391968ADD14954EFD46054584F88ED87BF512D8599C6DA417B96AFA1228CDD5E9191EDCD0A478E710385471F6F40DD9A1A872461C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: .............F.{.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\default\moz-extension+++4315a2d0-608a-41a2-a291-9ca71bee3ff0^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):57776
                                                                                                                                                                                                                                                      Entropy (8bit):0.7943903316394999
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E56DC538371ED8AC3BFEF7BA2566316F
                                                                                                                                                                                                                                                      SHA1:11172AEC4231761C76A082E65B8BCC467C21CF5F
                                                                                                                                                                                                                                                      SHA-256:F73B57FD2CCD819444BE5D102805F878DCBF7A7C280C6E47DCC930CAF4C79AD6
                                                                                                                                                                                                                                                      SHA-512:F385BA9BEEF4408E80E1F5C05525849730B45C09325C8F069760CF2A0F93BBAD8CBF90AF81A0D3DE54F800737DA87EAD71104D7B975979B5E08104A5E40997B9
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-............X.(%..?.....g..........X.(%..+.V..c#SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\.metadata-v2-tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):42
                                                                                                                                                                                                                                                      Entropy (8bit):2.858065949022874
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:6B9507182D6833FE1DA22A8119999102
                                                                                                                                                                                                                                                      SHA1:48EE76FBBDA14B6ABCEB19969DF1AFB894C0226C
                                                                                                                                                                                                                                                      SHA-256:3146736B178565881A599496286B1E3900889C3D6F95ABDC839E940AD337A9B2
                                                                                                                                                                                                                                                      SHA-512:302C1830710FE734E4893C3688724B2755286A44E84F977EE30876169AD90C0664BABEB27BA1880EDE4FF80B169CE996487B7DB8FF5A1FBF2DC70108B2553B28
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ....]..P.................chrome....chrome.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                      Entropy (8bit):0.6195788674382229
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:755B25F05FC06297885145C61E483252
                                                                                                                                                                                                                                                      SHA1:E432F175E1B5523A1E08A0E7E6FD6644AA07CE5C
                                                                                                                                                                                                                                                      SHA-256:6513EED1049D7EBBD4D8E5EC734482EA695E1F5D9B590164C55DAB31D172A3D9
                                                                                                                                                                                                                                                      SHA-512:E88A620C441C15F1C24A6F78360479CD98AA55B26CEC4DBD63A6E1A514F83217B4691ED3CE8505D8A3D4776553894EF2CCE28786D79F27C5E77ED8DF3E5F5AF6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.16011199405259918
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:568AE6D816F2BDBB0071813187F3C31F
                                                                                                                                                                                                                                                      SHA1:10E591F0033841CC7328B9CB1714EB8417BFF428
                                                                                                                                                                                                                                                      SHA-256:B1BB862C8847E9CFAA98F4744FE9BD3FEB6D875426988C61BA788AD1D352F133
                                                                                                                                                                                                                                                      SHA-512:1C0EC820AE41768322EA48A281EA54541100606C9EA2C9098A51C71164FEDFFCEC5F2AF834AF972B1B55EEFCD3EAEA01261231774CF6B8FBB016BCB60F389954
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..............u..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c.................'.\.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):57776
                                                                                                                                                                                                                                                      Entropy (8bit):0.7527129065218733
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:562CFC1054ECF7EA9F3CBC45945CD82B
                                                                                                                                                                                                                                                      SHA1:7F137D1B282BD7762C992AD32C8E1BD14AB1198A
                                                                                                                                                                                                                                                      SHA-256:367D01010569AC581B8EE3C725D22BE5ADB44B91FD375EC83A6A82AD5379AD13
                                                                                                                                                                                                                                                      SHA-512:5821F13BD5EDC9DCB3764ECEF7CC494A2034C9DE13748AEBF7F4ABC8057D2F87B852620C3F0A96A2265D6D310690E9395A15EFB93DB6B98C71996ABBA58B204E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-..........F.1'.. ....YP ..........F.1'.. .....|../SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                      Entropy (8bit):0.6146045397220762
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:4652E54D51632DD52DE26FF98D18931C
                                                                                                                                                                                                                                                      SHA1:ABCADD73211EB36BD99E685BB8E39729A1C2D6CC
                                                                                                                                                                                                                                                      SHA-256:801933427A1999EC704D6415C4AE24EC63533938474F07097FE63E867904EE84
                                                                                                                                                                                                                                                      SHA-512:B84C9594324819440665B3C8E2C8454D3BCC6C2029C81A411553FF89780B0ADD041EE8A45B409EF76E4FBC2D4AB53C7C604076759550FFAC6F7964E4A02B22DF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.16064671600565886
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:425BFDEDB33B57C1E84F1C8656938E93
                                                                                                                                                                                                                                                      SHA1:92A20DFB91422C2BBAA04DFEAFA469A561BAC5F3
                                                                                                                                                                                                                                                      SHA-256:009D55566F05A410F2E8BD704C70CEFE8A4395E65744DE0189EC22DD4E75F6BF
                                                                                                                                                                                                                                                      SHA-512:3C8BFE541D467A253D3F4040D84A76C9B5A2662D66B830AD52AC34FCBFA71048F6CA2161B71622209904CE0D741DAF352F0733B1AF7F8BB9448CDD33ECD73CA0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............2.%..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................z..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):57776
                                                                                                                                                                                                                                                      Entropy (8bit):0.7479783236537644
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:4F6654492DBCAADBB50943BCE2E61F2D
                                                                                                                                                                                                                                                      SHA1:8020E3B9006A5714835A831D8247386F15E87C82
                                                                                                                                                                                                                                                      SHA-256:DB6089BA168933632E37AC663726E8A813DA2CD11458CED21FD2FF96F1EBDDF0
                                                                                                                                                                                                                                                      SHA-512:443015C9132B8B7EAA2AD0C1382597BD338E8ACA276B0CD5182F4FD46762DC0E5232068BBBABD23F6004A8DAC48C958BFF2868C960A1C8B1E160A9932D6AE4E7
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-..........h?...b.]..B{..|/........h?...b.].D.I!.D.SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                      Entropy (8bit):0.6164147090897375
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:3802CAD36744DF0C2C2C4A7D884427D7
                                                                                                                                                                                                                                                      SHA1:80496B34071B38266B487F5F4386B6E07FE5A28C
                                                                                                                                                                                                                                                      SHA-256:ADD4219451F2EEED94DB2AAA2C3D375D9CB131949F3F1AE9F8C2EED72F8AC076
                                                                                                                                                                                                                                                      SHA-512:1657710731AA0350C68869224F52DE09472035E62BBBCE9EB50D72B5B6B30E4327C8B3DCF8687E5609F5130FE9D82A56557879995C24B52E045D6F43CC418B86
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.15933559653707124
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:9355D475B61566B7006D0CD9BBA139B9
                                                                                                                                                                                                                                                      SHA1:82BB4E35A1804ED1C2A326679D7A5DDB857C1521
                                                                                                                                                                                                                                                      SHA-256:7DDB64044234BAE1989D76BE4332CD738F0ED86BF298A8D0E7FBDD0F055DA6F0
                                                                                                                                                                                                                                                      SHA-512:F5CD4DBA4C107324F9887F29535409ACAA9D9EFC827B05B18C5A28C95EC3ADFE42D20817488B1D20A05B16E7903F9B5528CE3E5549D46CED47155BF76A7F1469
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............B.u..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c.................8o.9............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):57776
                                                                                                                                                                                                                                                      Entropy (8bit):0.7491937681321024
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:03441793FC9F6E5F821B951526BE78A0
                                                                                                                                                                                                                                                      SHA1:6649E3F4A81CAAC12738536FF7D572627463A4E3
                                                                                                                                                                                                                                                      SHA-256:1DF79262B766F911C3DC3772EC21D3117DD292C5762A283D3D31F79321A68984
                                                                                                                                                                                                                                                      SHA-512:4E457036D003ECCF7F1D2FEB666C2E252057286600A61F61EA321A2EE08E607F66406FD00AD5279CC1D3D939B25EB129B28F239FDDBE70EA84DF22E9CF9E411E
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-..............W.'...(bd..............W.'q..B.[.SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\2918063365piupsah.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):69632
                                                                                                                                                                                                                                                      Entropy (8bit):0.6015625219917262
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:79462EEE8026E4A6FC04E50B15AEAA0E
                                                                                                                                                                                                                                                      SHA1:456227BF9D10719E92B3D3BDB3711840D0E27D4D
                                                                                                                                                                                                                                                      SHA-256:083D9D710D0F63F1573157393D08ECE76150E397FB15F03592C38A30D6BA3D64
                                                                                                                                                                                                                                                      SHA-512:69909AA174D52001D666EE793A575738D19AAE7624E7948030C4BAB057D6C55E2AA1BEB09FA3F974E80D9E8A4CF3F66772051C8B2FACEB6C096B10EE8B2F9A20
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\2918063365piupsah.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.1598703184901309
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C8C658AECFA767905F897F89883AC305
                                                                                                                                                                                                                                                      SHA1:6E10AC0C1EE7C3DA24B321B1429D609792322C40
                                                                                                                                                                                                                                                      SHA-256:E357E158B5E8BFBCC9CBDA58D91352941B47629BF3E513E57BF020188A042E1C
                                                                                                                                                                                                                                                      SHA-512:8E03C001638057D2605D87D947F7935456B72C95A7663C71F734B1F3295F1B3B22E51BC828249553293290D04A019DB0A86DE71262E32F1ACFC5A8E59664A744
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ..............]S.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................4hJ............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\2918063365piupsah.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):61896
                                                                                                                                                                                                                                                      Entropy (8bit):0.7288650821800996
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:D16859630F369D4E9C81B4B52DF063F1
                                                                                                                                                                                                                                                      SHA1:3627F5BF216AB04BE05A149EF641CEB4DFDE63B4
                                                                                                                                                                                                                                                      SHA-256:8841EB251BEC6613FA6E5CB65BAFC2898DF5D8EDBEDA0F9C97598E0D597988DD
                                                                                                                                                                                                                                                      SHA-512:5464B4469DA9369924F7AC5FFC30EE3E4B8687D5568D399CFEC1C7EA172E4A0FF1E68C0617549A3464F8CA71D23FEAA87EB1BE5106B7C1CA339EE325E3AF985F
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-...........G.....J.fC...........G....b.)...SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\3561288849sdhlie.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                      Entropy (8bit):0.6145263071754161
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:366F4FABA9A396767F56DEC4AA004DDB
                                                                                                                                                                                                                                                      SHA1:6E243CF35B37BA61D614F778E5CBEFC316423CB4
                                                                                                                                                                                                                                                      SHA-256:8DFB5721F841D29CB2D7573EA2DF589377AEB19C8D6595F8D2CE0B9C8AC10751
                                                                                                                                                                                                                                                      SHA-512:EA12C7AB5D4EBA147C960B5B8702D90ACDDE7FACEFC17C5611208F395901A9D2840395BD9D1BADF90E0AF53FB65F3B26918D5580BA43CB5E6317D088D7C623D3
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.16064671600565886
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:62F9EF9B9C7CFFCDCF413DFFBC21F122
                                                                                                                                                                                                                                                      SHA1:711F5A47AE4DDD1CB9639F224E4F6E3B5876E1A9
                                                                                                                                                                                                                                                      SHA-256:197B320E872FFAA582B0F9661106216ADF7A96301CB4019F53A1080DD202307E
                                                                                                                                                                                                                                                      SHA-512:100CAA1B14F24F170DBFCAEDCC4B6C3828DA07678F41F6058D9A65303386739AFBAF4CF307D8807C2E43948C9E88CD8B56C2FA15190A3B60BB0AB692ABAC0560
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............WD..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c..................*.<............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):57776
                                                                                                                                                                                                                                                      Entropy (8bit):0.7485613089251156
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:98BB6D53E538F8669C556D82EBBC49BA
                                                                                                                                                                                                                                                      SHA1:172E3D1A8671AEE788ED0C649301D6CAC4420B46
                                                                                                                                                                                                                                                      SHA-256:E064EBD11E572D46CD51947A56459BA083BB8BF395983F3FF7BB494E2C4D7728
                                                                                                                                                                                                                                                      SHA-512:131911E029D3AD967CC4C1E9E4FCFAC983E7C78352EDEBA3A743D05897EA2C0CD2885AE79EB65E257B11AFF0495626156E594AF177E507B563E51A8B47B5491D
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-......................@...............M..k+...SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1458176
                                                                                                                                                                                                                                                      Entropy (8bit):4.338048212815379
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:41418DF157E93192BB8BCDF49F327B46
                                                                                                                                                                                                                                                      SHA1:589A81B2BB4E2E44EA1DC6CF164F28DAA5D81885
                                                                                                                                                                                                                                                      SHA-256:10EEEEF3B8FFB2E8E81F227A82F8D934901A0353B50E54803042ED007A956057
                                                                                                                                                                                                                                                      SHA-512:D94E6363AD8B2D353AF68614A49ABAD05AEE8103797C40A724E5A356BEB571F09B54067746AF6902DFE82C314A781B2A5EA8F78C20043021D8B4C84379D5D504
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5152
                                                                                                                                                                                                                                                      Entropy (8bit):0.16064671600565886
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:87304C54D207543A27248460B5C871D1
                                                                                                                                                                                                                                                      SHA1:4041C4507A73023D7D1E43165A5F51146A328E18
                                                                                                                                                                                                                                                      SHA-256:54B62665657D9CCC4D0B880FAA0FC8E3D9EA8603217589DE18471BC2A2470F5B
                                                                                                                                                                                                                                                      SHA-512:74FE51237358CBF936627C25F545AA1465A48B88AAB616B7BB7FF18BB766D9F107493B65ED8F8BE70CAE6B0B014200E5A5323FFF8FF4BBA25AF8D3DB429B680C
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............E.?..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):1668920
                                                                                                                                                                                                                                                      Entropy (8bit):4.575601481745106
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:4BEC56D3954DF3074068A6EFA48870D8
                                                                                                                                                                                                                                                      SHA1:0C0F01D1706FAF854A81DD9062B7BB2B19280D4B
                                                                                                                                                                                                                                                      SHA-256:A22E6C488E8B2D1F5CDB0B7C518A7E152902173A8196EE6AFA944A78AE0FC47C
                                                                                                                                                                                                                                                      SHA-512:6E58896BDD763C95798FD6B4294BF2BBCE63CA132AB9F7C7D6DA0AABBBBB650525232C5B9FF80075C7D6985D88A2533135F520BCA938E1C3A0C2CAF97835B8CF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-...........o.!U....r.}Q...........o.!U....A6j..SQLite format 3......@ ..........................................................................C............;.......[..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................-...3....triggerfile_update_triggerfileCREATE TRIGGER file_update_trigger AFTER UPDATE ON file FOR EACH ROW WHEN NEW.refcount = 0 BEGIN DELETE FROM file W
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\times.json.tmp
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):76
                                                                                                                                                                                                                                                      Entropy (8bit):4.0781945679790415
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:503E2DB67079E5FB7F4BC4A29D079A1A
                                                                                                                                                                                                                                                      SHA1:5617ACFDC4A577D67BE22F5856AC763EADD13B6A
                                                                                                                                                                                                                                                      SHA-256:4D181899B0E2C6D687E5453BC7937D7093200962EE1AB4D6B04B1080E9802C65
                                                                                                                                                                                                                                                      SHA-512:5804353D8C0F74F5999F9455BD46C8E7770663EBBB46CDB23626C250427784BF3D727CB222C0AD08366208348B20AF7C72CE9290350BA01CD207E5FC1D7920B9
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {"firstUse":1614110400070}{"firstUse":1614110400070,"created":1612810060915}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\webappsstore.sqlite
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3032003
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                      Entropy (8bit):0.01397902678317961
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:994191102E7164C3615F082F5A7395EB
                                                                                                                                                                                                                                                      SHA1:6E8E4DEA6B8F7750207B621F792388A509436B14
                                                                                                                                                                                                                                                      SHA-256:946A047D46038356884F86AF47C65DFC57D72D1238743520F8B67AD22B0D4BC0
                                                                                                                                                                                                                                                      SHA-512:BEEF24BFE2C979EB572C11108736B05A802D65092C388CCEA59124AAC40853453C39182758138A7CD39DE3A9450F971BFD72EE572D5D8EEA2AFF210DB957E533
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\webappsstore.sqlite-journal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):524
                                                                                                                                                                                                                                                      Entropy (8bit):0.27937671757176796
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A77A0D3CDB540F2D3B2B3C58792D37A0
                                                                                                                                                                                                                                                      SHA1:E9041ACBEFA693E2F18CA4CBA495FED86DC008B8
                                                                                                                                                                                                                                                      SHA-256:AC0E7758051EB543A82A127AB659EEC61F0EA43F060AC68A7CEB69023BDF8548
                                                                                                                                                                                                                                                      SHA-512:59A6D3B71820AF5EBFEF01F7897204A1E8725F1614D147A7462347AAB0C7CA70F0E76DB59A42D656CB63356A2A9804B5D8B8D791A3E1E95DB94560F5397A8C50
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: ............xTB..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c.....
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy\webappsstore.sqlite-wal
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):98408
                                                                                                                                                                                                                                                      Entropy (8bit):0.06099857127272167
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B3A6A43548033CB841F0452ABA6EA45C
                                                                                                                                                                                                                                                      SHA1:68B2196563540943282EB6FBFBBF30B5AFEA70B9
                                                                                                                                                                                                                                                      SHA-256:2F8C412234AE258284CB623A874027F9D2F036532918D256AFA23C0F486CB6F2
                                                                                                                                                                                                                                                      SHA-512:963F10751DCB6BFB4CA145B7FBD382FDCD35499BED3BFF9BEEB10962511E5B981B9DFAB2C4900919F3440E3EEB71B177ED6CA7B971B745D1243C1F462D32D914
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 7....-...........D.D..Gd..G,7C*..........D.D..Gd2%g...N.SQLite format 3......@ ..........................................................................C......~...r~.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):2713088
                                                                                                                                                                                                                                                      Entropy (8bit):7.914567370707187
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:4EF66E229568D79CCE138C20A04BC4E3
                                                                                                                                                                                                                                                      SHA1:9E6F8A04986D8A3E7EB0F662D9FD77C6443EB649
                                                                                                                                                                                                                                                      SHA-256:D67434B9982A6947FA78CA6120E9B4A0A373506BEB03D24621573B0A7F5957A9
                                                                                                                                                                                                                                                      SHA-512:3B3C99E554328096B8477A71599F9BF1CCC303EC536BD71F5EA398312B22520BF29E68AC6A9C541C44F6C680A301F799A05E91B0C2FCD1869741768AE8B9962A
                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........tj..............0(..@...@E.@xm..PE...m...@...........................n...............................................n.......m..8..........................................................................................................UPX0.....@E.............................UPX1.....0(..PE..*(.................@....rsrc....@....m..:...,(.............@...3.96.UPX!.....z}j.....Tm.'((...k.&<.}..... Go build ID: "uCOImllA76x7LVjA....Pv3H/-yQKpiD9Qta_-BxYfRsy/79rlke...._SFkrm_9R9iyps/LwMNy-gWMPYsqybfl.. .UBk". ..d...........;a.v ....<...D$...$......._.&........q......5.......dnl.L$h........>......4....4..$.....wn.,.Y......H1.1.TP..o....|..\Z.;cpu.u.d@.T.....,..T=.....~g{9.................Y.............l.....0..;..9.X..(.|$<)......9x...!.T...0&....d].}....\*f..on.....i+....:..5al....wS.....U.....};....\....A....9.}_..lg.8D-.9....-...........
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\log\phyrox-portable.log
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                      Size (bytes):263
                                                                                                                                                                                                                                                      Entropy (8bit):4.782145212446923
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:26312B2C3885DDA63560891D0FBE9BEA
                                                                                                                                                                                                                                                      SHA1:23BA1D2B043B66AF52A3E81E5DFC35DB065B4479
                                                                                                                                                                                                                                                      SHA-256:76B2BF8FBC80473E2C6FCAAE4A14BE6B65361784B7E99CD6CD1DE27375EEDA21
                                                                                                                                                                                                                                                      SHA-512:C2761D8732D9A0DF85ECE12CF7218BE31027B3FCBB10CADE65AAAFF11A83FE837675FF7178F8640328CEDB7229D7990DEA4839E740CB379B7A6549E13066B3D0
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: Crash Annotation GraphicsCriticalError: |[C0][GFX1]: Potential driver version mismatch ignored due to missing DLLs igd10umd32 v= and igd10iumd32 v= (t=15.316) [GFX1]: Potential driver version mismatch ignored due to missing DLLs igd10umd32 v= and igd10iumd32 v=..
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\phyrox-portable.sample.yml
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):149
                                                                                                                                                                                                                                                      Entropy (8bit):4.392292487641983
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:7216F0275BBC55B9B2219047323ACC8B
                                                                                                                                                                                                                                                      SHA1:C84138A915D4BF3DC72D9FB8F1592B125B6AFD80
                                                                                                                                                                                                                                                      SHA-256:A2D7EEE8708E26B09844FEE7DCDC903666A320A7994BBA1EB088FBBE74CD8A20
                                                                                                                                                                                                                                                      SHA-512:775A6D7B4ACA7EC76B5796D9BAEC3A35360F748B9029DFFF21EB8AADE933B900F1B928301DAD43548B468AC564B50FD5C312FC428B61F9E3CC24F683782D68A6
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: common:. disable_log: false. args: []. env: {}. app_path: "".app:. profile: naturgy. multiple_instances: true. locale: es-ES. cleanup: false.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\portapp-prev.json
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):692
                                                                                                                                                                                                                                                      Entropy (8bit):5.146004755531327
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:23DB71BEB95CFDD756E45D52D06B52D0
                                                                                                                                                                                                                                                      SHA1:002BE0B1A604D9BF10C9EB370BC6F8CC1B449371
                                                                                                                                                                                                                                                      SHA-256:EDD8BFCF105BD4A26D973D23A0609032F9CE719B520FDCDECD3BECA8D9178843
                                                                                                                                                                                                                                                      SHA-512:64EC39D015DB3A4630D8D07E6C5F6D0B238E4F24576026BA8422080A78B830977BD4BC13311E128EA76ED68EAB8A6B2761184C4196E3D94B57B5D41470A6422A
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {. "info": {. "id": "firefox-portable",. "guid": "{C7478F88-9391-481E-B99D-86427783B735}",. "name": "Firefox Portable",. "version": "81.0.1",. "release": "50",. "date": "2021/02/08 19:40:42",. "publisher": "CrazyMax",. "url": "https://github.com/portapps/firefox-portable",. "portapps_version": "2.6.0". },. "win_version": {. "Major": 10,. "Minor": 0,. "Build": 17134. },. "root_path": "C:\\Users\\user\\AppData\\Local\\Temp\\tlyk2yvt.zzm\\firefox-win32",. "app_path": "C:\\Users\\user\\AppData\\Local\\Temp\\tlyk2yvt.zzm\\firefox-win32\\app",. "data_path": "C:\\Users\\user\\AppData\\Local\\Temp\\tlyk2yvt.zzm\\firefox-win32\\data".}
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\portapp.json
                                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):303
                                                                                                                                                                                                                                                      Entropy (8bit):5.055853253914089
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:B66797A395452054B921915291D591AE
                                                                                                                                                                                                                                                      SHA1:1DF4DB791E1FFA05C808B1613625AB02487B0781
                                                                                                                                                                                                                                                      SHA-256:1A70F8CA141B6487AFDC035E7B8D83BC435CC99B16BBFD0CE399F6C472AC36C8
                                                                                                                                                                                                                                                      SHA-512:1E8DF5BF4DAE66BCF4CEBE9541B4BD39855D3AE9F2250DE5B2B5DA64AFFBD07CE42EB104F0704986711416A0FFADC4FB05515146EF68C6311C815C35B2A401CF
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: {. "id": "firefox-portable",. "guid": "{C7478F88-9391-481E-B99D-86427783B735}",. "name": "Firefox Portable",. "version": "81.0.1",. "release": "50",. "date": "2021/02/08 19:40:42",. "publisher": "CrazyMax",. "url": "https://github.com/portapps/firefox-portable",. "portapps_version": "2.6.0".}.
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpaddon
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):5208697
                                                                                                                                                                                                                                                      Entropy (8bit):7.998294946224368
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:E737260D4BF7C033901313A0FD747AA7
                                                                                                                                                                                                                                                      SHA1:C65B32315EB12CBF258DC65AC431A7C6649F46EF
                                                                                                                                                                                                                                                      SHA-256:AEA8C55938110FE86E65DBB559D2680DBF0DE8ACF34511C90B0377EA0C410C50
                                                                                                                                                                                                                                                      SHA-512:47C082A1DC95AB820E043E8EEC90CA0A011F50B6B4193DB631294E9E40DBC16CC39CA32C845C079F803969E338D76271174A37D632109A3930EC58ED7E47EF76
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK............................api.js.Y{o.9.....8.J.....9. 3vr9l.H<..[..l.Z.E.H*.]..~ ...-g.B.......U.b.....W....`h.....Z...dEk...*mg....i..WW+.W..w-......l../Fy.....o...$^.<'...b/./....86B.[..5Z..I.ka.N.....J~Bk.\.OVi.\|...?u.K.|K%]...........?....NS....q.v..c?hlP.dh.i.d..!?~.z.....v..d...nUM.WJ......$;...}......}......t..........%\rl....f....`n...{}....)........5........F@.A5......fg,..B2....9....{*...`[.6[.V..I.+*$...*..<..S.A...............v88......S#...J2..^.....,.......i,m[..A..JH..]S..|6N....{.....4;...l.j......a.`.."w..0.n..~r.[.h,.....Q.v..N9.Nys.5.j.^......B.vgP.Y.].)..;.6.3..z...h..l..o..0.9..bC.........P..... S..h..F....+..DPv.....1......r.`K....[%...I.q...%.Iq.e......0......3...a^.Y.FY.._.+..0.`y"."aL...J...:,..X.=&..`..a...*...:.'...>..B........s..YL.0ax..xL.j...>... q.o..f.......2....4u....).y.$.y.'Y.."..\.n.e....Y....5c$..P,..i...kh.....,M.$..,..I....N).r,.:.<....b.TqD."C.fUE.(..X.:I.2......f)I2..4e%..$!e....4L..........&iX...`Y
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpaddon-72fcce
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):491261
                                                                                                                                                                                                                                                      Entropy (8bit):7.998560959124034
                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:29DDFD36F79EAAE39627110A00FF8370
                                                                                                                                                                                                                                                      SHA1:F5A0D4EB07B0E6813E64F07C99478B823EEDB82D
                                                                                                                                                                                                                                                      SHA-256:600552DE4DE554364152ED426D02264E97D76AE1F33AFB1D845A0D25E5E5BA33
                                                                                                                                                                                                                                                      SHA-512:9ED5B4C27C2C159B83A1B887A1215D0472171CFF422D2BC1962312F90E62D1B212955FE68BC88F826D613C9FB58B86F6FA16EBC1533E863F6A5648DCB1319BCB
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: PK........G.bN.b._.}..........gmpopenh264.dll..|T..~.l`.......Z.F.l.(h...Y.......bK.5.h..n.;{..[..RE..*....h.y$j.Q...Q&.....J..9gf......~..|.hv..s.9s....u..,M...2.iM..W....0.?.?M..}..&G..W,....ew.~.7. ...n.......{g.m...[|.5.?.}.M.....>./|...V.....&O..g&?G.[&.L..&k.f...>g_..d.}>3."..29 ......['...g.s.7..{....9..K..[...j.N....>.hZ.(.nk..y....pk.|F}j.q....>.n.9..z.+Z..K'i.pw.e...LH..$.....0Ik..i...U.a.8..W[......7-........p.N{.\M[t...o..A..........<.v...E3....'i..y..v...y;..=....q&*......MKo.Q..#..9.$...G....W.E.s...K..<.my.G.....7.W<..B.=..\X..sZ1..77:P...z....o9o...7V3...:..w.C...6=.B],..j:.6...3.}.(...D[.zd.E.u.......g.:..T...8..C....... .......7...[.^V..hf..B.@...P....[.....B/pu...,.}...p....E..m-[x}..W....S^.....?..e...D@....9~.f?...rg1.-4..00.9v....<....m..".....1..c-z......a..=.G.l\[h.g..z...'@..g.................o7..M.v."..p....~7|.....w.E[...0..l.6.........}l.`..9.@huU......H.p.]z.O...Unx..D..1R5.`l..D....D...`..2X];
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phyrox Portable.lnk
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu Mar 7 22:33:43 2019, mtime=Thu Mar 7 22:33:43 2019, atime=Mon Feb 25 15:47:26 2019, length=458704, window=hide
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):3895
                                                                                                                                                                                                                                                      Entropy (8bit):4.341880696095565
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:A3F5D170DC926ACEDBE0FB2F5C234380
                                                                                                                                                                                                                                                      SHA1:E1B4B61EA606BC3AB367A3C299CE3935042BBCAC
                                                                                                                                                                                                                                                      SHA-256:19FC5680CEF304C52842CA40F7B411A8F1EE17B8961B138C6BF28ED75ADDB21C
                                                                                                                                                                                                                                                      SHA-512:EFBF847F735F6E85DF2E0786FB6585B1798CFDD8B63AEC6361D1C6D7BB0B22B49E0BE558E2C2CEE8F0661F7600C892A31D5C6CC7D136DA56FF15F6E336D877BC
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: L..................F.... ......3>......3>.......)................................P.O. .:i.....+00.../C:\.....................1.....gN7...PROGRA~2........./M:<gN7.....................V.....xf!.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....h.1.....gN6...MOZILL~1..P......gN6.gN6............................T7.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2.....YN. .firefox.exe.H......gN6.gN6.....k.....................`G..f.i.r.e.f.o.x...e.x.e.......i...............5.......h...........C..\....Di$que C.C:\Program Files (x86)\Mozilla Firefox\firefox.exe..8.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.&.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.........*................@Z|...K.J.........`.......X.......pc-hades........d..ty.E........;..A...kT....Ld..ty.E........;..A...kT....L0...........1SPS.XF.L8C....&.m.m................S.-.1.-.5.-.2.1.-.3.7.9.4.4.9.9.6.8
                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Crash Reports\InstallTime20200930150533
                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                      Size (bytes):10
                                                                                                                                                                                                                                                      Entropy (8bit):2.3219280948873626
                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                      SSDEEP:
                                                                                                                                                                                                                                                      MD5:C555943533CE0FD42CEE8CF84768B1CD
                                                                                                                                                                                                                                                      SHA1:F548C7BBBC673F2836D7CA3FEA6C74B8244B8EBC
                                                                                                                                                                                                                                                      SHA-256:20A87FEF7776168A602A2CEBF1A7EBC45B31FC8604984CFAF6C352714533FCA8
                                                                                                                                                                                                                                                      SHA-512:619B5AF08D0995A4342CA876AC5B156DB5331C085C439D3C2A65BD7B171C90D3DAD9618D58052EA7B8D72DDF7436E28FC142E359943A5FA34B6951495C1E4A36
                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                      Preview: 1614110388

                                                                                                                                                                                                                                                      Static File Info

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      File type:Zip archive data, at least v2.0 to extract
                                                                                                                                                                                                                                                      Entropy (8bit):7.998563059330684
                                                                                                                                                                                                                                                      TrID:
                                                                                                                                                                                                                                                      • Java Archive (13504/1) 62.78%
                                                                                                                                                                                                                                                      • ZIP compressed archive (8000/1) 37.19%
                                                                                                                                                                                                                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.03%
                                                                                                                                                                                                                                                      File name:firefox-3.0.0.zip
                                                                                                                                                                                                                                                      File size:102871757
                                                                                                                                                                                                                                                      MD5:0843e8551bc7a922b97a0768bdf10d95
                                                                                                                                                                                                                                                      SHA1:5d710aa96aac8550fcd64d70139686baabd4265f
                                                                                                                                                                                                                                                      SHA256:bea70100c2a98c2e7624e3718a3c552dbfd3cec749aba8bc696d49df4435be33
                                                                                                                                                                                                                                                      SHA512:85855cb3d1677b62f751759578c03dab4081ce9dd0bfbd28391fd6368b8528875e3cab1efb7e9d1a6f540d8e1dcad11b3fcf7b16342dbaf212381dda0c51834b
                                                                                                                                                                                                                                                      SSDEEP:1572864:dvZF8hsv2JDCVWpS4+MvT3wlbT1mjL6gwJKp5e0LWYMlgt16CAUo/tLQ0Y+Iuwud:Khs+AVuS4+rtyWgTp5cYBtiOBVuwQ
                                                                                                                                                                                                                                                      File Content Preview:PK..........HR................firefox-win32/app/PK..........>Q7{I.G....... ...firefox-win32/app/Accessible.tlb.V]..Q......f..^%.......|L>g.J.f........7......Iq!.$..|'.......\H...+...s...=..?y...<..|......k.gd...`..%....}H.>..-.y..\o.3.{..c.#...?I....m....

                                                                                                                                                                                                                                                      File Icon

                                                                                                                                                                                                                                                      Icon Hash:00828e8e8686b000

                                                                                                                                                                                                                                                      Network Behavior

                                                                                                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                                                                                                      TCP Packets

                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.793662071 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.836185932 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.836359978 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.895714998 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.936572075 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.936918020 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.980182886 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.372301102 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.414397001 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.414587975 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.640695095 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.681699991 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.682039976 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.824338913 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:22.980990887 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:23.022144079 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:27.684503078 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:27.725572109 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.767218113 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.813555002 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.814071894 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.546348095 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.592600107 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.593168974 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.593219995 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.593317032 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.595303059 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.700563908 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.988423109 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.988760948 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.036122084 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.036186934 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.036797047 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.039814949 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.200542927 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.200556040 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.241591930 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.245054007 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.245182037 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.336921930 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.540339947 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.541779995 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.541816950 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.541843891 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.541898012 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.555640936 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.566967964 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.613164902 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.613599062 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.700573921 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.759043932 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.888256073 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.618872881 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.664995909 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.665349007 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.888176918 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.950547934 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.997240067 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.997277021 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.997302055 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.997325897 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.997355938 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.997410059 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.998559952 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.998591900 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.998672009 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.999808073 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.999845028 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.999902964 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.001121998 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.001146078 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.001252890 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.002374887 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.002398014 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.002465010 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.003699064 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.003716946 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.003782034 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.005004883 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.005026102 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.005110979 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.006345987 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.006371021 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.006419897 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.007616043 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.007637978 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.007684946 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.008985043 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.009004116 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.009085894 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.010282040 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.010318995 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.010380983 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.011595964 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.011636972 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.011708975 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.012885094 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.012916088 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.012979031 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.014190912 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.014225960 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.014293909 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.015537024 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.043397903 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.043423891 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.043520927 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.044020891 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.044078112 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.044714928 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.045296907 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.045316935 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.045394897 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.046633959 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.046659946 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.046725988 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.047992945 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.048017979 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.048079014 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.049257994 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.049294949 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.049336910 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.050554037 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.050587893 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.050626993 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.051917076 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.051943064 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.051974058 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.053226948 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.053260088 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.053328037 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.054517984 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.054552078 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.054610968 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.055830956 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.055855989 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.055927992 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.057100058 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.057118893 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.057177067 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.058414936 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.058440924 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.058484077 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.059747934 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.060374975 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.060406923 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.060450077 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.060512066 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.061750889 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.061769962 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.061822891 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.063292027 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.063316107 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.063416004 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.064332008 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.064362049 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.064424992 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.065601110 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.065629005 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.065718889 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.066963911 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.066998959 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.067078114 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.068269014 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.068298101 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.068365097 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.069717884 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.069746971 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.069871902 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.070846081 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.070882082 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.070946932 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.072165966 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.072190046 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.072410107 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.091717958 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.091737032 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.091810942 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.092190981 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.092210054 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.092327118 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.093419075 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.093468904 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.093560934 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.094299078 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.094321012 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.094374895 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.095494032 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.095542908 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.095649958 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.096483946 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.096514940 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.096575022 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.098112106 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.098133087 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.098186016 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.099212885 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.099234104 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.099282026 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.101067066 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.101100922 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.101159096 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.101929903 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.101957083 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.102014065 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.103063107 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.103085041 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.103143930 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.104149103 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.104185104 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.104265928 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.105814934 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.105839014 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.105890036 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.107944012 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.107969046 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.108026028 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.108383894 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.108412027 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.108465910 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.109415054 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.200679064 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.014822006 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.235754013 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.235805035 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.235965967 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.794701099 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.836321115 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.971446991 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.974397898 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.993725061 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.021377087 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.024261951 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.024560928 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.024652004 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.025305986 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.029910088 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.044250965 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.044378042 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.058557987 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.073586941 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.075666904 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.075701952 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.075721025 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.076791048 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.078186035 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.079428911 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.079452991 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.079468012 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.079540014 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.093051910 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.107053995 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.108207941 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.108345032 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.108449936 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.108458042 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.121098042 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.142023087 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.142077923 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.142224073 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.150068998 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.170044899 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.170084953 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.170135021 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.200131893 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.200174093 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.200279951 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.946372032 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.946399927 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.947091103 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.948079109 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.949162960 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.949942112 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.949970007 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.950946093 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.950979948 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.951333046 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.951353073 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.953119993 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.954072952 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.994712114 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.994932890 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.995475054 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.996217966 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.996329069 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.997464895 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.998368025 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.999397993 CET4434974435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.999644041 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.999675035 CET4434974535.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.999768019 CET49744443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.999768019 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.001127005 CET49745443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.146157026 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.146228075 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.146270037 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.146357059 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.146394968 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.147145987 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.147198915 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.147315979 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.151995897 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.152030945 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.152107000 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.155302048 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.155453920 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.158216953 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.158337116 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.161174059 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.165157080 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.168984890 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.203828096 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.364316940 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.364347935 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.364371061 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.364392042 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.364939928 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.373264074 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.374193907 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.374218941 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.374233007 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.374351978 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.385231972 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.403460979 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.533175945 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.581279039 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.585227966 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.589078903 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.596541882 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.611304998 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.615422010 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.642623901 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.642653942 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.642676115 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.642746925 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.644661903 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.644696951 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.644781113 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.663588047 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.663613081 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.663717031 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.665765047 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.667859077 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.699898005 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.710424900 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.710448027 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.737082005 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.738212109 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.782507896 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783070087 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783154964 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783512115 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783530951 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783550024 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783571959 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783581018 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783607960 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.783653975 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.784992933 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.785011053 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.785060883 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.786499023 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.786516905 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.786559105 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.788000107 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.788058043 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.788906097 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.835181952 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.835334063 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.835350990 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.835418940 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.837456942 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.869465113 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.872956038 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.875878096 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.876447916 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.904863119 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.915759087 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.915795088 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.921902895 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.921935081 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.922003031 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.922422886 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923388958 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923434019 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923474073 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923490047 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923518896 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923566103 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.923722029 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.928781033 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.966720104 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.974826097 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.998200893 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.141923904 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.173000097 CET4434975634.223.130.205192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.346622944 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.346657038 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.346719980 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.388859034 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.388863087 CET49756443192.168.2.734.223.130.205
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.429797888 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.066133022 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.112257004 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.116945028 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.186101913 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.535444021 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.582415104 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.626897097 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.673635006 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.673670053 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.673798084 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.807684898 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.978231907 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.012495995 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.012660980 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.019195080 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042757034 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.078406096 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.126128912 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.245872021 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.247029066 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.247052908 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.247062922 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.247172117 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.295618057 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.405299902 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.608655930 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.795644999 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.091679096 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.139595985 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.201853037 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.299370050 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.347798109 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.347824097 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.347982883 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.586842060 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.796236992 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.796282053 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.796442986 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.963668108 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.008917093 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.009046078 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.017878056 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.063141108 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.063608885 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.063661098 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.063798904 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.065304995 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.148041964 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.148292065 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.192982912 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.193018913 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.193969965 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.193994045 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194013119 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194029093 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194045067 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194061041 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194077015 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194097042 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194138050 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.194176912 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.195281029 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.195305109 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.195375919 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.196546078 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.196567059 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.196626902 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.197834969 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.197866917 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.201834917 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.386156082 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.396064043 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.434765100 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.443615913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.443710089 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.448143005 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.495836020 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.496510029 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.496529102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.496633053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.498405933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.498821020 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.516844988 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.519078970 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.562967062 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.565040112 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.565540075 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.565557003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.565572023 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.565643072 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.583555937 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.630062103 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.630093098 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.630191088 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.630290985 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.630311966 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.630393028 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.631093025 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.631118059 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.631207943 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.631669044 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.631689072 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.631753922 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.632385969 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.632415056 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.632473946 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.633054018 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.633084059 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.633157015 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.633758068 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.701956034 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.734538078 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.780369997 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.782715082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.783130884 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.783160925 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.783183098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.783201933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.783246994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.783288002 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.784488916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.784524918 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.784627914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.785810947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.785842896 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.785923004 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.787185907 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.787219048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.787316084 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.788518906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.788552046 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.788623095 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.789848089 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.789879084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.789947987 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.791182995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.791201115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.791305065 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.792525053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.792560101 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.792644024 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.793893099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.793922901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.794029951 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.795223951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.795258045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.795341969 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.796572924 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.796611071 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.796761990 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.797928095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.797955990 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.798043013 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.799271107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.799305916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.799391031 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.800601959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.800635099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.800738096 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.801955938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.828711033 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.830470085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.830512047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.830600023 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.831084967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.831124067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.831192017 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.832384109 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.832401991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.833755970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.833792925 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.833878994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.833934069 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.835139036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.835174084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.835259914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.836375952 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.836477995 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.984455109 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.998917103 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.032113075 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.032787085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.032809973 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.032898903 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.081518888 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.129812002 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.201997995 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.459095955 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.505584955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.505618095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.505708933 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.506010056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.506076097 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.506125927 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.507761002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.507868052 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.507946968 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.510920048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.510943890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.511027098 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.586162090 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.588332891 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.634417057 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.634473085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.634529114 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.634728909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.634759903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.634823084 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.635842085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.635890961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.635967970 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.636588097 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.636846066 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.636879921 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.636933088 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.637866974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.637898922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.637976885 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.638973951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.639018059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.640304089 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.659559011 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.660952091 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707242966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707278013 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707343102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707366943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707412958 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707444906 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707529068 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707572937 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707628012 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707881927 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707923889 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.707968950 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.708348036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.708414078 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.708479881 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.708606005 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.708633900 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.708791971 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.709258080 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.709410906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.709436893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.709501982 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.710433006 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.710458994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.710562944 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.711476088 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.711503983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.711555958 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.712619066 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.712646961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.712726116 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.713591099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.713680983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.713742018 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.714682102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.714740038 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.714812994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719216108 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719249964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719273090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719294071 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719317913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719367981 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719367027 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719429016 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719433069 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719846010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719906092 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719932079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719954967 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.719973087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.720022917 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.720925093 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.720956087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.721059084 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.721982956 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.722014904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.722083092 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.723010063 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.723040104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.723090887 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.724067926 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.724109888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.724165916 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.725109100 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.725152969 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.725220919 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.726145983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.726176977 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.726258993 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.727222919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.727282047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.727334976 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.728265047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.728301048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.728435040 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.729305983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.729350090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.729417086 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.730343103 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.730382919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.730443001 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.753060102 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755351067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755373955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755392075 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755410910 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755424976 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755428076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755441904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.755480051 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.756177902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.756308079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.756352901 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.757163048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.757194042 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.757256985 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.758115053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.758140087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.758200884 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.759147882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.759172916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.759274006 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.760205030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.760330915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.760390997 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.761286974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.761320114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.761363029 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.765405893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.765548944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.765600920 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.765824080 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.765887022 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.765933037 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.766932964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.766974926 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.767040014 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.767980099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.768007994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.768059969 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.769030094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.769059896 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.769131899 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.770096064 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.770127058 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.770172119 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.771152020 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.771182060 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.771220922 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.772139072 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.772221088 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.772262096 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.773206949 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.773298025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.773348093 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.774229050 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.774259090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.774301052 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.775289059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.775312901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.775367022 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.776315928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.776341915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.776385069 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.777369022 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.777407885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.777471066 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.778465986 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.778486967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.778547049 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.779465914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.779485941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.779541016 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.801908970 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.802926064 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.802956104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803024054 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803083897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803106070 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803163052 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803802967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803829908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.803956985 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.804477930 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.804537058 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.804594994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807128906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807157993 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807180882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807198048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807215929 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807235003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807248116 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.807291031 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.808212996 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.808234930 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.808346987 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.808926105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.808954954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.809031963 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815417051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815437078 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815460920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815474987 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815491915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815591097 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815606117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815622091 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815629005 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815648079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815671921 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.815715075 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.816755056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.816788912 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.816847086 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.817435026 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.817460060 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.817579031 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.818614960 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.818636894 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.818713903 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.819648981 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.819674015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.819751978 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.820749998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.820779085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.820880890 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824745893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824774981 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824800014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824822903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824868917 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824872017 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824886084 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824897051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.824943066 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.825567961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.825613976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.825658083 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.826014042 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.826040983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.826289892 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.826689005 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.826823950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.826870918 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.827941895 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.827975035 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.828032970 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829083920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829155922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829245090 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829626083 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829653978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829731941 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829907894 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829951048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.829998016 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.830080032 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.830110073 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.830168962 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.830718040 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.830745935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.830795050 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.831331968 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.831355095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.831427097 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.832561970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.832588911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.832638025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.833795071 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.833820105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.833911896 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.834117889 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.834150076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.834192038 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.834234953 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.834367037 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.834424973 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.835036039 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.835061073 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.835120916 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.835632086 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.835660934 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.835716009 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.836097002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.836121082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.836174011 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.836786985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.836816072 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.836878061 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.837455988 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.837481976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.837542057 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.840991974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841026068 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841104984 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841182947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841203928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841257095 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841468096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841489077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841550112 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841583967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841610909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.841662884 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842055082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842077971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842144966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842618942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842654943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842709064 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842823029 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842844009 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842864037 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842883110 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842892885 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.842927933 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.843564034 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.843589067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.843655109 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.844243050 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.844273090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.844347954 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.844921112 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.844944954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.845005989 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.848927975 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.848968983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.849000931 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.849035978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.849065065 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.849116087 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.851197958 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.851241112 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.851316929 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.851993084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.852031946 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.852094889 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.852350950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.852394104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.852448940 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.853143930 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.853174925 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.853236914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.854567051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.854607105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.854675055 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.854846001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.854907990 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.854954004 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.855564117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.855598927 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.855644941 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.857419968 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.857470989 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.857518911 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.859997988 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.860021114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.860112906 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.863976002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.864008904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.864079952 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.864289045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.864310026 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.864411116 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.865120888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.879044056 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.883029938 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.927691936 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.929897070 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.929934978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.929965019 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.929990053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930013895 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930036068 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930042028 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930064917 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930115938 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930222988 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930320978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930346012 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930367947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930377007 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930391073 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930413008 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930417061 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.930466890 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931216955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931252003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931274891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931297064 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931343079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931361914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931370020 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.931425095 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932138920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932173967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932224989 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932250023 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932276011 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932279110 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932301044 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932301998 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.932347059 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933080912 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933111906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933136940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933162928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933186054 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933187962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933212996 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933217049 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.933263063 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934046030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934081078 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934107065 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934132099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934133053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934181929 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934185028 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934216022 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934257030 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934947968 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.934987068 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935014009 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935039997 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935066938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935081959 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935096025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935116053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935141087 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935874939 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935910940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935940027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935965061 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935980082 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.935992002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936019897 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936022043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936064959 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936829090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936862946 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936887026 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936911106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936928988 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936934948 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936963081 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.936981916 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937011957 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937760115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937799931 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937824011 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937845945 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937869072 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937896013 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937899113 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937928915 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.937959909 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938694954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938730001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938752890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938775063 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938797951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938812017 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938822985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938864946 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.938910007 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939701080 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939742088 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939769030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939795971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939821959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939836025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939850092 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939872980 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.939898014 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940632105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940666914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940690994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940713882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940737009 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940762997 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940774918 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.940805912 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941510916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941548109 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941570997 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941593885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941605091 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941616058 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941642046 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941647053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.941689014 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942447901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942498922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942528009 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942553043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942580938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942595959 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942605972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942641020 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.942667961 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943392992 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943427086 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943449974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943471909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943495035 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943506002 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943519115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943552971 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.943581104 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944308043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944341898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944367886 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944391966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944416046 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944443941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944449902 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944478989 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.944500923 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945240974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945274115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945297956 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945322990 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945347071 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945358038 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945374966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945400953 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.945420027 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946182966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946214914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946239948 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946264982 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946289062 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946307898 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946316957 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946341991 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.946367979 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947122097 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947155952 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947180986 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947206020 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947231054 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947237968 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947261095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947278976 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.947308064 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948067904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948107004 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948132038 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948157072 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948182106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948205948 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948209047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948239088 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.948271036 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949003935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949033976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949057102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949080944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949105024 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949110031 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949135065 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949141026 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949181080 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949955940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.949982882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950007915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950032949 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950040102 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950057983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950083971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950087070 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950136900 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950948954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.950980902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951005936 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951035976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951062918 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951088905 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951106071 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951165915 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951817989 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951848984 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951878071 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951905012 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951920986 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951930046 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951956987 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.951980114 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952033043 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952743053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952775955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952910900 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952934980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952994108 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953020096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953037977 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953044891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953083992 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953690052 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953718901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953747034 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953772068 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953778028 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953797102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953821898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953821898 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.953869104 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954653978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954689026 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954716921 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954742908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954767942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954791069 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954792023 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.954843044 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955585003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955611944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955638885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955662966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955689907 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955694914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955715895 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955734015 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.955760002 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956491947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956520081 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956545115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956572056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956598043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956623077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956631899 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956651926 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.956686974 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957456112 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957485914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957515955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957542896 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957566977 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957591057 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957592964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957621098 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.957650900 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958399057 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958429098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958452940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958477974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958508015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958532095 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958534002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958559036 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.958585978 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959337950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959382057 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959405899 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959429979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959453106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959475994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959481955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959522963 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.959572077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960267067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960299015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960323095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960347891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960349083 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960376978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960402966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960412979 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.960472107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961186886 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961218119 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961246014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961272955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961277008 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961297989 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961318016 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961323023 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.961361885 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962141991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962171078 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962191105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962212086 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962232113 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962240934 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962251902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.962311983 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976075888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976103067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976130962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976155043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976233006 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976258993 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976293087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976351976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976377964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976401091 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976423979 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976423979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976450920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976475000 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.976532936 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977272034 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977298975 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977319956 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977343082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977363110 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977406025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977418900 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977435112 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.977691889 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978343010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978375912 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978410006 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978435993 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978461981 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978485107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978487968 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978508949 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.978646040 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979408979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979438066 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979463100 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979489088 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979518890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979547024 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979713917 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.979724884 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980118036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980195999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980217934 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980240107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980262041 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980283022 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980289936 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980302095 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.980448008 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981097937 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981149912 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981175900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981197119 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981219053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981241941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981255054 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981266975 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981301069 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981930971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981956959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.981980085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982271910 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982733011 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982763052 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982784033 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982805014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982827902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982848883 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982913971 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982928991 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.982933998 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983218908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983251095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983273983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983295918 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983319044 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983340979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.983937025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984160900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984194994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984220982 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984251976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984275103 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984302998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984348059 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984359980 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.984364033 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985105991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985142946 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985167980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985189915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985210896 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985238075 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985265970 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985279083 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.985281944 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986041069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986080885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986107111 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986130953 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986156940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986182928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986207008 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986221075 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986223936 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.986977100 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987013102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987037897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987062931 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987088919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987114906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987131119 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987143040 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987147093 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987922907 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987963915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.987987995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988010883 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988034010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988058090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988075972 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988087893 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988091946 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988878965 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988919973 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988946915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988970995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.988989115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989006042 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989015102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989020109 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989090919 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989779949 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989814043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989837885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989861012 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989886999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989912033 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989932060 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.989963055 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990717888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990767956 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990794897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990818024 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990844011 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990869045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990890980 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990900040 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.990906000 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991671085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991704941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991728067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991754055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991780043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991803885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991842031 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991856098 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.991859913 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992615938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992651939 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992680073 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992702961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992727995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992727995 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992736101 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992757082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.992944002 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993535042 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993560076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993577003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993592978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993609905 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993622065 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993668079 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993680000 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.993684053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994468927 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994493961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994510889 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994528055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994544983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994560957 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994611979 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994622946 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.994626045 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995398998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995421886 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995434046 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995450974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995465994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995486021 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995801926 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.995814085 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996342897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996364117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996385098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996402979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996418953 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996434927 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996478081 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996488094 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.996490955 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997270107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997315884 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997334003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997350931 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997364044 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997380972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997428894 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997438908 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.997442961 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998236895 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998271942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998294115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998327017 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998349905 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998370886 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998399973 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998410940 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998414993 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.998977900 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999145985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999171019 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999191999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999212980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999233961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999248028 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999253988 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.999254942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000104904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000133991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000155926 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000175953 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000197887 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000206947 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000214100 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000219107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.000225067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001032114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001060009 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001104116 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001126051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001149893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001149893 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001157999 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001161098 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001173019 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001667023 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001930952 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.001975060 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002002001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002026081 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002048016 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002053022 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002073050 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002075911 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002093077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002136946 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002934933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002966881 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.002986908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003007889 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003031969 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003055096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003082991 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003098011 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003102064 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003824949 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003870010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003896952 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003928900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003956079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003956079 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.003983974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004028082 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004048109 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004744053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004772902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004795074 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004822016 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004844904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004858971 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004865885 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.004867077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005563974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005595922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005618095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005621910 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005640030 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005645037 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005669117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.005690098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006422997 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006448984 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006469965 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006486893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006486893 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006493092 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006496906 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006510019 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006535053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007301092 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007325888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007345915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007360935 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007366896 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007373095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007374048 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007397890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.007419109 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008197069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008210897 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008218050 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008223057 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008224010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008249998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008271933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008292913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008316040 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008337021 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008342981 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008347034 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.008990049 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009022951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009046078 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009067059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009089947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009109974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009113073 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009150982 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009221077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009851933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009877920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009897947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009917974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009939909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009960890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009963036 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.009977102 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010092020 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010695934 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010721922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010742903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010763884 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010765076 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010786057 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010806084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010859966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.010875940 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011490107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011518955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011540890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011563063 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011584997 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011596918 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011604071 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011606932 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011629105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011894941 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.011904001 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012398958 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012428045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012450933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012471914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012492895 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012515068 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012533903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012559891 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012576103 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.012581110 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013314962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013339043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013362885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013398886 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013422012 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013442993 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013462067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013483047 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013499022 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.013506889 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014214039 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014240980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014266014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014286041 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014309883 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014332056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014334917 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014348030 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014352083 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.014354944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015182972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015208006 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015232086 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015255928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015276909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015295982 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015300989 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015311956 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015316010 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.015317917 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016055107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016082048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016103029 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016124010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016144991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016148090 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016159058 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016161919 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016166925 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016189098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016777992 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016788960 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.016976118 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017000914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017020941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017044067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017065048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017071009 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017079115 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017087936 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017807961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017836094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017858028 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017878056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017899990 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017923117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017929077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017941952 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017946959 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.017946005 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018629074 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018639088 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018646002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018671036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018696070 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018718004 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018738985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018759966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018780947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018806934 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018815994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.018820047 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019591093 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019618988 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019639969 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019666910 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019691944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019699097 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019706964 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019714117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019733906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019887924 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.019901991 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020509958 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020531893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020544052 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020560980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020576954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020593882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020610094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020632029 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.020646095 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021410942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021445036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021466970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021488905 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021512985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021537066 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021560907 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021564007 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021576881 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021579027 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.021723986 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022303104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022324085 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022337914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022353888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022368908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022386074 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022399902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022619963 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.022830963 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023214102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023232937 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023250103 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023266077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023286104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023303986 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023358107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023370028 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023971081 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.023988008 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024007082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024032116 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024032116 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024048090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024060965 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024131060 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024142981 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024152994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024281979 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024893045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024912119 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024928093 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024947882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024970055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024992943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.024996996 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025012970 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025017023 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025048971 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025808096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025839090 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025861025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025880098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025890112 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025897026 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025901079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025918007 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.025962114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026002884 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026012897 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026755095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026774883 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026792049 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026808023 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026828051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026835918 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026844978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026861906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026887894 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.026897907 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027302980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027329922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027352095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027369022 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027376890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027394056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027415991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027436972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027460098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027477026 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027488947 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027493954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027497053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027499914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027510881 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027529001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027539968 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.027569056 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028228998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028254986 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028268099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028285027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028301954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028317928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028357029 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028367996 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028371096 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028393030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028412104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028635025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028865099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028883934 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028899908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028913975 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028918028 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028939962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028953075 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028959036 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028968096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028980970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.028994083 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029006004 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029026031 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029026985 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029043913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029170990 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029181957 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029812098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029834986 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029851913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029880047 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029881001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029901981 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029912949 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029922962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029941082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029958010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029974937 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.029990911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030004025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030015945 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030018091 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030023098 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030138969 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030744076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030767918 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030783892 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030801058 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030803919 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030818939 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030839920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030859947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030868053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030872107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030877113 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030900002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030915976 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030932903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030950069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.030972004 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031075001 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031636000 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031658888 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031677961 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031694889 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031704903 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031712055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031729937 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031744957 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031761885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031776905 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031789064 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031800985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031807899 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031815052 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031829119 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031847000 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.031948090 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032556057 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032582045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032601118 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032610893 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032618999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032632113 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032644033 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032656908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032669067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032681942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032694101 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032701969 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032711029 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032712936 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032726049 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032747984 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.032850027 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033524036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033545017 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033565044 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033584118 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033586025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033601046 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033620119 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033624887 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033642054 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033649921 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033658981 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033674955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033690929 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033706903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033723116 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033739090 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033744097 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.033747911 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034406900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034425974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034441948 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034459114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034475088 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034492016 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034508944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034508944 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034514904 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034528017 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034564972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034584999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034590006 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034595966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034604073 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034607887 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034620047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.034655094 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035327911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035348892 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035366058 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035382986 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035391092 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035401106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035413027 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035418034 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035438061 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035455942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035471916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035487890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035504103 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035516977 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035522938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035522938 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035526991 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.035631895 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036212921 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036237001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036252975 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036269903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036287069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036303043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036322117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036339998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036339998 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036345005 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036346912 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036351919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036366940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036385059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036401033 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036447048 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036465883 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.036469936 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038180113 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038212061 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038230896 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038247108 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038268089 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038325071 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038362980 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.038367033 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051886082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051918030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051929951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051944017 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051955938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051969051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051980019 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.051992893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052006006 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052021980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052038908 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052056074 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052073002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052239895 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052263021 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052263975 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052316904 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052347898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052367926 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052386045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052402973 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052422047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052443027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052457094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052464962 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052470922 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052470922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052485943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052499056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052515984 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052520037 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052531958 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052572966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.052716970 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053241014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053268909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053286076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053303003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053319931 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053322077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053338051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053380966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053401947 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053575039 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053622007 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053638935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053658962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053677082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053694010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053710938 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053711891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053724051 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053733110 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053750992 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053754091 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053766966 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053782940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053795099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053807974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053828001 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.053834915 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054512978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054533005 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054549932 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054567099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054579020 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054590940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054594994 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054605007 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054610968 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054636955 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054655075 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054673910 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054692984 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054703951 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054708958 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054713964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054738045 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054779053 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.054789066 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055478096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055499077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055516958 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055536985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055556059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055572987 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055586100 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055589914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055603027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055604935 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055624008 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055641890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055658102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055670023 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055674076 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055675030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055692911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055722952 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.055727959 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056405067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056425095 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056437016 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056449890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056464911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056478024 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056493998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056509972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056526899 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056579113 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056607962 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.056612015 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057095051 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057116032 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057133913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057151079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057168007 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057188034 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057205915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057221889 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057238102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057251930 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057255030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057265997 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057270050 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057272911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057274103 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057290077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057322979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057334900 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.057339907 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058038950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058058977 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058116913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058116913 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058136940 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058156967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058175087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058192968 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058212996 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058228970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058240891 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058245897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058249950 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058253050 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058264017 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058280945 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058300018 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058350086 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058360100 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058363914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058973074 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.058993101 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059014082 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059031963 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059048891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059065104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059086084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059101105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059153080 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059168100 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059168100 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059174061 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059186935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059206009 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059223890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059240103 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059288979 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059313059 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.059973001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060036898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060039043 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060055971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060071945 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060089111 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060107946 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060126066 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060134888 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060147047 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060148001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060218096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060266018 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060275078 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060580015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060597897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060616016 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060632944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060647964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060667992 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060686111 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060686111 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060695887 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060704947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060722113 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060738087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060746908 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060754061 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060754061 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060770035 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060785055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060847998 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.060861111 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061724901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061758995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061806917 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061846972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061885118 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061913013 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061924934 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061938047 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061943054 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.061969995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062010050 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062022924 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062057972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062100887 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062112093 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062140942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062202930 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062211037 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062246084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062356949 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062473059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062582016 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062632084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062658072 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062700987 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062717915 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062727928 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062741995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062786102 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062829971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062871933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062877893 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062885046 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062912941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062952995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.062984943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063016891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063237906 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063256025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063448906 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063499928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063508034 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063544989 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063585997 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063610077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063627005 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063667059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063707113 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063740015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063755989 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063775063 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063879967 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.063900948 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064124107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064174891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064218998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064259052 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064265966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064299107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064337969 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064349890 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064379930 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064412117 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064419031 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064457893 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064498901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064539909 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064552069 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064558029 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064580917 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064620972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.064682961 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065033913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065080881 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065110922 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065119982 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065161943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065187931 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065202951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065243006 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065282106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065288067 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065321922 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065366030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065431118 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065438986 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065447092 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065475941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065515995 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065555096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065608978 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065762043 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.065989971 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066031933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066073895 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066113949 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066153049 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066170931 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066180944 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066191912 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066230059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066273928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066299915 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066313982 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066349983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066371918 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066389084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066428900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066468954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066529989 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066535950 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066937923 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.066987991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067013025 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067023039 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067064047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067105055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067163944 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067181110 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067190886 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067203999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067244053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067290068 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067398071 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067418098 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067584038 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067641973 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067682028 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067711115 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067723036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067800999 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067830086 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067847967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067888021 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067929983 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067934990 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.067970991 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068007946 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068010092 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068051100 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068090916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068136930 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068212032 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068219900 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068655014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068686008 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068708897 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068733931 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068752050 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068758011 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068773031 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068775892 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068805933 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068828106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068839073 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068845987 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068849087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068872929 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068898916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068924904 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068939924 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068947077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068950891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069014072 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069423914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069453001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069478035 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069502115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069525957 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069526911 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069552898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069577932 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069590092 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069596052 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069602013 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069624901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069648027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069672108 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069695950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069719076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069752932 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069761992 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.069765091 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070311069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070343018 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070369959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070409060 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070430994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070452929 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070452929 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070467949 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070476055 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070503950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070527077 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070528030 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070590019 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070616007 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070931911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070964098 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.070983887 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071007967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071031094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071054935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071057081 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071083069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071109056 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071131945 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071141958 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071149111 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071151972 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071156979 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071180105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071202040 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071224928 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071227074 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071249008 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071346998 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071363926 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071932077 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071964025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.071989059 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072010994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072024107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072041988 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072065115 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072093010 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072094917 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072118044 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072137117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072155952 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072173119 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072174072 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072194099 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072217941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072235107 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072237968 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072295904 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072303057 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072845936 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072879076 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072902918 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072926998 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072952032 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072974920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.072997093 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073000908 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073019028 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073020935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073044062 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073066950 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073069096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073086023 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073096037 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073118925 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073143005 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073165894 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073180914 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073185921 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073215008 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073777914 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073806047 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073828936 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073851109 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073874950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073899984 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073945999 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.073964119 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074002981 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074167967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074193001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074218035 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074243069 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074266911 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074279070 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074306011 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074326038 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074350119 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074376106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074400902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074415922 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074425936 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074436903 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074446917 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074465036 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074480057 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074498892 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.074660063 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075115919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075193882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075220108 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075243950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075265884 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075284004 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075285912 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075304985 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075325012 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075342894 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075361013 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075385094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075407028 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075431108 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075454950 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075515985 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.075557947 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076077938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076107025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076131105 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076153994 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076176882 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076200962 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076225042 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076227903 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076246977 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076250076 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076255083 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076280117 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076296091 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076303959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076332092 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076354027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076376915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076397896 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076442957 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076452017 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076455116 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076960087 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.076991081 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077014923 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077039003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077060938 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077088118 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077091932 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077100992 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077362061 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077404022 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077425957 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077430964 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077456951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077481031 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077506065 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077528954 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077545881 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077553988 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077554941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077558041 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077584028 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077606916 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077629089 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077651978 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077675104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077696085 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077699900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077702045 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077706099 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077723980 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.077939034 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078294039 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078321934 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078346014 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078368902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078393936 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078408003 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078417063 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078423023 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078443050 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078447104 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078468084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078495026 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078520060 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078531027 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078536034 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078543901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078568935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.078603983 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.101289034 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.260723114 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.307396889 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.315763950 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.362325907 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.499912977 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.509114981 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555733919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555775881 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555798054 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555818081 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555840015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555856943 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555948973 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.555978060 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.567565918 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.614365101 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.633573055 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680296898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680319071 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680341959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680358887 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680376053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680392027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680408001 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680423975 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680443048 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680447102 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680461884 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680469990 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680474043 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680478096 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680480003 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680497885 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680511951 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680526972 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680538893 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680543900 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680546045 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680562019 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680581093 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680598974 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680615902 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680632114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680640936 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680646896 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680649042 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680650949 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680665970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680677891 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680691004 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680702925 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680717945 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680730104 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680742025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680753946 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680766106 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680778027 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680790901 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680803061 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680815935 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680828094 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680840015 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680846930 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680852890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.680864096 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681122065 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681294918 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681312084 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681330919 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681349039 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681365967 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681397915 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681417942 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681418896 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681427956 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681436062 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681457043 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681473970 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681490898 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681508064 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681516886 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681524038 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681525946 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681529045 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681541920 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681561947 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681580067 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681592941 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681605101 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681615114 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681663990 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681675911 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.681689024 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.704005957 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.752275944 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.795888901 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.800307035 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.840367079 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.856820107 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.889704943 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.903225899 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.903249025 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.903263092 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.903734922 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.934940100 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.982976913 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.983004093 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.983017921 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.983248949 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.004582882 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.050954103 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.084615946 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.091737986 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.131203890 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.177930117 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.191698074 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.240109921 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.296116114 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.389731884 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.499119997 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.542567015 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.593230009 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:58.187077045 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:58.227905989 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:59.965408087 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:00.168533087 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:00.224960089 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:00.270009995 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:01.937298059 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:01.983381987 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.527467012 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.730124950 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.730304003 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.731138945 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.843703032 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.892697096 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.934433937 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.935385942 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.935410023 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.935429096 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.935530901 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.947891951 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.020267963 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.093636036 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.152436972 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.203116894 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.249974966 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.264494896 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.295799971 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.299040079 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.317492962 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.360975027 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.546961069 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.588032007 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.593779087 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.796936035 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:08.265984058 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:08.308289051 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:10.209460974 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:10.324281931 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:10.369273901 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:10.412715912 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.727559090 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.768666029 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.768872976 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.789597034 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.830456972 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.830607891 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.922709942 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.969446898 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:12.031873941 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:12.078150034 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:12.991286993 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.035782099 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.356307030 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.403934002 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.422632933 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.424705029 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.626342058 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.628487110 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:13.922677994 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:14.125835896 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:20.377252102 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:20.422290087 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:20.425704002 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:20.628882885 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:21.782951117 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:21.824033976 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:21.845973969 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:21.886832952 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:22.080142021 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:22.126269102 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.048419952 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.095256090 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.407824039 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.454077959 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.642307997 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.642335892 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.844804049 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:23.845196009 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:24.126647949 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:24.329919100 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:30.424074888 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:30.471237898 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:30.642818928 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:30.846035957 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:31.830343962 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:31.871388912 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:31.892891884 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:31.933845043 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:32.127245903 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:32.173662901 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.111762047 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.156727076 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.549247980 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.596703053 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.955512047 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.955522060 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:34.158185959 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:34.158257961 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:34.346200943 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:34.549438953 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:40.554088116 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:40.598967075 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:40.884917021 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:40.933348894 CET4434974335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:40.954814911 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:41.049858093 CET49743443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:41.157881021 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:41.956270933 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:41.997250080 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:42.049998999 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:42.090838909 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:42.346837044 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:42.393028975 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.253521919 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.298753977 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.523747921 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.524158001 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.524185896 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.726218939 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.726241112 CET4434975534.216.198.143192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.726471901 CET49755443192.168.2.734.216.198.143
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.756623030 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:43.804320097 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:44.159495115 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:44.362181902 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:44.659619093 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:44.864504099 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:49.941528082 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:49.965487957 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:49.969722033 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:49.969929934 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:49.987714052 CET4434976099.86.159.30192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:50.034998894 CET49760443192.168.2.799.86.159.30
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:50.175151110 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:50.177437067 CET4434976734.216.80.151192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:50.179313898 CET49767443192.168.2.734.216.80.151
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:50.605983019 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:50.650988102 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.003876925 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.044838905 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.103140116 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.144098043 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.395703077 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.441977978 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:53.300928116 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:53.345725060 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:53.819451094 CET49770443192.168.2.713.226.162.32
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:53.865710020 CET4434977013.226.162.32192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:54.367837906 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:54.572441101 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:54.879308939 CET49739443192.168.2.734.218.7.136
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:55.082539082 CET4434973934.218.7.136192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:00.713454008 CET49769443192.168.2.713.226.162.116
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:00.760343075 CET4434976913.226.162.116192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.162254095 CET4972880192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.203258991 CET804972834.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.313496113 CET4973280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.355798960 CET804973234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.473360062 CET49738443192.168.2.7143.204.2.25
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.520864964 CET44349738143.204.2.25192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.329404116 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.329761982 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.329802036 CET49771443192.168.2.752.89.2.78
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.432979107 CET49757443192.168.2.799.86.159.5
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.477574110 CET4434975799.86.159.5192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.534076929 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.534130096 CET4434977152.89.2.78192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:03.534262896 CET49771443192.168.2.752.89.2.78

                                                                                                                                                                                                                                                      UDP Packets

                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:18.368463993 CET5856253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:18.378051996 CET5659053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:18.421807051 CET53585628.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:18.428162098 CET53565908.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:18.907547951 CET6050153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:18.958056927 CET53605018.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:19.713917971 CET5377553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:19.767477989 CET53537758.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:20.981296062 CET5183753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:21.030450106 CET53518378.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:21.229732990 CET5541153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:21.287130117 CET53554118.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:21.932540894 CET6366853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:21.981261015 CET53636688.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:23.152694941 CET5464053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:23.201363087 CET53546408.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:24.208168983 CET5873953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:24.256725073 CET53587398.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:25.295018911 CET6033853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:25.344980955 CET53603388.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:27.416825056 CET5871753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:27.466906071 CET53587178.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:30.340017080 CET5976253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:30.390599012 CET53597628.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:31.317656994 CET5432953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:31.367263079 CET53543298.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:32.221293926 CET5805253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:32.270881891 CET53580528.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:33.204097033 CET5400853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:33.252765894 CET53540088.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:34.270833969 CET5945153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:34.322263002 CET53594518.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:37.012028933 CET5291453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:37.060853004 CET53529148.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:40.373984098 CET6456953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:40.422658920 CET53645698.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:42.385195971 CET5281653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:42.436768055 CET53528168.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:43.887353897 CET5078153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:43.948935986 CET53507818.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:44.138137102 CET5423053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:44.192276001 CET53542308.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:45.603679895 CET5491153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 11:59:45.660454035 CET53549118.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:07.663290024 CET4995853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:07.712182999 CET53499588.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.728941917 CET5086053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.781044006 CET53508608.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.799765110 CET5045253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.849867105 CET53504528.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.909420013 CET5973053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.958045006 CET53597308.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:13.060502052 CET5931053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:13.112085104 CET53593108.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:14.930808067 CET5191953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:14.979614973 CET53519198.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:15.076375961 CET6429653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:15.110235929 CET5668053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:15.133498907 CET53642968.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:15.159003973 CET53566808.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.213205099 CET5882053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.264695883 CET53588208.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.279129028 CET6098353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.330586910 CET53609838.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.392386913 CET4924753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.444483042 CET53492478.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.393140078 CET5228653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.443592072 CET53522868.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.668700933 CET5606453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.720166922 CET53560648.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.866792917 CET6374453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.918467999 CET53637448.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:18.796838999 CET6145753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:18.850213051 CET53614578.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:19.752914906 CET5836753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:19.804701090 CET53583678.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:19.860106945 CET6059953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:19.909574986 CET53605998.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:21.138160944 CET5957153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:21.188410044 CET53595718.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.853430033 CET5268953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.918828011 CET53526898.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.814097881 CET5029053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.877533913 CET53502908.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.911005020 CET5620953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.968708992 CET53562098.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.978996038 CET5958253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.979566097 CET6042753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.029308081 CET53595828.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET53604278.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.053087950 CET6094953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET53609498.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.223030090 CET5854253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET53585428.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.373382092 CET5917953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.422183990 CET53591798.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.510652065 CET6092753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.559957981 CET53609278.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.607426882 CET5785453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.658135891 CET53578548.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:34.735769033 CET6202653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.172380924 CET5945353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.237571001 CET53594538.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.316381931 CET6246853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.373225927 CET53624688.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.427043915 CET5256353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.492032051 CET53525638.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.502804041 CET5472153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.567703962 CET53547218.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.781446934 CET6202653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:35.796278954 CET53620268.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:36.104214907 CET6282653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:36.152901888 CET53628268.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.193706036 CET6204653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.258681059 CET53620468.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.340478897 CET5122353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.389408112 CET53512238.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.626435041 CET6390853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.696351051 CET53639088.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.730895996 CET4922653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.801800013 CET53492268.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.823101997 CET6021253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.842294931 CET53620268.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.871794939 CET53602128.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.881671906 CET5886753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.942277908 CET53588678.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.009778976 CET5086453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.059600115 CET53508648.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.152265072 CET6150453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.203830957 CET53615048.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.312587023 CET6023153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.361175060 CET53602318.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.713498116 CET5009553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET53500958.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.809019089 CET5965453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET53596548.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.882215023 CET5823353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET53582338.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:39.198481083 CET5682253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:39.250140905 CET53568228.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:40.653604984 CET6257253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:40.708431959 CET53625728.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.535209894 CET5717953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.594842911 CET53571798.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.660363913 CET5612453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.710470915 CET53561248.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.769114017 CET6228753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.820605993 CET53622878.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.443871021 CET5464453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.508753061 CET53546448.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.559773922 CET5915953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.591794014 CET5792453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.597511053 CET5171253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.627252102 CET5886553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.631393909 CET53591598.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.640450001 CET6433753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.675520897 CET53517128.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.678649902 CET53579248.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.700113058 CET53588658.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.703953028 CET53643378.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.723272085 CET5040753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.733186960 CET6107553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.761178970 CET5495253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.780518055 CET53504078.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.808780909 CET5918653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.820221901 CET53549528.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.820245028 CET53610758.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.835294008 CET5228053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.868872881 CET53591868.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.878524065 CET5179453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.893666983 CET53522808.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.901938915 CET5081553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.945327997 CET53517948.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.967194080 CET53508158.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.007194042 CET5849853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.009031057 CET5686253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.040729046 CET6180753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.061464071 CET53568628.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.073307037 CET53584988.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.113271952 CET53618078.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.149085045 CET5200953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.182507992 CET5864853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.201286077 CET53520098.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET53586488.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.315201998 CET5933753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.331584930 CET5926953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.345783949 CET4980253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET53593378.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET53592698.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.410187960 CET53498028.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.445408106 CET5070653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.464258909 CET5515353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.505310059 CET53507068.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.515795946 CET53551538.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:44.965003014 CET5974453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.031619072 CET53597448.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.113512039 CET5998753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.179394960 CET53599878.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.373564959 CET6127253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.443279028 CET53612728.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.446809053 CET5435253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:45.511526108 CET53543528.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.735362053 CET6069653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET53606968.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.924422026 CET5913953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET53591398.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.993406057 CET5956553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET53595658.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.089503050 CET5639753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.138174057 CET53563978.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.094515085 CET5281853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.144941092 CET53528188.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.296705961 CET5423653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.349788904 CET53542368.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.618532896 CET5469853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.623054028 CET5846853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.676944017 CET53546988.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.694962025 CET53584688.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.970956087 CET5829053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.010540962 CET5410253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.031030893 CET53582908.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.078730106 CET53541028.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.151334047 CET5582253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.216650009 CET53558228.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.234385967 CET6456253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.291542053 CET53645628.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.315856934 CET6155753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.378232002 CET53615578.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.433161974 CET5437553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.495646954 CET53543758.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.531222105 CET4982153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.591063976 CET53498218.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.601397991 CET5401253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.650238037 CET53540128.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.741065979 CET6368453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.813270092 CET53636848.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.858016014 CET6291253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.914895058 CET53629128.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.962871075 CET6080453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.024173975 CET53608048.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.031230927 CET6013953192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.081283092 CET53601398.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.455657959 CET5914053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.520401955 CET53591408.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.538921118 CET5090553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.596227884 CET53509058.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.606561899 CET5338153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.663778067 CET53533818.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.685736895 CET5439053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.737813950 CET53543908.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.892235041 CET6351453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952056885 CET53635148.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.006989956 CET5057853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068263054 CET53505788.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.114515066 CET6355453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.173815012 CET53635548.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.195940018 CET6387853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.253464937 CET53638788.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.276580095 CET5379253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.325627089 CET53537928.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.336673021 CET6528053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.396970987 CET53652808.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.431740046 CET5589053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.480396986 CET53558908.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.509782076 CET5708253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.561505079 CET53570828.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.675827026 CET6432853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.737761974 CET53643288.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.757870913 CET5440053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.817854881 CET53544008.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.861610889 CET5251453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.910327911 CET53525148.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.916106939 CET5310453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.964706898 CET53531048.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.044127941 CET5436753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.099168062 CET53543678.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.124669075 CET6420253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.183065891 CET53642028.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.200624943 CET6217153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.258950949 CET53621718.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.312769890 CET5067253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.375092983 CET53506728.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.423762083 CET6356553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET53635658.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.530838013 CET6212153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET53621218.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.584440947 CET5933053192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET53593308.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.646104097 CET5137853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.699485064 CET53513788.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:08.264772892 CET5841853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:08.317850113 CET53584188.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.734569073 CET6321153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.786134958 CET53632118.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.790918112 CET5751553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.797195911 CET5638153192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.839806080 CET53575158.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.848695993 CET53563818.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.854717016 CET5836753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.906173944 CET53583678.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.910459995 CET5609653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.963161945 CET53560968.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:32.879203081 CET6004453192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:32.940059900 CET53600448.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.489550114 CET6177553192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:33.546781063 CET53617758.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:34.116836071 CET5081353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:34.213625908 CET53508138.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:35.073549032 CET6517353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:35.147702932 CET53651738.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:35.572068930 CET5130753192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:35.635685921 CET53513078.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:36.132563114 CET5124853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:36.181068897 CET53512488.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:36.743120909 CET5047653192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:36.803277969 CET53504768.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:37.384893894 CET6316853192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:37.436692953 CET53631688.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:38.142908096 CET6299353192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:38.203342915 CET53629938.8.8.8192.168.2.7
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:38.625345945 CET5645253192.168.2.78.8.8.8
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:38.683693886 CET53564528.8.8.8192.168.2.7

                                                                                                                                                                                                                                                      ICMP Packets

                                                                                                                                                                                                                                                      TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.842586994 CET192.168.2.78.8.8.8d009(Port unreachable)Destination Unreachable

                                                                                                                                                                                                                                                      DNS Queries

                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.728941917 CET192.168.2.78.8.8.80x8369Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.799765110 CET192.168.2.78.8.8.80x1df7Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.909420013 CET192.168.2.78.8.8.80xdb37Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:13.060502052 CET192.168.2.78.8.8.80xdcbeStandard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.213205099 CET192.168.2.78.8.8.80x8241Standard query (0)mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.279129028 CET192.168.2.78.8.8.80x8d4cStandard query (0)mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.392386913 CET192.168.2.78.8.8.80x8495Standard query (0)mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.393140078 CET192.168.2.78.8.8.80xafe5Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.668700933 CET192.168.2.78.8.8.80x617dStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:19.860106945 CET192.168.2.78.8.8.80x3338Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:21.138160944 CET192.168.2.78.8.8.80x6d75Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.853430033 CET192.168.2.78.8.8.80x9237Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.814097881 CET192.168.2.78.8.8.80x1275Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.911005020 CET192.168.2.78.8.8.80xadf9Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.978996038 CET192.168.2.78.8.8.80xe9d4Standard query (0)firefox.settings.services.mozilla.com28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.979566097 CET192.168.2.78.8.8.80xe7f8Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.053087950 CET192.168.2.78.8.8.80x85b2Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.223030090 CET192.168.2.78.8.8.80xc48cStandard query (0)services.prod.mozaws.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.373382092 CET192.168.2.78.8.8.80x2914Standard query (0)services.prod.mozaws.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.193706036 CET192.168.2.78.8.8.80xd612Standard query (0)ocsp.pki.googA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.340478897 CET192.168.2.78.8.8.80xac5dStandard query (0)ocsp.pki.googA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.152265072 CET192.168.2.78.8.8.80x599fStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.312587023 CET192.168.2.78.8.8.80xaa20Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.882215023 CET192.168.2.78.8.8.80x2697Standard query (0)locprod2-elb-us-west-2.prod.mozaws.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:39.198481083 CET192.168.2.78.8.8.80x8594Standard query (0)locprod2-elb-us-west-2.prod.mozaws.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:40.653604984 CET192.168.2.78.8.8.80x2633Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.535209894 CET192.168.2.78.8.8.80x1c15Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.660363913 CET192.168.2.78.8.8.80xf5e9Standard query (0)autopush.prod.mozaws.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.769114017 CET192.168.2.78.8.8.80xc72bStandard query (0)autopush.prod.mozaws.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.443871021 CET192.168.2.78.8.8.80x1290Standard query (0)ftp.mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.559773922 CET192.168.2.78.8.8.80x9b1eStandard query (0)ftp.mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.627252102 CET192.168.2.78.8.8.80x65aStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.640450001 CET192.168.2.78.8.8.80x61d0Standard query (0)d34chcsvb7ug62.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.761178970 CET192.168.2.78.8.8.80x8d4eStandard query (0)d34chcsvb7ug62.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.878524065 CET192.168.2.78.8.8.80xaa40Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.009031057 CET192.168.2.78.8.8.80x1db8Standard query (0)ocsp.pki.googA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.040729046 CET192.168.2.78.8.8.80x637dStandard query (0)d2nxq2uap88usk.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.149085045 CET192.168.2.78.8.8.80x4f59Standard query (0)ocsp.pki.googA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.182507992 CET192.168.2.78.8.8.80xd67fStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.315201998 CET192.168.2.78.8.8.80xb5beStandard query (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.331584930 CET192.168.2.78.8.8.80x22f7Standard query (0)services.prod.mozaws.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.464258909 CET192.168.2.78.8.8.80x3fc8Standard query (0)services.prod.mozaws.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.735362053 CET192.168.2.78.8.8.80xf60cStandard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.924422026 CET192.168.2.78.8.8.80x52fbStandard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.993406057 CET192.168.2.78.8.8.80xe41Standard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.089503050 CET192.168.2.78.8.8.80x9316Standard query (0)shavar.prod.mozaws.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.623054028 CET192.168.2.78.8.8.80x1fefStandard query (0)firefox-settings-attachments.cdn.mozilla.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.010540962 CET192.168.2.78.8.8.80x8d74Standard query (0)firefox-settings-attachments.cdn.mozilla.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.151334047 CET192.168.2.78.8.8.80x6c86Standard query (0)fennec-catalog-cdn.prod.mozaws.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.234385967 CET192.168.2.78.8.8.80xc76aStandard query (0)fennec-catalog-cdn.prod.mozaws.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.531222105 CET192.168.2.78.8.8.80x7a75Standard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.601397991 CET192.168.2.78.8.8.80x252bStandard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.962871075 CET192.168.2.78.8.8.80xfa98Standard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.031230927 CET192.168.2.78.8.8.80x35bbStandard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.606561899 CET192.168.2.78.8.8.80xca59Standard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.685736895 CET192.168.2.78.8.8.80xf638Standard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.114515066 CET192.168.2.78.8.8.80xca2dStandard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.195940018 CET192.168.2.78.8.8.80xcc65Standard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.431740046 CET192.168.2.78.8.8.80x89e1Standard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.509782076 CET192.168.2.78.8.8.80xf8c9Standard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.861610889 CET192.168.2.78.8.8.80x154aStandard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.916106939 CET192.168.2.78.8.8.80x5640Standard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.200624943 CET192.168.2.78.8.8.80x2f5Standard query (0)d1zkz3k4cclnv6.cloudfront.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.312769890 CET192.168.2.78.8.8.80xad76Standard query (0)d1zkz3k4cclnv6.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.584440947 CET192.168.2.78.8.8.80x83d5Standard query (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.646104097 CET192.168.2.78.8.8.80x6fb7Standard query (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.734569073 CET192.168.2.78.8.8.80x298aStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.790918112 CET192.168.2.78.8.8.80x6ae1Standard query (0)mozilla.orgA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.797195911 CET192.168.2.78.8.8.80x154cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.854717016 CET192.168.2.78.8.8.80x47deStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.910459995 CET192.168.2.78.8.8.80x255fStandard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)

                                                                                                                                                                                                                                                      DNS Answers

                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.781044006 CET8.8.8.8192.168.2.70x8369No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.781044006 CET8.8.8.8192.168.2.70x8369No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.781044006 CET8.8.8.8192.168.2.70x8369No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.849867105 CET8.8.8.8192.168.2.70x1df7No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.849867105 CET8.8.8.8192.168.2.70x1df7No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.849867105 CET8.8.8.8192.168.2.70x1df7No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.958045006 CET8.8.8.8192.168.2.70xdb37No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:13.112085104 CET8.8.8.8192.168.2.70xdcbeNo error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.264695883 CET8.8.8.8192.168.2.70x8241No error (0)mozilla.org44.235.246.155A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.264695883 CET8.8.8.8192.168.2.70x8241No error (0)mozilla.org44.236.72.93A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.264695883 CET8.8.8.8192.168.2.70x8241No error (0)mozilla.org44.236.48.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.330586910 CET8.8.8.8192.168.2.70x8d4cNo error (0)mozilla.org44.235.246.155A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.330586910 CET8.8.8.8192.168.2.70x8d4cNo error (0)mozilla.org44.236.48.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.330586910 CET8.8.8.8192.168.2.70x8d4cNo error (0)mozilla.org44.236.72.93A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.444483042 CET8.8.8.8192.168.2.70x8495No error (0)mozilla.org44.235.246.155A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.444483042 CET8.8.8.8192.168.2.70x8495No error (0)mozilla.org44.236.48.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:16.444483042 CET8.8.8.8192.168.2.70x8495No error (0)mozilla.org44.236.72.93A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.443592072 CET8.8.8.8192.168.2.70xafe5No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.443592072 CET8.8.8.8192.168.2.70xafe5No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.443592072 CET8.8.8.8192.168.2.70xafe5No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.720166922 CET8.8.8.8192.168.2.70x617dNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.720166922 CET8.8.8.8192.168.2.70x617dNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.720166922 CET8.8.8.8192.168.2.70x617dNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:19.909574986 CET8.8.8.8192.168.2.70x3338No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:21.188410044 CET8.8.8.8192.168.2.70x6d75No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.918828011 CET8.8.8.8192.168.2.70x9237No error (0)firefox.settings.services.mozilla.com143.204.2.25A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.918828011 CET8.8.8.8192.168.2.70x9237No error (0)firefox.settings.services.mozilla.com143.204.2.101A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.918828011 CET8.8.8.8192.168.2.70x9237No error (0)firefox.settings.services.mozilla.com143.204.2.61A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:30.918828011 CET8.8.8.8192.168.2.70x9237No error (0)firefox.settings.services.mozilla.com143.204.2.42A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.877533913 CET8.8.8.8192.168.2.70x1275No error (0)firefox.settings.services.mozilla.com143.204.2.25A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.877533913 CET8.8.8.8192.168.2.70x1275No error (0)firefox.settings.services.mozilla.com143.204.2.101A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.877533913 CET8.8.8.8192.168.2.70x1275No error (0)firefox.settings.services.mozilla.com143.204.2.61A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:31.877533913 CET8.8.8.8192.168.2.70x1275No error (0)firefox.settings.services.mozilla.com143.204.2.42A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.968708992 CET8.8.8.8192.168.2.70xadf9No error (0)firefox.settings.services.mozilla.com143.204.2.25A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.968708992 CET8.8.8.8192.168.2.70xadf9No error (0)firefox.settings.services.mozilla.com143.204.2.101A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.968708992 CET8.8.8.8192.168.2.70xadf9No error (0)firefox.settings.services.mozilla.com143.204.2.61A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:32.968708992 CET8.8.8.8192.168.2.70xadf9No error (0)firefox.settings.services.mozilla.com143.204.2.42A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.addons.mozilla.orgservices.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.prod.mozaws.net34.218.7.136A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.prod.mozaws.net44.239.149.194A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.prod.mozaws.net35.162.157.58A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.prod.mozaws.net52.32.118.36A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.prod.mozaws.net54.186.25.159A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.032728910 CET8.8.8.8192.168.2.70xe7f8No error (0)services.prod.mozaws.net54.186.135.223A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.addons.mozilla.orgservices.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.prod.mozaws.net34.218.7.136A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.prod.mozaws.net44.239.149.194A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.prod.mozaws.net35.162.157.58A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.prod.mozaws.net52.32.118.36A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.prod.mozaws.net54.186.25.159A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.107487917 CET8.8.8.8192.168.2.70x85b2No error (0)services.prod.mozaws.net54.186.135.223A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET8.8.8.8192.168.2.70xc48cNo error (0)services.prod.mozaws.net52.32.118.36A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET8.8.8.8192.168.2.70xc48cNo error (0)services.prod.mozaws.net54.186.135.223A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET8.8.8.8192.168.2.70xc48cNo error (0)services.prod.mozaws.net44.239.149.194A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET8.8.8.8192.168.2.70xc48cNo error (0)services.prod.mozaws.net54.186.25.159A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET8.8.8.8192.168.2.70xc48cNo error (0)services.prod.mozaws.net34.218.7.136A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.281213999 CET8.8.8.8192.168.2.70xc48cNo error (0)services.prod.mozaws.net35.162.157.58A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.258681059 CET8.8.8.8192.168.2.70xd612No error (0)ocsp.pki.googpki-goog.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.389408112 CET8.8.8.8192.168.2.70xac5dNo error (0)ocsp.pki.googpki-goog.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.871794939 CET8.8.8.8192.168.2.70x186cNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.871794939 CET8.8.8.8192.168.2.70x186cNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.059600115 CET8.8.8.8192.168.2.70x413No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.059600115 CET8.8.8.8192.168.2.70x413No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.203830957 CET8.8.8.8192.168.2.70x599fNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET8.8.8.8192.168.2.70xd8caNo error (0)locprod2-elb-us-west-2.prod.mozaws.net34.216.198.143A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET8.8.8.8192.168.2.70xd8caNo error (0)locprod2-elb-us-west-2.prod.mozaws.net44.237.173.75A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET8.8.8.8192.168.2.70xd8caNo error (0)locprod2-elb-us-west-2.prod.mozaws.net52.34.150.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET8.8.8.8192.168.2.70xd8caNo error (0)locprod2-elb-us-west-2.prod.mozaws.net52.42.151.74A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET8.8.8.8192.168.2.70xd8caNo error (0)locprod2-elb-us-west-2.prod.mozaws.net44.238.41.205A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.762056112 CET8.8.8.8192.168.2.70xd8caNo error (0)locprod2-elb-us-west-2.prod.mozaws.net34.210.121.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET8.8.8.8192.168.2.70xb981No error (0)locprod2-elb-us-west-2.prod.mozaws.net44.238.41.205A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET8.8.8.8192.168.2.70xb981No error (0)locprod2-elb-us-west-2.prod.mozaws.net52.42.151.74A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET8.8.8.8192.168.2.70xb981No error (0)locprod2-elb-us-west-2.prod.mozaws.net34.210.121.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET8.8.8.8192.168.2.70xb981No error (0)locprod2-elb-us-west-2.prod.mozaws.net52.34.150.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET8.8.8.8192.168.2.70xb981No error (0)locprod2-elb-us-west-2.prod.mozaws.net34.216.198.143A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.857578993 CET8.8.8.8192.168.2.70xb981No error (0)locprod2-elb-us-west-2.prod.mozaws.net44.237.173.75A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET8.8.8.8192.168.2.70x2697No error (0)locprod2-elb-us-west-2.prod.mozaws.net44.238.41.205A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET8.8.8.8192.168.2.70x2697No error (0)locprod2-elb-us-west-2.prod.mozaws.net34.216.198.143A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET8.8.8.8192.168.2.70x2697No error (0)locprod2-elb-us-west-2.prod.mozaws.net52.34.150.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET8.8.8.8192.168.2.70x2697No error (0)locprod2-elb-us-west-2.prod.mozaws.net34.210.121.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET8.8.8.8192.168.2.70x2697No error (0)locprod2-elb-us-west-2.prod.mozaws.net44.237.173.75A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.934469938 CET8.8.8.8192.168.2.70x2697No error (0)locprod2-elb-us-west-2.prod.mozaws.net52.42.151.74A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:40.708431959 CET8.8.8.8192.168.2.70x2633No error (0)push.services.mozilla.comautopush.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:40.708431959 CET8.8.8.8192.168.2.70x2633No error (0)autopush.prod.mozaws.net52.32.39.224A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.594842911 CET8.8.8.8192.168.2.70x1c15No error (0)push.services.mozilla.comautopush.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.594842911 CET8.8.8.8192.168.2.70x1c15No error (0)autopush.prod.mozaws.net34.223.130.205A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:41.710470915 CET8.8.8.8192.168.2.70xf5e9No error (0)autopush.prod.mozaws.net34.211.156.97A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.508753061 CET8.8.8.8192.168.2.70x1290No error (0)ftp.mozilla.orgd34chcsvb7ug62.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.508753061 CET8.8.8.8192.168.2.70x1290No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.5A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.508753061 CET8.8.8.8192.168.2.70x1290No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.26A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.508753061 CET8.8.8.8192.168.2.70x1290No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.92A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.508753061 CET8.8.8.8192.168.2.70x1290No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.83A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.631393909 CET8.8.8.8192.168.2.70x9b1eNo error (0)ftp.mozilla.orgd34chcsvb7ug62.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.631393909 CET8.8.8.8192.168.2.70x9b1eNo error (0)d34chcsvb7ug62.cloudfront.net99.86.159.83A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.631393909 CET8.8.8.8192.168.2.70x9b1eNo error (0)d34chcsvb7ug62.cloudfront.net99.86.159.92A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.631393909 CET8.8.8.8192.168.2.70x9b1eNo error (0)d34chcsvb7ug62.cloudfront.net99.86.159.26A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.631393909 CET8.8.8.8192.168.2.70x9b1eNo error (0)d34chcsvb7ug62.cloudfront.net99.86.159.5A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.678649902 CET8.8.8.8192.168.2.70xd7d6No error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.678649902 CET8.8.8.8192.168.2.70xd7d6No error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.700113058 CET8.8.8.8192.168.2.70x65aNo error (0)content-signature-2.cdn.mozilla.netd2nxq2uap88usk.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.700113058 CET8.8.8.8192.168.2.70x65aNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.30A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.700113058 CET8.8.8.8192.168.2.70x65aNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.700113058 CET8.8.8.8192.168.2.70x65aNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.125A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.700113058 CET8.8.8.8192.168.2.70x65aNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.116A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.703953028 CET8.8.8.8192.168.2.70x61d0No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.26A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.703953028 CET8.8.8.8192.168.2.70x61d0No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.5A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.703953028 CET8.8.8.8192.168.2.70x61d0No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.92A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.703953028 CET8.8.8.8192.168.2.70x61d0No error (0)d34chcsvb7ug62.cloudfront.net99.86.159.83A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.820245028 CET8.8.8.8192.168.2.70xa814No error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.820245028 CET8.8.8.8192.168.2.70xa814No error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.945327997 CET8.8.8.8192.168.2.70xaa40No error (0)content-signature-2.cdn.mozilla.netd2nxq2uap88usk.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.945327997 CET8.8.8.8192.168.2.70xaa40No error (0)d2nxq2uap88usk.cloudfront.net99.86.159.116A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.945327997 CET8.8.8.8192.168.2.70xaa40No error (0)d2nxq2uap88usk.cloudfront.net99.86.159.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.945327997 CET8.8.8.8192.168.2.70xaa40No error (0)d2nxq2uap88usk.cloudfront.net99.86.159.30A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.945327997 CET8.8.8.8192.168.2.70xaa40No error (0)d2nxq2uap88usk.cloudfront.net99.86.159.125A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.061464071 CET8.8.8.8192.168.2.70x1db8No error (0)ocsp.pki.googpki-goog.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.113271952 CET8.8.8.8192.168.2.70x637dNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.30A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.113271952 CET8.8.8.8192.168.2.70x637dNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.113271952 CET8.8.8.8192.168.2.70x637dNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.116A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.113271952 CET8.8.8.8192.168.2.70x637dNo error (0)d2nxq2uap88usk.cloudfront.net99.86.159.125A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.201286077 CET8.8.8.8192.168.2.70x4f59No error (0)ocsp.pki.googpki-goog.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.addons.mozilla.orgservices.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.prod.mozaws.net34.218.7.136A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.prod.mozaws.net44.239.149.194A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.prod.mozaws.net35.162.157.58A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.prod.mozaws.net52.32.118.36A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.prod.mozaws.net54.186.25.159A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.239586115 CET8.8.8.8192.168.2.70xd67fNo error (0)services.prod.mozaws.net54.186.135.223A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.383240938 CET8.8.8.8192.168.2.70xb5beNo error (0)d2nxq2uap88usk.cloudfront.net28IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET8.8.8.8192.168.2.70x22f7No error (0)services.prod.mozaws.net52.32.118.36A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET8.8.8.8192.168.2.70x22f7No error (0)services.prod.mozaws.net34.218.7.136A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET8.8.8.8192.168.2.70x22f7No error (0)services.prod.mozaws.net44.239.149.194A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET8.8.8.8192.168.2.70x22f7No error (0)services.prod.mozaws.net54.186.25.159A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET8.8.8.8192.168.2.70x22f7No error (0)services.prod.mozaws.net35.162.157.58A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.391421080 CET8.8.8.8192.168.2.70x22f7No error (0)services.prod.mozaws.net54.186.135.223A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.prod.mozaws.net34.216.80.151A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.prod.mozaws.net44.233.8.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.prod.mozaws.net44.238.239.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.prod.mozaws.net52.32.237.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.prod.mozaws.net34.216.48.72A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.784015894 CET8.8.8.8192.168.2.70xf60cNo error (0)shavar.prod.mozaws.net52.43.72.100A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.prod.mozaws.net34.216.80.151A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.prod.mozaws.net44.233.8.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.prod.mozaws.net52.32.237.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.prod.mozaws.net44.238.239.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.prod.mozaws.net52.43.72.100A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.973269939 CET8.8.8.8192.168.2.70x52fbNo error (0)shavar.prod.mozaws.net34.216.48.72A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET8.8.8.8192.168.2.70xe41No error (0)shavar.prod.mozaws.net34.216.80.151A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET8.8.8.8192.168.2.70xe41No error (0)shavar.prod.mozaws.net34.216.48.72A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET8.8.8.8192.168.2.70xe41No error (0)shavar.prod.mozaws.net52.43.72.100A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET8.8.8.8192.168.2.70xe41No error (0)shavar.prod.mozaws.net52.32.237.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET8.8.8.8192.168.2.70xe41No error (0)shavar.prod.mozaws.net44.233.8.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.042093992 CET8.8.8.8192.168.2.70xe41No error (0)shavar.prod.mozaws.net44.238.239.168A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.694962025 CET8.8.8.8192.168.2.70x1fefNo error (0)firefox-settings-attachments.cdn.mozilla.netfennec-catalog-cdn.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.694962025 CET8.8.8.8192.168.2.70x1fefNo error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.116A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.694962025 CET8.8.8.8192.168.2.70x1fefNo error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.124A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.694962025 CET8.8.8.8192.168.2.70x1fefNo error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.18A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:49.694962025 CET8.8.8.8192.168.2.70x1fefNo error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.68A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.078730106 CET8.8.8.8192.168.2.70x8d74No error (0)firefox-settings-attachments.cdn.mozilla.netfennec-catalog-cdn.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.078730106 CET8.8.8.8192.168.2.70x8d74No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.68A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.078730106 CET8.8.8.8192.168.2.70x8d74No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.124A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.078730106 CET8.8.8.8192.168.2.70x8d74No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.116A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.078730106 CET8.8.8.8192.168.2.70x8d74No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.18A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.216650009 CET8.8.8.8192.168.2.70x6c86No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.124A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.216650009 CET8.8.8.8192.168.2.70x6c86No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.68A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.216650009 CET8.8.8.8192.168.2.70x6c86No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.18A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.216650009 CET8.8.8.8192.168.2.70x6c86No error (0)fennec-catalog-cdn.prod.mozaws.net13.226.162.116A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.378232002 CET8.8.8.8192.168.2.70xe918No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.378232002 CET8.8.8.8192.168.2.70xe918No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.378232002 CET8.8.8.8192.168.2.70xe918No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.378232002 CET8.8.8.8192.168.2.70xe918No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.495646954 CET8.8.8.8192.168.2.70xb811No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.495646954 CET8.8.8.8192.168.2.70xb811No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.495646954 CET8.8.8.8192.168.2.70xb811No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.495646954 CET8.8.8.8192.168.2.70xb811No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.591063976 CET8.8.8.8192.168.2.70x7a75No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.591063976 CET8.8.8.8192.168.2.70x7a75No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.591063976 CET8.8.8.8192.168.2.70x7a75No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.591063976 CET8.8.8.8192.168.2.70x7a75No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.813270092 CET8.8.8.8192.168.2.70x51adNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.813270092 CET8.8.8.8192.168.2.70x51adNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.813270092 CET8.8.8.8192.168.2.70x51adNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.813270092 CET8.8.8.8192.168.2.70x51adNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.914895058 CET8.8.8.8192.168.2.70xf72dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.914895058 CET8.8.8.8192.168.2.70xf72dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.914895058 CET8.8.8.8192.168.2.70xf72dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:50.914895058 CET8.8.8.8192.168.2.70xf72dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.024173975 CET8.8.8.8192.168.2.70xfa98No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.024173975 CET8.8.8.8192.168.2.70xfa98No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.024173975 CET8.8.8.8192.168.2.70xfa98No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.024173975 CET8.8.8.8192.168.2.70xfa98No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.520401955 CET8.8.8.8192.168.2.70x6482No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.520401955 CET8.8.8.8192.168.2.70x6482No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.520401955 CET8.8.8.8192.168.2.70x6482No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.520401955 CET8.8.8.8192.168.2.70x6482No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.596227884 CET8.8.8.8192.168.2.70x9dfNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.596227884 CET8.8.8.8192.168.2.70x9dfNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.596227884 CET8.8.8.8192.168.2.70x9dfNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.596227884 CET8.8.8.8192.168.2.70x9dfNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.663778067 CET8.8.8.8192.168.2.70xca59No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.663778067 CET8.8.8.8192.168.2.70xca59No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.663778067 CET8.8.8.8192.168.2.70xca59No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.663778067 CET8.8.8.8192.168.2.70xca59No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952056885 CET8.8.8.8192.168.2.70x6b52No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952056885 CET8.8.8.8192.168.2.70x6b52No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952056885 CET8.8.8.8192.168.2.70x6b52No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:51.952056885 CET8.8.8.8192.168.2.70x6b52No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068263054 CET8.8.8.8192.168.2.70x898cNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068263054 CET8.8.8.8192.168.2.70x898cNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068263054 CET8.8.8.8192.168.2.70x898cNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.068263054 CET8.8.8.8192.168.2.70x898cNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.173815012 CET8.8.8.8192.168.2.70xca2dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.173815012 CET8.8.8.8192.168.2.70xca2dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.173815012 CET8.8.8.8192.168.2.70xca2dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.173815012 CET8.8.8.8192.168.2.70xca2dNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.325627089 CET8.8.8.8192.168.2.70xc743No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.325627089 CET8.8.8.8192.168.2.70xc743No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.325627089 CET8.8.8.8192.168.2.70xc743No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.325627089 CET8.8.8.8192.168.2.70xc743No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.396970987 CET8.8.8.8192.168.2.70x374bNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.396970987 CET8.8.8.8192.168.2.70x374bNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.396970987 CET8.8.8.8192.168.2.70x374bNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.396970987 CET8.8.8.8192.168.2.70x374bNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.480396986 CET8.8.8.8192.168.2.70x89e1No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.480396986 CET8.8.8.8192.168.2.70x89e1No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.480396986 CET8.8.8.8192.168.2.70x89e1No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.480396986 CET8.8.8.8192.168.2.70x89e1No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.737761974 CET8.8.8.8192.168.2.70xdf36No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.737761974 CET8.8.8.8192.168.2.70xdf36No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.737761974 CET8.8.8.8192.168.2.70xdf36No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.737761974 CET8.8.8.8192.168.2.70xdf36No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.817854881 CET8.8.8.8192.168.2.70x8816No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.817854881 CET8.8.8.8192.168.2.70x8816No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.817854881 CET8.8.8.8192.168.2.70x8816No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.817854881 CET8.8.8.8192.168.2.70x8816No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.910327911 CET8.8.8.8192.168.2.70x154aNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.910327911 CET8.8.8.8192.168.2.70x154aNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.910327911 CET8.8.8.8192.168.2.70x154aNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:52.910327911 CET8.8.8.8192.168.2.70x154aNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.099168062 CET8.8.8.8192.168.2.70x2f0fNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.099168062 CET8.8.8.8192.168.2.70x2f0fNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.099168062 CET8.8.8.8192.168.2.70x2f0fNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.099168062 CET8.8.8.8192.168.2.70x2f0fNo error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.183065891 CET8.8.8.8192.168.2.70x79a6No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.183065891 CET8.8.8.8192.168.2.70x79a6No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.183065891 CET8.8.8.8192.168.2.70x79a6No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.183065891 CET8.8.8.8192.168.2.70x79a6No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.258950949 CET8.8.8.8192.168.2.70x2f5No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.32A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.258950949 CET8.8.8.8192.168.2.70x2f5No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.64A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.258950949 CET8.8.8.8192.168.2.70x2f5No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.90A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.258950949 CET8.8.8.8192.168.2.70x2f5No error (0)d1zkz3k4cclnv6.cloudfront.net13.226.162.40A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)telemetry-incoming.r53-2.services.mozilla.compipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.89.2.78A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.33.45.66A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.210.178.76A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.35.31.120A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.209.110.60A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.215.46.102A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com54.191.136.131A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.472527027 CET8.8.8.8192.168.2.70x7c71No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com44.238.207.5A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)telemetry-incoming.r53-2.services.mozilla.compipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.39.144.189A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com44.238.190.78A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com54.149.208.57A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.223.172.12A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.211.246.164A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.210.178.76A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.10.174.113A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.579597950 CET8.8.8.8192.168.2.70x91ebNo error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.34.72.48A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com44.231.216.202A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com44.235.28.153A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.89.14.226A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.35.31.120A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.210.178.76A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.33.45.66A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com52.40.148.33A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.637211084 CET8.8.8.8192.168.2.70x83d5No error (0)pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com34.223.172.12A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.786134958 CET8.8.8.8192.168.2.70x298aNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.786134958 CET8.8.8.8192.168.2.70x298aNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.786134958 CET8.8.8.8192.168.2.70x298aNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.839806080 CET8.8.8.8192.168.2.70x6ae1No error (0)mozilla.org44.235.246.155A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.839806080 CET8.8.8.8192.168.2.70x6ae1No error (0)mozilla.org44.236.48.31A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.839806080 CET8.8.8.8192.168.2.70x6ae1No error (0)mozilla.org44.236.72.93A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.848695993 CET8.8.8.8192.168.2.70x154cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.848695993 CET8.8.8.8192.168.2.70x154cNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.848695993 CET8.8.8.8192.168.2.70x154cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.906173944 CET8.8.8.8192.168.2.70x47deNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.963161945 CET8.8.8.8192.168.2.70x255fNo error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)

                                                                                                                                                                                                                                                      HTTP Request Dependency Graph

                                                                                                                                                                                                                                                      • detectportal.firefox.com

                                                                                                                                                                                                                                                      HTTP Packets

                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                                                      0192.168.2.74972834.107.221.8280C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.895714998 CET1374OUTGET /success.txt HTTP/1.1
                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                      Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:12.936918020 CET1374INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                      Date: Mon, 22 Feb 2021 22:11:53 GMT
                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                      Age: 46099
                                                                                                                                                                                                                                                      Cache-Control: public, must-revalidate, max-age=0, s-maxage=86400
                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:22.980990887 CET1468OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.200556040 CET1483OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:43.388859034 CET11322OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:53.499119997 CET19558OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:03.546961069 CET19569OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.727559090 CET19584OUTGET /success.txt HTTP/1.1
                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                      Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.768872976 CET19585INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                      Date: Mon, 22 Feb 2021 22:11:53 GMT
                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                      Age: 46158
                                                                                                                                                                                                                                                      Cache-Control: public, must-revalidate, max-age=0, s-maxage=86400
                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:21.782951117 CET19589OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:31.830343962 CET19591OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:41.956270933 CET20452OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.003876925 CET20455OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.162254095 CET20457OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                                                      1192.168.2.74973234.107.221.8280C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.640695095 CET1396OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                      Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:17.682039976 CET1397INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                      Date: Mon, 22 Feb 2021 22:11:53 GMT
                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                      Age: 46104
                                                                                                                                                                                                                                                      Cache-Control: public, must-revalidate, max-age=0, s-maxage=86400
                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:27.684503078 CET1468OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:37.794701099 CET1657OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:47.978231907 CET16738OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:58.187077045 CET19559OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:08.265984058 CET19570OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.789597034 CET19585OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                      Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:11.830607891 CET19586INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                      Date: Mon, 22 Feb 2021 22:11:53 GMT
                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                      Age: 46158
                                                                                                                                                                                                                                                      Cache-Control: public, must-revalidate, max-age=0, s-maxage=86400
                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:21.845973969 CET19589OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:31.892891884 CET19591OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:42.049998999 CET20452OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:52.103140116 CET20455OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                      Feb 23, 2021 12:02:02.313496113 CET20457OUTData Raw: 00
                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                      HTTPS Packets

                                                                                                                                                                                                                                                      TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:33.541843891 CET34.218.7.136443192.168.2.749739CN=addons.mozilla.org, OU=Cloud Services, O=Mozilla Foundation, L=Mountain View, ST=California, C=US, SERIALNUMBER=C2543436, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Apr 08 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013Wed Jun 15 14:00:00 CEST 2022 Sun Oct 22 14:00:00 CEST 2028771,49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-28,29-23-24-25,0a72f351cf3c3cd1edb345f7dc071d813
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USTue Oct 22 14:00:00 CEST 2013Sun Oct 22 14:00:00 CEST 2028
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.075721025 CET35.244.181.201443192.168.2.749743CN=aus5.mozilla.org, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Jun 27 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013Wed Jun 16 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-28,29-23-24-25,0a72f351cf3c3cd1edb345f7dc071d813
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.079468012 CET35.244.181.201443192.168.2.749744CN=aus5.mozilla.org, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Jun 27 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013Wed Jun 16 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-28,29-23-24-25,0a72f351cf3c3cd1edb345f7dc071d813
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:38.108449936 CET35.244.181.201443192.168.2.749745CN=aus5.mozilla.org, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Jun 27 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013Wed Jun 16 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-28,29-23-24-25,0a72f351cf3c3cd1edb345f7dc071d813
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.364392042 CET34.216.198.143443192.168.2.749755CN=location.services.mozilla.com, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USTue May 21 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013Fri Aug 20 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256-257,0aa7744226c695c0b2e440419848cf700
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.374233007 CET34.223.130.205443192.168.2.749756CN=push.services.mozilla.com, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=USCN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Dec 16 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020Mon Jan 17 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256-257,0aa7744226c695c0b2e440419848cf700
                                                                                                                                                                                                                                                      CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Sep 24 02:00:00 CEST 2020Tue Sep 24 01:59:59 CEST 2030
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:42.644661903 CET99.86.159.5443192.168.2.749757CN=ftp.mozilla.org, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Jan 02 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Thu Mar 10 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-28,29-23-24-25,0a72f351cf3c3cd1edb345f7dc071d813
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                                                                      Feb 23, 2021 12:00:48.247062922 CET34.216.80.151443192.168.2.749767CN=*.services.mozilla.com, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USTue Dec 10 01:00:00 CET 2019 Fri Mar 08 13:00:00 CET 2013Thu Feb 10 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256-257,0aa7744226c695c0b2e440419848cf700
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                                                                      Feb 23, 2021 12:01:02.935429096 CET52.89.2.78443192.168.2.749771CN=*.telemetry.mozilla.org, OU=Cloud Services, O=Mozilla Corporation, L=Mountain View, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USMon Aug 24 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Fri Oct 28 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023771,49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-28,29-23-24-25,0a72f351cf3c3cd1edb345f7dc071d813
                                                                                                                                                                                                                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023

                                                                                                                                                                                                                                                      Code Manipulations

                                                                                                                                                                                                                                                      Statistics

                                                                                                                                                                                                                                                      CPU Usage

                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                      Memory Usage

                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                                      Behavior

                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                      System Behavior

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:25
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\unarchiver.exe
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Windows\SysWOW64\unarchiver.exe' 'C:\Users\user\Desktop\firefox-3.0.0.zip'
                                                                                                                                                                                                                                                      Imagebase:0x430000
                                                                                                                                                                                                                                                      File size:10240 bytes
                                                                                                                                                                                                                                                      MD5 hash:8B435F8731563566F3F49203BA277865
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:.Net C# or VB.NET
                                                                                                                                                                                                                                                      Reputation:moderate

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:26
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\7za.exe
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Windows\System32\7za.exe' x -pinfected -y -o'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm' 'C:\Users\user\Desktop\firefox-3.0.0.zip'
                                                                                                                                                                                                                                                      Imagebase:0x330000
                                                                                                                                                                                                                                                      File size:289792 bytes
                                                                                                                                                                                                                                                      MD5 hash:77E556CDFDC5C592F5C46DB4127C6F4C
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:high

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:26
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                      Imagebase:0x7ff774ee0000
                                                                                                                                                                                                                                                      File size:625664 bytes
                                                                                                                                                                                                                                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:high

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:43
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'cmd.exe' /C 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe'
                                                                                                                                                                                                                                                      Imagebase:0x850000
                                                                                                                                                                                                                                                      File size:232960 bytes
                                                                                                                                                                                                                                                      MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:high

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:43
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                      Imagebase:0x7ff774ee0000
                                                                                                                                                                                                                                                      File size:625664 bytes
                                                                                                                                                                                                                                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:high

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:44
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\firefox.exe
                                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                                      File size:2713088 bytes
                                                                                                                                                                                                                                                      MD5 hash:4EF66E229568D79CCE138C20A04BC4E3
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:46
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remote
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:11:59:47
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashPlayer.app --profile C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\data\profile\naturgy --no-remote
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:12:00:03
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.0.1255361400\1706233136' -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 2760 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 2704 tab
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:12:00:05
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.6.1185351638\254667966' -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3548 -prefsLen 1 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 3564 tab
                                                                                                                                                                                                                                                      Imagebase:0x7ff641cd0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:12:00:28
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.12.743590922\484010187' -childID 3 -isForBrowser -prefsHandle 4108 -prefMapHandle 3884 -prefsLen 6452 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4232 tab
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:12:00:38
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.18.42724063\1227924579' -childID 4 -isForBrowser -prefsHandle 4756 -prefMapHandle 4304 -prefsLen 6804 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4748 tab
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:12:00:41
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.19.857361846\1442280300' -childID 5 -isForBrowser -prefsHandle 4596 -prefMapHandle 4856 -prefsLen 6849 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 4980 tab
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                      Start time:12:00:43
                                                                                                                                                                                                                                                      Start date:23/02/2021
                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                      Commandline:'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app' -contentproc --channel='6752.20.291535467\1735002866' -childID 6 -isForBrowser -prefsHandle 5300 -prefMapHandle 4628 -prefsLen 7794 -prefMapSize 233028 -parentBuildID 20200930150533 -appdir 'C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\browser' - 6752 - 5468 tab
                                                                                                                                                                                                                                                      Imagebase:0xbb0000
                                                                                                                                                                                                                                                      File size:525520 bytes
                                                                                                                                                                                                                                                      MD5 hash:13CAB11973C6D733459748EB78B7E60A
                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                      Reputation:low

                                                                                                                                                                                                                                                      Disassembly

                                                                                                                                                                                                                                                      Code Analysis

                                                                                                                                                                                                                                                      Reset < >

                                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: ae3274ef84711b338906e3afb2bc455969add115f579c586455f8922d99b39b1
                                                                                                                                                                                                                                                        • Instruction ID: 9bc0a8a90027b06941621c80e1a2d7b84777b65bfe46411d60375123db7e5805
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ae3274ef84711b338906e3afb2bc455969add115f579c586455f8922d99b39b1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F322E574D00218DFDF24EFA5E984BEDBBB2BB89301F108569D809A7268DB349D85DF10
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297298594.00000000026F0000.00000040.00000040.sdmp, Offset: 026F0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_26f0000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: fb7f5b366cced130dd2fa9e579790694ea77f44fe4f85d1f374fe31609a17633
                                                                                                                                                                                                                                                        • Instruction ID: 793d636dfe5ab1e5db6f98a53708ef27cc7972689e42753f217a07380698a80f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb7f5b366cced130dd2fa9e579790694ea77f44fe4f85d1f374fe31609a17633
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 59114F5250D3C09FE70397286C765A6BFB09E53120B1D8ADBC8C48F9A3E259591AC3A3
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: 32938178dd1e60e96125b37362ce998430bfc1a9754c01f6b14d3e21f5a66cbf
                                                                                                                                                                                                                                                        • Instruction ID: a3d40f0c172a6e11d4a61f44acf2e7d7e07421762f3a317be96467cf40442429
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 32938178dd1e60e96125b37362ce998430bfc1a9754c01f6b14d3e21f5a66cbf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D151F570E42218DFDB18DFB5D980AAEBBB6BF8A300F205529E405B7390DB359D41CB58
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: e3700e4c4ba19e2a32a2f093a00b25169b2a9d65f47df94e3498b5761397f85f
                                                                                                                                                                                                                                                        • Instruction ID: d884fc9c2c321dbcf320bc2989ebbd753d9fd8aea17814329daa28cec9e17531
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e3700e4c4ba19e2a32a2f093a00b25169b2a9d65f47df94e3498b5761397f85f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 90512770E42218DFDB18DFB5D980AEEBBB6BF8A300F204529E405A7390DB359D45CB58
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297298594.00000000026F0000.00000040.00000040.sdmp, Offset: 026F0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_26f0000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: 8917de3c394b40fb9e565acc5c042752c945e49f367f5e9bc804a48ae5f2b3d9
                                                                                                                                                                                                                                                        • Instruction ID: 6cd6f4ea1e3c268e62493421d2ac04f80b2d563e67f70ce208dd7ccd494e27c2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8917de3c394b40fb9e565acc5c042752c945e49f367f5e9bc804a48ae5f2b3d9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2521C9B240D2506FD741CB19EC55896FFA8EFC5220B08C4AFED488F306D265A919DFE2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: cac52fef0b163ac42f9a36495c6f16edd80db5c75fd77af89f609e75558052f7
                                                                                                                                                                                                                                                        • Instruction ID: 7d92ae8505bf2f20e747949d38d99cbfe2a25606b4b3fcfa3734ab79c6d4aa38
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cac52fef0b163ac42f9a36495c6f16edd80db5c75fd77af89f609e75558052f7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4E214A35D05248CFCB14EFA4E5447EDBBB1EF89304F20852AD900B3264DB716D46CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: be6924d9423cea0e1c566db97655ceb43861ec40d12ffa2c169a2ad1045a2275
                                                                                                                                                                                                                                                        • Instruction ID: 8620a29d7284032e051f15364261db3cc635f2c45775645c8cdda2783945f345
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: be6924d9423cea0e1c566db97655ceb43861ec40d12ffa2c169a2ad1045a2275
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C3211575D01208DFCB14EFA5E9457EEBBB6EB89304F20852AD901B3254DB716E06CFA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297298594.00000000026F0000.00000040.00000040.sdmp, Offset: 026F0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_26f0000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: ad4aa344fb13a4eccc2c091e777745c30f795de22257c61e4a40622190ff750d
                                                                                                                                                                                                                                                        • Instruction ID: 2bfb0c62b2ad9f184436f626e9f9ec6dbef807b49f31866d617515c5501a027e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad4aa344fb13a4eccc2c091e777745c30f795de22257c61e4a40622190ff750d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0D01847650D7C05FDB13CB25DC50862FFB8EF46620709C4DFE8898B652D2656909CB62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: 1d1c9ced5de591942a4712cc153eb6dbb30cf5905758d78f2bbb414561e03752
                                                                                                                                                                                                                                                        • Instruction ID: 37f1a60f6c57f17d3534f73ba905fd63bcfdb4631b7bff3d735771fb3d591c2d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1d1c9ced5de591942a4712cc153eb6dbb30cf5905758d78f2bbb414561e03752
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D7012570C06249CFCB05EFB4C5557AEBFB1AF41305F6458AEC000A7291DB784A44DB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: a3c82df3ade247871adfa1140f8bbbaa4afcbb9f10062913c00349524fd2256c
                                                                                                                                                                                                                                                        • Instruction ID: bcbb1c962dcf917189d55f61a1bb6945aec0f22d3c9dc28fc6527c69e0dc6ee7
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a3c82df3ade247871adfa1140f8bbbaa4afcbb9f10062913c00349524fd2256c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 06012F70C0220ADFCB08EFA4C4457AEBBB1AF04301F2098A9C001A3380DB789A84CF88
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: 20cd871b0c6d425ead6447c91a34371d0ecc969db9e082279f46df8e3db0bb24
                                                                                                                                                                                                                                                        • Instruction ID: c2923934b957a61a2735d07e2a37af0c65b5160a28a64206e014e4532ac3abee
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 20cd871b0c6d425ead6447c91a34371d0ecc969db9e082279f46df8e3db0bb24
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FD0146B1D09249EFCB00DFB8C4546EEBFF0EF46200F2081AAD849A3351EA345A06DB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297298594.00000000026F0000.00000040.00000040.sdmp, Offset: 026F0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_26f0000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: f1b66e7e85b8bf225153679f52f0e37e45695d81e28dde2b1af9621978dbd9ea
                                                                                                                                                                                                                                                        • Instruction ID: 1a0ae3b6c0a202a312cd51c408293b7c64e19b59213e42643bb141fa27c24975
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f1b66e7e85b8bf225153679f52f0e37e45695d81e28dde2b1af9621978dbd9ea
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EFF082B2805604ABD300DF19EC41866F7ECEFC4621F14C56FEC088B300E276AA148EF2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: aacfcb448afbae4d06453c7e03cb55a15ac501f757217987e520e445010d3559
                                                                                                                                                                                                                                                        • Instruction ID: 5eac605c80e2659242540bc1a150c4190c0930102760d2f1be2b60859f39e4bd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aacfcb448afbae4d06453c7e03cb55a15ac501f757217987e520e445010d3559
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 66F0B7B4D05209EBCB54EFA9D5406AEBBF5AF85300F2085AAD418A3350DB315E05DB96
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297298594.00000000026F0000.00000040.00000040.sdmp, Offset: 026F0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_26f0000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: cf9d182aa2a12829dbcbcc0cb17331203d7489daa23e8d5e192dd52dfcbe1b18
                                                                                                                                                                                                                                                        • Instruction ID: f3cf571ba5e4dc64ea95926405ab71bb546cf1cdb6cb07d5adc3fa6187a387b9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cf9d182aa2a12829dbcbcc0cb17331203d7489daa23e8d5e192dd52dfcbe1b18
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2CE06D766006008B9750CF0AEC41456F798EB84630B18C07FDC0D8B700D135B504CEA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.297231092.0000000000F80000.00000040.00000001.sdmp, Offset: 00F80000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_f80000_unarchiver.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: 5d84a6d3d137f57d9af03844e281fc8c90d8638cd74732dd1c5602b65c1ece71
                                                                                                                                                                                                                                                        • Instruction ID: 0b4efab9f81a360412f724bbf030bee6977cb8c6f92a3f2441118f56f9265f30
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5d84a6d3d137f57d9af03844e281fc8c90d8638cd74732dd1c5602b65c1ece71
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5481D675D00214DFDF14EFA5E844BDDBBB3BB8A301F108569E90AA7268DB345949DF10
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • ,-./01456:;<=>?@BCFLMNOPSUYZ["\, xrefs: 0042DFAB
                                                                                                                                                                                                                                                        • )*.*/+-, - --->.1._/*///i00010X0b0o0s0x2580: :]; <<=#> A3A4CNCcCfCoCsLlLmLoLtLuMcMeMnNONdNlNoOKONOUOnPcPdPePfPiPoPsSTScSkSmSoTeToV1V2V3V5V6YiZlZpZs[]":"""\*\D\E\S\W\"\\\d\s\w ])]:][]aAbBeEeqfFgegth2i)iIifipivjslLleltmsnNnenonsoOonorpPrRs sStvuUupusxX{{, xrefs: 0042DFD5
                                                                                                                                                                                                                                                        • runtime: VirtualQuery failed; errno=runtime: bad notifyList size - sync=runtime: inconsistent write deadlineruntime: invalid pc-encoded table f=runtime: invalid typeBitsBulkBarrierruntime: mcall called on m->g0 stackruntime: sudog with non-nil waitlinkruntime:, xrefs: 0042E017
                                                                                                                                                                                                                                                        • bad g0 stackbad recoveryblock clausec ap trafficc hs trafficcaller errorcan't happencas64 failedchan receiveclose notifycontent-typecontext.TODOdistributiondocument enddumping heapend tracegcentersyscallexit status gcpacertracegetaddrinfowhost is downhttp2deb, xrefs: 0042DFF0
                                                                                                                                                                                                                                                        • ", xrefs: 0042E054
                                                                                                                                                                                                                                                        • VirtualQuery for stack base failedadding nil Certificate to CertPoolattempted to parse unknown event: bad scalar length: %d, expected %dcan't evaluate field %s in type %scan't handle %s for arg of type %scannot squash non-struct type '%s'chacha20: wrong HChaCh, xrefs: 0042E04B
                                                                                                                                                                                                                                                        • runtime: g0 stack [runtime: pcdata is runtime: preempt g0semaRoot rotateLeftskip this directorystopm holding lockssync.Cond is copiedtemplate: %s:%d: %stime: unknown unit too many open filesunclosed left parenunexpected %s in %sunexpected InstFailunexpected g , xrefs: 0042DF81
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.283539842.0000000000400000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287626165.0000000000AAD000.00000040.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287664330.0000000000ABB000.00000040.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287680852.0000000000AD6000.00000040.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287699251.0000000000AD7000.00000080.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287710057.0000000000AD8000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_7_2_400000_firefox.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID: "$)*.*/+-, - --->.1._/*///i00010X0b0o0s0x2580: :]; <<=#> A3A4CNCcCfCoCsLlLmLoLtLuMcMeMnNONdNlNoOKONOUOnPcPdPePfPiPoPsSTScSkSmSoTeToV1V2V3V5V6YiZlZpZs[]":"""\*\D\E\S\W\"\\\d\s\w ])]:][]aAbBeEeqfFgegth2i)iIifipivjslLleltmsnNnenonsoOonorpPrRs sStvuUupusxX{{$,-./01456:;<=>?@BCFLMNOPSUYZ["\$VirtualQuery for stack base failedadding nil Certificate to CertPoolattempted to parse unknown event: bad scalar length: %d, expected %dcan't evaluate field %s in type %scan't handle %s for arg of type %scannot squash non-struct type '%s'chacha20: wrong HChaCh$bad g0 stackbad recoveryblock clausec ap trafficc hs trafficcaller errorcan't happencas64 failedchan receiveclose notifycontent-typecontext.TODOdistributiondocument enddumping heapend tracegcentersyscallexit status gcpacertracegetaddrinfowhost is downhttp2deb$runtime: VirtualQuery failed; errno=runtime: bad notifyList size - sync=runtime: inconsistent write deadlineruntime: invalid pc-encoded table f=runtime: invalid typeBitsBulkBarrierruntime: mcall called on m->g0 stackruntime: sudog with non-nil waitlinkruntime:$runtime: g0 stack [runtime: pcdata is runtime: preempt g0semaRoot rotateLeftskip this directorystopm holding lockssync.Cond is copiedtemplate: %s:%d: %stime: unknown unit too many open filesunclosed left parenunexpected %s in %sunexpected InstFailunexpected g
                                                                                                                                                                                                                                                        • API String ID: 0-675342188
                                                                                                                                                                                                                                                        • Opcode ID: 4fb303046c96911cb1e483b59996a18397492d3fb6adf3cba9b7b0be2ebb8b31
                                                                                                                                                                                                                                                        • Instruction ID: 4b8bd11df066fd92c6f330beada9d88a3438e5a745c4497177e0a96a96ed5475
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4fb303046c96911cb1e483b59996a18397492d3fb6adf3cba9b7b0be2ebb8b31
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2751F3B4508700DFD340EF65D285B5ABBE0BF88708F418A2EE48887352E778D948CF5A
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • m->p= next= p->m= prev= span=% util%s.log%s.xpi%s.yml%s[%d]%s[%s]' for '"&<>, xrefs: 0043BD98
                                                                                                                                                                                                                                                        • releasep: invalid argruntime: confused by runtime: newstack at runtime: newstack sp=runtime: searchIdx = runtime: work.nwait= sequence tag mismatchset bit is not 0 or 1stale NFS file handlestartlockedm: m has pstartm: m is spinningstate not recoverabletag:yaml, xrefs: 0043BE72
                                                                                                                                                                                                                                                        • releasep: m=remote errorruntime: gp=runtime: sp=s ap traffics hs trafficself-preemptsequence endshort bufferstatus code stream starttransmitfileunexpected )unknown portunknown typewirep: p->m=wtsapi32.dll != sweepgen MB) workers= called from flushedWork hea, xrefs: 0043BD76
                                                                                                                                                                                                                                                        • m->mcache= mallocing= ms clock, nBSSRoots= p->mcache= p->status= s.nelems= schedtick= span.list= timerslen=%!(BADPREC)%s portable, npages = , settings:--no-remote.WithCancel/dev/stderr/dev/stdout/index.html0123456789_30517578125: frame.sp=; Max-Age=0<invali, xrefs: 0043BDE4
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000007.00000002.283574122.0000000000401000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.283539842.0000000000400000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287626165.0000000000AAD000.00000040.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287664330.0000000000ABB000.00000040.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287680852.0000000000AD6000.00000040.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287699251.0000000000AD7000.00000080.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000007.00000002.287710057.0000000000AD8000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_7_2_400000_firefox.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID: m->mcache= mallocing= ms clock, nBSSRoots= p->mcache= p->status= s.nelems= schedtick= span.list= timerslen=%!(BADPREC)%s portable, npages = , settings:--no-remote.WithCancel/dev/stderr/dev/stdout/index.html0123456789_30517578125: frame.sp=; Max-Age=0<invali$ m->p= next= p->m= prev= span=% util%s.log%s.xpi%s.yml%s[%d]%s[%s]' for '"&<>$releasep: invalid argruntime: confused by runtime: newstack at runtime: newstack sp=runtime: searchIdx = runtime: work.nwait= sequence tag mismatchset bit is not 0 or 1stale NFS file handlestartlockedm: m has pstartm: m is spinningstate not recoverabletag:yaml$releasep: m=remote errorruntime: gp=runtime: sp=s ap traffics hs trafficself-preemptsequence endshort bufferstatus code stream starttransmitfileunexpected )unknown portunknown typewirep: p->m=wtsapi32.dll != sweepgen MB) workers= called from flushedWork hea
                                                                                                                                                                                                                                                        • API String ID: 0-3814408661
                                                                                                                                                                                                                                                        • Opcode ID: ca2c242c7b6e43e62e8c9052939cf949541efa88d179f1c8c1480b62529e25d6
                                                                                                                                                                                                                                                        • Instruction ID: b836ab085da26a8ad5d20166b4abe20500a5bfa8c4e19c571effe592bbf3e96a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ca2c242c7b6e43e62e8c9052939cf949541efa88d179f1c8c1480b62529e25d6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7D51E3B45083049FD354EF65D185B5ABBE0FF88308F41996EE48887352D778D948CB9A
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                                        Execution Coverage:5.4%
                                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                        Signature Coverage:21.9%
                                                                                                                                                                                                                                                        Total number of Nodes:1174
                                                                                                                                                                                                                                                        Total number of Limit Nodes:38

                                                                                                                                                                                                                                                        Graph

                                                                                                                                                                                                                                                        execution_graph 22220 bbd0b0 ??1ios_base@std@@UAE free 22221 bb24b0 115 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22222 bcfab0 memcmp 22225 bdacb0 82 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22231 bc8ea0 66 API calls 22232 bda6a0 7 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22237 bc0a90 7 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22238 bce490 60 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22239 bcae90 25 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22242 bcd880 PostQueuedCompletionStatus 22243 bc0680 RtlAcquireSRWLockShared RtlReleaseSRWLockShared RtlQueryPerformanceCounter 22244 bc2e80 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22246 be9c80 11 API calls 22247 bbdcf1 ?DllBlocklist_SetFullDllServices@@YAXPAVDllServicesBase@detail@glue@mozilla@@ 22248 bce4f0 21 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22249 bdaaf0 13 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22250 bdbcf0 11 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22252 be4ef0 215 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22253 bedef0 _crt_atexit _register_onexit_function pre_c_initialization 22255 bcd8e0 558 API calls 3 library calls 22256 bcc4e0 113 API calls 3 library calls 22257 bcfee0 104 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22258 bd74e0 57 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22259 bca4e1 51 API calls 2 library calls 20954 bef2d2 20955 bef2de ___scrt_is_nonwritable_in_current_image 20954->20955 20976 bee8ef 20955->20976 20957 bef2e5 20958 bef43e 20957->20958 20961 bef30f 20957->20961 21008 beeb44 6 API calls ___scrt_fastfail 20958->21008 20960 bef445 exit 20962 bef44b _exit 20960->20962 20963 bef35c ___scrt_is_nonwritable_in_current_image ___scrt_release_startup_lock 20961->20963 20964 bef313 _initterm_e 20961->20964 20967 bef3b0 __p___wargv __p___argc _get_initial_wide_environment 20963->20967 20970 bef3a8 _register_thread_local_exe_atexit_callback 20963->20970 20965 bef32e 20964->20965 20966 bef33f _initterm 20964->20966 20966->20963 20980 bb1000 GetEnvironmentVariableW 20967->20980 20970->20967 20972 bef3d6 20972->20960 20973 bef3da 20972->20973 20974 bef3de _cexit 20973->20974 20975 bef3e3 ___scrt_uninitialize_crt 20973->20975 20974->20975 20975->20965 20977 bee8f8 20976->20977 21009 beecc1 IsProcessorFeaturePresent 20977->21009 20979 bee904 ___scrt_uninitialize_crt 20979->20957 20981 bb1029 20980->20981 20982 bb10a8 SetDllDirectoryW 20980->20982 20984 bb1033 moz_xmalloc GetEnvironmentVariableW 20981->20984 20995 bb1152 moz_xmalloc 20981->20995 21010 bb3dd0 20982->21010 20986 bb109b free 20984->20986 20987 bb1053 ExpandEnvironmentStringsW 20984->20987 20985 bb10c6 20989 bb11e0 20985->20989 20991 bb10e4 moz_xmalloc 20985->20991 20985->20995 20986->20982 20987->20986 20988 bb1062 20987->20988 20990 bb106c moz_xmalloc ExpandEnvironmentStringsW 20988->20990 20988->20995 21258 beecb0 20989->21258 20992 bb1091 free 20990->20992 20993 bb1085 SetEnvironmentVariableW 20990->20993 20991->20995 20996 bb10f7 20991->20996 20992->20986 20993->20992 21000 bb118a __p__environ 20995->21000 21001 bb117c memcpy 20995->21001 20998 bb1100 wcslen moz_xmalloc WideCharToMultiByte 20996->20998 20997 bb11ea 21007 beeae9 GetModuleHandleW 20997->21007 20998->20995 20998->20998 21257 bb1230 173 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21000->21257 21001->21000 21003 bb119c free 21004 bb11d3 free 21003->21004 21006 bb11b3 21003->21006 21004->20989 21005 bb11c9 free 21005->21006 21006->21004 21006->21005 21007->20972 21008->20960 21009->20979 21265 bb5790 21010->21265 21012 bb3ebf 21287 bb2d00 21012->21287 21014 bb3e10 21014->21012 21016 bb3e89 towlower 21014->21016 21015 bb4087 NtQueryInformationProcess 21017 bb40cf 21015->21017 21016->21014 21018 bb4239 21017->21018 21019 bb40de OpenProcess 21017->21019 21497 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21018->21497 21020 bb40fa 21019->21020 21021 bb4285 GetLastError 21019->21021 21296 bbdf80 QueryFullProcessImageNameW 21020->21296 21024 bb4177 21021->21024 21030 bb429b 21021->21030 21022 bb3f28 towlower 21111 bb3ee0 21022->21111 21024->21030 21032 bb41ea CloseHandle 21024->21032 21033 bb41f1 21024->21033 21026 bb427e 21029 bb41fd getenv 21026->21029 21028 bb3f48 towlower 21028->21111 21034 bb432b 21029->21034 21045 bb4213 21029->21045 21030->20985 21031 bb3f68 towlower 21031->21111 21032->21033 21033->21018 21036 bb41f8 21033->21036 21034->21045 21498 bba900 _putenv 21034->21498 21036->21029 21039 bb4586 21318 bb6c70 21039->21318 21040 bb3f88 towlower 21040->21111 21041 bb4143 21314 bbe000 GetModuleFileNameW 21041->21314 21042 bb42b2 21042->21030 21044 bb436a GetCurrentProcess 21042->21044 21048 bbdf80 7 API calls 21044->21048 21047 bb4554 21045->21047 21050 bb4446 towlower 21045->21050 21054 bb4462 towlower 21045->21054 21063 bb447e towlower 21045->21063 21075 bb44a2 towlower 21045->21075 21088 bb44c6 towlower 21045->21088 21099 bb44ea towlower 21045->21099 21108 bb450e towlower 21045->21108 21119 bb4532 towlower 21045->21119 21047->21039 21053 bb4886 towlower 21047->21053 21062 bb48a2 towlower 21047->21062 21074 bb48be towlower 21047->21074 21087 bb48e2 towlower 21047->21087 21098 bb4906 towlower 21047->21098 21107 bb492a towlower 21047->21107 21118 bb494e towlower 21047->21118 21123 bb4972 towlower 21047->21123 21125 bb4996 towlower 21047->21125 21130 bb49ba towlower 21047->21130 21138 bb49de towlower 21047->21138 21148 bb4a02 towlower 21047->21148 21159 bb4a26 towlower 21047->21159 21172 bb4a4a towlower 21047->21172 21051 bb438e 21048->21051 21049 bb3fa8 towlower 21049->21111 21050->21045 21056 bb4398 21051->21056 21499 bbe060 8 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21051->21499 21053->21047 21054->21045 21055 bbe0d0 19 API calls 21055->21024 21056->21024 21068 bb43fc CloseHandle 21056->21068 21057 bb3fc8 towlower 21057->21111 21060 bb4737 21501 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21060->21501 21061 bb45b5 21066 bb46b9 getenv 21061->21066 21067 bb45c3 21061->21067 21062->21047 21063->21045 21065 bb3fe8 towlower 21065->21111 21070 bb47cb 21066->21070 21071 bb46cf _wgetenv 21066->21071 21072 bb477c 21067->21072 21079 bb465e 21067->21079 21080 bb45e3 7 API calls 21067->21080 21068->21024 21069 bb4743 21076 bb46e5 21069->21076 21070->21071 21073 bb47d4 DebugBreak 21070->21073 21071->21076 21077 bb47df 21071->21077 21072->21079 21504 bee547 EnterCriticalSection 21072->21504 21073->21076 21074->21047 21075->21045 21083 bb5a40 22 API calls 21076->21083 21077->21076 21081 bb47e9 wcstoul GetCurrentProcessId 21077->21081 21078 bb4004 towlower 21078->21111 21343 bb5b30 AttachConsole 21079->21343 21080->21072 21080->21079 21503 bbe460 12 API calls 2 library calls 21081->21503 21090 bb46f5 21083->21090 21087->21047 21088->21045 21089 bb4828 21089->21079 21094 bb4838 21089->21094 21092 bb4745 21090->21092 21095 bb46ff 21090->21095 21091 bb401c towlower 21091->21111 21502 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21092->21502 21093 bb480f Sleep 21093->21076 21509 bbe530 LoadLibraryW GetProcAddress FreeLibrary 21094->21509 21500 bb2ef0 RegCloseKey free _invalid_parameter_noinfo_noreturn 21095->21500 21098->21047 21099->21045 21101 bb4034 towlower 21101->21111 21102 bb4682 21102->21092 21120 bb469c 21102->21120 21103 bb477a 21103->21095 21104 bb483d 21510 bee599 EnterCriticalSection LeaveCriticalSection 21104->21510 21106 bb404c towlower 21106->21111 21107->21047 21108->21045 21110 bb4718 21114 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21110->21114 21111->21015 21111->21022 21111->21028 21111->21031 21111->21040 21111->21049 21111->21057 21111->21065 21111->21076 21111->21078 21111->21091 21111->21101 21111->21106 21112 bb573e getenv 21116 bb5759 getenv 21112->21116 21117 bb5750 21112->21117 21113 bb4847 21113->21079 21115 bb4726 21114->21115 21115->20985 21121 bb577e 21116->21121 21129 bb4ca4 21116->21129 21117->21116 21117->21129 21118->21047 21119->21045 21120->21112 21122 bb519a 21120->21122 21124 bb4abe towlower 21120->21124 21127 bb4ad6 towlower 21120->21127 21120->21129 21136 bb4aee towlower 21120->21136 21143 bb4b06 towlower 21120->21143 21155 bb4b26 towlower 21120->21155 21166 bb4b46 towlower 21120->21166 21176 bb4b66 towlower 21120->21176 21181 bb4b86 towlower 21120->21181 21189 bb4ba6 towlower 21120->21189 21196 bb4bc6 towlower 21120->21196 21204 bb4be6 towlower 21120->21204 21212 bb4c06 towlower 21120->21212 21216 bb4c26 towlower 21120->21216 21219 bb4c46 towlower 21120->21219 21225 bb4c66 towlower 21120->21225 21228 bb4c86 towlower 21120->21228 21122->21112 21122->21129 21131 bb5607 21122->21131 21132 bb54dc towlower 21122->21132 21139 bb54f4 towlower 21122->21139 21149 bb550c towlower 21122->21149 21160 bb5524 towlower 21122->21160 21173 bb5544 towlower 21122->21173 21177 bb5564 towlower 21122->21177 21185 bb5584 towlower 21122->21185 21192 bb55a4 towlower 21122->21192 21200 bb55c4 towlower 21122->21200 21207 bb55e4 towlower 21122->21207 21123->21047 21124->21120 21125->21047 21127->21120 21133 bb51cd 21129->21133 21137 bb4d0a towlower 21129->21137 21142 bb4d26 towlower 21129->21142 21152 bb4d42 towlower 21129->21152 21165 bb4d5e towlower 21129->21165 21175 bb4d82 towlower 21129->21175 21183 bb4da6 towlower 21129->21183 21191 bb4dca towlower 21129->21191 21198 bb4dee towlower 21129->21198 21206 bb4e12 towlower 21129->21206 21211 bb4e36 towlower 21129->21211 21215 bb4e5a towlower 21129->21215 21218 bb4e7e towlower 21129->21218 21224 bb4cef 21129->21224 21130->21047 21131->21112 21131->21129 21145 bb5653 towlower 21131->21145 21157 bb566b towlower 21131->21157 21169 bb5683 towlower 21131->21169 21178 bb569b towlower 21131->21178 21186 bb56bb towlower 21131->21186 21193 bb56db towlower 21131->21193 21201 bb56fb towlower 21131->21201 21208 bb571b towlower 21131->21208 21132->21122 21514 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21133->21514 21134 bb4ee4 21144 bb544f 21134->21144 21387 bb5a40 21134->21387 21136->21120 21137->21129 21138->21047 21139->21122 21142->21129 21143->21120 21521 bb2f60 65 API calls 2 library calls 21144->21521 21145->21131 21146 bb51ea 21515 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21146->21515 21147 bb4f1a 21397 bb3190 21147->21397 21148->21047 21149->21122 21152->21129 21154 bb518e CloseHandle 21154->21095 21155->21120 21156 bb5461 21161 bb5182 21156->21161 21162 bb546e 21156->21162 21157->21131 21159->21047 21160->21122 21161->21095 21161->21154 21522 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21162->21522 21163 bb51f8 21516 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21163->21516 21164 bb4f3c 21407 bb5ba0 21164->21407 21165->21129 21166->21120 21168 bb51e1 21168->21161 21169->21131 21172->21047 21173->21122 21175->21129 21176->21120 21177->21122 21178->21131 21179 bb524a 21517 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21179->21517 21180 bb4f56 21426 bb5dd0 21180->21426 21181->21120 21183->21129 21185->21122 21186->21131 21188 bb527f 21518 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21188->21518 21189->21120 21191->21129 21192->21122 21193->21131 21196->21120 21197 bbe580 4 API calls 21202 bb4fde 21197->21202 21198->21129 21199 bb52ad 21203 bb5328 21199->21203 21200->21122 21201->21131 21205 bbe580 4 API calls 21202->21205 21203->20985 21204->21120 21209 bb4fe7 21205->21209 21206->21129 21207->21122 21208->21131 21439 bb5ec0 21209->21439 21211->21129 21212->21120 21214 bb5008 21217 bb52b2 21214->21217 21220 bb52bc CreateProcessAsUserW 21214->21220 21221 bb506c CreateProcessW 21214->21221 21215->21129 21216->21120 21217->21220 21218->21129 21219->21120 21222 bb52e3 GetLastError 21220->21222 21223 bb5092 21220->21223 21221->21222 21221->21223 21519 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21222->21519 21457 bb27a0 21223->21457 21224->21224 21362 bb37f0 21224->21362 21225->21120 21228->21120 21230 bb533a 21520 bb2bd0 54 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21230->21520 21231 bb50b9 ResumeThread 21232 bb50c9 21231->21232 21233 bb5340 GetLastError 21231->21233 21235 bb53a0 IsDebuggerPresent 21232->21235 21236 bb50d4 WaitForSingleObject 21232->21236 21233->21230 21240 bb53d8 21235->21240 21241 bb53ce GetTickCount 21235->21241 21238 bb5432 21236->21238 21239 bb50e5 GetExitCodeProcess 21236->21239 21237 bb5385 TerminateProcess 21237->21235 21245 bb5440 free 21238->21245 21239->21238 21243 bb50fc 21239->21243 21240->21238 21242 bb53e7 GetTickCount 21240->21242 21244 bb53ff SetLastError WaitForInputIdle 21240->21244 21241->21240 21242->21240 21246 bb5118 21243->21246 21247 bb5111 CloseHandle 21243->21247 21244->21238 21250 bb5414 GetLastError 21244->21250 21245->21144 21248 bb5120 CloseHandle 21246->21248 21249 bb5127 21246->21249 21247->21246 21248->21249 21251 bb5152 21249->21251 21252 bb5141 DeleteProcThreadAttributeList free 21249->21252 21250->21238 21253 bb5421 Sleep 21250->21253 21251->21245 21254 bb5168 21251->21254 21252->21251 21253->21240 21255 bb5430 21253->21255 21254->21161 21256 bb5178 free 21254->21256 21255->21242 21256->21161 21257->21003 21259 beecbb IsProcessorFeaturePresent 21258->21259 21260 beecb9 21258->21260 21262 bef05f 21259->21262 21260->20997 22116 bef144 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 21262->22116 21264 bef142 21264->20997 21266 bb5a25 21265->21266 21268 bb57aa 21265->21268 21266->21014 21267 bb57f6 towlower 21267->21268 21268->21266 21268->21267 21269 bb580e towlower 21268->21269 21270 bb5826 towlower 21268->21270 21271 bb583e towlower 21268->21271 21272 bb585e towlower 21268->21272 21273 bb587c 21268->21273 21269->21268 21270->21268 21271->21268 21272->21268 21274 bb5a2d exit 21273->21274 21275 bb58bf towlower 21273->21275 21275->21274 21276 bb58d6 21275->21276 21276->21274 21277 bb58e3 towlower 21276->21277 21277->21274 21278 bb58fa 21277->21278 21278->21274 21279 bb5907 towlower 21278->21279 21279->21274 21280 bb591e 21279->21280 21280->21274 21281 bb592b towlower 21280->21281 21281->21274 21282 bb5942 21281->21282 21282->21274 21283 bb594f towlower 21282->21283 21283->21274 21286 bb5966 21283->21286 21284 bb59b8 21284->21266 21284->21274 21285 bb59ea towlower 21285->21286 21286->21274 21286->21284 21286->21285 21288 bba640 10 API calls 21287->21288 21289 bb2d36 21288->21289 21523 bba740 wcslen 21289->21523 21292 bb2d6a 21294 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21292->21294 21293 bb2d60 free 21293->21292 21295 bb2dc5 21294->21295 21295->21111 21297 bbdfba 21296->21297 21298 bbdfcc GetLastError 21296->21298 21299 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21297->21299 21298->21297 21300 bb410a 21299->21300 21300->21030 21301 bbe0d0 21300->21301 21302 bbe11d 21301->21302 21303 bbe1ed 21301->21303 21304 bbe12c RtlInitUnicodeString NtOpenFile 21302->21304 21305 bbe1a5 21302->21305 21307 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21303->21307 21308 bbe19b 21304->21308 21311 bbe1de 21304->21311 21306 bbe1ae CreateFileW 21305->21306 21305->21311 21306->21308 21309 bbe254 GetLastError 21306->21309 21310 bb4132 21307->21310 21549 bbe290 14 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21308->21549 21309->21311 21310->21041 21310->21042 21311->21303 21313 bbe1e6 FindCloseChangeNotification 21311->21313 21313->21303 21315 bbe028 21314->21315 21316 bbe031 GetLastError 21314->21316 21315->21316 21317 bb414f 21315->21317 21316->21317 21317->21030 21317->21055 21550 bb6950 21318->21550 21321 bb6ca1 GetModuleHandleW 21322 bb6cb8 21321->21322 21323 bb6e39 21322->21323 21557 bb6f60 21322->21557 21327 bb6cf5 21327->21323 21329 bb6d49 21327->21329 21330 bb6cfd QueryPerformanceCounter 21327->21330 21331 bb6e4c 21329->21331 21332 bb6d56 21329->21332 21333 bb6d34 21330->21333 21331->21323 21337 bb6e54 QueryPerformanceCounter 21331->21337 21582 bb70c0 21332->21582 21334 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21333->21334 21338 bb45a4 21334->21338 21337->21323 21338->21060 21338->21061 21342 bb6dcf QueryPerformanceCounter 21342->21333 21344 bb5b43 __acrt_iob_func 21343->21344 21345 bb466e 21343->21345 21657 bb7720 _fileno _get_osfhandle GetStdHandle freopen SetStdHandle 21344->21657 21345->21092 21351 bba640 21345->21351 21347 bb5b62 __acrt_iob_func 21658 bb7720 _fileno _get_osfhandle GetStdHandle freopen SetStdHandle 21347->21658 21349 bb5b7e __acrt_iob_func 21659 bb7720 _fileno _get_osfhandle GetStdHandle freopen SetStdHandle 21349->21659 21352 bba653 21351->21352 21353 bba65f moz_xmalloc memset 21352->21353 21357 bba703 GetLastError 21352->21357 21358 bba692 moz_xmalloc memset wcscpy_s 21352->21358 21354 bba67b GetModuleFileNameW 21353->21354 21355 bba6ec free 21353->21355 21354->21352 21356 bba6c7 21354->21356 21355->21354 21359 bba6cc free 21356->21359 21357->21352 21357->21358 21358->21356 21361 bba729 free 21358->21361 21359->21102 21361->21359 21363 bb3819 GetCurrentProcess OpenProcessToken 21362->21363 21364 bb3924 CloseHandle 21362->21364 21365 bb383d GetTokenInformation 21363->21365 21366 bb3930 GetLastError 21363->21366 21364->21366 21368 bb395a GetLastError 21365->21368 21369 bb385e 21365->21369 21367 bb3910 21366->21367 21372 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21367->21372 21374 bb38f1 21368->21374 21370 bb3870 GetTokenInformation 21369->21370 21371 bb3987 21369->21371 21375 bb3882 GetLastError 21370->21375 21376 bb3891 moz_xmalloc memset GetTokenInformation 21370->21376 21373 bb3a0a 21371->21373 21371->21374 21378 bb391a 21372->21378 21660 bb3b00 RegGetValueW 21373->21660 21374->21367 21377 bb3909 FindCloseChangeNotification 21374->21377 21375->21374 21375->21376 21379 bb39cf GetLastError free 21376->21379 21380 bb38c4 GetSidSubAuthorityCount GetSidSubAuthority free 21376->21380 21377->21367 21378->21133 21378->21134 21379->21374 21380->21373 21380->21374 21382 bb3a1f 21383 bb3b00 13 API calls 21382->21383 21385 bb3a9e 21382->21385 21383->21382 21385->21382 21386 bb3ae1 CloseHandle 21385->21386 21671 bb3ca0 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21385->21671 21386->21385 21388 bb5a63 21387->21388 21389 bb5a83 21387->21389 21390 bb6950 7 API calls 21388->21390 21392 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21389->21392 21391 bb5a6d 21390->21391 21391->21389 21396 bb5a7d 21391->21396 21672 bb7160 21391->21672 21393 bb4f0f 21392->21393 21393->21146 21393->21147 21396->21389 21680 bb6b60 20 API calls 21396->21680 21398 bb31f8 21397->21398 21402 bb31a3 21397->21402 21400 bb3209 moz_xmalloc memset 21398->21400 21401 bb3374 21398->21401 21399 bb31a7 wcslen wcschr wcspbrk 21399->21402 21403 bb329d 21400->21403 21406 bb322c 21400->21406 21402->21398 21402->21399 21403->21163 21403->21164 21404 bb3231 wcschr wcspbrk 21404->21406 21405 bb3266 wcscpy wcslen 21405->21406 21406->21403 21406->21404 21406->21405 21406->21406 21408 bb5bc0 21407->21408 21412 bb5bda 21407->21412 21408->21412 21414 bb5bf6 towlower 21408->21414 21415 bb5c12 towlower 21408->21415 21416 bb5c2e towlower 21408->21416 21417 bb5c4a towlower 21408->21417 21418 bb5c6e towlower 21408->21418 21419 bb5c92 towlower 21408->21419 21420 bb5cb6 towlower 21408->21420 21421 bb5cda towlower 21408->21421 21422 bb5cfe towlower 21408->21422 21423 bb5d20 RegGetValueW 21408->21423 21409 bb5d88 getenv 21410 bb5d9a 21409->21410 21411 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21410->21411 21413 bb4f4b 21411->21413 21412->21409 21413->21179 21413->21180 21414->21408 21415->21408 21416->21408 21417->21408 21418->21408 21419->21408 21420->21408 21421->21408 21422->21408 21423->21412 21424 bb5d4c RegGetValueW 21423->21424 21424->21412 21425 bb5d72 21424->21425 21425->21409 21427 bb5df7 21426->21427 21428 bb5e03 21426->21428 21427->21428 21429 bb5e17 7 API calls 21427->21429 21430 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21428->21430 21429->21428 21431 bb4fa7 GetStdHandle GetStdHandle GetStdHandle 21430->21431 21432 bbe580 GetFileType 21431->21432 21433 bbe598 SetHandleInformation 21432->21433 21435 bb4fd5 21432->21435 21434 bbe5a7 21433->21434 21433->21435 21434->21435 21436 bbe5bc 21434->21436 21435->21197 21689 bbe5d0 malloc realloc 21436->21689 21438 bbe5c4 21438->21435 21440 bb5f6b 21439->21440 21441 bb5f80 InitializeProcThreadAttributeList 21440->21441 21455 bb602c 21440->21455 21442 bb5faf moz_xmalloc memset InitializeProcThreadAttributeList 21441->21442 21443 bb5fa0 GetLastError 21441->21443 21444 bb609c GetLastError 21442->21444 21445 bb5fe5 21442->21445 21443->21442 21443->21455 21447 bb6129 free 21444->21447 21448 bb60cc UpdateProcThreadAttribute 21445->21448 21449 bb5ff3 21445->21449 21446 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21450 bb4ffa 21446->21450 21447->21455 21448->21449 21454 bb60eb GetLastError DeleteProcThreadAttributeList 21448->21454 21451 bb601e 21449->21451 21452 bb5ffd UpdateProcThreadAttribute 21449->21452 21450->21188 21450->21214 21451->21455 21456 bb6137 DeleteProcThreadAttributeList free 21451->21456 21452->21451 21452->21454 21454->21447 21455->21446 21690 bbfd70 21457->21690 21459 bb27e9 21701 bb79c0 GetCurrentProcess GetCurrentProcess DuplicateHandle 21459->21701 21460 bb27cb 21460->21459 21696 bc0250 WriteProcessMemory 21460->21696 21463 bb27f5 21702 bb79c0 GetCurrentProcess GetCurrentProcess DuplicateHandle 21463->21702 21465 bb280e LoadLibraryW 21703 bb77f0 21465->21703 21471 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21472 bb2a18 21471->21472 21472->21230 21472->21231 21473 bb2853 21496 bb2a01 21473->21496 21717 bb2540 21473->21717 21476 bb2898 GetModuleHandleW 21477 bb28b2 21476->21477 21478 bb2b42 21477->21478 21479 bb28d0 21477->21479 21477->21496 21753 bb78f0 78 API calls 21478->21753 21752 bb78f0 78 API calls 21479->21752 21482 bb2909 21482->21496 21737 bb7780 VirtualProtectEx 21482->21737 21485 bb295c WriteProcessMemory 21486 bb2978 21485->21486 21487 bb2a25 GetLastError 21485->21487 21486->21487 21489 bb2984 21486->21489 21488 bb2a5c VirtualProtectEx 21487->21488 21487->21496 21488->21496 21490 bb298d VirtualProtectEx 21489->21490 21491 bb29b2 21489->21491 21490->21491 21492 bb29ca WriteProcessMemory 21491->21492 21493 bb2bc0 21491->21493 21494 bb2a8c GetLastError 21492->21494 21495 bb29f4 21492->21495 21494->21496 21495->21494 21495->21496 21740 bb7990 21496->21740 21497->21026 21498->21045 21499->21056 21500->21110 21501->21069 21502->21103 21503->21093 21505 bee55b 21504->21505 21506 bee560 LeaveCriticalSection 21505->21506 22115 bee5e3 LeaveCriticalSection WaitForSingleObjectEx EnterCriticalSection 21505->22115 21506->21089 21509->21104 21511 bee643 21510->21511 21512 bee64c 21511->21512 21513 bee671 SetEvent ResetEvent 21511->21513 21512->21113 21513->21113 21514->21168 21515->21168 21516->21168 21517->21188 21518->21199 21519->21203 21520->21237 21521->21156 21522->21168 21524 bba76a memmove 21523->21524 21525 bba7a1 21523->21525 21528 bba78b 21524->21528 21531 bba7d0 21525->21531 21529 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21528->21529 21530 bb2d55 21529->21530 21530->21292 21530->21293 21532 bba86a 21531->21532 21534 bba7e7 21531->21534 21548 bba890 ?_Xlength_error@std@@YAXPBD 21532->21548 21541 bba8a0 21534->21541 21536 bba81d memcpy 21537 bba848 21536->21537 21538 bba853 21536->21538 21537->21528 21539 bba85e free 21538->21539 21540 bba885 _invalid_parameter_noinfo_noreturn 21538->21540 21539->21537 21542 bba8aa 21541->21542 21543 bba8b3 21542->21543 21546 bba8d1 moz_xmalloc 21542->21546 21544 bba8f2 21543->21544 21545 bba8b7 moz_xmalloc 21543->21545 21544->21536 21545->21536 21546->21536 21549->21311 21551 bb696b RegCreateKeyExW 21550->21551 21552 bb69a0 21550->21552 21551->21552 21553 bb6996 21551->21553 21554 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21552->21554 21553->21552 21555 bb69fe RegCloseKey 21553->21555 21556 bb69bf 21554->21556 21555->21552 21556->21321 21556->21323 21558 bb6f8b 21557->21558 21559 bb6f73 21557->21559 21598 bb7260 21558->21598 21604 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21559->21604 21563 bb6f7d 21605 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21563->21605 21565 bb6fb0 21606 bb6a30 21565->21606 21568 bb6ff4 21571 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21568->21571 21573 bb6e14 21571->21573 21573->21323 21574 bb7070 21573->21574 21575 bb709e 21574->21575 21581 bb7086 21574->21581 21645 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21575->21645 21579 bb70a8 21646 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21579->21646 21639 bb6c00 21581->21639 21583 bb70eb 21582->21583 21584 bb70d3 21582->21584 21647 bb7530 21583->21647 21653 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21584->21653 21587 bb70dd 21654 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21587->21654 21590 bb7110 21591 bb713b 21590->21591 21592 bb7123 21590->21592 21594 bb7530 6 API calls 21591->21594 21655 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21592->21655 21596 bb6d77 21594->21596 21595 bb712d 21656 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21595->21656 21596->21323 21596->21342 21599 bb7288 RegQueryValueExW 21598->21599 21600 bb7286 21598->21600 21601 bb72a3 21599->21601 21600->21599 21602 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21601->21602 21603 bb6cd5 21602->21603 21603->21323 21603->21327 21603->21565 21604->21563 21605->21558 21607 bb6950 7 API calls 21606->21607 21608 bb6a53 21607->21608 21609 bb70c0 20 API calls 21608->21609 21614 bb6a75 21608->21614 21610 bb6a65 21609->21610 21612 bb7110 20 API calls 21610->21612 21610->21614 21611 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21613 bb6a9e 21611->21613 21612->21614 21613->21568 21615 bb6b10 21613->21615 21614->21611 21616 bb6b3a 21615->21616 21617 bb6b23 21615->21617 21635 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21616->21635 21631 bb74d0 21617->21631 21620 bb6b44 21636 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21620->21636 21623 bb6bb0 21624 bb6bda 21623->21624 21630 bb6bc3 21623->21630 21637 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21624->21637 21625 bb74d0 RegDeleteValueW 21627 bb6bd0 21625->21627 21627->21568 21628 bb6be4 21638 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21628->21638 21630->21625 21632 bb74df 21631->21632 21633 bb74e1 RegDeleteValueW 21631->21633 21632->21633 21634 bb6b30 21633->21634 21634->21568 21634->21623 21635->21620 21636->21617 21637->21628 21638->21630 21640 bb6c1b 21639->21640 21641 bb6c1d RegSetValueExW 21639->21641 21640->21641 21642 bb6c34 21641->21642 21643 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21642->21643 21644 bb6c43 21643->21644 21644->21327 21645->21579 21646->21581 21648 bb755b 21647->21648 21649 bb755d RegQueryValueExW 21647->21649 21648->21649 21650 bb7579 21649->21650 21651 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21650->21651 21652 bb6d61 21651->21652 21652->21323 21652->21590 21653->21587 21654->21583 21655->21595 21656->21591 21657->21347 21658->21349 21659->21345 21661 bb3b4f moz_xmalloc memset RegGetValueW 21660->21661 21662 bb3b3e 21660->21662 21663 bb3bf7 wcstok_s 21661->21663 21666 bb3b93 free 21661->21666 21667 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21662->21667 21665 bb3c42 21663->21665 21663->21666 21668 bb3c60 _wcsnicmp 21665->21668 21666->21662 21669 bb3bed 21667->21669 21668->21666 21670 bb3c70 wcstok_s 21668->21670 21669->21382 21670->21666 21670->21668 21671->21385 21673 bb7191 21672->21673 21679 bb7176 21672->21679 21687 bb7330 12 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21673->21687 21677 bb719b 21688 bb73b0 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21677->21688 21681 bb7440 21679->21681 21680->21389 21682 bb746f 21681->21682 21683 bb7471 RegSetValueExW 21681->21683 21682->21683 21684 bb7487 21683->21684 21685 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21684->21685 21686 bb7187 21685->21686 21686->21396 21687->21677 21688->21679 21689->21438 21691 bbff9e 21690->21691 21692 bbfd90 GetModuleHandleW 21690->21692 21693 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21691->21693 21694 bbfdbb 21692->21694 21695 bbffa8 21693->21695 21694->21691 21695->21460 21697 bc0289 WriteProcessMemory 21696->21697 21698 bc02a2 21696->21698 21697->21698 21699 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21698->21699 21700 bc02ac 21699->21700 21700->21459 21701->21463 21702->21465 21754 bb7a20 21703->21754 21706 bb784a 21708 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21706->21708 21707 bb7820 WriteProcessMemory 21707->21706 21709 bb2841 21708->21709 21709->21496 21710 bb7870 21709->21710 21711 bb7a20 78 API calls 21710->21711 21712 bb7899 21711->21712 21713 bb78ca 21712->21713 21714 bb78a0 WriteProcessMemory 21712->21714 21715 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21713->21715 21714->21713 21716 bb78d4 21715->21716 21716->21473 21718 bb256b 21717->21718 21719 bb257f CreateFileW 21718->21719 21720 bb269e 21718->21720 21721 bb2743 GetLastError 21719->21721 21722 bb25a3 ReadFile 21719->21722 21723 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21720->21723 21736 bb2687 21721->21736 21724 bb25ef 21722->21724 21725 bb26b3 GetLastError 21722->21725 21727 bb26a9 21723->21727 21724->21725 21728 bb25fa 21724->21728 21725->21736 21726 bb2697 FindCloseChangeNotification 21726->21720 21727->21476 21727->21496 21729 bb7780 2 API calls 21728->21729 21730 bb2625 21729->21730 21731 bb2634 WriteProcessMemory 21730->21731 21730->21736 21732 bb2650 21731->21732 21733 bb26e5 GetLastError 21731->21733 21732->21733 21734 bb265d 21732->21734 21733->21734 21735 bb266c VirtualProtectEx 21734->21735 21734->21736 21735->21736 21736->21720 21736->21726 21738 bb77bc GetLastError 21737->21738 21739 bb2945 21737->21739 21738->21739 21739->21485 21739->21496 21741 bb799c 21740->21741 21742 bb79a4 21740->21742 22103 bba490 21741->22103 22092 bba460 21742->22092 21746 bba60b 21748 bba612 CloseHandle 21746->21748 21749 bba620 21746->21749 21747 bba5fd UnmapViewOfFile 21747->21746 21748->21749 21750 bb2a0e 21749->21750 21751 bba626 FindCloseChangeNotification 21749->21751 21750->21471 21751->21750 21752->21482 21753->21482 21755 bb7ae7 21754->21755 21756 bb7a40 21754->21756 21758 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21755->21758 21764 bb7b70 moz_xmalloc 21756->21764 21760 bb7819 21758->21760 21760->21706 21760->21707 21804 bb7f80 21764->21804 21766 bb7bcc 21767 bb7db0 21766->21767 21769 bb7bfa moz_xmalloc 21766->21769 21835 bb7df0 moz_xmalloc moz_xmalloc moz_xmalloc 21767->21835 21770 bb7f80 75 API calls 21769->21770 21771 bb7c48 21770->21771 21772 bb7da3 21771->21772 21775 bb7c92 21771->21775 21834 bb7df0 moz_xmalloc moz_xmalloc moz_xmalloc 21772->21834 21773 bb7a50 21785 bb7b10 21773->21785 21776 bb7dd2 21775->21776 21778 bb7cb4 moz_xmalloc 21775->21778 21837 bb7df0 moz_xmalloc moz_xmalloc moz_xmalloc 21776->21837 21779 bb7f80 75 API calls 21778->21779 21780 bb7d02 21779->21780 21781 bb7dc2 21780->21781 21783 bb7d2b 21780->21783 21836 bb7df0 moz_xmalloc moz_xmalloc moz_xmalloc 21781->21836 21827 bb7f10 21783->21827 21786 bb7b1f 21785->21786 21788 bb7a5c 21785->21788 21883 bb85f0 21786->21883 21788->21755 21789 bb8880 21788->21789 21897 bb89b0 21789->21897 21795 bb894a 21797 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21795->21797 21798 bb8974 21797->21798 21798->21755 21801 bb893c 21801->21795 21803 bb8982 VirtualProtect 21801->21803 21802 bb8927 VirtualProtect 21802->21795 21802->21801 21803->21795 21805 bb7faf 21804->21805 21806 bb7f9d 21804->21806 21809 bb7fe8 21805->21809 21810 bb7fd4 21805->21810 21814 bb800f 21805->21814 21807 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21806->21807 21808 bb7fa7 21807->21808 21808->21766 21809->21814 21815 bb7fec memset 21809->21815 21838 bb8170 malloc realloc 21810->21838 21811 bb801e ReadProcessMemory 21812 bb8045 21811->21812 21812->21806 21818 bb8067 memset 21812->21818 21820 bb808a 21812->21820 21814->21811 21814->21812 21815->21814 21816 bb809b ReadProcessMemory 21816->21820 21817 bb7fdd 21817->21809 21817->21820 21818->21820 21820->21806 21820->21816 21820->21818 21821 bb77d5 73 API calls 21820->21821 21822 bb80fb 21820->21822 21839 bb8170 malloc realloc 21820->21839 21821->21820 21840 bb77d5 78 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21822->21840 21824 bb8106 21825 bb811d free 21824->21825 21826 bb8127 21824->21826 21825->21826 21826->21766 21841 bb82c0 moz_xmalloc 21827->21841 21830 bb82c0 78 API calls 21831 bb7f5a 21830->21831 21844 bb8580 moz_xmalloc 21831->21844 21834->21773 21835->21773 21836->21773 21837->21773 21838->21817 21839->21820 21840->21824 21847 bb8340 21841->21847 21845 bb8340 77 API calls 21844->21845 21846 bb7f71 21845->21846 21846->21773 21848 bb7f43 21847->21848 21849 bb8354 21847->21849 21848->21830 21850 bb83ad 21849->21850 21852 bb8372 21849->21852 21853 bb8386 21849->21853 21871 bb8460 21850->21871 21879 bb8170 malloc realloc 21852->21879 21853->21850 21856 bb838a memset 21853->21856 21856->21850 21857 bb837b 21860 bb843b 21857->21860 21861 bb8383 21857->21861 21858 bb83e3 21858->21848 21863 bb83e7 memset 21858->21863 21859 bb8425 21880 bb8170 malloc realloc 21859->21880 21881 bb77d5 78 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21860->21881 21861->21853 21863->21848 21865 bb8446 21882 bb77d5 78 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21865->21882 21866 bb842e 21866->21865 21868 bb8432 21866->21868 21868->21863 21870 bb8439 21868->21870 21869 bb8451 21870->21848 21872 bb847a 21871->21872 21873 bb84c4 21871->21873 21875 bb8500 15 API calls 21872->21875 21874 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21873->21874 21876 bb83c5 21874->21876 21877 bb848a 21875->21877 21876->21848 21876->21858 21876->21859 21877->21873 21878 bb84a3 ReadProcessMemory 21877->21878 21878->21873 21878->21877 21879->21857 21880->21866 21881->21865 21882->21869 21886 bb860c 21883->21886 21884 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21885 bb870f 21884->21885 21885->21788 21888 bb86a6 21886->21888 21889 bb8770 21886->21889 21888->21884 21894 bb8810 moz_xmalloc 21889->21894 21892 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21893 bb87fe 21892->21893 21893->21886 21895 bb8340 77 API calls 21894->21895 21896 bb879d 21895->21896 21896->21892 21898 bb8a8d moz_xmalloc 21897->21898 21904 bb89d3 21897->21904 21899 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21898->21899 21901 bb88a3 21899->21901 21900 bb89d6 moz_xmalloc 21955 bb9180 21900->21955 21909 bb9430 21901->21909 21904->21900 21905 bb7f80 76 API calls 21904->21905 21906 bb8a7f 21904->21906 21960 bb91d0 78 API calls 21904->21960 21905->21904 21906->21898 21961 bb92a0 8 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21906->21961 21908 bb8b5c 21908->21898 21962 bb94b0 21909->21962 21914 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21915 bb88b0 21914->21915 21915->21795 21916 bb98e0 21915->21916 22006 bb9a20 21916->22006 21919 bb990c VirtualProtect 21920 bb9957 21919->21920 21921 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21920->21921 21922 bb88c5 21921->21922 21922->21795 21923 bb8b70 21922->21923 21924 bb8bbe RtlEncodePointer 21923->21924 21925 bb8b96 21923->21925 21930 bb8bd6 21924->21930 21925->21924 21926 bb8f23 21925->21926 21927 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21926->21927 21929 bb8910 21927->21929 21928 bb8c1c EncodePointer 21951 bb8c3c 21928->21951 21929->21801 21929->21802 21930->21926 21930->21928 21931 bb8f17 21931->21926 21934 bb901d EncodePointer 21931->21934 21932 bb8d03 22029 bb9c70 21932->22029 21934->21926 21936 bb8df5 21936->21926 21936->21931 22035 bb9ce0 21936->22035 21940 bb8ee7 22067 bb9fc0 21940->22067 21945 bb8ffc free 21946 bb8f06 21945->21946 21946->21931 21948 bb900b free 21946->21948 21948->21931 21951->21931 21951->21932 21951->21936 21952 bb7f80 73 API calls 21951->21952 21953 bb9170 21951->21953 22025 bb9ab0 21951->22025 22076 bb9b40 78 API calls 21951->22076 21952->21951 21954 bb7f80 73 API calls 21953->21954 21954->21931 21956 bb7f80 78 API calls 21955->21956 21957 bb9193 21956->21957 21958 bb91a1 21957->21958 21959 bb7f80 78 API calls 21957->21959 21958->21904 21959->21958 21960->21904 21961->21908 21963 bb94de 21962->21963 21964 bb9510 21962->21964 21965 bee547 __Init_thread_header 5 API calls 21963->21965 21966 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21964->21966 21967 bb94e8 21965->21967 21968 bb9450 21966->21968 21967->21964 21969 bb94f4 GetSystemInfo 21967->21969 21971 bb9530 21968->21971 21970 bee599 __Init_thread_footer 4 API calls 21969->21970 21970->21964 21972 bb954d 21971->21972 21981 bb95d1 21971->21981 21975 bb94b0 15 API calls 21972->21975 21972->21981 21973 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21974 bb9473 21973->21974 21974->21914 21977 bb9567 CreateFileMappingA 21975->21977 21978 bb959a MapViewOfFile 21977->21978 21977->21981 21979 bb95b0 21978->21979 21978->21981 21982 bb9600 21979->21982 21981->21973 21983 bb9628 ?MapRemoteViewOfFile@mozilla@@YAPAXPAX0_K0KKK 21982->21983 21984 bb9657 21982->21984 21985 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21983->21985 21986 bb979a 21984->21986 21987 bb9667 21984->21987 21989 bb964d 21985->21989 22005 bb77d5 78 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21986->22005 21990 bee547 __Init_thread_header 5 API calls 21987->21990 21998 bb968f 21987->21998 21989->21981 21992 bb9773 21990->21992 21991 bb97a5 21993 bb9783 21992->21993 21992->21998 22004 bb9890 LoadLibraryW GetProcAddress FreeLibrary 21993->22004 21996 bb9788 21999 bee599 __Init_thread_footer 4 API calls 21996->21999 21997 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 21997->21989 21998->21983 22000 bb9699 21998->22000 22001 bb9740 ?MapRemoteViewOfFile@mozilla@@YAPAXPAX0_K0KKK 21998->22001 22003 bb97b0 19 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 21998->22003 22002 bb9792 21999->22002 22000->21997 22001->21998 22001->22000 22002->21998 22003->21998 22004->21996 22005->21991 22007 bb9a2a 22006->22007 22015 bb9904 22006->22015 22007->22015 22016 bb8500 22007->22016 22010 bb9a6f 22011 bb8500 15 API calls 22010->22011 22012 bb9a76 VirtualAllocEx 22011->22012 22013 bb9a91 22012->22013 22012->22015 22014 bb8500 15 API calls 22013->22014 22014->22015 22015->21919 22015->21920 22017 bb8546 22016->22017 22024 bb852e 22016->22024 22019 bee547 __Init_thread_header 5 API calls 22017->22019 22018 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22020 bb853e VirtualAlloc 22018->22020 22021 bb8550 22019->22021 22020->22010 22020->22015 22022 bb855c GetSystemInfo 22021->22022 22021->22024 22023 bee599 __Init_thread_footer 4 API calls 22022->22023 22023->22024 22024->22018 22027 bb9abf 22025->22027 22026 bb7f80 78 API calls 22026->22027 22027->22026 22028 bb9af6 22027->22028 22028->21951 22030 bb9c94 22029->22030 22033 bb9cbb 22029->22033 22031 bb9c9e ReadProcessMemory 22030->22031 22030->22033 22031->22033 22032 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22034 bb9ccd 22032->22034 22033->22032 22034->21936 22036 bb9d7e 22035->22036 22037 bb9cfe 22035->22037 22088 bb77d5 78 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22036->22088 22077 bb9ed0 22037->22077 22040 bb9d89 free 22042 bb9d60 22040->22042 22041 bb9d42 22046 bb9fc0 17 API calls 22041->22046 22043 bb9d6a 22042->22043 22044 bb9d95 free 22042->22044 22045 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22043->22045 22044->22043 22047 bb8eb7 22045->22047 22048 bb9d56 22046->22048 22047->21940 22049 bba2c0 22047->22049 22048->22040 22048->22042 22050 bba2e3 22049->22050 22051 bb8ed7 22049->22051 22090 bb8170 malloc realloc 22050->22090 22054 bba300 22051->22054 22053 bba2ed 22053->22051 22055 bb8ee0 22054->22055 22056 bba343 22054->22056 22059 bb9db0 22055->22059 22091 bb8170 malloc realloc 22056->22091 22058 bba34d 22058->22055 22060 bb9dc9 22059->22060 22061 bb9e28 22059->22061 22060->22061 22064 bb9de1 WriteProcessMemory 22060->22064 22062 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22061->22062 22063 bb9e32 22062->22063 22063->21940 22064->22061 22065 bb9e06 22064->22065 22065->22061 22066 bb9e0b FlushInstructionCache 22065->22066 22066->22061 22068 bb8500 15 API calls 22067->22068 22069 bb9fdc 22068->22069 22070 bb9fe3 22069->22070 22072 bba00c VirtualProtectEx 22069->22072 22074 bba024 22069->22074 22071 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22070->22071 22073 bb8ef8 22071->22073 22072->22074 22073->21945 22073->21946 22074->22070 22075 bba03b VirtualProtectEx 22074->22075 22075->22074 22076->21951 22078 bb8500 15 API calls 22077->22078 22085 bb9f0b 22078->22085 22079 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22080 bb9f7f 22079->22080 22080->22041 22081 bb9f3a VirtualProtectEx 22082 bb9f89 22081->22082 22081->22085 22083 bb9fc0 17 API calls 22082->22083 22084 bb9f75 22083->22084 22084->22079 22085->22081 22085->22082 22085->22084 22087 bb9f99 22085->22087 22087->22082 22087->22085 22089 bba080 malloc malloc free 22087->22089 22088->22040 22089->22087 22090->22053 22091->22058 22093 bba490 27 API calls 22092->22093 22094 bba46b 22093->22094 22095 bba47c free 22094->22095 22096 bba473 22094->22096 22095->22096 22097 bba60b 22096->22097 22098 bba5fd UnmapViewOfFile 22096->22098 22099 bba612 CloseHandle 22097->22099 22100 bba620 22097->22100 22098->22097 22099->22100 22101 bb79ac 22100->22101 22102 bba626 FindCloseChangeNotification 22100->22102 22101->21746 22101->21747 22102->22101 22104 bba4ac 22103->22104 22108 bba4c5 22103->22108 22105 beecb0 __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 22104->22105 22107 bba4bd 22105->22107 22106 bb9ed0 21 API calls 22106->22108 22107->21742 22108->22104 22108->22106 22109 bba51c 22108->22109 22110 bb9fc0 17 API calls 22108->22110 22112 bba536 free 22108->22112 22113 bba54a free 22108->22113 22114 bba570 9 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22109->22114 22110->22108 22112->22108 22113->22108 22114->22108 22115->21505 22116->21264 22261 bc04d0 7 API calls 22263 bdbad0 11 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22266 beeed0 _except_handler4_common 22267 bcf0c0 ??3@YAXPAX ??3@YAXPAX _invalid_parameter_noinfo_noreturn GetCurrentProcess TerminateProcess 22268 bc02c0 12 API calls 22269 bc06c0 RtlAcquireSRWLockShared RtlReleaseSRWLockShared 22271 bdc2c0 19 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22149 bef2c0 22153 beeb38 SetUnhandledExceptionFilter 22149->22153 22151 bef2c5 pre_c_initialization 22152 bef2ca _set_new_mode 22151->22152 22153->22151 22274 be7ec0 56 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22276 bcc830 19 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22277 bcce30 220 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22278 be6030 8 API calls 22280 be5a30 81 API calls 22281 bcd42f TerminateJobObject 22286 bdbe20 28 API calls 22287 bea020 GetTickCount 22288 be5220 51 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22291 bce410 WaitForSingleObject 22292 bda810 30 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22293 bdf410 15 API calls 22295 be6010 GetModuleHandleW 22296 be6410 6 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22139 bef40d 22146 beeae9 GetModuleHandleW 22139->22146 22141 bef415 22142 bef44b _exit 22141->22142 22143 bef419 22141->22143 22144 bef41f _c_exit 22143->22144 22145 bef424 22143->22145 22144->22145 22146->22141 22298 bc0a00 7 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22299 bca600 44 API calls 2 library calls 22302 bef000 LocalFree ??3@YAXPAX 22304 bef200 19 API calls 5 library calls 22307 bef67a 6 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22309 bc5670 12 API calls 22315 bdf508 SetLastError 22316 bea260 ??3@YAXPAX ??3@YAXPAX DeleteCriticalSection ??3@YAXPAX 22317 bef460 GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___security_init_cookie 22318 beec60 terminate 22319 be4e61 GetFileType 22321 bbee50 33 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22323 bd5850 18 API calls 22324 bdb250 13 API calls 22325 bbd040 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE ??1ios_base@std@@UAE free free _invalid_parameter_noinfo_noreturn 22327 bcfc40 5 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22328 bdf040 14 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22329 bd0040 86 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22330 bd5240 27 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22333 bcc641 117 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22335 bdadb0 86 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22336 bcafb1 25 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22337 be4db0 67 API calls 22339 be9fb0 memcmp memcmp 22340 bbeba0 11 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22343 bddba0 17 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22344 bde5a0 9 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22345 bea1a0 EnterCriticalSection ??3@YAXPAX UnregisterWaitEx LeaveCriticalSection 22346 bef9a0 14 API calls ___delayLoadHelper2@8 22347 bebfa0 147 API calls 22348 bee7a0 DeleteCriticalSection CloseHandle 22349 bcab90 85 API calls 22350 bccd90 9 API calls 22351 bc4f90 ??3@YAXPAX 22353 bccf90 102 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22354 bbeb80 10 API calls 22355 bc0b80 RtlAcquireSRWLockExclusive RtlReleaseSRWLockExclusive 22356 bcad80 37 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22357 bded80 58 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22154 bef980 22155 bef98a 22154->22155 22158 bee2ab 22155->22158 22184 bee242 22158->22184 22161 bee318 22191 bee275 6 API calls 2 library calls 22161->22191 22163 bee323 RaiseException 22165 bee511 22163->22165 22164 bee427 22171 bee485 GetProcAddress 22164->22171 22177 bee4e3 22164->22177 22166 bee3b4 LoadLibraryExA 22167 bee3c7 GetLastError 22166->22167 22168 bee415 22166->22168 22170 bee3f0 22167->22170 22181 bee3da 22167->22181 22168->22164 22169 bee420 FreeLibrary 22168->22169 22169->22164 22192 bee275 6 API calls 2 library calls 22170->22192 22173 bee495 GetLastError 22171->22173 22171->22177 22172 bee33c 22172->22164 22172->22166 22172->22168 22172->22177 22179 bee4a8 22173->22179 22175 bee3fb RaiseException 22175->22165 22194 bee275 6 API calls 2 library calls 22177->22194 22179->22177 22193 bee275 6 API calls 2 library calls 22179->22193 22180 bee4c9 RaiseException 22182 bee242 ___delayLoadHelper2@8 6 API calls 22180->22182 22181->22168 22181->22170 22183 bee4e0 22182->22183 22183->22177 22185 bee24e 22184->22185 22186 bee26f 22184->22186 22195 bee07f GetModuleHandleW GetProcAddress GetProcAddress DloadGetSRWLockFunctionPointers 22185->22195 22186->22161 22186->22172 22188 bee253 22188->22186 22189 bee263 22188->22189 22196 bee1d4 VirtualQuery GetSystemInfo VirtualProtect DloadObtainSection DloadMakePermanentImageCommit 22189->22196 22191->22163 22192->22175 22193->22180 22194->22165 22195->22188 22196->22186 22358 bef3f9 _seh_filter_exe 22360 bc2bf0 64 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22361 bd2394 51 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22362 bd05f0 8 API calls 22364 bdbff0 19 API calls 22367 be61f0 9 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22370 bbc5e0 6 API calls 22371 bccf90 100 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22372 bd07e0 63 API calls 22375 bc2bd0 10 API calls 22377 bca3d0 23 API calls 22378 bc05d0 RtlDuplicateUnicodeString RtlQueryPerformanceCounter RtlAcquireSRWLockShared RtlReleaseSRWLockShared RtlQueryPerformanceCounter 22380 bd29d0 45 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22381 bda9d0 96 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22382 bddfd0 9 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22383 be99d0 232 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22384 bebbd0 29 API calls 22390 bd03c0 96 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22391 bda7c0 21 API calls 22392 beddc0 wcsncmp 22393 be77c0 27 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22394 beefc0 LocalFree 20953 bef935 14 API calls ___delayLoadHelper2@8 22396 be0130 68 API calls 22397 bc0120 81 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22398 bc2d20 34 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22399 bca720 43 API calls 22400 bd7320 47 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22197 bee520 22208 bee685 InitializeCriticalSectionAndSpinCount GetModuleHandleW 22197->22208 22199 bee525 22217 bee950 8 API calls 2 library calls 22199->22217 22201 bee52c 22202 bee53f 22201->22202 22203 bee531 22201->22203 22218 beeb44 6 API calls ___scrt_fastfail 22202->22218 22204 bee7bc pre_c_initialization 2 API calls 22203->22204 22206 bee53b 22204->22206 22207 bee546 22209 bee6cb GetModuleHandleW 22208->22209 22210 bee6e0 GetProcAddress GetProcAddress GetProcAddress 22208->22210 22209->22210 22211 bee76c 22209->22211 22212 bee70e 22210->22212 22213 bee746 CreateEventW 22210->22213 22219 beeb44 6 API calls ___scrt_fastfail 22211->22219 22212->22213 22216 bee716 __crt_fast_encode_pointer 22212->22216 22213->22211 22213->22216 22215 bee773 22216->22199 22217->22201 22218->22207 22219->22215 22403 bba910 289 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22404 bbd110 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE free free _invalid_parameter_noinfo_noreturn 22117 bc4510 22118 bba740 13 API calls 22117->22118 22119 bc453f 22118->22119 22130 bee7bc 22119->22130 22122 bba740 13 API calls 22123 bc4578 22122->22123 22124 bee7bc pre_c_initialization 2 API calls 22123->22124 22125 bc4582 22124->22125 22126 bba740 13 API calls 22125->22126 22127 bc45b1 22126->22127 22128 bee7bc pre_c_initialization 2 API calls 22127->22128 22129 bc45bb 22128->22129 22133 bee7d1 22130->22133 22134 bee7ee _crt_atexit 22133->22134 22135 bee7f5 _register_onexit_function 22133->22135 22136 bc4549 22134->22136 22135->22136 22136->22122 22405 bda910 31 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22406 bde110 29 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22407 bdc510 20 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22409 bea110 10 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22410 bbeb0c RtlReleaseSRWLockExclusive 22412 bcc900 19 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22413 bcfb00 7 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22414 bc0700 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22416 bd6f00 78 API calls 22418 be6300 10 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22419 beef00 _CxxThrowException _com_raise_error 22420 bbc570 7 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22422 bdab70 15 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22423 bd0570 164 API calls 22424 be6170 6 API calls 22426 bb6160 8 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22427 bdfd60 53 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22428 bda760 11 API calls 22429 be5160 19 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22430 be5b60 20 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22432 be4d60 68 API calls 22434 be6d60 28 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22435 bebf60 87 API calls 22436 bcc950 18 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22440 bd9550 ??3@YAXPAX ??3@YAXPAX ??3@YAXPAX 22444 be4b50 74 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 22447 bb8140 free 22448 bbd140 memcpy free _invalid_parameter_noinfo_noreturn moz_xmalloc moz_xmalloc 22450 bcad40 54 API calls 22451 bcd740 22 API calls 22452 bd1340 10 API calls

                                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                                        C-Code - Quality: 92%
                                                                                                                                                                                                                                                        			E00BB3DD0(void* __eflags, int* _a4, WCHAR** _a8, WCHAR** _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed char _v1059;
                                                                                                                                                                                                                                                        				struct _STARTUPINFOW _v1104;
                                                                                                                                                                                                                                                        				signed int _v1112;
                                                                                                                                                                                                                                                        				char _v1124;
                                                                                                                                                                                                                                                        				signed int _v1128;
                                                                                                                                                                                                                                                        				signed int _v1132;
                                                                                                                                                                                                                                                        				long _v1136;
                                                                                                                                                                                                                                                        				int _v2168;
                                                                                                                                                                                                                                                        				char _v2180;
                                                                                                                                                                                                                                                        				long _v2184;
                                                                                                                                                                                                                                                        				signed int _v2188;
                                                                                                                                                                                                                                                        				void* _v2192;
                                                                                                                                                                                                                                                        				long _v2196;
                                                                                                                                                                                                                                                        				int _v2200;
                                                                                                                                                                                                                                                        				signed char _v2208;
                                                                                                                                                                                                                                                        				char _v2220;
                                                                                                                                                                                                                                                        				signed int _v2224;
                                                                                                                                                                                                                                                        				void* _v2228;
                                                                                                                                                                                                                                                        				long _v2232;
                                                                                                                                                                                                                                                        				char _v2376;
                                                                                                                                                                                                                                                        				char _v2392;
                                                                                                                                                                                                                                                        				char _v2396;
                                                                                                                                                                                                                                                        				void* _v2408;
                                                                                                                                                                                                                                                        				char _v2412;
                                                                                                                                                                                                                                                        				char _v2424;
                                                                                                                                                                                                                                                        				char _v2428;
                                                                                                                                                                                                                                                        				char _v2432;
                                                                                                                                                                                                                                                        				char _v2440;
                                                                                                                                                                                                                                                        				void* _v2452;
                                                                                                                                                                                                                                                        				int _v2456;
                                                                                                                                                                                                                                                        				char _v2459;
                                                                                                                                                                                                                                                        				char _v2460;
                                                                                                                                                                                                                                                        				struct _PROCESS_INFORMATION _v2480;
                                                                                                                                                                                                                                                        				long _v2484;
                                                                                                                                                                                                                                                        				void* _v2488;
                                                                                                                                                                                                                                                        				WCHAR* _v2492;
                                                                                                                                                                                                                                                        				signed int _v2496;
                                                                                                                                                                                                                                                        				int _v2500;
                                                                                                                                                                                                                                                        				signed int _v2504;
                                                                                                                                                                                                                                                        				long _v2516;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				signed int _t424;
                                                                                                                                                                                                                                                        				long _t429;
                                                                                                                                                                                                                                                        				void _t432;
                                                                                                                                                                                                                                                        				signed int _t434;
                                                                                                                                                                                                                                                        				void* _t435;
                                                                                                                                                                                                                                                        				signed short _t436;
                                                                                                                                                                                                                                                        				char* _t442;
                                                                                                                                                                                                                                                        				long _t444;
                                                                                                                                                                                                                                                        				int _t445;
                                                                                                                                                                                                                                                        				wchar_t* _t453;
                                                                                                                                                                                                                                                        				signed int _t454;
                                                                                                                                                                                                                                                        				long _t457;
                                                                                                                                                                                                                                                        				intOrPtr _t458;
                                                                                                                                                                                                                                                        				long _t460;
                                                                                                                                                                                                                                                        				void* _t461;
                                                                                                                                                                                                                                                        				long _t463;
                                                                                                                                                                                                                                                        				long* _t464;
                                                                                                                                                                                                                                                        				long _t465;
                                                                                                                                                                                                                                                        				long _t466;
                                                                                                                                                                                                                                                        				WCHAR* _t477;
                                                                                                                                                                                                                                                        				void* _t481;
                                                                                                                                                                                                                                                        				void* _t484;
                                                                                                                                                                                                                                                        				void* _t485;
                                                                                                                                                                                                                                                        				void* _t486;
                                                                                                                                                                                                                                                        				void* _t493;
                                                                                                                                                                                                                                                        				long _t494;
                                                                                                                                                                                                                                                        				long _t495;
                                                                                                                                                                                                                                                        				long _t504;
                                                                                                                                                                                                                                                        				signed short _t505;
                                                                                                                                                                                                                                                        				long _t506;
                                                                                                                                                                                                                                                        				long _t507;
                                                                                                                                                                                                                                                        				long _t508;
                                                                                                                                                                                                                                                        				long _t510;
                                                                                                                                                                                                                                                        				signed short _t516;
                                                                                                                                                                                                                                                        				int _t518;
                                                                                                                                                                                                                                                        				int _t522;
                                                                                                                                                                                                                                                        				int* _t524;
                                                                                                                                                                                                                                                        				signed short _t528;
                                                                                                                                                                                                                                                        				long _t530;
                                                                                                                                                                                                                                                        				signed short _t531;
                                                                                                                                                                                                                                                        				long _t533;
                                                                                                                                                                                                                                                        				signed short _t534;
                                                                                                                                                                                                                                                        				long _t536;
                                                                                                                                                                                                                                                        				signed short _t537;
                                                                                                                                                                                                                                                        				long _t539;
                                                                                                                                                                                                                                                        				signed short _t540;
                                                                                                                                                                                                                                                        				long _t542;
                                                                                                                                                                                                                                                        				signed short _t543;
                                                                                                                                                                                                                                                        				long _t545;
                                                                                                                                                                                                                                                        				signed short _t546;
                                                                                                                                                                                                                                                        				long _t548;
                                                                                                                                                                                                                                                        				signed short _t549;
                                                                                                                                                                                                                                                        				long _t551;
                                                                                                                                                                                                                                                        				signed short _t552;
                                                                                                                                                                                                                                                        				long _t554;
                                                                                                                                                                                                                                                        				signed short _t555;
                                                                                                                                                                                                                                                        				long _t557;
                                                                                                                                                                                                                                                        				signed short _t558;
                                                                                                                                                                                                                                                        				long _t560;
                                                                                                                                                                                                                                                        				signed short _t561;
                                                                                                                                                                                                                                                        				long _t563;
                                                                                                                                                                                                                                                        				long _t564;
                                                                                                                                                                                                                                                        				long* _t565;
                                                                                                                                                                                                                                                        				long _t569;
                                                                                                                                                                                                                                                        				short _t571;
                                                                                                                                                                                                                                                        				signed short _t572;
                                                                                                                                                                                                                                                        				long _t574;
                                                                                                                                                                                                                                                        				signed short _t575;
                                                                                                                                                                                                                                                        				long _t577;
                                                                                                                                                                                                                                                        				signed short _t578;
                                                                                                                                                                                                                                                        				long _t580;
                                                                                                                                                                                                                                                        				signed short _t581;
                                                                                                                                                                                                                                                        				long _t583;
                                                                                                                                                                                                                                                        				signed short _t584;
                                                                                                                                                                                                                                                        				long _t586;
                                                                                                                                                                                                                                                        				signed short _t587;
                                                                                                                                                                                                                                                        				long _t589;
                                                                                                                                                                                                                                                        				signed short _t590;
                                                                                                                                                                                                                                                        				long _t592;
                                                                                                                                                                                                                                                        				signed short _t593;
                                                                                                                                                                                                                                                        				long _t595;
                                                                                                                                                                                                                                                        				signed short _t596;
                                                                                                                                                                                                                                                        				long _t598;
                                                                                                                                                                                                                                                        				signed short _t599;
                                                                                                                                                                                                                                                        				long _t601;
                                                                                                                                                                                                                                                        				signed short _t602;
                                                                                                                                                                                                                                                        				long _t604;
                                                                                                                                                                                                                                                        				signed short _t605;
                                                                                                                                                                                                                                                        				long _t607;
                                                                                                                                                                                                                                                        				signed short _t608;
                                                                                                                                                                                                                                                        				long _t610;
                                                                                                                                                                                                                                                        				signed short _t611;
                                                                                                                                                                                                                                                        				long _t613;
                                                                                                                                                                                                                                                        				signed short _t614;
                                                                                                                                                                                                                                                        				long _t616;
                                                                                                                                                                                                                                                        				signed short _t617;
                                                                                                                                                                                                                                                        				long _t619;
                                                                                                                                                                                                                                                        				signed short _t620;
                                                                                                                                                                                                                                                        				long _t622;
                                                                                                                                                                                                                                                        				signed short _t623;
                                                                                                                                                                                                                                                        				long _t625;
                                                                                                                                                                                                                                                        				signed short _t626;
                                                                                                                                                                                                                                                        				long _t628;
                                                                                                                                                                                                                                                        				signed short _t629;
                                                                                                                                                                                                                                                        				long _t631;
                                                                                                                                                                                                                                                        				signed short _t632;
                                                                                                                                                                                                                                                        				long _t634;
                                                                                                                                                                                                                                                        				signed short _t635;
                                                                                                                                                                                                                                                        				long _t637;
                                                                                                                                                                                                                                                        				signed short _t638;
                                                                                                                                                                                                                                                        				long _t640;
                                                                                                                                                                                                                                                        				signed short _t641;
                                                                                                                                                                                                                                                        				long _t643;
                                                                                                                                                                                                                                                        				signed short _t644;
                                                                                                                                                                                                                                                        				long _t646;
                                                                                                                                                                                                                                                        				signed short _t647;
                                                                                                                                                                                                                                                        				long _t649;
                                                                                                                                                                                                                                                        				signed short _t650;
                                                                                                                                                                                                                                                        				long _t652;
                                                                                                                                                                                                                                                        				signed short _t653;
                                                                                                                                                                                                                                                        				long _t655;
                                                                                                                                                                                                                                                        				signed short _t656;
                                                                                                                                                                                                                                                        				long _t658;
                                                                                                                                                                                                                                                        				signed short _t659;
                                                                                                                                                                                                                                                        				long _t661;
                                                                                                                                                                                                                                                        				signed short _t662;
                                                                                                                                                                                                                                                        				long _t664;
                                                                                                                                                                                                                                                        				signed short _t665;
                                                                                                                                                                                                                                                        				long _t667;
                                                                                                                                                                                                                                                        				signed short _t668;
                                                                                                                                                                                                                                                        				long _t670;
                                                                                                                                                                                                                                                        				signed short _t671;
                                                                                                                                                                                                                                                        				long _t673;
                                                                                                                                                                                                                                                        				long _t674;
                                                                                                                                                                                                                                                        				long _t676;
                                                                                                                                                                                                                                                        				long _t677;
                                                                                                                                                                                                                                                        				void* _t682;
                                                                                                                                                                                                                                                        				void* _t683;
                                                                                                                                                                                                                                                        				void* _t684;
                                                                                                                                                                                                                                                        				void* _t685;
                                                                                                                                                                                                                                                        				longlong _t686;
                                                                                                                                                                                                                                                        				long _t692;
                                                                                                                                                                                                                                                        				signed short _t693;
                                                                                                                                                                                                                                                        				long _t695;
                                                                                                                                                                                                                                                        				signed short _t696;
                                                                                                                                                                                                                                                        				long _t698;
                                                                                                                                                                                                                                                        				signed short _t699;
                                                                                                                                                                                                                                                        				long _t701;
                                                                                                                                                                                                                                                        				signed short _t702;
                                                                                                                                                                                                                                                        				long _t704;
                                                                                                                                                                                                                                                        				signed short _t705;
                                                                                                                                                                                                                                                        				long _t707;
                                                                                                                                                                                                                                                        				signed short _t708;
                                                                                                                                                                                                                                                        				long _t710;
                                                                                                                                                                                                                                                        				signed short _t711;
                                                                                                                                                                                                                                                        				long _t713;
                                                                                                                                                                                                                                                        				signed short _t714;
                                                                                                                                                                                                                                                        				long _t716;
                                                                                                                                                                                                                                                        				signed short _t717;
                                                                                                                                                                                                                                                        				long _t719;
                                                                                                                                                                                                                                                        				signed short _t720;
                                                                                                                                                                                                                                                        				long _t722;
                                                                                                                                                                                                                                                        				signed short _t723;
                                                                                                                                                                                                                                                        				long _t725;
                                                                                                                                                                                                                                                        				signed short _t726;
                                                                                                                                                                                                                                                        				long _t728;
                                                                                                                                                                                                                                                        				signed short _t729;
                                                                                                                                                                                                                                                        				long _t731;
                                                                                                                                                                                                                                                        				signed short _t732;
                                                                                                                                                                                                                                                        				long _t734;
                                                                                                                                                                                                                                                        				long _t735;
                                                                                                                                                                                                                                                        				signed short _t737;
                                                                                                                                                                                                                                                        				long _t739;
                                                                                                                                                                                                                                                        				signed short _t740;
                                                                                                                                                                                                                                                        				long _t742;
                                                                                                                                                                                                                                                        				signed short _t743;
                                                                                                                                                                                                                                                        				long _t745;
                                                                                                                                                                                                                                                        				signed short _t746;
                                                                                                                                                                                                                                                        				long _t748;
                                                                                                                                                                                                                                                        				signed short _t749;
                                                                                                                                                                                                                                                        				long _t751;
                                                                                                                                                                                                                                                        				signed short _t752;
                                                                                                                                                                                                                                                        				long _t754;
                                                                                                                                                                                                                                                        				signed short _t755;
                                                                                                                                                                                                                                                        				long _t757;
                                                                                                                                                                                                                                                        				signed short _t758;
                                                                                                                                                                                                                                                        				long _t760;
                                                                                                                                                                                                                                                        				short _t761;
                                                                                                                                                                                                                                                        				void* _t766;
                                                                                                                                                                                                                                                        				signed int _t768;
                                                                                                                                                                                                                                                        				void* _t770;
                                                                                                                                                                                                                                                        				signed char _t783;
                                                                                                                                                                                                                                                        				signed char _t784;
                                                                                                                                                                                                                                                        				signed int _t786;
                                                                                                                                                                                                                                                        				signed short _t787;
                                                                                                                                                                                                                                                        				long _t789;
                                                                                                                                                                                                                                                        				signed short _t790;
                                                                                                                                                                                                                                                        				long _t792;
                                                                                                                                                                                                                                                        				signed short _t793;
                                                                                                                                                                                                                                                        				long _t795;
                                                                                                                                                                                                                                                        				signed short _t796;
                                                                                                                                                                                                                                                        				long _t798;
                                                                                                                                                                                                                                                        				signed short _t799;
                                                                                                                                                                                                                                                        				long _t801;
                                                                                                                                                                                                                                                        				signed short _t802;
                                                                                                                                                                                                                                                        				long _t804;
                                                                                                                                                                                                                                                        				signed short _t805;
                                                                                                                                                                                                                                                        				long _t807;
                                                                                                                                                                                                                                                        				signed short _t808;
                                                                                                                                                                                                                                                        				long _t810;
                                                                                                                                                                                                                                                        				signed short _t811;
                                                                                                                                                                                                                                                        				long _t813;
                                                                                                                                                                                                                                                        				signed short _t814;
                                                                                                                                                                                                                                                        				long _t816;
                                                                                                                                                                                                                                                        				signed short _t817;
                                                                                                                                                                                                                                                        				long _t819;
                                                                                                                                                                                                                                                        				signed int _t820;
                                                                                                                                                                                                                                                        				long _t822;
                                                                                                                                                                                                                                                        				short _t824;
                                                                                                                                                                                                                                                        				WCHAR** _t825;
                                                                                                                                                                                                                                                        				void* _t826;
                                                                                                                                                                                                                                                        				long _t827;
                                                                                                                                                                                                                                                        				signed int _t828;
                                                                                                                                                                                                                                                        				long* _t829;
                                                                                                                                                                                                                                                        				long _t830;
                                                                                                                                                                                                                                                        				int _t831;
                                                                                                                                                                                                                                                        				void* _t832;
                                                                                                                                                                                                                                                        				void* _t835;
                                                                                                                                                                                                                                                        				void* _t836;
                                                                                                                                                                                                                                                        				void* _t838;
                                                                                                                                                                                                                                                        				void* _t840;
                                                                                                                                                                                                                                                        				signed short* _t841;
                                                                                                                                                                                                                                                        				void* _t843;
                                                                                                                                                                                                                                                        				void* _t845;
                                                                                                                                                                                                                                                        				void* _t846;
                                                                                                                                                                                                                                                        				long _t850;
                                                                                                                                                                                                                                                        				signed int _t861;
                                                                                                                                                                                                                                                        				intOrPtr _t862;
                                                                                                                                                                                                                                                        				int _t879;
                                                                                                                                                                                                                                                        				DWORD* _t881;
                                                                                                                                                                                                                                                        				WCHAR** _t894;
                                                                                                                                                                                                                                                        				WCHAR** _t897;
                                                                                                                                                                                                                                                        				signed int _t917;
                                                                                                                                                                                                                                                        				signed int _t922;
                                                                                                                                                                                                                                                        				signed int _t923;
                                                                                                                                                                                                                                                        				signed int _t940;
                                                                                                                                                                                                                                                        				signed int _t941;
                                                                                                                                                                                                                                                        				int _t944;
                                                                                                                                                                                                                                                        				int* _t945;
                                                                                                                                                                                                                                                        				signed short* _t946;
                                                                                                                                                                                                                                                        				void* _t948;
                                                                                                                                                                                                                                                        				long _t950;
                                                                                                                                                                                                                                                        				signed short* _t951;
                                                                                                                                                                                                                                                        				long* _t952;
                                                                                                                                                                                                                                                        				long* _t953;
                                                                                                                                                                                                                                                        				short* _t954;
                                                                                                                                                                                                                                                        				intOrPtr* _t955;
                                                                                                                                                                                                                                                        				void* _t957;
                                                                                                                                                                                                                                                        				void* _t961;
                                                                                                                                                                                                                                                        				void* _t963;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA* _t964;
                                                                                                                                                                                                                                                        				WCHAR* _t966;
                                                                                                                                                                                                                                                        				void* _t968;
                                                                                                                                                                                                                                                        				void* _t969;
                                                                                                                                                                                                                                                        				void* _t972;
                                                                                                                                                                                                                                                        				long* _t974;
                                                                                                                                                                                                                                                        				long* _t976;
                                                                                                                                                                                                                                                        				short* _t977;
                                                                                                                                                                                                                                                        				void* _t978;
                                                                                                                                                                                                                                                        				short* _t979;
                                                                                                                                                                                                                                                        				signed int _t980;
                                                                                                                                                                                                                                                        				signed int _t981;
                                                                                                                                                                                                                                                        				void* _t984;
                                                                                                                                                                                                                                                        				void* _t985;
                                                                                                                                                                                                                                                        				void* _t986;
                                                                                                                                                                                                                                                        				void* _t993;
                                                                                                                                                                                                                                                        				void* _t994;
                                                                                                                                                                                                                                                        				void* _t995;
                                                                                                                                                                                                                                                        				short _t1007;
                                                                                                                                                                                                                                                        				WCHAR* _t1010;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t424 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t940 = _a12;
                                                                                                                                                                                                                                                        				asm("movq xmm0, [0xbf01a0]");
                                                                                                                                                                                                                                                        				_t924 = _t940;
                                                                                                                                                                                                                                                        				_v24 = _t424 ^ _t980;
                                                                                                                                                                                                                                                        				asm("movq [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        				E00BB5790(_t826, _a8, _t940,  &_v2432);
                                                                                                                                                                                                                                                        				_t984 = (_t981 & 0xfffffff0) - 0x9b0 + 4;
                                                                                                                                                                                                                                                        				 *0xbfa768 = _a16;
                                                                                                                                                                                                                                                        				_v2480.hThread = _t940 + 4;
                                                                                                                                                                                                                                                        				_t429 =  *(_t940 + 4);
                                                                                                                                                                                                                                                        				if(_t429 == 0) {
                                                                                                                                                                                                                                                        					L11:
                                                                                                                                                                                                                                                        					E00BB2D00( &_v2376, _t924, _t1010); // executed
                                                                                                                                                                                                                                                        					_t432 =  *(_v2480.hThread);
                                                                                                                                                                                                                                                        					if(_t432 == 0) {
                                                                                                                                                                                                                                                        						L40:
                                                                                                                                                                                                                                                        						asm("pxor xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v1104.dwYCountChars = 0;
                                                                                                                                                                                                                                                        						_v1104.dwXCountChars = 0;
                                                                                                                                                                                                                                                        						asm("movdqa [esp+0x580], xmm0");
                                                                                                                                                                                                                                                        						_t434 = NtQueryInformationProcess(0xffffffff, 0,  &(_v1104.dwX), 0x18,  &_v2184); // executed
                                                                                                                                                                                                                                                        						_t941 = _t434;
                                                                                                                                                                                                                                                        						if(_t434 < 0) {
                                                                                                                                                                                                                                                        							_t827 = "/builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h";
                                                                                                                                                                                                                                                        							__eflags = _t941;
                                                                                                                                                                                                                                                        							if(_t941 >= 0) {
                                                                                                                                                                                                                                                        								L42:
                                                                                                                                                                                                                                                        								_t435 = OpenProcess(0x1000, 0, _t827);
                                                                                                                                                                                                                                                        								_t963 = _t435;
                                                                                                                                                                                                                                                        								_v2408 = _t435;
                                                                                                                                                                                                                                                        								if(_t435 == 0) {
                                                                                                                                                                                                                                                        									_t436 = GetLastError();
                                                                                                                                                                                                                                                        									__eflags = _t436 - 0x57;
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										_t850 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        										_t827 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        										_v2496 = 0x58;
                                                                                                                                                                                                                                                        										__eflags = _t436;
                                                                                                                                                                                                                                                        										_t941 =  <=  ? _t436 : _t436 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        										L65:
                                                                                                                                                                                                                                                        										_v2504 = _t850 & 0xffffff00;
                                                                                                                                                                                                                                                        										L69:
                                                                                                                                                                                                                                                        										_v2500 = 1;
                                                                                                                                                                                                                                                        										L50:
                                                                                                                                                                                                                                                        										_t82 = _t963 + 1; // 0x1
                                                                                                                                                                                                                                                        										if(_t82 >= 2) {
                                                                                                                                                                                                                                                        											CloseHandle(_t963);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										if(_v2500 != 0) {
                                                                                                                                                                                                                                                        											L59:
                                                                                                                                                                                                                                                        											_v1104.cb = _t827 & 0x000000ff | _v2504;
                                                                                                                                                                                                                                                        											_v1104.lpReserved = _v2496;
                                                                                                                                                                                                                                                        											_v1104.lpDesktop = _t941;
                                                                                                                                                                                                                                                        											E00BB2BD0( &_v1104, _t924, __eflags);
                                                                                                                                                                                                                                                        											_t828 = 0;
                                                                                                                                                                                                                                                        											goto L54;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t828 = _t827 & 0xffffff00 | _t827 == 0x00000000;
                                                                                                                                                                                                                                                        											L54:
                                                                                                                                                                                                                                                        											_t442 = getenv("MOZ_LAUNCHER_PROCESS");
                                                                                                                                                                                                                                                        											_t985 = _t984 + 4;
                                                                                                                                                                                                                                                        											if(_t442 != 0) {
                                                                                                                                                                                                                                                        												__eflags =  *_t442;
                                                                                                                                                                                                                                                        												if(__eflags != 0) {
                                                                                                                                                                                                                                                        													E00BBA900("MOZ_LAUNCHER_PROCESS=");
                                                                                                                                                                                                                                                        													_t828 = 1;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t444 =  *_v2492;
                                                                                                                                                                                                                                                        											if(_t444 == 0) {
                                                                                                                                                                                                                                                        												L99:
                                                                                                                                                                                                                                                        												__eflags = _t828;
                                                                                                                                                                                                                                                        												if(__eflags == 0) {
                                                                                                                                                                                                                                                        													_t445 = 0;
                                                                                                                                                                                                                                                        													__eflags = 0;
                                                                                                                                                                                                                                                        													_t944 = 1;
                                                                                                                                                                                                                                                        													goto L103;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L100;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t977 =  &(_a12[4]);
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													if(( *_t444 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t957 =  ==  ? _t444 + 4 : _t444 + 2;
                                                                                                                                                                                                                                                        													_t737 =  *(_t444 + 2 + (0 |  *((short*)(_t444 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t737 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t739 = towlower(_t737 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t739 != 0x6c) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t740 =  *(_t957 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t740 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t742 = towlower(_t740 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t742 != 0x61) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t743 =  *(_t957 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t743 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t745 = towlower(_t743 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t745 != 0x75) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t746 =  *(_t957 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t746 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t748 = towlower(_t746 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t748 != 0x6e) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t749 =  *(_t957 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t749 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t751 = towlower(_t749 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t751 != 0x63) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t752 =  *(_t957 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t752 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t754 = towlower(_t752 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t754 != 0x68) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t755 =  *(_t957 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t755 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t757 = towlower(_t755 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t757 != 0x65) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t758 =  *(_t957 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t758 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t760 = towlower(_t758 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t760 == 0x72 &&  *((short*)(_t957 + 0x10)) == 0) {
                                                                                                                                                                                                                                                        														do {
                                                                                                                                                                                                                                                        															_t761 =  *_t977;
                                                                                                                                                                                                                                                        															 *(_t977 - 4) = _t761;
                                                                                                                                                                                                                                                        															_t977 =  &(_t977[2]);
                                                                                                                                                                                                                                                        														} while (_t761 != 0);
                                                                                                                                                                                                                                                        														 *_a8 =  *_a8 - 1;
                                                                                                                                                                                                                                                        														L100:
                                                                                                                                                                                                                                                        														_t829 = _a12;
                                                                                                                                                                                                                                                        														_t944 = 0;
                                                                                                                                                                                                                                                        														_t692 =  *_v2492;
                                                                                                                                                                                                                                                        														if(_t692 == 0) {
                                                                                                                                                                                                                                                        															_t445 = 0;
                                                                                                                                                                                                                                                        															L104:
                                                                                                                                                                                                                                                        															_t964 =  &_v1104;
                                                                                                                                                                                                                                                        															_t925 = _t964;
                                                                                                                                                                                                                                                        															E00BB6C70( &_v2392, _t925, _t1106, _t944, _t445); // executed
                                                                                                                                                                                                                                                        															_t986 = _t985 + 8;
                                                                                                                                                                                                                                                        															if(_v1104.lpTitle == 1) {
                                                                                                                                                                                                                                                        																E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																goto L116;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															if(_v1104.cb != 0) {
                                                                                                                                                                                                                                                        																_t453 = getenv("MOZ_DEBUG_BROWSER_PROCESS");
                                                                                                                                                                                                                                                        																__eflags = _t453;
                                                                                                                                                                                                                                                        																if(_t453 != 0) {
                                                                                                                                                                                                                                                        																	__eflags =  *_t453;
                                                                                                                                                                                                                                                        																	if( *_t453 == 0) {
                                                                                                                                                                                                                                                        																		goto L115;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	DebugBreak();
                                                                                                                                                                                                                                                        																	goto L116;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L115:
                                                                                                                                                                                                                                                        																__imp___wgetenv(L"MOZ_DEBUG_BROWSER_PAUSE");
                                                                                                                                                                                                                                                        																__eflags = _t453;
                                                                                                                                                                                                                                                        																if(_t453 != 0) {
                                                                                                                                                                                                                                                        																	__eflags =  *_t453;
                                                                                                                                                                                                                                                        																	if( *_t453 != 0) {
                                                                                                                                                                                                                                                        																		_t454 = wcstoul(_t453, 0, 0xa);
                                                                                                                                                                                                                                                        																		_v2516 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        																		E00BBE460();
                                                                                                                                                                                                                                                        																		Sleep(_t454 * 0x3e8);
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L116;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t457 =  *0xbfa798; // 0x3839
                                                                                                                                                                                                                                                        															if(_t457 >= 0x3839) {
                                                                                                                                                                                                                                                        																L124:
                                                                                                                                                                                                                                                        																_t861 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        																_t925 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        																_t458 =  *0xbfa774; // 0x80000001
                                                                                                                                                                                                                                                        																_t862 =  *((intOrPtr*)( *[fs:0x2c] + _t861 * 4));
                                                                                                                                                                                                                                                        																__eflags = _t458 -  *((intOrPtr*)(_t862 + 4));
                                                                                                                                                                                                                                                        																if(_t458 >  *((intOrPtr*)(_t862 + 4))) {
                                                                                                                                                                                                                                                        																	E00BEE547(_t458, 0xbfa774);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags =  *0xbfa774 - 0xffffffff;
                                                                                                                                                                                                                                                        																	if( *0xbfa774 == 0xffffffff) {
                                                                                                                                                                                                                                                        																		E00BBE530();
                                                                                                                                                                                                                                                        																		E00BEE599(0xbfa774);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t460 =  *0xbfa770;
                                                                                                                                                                                                                                                        																_t829 = _a12;
                                                                                                                                                                                                                                                        																__eflags = _t460;
                                                                                                                                                                                                                                                        																if(_t460 != 0) {
                                                                                                                                                                                                                                                        																	_v1104.cb = 4;
                                                                                                                                                                                                                                                        																	_t460 =  *_t460(0xa, _t964, 4); // executed
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L110:
                                                                                                                                                                                                                                                        																_t461 = E00BB5B30(_t460); // executed
                                                                                                                                                                                                                                                        																if(_t829 == 0) {
                                                                                                                                                                                                                                                        																	L121:
                                                                                                                                                                                                                                                        																	_v1104.lpTitle = 1;
                                                                                                                                                                                                                                                        																	_v1104.cb = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																	_v1104.lpReserved = 0x109;
                                                                                                                                                                                                                                                        																	_v1104.lpDesktop = 0x80070507;
                                                                                                                                                                                                                                                        																	goto L122;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																E00BBA640(_t461,  &_v1104); // executed
                                                                                                                                                                                                                                                        																_t463 = _v1104.cb;
                                                                                                                                                                                                                                                        																_v1104.cb = 0;
                                                                                                                                                                                                                                                        																if(_t463 == 0) {
                                                                                                                                                                                                                                                        																	goto L121;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																 *_t829 = _t463;
                                                                                                                                                                                                                                                        																_t464 = _t829;
                                                                                                                                                                                                                                                        																_t830 = _t829[1];
                                                                                                                                                                                                                                                        																if(_t830 == 0) {
                                                                                                                                                                                                                                                        																	L353:
                                                                                                                                                                                                                                                        																	_t465 = getenv("MOZ_AUTOMATION");
                                                                                                                                                                                                                                                        																	_t993 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t465;
                                                                                                                                                                                                                                                        																	if(_t465 == 0) {
                                                                                                                                                                                                                                                        																		L355:
                                                                                                                                                                                                                                                        																		_t466 = getenv("MOZ_HEADLESS");
                                                                                                                                                                                                                                                        																		_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																		__eflags = _t466;
                                                                                                                                                                                                                                                        																		if(_t466 == 0) {
                                                                                                                                                                                                                                                        																			_t831 = 0;
                                                                                                                                                                                                                                                        																			L208:
                                                                                                                                                                                                                                                        																			_t946 =  *_v2492;
                                                                                                                                                                                                                                                        																			if(_t946 == 0) {
                                                                                                                                                                                                                                                        																				L242:
                                                                                                                                                                                                                                                        																				_t966 = _a12;
                                                                                                                                                                                                                                                        																				_v2452 = 0;
                                                                                                                                                                                                                                                        																				_t925 =  *_t966;
                                                                                                                                                                                                                                                        																				E00BB37F0( &_v2232,  *_t966, _t831,  &_v2452); // executed
                                                                                                                                                                                                                                                        																				_t994 = _t993 + 8;
                                                                                                                                                                                                                                                        																				if(_v2220 == 1) {
                                                                                                                                                                                                                                                        																					E00BB2BD0( &_v2232, _t925, __eflags);
                                                                                                                                                                                                                                                        																					_t945 = _a4;
                                                                                                                                                                                                                                                        																					_t832 = _v2452;
                                                                                                                                                                                                                                                        																					L282:
                                                                                                                                                                                                                                                        																					_t945[1] = 0;
                                                                                                                                                                                                                                                        																					 *_t945 = 0;
                                                                                                                                                                                                                                                        																					L271:
                                                                                                                                                                                                                                                        																					if(_t832 + 1 >= 2) {
                                                                                                                                                                                                                                                        																						CloseHandle(_t832);
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					goto L118;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_v2504 = _t831;
                                                                                                                                                                                                                                                        																				_t832 = _v2452;
                                                                                                                                                                                                                                                        																				if(_t831 != 0 || _v2232 != 1 || _t832 != 0) {
                                                                                                                                                                                                                                                        																					_t925 =  &_v2408;
                                                                                                                                                                                                                                                        																					E00BB5A40( &_v2392,  &_v2408); // executed
                                                                                                                                                                                                                                                        																					if(_v2396 == 1) {
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v2408,  &_v2408, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						goto L282;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t925 =  *_a8;
                                                                                                                                                                                                                                                        																					E00BB3190( &_v2456,  *_a8, _t966);
                                                                                                                                                                                                                                                        																					_t995 = _t994 + 4;
                                                                                                                                                                                                                                                        																					_t477 = _v2456;
                                                                                                                                                                                                                                                        																					_v2492 = _t477;
                                                                                                                                                                                                                                                        																					if(_t477 == 0) {
                                                                                                                                                                                                                                                        																						_v1104.lpTitle = 1;
                                                                                                                                                                                                                                                        																						_v1104.cb = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																						_v1104.lpReserved = 0x134;
                                                                                                                                                                                                                                                        																						_v1104.lpDesktop = 0x80070507;
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						_v2456 = 0;
                                                                                                                                                                                                                                                        																						goto L282;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t925 = _t966;
                                                                                                                                                                                                                                                        																					_v2500 = _t832;
                                                                                                                                                                                                                                                        																					E00BB5BA0( &_v2460, _t966);
                                                                                                                                                                                                                                                        																					_t1163 = _v2459;
                                                                                                                                                                                                                                                        																					if(_v2459 == 0) {
                                                                                                                                                                                                                                                        																						_v1104.lpTitle = 1;
                                                                                                                                                                                                                                                        																						_v1104.cb = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																						_v1104.lpReserved = 0x13b;
                                                                                                                                                                                                                                                        																						_v1104.lpDesktop = 0x80070057;
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						_t832 = _v2500;
                                                                                                                                                                                                                                                        																						_t481 = _v2492;
                                                                                                                                                                                                                                                        																						_v2456 = 0;
                                                                                                                                                                                                                                                        																						_t945[1] = 0;
                                                                                                                                                                                                                                                        																						 *_t945 = 0;
                                                                                                                                                                                                                                                        																						L270:
                                                                                                                                                                                                                                                        																						free(_t481);
                                                                                                                                                                                                                                                        																						goto L271;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_v2196 = 0;
                                                                                                                                                                                                                                                        																					_v2200 = 0;
                                                                                                                                                                                                                                                        																					_v2188 = 0;
                                                                                                                                                                                                                                                        																					_v2184 = 3;
                                                                                                                                                                                                                                                        																					_v2192 =  &_v2180;
                                                                                                                                                                                                                                                        																					_v2168 = 0;
                                                                                                                                                                                                                                                        																					E00BB5DD0( &_v2200, _t925);
                                                                                                                                                                                                                                                        																					_t484 = GetStdHandle(0xfffffff6);
                                                                                                                                                                                                                                                        																					_t485 = GetStdHandle(0xfffffff5);
                                                                                                                                                                                                                                                        																					_t486 = GetStdHandle(0xfffffff4);
                                                                                                                                                                                                                                                        																					_t834 =  &_v2200;
                                                                                                                                                                                                                                                        																					_v2496 = _t484;
                                                                                                                                                                                                                                                        																					_t948 = _t485;
                                                                                                                                                                                                                                                        																					_t968 = _t486;
                                                                                                                                                                                                                                                        																					E00BBE580( &_v2200, _t484); // executed
                                                                                                                                                                                                                                                        																					E00BBE580( &_v2200, _t948); // executed
                                                                                                                                                                                                                                                        																					E00BBE580( &_v2200, _t968); // executed
                                                                                                                                                                                                                                                        																					_t925 =  &_v2424;
                                                                                                                                                                                                                                                        																					E00BB5EC0(_t834,  &_v2424, _t1163,  &_v1104);
                                                                                                                                                                                                                                                        																					_t995 = _t995 + 4;
                                                                                                                                                                                                                                                        																					if(_v2412 == 1) {
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v2424,  &_v2424, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						L288:
                                                                                                                                                                                                                                                        																						_t945[1] = 0;
                                                                                                                                                                                                                                                        																						 *_t945 = 0;
                                                                                                                                                                                                                                                        																						L266:
                                                                                                                                                                                                                                                        																						_t969 = _v2168;
                                                                                                                                                                                                                                                        																						_t832 = _v2500;
                                                                                                                                                                                                                                                        																						_v2168 = 0;
                                                                                                                                                                                                                                                        																						if(_t969 != 0) {
                                                                                                                                                                                                                                                        																							__imp__DeleteProcThreadAttributeList(_t969);
                                                                                                                                                                                                                                                        																							free(_t969);
                                                                                                                                                                                                                                                        																							_t995 = _t995 + 4;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t493 = _v2192;
                                                                                                                                                                                                                                                        																						if(_t493 !=  &_v2180) {
                                                                                                                                                                                                                                                        																							free(_t493);
                                                                                                                                                                                                                                                        																							_t995 = _t995 + 4;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t481 = _v2492;
                                                                                                                                                                                                                                                        																						_v2456 = 0;
                                                                                                                                                                                                                                                        																						if(_t481 == 0) {
                                                                                                                                                                                                                                                        																							goto L271;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L270;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t879 = 0;
                                                                                                                                                                                                                                                        																					if(_v2424 == 0) {
                                                                                                                                                                                                                                                        																						_t494 = 0x404;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t494 = 0x80404;
                                                                                                                                                                                                                                                        																						if(_v2188 != 0) {
                                                                                                                                                                                                                                                        																							_v1059 = _v1059 | 0x00000001;
                                                                                                                                                                                                                                                        																							_v1104.hStdInput = _v2496;
                                                                                                                                                                                                                                                        																							_t879 = 1;
                                                                                                                                                                                                                                                        																							_v1104.hStdOutput = _t948;
                                                                                                                                                                                                                                                        																							_v1104.hStdError = _t968;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					asm("pxor xmm0, xmm0");
                                                                                                                                                                                                                                                        																					_t835 = _v2500;
                                                                                                                                                                                                                                                        																					_t945 = _a4;
                                                                                                                                                                                                                                                        																					asm("movdqa [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        																					_t925 =  *_a12;
                                                                                                                                                                                                                                                        																					if(_t835 != 0) {
                                                                                                                                                                                                                                                        																						_t495 = CreateProcessAsUserW(_t835, _t925, _v2492, 0, 0, _t879, _t494, 0, 0,  &_v1104,  &_v2480); // executed
                                                                                                                                                                                                                                                        																						__eflags = _t495;
                                                                                                                                                                                                                                                        																						if(__eflags != 0) {
                                                                                                                                                                                                                                                        																							goto L255;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						goto L287;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t518 = CreateProcessW(_t925, _v2492, 0, 0, _t879, _t494, 0, 0,  &_v1104,  &_v2480);
                                                                                                                                                                                                                                                        																						_t1169 = _t518;
                                                                                                                                                                                                                                                        																						if(_t518 == 0) {
                                                                                                                                                                                                                                                        																							L287:
                                                                                                                                                                                                                                                        																							_t516 = GetLastError();
                                                                                                                                                                                                                                                        																							_v1124 = 1;
                                                                                                                                                                                                                                                        																							_v1136 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																							_v1132 = 0x171;
                                                                                                                                                                                                                                                        																							__eflags = _t516;
                                                                                                                                                                                                                                                        																							_t889 =  <=  ? _t516 : _t516 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							_v1128 =  <=  ? _t516 : _t516 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							E00BB2BD0( &_v1136, _t925, _t516);
                                                                                                                                                                                                                                                        																							goto L288;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						L255:
                                                                                                                                                                                                                                                        																						_t836 = _v2480.hProcess;
                                                                                                                                                                                                                                                        																						_t972 = _v2480.hThread;
                                                                                                                                                                                                                                                        																						_t925 =  *_a12;
                                                                                                                                                                                                                                                        																						E00BB27A0( &_v2440,  *_a12, _t1169, _t836, 0); // executed
                                                                                                                                                                                                                                                        																						_t995 = _t995 + 8;
                                                                                                                                                                                                                                                        																						if(_v2428 == 1) {
                                                                                                                                                                                                                                                        																							_t881 =  &_v2440;
                                                                                                                                                                                                                                                        																							L291:
                                                                                                                                                                                                                                                        																							E00BB2BD0(_t881, _t925, __eflags);
                                                                                                                                                                                                                                                        																							TerminateProcess(_t836, 1);
                                                                                                                                                                                                                                                        																							_t945[1] = 0;
                                                                                                                                                                                                                                                        																							 *_t945 = 0;
                                                                                                                                                                                                                                                        																							L262:
                                                                                                                                                                                                                                                        																							if(_t972 + 1 >= 2) {
                                                                                                                                                                                                                                                        																								CloseHandle(_t972);
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							if(_t836 + 1 >= 2) {
                                                                                                                                                                                                                                                        																								CloseHandle(_t836);
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							goto L266;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t504 = ResumeThread(_t972); // executed
                                                                                                                                                                                                                                                        																						if(_t504 == 0xffffffff) {
                                                                                                                                                                                                                                                        																							_t505 = GetLastError();
                                                                                                                                                                                                                                                        																							_v1124 = 1;
                                                                                                                                                                                                                                                        																							_v1136 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																							_v1132 = 0x181;
                                                                                                                                                                                                                                                        																							__eflags = _t505;
                                                                                                                                                                                                                                                        																							_t884 =  <=  ? _t505 : _t505 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							_v1128 =  <=  ? _t505 : _t505 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							_t881 =  &_v1136;
                                                                                                                                                                                                                                                        																							goto L291;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						if((_v2504 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        																							_t506 = IsDebuggerPresent();
                                                                                                                                                                                                                                                        																							__eflags = _t506 - 1;
                                                                                                                                                                                                                                                        																							_v2504 = 0;
                                                                                                                                                                                                                                                        																							_v2488 = _t506;
                                                                                                                                                                                                                                                        																							_v2484 = 0;
                                                                                                                                                                                                                                                        																							asm("sbb ecx, ecx");
                                                                                                                                                                                                                                                        																							__eflags = _t506;
                                                                                                                                                                                                                                                        																							_v2496 =  !0;
                                                                                                                                                                                                                                                        																							if(_t506 == 0) {
                                                                                                                                                                                                                                                        																								_v2484 = GetTickCount();
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							_v2496 = _v2496 | 0x00002710;
                                                                                                                                                                                                                                                        																							__eflags = _v2488;
                                                                                                                                                                                                                                                        																							if(_v2488 != 0) {
                                                                                                                                                                                                                                                        																								goto L296;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								L295:
                                                                                                                                                                                                                                                        																								_t510 = GetTickCount() - _v2484;
                                                                                                                                                                                                                                                        																								__eflags = _t510;
                                                                                                                                                                                                                                                        																								_v2504 = _t510;
                                                                                                                                                                                                                                                        																								while(1) {
                                                                                                                                                                                                                                                        																									L296:
                                                                                                                                                                                                                                                        																									_t950 = _v2496 - _v2504;
                                                                                                                                                                                                                                                        																									__eflags = _t950;
                                                                                                                                                                                                                                                        																									if(_t950 <= 0) {
                                                                                                                                                                                                                                                        																										break;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									SetLastError(0);
                                                                                                                                                                                                                                                        																									_t507 = WaitForInputIdle(_t836, _t950); // executed
                                                                                                                                                                                                                                                        																									__eflags = _t507 - 0xffffffff;
                                                                                                                                                                                                                                                        																									if(_t507 != 0xffffffff) {
                                                                                                                                                                                                                                                        																										break;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									_t508 = GetLastError();
                                                                                                                                                                                                                                                        																									__eflags = _t508 - 0x5bf;
                                                                                                                                                                                                                                                        																									if(_t508 != 0x5bf) {
                                                                                                                                                                                                                                                        																										break;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									Sleep(0xa);
                                                                                                                                                                                                                                                        																									__eflags = _v2488;
                                                                                                                                                                                                                                                        																									if(_v2488 != 0) {
                                                                                                                                                                                                                                                        																										continue;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									goto L295;
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																								L301:
                                                                                                                                                                                                                                                        																								_t945 = _a4;
                                                                                                                                                                                                                                                        																								 *_t945 = 0;
                                                                                                                                                                                                                                                        																								L261:
                                                                                                                                                                                                                                                        																								_t945[1] = 1;
                                                                                                                                                                                                                                                        																								goto L262;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						if(WaitForSingleObject(_t836, 0xffffffff) != 0 || GetExitCodeProcess(_t836,  &_v1136) == 0) {
                                                                                                                                                                                                                                                        																							goto L301;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							 *_t945 = _v1136;
                                                                                                                                                                                                                                                        																							goto L261;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t925 =  *_a8;
                                                                                                                                                                                                                                                        																					E00BB2F60( &_v1104,  *_a8, _t966);
                                                                                                                                                                                                                                                        																					__eflags = _v1104.lpTitle - 1;
                                                                                                                                                                                                                                                        																					if(__eflags != 0) {
                                                                                                                                                                                                                                                        																						 *_a4 = 0;
                                                                                                                                                                                                                                                        																						_t522 = 1;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																						_t524 = _a4;
                                                                                                                                                                                                                                                        																						_t524[1] = 0;
                                                                                                                                                                                                                                                        																						 *_t524 = 0;
                                                                                                                                                                                                                                                        																						_t522 = 0;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t945 = _a4;
                                                                                                                                                                                                                                                        																					_t832 = 0;
                                                                                                                                                                                                                                                        																					_t945[1] = _t522;
                                                                                                                                                                                                                                                        																					goto L271;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t974 =  &(_a12[2]);
                                                                                                                                                                                                                                                        																			do {
                                                                                                                                                                                                                                                        																				if(( *_t946 & 0x0000ffff | 0x00000002) == 0x2f) {
                                                                                                                                                                                                                                                        																					__eflags = _t946[1] - 0x2d;
                                                                                                                                                                                                                                                        																					if(_t946[1] == 0x2d) {
                                                                                                                                                                                                                                                        																						_t951 =  &(_t946[2]);
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t951 =  &(_t946[1]);
                                                                                                                                                                                                                                                        																						__eflags = _t951;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t528 =  *_t951 & 0x0000ffff;
                                                                                                                                                                                                                                                        																					__eflags = _t528;
                                                                                                                                                                                                                                                        																					if(_t528 == 0) {
                                                                                                                                                                                                                                                        																						goto L211;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t530 = towlower(_t528 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t530 - 0x6e;
                                                                                                                                                                                                                                                        																						if(_t530 != 0x6e) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t531 = _t951[1] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t531;
                                                                                                                                                                                                                                                        																						if(_t531 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t533 = towlower(_t531 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t533 - 0x6f;
                                                                                                                                                                                                                                                        																						if(_t533 != 0x6f) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t534 = _t951[2] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t534;
                                                                                                                                                                                                                                                        																						if(_t534 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t536 = towlower(_t534 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t536 - 0x2d;
                                                                                                                                                                                                                                                        																						if(_t536 != 0x2d) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t537 = _t951[3] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t537;
                                                                                                                                                                                                                                                        																						if(_t537 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t539 = towlower(_t537 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t539 - 0x64;
                                                                                                                                                                                                                                                        																						if(_t539 != 0x64) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t540 = _t951[4] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t540;
                                                                                                                                                                                                                                                        																						if(_t540 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t542 = towlower(_t540 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t542 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t542 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t543 = _t951[5] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t543;
                                                                                                                                                                                                                                                        																						if(_t543 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t545 = towlower(_t543 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t545 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t545 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t546 = _t951[6] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t546;
                                                                                                                                                                                                                                                        																						if(_t546 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t548 = towlower(_t546 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t548 - 0x6c;
                                                                                                                                                                                                                                                        																						if(_t548 != 0x6c) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t549 = _t951[7] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t549;
                                                                                                                                                                                                                                                        																						if(_t549 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t551 = towlower(_t549 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t551 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t551 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t552 = _t951[8] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t552;
                                                                                                                                                                                                                                                        																						if(_t552 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t554 = towlower(_t552 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t554 - 0x76;
                                                                                                                                                                                                                                                        																						if(_t554 != 0x76) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t555 = _t951[9] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t555;
                                                                                                                                                                                                                                                        																						if(_t555 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t557 = towlower(_t555 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t557 - 0x61;
                                                                                                                                                                                                                                                        																						if(_t557 != 0x61) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t558 = _t951[0xa] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t558;
                                                                                                                                                                                                                                                        																						if(_t558 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t560 = towlower(_t558 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t560 - 0x74;
                                                                                                                                                                                                                                                        																						if(_t560 != 0x74) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t561 = _t951[0xb] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t561;
                                                                                                                                                                                                                                                        																						if(_t561 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t563 = towlower(_t561 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t563 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t563 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						__eflags = _t951[0xc];
                                                                                                                                                                                                                                                        																						if(_t951[0xc] != 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L240;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						do {
                                                                                                                                                                                                                                                        																							L240:
                                                                                                                                                                                                                                                        																							_t564 =  *_t974;
                                                                                                                                                                                                                                                        																							 *(_t974 - 4) = _t564;
                                                                                                                                                                                                                                                        																							_t974 =  &(_t974[1]);
                                                                                                                                                                                                                                                        																							__eflags = _t564;
                                                                                                                                                                                                                                                        																						} while (_t564 != 0);
                                                                                                                                                                                                                                                        																						_t565 = _a8;
                                                                                                                                                                                                                                                        																						_t831 = _t831 | 0x00000002;
                                                                                                                                                                                                                                                        																						 *_t565 =  *_t565 - 1;
                                                                                                                                                                                                                                                        																						__eflags =  *_t565;
                                                                                                                                                                                                                                                        																						goto L242;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				L211:
                                                                                                                                                                                                                                                        																				_t946 =  *_t974;
                                                                                                                                                                                                                                                        																				_t974 =  &(_t974[1]);
                                                                                                                                                                                                                                                        																			} while (_t946 != 0);
                                                                                                                                                                                                                                                        																			goto L242;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		__eflags =  *_t466;
                                                                                                                                                                                                                                                        																		_t831 = 0;
                                                                                                                                                                                                                                                        																		if( *_t466 != 0) {
                                                                                                                                                                                                                                                        																			L207:
                                                                                                                                                                                                                                                        																			_t831 = 1;
                                                                                                                                                                                                                                                        																			goto L208;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		goto L208;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *_t465;
                                                                                                                                                                                                                                                        																	if( *_t465 != 0) {
                                                                                                                                                                                                                                                        																		goto L207;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L355;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t952 =  &(_t464[4]);
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	if(( *_t830 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																		goto L167;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	if( *(_t830 + 2) != 0x2d) {
                                                                                                                                                                                                                                                        																		_t841 = _t830 + 2;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t841 = _t830 + 4;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t626 =  *_t841 & 0x0000ffff;
                                                                                                                                                                                                                                                        																	if(_t626 != 0) {
                                                                                                                                                                                                                                                        																		_t628 = towlower(_t626 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t628 != 0x77) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t215 =  &(_t841[1]); // 0x344600be
                                                                                                                                                                                                                                                        																		_t629 =  *_t215 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t629 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t631 = towlower(_t629 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t631 != 0x61) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t216 =  &(_t841[2]); // 0xbf3446
                                                                                                                                                                                                                                                        																		_t632 =  *_t216 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t632 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t634 = towlower(_t632 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t634 != 0x69) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t217 =  &(_t841[3]); // 0x214000bf
                                                                                                                                                                                                                                                        																		_t635 =  *_t217 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t635 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t637 = towlower(_t635 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t637 != 0x74) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t218 =  &(_t841[4]); // 0xbf2140
                                                                                                                                                                                                                                                        																		_t638 =  *_t218 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t638 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t640 = towlower(_t638 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t640 != 0x2d) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t219 =  &(_t841[5]); // 0x213800bf
                                                                                                                                                                                                                                                        																		_t641 =  *_t219 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t641 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t643 = towlower(_t641 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t643 != 0x66) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t220 =  &(_t841[6]); // 0xbf2138
                                                                                                                                                                                                                                                        																		_t644 =  *_t220 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t644 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t646 = towlower(_t644 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t646 != 0x6f) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t221 =  &(_t841[7]); // 0x3ac300bf
                                                                                                                                                                                                                                                        																		_t647 =  *_t221 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t647 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t649 = towlower(_t647 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t649 != 0x72) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t222 =  &(_t841[8]); // 0xbf3ac3
                                                                                                                                                                                                                                                        																		_t650 =  *_t222 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t650 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t652 = towlower(_t650 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t652 != 0x2d) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t223 =  &(_t841[9]); // 0x391500bf
                                                                                                                                                                                                                                                        																		_t653 =  *_t223 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t653 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t655 = towlower(_t653 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t655 != 0x62) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t224 =  &(_t841[0xa]); // 0xbf3915
                                                                                                                                                                                                                                                        																		_t656 =  *_t224 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t656 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t658 = towlower(_t656 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t658 != 0x72) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t225 =  &(_t841[0xb]); // 0x202400bf
                                                                                                                                                                                                                                                        																		_t659 =  *_t225 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t659 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t661 = towlower(_t659 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t661 != 0x6f) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t226 =  &(_t841[0xc]); // 0xbf2024
                                                                                                                                                                                                                                                        																		_t662 =  *_t226 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t662 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t664 = towlower(_t662 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t664 != 0x77) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t227 =  &(_t841[0xd]); // 0xbf
                                                                                                                                                                                                                                                        																		_t665 =  *_t227 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t665 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t667 = towlower(_t665 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t667 != 0x73) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t228 =  &(_t841[0xe]); // 0x0
                                                                                                                                                                                                                                                        																		_t668 =  *_t228 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t668 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t670 = towlower(_t668 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t670 != 0x65) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t229 =  &(_t841[0xf]); // 0xa0000
                                                                                                                                                                                                                                                        																		_t671 =  *_t229 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t671 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t673 = towlower(_t671 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t673 != 0x72 || _t841[0x10] != 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t674 =  *(_t952 - 8);
                                                                                                                                                                                                                                                        																			 *(_t952 - 0xc) = _t674;
                                                                                                                                                                                                                                                        																			if(_t674 == 0) {
                                                                                                                                                                                                                                                        																				L206:
                                                                                                                                                                                                                                                        																				 *_a8 =  *_a8 - 1;
                                                                                                                                                                                                                                                        																				goto L207;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t676 =  *(_t952 - 4);
                                                                                                                                                                                                                                                        																			 *(_t952 - 8) = _t676;
                                                                                                                                                                                                                                                        																			if(_t676 != 0) {
                                                                                                                                                                                                                                                        																				while(1) {
                                                                                                                                                                                                                                                        																					_t677 =  *_t952;
                                                                                                                                                                                                                                                        																					 *(_t952 - 4) = _t677;
                                                                                                                                                                                                                                                        																					_t952 =  &(_t952[1]);
                                                                                                                                                                                                                                                        																					__eflags = _t677;
                                                                                                                                                                                                                                                        																					if(_t677 == 0) {
                                                                                                                                                                                                                                                        																						goto L206;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			goto L206;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	L167:
                                                                                                                                                                                                                                                        																	_t830 =  *(_t952 - 8);
                                                                                                                                                                                                                                                        																	_t952 =  &(_t952[1]);
                                                                                                                                                                                                                                                        																	__eflags = _t830;
                                                                                                                                                                                                                                                        																} while (_t830 != 0);
                                                                                                                                                                                                                                                        																_t894 = _a12;
                                                                                                                                                                                                                                                        																_t569 =  *_v2492;
                                                                                                                                                                                                                                                        																__eflags = _t569;
                                                                                                                                                                                                                                                        																if(_t569 == 0) {
                                                                                                                                                                                                                                                        																	goto L353;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t953 = _t894 + 8;
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	__eflags = ( *_t569 & 0x0000ffff | 0x00000002) - 0x2f;
                                                                                                                                                                                                                                                        																	if(( *_t569 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t569 + 2)) - 0x2d;
                                                                                                                                                                                                                                                        																	_t840 =  ==  ? _t569 + 4 : _t569 + 2;
                                                                                                                                                                                                                                                        																	_t596 =  *(_t569 + 2 + (0 |  *((short*)(_t569 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t596;
                                                                                                                                                                                                                                                        																	if(_t596 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t598 = towlower(_t596 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t598 - 0x6d;
                                                                                                                                                                                                                                                        																	if(_t598 != 0x6d) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t599 =  *(_t840 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t599;
                                                                                                                                                                                                                                                        																	if(_t599 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t601 = towlower(_t599 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t601 - 0x61;
                                                                                                                                                                                                                                                        																	if(_t601 != 0x61) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t602 =  *(_t840 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t602;
                                                                                                                                                                                                                                                        																	if(_t602 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t604 = towlower(_t602 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t604 - 0x72;
                                                                                                                                                                                                                                                        																	if(_t604 != 0x72) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t605 =  *(_t840 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t605;
                                                                                                                                                                                                                                                        																	if(_t605 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t607 = towlower(_t605 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t607 - 0x69;
                                                                                                                                                                                                                                                        																	if(_t607 != 0x69) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t608 =  *(_t840 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t608;
                                                                                                                                                                                                                                                        																	if(_t608 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t610 = towlower(_t608 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t610 - 0x6f;
                                                                                                                                                                                                                                                        																	if(_t610 != 0x6f) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t611 =  *(_t840 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t611;
                                                                                                                                                                                                                                                        																	if(_t611 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t613 = towlower(_t611 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t613 - 0x6e;
                                                                                                                                                                                                                                                        																	if(_t613 != 0x6e) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t614 =  *(_t840 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t614;
                                                                                                                                                                                                                                                        																	if(_t614 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t616 = towlower(_t614 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t616 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t616 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t617 =  *(_t840 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t617;
                                                                                                                                                                                                                                                        																	if(_t617 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t619 = towlower(_t617 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t619 - 0x74;
                                                                                                                                                                                                                                                        																	if(_t619 != 0x74) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t620 =  *(_t840 + 0x10) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t620;
                                                                                                                                                                                                                                                        																	if(_t620 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t622 = towlower(_t620 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t622 - 0x74;
                                                                                                                                                                                                                                                        																	if(_t622 != 0x74) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t623 =  *(_t840 + 0x12) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t623;
                                                                                                                                                                                                                                                        																	if(_t623 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t625 = towlower(_t623 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t625 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t625 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t840 + 0x14));
                                                                                                                                                                                                                                                        																	if( *((short*)(_t840 + 0x14)) != 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L207;
                                                                                                                                                                                                                                                        																	L307:
                                                                                                                                                                                                                                                        																	_t569 =  *_t953;
                                                                                                                                                                                                                                                        																	_t953 =  &(_t953[1]);
                                                                                                                                                                                                                                                        																	__eflags = _t569;
                                                                                                                                                                                                                                                        																} while (_t569 != 0);
                                                                                                                                                                                                                                                        																_t897 = _a12;
                                                                                                                                                                                                                                                        																_t571 =  *_v2492;
                                                                                                                                                                                                                                                        																__eflags = _t571;
                                                                                                                                                                                                                                                        																if(_t571 == 0) {
                                                                                                                                                                                                                                                        																	goto L353;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t954 = _t897 + 8;
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	__eflags = ( *_t571 & 0x0000ffff | 0x00000002) - 0x2f;
                                                                                                                                                                                                                                                        																	if(( *_t571 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t571 + 2)) - 0x2d;
                                                                                                                                                                                                                                                        																	_t838 =  ==  ? _t571 + 4 : _t571 + 2;
                                                                                                                                                                                                                                                        																	_t572 =  *(_t571 + 2 + (0 |  *((short*)(_t571 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t572;
                                                                                                                                                                                                                                                        																	if(_t572 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t574 = towlower(_t572 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t574 - 0x68;
                                                                                                                                                                                                                                                        																	if(_t574 != 0x68) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t575 =  *(_t838 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t575;
                                                                                                                                                                                                                                                        																	if(_t575 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t577 = towlower(_t575 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t577 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t577 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t578 =  *(_t838 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t578;
                                                                                                                                                                                                                                                        																	if(_t578 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t580 = towlower(_t578 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t580 - 0x61;
                                                                                                                                                                                                                                                        																	if(_t580 != 0x61) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t581 =  *(_t838 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t581;
                                                                                                                                                                                                                                                        																	if(_t581 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t583 = towlower(_t581 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t583 - 0x64;
                                                                                                                                                                                                                                                        																	if(_t583 != 0x64) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t584 =  *(_t838 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t584;
                                                                                                                                                                                                                                                        																	if(_t584 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t586 = towlower(_t584 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t586 - 0x6c;
                                                                                                                                                                                                                                                        																	if(_t586 != 0x6c) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t587 =  *(_t838 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t587;
                                                                                                                                                                                                                                                        																	if(_t587 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t589 = towlower(_t587 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t589 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t589 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t590 =  *(_t838 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t590;
                                                                                                                                                                                                                                                        																	if(_t590 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t592 = towlower(_t590 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t592 - 0x73;
                                                                                                                                                                                                                                                        																	if(_t592 != 0x73) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t593 =  *(_t838 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t593;
                                                                                                                                                                                                                                                        																	if(_t593 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t595 = towlower(_t593 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t595 - 0x73;
                                                                                                                                                                                                                                                        																	if(_t595 != 0x73) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t838 + 0x10));
                                                                                                                                                                                                                                                        																	if( *((short*)(_t838 + 0x10)) != 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L207;
                                                                                                                                                                                                                                                        																	L333:
                                                                                                                                                                                                                                                        																	_t571 =  *_t954;
                                                                                                                                                                                                                                                        																	_t954 =  &(_t954[2]);
                                                                                                                                                                                                                                                        																	__eflags = _t571;
                                                                                                                                                                                                                                                        																} while (_t571 != 0);
                                                                                                                                                                                                                                                        																goto L353;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t460 =  *0xbfa03c; // 0xffffffff
                                                                                                                                                                                                                                                        															if(_t460 < 0x383a) {
                                                                                                                                                                                                                                                        																goto L110;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															memset( &(_v1104.lpDesktop), 0, 0x94);
                                                                                                                                                                                                                                                        															_t986 = _t986 + 0xc;
                                                                                                                                                                                                                                                        															_t955 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        															_v1104.cb = 0x9c;
                                                                                                                                                                                                                                                        															_v1104.lpReserved = 0xa;
                                                                                                                                                                                                                                                        															_v1104.lpTitle = 0x3839;
                                                                                                                                                                                                                                                        															_t682 =  *_t955(0, 0, 2, 3);
                                                                                                                                                                                                                                                        															_t683 =  *_t955(_t682, _t925, 1, 3);
                                                                                                                                                                                                                                                        															_t684 =  *_t955(_t683, _t925, 4, 3);
                                                                                                                                                                                                                                                        															_t685 =  *_t955(_t684, _t925, 0x20, 3);
                                                                                                                                                                                                                                                        															_t686 =  *_t955(_t685, _t925, 0x10, 3);
                                                                                                                                                                                                                                                        															_push(_t925);
                                                                                                                                                                                                                                                        															if(VerifyVersionInfoA(_t964, 0x37, _t686) != 0) {
                                                                                                                                                                                                                                                        																 *0xbfa798 = 0x3839;
                                                                                                                                                                                                                                                        																goto L124;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t460 =  *0xbfa03c;
                                                                                                                                                                                                                                                        															 *0xbfa03c = 0x3839;
                                                                                                                                                                                                                                                        															goto L110;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t976 =  &(_t829[2]);
                                                                                                                                                                                                                                                        														do {
                                                                                                                                                                                                                                                        															if(( *_t692 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t843 =  ==  ? _t692 + 4 : _t692 + 2;
                                                                                                                                                                                                                                                        															_t693 =  *(_t692 + 2 + (0 |  *((short*)(_t692 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t693 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t695 = towlower(_t693 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t695 != 0x66) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t696 =  *(_t843 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t696 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t698 = towlower(_t696 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t698 != 0x6f) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t699 =  *(_t843 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t699 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t701 = towlower(_t699 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t701 != 0x72) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t702 =  *(_t843 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t702 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t704 = towlower(_t702 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t704 != 0x63) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t705 =  *(_t843 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t705 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t707 = towlower(_t705 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t707 != 0x65) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t708 =  *(_t843 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t708 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t710 = towlower(_t708 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t710 != 0x2d) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t711 =  *(_t843 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t711 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t713 = towlower(_t711 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t713 != 0x6c) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t714 =  *(_t843 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t714 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t716 = towlower(_t714 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t716 != 0x61) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t717 =  *(_t843 + 0x10) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t717 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t719 = towlower(_t717 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t719 != 0x75) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t720 =  *(_t843 + 0x12) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t720 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t722 = towlower(_t720 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t722 != 0x6e) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t723 =  *(_t843 + 0x14) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t723 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t725 = towlower(_t723 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t725 != 0x63) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t726 =  *(_t843 + 0x16) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t726 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t728 = towlower(_t726 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t728 != 0x68) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t729 =  *(_t843 + 0x18) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t729 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t731 = towlower(_t729 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t731 != 0x65) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t732 =  *(_t843 + 0x1a) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t732 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t734 = towlower(_t732 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t734 == 0x72 &&  *((short*)(_t843 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	_t735 =  *_t976;
                                                                                                                                                                                                                                                        																	 *(_t976 - 4) = _t735;
                                                                                                                                                                                                                                                        																	_t976 =  &(_t976[1]);
                                                                                                                                                                                                                                                        																	_t1106 = _t735;
                                                                                                                                                                                                                                                        																} while (_t735 != 0);
                                                                                                                                                                                                                                                        																 *_a8 =  *_a8 - 1;
                                                                                                                                                                                                                                                        																_t445 = 1;
                                                                                                                                                                                                                                                        																L103:
                                                                                                                                                                                                                                                        																_t829 = _a12;
                                                                                                                                                                                                                                                        																goto L104;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															L133:
                                                                                                                                                                                                                                                        															_t692 =  *_t976;
                                                                                                                                                                                                                                                        															_t976 =  &(_t976[1]);
                                                                                                                                                                                                                                                        															__eflags = _t692;
                                                                                                                                                                                                                                                        														} while (__eflags != 0);
                                                                                                                                                                                                                                                        														_t445 = 0;
                                                                                                                                                                                                                                                        														goto L103;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L78:
                                                                                                                                                                                                                                                        													_t444 =  *_t977;
                                                                                                                                                                                                                                                        													_t977 =  &(_t977[2]);
                                                                                                                                                                                                                                                        													__eflags = _t444;
                                                                                                                                                                                                                                                        												} while (__eflags != 0);
                                                                                                                                                                                                                                                        												goto L99;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L61:
                                                                                                                                                                                                                                                        									_t827 = 0;
                                                                                                                                                                                                                                                        									L49:
                                                                                                                                                                                                                                                        									_v2504 = 0;
                                                                                                                                                                                                                                                        									_v2500 = 0;
                                                                                                                                                                                                                                                        									goto L50;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t924 =  &_v2408;
                                                                                                                                                                                                                                                        								E00BBDF80( &_v1104,  &_v2408); // executed
                                                                                                                                                                                                                                                        								if(_v1104.dwX == 1) {
                                                                                                                                                                                                                                                        									_t766 = _v1104.lpDesktop;
                                                                                                                                                                                                                                                        									_t827 = _v1104.lpReserved;
                                                                                                                                                                                                                                                        									_t941 = _v1104.lpTitle;
                                                                                                                                                                                                                                                        									L68:
                                                                                                                                                                                                                                                        									_v2496 = _t766;
                                                                                                                                                                                                                                                        									_t768 = _t827 & 0xffffff00;
                                                                                                                                                                                                                                                        									__eflags = _t768;
                                                                                                                                                                                                                                                        									_v2504 = _t768;
                                                                                                                                                                                                                                                        									goto L69;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t924 =  &(_v1104.dwY);
                                                                                                                                                                                                                                                        								E00BBE0D0( &_v1136,  &(_v1104.dwY), _v1104.cb); // executed
                                                                                                                                                                                                                                                        								_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        								if(_v1112 == 1) {
                                                                                                                                                                                                                                                        									_t941 = _v1128;
                                                                                                                                                                                                                                                        									__eflags = _t941 - 0xd000003a;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										_t770 = GetCurrentProcess();
                                                                                                                                                                                                                                                        										_t924 =  &_v1136;
                                                                                                                                                                                                                                                        										_v2488 = _t770;
                                                                                                                                                                                                                                                        										_v1136 = _t770;
                                                                                                                                                                                                                                                        										E00BBDF80( &_v2200,  &_v1136);
                                                                                                                                                                                                                                                        										__eflags = _v2184 - 1;
                                                                                                                                                                                                                                                        										if(_v2184 != 1) {
                                                                                                                                                                                                                                                        											_t924 =  &_v2200;
                                                                                                                                                                                                                                                        											_t827 = E00BBE060( &_v1104,  &_v2200);
                                                                                                                                                                                                                                                        											_t941 = 0xd000003a;
                                                                                                                                                                                                                                                        											_v2504 = 0;
                                                                                                                                                                                                                                                        											_v2500 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t827 = _v2196;
                                                                                                                                                                                                                                                        											_t941 = _v2188;
                                                                                                                                                                                                                                                        											_v2496 = _v2192;
                                                                                                                                                                                                                                                        											_v2504 = _t827 & 0xffffff00;
                                                                                                                                                                                                                                                        											_v2500 = 1;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _v2488 + 1 - 2;
                                                                                                                                                                                                                                                        										if(__eflags >= 0) {
                                                                                                                                                                                                                                                        											CloseHandle(_v2488);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L50;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t827 = _v1136;
                                                                                                                                                                                                                                                        									_t850 = _t827;
                                                                                                                                                                                                                                                        									_v2496 = _v1132;
                                                                                                                                                                                                                                                        									goto L65;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								E00BBE000( &_v2200);
                                                                                                                                                                                                                                                        								if(_v2184 == 1) {
                                                                                                                                                                                                                                                        									_t766 = _v2192;
                                                                                                                                                                                                                                                        									_t827 = _v2196;
                                                                                                                                                                                                                                                        									_t941 = _v2188;
                                                                                                                                                                                                                                                        									goto L68;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t924 =  &_v2180;
                                                                                                                                                                                                                                                        								E00BBE0D0( &_v2232,  &_v2180, _v2200); // executed
                                                                                                                                                                                                                                                        								_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        								_t783 = _v2208;
                                                                                                                                                                                                                                                        								if(_t783 == 1) {
                                                                                                                                                                                                                                                        									_t766 = _v2228;
                                                                                                                                                                                                                                                        									_t827 = _v2232;
                                                                                                                                                                                                                                                        									_t941 = _v2224;
                                                                                                                                                                                                                                                        									goto L68;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t784 = _t783 | _v1112;
                                                                                                                                                                                                                                                        								if(_t784 != 0) {
                                                                                                                                                                                                                                                        									goto L61;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									asm("movdqu xmm0, [esp+0x560]");
                                                                                                                                                                                                                                                        									asm("movdqu xmm2, [esp+0x118]");
                                                                                                                                                                                                                                                        									asm("movdqu xmm1, [esp+0x568]");
                                                                                                                                                                                                                                                        									asm("movdqu xmm3, [esp+0x120]");
                                                                                                                                                                                                                                                        									asm("pcmpeqb xmm2, xmm0");
                                                                                                                                                                                                                                                        									asm("pcmpeqb xmm3, xmm1");
                                                                                                                                                                                                                                                        									asm("pand xmm3, xmm2");
                                                                                                                                                                                                                                                        									asm("pmovmskb eax, xmm3");
                                                                                                                                                                                                                                                        									_t827 = _t827 & 0xffffff00 | _t784 == 0x0000ffff;
                                                                                                                                                                                                                                                        									goto L49;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L58:
                                                                                                                                                                                                                                                        							_t941 = _t941 | 0x10000000;
                                                                                                                                                                                                                                                        							_v2496 = 0x492;
                                                                                                                                                                                                                                                        							_t786 = _t827 & 0xffffff00;
                                                                                                                                                                                                                                                        							__eflags = _t786;
                                                                                                                                                                                                                                                        							_v2504 = _t786;
                                                                                                                                                                                                                                                        							goto L59;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t827 = _v1104.dwY;
                                                                                                                                                                                                                                                        						if(_t941 < 0) {
                                                                                                                                                                                                                                                        							goto L58;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L42;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t978 =  &(_a12[2]);
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t917 =  *_t432 & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t917 != 0x2d) {
                                                                                                                                                                                                                                                        								__eflags = _t917 - 0x2f;
                                                                                                                                                                                                                                                        								if(_t917 == 0x2f) {
                                                                                                                                                                                                                                                        									goto L14;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t924 = 0 |  *((short*)(_t432 + 2)) == 0x0000002d;
                                                                                                                                                                                                                                                        							_t845 =  ==  ? _t432 + 4 : _t432 + 2;
                                                                                                                                                                                                                                                        							_t787 =  *(_t432 + 2 + ( *((short*)(_t432 + 2)) == 0x2d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t787 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t789 = towlower(_t787 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t789 != 0x63) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t790 =  *(_t845 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t790 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t792 = towlower(_t790 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t792 != 0x6f) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t793 =  *(_t845 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t793 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t795 = towlower(_t793 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t795 != 0x6e) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t796 =  *(_t845 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t796 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t798 = towlower(_t796 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t798 != 0x74) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t799 =  *(_t845 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t799 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t801 = towlower(_t799 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t801 != 0x65) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t802 =  *(_t845 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t802 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t804 = towlower(_t802 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t804 != 0x6e) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t805 =  *(_t845 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t805 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t807 = towlower(_t805 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t807 != 0x74) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t808 =  *(_t845 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t808 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t810 = towlower(_t808 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t810 != 0x70) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t811 =  *(_t845 + 0x10) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t811 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t813 = towlower(_t811 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t813 != 0x72) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t814 =  *(_t845 + 0x12) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t814 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t816 = towlower(_t814 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t816 != 0x6f) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t817 =  *(_t845 + 0x14) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t817 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t819 = towlower(_t817 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t819 == 0x63 &&  *((short*)(_t845 + 0x16)) == 0) {
                                                                                                                                                                                                                                                        								L116:
                                                                                                                                                                                                                                                        								_t925 =  &_v1104;
                                                                                                                                                                                                                                                        								E00BB5A40( &_v2392,  &_v1104);
                                                                                                                                                                                                                                                        								__eflags = _v1104.lpTitle - 1;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									L122:
                                                                                                                                                                                                                                                        									E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t945 = _a4;
                                                                                                                                                                                                                                                        								_t945[1] = 0;
                                                                                                                                                                                                                                                        								 *_t945 = 0;
                                                                                                                                                                                                                                                        								L118:
                                                                                                                                                                                                                                                        								E00BB2EF0( &_v2392);
                                                                                                                                                                                                                                                        								E00BEECB0(_v40 ^ _t980, _t925);
                                                                                                                                                                                                                                                        								return _t945;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L39:
                                                                                                                                                                                                                                                        							_t432 =  *_t978;
                                                                                                                                                                                                                                                        							_t978 = _t978 + 4;
                                                                                                                                                                                                                                                        						} while (_t432 != 0);
                                                                                                                                                                                                                                                        						goto L40;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t846 = _v2480.hThread;
                                                                                                                                                                                                                                                        					_t979 =  &(_a12[4]);
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						if(( *_t429 & 0x0000ffff | 0x00000002) == 0x2f) {
                                                                                                                                                                                                                                                        							_t922 = _t429 + 4;
                                                                                                                                                                                                                                                        							_t924 = 0 |  *((short*)(_t429 + 2)) == 0x0000002d;
                                                                                                                                                                                                                                                        							_t960 =  ==  ? _t922 : _t429 + 2;
                                                                                                                                                                                                                                                        							_t820 =  *(_t429 + 2 + ( *((short*)(_t429 + 2)) == 0x2d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							_v2484 =  ==  ? _t922 : _t429 + 2;
                                                                                                                                                                                                                                                        							_t961 = 2;
                                                                                                                                                                                                                                                        							_t923 = _t922 & 0xffffff00 | _t820 != 0x00000000;
                                                                                                                                                                                                                                                        							while((_t923 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        								_t822 = towlower(_t820 & 0x0000ffff);
                                                                                                                                                                                                                                                        								_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        								_t26 = _t961 + 0xbf41f8; // 0x6f006c
                                                                                                                                                                                                                                                        								if(_t822 !=  *_t26) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t820 =  *(_v2484 + _t961) & 0x0000ffff;
                                                                                                                                                                                                                                                        								_t923 = _t923 & 0xffffff00 | _t820 != 0x00000000;
                                                                                                                                                                                                                                                        								_t1007 =  *((short*)(_t961 + L"log-launcher-error"));
                                                                                                                                                                                                                                                        								_t961 = _t961 + 2;
                                                                                                                                                                                                                                                        								if(_t1007 != 0) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(_t820 != 0) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        								L9:
                                                                                                                                                                                                                                                        								_t824 =  *_t979;
                                                                                                                                                                                                                                                        								 *(_t979 - 4) = _t824;
                                                                                                                                                                                                                                                        								_t979 =  &(_t979[2]);
                                                                                                                                                                                                                                                        								if(_t824 != 0) {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t825 = _a8;
                                                                                                                                                                                                                                                        									 *_t825 =  *_t825 - 1;
                                                                                                                                                                                                                                                        									_t1010 =  *_t825;
                                                                                                                                                                                                                                                        									 *0xbfa764 = 1;
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t429 =  *(_t846 + 4);
                                                                                                                                                                                                                                                        						_t846 = _t846 + 4;
                                                                                                                                                                                                                                                        						_t979 =  &(_t979[2]);
                                                                                                                                                                                                                                                        						__eflags = _t429;
                                                                                                                                                                                                                                                        					} while (__eflags != 0);
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}







































































































































































































































































































































                                                                                                                                                                                                                                                        0x00bb3ddf
                                                                                                                                                                                                                                                        0x00bb3de4
                                                                                                                                                                                                                                                        0x00bb3de7
                                                                                                                                                                                                                                                        0x00bb3df7
                                                                                                                                                                                                                                                        0x00bb3df9
                                                                                                                                                                                                                                                        0x00bb3e04
                                                                                                                                                                                                                                                        0x00bb3e0b
                                                                                                                                                                                                                                                        0x00bb3e10
                                                                                                                                                                                                                                                        0x00bb3e16
                                                                                                                                                                                                                                                        0x00bb3e1c
                                                                                                                                                                                                                                                        0x00bb3e20
                                                                                                                                                                                                                                                        0x00bb3e25
                                                                                                                                                                                                                                                        0x00bb3ed7
                                                                                                                                                                                                                                                        0x00bb3edb
                                                                                                                                                                                                                                                        0x00bb3ee4
                                                                                                                                                                                                                                                        0x00bb3ee8
                                                                                                                                                                                                                                                        0x00bb4087
                                                                                                                                                                                                                                                        0x00bb4087
                                                                                                                                                                                                                                                        0x00bb4092
                                                                                                                                                                                                                                                        0x00bb409d
                                                                                                                                                                                                                                                        0x00bb40af
                                                                                                                                                                                                                                                        0x00bb40c0
                                                                                                                                                                                                                                                        0x00bb40c5
                                                                                                                                                                                                                                                        0x00bb40c9
                                                                                                                                                                                                                                                        0x00bb422c
                                                                                                                                                                                                                                                        0x00bb4231
                                                                                                                                                                                                                                                        0x00bb4233
                                                                                                                                                                                                                                                        0x00bb40de
                                                                                                                                                                                                                                                        0x00bb40e6
                                                                                                                                                                                                                                                        0x00bb40ec
                                                                                                                                                                                                                                                        0x00bb40f0
                                                                                                                                                                                                                                                        0x00bb40f4
                                                                                                                                                                                                                                                        0x00bb4285
                                                                                                                                                                                                                                                        0x00bb428b
                                                                                                                                                                                                                                                        0x00bb428e
                                                                                                                                                                                                                                                        0x00bb4348
                                                                                                                                                                                                                                                        0x00bb434d
                                                                                                                                                                                                                                                        0x00bb4352
                                                                                                                                                                                                                                                        0x00bb4360
                                                                                                                                                                                                                                                        0x00bb4362
                                                                                                                                                                                                                                                        0x00bb42d9
                                                                                                                                                                                                                                                        0x00bb42df
                                                                                                                                                                                                                                                        0x00bb4320
                                                                                                                                                                                                                                                        0x00bb4322
                                                                                                                                                                                                                                                        0x00bb41e2
                                                                                                                                                                                                                                                        0x00bb41e2
                                                                                                                                                                                                                                                        0x00bb41e8
                                                                                                                                                                                                                                                        0x00bb41eb
                                                                                                                                                                                                                                                        0x00bb41eb
                                                                                                                                                                                                                                                        0x00bb41f6
                                                                                                                                                                                                                                                        0x00bb4252
                                                                                                                                                                                                                                                        0x00bb425d
                                                                                                                                                                                                                                                        0x00bb4264
                                                                                                                                                                                                                                                        0x00bb4272
                                                                                                                                                                                                                                                        0x00bb4279
                                                                                                                                                                                                                                                        0x00bb427e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb41f8
                                                                                                                                                                                                                                                        0x00bb41fa
                                                                                                                                                                                                                                                        0x00bb41fd
                                                                                                                                                                                                                                                        0x00bb4202
                                                                                                                                                                                                                                                        0x00bb4208
                                                                                                                                                                                                                                                        0x00bb420d
                                                                                                                                                                                                                                                        0x00bb432b
                                                                                                                                                                                                                                                        0x00bb432e
                                                                                                                                                                                                                                                        0x00bb4339
                                                                                                                                                                                                                                                        0x00bb433e
                                                                                                                                                                                                                                                        0x00bb433e
                                                                                                                                                                                                                                                        0x00bb432e
                                                                                                                                                                                                                                                        0x00bb4217
                                                                                                                                                                                                                                                        0x00bb421b
                                                                                                                                                                                                                                                        0x00bb4567
                                                                                                                                                                                                                                                        0x00bb4567
                                                                                                                                                                                                                                                        0x00bb4569
                                                                                                                                                                                                                                                        0x00bb4586
                                                                                                                                                                                                                                                        0x00bb4586
                                                                                                                                                                                                                                                        0x00bb4588
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4588
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4221
                                                                                                                                                                                                                                                        0x00bb4224
                                                                                                                                                                                                                                                        0x00bb441d
                                                                                                                                                                                                                                                        0x00bb4427
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4439
                                                                                                                                                                                                                                                        0x00bb443c
                                                                                                                                                                                                                                                        0x00bb4444
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb444a
                                                                                                                                                                                                                                                        0x00bb4450
                                                                                                                                                                                                                                                        0x00bb4457
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4459
                                                                                                                                                                                                                                                        0x00bb4460
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4466
                                                                                                                                                                                                                                                        0x00bb446c
                                                                                                                                                                                                                                                        0x00bb4473
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4475
                                                                                                                                                                                                                                                        0x00bb447c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4482
                                                                                                                                                                                                                                                        0x00bb4488
                                                                                                                                                                                                                                                        0x00bb448f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4495
                                                                                                                                                                                                                                                        0x00bb449c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44a6
                                                                                                                                                                                                                                                        0x00bb44ac
                                                                                                                                                                                                                                                        0x00bb44b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44b9
                                                                                                                                                                                                                                                        0x00bb44c0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44ca
                                                                                                                                                                                                                                                        0x00bb44d0
                                                                                                                                                                                                                                                        0x00bb44d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44dd
                                                                                                                                                                                                                                                        0x00bb44e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44ee
                                                                                                                                                                                                                                                        0x00bb44f4
                                                                                                                                                                                                                                                        0x00bb44fb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4501
                                                                                                                                                                                                                                                        0x00bb4508
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4512
                                                                                                                                                                                                                                                        0x00bb4518
                                                                                                                                                                                                                                                        0x00bb451f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4525
                                                                                                                                                                                                                                                        0x00bb452c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4536
                                                                                                                                                                                                                                                        0x00bb453c
                                                                                                                                                                                                                                                        0x00bb4543
                                                                                                                                                                                                                                                        0x00bb4554
                                                                                                                                                                                                                                                        0x00bb4554
                                                                                                                                                                                                                                                        0x00bb4556
                                                                                                                                                                                                                                                        0x00bb4559
                                                                                                                                                                                                                                                        0x00bb455c
                                                                                                                                                                                                                                                        0x00bb4563
                                                                                                                                                                                                                                                        0x00bb456b
                                                                                                                                                                                                                                                        0x00bb456f
                                                                                                                                                                                                                                                        0x00bb4572
                                                                                                                                                                                                                                                        0x00bb4574
                                                                                                                                                                                                                                                        0x00bb4578
                                                                                                                                                                                                                                                        0x00bb4730
                                                                                                                                                                                                                                                        0x00bb4590
                                                                                                                                                                                                                                                        0x00bb4590
                                                                                                                                                                                                                                                        0x00bb459b
                                                                                                                                                                                                                                                        0x00bb459f
                                                                                                                                                                                                                                                        0x00bb45a4
                                                                                                                                                                                                                                                        0x00bb45af
                                                                                                                                                                                                                                                        0x00bb473e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb473e
                                                                                                                                                                                                                                                        0x00bb45bd
                                                                                                                                                                                                                                                        0x00bb46be
                                                                                                                                                                                                                                                        0x00bb46c7
                                                                                                                                                                                                                                                        0x00bb46c9
                                                                                                                                                                                                                                                        0x00bb47cb
                                                                                                                                                                                                                                                        0x00bb47ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb47d4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb47d4
                                                                                                                                                                                                                                                        0x00bb46cf
                                                                                                                                                                                                                                                        0x00bb46d4
                                                                                                                                                                                                                                                        0x00bb46dd
                                                                                                                                                                                                                                                        0x00bb46df
                                                                                                                                                                                                                                                        0x00bb47df
                                                                                                                                                                                                                                                        0x00bb47e3
                                                                                                                                                                                                                                                        0x00bb47ee
                                                                                                                                                                                                                                                        0x00bb4806
                                                                                                                                                                                                                                                        0x00bb480a
                                                                                                                                                                                                                                                        0x00bb4813
                                                                                                                                                                                                                                                        0x00bb4813
                                                                                                                                                                                                                                                        0x00bb47e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb46df
                                                                                                                                                                                                                                                        0x00bb45c3
                                                                                                                                                                                                                                                        0x00bb45cd
                                                                                                                                                                                                                                                        0x00bb4787
                                                                                                                                                                                                                                                        0x00bb4787
                                                                                                                                                                                                                                                        0x00bb478d
                                                                                                                                                                                                                                                        0x00bb4794
                                                                                                                                                                                                                                                        0x00bb4799
                                                                                                                                                                                                                                                        0x00bb479c
                                                                                                                                                                                                                                                        0x00bb47a2
                                                                                                                                                                                                                                                        0x00bb4823
                                                                                                                                                                                                                                                        0x00bb4828
                                                                                                                                                                                                                                                        0x00bb482b
                                                                                                                                                                                                                                                        0x00bb4832
                                                                                                                                                                                                                                                        0x00bb4838
                                                                                                                                                                                                                                                        0x00bb4842
                                                                                                                                                                                                                                                        0x00bb4847
                                                                                                                                                                                                                                                        0x00bb4847
                                                                                                                                                                                                                                                        0x00bb4832
                                                                                                                                                                                                                                                        0x00bb47a4
                                                                                                                                                                                                                                                        0x00bb47a9
                                                                                                                                                                                                                                                        0x00bb47ac
                                                                                                                                                                                                                                                        0x00bb47ae
                                                                                                                                                                                                                                                        0x00bb47b4
                                                                                                                                                                                                                                                        0x00bb47c4
                                                                                                                                                                                                                                                        0x00bb47c4
                                                                                                                                                                                                                                                        0x00bb4669
                                                                                                                                                                                                                                                        0x00bb4669
                                                                                                                                                                                                                                                        0x00bb4670
                                                                                                                                                                                                                                                        0x00bb4745
                                                                                                                                                                                                                                                        0x00bb4745
                                                                                                                                                                                                                                                        0x00bb474d
                                                                                                                                                                                                                                                        0x00bb4758
                                                                                                                                                                                                                                                        0x00bb4763
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4763
                                                                                                                                                                                                                                                        0x00bb467d
                                                                                                                                                                                                                                                        0x00bb4682
                                                                                                                                                                                                                                                        0x00bb4689
                                                                                                                                                                                                                                                        0x00bb4696
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb469c
                                                                                                                                                                                                                                                        0x00bb469e
                                                                                                                                                                                                                                                        0x00bb46a0
                                                                                                                                                                                                                                                        0x00bb46a5
                                                                                                                                                                                                                                                        0x00bb573e
                                                                                                                                                                                                                                                        0x00bb5743
                                                                                                                                                                                                                                                        0x00bb5749
                                                                                                                                                                                                                                                        0x00bb574c
                                                                                                                                                                                                                                                        0x00bb574e
                                                                                                                                                                                                                                                        0x00bb5759
                                                                                                                                                                                                                                                        0x00bb575e
                                                                                                                                                                                                                                                        0x00bb5764
                                                                                                                                                                                                                                                        0x00bb5767
                                                                                                                                                                                                                                                        0x00bb5769
                                                                                                                                                                                                                                                        0x00bb577e
                                                                                                                                                                                                                                                        0x00bb4cc6
                                                                                                                                                                                                                                                        0x00bb4cca
                                                                                                                                                                                                                                                        0x00bb4cce
                                                                                                                                                                                                                                                        0x00bb4eb4
                                                                                                                                                                                                                                                        0x00bb4eb4
                                                                                                                                                                                                                                                        0x00bb4eb7
                                                                                                                                                                                                                                                        0x00bb4eca
                                                                                                                                                                                                                                                        0x00bb4ece
                                                                                                                                                                                                                                                        0x00bb4ed3
                                                                                                                                                                                                                                                        0x00bb4ede
                                                                                                                                                                                                                                                        0x00bb51dc
                                                                                                                                                                                                                                                        0x00bb51e1
                                                                                                                                                                                                                                                        0x00bb51e4
                                                                                                                                                                                                                                                        0x00bb5238
                                                                                                                                                                                                                                                        0x00bb5238
                                                                                                                                                                                                                                                        0x00bb523f
                                                                                                                                                                                                                                                        0x00bb5182
                                                                                                                                                                                                                                                        0x00bb5188
                                                                                                                                                                                                                                                        0x00bb518f
                                                                                                                                                                                                                                                        0x00bb518f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5188
                                                                                                                                                                                                                                                        0x00bb4ee4
                                                                                                                                                                                                                                                        0x00bb4eea
                                                                                                                                                                                                                                                        0x00bb4eee
                                                                                                                                                                                                                                                        0x00bb4f06
                                                                                                                                                                                                                                                        0x00bb4f0a
                                                                                                                                                                                                                                                        0x00bb4f14
                                                                                                                                                                                                                                                        0x00bb51ee
                                                                                                                                                                                                                                                        0x00bb51f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb51f3
                                                                                                                                                                                                                                                        0x00bb4f21
                                                                                                                                                                                                                                                        0x00bb4f24
                                                                                                                                                                                                                                                        0x00bb4f29
                                                                                                                                                                                                                                                        0x00bb4f2c
                                                                                                                                                                                                                                                        0x00bb4f32
                                                                                                                                                                                                                                                        0x00bb4f36
                                                                                                                                                                                                                                                        0x00bb51ff
                                                                                                                                                                                                                                                        0x00bb5207
                                                                                                                                                                                                                                                        0x00bb5212
                                                                                                                                                                                                                                                        0x00bb521d
                                                                                                                                                                                                                                                        0x00bb5228
                                                                                                                                                                                                                                                        0x00bb522d
                                                                                                                                                                                                                                                        0x00bb5230
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5230
                                                                                                                                                                                                                                                        0x00bb4f40
                                                                                                                                                                                                                                                        0x00bb4f42
                                                                                                                                                                                                                                                        0x00bb4f46
                                                                                                                                                                                                                                                        0x00bb4f4b
                                                                                                                                                                                                                                                        0x00bb4f50
                                                                                                                                                                                                                                                        0x00bb5251
                                                                                                                                                                                                                                                        0x00bb5259
                                                                                                                                                                                                                                                        0x00bb5264
                                                                                                                                                                                                                                                        0x00bb526f
                                                                                                                                                                                                                                                        0x00bb527a
                                                                                                                                                                                                                                                        0x00bb527f
                                                                                                                                                                                                                                                        0x00bb5282
                                                                                                                                                                                                                                                        0x00bb5286
                                                                                                                                                                                                                                                        0x00bb528a
                                                                                                                                                                                                                                                        0x00bb5292
                                                                                                                                                                                                                                                        0x00bb5299
                                                                                                                                                                                                                                                        0x00bb5178
                                                                                                                                                                                                                                                        0x00bb5179
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb517f
                                                                                                                                                                                                                                                        0x00bb4f64
                                                                                                                                                                                                                                                        0x00bb4f6f
                                                                                                                                                                                                                                                        0x00bb4f7a
                                                                                                                                                                                                                                                        0x00bb4f85
                                                                                                                                                                                                                                                        0x00bb4f90
                                                                                                                                                                                                                                                        0x00bb4f97
                                                                                                                                                                                                                                                        0x00bb4fa2
                                                                                                                                                                                                                                                        0x00bb4faf
                                                                                                                                                                                                                                                        0x00bb4fb5
                                                                                                                                                                                                                                                        0x00bb4fbb
                                                                                                                                                                                                                                                        0x00bb4fbd
                                                                                                                                                                                                                                                        0x00bb4fc6
                                                                                                                                                                                                                                                        0x00bb4fca
                                                                                                                                                                                                                                                        0x00bb4fcc
                                                                                                                                                                                                                                                        0x00bb4fd0
                                                                                                                                                                                                                                                        0x00bb4fd9
                                                                                                                                                                                                                                                        0x00bb4fe2
                                                                                                                                                                                                                                                        0x00bb4fee
                                                                                                                                                                                                                                                        0x00bb4ff5
                                                                                                                                                                                                                                                        0x00bb4ffa
                                                                                                                                                                                                                                                        0x00bb5002
                                                                                                                                                                                                                                                        0x00bb52a8
                                                                                                                                                                                                                                                        0x00bb52ad
                                                                                                                                                                                                                                                        0x00bb5328
                                                                                                                                                                                                                                                        0x00bb5328
                                                                                                                                                                                                                                                        0x00bb532f
                                                                                                                                                                                                                                                        0x00bb5127
                                                                                                                                                                                                                                                        0x00bb5127
                                                                                                                                                                                                                                                        0x00bb512e
                                                                                                                                                                                                                                                        0x00bb5132
                                                                                                                                                                                                                                                        0x00bb513f
                                                                                                                                                                                                                                                        0x00bb5142
                                                                                                                                                                                                                                                        0x00bb5149
                                                                                                                                                                                                                                                        0x00bb514f
                                                                                                                                                                                                                                                        0x00bb514f
                                                                                                                                                                                                                                                        0x00bb5152
                                                                                                                                                                                                                                                        0x00bb5162
                                                                                                                                                                                                                                                        0x00bb5441
                                                                                                                                                                                                                                                        0x00bb5447
                                                                                                                                                                                                                                                        0x00bb5447
                                                                                                                                                                                                                                                        0x00bb5168
                                                                                                                                                                                                                                                        0x00bb516c
                                                                                                                                                                                                                                                        0x00bb5176
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5176
                                                                                                                                                                                                                                                        0x00bb5008
                                                                                                                                                                                                                                                        0x00bb500f
                                                                                                                                                                                                                                                        0x00bb52b2
                                                                                                                                                                                                                                                        0x00bb5015
                                                                                                                                                                                                                                                        0x00bb501d
                                                                                                                                                                                                                                                        0x00bb5022
                                                                                                                                                                                                                                                        0x00bb5028
                                                                                                                                                                                                                                                        0x00bb5030
                                                                                                                                                                                                                                                        0x00bb5037
                                                                                                                                                                                                                                                        0x00bb503c
                                                                                                                                                                                                                                                        0x00bb5043
                                                                                                                                                                                                                                                        0x00bb5043
                                                                                                                                                                                                                                                        0x00bb5022
                                                                                                                                                                                                                                                        0x00bb504d
                                                                                                                                                                                                                                                        0x00bb5051
                                                                                                                                                                                                                                                        0x00bb5055
                                                                                                                                                                                                                                                        0x00bb505c
                                                                                                                                                                                                                                                        0x00bb5062
                                                                                                                                                                                                                                                        0x00bb5066
                                                                                                                                                                                                                                                        0x00bb52d5
                                                                                                                                                                                                                                                        0x00bb52db
                                                                                                                                                                                                                                                        0x00bb52dd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb506c
                                                                                                                                                                                                                                                        0x00bb5084
                                                                                                                                                                                                                                                        0x00bb508a
                                                                                                                                                                                                                                                        0x00bb508c
                                                                                                                                                                                                                                                        0x00bb52e3
                                                                                                                                                                                                                                                        0x00bb52e3
                                                                                                                                                                                                                                                        0x00bb52ec
                                                                                                                                                                                                                                                        0x00bb52f4
                                                                                                                                                                                                                                                        0x00bb52ff
                                                                                                                                                                                                                                                        0x00bb5310
                                                                                                                                                                                                                                                        0x00bb5312
                                                                                                                                                                                                                                                        0x00bb5315
                                                                                                                                                                                                                                                        0x00bb5323
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5323
                                                                                                                                                                                                                                                        0x00bb5092
                                                                                                                                                                                                                                                        0x00bb5095
                                                                                                                                                                                                                                                        0x00bb5099
                                                                                                                                                                                                                                                        0x00bb50a1
                                                                                                                                                                                                                                                        0x00bb50a6
                                                                                                                                                                                                                                                        0x00bb50ab
                                                                                                                                                                                                                                                        0x00bb50b3
                                                                                                                                                                                                                                                        0x00bb533a
                                                                                                                                                                                                                                                        0x00bb5380
                                                                                                                                                                                                                                                        0x00bb5380
                                                                                                                                                                                                                                                        0x00bb5388
                                                                                                                                                                                                                                                        0x00bb538e
                                                                                                                                                                                                                                                        0x00bb5395
                                                                                                                                                                                                                                                        0x00bb5109
                                                                                                                                                                                                                                                        0x00bb510f
                                                                                                                                                                                                                                                        0x00bb5112
                                                                                                                                                                                                                                                        0x00bb5112
                                                                                                                                                                                                                                                        0x00bb511e
                                                                                                                                                                                                                                                        0x00bb5121
                                                                                                                                                                                                                                                        0x00bb5121
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb511e
                                                                                                                                                                                                                                                        0x00bb50ba
                                                                                                                                                                                                                                                        0x00bb50c3
                                                                                                                                                                                                                                                        0x00bb5340
                                                                                                                                                                                                                                                        0x00bb5349
                                                                                                                                                                                                                                                        0x00bb5351
                                                                                                                                                                                                                                                        0x00bb535c
                                                                                                                                                                                                                                                        0x00bb536d
                                                                                                                                                                                                                                                        0x00bb536f
                                                                                                                                                                                                                                                        0x00bb5372
                                                                                                                                                                                                                                                        0x00bb5379
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5379
                                                                                                                                                                                                                                                        0x00bb50ce
                                                                                                                                                                                                                                                        0x00bb53a0
                                                                                                                                                                                                                                                        0x00bb53a6
                                                                                                                                                                                                                                                        0x00bb53ae
                                                                                                                                                                                                                                                        0x00bb53b6
                                                                                                                                                                                                                                                        0x00bb53ba
                                                                                                                                                                                                                                                        0x00bb53c2
                                                                                                                                                                                                                                                        0x00bb53c4
                                                                                                                                                                                                                                                        0x00bb53c8
                                                                                                                                                                                                                                                        0x00bb53cc
                                                                                                                                                                                                                                                        0x00bb53d4
                                                                                                                                                                                                                                                        0x00bb53d4
                                                                                                                                                                                                                                                        0x00bb53d8
                                                                                                                                                                                                                                                        0x00bb53e0
                                                                                                                                                                                                                                                        0x00bb53e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb53e7
                                                                                                                                                                                                                                                        0x00bb53e7
                                                                                                                                                                                                                                                        0x00bb53ed
                                                                                                                                                                                                                                                        0x00bb53ed
                                                                                                                                                                                                                                                        0x00bb53f1
                                                                                                                                                                                                                                                        0x00bb53f5
                                                                                                                                                                                                                                                        0x00bb53f5
                                                                                                                                                                                                                                                        0x00bb53f9
                                                                                                                                                                                                                                                        0x00bb53f9
                                                                                                                                                                                                                                                        0x00bb53fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5401
                                                                                                                                                                                                                                                        0x00bb5409
                                                                                                                                                                                                                                                        0x00bb540f
                                                                                                                                                                                                                                                        0x00bb5412
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5414
                                                                                                                                                                                                                                                        0x00bb541a
                                                                                                                                                                                                                                                        0x00bb541f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5423
                                                                                                                                                                                                                                                        0x00bb5429
                                                                                                                                                                                                                                                        0x00bb542e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5430
                                                                                                                                                                                                                                                        0x00bb5432
                                                                                                                                                                                                                                                        0x00bb5432
                                                                                                                                                                                                                                                        0x00bb5435
                                                                                                                                                                                                                                                        0x00bb5105
                                                                                                                                                                                                                                                        0x00bb5105
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5105
                                                                                                                                                                                                                                                        0x00bb53e5
                                                                                                                                                                                                                                                        0x00bb50df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb50fc
                                                                                                                                                                                                                                                        0x00bb5103
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5103
                                                                                                                                                                                                                                                        0x00bb50df
                                                                                                                                                                                                                                                        0x00bb544f
                                                                                                                                                                                                                                                        0x00bb5459
                                                                                                                                                                                                                                                        0x00bb545c
                                                                                                                                                                                                                                                        0x00bb5464
                                                                                                                                                                                                                                                        0x00bb546c
                                                                                                                                                                                                                                                        0x00bb5491
                                                                                                                                                                                                                                                        0x00bb5497
                                                                                                                                                                                                                                                        0x00bb546e
                                                                                                                                                                                                                                                        0x00bb5475
                                                                                                                                                                                                                                                        0x00bb547a
                                                                                                                                                                                                                                                        0x00bb547d
                                                                                                                                                                                                                                                        0x00bb5484
                                                                                                                                                                                                                                                        0x00bb548a
                                                                                                                                                                                                                                                        0x00bb548a
                                                                                                                                                                                                                                                        0x00bb5499
                                                                                                                                                                                                                                                        0x00bb549c
                                                                                                                                                                                                                                                        0x00bb549e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb549e
                                                                                                                                                                                                                                                        0x00bb4eee
                                                                                                                                                                                                                                                        0x00bb4cd7
                                                                                                                                                                                                                                                        0x00bb4cda
                                                                                                                                                                                                                                                        0x00bb4ce4
                                                                                                                                                                                                                                                        0x00bb4cf4
                                                                                                                                                                                                                                                        0x00bb4cf9
                                                                                                                                                                                                                                                        0x00bb51cd
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4d02
                                                                                                                                                                                                                                                        0x00bb4d05
                                                                                                                                                                                                                                                        0x00bb4d08
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d0a
                                                                                                                                                                                                                                                        0x00bb4d0e
                                                                                                                                                                                                                                                        0x00bb4d14
                                                                                                                                                                                                                                                        0x00bb4d17
                                                                                                                                                                                                                                                        0x00bb4d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d1d
                                                                                                                                                                                                                                                        0x00bb4d21
                                                                                                                                                                                                                                                        0x00bb4d24
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d2a
                                                                                                                                                                                                                                                        0x00bb4d30
                                                                                                                                                                                                                                                        0x00bb4d33
                                                                                                                                                                                                                                                        0x00bb4d37
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d39
                                                                                                                                                                                                                                                        0x00bb4d3d
                                                                                                                                                                                                                                                        0x00bb4d40
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d46
                                                                                                                                                                                                                                                        0x00bb4d4c
                                                                                                                                                                                                                                                        0x00bb4d4f
                                                                                                                                                                                                                                                        0x00bb4d53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d55
                                                                                                                                                                                                                                                        0x00bb4d59
                                                                                                                                                                                                                                                        0x00bb4d5c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d62
                                                                                                                                                                                                                                                        0x00bb4d68
                                                                                                                                                                                                                                                        0x00bb4d6b
                                                                                                                                                                                                                                                        0x00bb4d6f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d75
                                                                                                                                                                                                                                                        0x00bb4d79
                                                                                                                                                                                                                                                        0x00bb4d7c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d86
                                                                                                                                                                                                                                                        0x00bb4d8c
                                                                                                                                                                                                                                                        0x00bb4d8f
                                                                                                                                                                                                                                                        0x00bb4d93
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d99
                                                                                                                                                                                                                                                        0x00bb4d9d
                                                                                                                                                                                                                                                        0x00bb4da0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4daa
                                                                                                                                                                                                                                                        0x00bb4db0
                                                                                                                                                                                                                                                        0x00bb4db3
                                                                                                                                                                                                                                                        0x00bb4db7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4dbd
                                                                                                                                                                                                                                                        0x00bb4dc1
                                                                                                                                                                                                                                                        0x00bb4dc4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4dce
                                                                                                                                                                                                                                                        0x00bb4dd4
                                                                                                                                                                                                                                                        0x00bb4dd7
                                                                                                                                                                                                                                                        0x00bb4ddb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4de1
                                                                                                                                                                                                                                                        0x00bb4de5
                                                                                                                                                                                                                                                        0x00bb4de8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4df2
                                                                                                                                                                                                                                                        0x00bb4df8
                                                                                                                                                                                                                                                        0x00bb4dfb
                                                                                                                                                                                                                                                        0x00bb4dff
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e05
                                                                                                                                                                                                                                                        0x00bb4e09
                                                                                                                                                                                                                                                        0x00bb4e0c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e16
                                                                                                                                                                                                                                                        0x00bb4e1c
                                                                                                                                                                                                                                                        0x00bb4e1f
                                                                                                                                                                                                                                                        0x00bb4e23
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e29
                                                                                                                                                                                                                                                        0x00bb4e2d
                                                                                                                                                                                                                                                        0x00bb4e30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e3a
                                                                                                                                                                                                                                                        0x00bb4e40
                                                                                                                                                                                                                                                        0x00bb4e43
                                                                                                                                                                                                                                                        0x00bb4e47
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e4d
                                                                                                                                                                                                                                                        0x00bb4e51
                                                                                                                                                                                                                                                        0x00bb4e54
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e5e
                                                                                                                                                                                                                                                        0x00bb4e64
                                                                                                                                                                                                                                                        0x00bb4e67
                                                                                                                                                                                                                                                        0x00bb4e6b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e71
                                                                                                                                                                                                                                                        0x00bb4e75
                                                                                                                                                                                                                                                        0x00bb4e78
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e82
                                                                                                                                                                                                                                                        0x00bb4e88
                                                                                                                                                                                                                                                        0x00bb4e8b
                                                                                                                                                                                                                                                        0x00bb4e8f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e95
                                                                                                                                                                                                                                                        0x00bb4e9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ea0
                                                                                                                                                                                                                                                        0x00bb4ea0
                                                                                                                                                                                                                                                        0x00bb4ea0
                                                                                                                                                                                                                                                        0x00bb4ea2
                                                                                                                                                                                                                                                        0x00bb4ea5
                                                                                                                                                                                                                                                        0x00bb4ea8
                                                                                                                                                                                                                                                        0x00bb4ea8
                                                                                                                                                                                                                                                        0x00bb4eac
                                                                                                                                                                                                                                                        0x00bb4eaf
                                                                                                                                                                                                                                                        0x00bb4eb2
                                                                                                                                                                                                                                                        0x00bb4eb2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4eb2
                                                                                                                                                                                                                                                        0x00bb4d08
                                                                                                                                                                                                                                                        0x00bb4ce6
                                                                                                                                                                                                                                                        0x00bb4ce6
                                                                                                                                                                                                                                                        0x00bb4ce8
                                                                                                                                                                                                                                                        0x00bb4ceb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cef
                                                                                                                                                                                                                                                        0x00bb576b
                                                                                                                                                                                                                                                        0x00bb576e
                                                                                                                                                                                                                                                        0x00bb5773
                                                                                                                                                                                                                                                        0x00bb4cc1
                                                                                                                                                                                                                                                        0x00bb4cc1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cc1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5779
                                                                                                                                                                                                                                                        0x00bb5750
                                                                                                                                                                                                                                                        0x00bb5753
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5753
                                                                                                                                                                                                                                                        0x00bb46b1
                                                                                                                                                                                                                                                        0x00bb4a9c
                                                                                                                                                                                                                                                        0x00bb4aa6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4aad
                                                                                                                                                                                                                                                        0x00bb519a
                                                                                                                                                                                                                                                        0x00bb4ab3
                                                                                                                                                                                                                                                        0x00bb4ab3
                                                                                                                                                                                                                                                        0x00bb4ab3
                                                                                                                                                                                                                                                        0x00bb4ab6
                                                                                                                                                                                                                                                        0x00bb4abc
                                                                                                                                                                                                                                                        0x00bb4ac2
                                                                                                                                                                                                                                                        0x00bb4ac4
                                                                                                                                                                                                                                                        0x00bb4acb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4acd
                                                                                                                                                                                                                                                        0x00bb4acd
                                                                                                                                                                                                                                                        0x00bb4ad4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ada
                                                                                                                                                                                                                                                        0x00bb4adc
                                                                                                                                                                                                                                                        0x00bb4ae3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ae5
                                                                                                                                                                                                                                                        0x00bb4ae5
                                                                                                                                                                                                                                                        0x00bb4aec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4af2
                                                                                                                                                                                                                                                        0x00bb4af4
                                                                                                                                                                                                                                                        0x00bb4afb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4afd
                                                                                                                                                                                                                                                        0x00bb4afd
                                                                                                                                                                                                                                                        0x00bb4b04
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b0a
                                                                                                                                                                                                                                                        0x00bb4b0c
                                                                                                                                                                                                                                                        0x00bb4b13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b19
                                                                                                                                                                                                                                                        0x00bb4b19
                                                                                                                                                                                                                                                        0x00bb4b20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b2a
                                                                                                                                                                                                                                                        0x00bb4b2c
                                                                                                                                                                                                                                                        0x00bb4b33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b39
                                                                                                                                                                                                                                                        0x00bb4b39
                                                                                                                                                                                                                                                        0x00bb4b40
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b4a
                                                                                                                                                                                                                                                        0x00bb4b4c
                                                                                                                                                                                                                                                        0x00bb4b53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b59
                                                                                                                                                                                                                                                        0x00bb4b59
                                                                                                                                                                                                                                                        0x00bb4b60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b6a
                                                                                                                                                                                                                                                        0x00bb4b6c
                                                                                                                                                                                                                                                        0x00bb4b73
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b79
                                                                                                                                                                                                                                                        0x00bb4b79
                                                                                                                                                                                                                                                        0x00bb4b80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b8a
                                                                                                                                                                                                                                                        0x00bb4b8c
                                                                                                                                                                                                                                                        0x00bb4b93
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b99
                                                                                                                                                                                                                                                        0x00bb4b99
                                                                                                                                                                                                                                                        0x00bb4ba0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4baa
                                                                                                                                                                                                                                                        0x00bb4bac
                                                                                                                                                                                                                                                        0x00bb4bb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bb9
                                                                                                                                                                                                                                                        0x00bb4bb9
                                                                                                                                                                                                                                                        0x00bb4bc0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bca
                                                                                                                                                                                                                                                        0x00bb4bcc
                                                                                                                                                                                                                                                        0x00bb4bd3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bd9
                                                                                                                                                                                                                                                        0x00bb4bd9
                                                                                                                                                                                                                                                        0x00bb4be0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bea
                                                                                                                                                                                                                                                        0x00bb4bec
                                                                                                                                                                                                                                                        0x00bb4bf3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bf9
                                                                                                                                                                                                                                                        0x00bb4bf9
                                                                                                                                                                                                                                                        0x00bb4c00
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c0a
                                                                                                                                                                                                                                                        0x00bb4c0c
                                                                                                                                                                                                                                                        0x00bb4c13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c19
                                                                                                                                                                                                                                                        0x00bb4c19
                                                                                                                                                                                                                                                        0x00bb4c20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c2a
                                                                                                                                                                                                                                                        0x00bb4c2c
                                                                                                                                                                                                                                                        0x00bb4c33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c39
                                                                                                                                                                                                                                                        0x00bb4c39
                                                                                                                                                                                                                                                        0x00bb4c40
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c4a
                                                                                                                                                                                                                                                        0x00bb4c4c
                                                                                                                                                                                                                                                        0x00bb4c53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c59
                                                                                                                                                                                                                                                        0x00bb4c59
                                                                                                                                                                                                                                                        0x00bb4c60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c6a
                                                                                                                                                                                                                                                        0x00bb4c6c
                                                                                                                                                                                                                                                        0x00bb4c73
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c79
                                                                                                                                                                                                                                                        0x00bb4c79
                                                                                                                                                                                                                                                        0x00bb4c80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c8a
                                                                                                                                                                                                                                                        0x00bb4c8c
                                                                                                                                                                                                                                                        0x00bb4c93
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ca4
                                                                                                                                                                                                                                                        0x00bb4ca4
                                                                                                                                                                                                                                                        0x00bb4ca9
                                                                                                                                                                                                                                                        0x00bb4cac
                                                                                                                                                                                                                                                        0x00bb4cbc
                                                                                                                                                                                                                                                        0x00bb4cbf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cbf
                                                                                                                                                                                                                                                        0x00bb4cae
                                                                                                                                                                                                                                                        0x00bb4cb1
                                                                                                                                                                                                                                                        0x00bb4cb6
                                                                                                                                                                                                                                                        0x00bb51bb
                                                                                                                                                                                                                                                        0x00bb51bb
                                                                                                                                                                                                                                                        0x00bb51bd
                                                                                                                                                                                                                                                        0x00bb51c0
                                                                                                                                                                                                                                                        0x00bb51c3
                                                                                                                                                                                                                                                        0x00bb51c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb51cb
                                                                                                                                                                                                                                                        0x00bb51bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cb6
                                                                                                                                                                                                                                                        0x00bb4c93
                                                                                                                                                                                                                                                        0x00bb4a8e
                                                                                                                                                                                                                                                        0x00bb4a8e
                                                                                                                                                                                                                                                        0x00bb4a91
                                                                                                                                                                                                                                                        0x00bb4a94
                                                                                                                                                                                                                                                        0x00bb4a94
                                                                                                                                                                                                                                                        0x00bb51a6
                                                                                                                                                                                                                                                        0x00bb51a9
                                                                                                                                                                                                                                                        0x00bb51ab
                                                                                                                                                                                                                                                        0x00bb51ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb51b3
                                                                                                                                                                                                                                                        0x00bb54b3
                                                                                                                                                                                                                                                        0x00bb54b9
                                                                                                                                                                                                                                                        0x00bb54bd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54c1
                                                                                                                                                                                                                                                        0x00bb54cf
                                                                                                                                                                                                                                                        0x00bb54d2
                                                                                                                                                                                                                                                        0x00bb54d7
                                                                                                                                                                                                                                                        0x00bb54da
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54e0
                                                                                                                                                                                                                                                        0x00bb54e2
                                                                                                                                                                                                                                                        0x00bb54e5
                                                                                                                                                                                                                                                        0x00bb54e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54eb
                                                                                                                                                                                                                                                        0x00bb54ef
                                                                                                                                                                                                                                                        0x00bb54f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54f8
                                                                                                                                                                                                                                                        0x00bb54fa
                                                                                                                                                                                                                                                        0x00bb54fd
                                                                                                                                                                                                                                                        0x00bb5501
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5503
                                                                                                                                                                                                                                                        0x00bb5507
                                                                                                                                                                                                                                                        0x00bb550a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5510
                                                                                                                                                                                                                                                        0x00bb5512
                                                                                                                                                                                                                                                        0x00bb5515
                                                                                                                                                                                                                                                        0x00bb5519
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb551b
                                                                                                                                                                                                                                                        0x00bb551f
                                                                                                                                                                                                                                                        0x00bb5522
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5528
                                                                                                                                                                                                                                                        0x00bb552a
                                                                                                                                                                                                                                                        0x00bb552d
                                                                                                                                                                                                                                                        0x00bb5531
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5537
                                                                                                                                                                                                                                                        0x00bb553b
                                                                                                                                                                                                                                                        0x00bb553e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5548
                                                                                                                                                                                                                                                        0x00bb554a
                                                                                                                                                                                                                                                        0x00bb554d
                                                                                                                                                                                                                                                        0x00bb5551
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5557
                                                                                                                                                                                                                                                        0x00bb555b
                                                                                                                                                                                                                                                        0x00bb555e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5568
                                                                                                                                                                                                                                                        0x00bb556a
                                                                                                                                                                                                                                                        0x00bb556d
                                                                                                                                                                                                                                                        0x00bb5571
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5577
                                                                                                                                                                                                                                                        0x00bb557b
                                                                                                                                                                                                                                                        0x00bb557e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5588
                                                                                                                                                                                                                                                        0x00bb558a
                                                                                                                                                                                                                                                        0x00bb558d
                                                                                                                                                                                                                                                        0x00bb5591
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5597
                                                                                                                                                                                                                                                        0x00bb559b
                                                                                                                                                                                                                                                        0x00bb559e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55a8
                                                                                                                                                                                                                                                        0x00bb55aa
                                                                                                                                                                                                                                                        0x00bb55ad
                                                                                                                                                                                                                                                        0x00bb55b1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55b7
                                                                                                                                                                                                                                                        0x00bb55bb
                                                                                                                                                                                                                                                        0x00bb55be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55c8
                                                                                                                                                                                                                                                        0x00bb55ca
                                                                                                                                                                                                                                                        0x00bb55cd
                                                                                                                                                                                                                                                        0x00bb55d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55d7
                                                                                                                                                                                                                                                        0x00bb55db
                                                                                                                                                                                                                                                        0x00bb55de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55e8
                                                                                                                                                                                                                                                        0x00bb55ea
                                                                                                                                                                                                                                                        0x00bb55ed
                                                                                                                                                                                                                                                        0x00bb55f1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55f7
                                                                                                                                                                                                                                                        0x00bb55fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54a6
                                                                                                                                                                                                                                                        0x00bb54a6
                                                                                                                                                                                                                                                        0x00bb54a8
                                                                                                                                                                                                                                                        0x00bb54ab
                                                                                                                                                                                                                                                        0x00bb54ab
                                                                                                                                                                                                                                                        0x00bb560b
                                                                                                                                                                                                                                                        0x00bb560e
                                                                                                                                                                                                                                                        0x00bb5610
                                                                                                                                                                                                                                                        0x00bb5612
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5618
                                                                                                                                                                                                                                                        0x00bb562a
                                                                                                                                                                                                                                                        0x00bb5630
                                                                                                                                                                                                                                                        0x00bb5634
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5638
                                                                                                                                                                                                                                                        0x00bb5646
                                                                                                                                                                                                                                                        0x00bb5649
                                                                                                                                                                                                                                                        0x00bb564e
                                                                                                                                                                                                                                                        0x00bb5651
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5657
                                                                                                                                                                                                                                                        0x00bb5659
                                                                                                                                                                                                                                                        0x00bb565c
                                                                                                                                                                                                                                                        0x00bb5660
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5662
                                                                                                                                                                                                                                                        0x00bb5666
                                                                                                                                                                                                                                                        0x00bb5669
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb566f
                                                                                                                                                                                                                                                        0x00bb5671
                                                                                                                                                                                                                                                        0x00bb5674
                                                                                                                                                                                                                                                        0x00bb5678
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb567a
                                                                                                                                                                                                                                                        0x00bb567e
                                                                                                                                                                                                                                                        0x00bb5681
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5687
                                                                                                                                                                                                                                                        0x00bb5689
                                                                                                                                                                                                                                                        0x00bb568c
                                                                                                                                                                                                                                                        0x00bb5690
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5692
                                                                                                                                                                                                                                                        0x00bb5696
                                                                                                                                                                                                                                                        0x00bb5699
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb569f
                                                                                                                                                                                                                                                        0x00bb56a1
                                                                                                                                                                                                                                                        0x00bb56a4
                                                                                                                                                                                                                                                        0x00bb56a8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ae
                                                                                                                                                                                                                                                        0x00bb56b2
                                                                                                                                                                                                                                                        0x00bb56b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56bf
                                                                                                                                                                                                                                                        0x00bb56c1
                                                                                                                                                                                                                                                        0x00bb56c4
                                                                                                                                                                                                                                                        0x00bb56c8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ce
                                                                                                                                                                                                                                                        0x00bb56d2
                                                                                                                                                                                                                                                        0x00bb56d5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56df
                                                                                                                                                                                                                                                        0x00bb56e1
                                                                                                                                                                                                                                                        0x00bb56e4
                                                                                                                                                                                                                                                        0x00bb56e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ee
                                                                                                                                                                                                                                                        0x00bb56f2
                                                                                                                                                                                                                                                        0x00bb56f5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ff
                                                                                                                                                                                                                                                        0x00bb5701
                                                                                                                                                                                                                                                        0x00bb5704
                                                                                                                                                                                                                                                        0x00bb5708
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb570e
                                                                                                                                                                                                                                                        0x00bb5712
                                                                                                                                                                                                                                                        0x00bb5715
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb571f
                                                                                                                                                                                                                                                        0x00bb5721
                                                                                                                                                                                                                                                        0x00bb5724
                                                                                                                                                                                                                                                        0x00bb5728
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb572e
                                                                                                                                                                                                                                                        0x00bb5733
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb561d
                                                                                                                                                                                                                                                        0x00bb561d
                                                                                                                                                                                                                                                        0x00bb561f
                                                                                                                                                                                                                                                        0x00bb5622
                                                                                                                                                                                                                                                        0x00bb5622
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb562a
                                                                                                                                                                                                                                                        0x00bb45d3
                                                                                                                                                                                                                                                        0x00bb45dd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb45f2
                                                                                                                                                                                                                                                        0x00bb45f7
                                                                                                                                                                                                                                                        0x00bb45fa
                                                                                                                                                                                                                                                        0x00bb4600
                                                                                                                                                                                                                                                        0x00bb460b
                                                                                                                                                                                                                                                        0x00bb4616
                                                                                                                                                                                                                                                        0x00bb4629
                                                                                                                                                                                                                                                        0x00bb4631
                                                                                                                                                                                                                                                        0x00bb4639
                                                                                                                                                                                                                                                        0x00bb4641
                                                                                                                                                                                                                                                        0x00bb4649
                                                                                                                                                                                                                                                        0x00bb464b
                                                                                                                                                                                                                                                        0x00bb4658
                                                                                                                                                                                                                                                        0x00bb4781
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4781
                                                                                                                                                                                                                                                        0x00bb4663
                                                                                                                                                                                                                                                        0x00bb4663
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4663
                                                                                                                                                                                                                                                        0x00bb457e
                                                                                                                                                                                                                                                        0x00bb485d
                                                                                                                                                                                                                                                        0x00bb4867
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4879
                                                                                                                                                                                                                                                        0x00bb487c
                                                                                                                                                                                                                                                        0x00bb4884
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb488a
                                                                                                                                                                                                                                                        0x00bb4890
                                                                                                                                                                                                                                                        0x00bb4897
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4899
                                                                                                                                                                                                                                                        0x00bb48a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48a6
                                                                                                                                                                                                                                                        0x00bb48ac
                                                                                                                                                                                                                                                        0x00bb48b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48b5
                                                                                                                                                                                                                                                        0x00bb48bc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48c2
                                                                                                                                                                                                                                                        0x00bb48c8
                                                                                                                                                                                                                                                        0x00bb48cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48d5
                                                                                                                                                                                                                                                        0x00bb48dc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48e6
                                                                                                                                                                                                                                                        0x00bb48ec
                                                                                                                                                                                                                                                        0x00bb48f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48f9
                                                                                                                                                                                                                                                        0x00bb4900
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb490a
                                                                                                                                                                                                                                                        0x00bb4910
                                                                                                                                                                                                                                                        0x00bb4917
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb491d
                                                                                                                                                                                                                                                        0x00bb4924
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb492e
                                                                                                                                                                                                                                                        0x00bb4934
                                                                                                                                                                                                                                                        0x00bb493b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4941
                                                                                                                                                                                                                                                        0x00bb4948
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4952
                                                                                                                                                                                                                                                        0x00bb4958
                                                                                                                                                                                                                                                        0x00bb495f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4965
                                                                                                                                                                                                                                                        0x00bb496c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4976
                                                                                                                                                                                                                                                        0x00bb497c
                                                                                                                                                                                                                                                        0x00bb4983
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4989
                                                                                                                                                                                                                                                        0x00bb4990
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb499a
                                                                                                                                                                                                                                                        0x00bb49a0
                                                                                                                                                                                                                                                        0x00bb49a7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49ad
                                                                                                                                                                                                                                                        0x00bb49b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49be
                                                                                                                                                                                                                                                        0x00bb49c4
                                                                                                                                                                                                                                                        0x00bb49cb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49d1
                                                                                                                                                                                                                                                        0x00bb49d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49e2
                                                                                                                                                                                                                                                        0x00bb49e8
                                                                                                                                                                                                                                                        0x00bb49ef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49f5
                                                                                                                                                                                                                                                        0x00bb49fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a06
                                                                                                                                                                                                                                                        0x00bb4a0c
                                                                                                                                                                                                                                                        0x00bb4a13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a19
                                                                                                                                                                                                                                                        0x00bb4a20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a2a
                                                                                                                                                                                                                                                        0x00bb4a30
                                                                                                                                                                                                                                                        0x00bb4a37
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a3d
                                                                                                                                                                                                                                                        0x00bb4a44
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a4e
                                                                                                                                                                                                                                                        0x00bb4a54
                                                                                                                                                                                                                                                        0x00bb4a5b
                                                                                                                                                                                                                                                        0x00bb4a6c
                                                                                                                                                                                                                                                        0x00bb4a6c
                                                                                                                                                                                                                                                        0x00bb4a6e
                                                                                                                                                                                                                                                        0x00bb4a71
                                                                                                                                                                                                                                                        0x00bb4a74
                                                                                                                                                                                                                                                        0x00bb4a74
                                                                                                                                                                                                                                                        0x00bb4a7b
                                                                                                                                                                                                                                                        0x00bb4a7d
                                                                                                                                                                                                                                                        0x00bb458d
                                                                                                                                                                                                                                                        0x00bb458d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb458d
                                                                                                                                                                                                                                                        0x00bb4850
                                                                                                                                                                                                                                                        0x00bb4850
                                                                                                                                                                                                                                                        0x00bb4852
                                                                                                                                                                                                                                                        0x00bb4855
                                                                                                                                                                                                                                                        0x00bb4855
                                                                                                                                                                                                                                                        0x00bb4a87
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a87
                                                                                                                                                                                                                                                        0x00bb4410
                                                                                                                                                                                                                                                        0x00bb4410
                                                                                                                                                                                                                                                        0x00bb4412
                                                                                                                                                                                                                                                        0x00bb4415
                                                                                                                                                                                                                                                        0x00bb4415
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb441d
                                                                                                                                                                                                                                                        0x00bb421b
                                                                                                                                                                                                                                                        0x00bb41f6
                                                                                                                                                                                                                                                        0x00bb4294
                                                                                                                                                                                                                                                        0x00bb4294
                                                                                                                                                                                                                                                        0x00bb41d2
                                                                                                                                                                                                                                                        0x00bb41d2
                                                                                                                                                                                                                                                        0x00bb41da
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb41da
                                                                                                                                                                                                                                                        0x00bb4101
                                                                                                                                                                                                                                                        0x00bb4105
                                                                                                                                                                                                                                                        0x00bb4112
                                                                                                                                                                                                                                                        0x00bb429b
                                                                                                                                                                                                                                                        0x00bb42a2
                                                                                                                                                                                                                                                        0x00bb42a9
                                                                                                                                                                                                                                                        0x00bb4311
                                                                                                                                                                                                                                                        0x00bb4311
                                                                                                                                                                                                                                                        0x00bb4317
                                                                                                                                                                                                                                                        0x00bb4317
                                                                                                                                                                                                                                                        0x00bb431c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb431c
                                                                                                                                                                                                                                                        0x00bb4118
                                                                                                                                                                                                                                                        0x00bb412d
                                                                                                                                                                                                                                                        0x00bb4132
                                                                                                                                                                                                                                                        0x00bb413d
                                                                                                                                                                                                                                                        0x00bb42b2
                                                                                                                                                                                                                                                        0x00bb42b9
                                                                                                                                                                                                                                                        0x00bb42bf
                                                                                                                                                                                                                                                        0x00bb436a
                                                                                                                                                                                                                                                        0x00bb4377
                                                                                                                                                                                                                                                        0x00bb437e
                                                                                                                                                                                                                                                        0x00bb4382
                                                                                                                                                                                                                                                        0x00bb4389
                                                                                                                                                                                                                                                        0x00bb438e
                                                                                                                                                                                                                                                        0x00bb4396
                                                                                                                                                                                                                                                        0x00bb43cb
                                                                                                                                                                                                                                                        0x00bb43d7
                                                                                                                                                                                                                                                        0x00bb43d9
                                                                                                                                                                                                                                                        0x00bb43de
                                                                                                                                                                                                                                                        0x00bb43e6
                                                                                                                                                                                                                                                        0x00bb4398
                                                                                                                                                                                                                                                        0x00bb439f
                                                                                                                                                                                                                                                        0x00bb43a6
                                                                                                                                                                                                                                                        0x00bb43ad
                                                                                                                                                                                                                                                        0x00bb43b8
                                                                                                                                                                                                                                                        0x00bb43be
                                                                                                                                                                                                                                                        0x00bb43be
                                                                                                                                                                                                                                                        0x00bb43f3
                                                                                                                                                                                                                                                        0x00bb43f6
                                                                                                                                                                                                                                                        0x00bb4400
                                                                                                                                                                                                                                                        0x00bb4400
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb43f6
                                                                                                                                                                                                                                                        0x00bb42c5
                                                                                                                                                                                                                                                        0x00bb42d3
                                                                                                                                                                                                                                                        0x00bb42d5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb42d5
                                                                                                                                                                                                                                                        0x00bb414a
                                                                                                                                                                                                                                                        0x00bb4157
                                                                                                                                                                                                                                                        0x00bb42e5
                                                                                                                                                                                                                                                        0x00bb42ec
                                                                                                                                                                                                                                                        0x00bb42f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb42f3
                                                                                                                                                                                                                                                        0x00bb415d
                                                                                                                                                                                                                                                        0x00bb4172
                                                                                                                                                                                                                                                        0x00bb4177
                                                                                                                                                                                                                                                        0x00bb417a
                                                                                                                                                                                                                                                        0x00bb4183
                                                                                                                                                                                                                                                        0x00bb42fc
                                                                                                                                                                                                                                                        0x00bb4303
                                                                                                                                                                                                                                                        0x00bb430a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb430a
                                                                                                                                                                                                                                                        0x00bb4189
                                                                                                                                                                                                                                                        0x00bb4190
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4196
                                                                                                                                                                                                                                                        0x00bb4196
                                                                                                                                                                                                                                                        0x00bb419f
                                                                                                                                                                                                                                                        0x00bb41a8
                                                                                                                                                                                                                                                        0x00bb41b1
                                                                                                                                                                                                                                                        0x00bb41ba
                                                                                                                                                                                                                                                        0x00bb41be
                                                                                                                                                                                                                                                        0x00bb41c2
                                                                                                                                                                                                                                                        0x00bb41c6
                                                                                                                                                                                                                                                        0x00bb41cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb41cf
                                                                                                                                                                                                                                                        0x00bb4190
                                                                                                                                                                                                                                                        0x00bb4239
                                                                                                                                                                                                                                                        0x00bb423b
                                                                                                                                                                                                                                                        0x00bb4241
                                                                                                                                                                                                                                                        0x00bb4249
                                                                                                                                                                                                                                                        0x00bb4249
                                                                                                                                                                                                                                                        0x00bb424e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb424e
                                                                                                                                                                                                                                                        0x00bb40cf
                                                                                                                                                                                                                                                        0x00bb40d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3eee
                                                                                                                                                                                                                                                        0x00bb3ef7
                                                                                                                                                                                                                                                        0x00bb3efa
                                                                                                                                                                                                                                                        0x00bb3efa
                                                                                                                                                                                                                                                        0x00bb3f01
                                                                                                                                                                                                                                                        0x00bb4070
                                                                                                                                                                                                                                                        0x00bb4074
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4074
                                                                                                                                                                                                                                                        0x00bb3f07
                                                                                                                                                                                                                                                        0x00bb3f14
                                                                                                                                                                                                                                                        0x00bb3f17
                                                                                                                                                                                                                                                        0x00bb3f1a
                                                                                                                                                                                                                                                        0x00bb3f22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f2c
                                                                                                                                                                                                                                                        0x00bb3f2e
                                                                                                                                                                                                                                                        0x00bb3f35
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f3b
                                                                                                                                                                                                                                                        0x00bb3f42
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f4c
                                                                                                                                                                                                                                                        0x00bb3f4e
                                                                                                                                                                                                                                                        0x00bb3f55
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f5b
                                                                                                                                                                                                                                                        0x00bb3f62
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f6c
                                                                                                                                                                                                                                                        0x00bb3f6e
                                                                                                                                                                                                                                                        0x00bb3f75
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f7b
                                                                                                                                                                                                                                                        0x00bb3f82
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f8c
                                                                                                                                                                                                                                                        0x00bb3f8e
                                                                                                                                                                                                                                                        0x00bb3f95
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f9b
                                                                                                                                                                                                                                                        0x00bb3fa2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fac
                                                                                                                                                                                                                                                        0x00bb3fae
                                                                                                                                                                                                                                                        0x00bb3fb5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fbb
                                                                                                                                                                                                                                                        0x00bb3fc2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fcc
                                                                                                                                                                                                                                                        0x00bb3fce
                                                                                                                                                                                                                                                        0x00bb3fd5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fdb
                                                                                                                                                                                                                                                        0x00bb3fe2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fec
                                                                                                                                                                                                                                                        0x00bb3fee
                                                                                                                                                                                                                                                        0x00bb3ff5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ffb
                                                                                                                                                                                                                                                        0x00bb4002
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4008
                                                                                                                                                                                                                                                        0x00bb400a
                                                                                                                                                                                                                                                        0x00bb4011
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4013
                                                                                                                                                                                                                                                        0x00bb401a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4020
                                                                                                                                                                                                                                                        0x00bb4022
                                                                                                                                                                                                                                                        0x00bb4029
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb402b
                                                                                                                                                                                                                                                        0x00bb4032
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4038
                                                                                                                                                                                                                                                        0x00bb403a
                                                                                                                                                                                                                                                        0x00bb4041
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4043
                                                                                                                                                                                                                                                        0x00bb404a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4050
                                                                                                                                                                                                                                                        0x00bb4052
                                                                                                                                                                                                                                                        0x00bb4059
                                                                                                                                                                                                                                                        0x00bb46e5
                                                                                                                                                                                                                                                        0x00bb46e9
                                                                                                                                                                                                                                                        0x00bb46f0
                                                                                                                                                                                                                                                        0x00bb46f5
                                                                                                                                                                                                                                                        0x00bb46fd
                                                                                                                                                                                                                                                        0x00bb476e
                                                                                                                                                                                                                                                        0x00bb4775
                                                                                                                                                                                                                                                        0x00bb4775
                                                                                                                                                                                                                                                        0x00bb46ff
                                                                                                                                                                                                                                                        0x00bb4702
                                                                                                                                                                                                                                                        0x00bb4709
                                                                                                                                                                                                                                                        0x00bb470f
                                                                                                                                                                                                                                                        0x00bb4713
                                                                                                                                                                                                                                                        0x00bb4721
                                                                                                                                                                                                                                                        0x00bb472f
                                                                                                                                                                                                                                                        0x00bb472f
                                                                                                                                                                                                                                                        0x00bb407a
                                                                                                                                                                                                                                                        0x00bb407a
                                                                                                                                                                                                                                                        0x00bb407c
                                                                                                                                                                                                                                                        0x00bb407f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3efa
                                                                                                                                                                                                                                                        0x00bb3e2b
                                                                                                                                                                                                                                                        0x00bb3e2e
                                                                                                                                                                                                                                                        0x00bb3e32
                                                                                                                                                                                                                                                        0x00bb3e51
                                                                                                                                                                                                                                                        0x00bb3e5b
                                                                                                                                                                                                                                                        0x00bb3e67
                                                                                                                                                                                                                                                        0x00bb3e6a
                                                                                                                                                                                                                                                        0x00bb3e6d
                                                                                                                                                                                                                                                        0x00bb3e70
                                                                                                                                                                                                                                                        0x00bb3e75
                                                                                                                                                                                                                                                        0x00bb3e79
                                                                                                                                                                                                                                                        0x00bb3e81
                                                                                                                                                                                                                                                        0x00bb3e84
                                                                                                                                                                                                                                                        0x00bb3e8d
                                                                                                                                                                                                                                                        0x00bb3e93
                                                                                                                                                                                                                                                        0x00bb3e96
                                                                                                                                                                                                                                                        0x00bb3e9d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ea3
                                                                                                                                                                                                                                                        0x00bb3eaa
                                                                                                                                                                                                                                                        0x00bb3ead
                                                                                                                                                                                                                                                        0x00bb3eb5
                                                                                                                                                                                                                                                        0x00bb3eb8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ebd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ebf
                                                                                                                                                                                                                                                        0x00bb3ebf
                                                                                                                                                                                                                                                        0x00bb3ec1
                                                                                                                                                                                                                                                        0x00bb3ec4
                                                                                                                                                                                                                                                        0x00bb3ec9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ecb
                                                                                                                                                                                                                                                        0x00bb3ecb
                                                                                                                                                                                                                                                        0x00bb3ece
                                                                                                                                                                                                                                                        0x00bb3ece
                                                                                                                                                                                                                                                        0x00bb3ed0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ed0
                                                                                                                                                                                                                                                        0x00bb3ec9
                                                                                                                                                                                                                                                        0x00bb3e84
                                                                                                                                                                                                                                                        0x00bb3e40
                                                                                                                                                                                                                                                        0x00bb3e40
                                                                                                                                                                                                                                                        0x00bb3e43
                                                                                                                                                                                                                                                        0x00bb3e46
                                                                                                                                                                                                                                                        0x00bb3e49
                                                                                                                                                                                                                                                        0x00bb3e49
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3e51

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00BB3E10,?), ref: 00BB57FA
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,00BB3E10,?), ref: 00BB5812
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,00BB3E10,?), ref: 00BB582A
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB3E10,?), ref: 00BB5842
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB3E10,?), ref: 00BB5862
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB58C3
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3E8D
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F2C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F4C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F6C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F8C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3FAC
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3FCC
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3FEC
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4008
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4020
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4038
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4050
                                                                                                                                                                                                                                                        • NtQueryInformationProcess.NTDLL(000000FF,00000000,?,00000018,?), ref: 00BB40C0
                                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00001000,00000000,/builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h), ref: 00BB40E6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: towlower$Process$InformationOpenQuery
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h$/builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h$98$MOZ_AUTOMATION$MOZ_DEBUG_BROWSER_PAUSE$MOZ_DEBUG_BROWSER_PROCESS$MOZ_HEADLESS$MOZ_LAUNCHER_PROCESS$MOZ_LAUNCHER_PROCESS=$W$X
                                                                                                                                                                                                                                                        • API String ID: 4148972019-2594327545
                                                                                                                                                                                                                                                        • Opcode ID: e61da9105b198c05c3a5db3d153a3245ab944617a94e13dafd3aea57369a56f1
                                                                                                                                                                                                                                                        • Instruction ID: 2ffc4ef9453a89591855cad08eb129d7449c270f5aa4d909c40e75e90ff0cdfd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e61da9105b198c05c3a5db3d153a3245ab944617a94e13dafd3aea57369a56f1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E4D2EFB49043519BDB309F24D8447F777E4FF40701F8484A9EC898B292EBB4DD96DAA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE0D0(char** __ecx, WCHAR* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _v52;
                                                                                                                                                                                                                                                        				long _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				long _v64;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				signed short _t49;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t64;
                                                                                                                                                                                                                                                        				char** _t65;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __edx;
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t65 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t41 ^ _t66;
                                                                                                                                                                                                                                                        				__ecx[1] = 0;
                                                                                                                                                                                                                                                        				 *__ecx = 0;
                                                                                                                                                                                                                                                        				__ecx[3] = 0;
                                                                                                                                                                                                                                                        				__ecx[2] = 0;
                                                                                                                                                                                                                                                        				__ecx[5] = 0;
                                                                                                                                                                                                                                                        				__ecx[4] = 0;
                                                                                                                                                                                                                                                        				__ecx[6] = 0;
                                                                                                                                                                                                                                                        				if(__edx == 0) {
                                                                                                                                                                                                                                                        					__ecx[6] = 1;
                                                                                                                                                                                                                                                        					 *__ecx = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        					__ecx[1] = 0x16a;
                                                                                                                                                                                                                                                        					__ecx[2] = 0x80070057;
                                                                                                                                                                                                                                                        					L9:
                                                                                                                                                                                                                                                        					E00BEECB0(_v16 ^ _t66, _t62);
                                                                                                                                                                                                                                                        					return _t65;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t45 = _a4;
                                                                                                                                                                                                                                                        				_v20 = 0;
                                                                                                                                                                                                                                                        				if(_t45 != 0) {
                                                                                                                                                                                                                                                        					if(_t45 != 1) {
                                                                                                                                                                                                                                                        						__ecx[6] = 1;
                                                                                                                                                                                                                                                        						 *__ecx = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        						__ecx[1] = 0x172;
                                                                                                                                                                                                                                                        						__ecx[2] = 0x80070057;
                                                                                                                                                                                                                                                        						_t63 = 0;
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						_t26 = _t63 + 1; // 0x100000000
                                                                                                                                                                                                                                                        						if(_t26 >= 2) {
                                                                                                                                                                                                                                                        							FindCloseChangeNotification(_t63); // executed
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t48 = CreateFileW(__edx, 0, 7, 0, 3, 0x2000000, 0); // executed
                                                                                                                                                                                                                                                        					_t63 = _t48;
                                                                                                                                                                                                                                                        					_v20 = _t48;
                                                                                                                                                                                                                                                        					if(_t48 == 0xffffffff) {
                                                                                                                                                                                                                                                        						_t49 = GetLastError();
                                                                                                                                                                                                                                                        						_t65[6] = 1;
                                                                                                                                                                                                                                                        						 *_t65 = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        						_t65[1] = 0x192;
                                                                                                                                                                                                                                                        						_t63 = 0xffffffff;
                                                                                                                                                                                                                                                        						_t59 =  <=  ? _t49 : _t49 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t65[2] =  <=  ? _t49 : _t49 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t62 =  &_v20;
                                                                                                                                                                                                                                                        					E00BBE290(_t65,  &_v20);
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t64 =  &_v28;
                                                                                                                                                                                                                                                        				RtlInitUnicodeString(_t64, __edx);
                                                                                                                                                                                                                                                        				_v60 = 0x18;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0x40;
                                                                                                                                                                                                                                                        				_v52 = _t64;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v40 = 0;
                                                                                                                                                                                                                                                        				_v64 = 0;
                                                                                                                                                                                                                                                        				_v68 = 0;
                                                                                                                                                                                                                                                        				_t62 =  &_v72;
                                                                                                                                                                                                                                                        				_t52 = NtOpenFile( &_v72, 0x100080,  &_v60,  &_v68, 7, 0x4020); // executed
                                                                                                                                                                                                                                                        				if(_t52 < 0) {
                                                                                                                                                                                                                                                        					_t65[6] = 1;
                                                                                                                                                                                                                                                        					 *_t65 = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        					_t65[1] = 0x185;
                                                                                                                                                                                                                                                        					_t63 = 0;
                                                                                                                                                                                                                                                        					_t65[2] = _t52 | 0x10000000;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t63 = _v92;
                                                                                                                                                                                                                                                        				_v48 = _t63;
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bbe0d0
                                                                                                                                                                                                                                                        0x00bbe0db
                                                                                                                                                                                                                                                        0x00bbe0e0
                                                                                                                                                                                                                                                        0x00bbe0e6
                                                                                                                                                                                                                                                        0x00bbe0ea
                                                                                                                                                                                                                                                        0x00bbe0f1
                                                                                                                                                                                                                                                        0x00bbe0f7
                                                                                                                                                                                                                                                        0x00bbe0fe
                                                                                                                                                                                                                                                        0x00bbe105
                                                                                                                                                                                                                                                        0x00bbe10c
                                                                                                                                                                                                                                                        0x00bbe113
                                                                                                                                                                                                                                                        0x00bbe117
                                                                                                                                                                                                                                                        0x00bbe201
                                                                                                                                                                                                                                                        0x00bbe205
                                                                                                                                                                                                                                                        0x00bbe20b
                                                                                                                                                                                                                                                        0x00bbe212
                                                                                                                                                                                                                                                        0x00bbe1ed
                                                                                                                                                                                                                                                        0x00bbe1f3
                                                                                                                                                                                                                                                        0x00bbe200
                                                                                                                                                                                                                                                        0x00bbe200
                                                                                                                                                                                                                                                        0x00bbe11d
                                                                                                                                                                                                                                                        0x00bbe120
                                                                                                                                                                                                                                                        0x00bbe12a
                                                                                                                                                                                                                                                        0x00bbe1a8
                                                                                                                                                                                                                                                        0x00bbe238
                                                                                                                                                                                                                                                        0x00bbe23c
                                                                                                                                                                                                                                                        0x00bbe242
                                                                                                                                                                                                                                                        0x00bbe249
                                                                                                                                                                                                                                                        0x00bbe250
                                                                                                                                                                                                                                                        0x00bbe1de
                                                                                                                                                                                                                                                        0x00bbe1de
                                                                                                                                                                                                                                                        0x00bbe1e4
                                                                                                                                                                                                                                                        0x00bbe1e7
                                                                                                                                                                                                                                                        0x00bbe1e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe1e4
                                                                                                                                                                                                                                                        0x00bbe1be
                                                                                                                                                                                                                                                        0x00bbe1c4
                                                                                                                                                                                                                                                        0x00bbe1c9
                                                                                                                                                                                                                                                        0x00bbe1cd
                                                                                                                                                                                                                                                        0x00bbe254
                                                                                                                                                                                                                                                        0x00bbe25d
                                                                                                                                                                                                                                                        0x00bbe261
                                                                                                                                                                                                                                                        0x00bbe267
                                                                                                                                                                                                                                                        0x00bbe26e
                                                                                                                                                                                                                                                        0x00bbe27b
                                                                                                                                                                                                                                                        0x00bbe27e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe27e
                                                                                                                                                                                                                                                        0x00bbe1d3
                                                                                                                                                                                                                                                        0x00bbe1d3
                                                                                                                                                                                                                                                        0x00bbe1d9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe1d9
                                                                                                                                                                                                                                                        0x00bbe12c
                                                                                                                                                                                                                                                        0x00bbe132
                                                                                                                                                                                                                                                        0x00bbe13b
                                                                                                                                                                                                                                                        0x00bbe143
                                                                                                                                                                                                                                                        0x00bbe14b
                                                                                                                                                                                                                                                        0x00bbe153
                                                                                                                                                                                                                                                        0x00bbe157
                                                                                                                                                                                                                                                        0x00bbe15f
                                                                                                                                                                                                                                                        0x00bbe167
                                                                                                                                                                                                                                                        0x00bbe16f
                                                                                                                                                                                                                                                        0x00bbe17b
                                                                                                                                                                                                                                                        0x00bbe18e
                                                                                                                                                                                                                                                        0x00bbe195
                                                                                                                                                                                                                                                        0x00bbe220
                                                                                                                                                                                                                                                        0x00bbe224
                                                                                                                                                                                                                                                        0x00bbe22a
                                                                                                                                                                                                                                                        0x00bbe231
                                                                                                                                                                                                                                                        0x00bbe233
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe233
                                                                                                                                                                                                                                                        0x00bbe19b
                                                                                                                                                                                                                                                        0x00bbe19f
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,00000000), ref: 00BBE132
                                                                                                                                                                                                                                                        • NtOpenFile.NTDLL ref: 00BBE18E
                                                                                                                                                                                                                                                        • CreateFileW.KERNELBASE(00000000,00000000,00000007,00000000,00000003,02000000,00000000), ref: 00BBE1BE
                                                                                                                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00BBE1E7
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BBE254
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: File$ChangeCloseCreateErrorFindInitLastNotificationOpenStringUnicode
                                                                                                                                                                                                                                                        • String ID: @
                                                                                                                                                                                                                                                        • API String ID: 2582399490-2766056989
                                                                                                                                                                                                                                                        • Opcode ID: fad8b40823792d5b4e9c3db38756cf580cb42e1db3b67c635b7cbc773f2299a1
                                                                                                                                                                                                                                                        • Instruction ID: b7e21a979b585329cbc345ae4c8e9417dcda605585f076a503c1c0e010401485
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fad8b40823792d5b4e9c3db38756cf580cb42e1db3b67c635b7cbc773f2299a1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3F416D71108341ABE320CF25C8447AABBE4FF84714F20895DE9E95B2D1D7F9E549CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BB94E3
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE552
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: LeaveCriticalSection.KERNEL32(00BFA18C,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE58F
                                                                                                                                                                                                                                                        • GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00BB9450,?,?,00000000,00BB7819), ref: 00BB94F8
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BB950B
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE599: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,00BCAD2A,00BFB4A8), ref: 00BEE5A3
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE599: LeaveCriticalSection.KERNEL32(00BFA18C,?,00BCAD2A,00BFB4A8), ref: 00BEE5D6
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave$InfoInit_thread_footerInit_thread_headerSystem
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 658409965-0
                                                                                                                                                                                                                                                        • Opcode ID: 418f1919299335b14d0f610f7d0c5659d64e75080b946b0485fc089e68c26a68
                                                                                                                                                                                                                                                        • Instruction ID: 874f25220cf1d7a05e363c7709a81016186afbf6bd47d2d32e9771fa44027ea2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 418f1919299335b14d0f610f7d0c5659d64e75080b946b0485fc089e68c26a68
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 57F031B0A402049BC719EB69EC96DB9B7F4EB48320F5004A5E91997391EE71BD44CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SetUnhandledExceptionFilter.KERNELBASE(Function_0003EC60), ref: 00BEEB3D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ExceptionFilterUnhandled
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3192549508-0
                                                                                                                                                                                                                                                        • Opcode ID: 0b7ecede9a88462c2ffe7c097199146a090cfa77bab3d072960d51fd5bf476f8
                                                                                                                                                                                                                                                        • Instruction ID: bbc48b6f2cf491ae8f56209070702dad31f12e24daa6e6025518eafe03e06c48
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0b7ecede9a88462c2ffe7c097199146a090cfa77bab3d072960d51fd5bf476f8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BB1000(signed int _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				short* _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				long _t48;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        				wchar_t* _t63;
                                                                                                                                                                                                                                                        				int _t64;
                                                                                                                                                                                                                                                        				char* _t65;
                                                                                                                                                                                                                                                        				WCHAR* _t68;
                                                                                                                                                                                                                                                        				long _t70;
                                                                                                                                                                                                                                                        				WCHAR* _t71;
                                                                                                                                                                                                                                                        				long _t72;
                                                                                                                                                                                                                                                        				intOrPtr _t74;
                                                                                                                                                                                                                                                        				char* _t76;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				long _t92;
                                                                                                                                                                                                                                                        				long _t93;
                                                                                                                                                                                                                                                        				short* _t94;
                                                                                                                                                                                                                                                        				void* _t95;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t100;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t46 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t74 = _a8;
                                                                                                                                                                                                                                                        				_v20 = _t46 ^ _t99;
                                                                                                                                                                                                                                                        				_t48 = GetEnvironmentVariableW(L"PATH", 0, 0);
                                                                                                                                                                                                                                                        				if(_t48 != 0) {
                                                                                                                                                                                                                                                        					_t92 = _t48;
                                                                                                                                                                                                                                                        					_t68 = _t48 + _t92;
                                                                                                                                                                                                                                                        					if(_t68 < 0) {
                                                                                                                                                                                                                                                        						_t68 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t68); // executed
                                                                                                                                                                                                                                                        					_t108 = _t100 + 4;
                                                                                                                                                                                                                                                        					_t98 = _t68;
                                                                                                                                                                                                                                                        					if(_t92 - 1 == GetEnvironmentVariableW(L"PATH", _t68, _t92)) {
                                                                                                                                                                                                                                                        						_t70 = ExpandEnvironmentStringsW(_t98, 0, 0);
                                                                                                                                                                                                                                                        						if(_t70 != 0) {
                                                                                                                                                                                                                                                        							_t93 = _t70;
                                                                                                                                                                                                                                                        							_t71 = _t70 + _t93;
                                                                                                                                                                                                                                                        							if(_t71 < 0) {
                                                                                                                                                                                                                                                        								_t71 = 0xffffffff;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(_t71);
                                                                                                                                                                                                                                                        							_t109 = _t108 + 4;
                                                                                                                                                                                                                                                        							_t79 = _t71;
                                                                                                                                                                                                                                                        							_t72 = ExpandEnvironmentStringsW(_t98, _t71, _t93);
                                                                                                                                                                                                                                                        							_t115 = _t72;
                                                                                                                                                                                                                                                        							if(_t72 != 0) {
                                                                                                                                                                                                                                                        								SetEnvironmentVariableW(L"PATH", _t79);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							free(_t79);
                                                                                                                                                                                                                                                        							_t108 = _t109 + 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					free(_t98);
                                                                                                                                                                                                                                                        					_t100 = _t108 + 4;
                                                                                                                                                                                                                                                        					_t74 = _a8;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__SetDllDirectoryW(0xbf54a2);
                                                                                                                                                                                                                                                        				E00BB3DD0(_t115,  &_v28,  &_a4, _t74, 0xbf015c); // executed
                                                                                                                                                                                                                                                        				_t101 = _t100 + 0x10;
                                                                                                                                                                                                                                                        				if(_v24 != 0) {
                                                                                                                                                                                                                                                        					_t94 = _v28;
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t55 = (_a4 + 1) * 4;
                                                                                                                                                                                                                                                        					if(_t55 < 0) {
                                                                                                                                                                                                                                                        						_t55 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t55);
                                                                                                                                                                                                                                                        					_t102 = _t101 + 4;
                                                                                                                                                                                                                                                        					_t89 = _t55;
                                                                                                                                                                                                                                                        					_t56 = _a4;
                                                                                                                                                                                                                                                        					if(_t56 <= 0) {
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						 *(_t89 + _t56 * 4) = 0;
                                                                                                                                                                                                                                                        						_t95 = _t89;
                                                                                                                                                                                                                                                        						_t58 = (_t56 + 1) * 4;
                                                                                                                                                                                                                                                        						if(_t58 < 0) {
                                                                                                                                                                                                                                                        							_t58 = 0xffffffff;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(_t58);
                                                                                                                                                                                                                                                        						_t103 = _t102 + 4;
                                                                                                                                                                                                                                                        						_t90 = _t58;
                                                                                                                                                                                                                                                        						_t59 = _a4;
                                                                                                                                                                                                                                                        						if(_t59 > 0) {
                                                                                                                                                                                                                                                        							_t59 = memcpy(_t90, _t95, _t59 << 2);
                                                                                                                                                                                                                                                        							_t103 = _t103 + 0xc;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__imp____p__environ();
                                                                                                                                                                                                                                                        						_t86 = _t95;
                                                                                                                                                                                                                                                        						_v32 = E00BB1230(_a4, _t95,  *_t59);
                                                                                                                                                                                                                                                        						free(_t95);
                                                                                                                                                                                                                                                        						_t105 = _t103 + 8;
                                                                                                                                                                                                                                                        						_t96 = _a4;
                                                                                                                                                                                                                                                        						if(_t96 == 0) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							free(_t90);
                                                                                                                                                                                                                                                        							_t94 = _v32;
                                                                                                                                                                                                                                                        							L23:
                                                                                                                                                                                                                                                        							E00BEECB0(_v20 ^ _t99, _t86);
                                                                                                                                                                                                                                                        							return _t94;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								_t61 =  *(_t90 + _t96 * 4 - 4);
                                                                                                                                                                                                                                                        								_t96 = _t96 - 1;
                                                                                                                                                                                                                                                        								if(_t61 != 0) {
                                                                                                                                                                                                                                                        									free(_t61);
                                                                                                                                                                                                                                                        									_t105 = _t105 + 4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} while (_t96 != 0);
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t97 = 0;
                                                                                                                                                                                                                                                        						_v36 = _t89;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t63 =  *(_t74 + _t97 * 4);
                                                                                                                                                                                                                                                        							_v32 = _t63;
                                                                                                                                                                                                                                                        							_t64 = wcslen(_t63);
                                                                                                                                                                                                                                                        							_t91 = _t64;
                                                                                                                                                                                                                                                        							_t65 = _t64 + 2 + _t64 * 2;
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(_t65);
                                                                                                                                                                                                                                                        							_t102 = _t102 + 8;
                                                                                                                                                                                                                                                        							_t76 = _t65;
                                                                                                                                                                                                                                                        							_t21 = _t91 * 2; // 0x1
                                                                                                                                                                                                                                                        							_t89 = _v36;
                                                                                                                                                                                                                                                        							_t76[WideCharToMultiByte(0xfde9, 0, _v32, _t64, _t76, _t64 + _t21 + 1, 0, 0)] = 0;
                                                                                                                                                                                                                                                        							_t56 = _a4;
                                                                                                                                                                                                                                                        							 *(_t89 + _t97 * 4) = _t76;
                                                                                                                                                                                                                                                        							_t74 = _a8;
                                                                                                                                                                                                                                                        							_t97 = _t97 + 1;
                                                                                                                                                                                                                                                        						} while (_t97 < _t56);
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}










































                                                                                                                                                                                                                                                        0x00bb1009
                                                                                                                                                                                                                                                        0x00bb100e
                                                                                                                                                                                                                                                        0x00bb1013
                                                                                                                                                                                                                                                        0x00bb101f
                                                                                                                                                                                                                                                        0x00bb1027
                                                                                                                                                                                                                                                        0x00bb1029
                                                                                                                                                                                                                                                        0x00bb102b
                                                                                                                                                                                                                                                        0x00bb102d
                                                                                                                                                                                                                                                        0x00bb11f9
                                                                                                                                                                                                                                                        0x00bb11f9
                                                                                                                                                                                                                                                        0x00bb1034
                                                                                                                                                                                                                                                        0x00bb103a
                                                                                                                                                                                                                                                        0x00bb103f
                                                                                                                                                                                                                                                        0x00bb1051
                                                                                                                                                                                                                                                        0x00bb1058
                                                                                                                                                                                                                                                        0x00bb1060
                                                                                                                                                                                                                                                        0x00bb1062
                                                                                                                                                                                                                                                        0x00bb1064
                                                                                                                                                                                                                                                        0x00bb1066
                                                                                                                                                                                                                                                        0x00bb1203
                                                                                                                                                                                                                                                        0x00bb1203
                                                                                                                                                                                                                                                        0x00bb106d
                                                                                                                                                                                                                                                        0x00bb1073
                                                                                                                                                                                                                                                        0x00bb1076
                                                                                                                                                                                                                                                        0x00bb107b
                                                                                                                                                                                                                                                        0x00bb1081
                                                                                                                                                                                                                                                        0x00bb1083
                                                                                                                                                                                                                                                        0x00bb108b
                                                                                                                                                                                                                                                        0x00bb108b
                                                                                                                                                                                                                                                        0x00bb1092
                                                                                                                                                                                                                                                        0x00bb1098
                                                                                                                                                                                                                                                        0x00bb1098
                                                                                                                                                                                                                                                        0x00bb1060
                                                                                                                                                                                                                                                        0x00bb109c
                                                                                                                                                                                                                                                        0x00bb10a2
                                                                                                                                                                                                                                                        0x00bb10a5
                                                                                                                                                                                                                                                        0x00bb10a5
                                                                                                                                                                                                                                                        0x00bb10ad
                                                                                                                                                                                                                                                        0x00bb10c1
                                                                                                                                                                                                                                                        0x00bb10c6
                                                                                                                                                                                                                                                        0x00bb10cd
                                                                                                                                                                                                                                                        0x00bb11f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb10d3
                                                                                                                                                                                                                                                        0x00bb10dc
                                                                                                                                                                                                                                                        0x00bb10de
                                                                                                                                                                                                                                                        0x00bb120d
                                                                                                                                                                                                                                                        0x00bb120d
                                                                                                                                                                                                                                                        0x00bb10e5
                                                                                                                                                                                                                                                        0x00bb10eb
                                                                                                                                                                                                                                                        0x00bb10ee
                                                                                                                                                                                                                                                        0x00bb10f0
                                                                                                                                                                                                                                                        0x00bb10f5
                                                                                                                                                                                                                                                        0x00bb1152
                                                                                                                                                                                                                                                        0x00bb1152
                                                                                                                                                                                                                                                        0x00bb115f
                                                                                                                                                                                                                                                        0x00bb1161
                                                                                                                                                                                                                                                        0x00bb1163
                                                                                                                                                                                                                                                        0x00bb1217
                                                                                                                                                                                                                                                        0x00bb1217
                                                                                                                                                                                                                                                        0x00bb116a
                                                                                                                                                                                                                                                        0x00bb1170
                                                                                                                                                                                                                                                        0x00bb1173
                                                                                                                                                                                                                                                        0x00bb1175
                                                                                                                                                                                                                                                        0x00bb117a
                                                                                                                                                                                                                                                        0x00bb1182
                                                                                                                                                                                                                                                        0x00bb1187
                                                                                                                                                                                                                                                        0x00bb1187
                                                                                                                                                                                                                                                        0x00bb118a
                                                                                                                                                                                                                                                        0x00bb1193
                                                                                                                                                                                                                                                        0x00bb119f
                                                                                                                                                                                                                                                        0x00bb11a3
                                                                                                                                                                                                                                                        0x00bb11a9
                                                                                                                                                                                                                                                        0x00bb11ac
                                                                                                                                                                                                                                                        0x00bb11b1
                                                                                                                                                                                                                                                        0x00bb11d3
                                                                                                                                                                                                                                                        0x00bb11d4
                                                                                                                                                                                                                                                        0x00bb11dd
                                                                                                                                                                                                                                                        0x00bb11e0
                                                                                                                                                                                                                                                        0x00bb11e5
                                                                                                                                                                                                                                                        0x00bb11f3
                                                                                                                                                                                                                                                        0x00bb11b3
                                                                                                                                                                                                                                                        0x00bb11c0
                                                                                                                                                                                                                                                        0x00bb11c0
                                                                                                                                                                                                                                                        0x00bb11c4
                                                                                                                                                                                                                                                        0x00bb11c7
                                                                                                                                                                                                                                                        0x00bb11ca
                                                                                                                                                                                                                                                        0x00bb11cc
                                                                                                                                                                                                                                                        0x00bb11cc
                                                                                                                                                                                                                                                        0x00bb11cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb11c0
                                                                                                                                                                                                                                                        0x00bb10f7
                                                                                                                                                                                                                                                        0x00bb10f7
                                                                                                                                                                                                                                                        0x00bb10f9
                                                                                                                                                                                                                                                        0x00bb1100
                                                                                                                                                                                                                                                        0x00bb1100
                                                                                                                                                                                                                                                        0x00bb1103
                                                                                                                                                                                                                                                        0x00bb1107
                                                                                                                                                                                                                                                        0x00bb1110
                                                                                                                                                                                                                                                        0x00bb1112
                                                                                                                                                                                                                                                        0x00bb1117
                                                                                                                                                                                                                                                        0x00bb111d
                                                                                                                                                                                                                                                        0x00bb1120
                                                                                                                                                                                                                                                        0x00bb1122
                                                                                                                                                                                                                                                        0x00bb112d
                                                                                                                                                                                                                                                        0x00bb1140
                                                                                                                                                                                                                                                        0x00bb1144
                                                                                                                                                                                                                                                        0x00bb1147
                                                                                                                                                                                                                                                        0x00bb114a
                                                                                                                                                                                                                                                        0x00bb114d
                                                                                                                                                                                                                                                        0x00bb114e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1100
                                                                                                                                                                                                                                                        0x00bb10f5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetEnvironmentVariableW.KERNEL32(PATH,00000000,00000000), ref: 00BB101F
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB1034
                                                                                                                                                                                                                                                        • GetEnvironmentVariableW.KERNEL32(PATH,00000000,00000000), ref: 00BB1049
                                                                                                                                                                                                                                                        • ExpandEnvironmentStringsW.KERNEL32(00000000,00000000,00000000), ref: 00BB1058
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB106D
                                                                                                                                                                                                                                                        • ExpandEnvironmentStringsW.KERNEL32(00000000,00000000,00000000), ref: 00BB107B
                                                                                                                                                                                                                                                        • SetEnvironmentVariableW.KERNEL32(PATH,00000000), ref: 00BB108B
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB1092
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB109C
                                                                                                                                                                                                                                                        • SetDllDirectoryW.KERNEL32 ref: 00BB10AD
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 00BB10E5
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB1107
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 00BB1117
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,00000001,00000000,00000000), ref: 00BB113A
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF), ref: 00BB116A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,00000000,?), ref: 00BB1182
                                                                                                                                                                                                                                                        • __p__environ.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0 ref: 00BB118A
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB11A3
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB11CA
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB11D4
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Environmentfreemoz_xmalloc$Variable$ExpandStrings$ByteCharDirectoryMultiWide__p__environmemcpywcslen
                                                                                                                                                                                                                                                        • String ID: PATH
                                                                                                                                                                                                                                                        • API String ID: 3928891988-1036084923
                                                                                                                                                                                                                                                        • Opcode ID: fb07a96ef1a759ad0024b98decadcf6a08f21e717c4d56e52d08d4cf2845679a
                                                                                                                                                                                                                                                        • Instruction ID: df28d133b5379c88ad570940b713105f8978533b999a44abafd1dd430882ab35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb07a96ef1a759ad0024b98decadcf6a08f21e717c4d56e52d08d4cf2845679a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A451CDB5A00205ABDB109F6CDC89BBA7BA8EF04750F4405A4FA15EB291DEB1DD04CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 89%
                                                                                                                                                                                                                                                        			E00BB37F0(char** __ecx, void** __edx, signed char _a4, void** _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				void _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				char** _v64;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				void** _v72;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				signed short _t75;
                                                                                                                                                                                                                                                        				int _t79;
                                                                                                                                                                                                                                                        				signed short _t80;
                                                                                                                                                                                                                                                        				void _t83;
                                                                                                                                                                                                                                                        				char _t86;
                                                                                                                                                                                                                                                        				signed char _t88;
                                                                                                                                                                                                                                                        				long* _t89;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				int _t98;
                                                                                                                                                                                                                                                        				char* _t100;
                                                                                                                                                                                                                                                        				DWORD* _t104;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				char* _t106;
                                                                                                                                                                                                                                                        				void* _t107;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				char** _t124;
                                                                                                                                                                                                                                                        				char** _t126;
                                                                                                                                                                                                                                                        				int _t127;
                                                                                                                                                                                                                                                        				int* _t128;
                                                                                                                                                                                                                                                        				DWORD* _t129;
                                                                                                                                                                                                                                                        				long _t130;
                                                                                                                                                                                                                                                        				char* _t134;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				void* _t143;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t125 = __edx;
                                                                                                                                                                                                                                                        				_v72 = __edx;
                                                                                                                                                                                                                                                        				_t128 = _a8;
                                                                                                                                                                                                                                                        				_t126 = __ecx;
                                                                                                                                                                                                                                                        				_t69 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t69 ^ _t138;
                                                                                                                                                                                                                                                        				_t71 =  *_t128;
                                                                                                                                                                                                                                                        				_t4 = _t71 + 1; // 0x4dd80978
                                                                                                                                                                                                                                                        				if(_t4 >= 2) {
                                                                                                                                                                                                                                                        					CloseHandle(_t71);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t128 = 0;
                                                                                                                                                                                                                                                        				if(OpenProcessToken(GetCurrentProcess(), 0x8b,  &_v56) == 0) {
                                                                                                                                                                                                                                                        					_t75 = GetLastError();
                                                                                                                                                                                                                                                        					_t126[3] = 1;
                                                                                                                                                                                                                                                        					 *_t126 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        					_t126[1] = 0x9d;
                                                                                                                                                                                                                                                        					_t114 =  <=  ? _t75 : _t75 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					_t126[2] =  <=  ? _t75 : _t75 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t105 = _v56;
                                                                                                                                                                                                                                                        					_t129 =  &_v36;
                                                                                                                                                                                                                                                        					_v60 = _t105;
                                                                                                                                                                                                                                                        					_t79 = GetTokenInformation(_t105, 0x12,  &_v52, 4, _t129); // executed
                                                                                                                                                                                                                                                        					if(_t79 == 0) {
                                                                                                                                                                                                                                                        						_t80 = GetLastError();
                                                                                                                                                                                                                                                        						_t126[3] = 1;
                                                                                                                                                                                                                                                        						 *_t126 = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        						_t126[1] = 0x28f;
                                                                                                                                                                                                                                                        						_t119 =  <=  ? _t80 : _t80 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t126[2] =  <=  ? _t80 : _t80 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						if(_t105 + 1 >= 2) {
                                                                                                                                                                                                                                                        							FindCloseChangeNotification(_t105); // executed
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t138, _t125);
                                                                                                                                                                                                                                                        						return _t126;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t83 = _v52;
                                                                                                                                                                                                                                                        					_v64 = _t126;
                                                                                                                                                                                                                                                        					_v68 = _t105;
                                                                                                                                                                                                                                                        					if(_t83 != 1) {
                                                                                                                                                                                                                                                        						_t106 = 1;
                                                                                                                                                                                                                                                        						if(_t83 == 2) {
                                                                                                                                                                                                                                                        							L23:
                                                                                                                                                                                                                                                        							_t125 = 0x80000001;
                                                                                                                                                                                                                                                        							E00BB3B00( &_v36, 0x80000001, _v72); // executed
                                                                                                                                                                                                                                                        							if(_v24 == 0) {
                                                                                                                                                                                                                                                        								_t130 = 4;
                                                                                                                                                                                                                                                        								if(_v36 == 0) {
                                                                                                                                                                                                                                                        									_t125 = 0x80000002;
                                                                                                                                                                                                                                                        									E00BB3B00( &_v52, 0x80000002, _v72); // executed
                                                                                                                                                                                                                                                        									_t86 = _v40;
                                                                                                                                                                                                                                                        									_v24 = _t86;
                                                                                                                                                                                                                                                        									if(_t86 == 0) {
                                                                                                                                                                                                                                                        										_v36 = _v52;
                                                                                                                                                                                                                                                        										_t130 =  ==  ? _t106 : 4;
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t95 = _v44;
                                                                                                                                                                                                                                                        									asm("movsd xmm0, [ebp-0x30]");
                                                                                                                                                                                                                                                        									_t124 = _v64;
                                                                                                                                                                                                                                                        									_v28 = _t95;
                                                                                                                                                                                                                                                        									asm("movsd [ebp-0x20], xmm0");
                                                                                                                                                                                                                                                        									L25:
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t124 + 8)) = _t95;
                                                                                                                                                                                                                                                        									asm("movsd [ecx], xmm0");
                                                                                                                                                                                                                                                        									 *((char*)(_t124 + 0xc)) = 1;
                                                                                                                                                                                                                                                        									L26:
                                                                                                                                                                                                                                                        									_t126 = _v64;
                                                                                                                                                                                                                                                        									L9:
                                                                                                                                                                                                                                                        									_t105 = _v68;
                                                                                                                                                                                                                                                        									goto L10;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L28:
                                                                                                                                                                                                                                                        								_t88 = _a4;
                                                                                                                                                                                                                                                        								if((_t88 & 0x00000002) != 0 || (_t88 & 0x00000001) == 0 && _t130 == 1) {
                                                                                                                                                                                                                                                        									L31:
                                                                                                                                                                                                                                                        									_t89 = _v64;
                                                                                                                                                                                                                                                        									_t89[3] = 0;
                                                                                                                                                                                                                                                        									 *_t89 = _t130;
                                                                                                                                                                                                                                                        									goto L26;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t125 =  &_v60;
                                                                                                                                                                                                                                                        									E00BB3CA0( &_v52,  &_v60);
                                                                                                                                                                                                                                                        									if(_v40 == 0) {
                                                                                                                                                                                                                                                        										_t107 = _v52;
                                                                                                                                                                                                                                                        										_t92 =  *_a8;
                                                                                                                                                                                                                                                        										if(_t92 + 1 >= 2) {
                                                                                                                                                                                                                                                        											CloseHandle(_t92);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *_a8 = _t107;
                                                                                                                                                                                                                                                        										goto L31;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t95 = _v44;
                                                                                                                                                                                                                                                        									_t124 = _v64;
                                                                                                                                                                                                                                                        									asm("movsd xmm0, [ebp-0x30]");
                                                                                                                                                                                                                                                        									goto L25;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t95 = _v28;
                                                                                                                                                                                                                                                        							_t124 = _v64;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x20]");
                                                                                                                                                                                                                                                        							goto L25;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t83 == 3) {
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							_t126 = _v64;
                                                                                                                                                                                                                                                        							_t126[3] = 0;
                                                                                                                                                                                                                                                        							 *_t126 = 0;
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t126 = _v64;
                                                                                                                                                                                                                                                        						_t126[3] = 1;
                                                                                                                                                                                                                                                        						 *_t126 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        						_t126[1] = 0xc2;
                                                                                                                                                                                                                                                        						_t126[2] = 0x80070507;
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t96 = GetTokenInformation(_t105, 0x19, 0, 0, _t129); // executed
                                                                                                                                                                                                                                                        					if(_t96 != 0) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						_t127 = _v36;
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(_t127);
                                                                                                                                                                                                                                                        						_t108 = _t96;
                                                                                                                                                                                                                                                        						memset(_t96, 0, _t127);
                                                                                                                                                                                                                                                        						_t143 = _t139 + 0x10;
                                                                                                                                                                                                                                                        						_t98 = GetTokenInformation(_v68, 0x19, _t108, _v36, _t129); // executed
                                                                                                                                                                                                                                                        						if(_t98 == 0) {
                                                                                                                                                                                                                                                        							_t134 =  <=  ? GetLastError() : _t99 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							free(_t108);
                                                                                                                                                                                                                                                        							_t100 = 0x22;
                                                                                                                                                                                                                                                        							L21:
                                                                                                                                                                                                                                                        							_t126 = _v64;
                                                                                                                                                                                                                                                        							_t126[3] = 1;
                                                                                                                                                                                                                                                        							 *_t126 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        							_t126[1] = _t100;
                                                                                                                                                                                                                                                        							_t126[2] = _t134;
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t104 = GetSidSubAuthority( *_t108, ( *(GetSidSubAuthorityCount( *_t108)) & 0x000000ff) - 1);
                                                                                                                                                                                                                                                        						free(_t108);
                                                                                                                                                                                                                                                        						_t139 = _t143 + 4;
                                                                                                                                                                                                                                                        						if( *_t104 > 0x2000) {
                                                                                                                                                                                                                                                        							_t106 = 2;
                                                                                                                                                                                                                                                        							goto L23;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t96 = GetLastError();
                                                                                                                                                                                                                                                        					if(_t96 != 0x7a) {
                                                                                                                                                                                                                                                        						_t134 =  <=  ? _t96 : _t96 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t100 = 0x1a;
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}












































                                                                                                                                                                                                                                                        0x00bb37f0
                                                                                                                                                                                                                                                        0x00bb37f9
                                                                                                                                                                                                                                                        0x00bb37fc
                                                                                                                                                                                                                                                        0x00bb37ff
                                                                                                                                                                                                                                                        0x00bb3801
                                                                                                                                                                                                                                                        0x00bb3808
                                                                                                                                                                                                                                                        0x00bb380b
                                                                                                                                                                                                                                                        0x00bb380d
                                                                                                                                                                                                                                                        0x00bb3813
                                                                                                                                                                                                                                                        0x00bb3925
                                                                                                                                                                                                                                                        0x00bb3925
                                                                                                                                                                                                                                                        0x00bb3819
                                                                                                                                                                                                                                                        0x00bb3837
                                                                                                                                                                                                                                                        0x00bb3930
                                                                                                                                                                                                                                                        0x00bb3939
                                                                                                                                                                                                                                                        0x00bb393d
                                                                                                                                                                                                                                                        0x00bb3943
                                                                                                                                                                                                                                                        0x00bb3952
                                                                                                                                                                                                                                                        0x00bb3955
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb383d
                                                                                                                                                                                                                                                        0x00bb383d
                                                                                                                                                                                                                                                        0x00bb3840
                                                                                                                                                                                                                                                        0x00bb3846
                                                                                                                                                                                                                                                        0x00bb3850
                                                                                                                                                                                                                                                        0x00bb3858
                                                                                                                                                                                                                                                        0x00bb395a
                                                                                                                                                                                                                                                        0x00bb3963
                                                                                                                                                                                                                                                        0x00bb3967
                                                                                                                                                                                                                                                        0x00bb396d
                                                                                                                                                                                                                                                        0x00bb397c
                                                                                                                                                                                                                                                        0x00bb397f
                                                                                                                                                                                                                                                        0x00bb3901
                                                                                                                                                                                                                                                        0x00bb3907
                                                                                                                                                                                                                                                        0x00bb390a
                                                                                                                                                                                                                                                        0x00bb390a
                                                                                                                                                                                                                                                        0x00bb3910
                                                                                                                                                                                                                                                        0x00bb3915
                                                                                                                                                                                                                                                        0x00bb3923
                                                                                                                                                                                                                                                        0x00bb3923
                                                                                                                                                                                                                                                        0x00bb385e
                                                                                                                                                                                                                                                        0x00bb3861
                                                                                                                                                                                                                                                        0x00bb3864
                                                                                                                                                                                                                                                        0x00bb386a
                                                                                                                                                                                                                                                        0x00bb3987
                                                                                                                                                                                                                                                        0x00bb398f
                                                                                                                                                                                                                                                        0x00bb3a0f
                                                                                                                                                                                                                                                        0x00bb3a12
                                                                                                                                                                                                                                                        0x00bb3a1a
                                                                                                                                                                                                                                                        0x00bb3a26
                                                                                                                                                                                                                                                        0x00bb3a4a
                                                                                                                                                                                                                                                        0x00bb3a4f
                                                                                                                                                                                                                                                        0x00bb3a6f
                                                                                                                                                                                                                                                        0x00bb3a77
                                                                                                                                                                                                                                                        0x00bb3a7f
                                                                                                                                                                                                                                                        0x00bb3a84
                                                                                                                                                                                                                                                        0x00bb3a87
                                                                                                                                                                                                                                                        0x00bb3ac9
                                                                                                                                                                                                                                                        0x00bb3acc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3acc
                                                                                                                                                                                                                                                        0x00bb3a89
                                                                                                                                                                                                                                                        0x00bb3a8c
                                                                                                                                                                                                                                                        0x00bb3a91
                                                                                                                                                                                                                                                        0x00bb3a94
                                                                                                                                                                                                                                                        0x00bb3a97
                                                                                                                                                                                                                                                        0x00bb3a33
                                                                                                                                                                                                                                                        0x00bb3a33
                                                                                                                                                                                                                                                        0x00bb3a36
                                                                                                                                                                                                                                                        0x00bb3a3a
                                                                                                                                                                                                                                                        0x00bb3a3e
                                                                                                                                                                                                                                                        0x00bb3a3e
                                                                                                                                                                                                                                                        0x00bb38fe
                                                                                                                                                                                                                                                        0x00bb38fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb38fe
                                                                                                                                                                                                                                                        0x00bb3a51
                                                                                                                                                                                                                                                        0x00bb3a51
                                                                                                                                                                                                                                                        0x00bb3a56
                                                                                                                                                                                                                                                        0x00bb3a61
                                                                                                                                                                                                                                                        0x00bb3a61
                                                                                                                                                                                                                                                        0x00bb3a64
                                                                                                                                                                                                                                                        0x00bb3a68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3a9e
                                                                                                                                                                                                                                                        0x00bb3aa1
                                                                                                                                                                                                                                                        0x00bb3aa4
                                                                                                                                                                                                                                                        0x00bb3aad
                                                                                                                                                                                                                                                        0x00bb3ad4
                                                                                                                                                                                                                                                        0x00bb3ad7
                                                                                                                                                                                                                                                        0x00bb3adf
                                                                                                                                                                                                                                                        0x00bb3ae2
                                                                                                                                                                                                                                                        0x00bb3ae2
                                                                                                                                                                                                                                                        0x00bb3aeb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3aeb
                                                                                                                                                                                                                                                        0x00bb3aaf
                                                                                                                                                                                                                                                        0x00bb3ab2
                                                                                                                                                                                                                                                        0x00bb3ab5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ab5
                                                                                                                                                                                                                                                        0x00bb3a56
                                                                                                                                                                                                                                                        0x00bb3a28
                                                                                                                                                                                                                                                        0x00bb3a2b
                                                                                                                                                                                                                                                        0x00bb3a2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3a2e
                                                                                                                                                                                                                                                        0x00bb3994
                                                                                                                                                                                                                                                        0x00bb38f1
                                                                                                                                                                                                                                                        0x00bb38f1
                                                                                                                                                                                                                                                        0x00bb38f4
                                                                                                                                                                                                                                                        0x00bb38f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb38f8
                                                                                                                                                                                                                                                        0x00bb399a
                                                                                                                                                                                                                                                        0x00bb399d
                                                                                                                                                                                                                                                        0x00bb39a1
                                                                                                                                                                                                                                                        0x00bb39a7
                                                                                                                                                                                                                                                        0x00bb39ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb39ae
                                                                                                                                                                                                                                                        0x00bb3878
                                                                                                                                                                                                                                                        0x00bb3880
                                                                                                                                                                                                                                                        0x00bb3891
                                                                                                                                                                                                                                                        0x00bb3891
                                                                                                                                                                                                                                                        0x00bb3895
                                                                                                                                                                                                                                                        0x00bb389e
                                                                                                                                                                                                                                                        0x00bb38a4
                                                                                                                                                                                                                                                        0x00bb38a9
                                                                                                                                                                                                                                                        0x00bb38b6
                                                                                                                                                                                                                                                        0x00bb38be
                                                                                                                                                                                                                                                        0x00bb39e0
                                                                                                                                                                                                                                                        0x00bb39e4
                                                                                                                                                                                                                                                        0x00bb39ed
                                                                                                                                                                                                                                                        0x00bb39f2
                                                                                                                                                                                                                                                        0x00bb39f2
                                                                                                                                                                                                                                                        0x00bb39f5
                                                                                                                                                                                                                                                        0x00bb39f9
                                                                                                                                                                                                                                                        0x00bb39ff
                                                                                                                                                                                                                                                        0x00bb3a02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3a02
                                                                                                                                                                                                                                                        0x00bb38d3
                                                                                                                                                                                                                                                        0x00bb38dc
                                                                                                                                                                                                                                                        0x00bb38e2
                                                                                                                                                                                                                                                        0x00bb38eb
                                                                                                                                                                                                                                                        0x00bb3a0a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3a0a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb38eb
                                                                                                                                                                                                                                                        0x00bb3882
                                                                                                                                                                                                                                                        0x00bb388b
                                                                                                                                                                                                                                                        0x00bb39c5
                                                                                                                                                                                                                                                        0x00bb39c8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb39c8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb388b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BB381F
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,0000008B,?), ref: 00BB382F
                                                                                                                                                                                                                                                        • GetTokenInformation.KERNELBASE(?,00000012(TokenIntegrityLevel),?,00000004,?), ref: 00BB3850
                                                                                                                                                                                                                                                        • GetTokenInformation.KERNELBASE(?,00000019(TokenIntegrityLevel),00000000,00000000,?), ref: 00BB3878
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB3882
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 00BB3895
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB38A4
                                                                                                                                                                                                                                                        • GetTokenInformation.KERNELBASE(?,00000019(TokenIntegrityLevel),00000000,?,?), ref: 00BB38B6
                                                                                                                                                                                                                                                        • GetSidSubAuthorityCount.ADVAPI32(00000000), ref: 00BB38C6
                                                                                                                                                                                                                                                        • GetSidSubAuthority.ADVAPI32(00000000,?), ref: 00BB38D3
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB38DC
                                                                                                                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE(?), ref: 00BB390A
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(4DD80977), ref: 00BB3925
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB3930
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB395A
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB39CF
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB39E4
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 00BB3AE2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLastToken$CloseInformation$AuthorityHandleProcessfree$ChangeCountCurrentFindNotificationOpenmemsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp
                                                                                                                                                                                                                                                        • API String ID: 2953408-2997882332
                                                                                                                                                                                                                                                        • Opcode ID: 5da389940a5ac14af69e5fe6e87a978293bf32654f6b412129949ca42d35e242
                                                                                                                                                                                                                                                        • Instruction ID: 0e1a8e8613f069fa7ec8601a99e6d7bdcbcc10e6808d57ca1f9cd4a9d1f78910
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5da389940a5ac14af69e5fe6e87a978293bf32654f6b412129949ca42d35e242
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2591AD75900259AFDB10CF64DC88BFDBBF4FF05714F248099E886AB251DBB5AA04CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 98%
                                                                                                                                                                                                                                                        			E00BB27A0(void* __ecx, void* __edx, void* __eflags, void* _a4, void* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed short _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v40;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				long _v52;
                                                                                                                                                                                                                                                        				char _v76;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				char _v84;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v112;
                                                                                                                                                                                                                                                        				intOrPtr _v120;
                                                                                                                                                                                                                                                        				char _v128;
                                                                                                                                                                                                                                                        				intOrPtr _v136;
                                                                                                                                                                                                                                                        				intOrPtr _v140;
                                                                                                                                                                                                                                                        				char _v144;
                                                                                                                                                                                                                                                        				char _v148;
                                                                                                                                                                                                                                                        				void* _v152;
                                                                                                                                                                                                                                                        				long _v156;
                                                                                                                                                                                                                                                        				signed short _v160;
                                                                                                                                                                                                                                                        				long _v164;
                                                                                                                                                                                                                                                        				void* _v168;
                                                                                                                                                                                                                                                        				long _v172;
                                                                                                                                                                                                                                                        				void _v176;
                                                                                                                                                                                                                                                        				void* _v180;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t102;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t108;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				char _t118;
                                                                                                                                                                                                                                                        				void* _t124;
                                                                                                                                                                                                                                                        				signed short _t126;
                                                                                                                                                                                                                                                        				int _t128;
                                                                                                                                                                                                                                                        				signed short _t129;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				int _t135;
                                                                                                                                                                                                                                                        				signed short _t136;
                                                                                                                                                                                                                                                        				char _t137;
                                                                                                                                                                                                                                                        				void _t140;
                                                                                                                                                                                                                                                        				void* _t143;
                                                                                                                                                                                                                                                        				void* _t144;
                                                                                                                                                                                                                                                        				void* _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				long _t177;
                                                                                                                                                                                                                                                        				void* _t178;
                                                                                                                                                                                                                                                        				void* _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				signed int _t182;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v180 = __edx;
                                                                                                                                                                                                                                                        				_t143 = _a4;
                                                                                                                                                                                                                                                        				_t175 = __ecx;
                                                                                                                                                                                                                                                        				_t102 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t102 ^ _t182;
                                                                                                                                                                                                                                                        				E00BBFD70(0xbfa7ac);
                                                                                                                                                                                                                                                        				_t105 = E00BBFD60(0xbfa7ac);
                                                                                                                                                                                                                                                        				_t188 = _t105;
                                                                                                                                                                                                                                                        				if(_t105 != 0) {
                                                                                                                                                                                                                                                        					_t105 = E00BC0250(0xbfa7ac, _t143, 0xbfa7ac); // executed
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t178 =  &_v112;
                                                                                                                                                                                                                                                        				_t106 = E00BB79C0(_t105, _t178, _t143); // executed
                                                                                                                                                                                                                                                        				_v88 = 0;
                                                                                                                                                                                                                                                        				_v84 = 0;
                                                                                                                                                                                                                                                        				_v80 = 0;
                                                                                                                                                                                                                                                        				E00BB79C0(_t106,  &_v76, _t143); // executed
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v52 = 4;
                                                                                                                                                                                                                                                        				_v40 = 0;
                                                                                                                                                                                                                                                        				_t108 = LoadLibraryW(L"ntdll.dll");
                                                                                                                                                                                                                                                        				_t174 = _t178;
                                                                                                                                                                                                                                                        				_v40 = _t108;
                                                                                                                                                                                                                                                        				_t109 = E00BB77F0(_t143, _t178, _t188); // executed
                                                                                                                                                                                                                                                        				_t189 = _t109;
                                                                                                                                                                                                                                                        				if(_t109 == 0) {
                                                                                                                                                                                                                                                        					 *((char*)(_t175 + 0xc)) = 1;
                                                                                                                                                                                                                                                        					 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t175 + 4)) = 0x3c;
                                                                                                                                                                                                                                                        					 *(_t175 + 8) = 0x80070507;
                                                                                                                                                                                                                                                        					L23:
                                                                                                                                                                                                                                                        					E00BB7990( &_v112, _t174); // executed
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t182, _t174);
                                                                                                                                                                                                                                                        					return _t175;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t174 =  &_v112;
                                                                                                                                                                                                                                                        				_t113 = E00BB7870(_t143,  &_v112, _t189); // executed
                                                                                                                                                                                                                                                        				if(_t113 == 0) {
                                                                                                                                                                                                                                                        					 *((char*)(_t175 + 0xc)) = 1;
                                                                                                                                                                                                                                                        					 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t175 + 4)) = 0x42;
                                                                                                                                                                                                                                                        					 *(_t175 + 8) = 0x80070507;
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BB1EA0( &_v128, 0xbb0000);
                                                                                                                                                                                                                                                        				if(_v120 == 0) {
                                                                                                                                                                                                                                                        					 *((char*)(_t175 + 0xc)) = 1;
                                                                                                                                                                                                                                                        					 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t175 + 4)) = 0x59;
                                                                                                                                                                                                                                                        					 *(_t175 + 8) = 0x800700c1;
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t174 = _v180;
                                                                                                                                                                                                                                                        				E00BB2540( &_v36, _v180,  &_v128, _a4); // executed
                                                                                                                                                                                                                                                        				_t118 = _v24;
                                                                                                                                                                                                                                                        				if(_t118 != 0) {
                                                                                                                                                                                                                                                        					 *((char*)(_t175 + 0xc)) = _t118;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [ebp-0x20]");
                                                                                                                                                                                                                                                        					asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        					 *(_t175 + 8) = _v28;
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BB1EA0( &_v144, GetModuleHandleW(L"ntdll.dll") & 0xfffffffc);
                                                                                                                                                                                                                                                        				if(_v136 == 0) {
                                                                                                                                                                                                                                                        					 *((char*)(_t175 + 0xc)) = 1;
                                                                                                                                                                                                                                                        					 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t175 + 4)) = 0x66;
                                                                                                                                                                                                                                                        					 *(_t175 + 8) = 0x800700c1;
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t144 = _a8;
                                                                                                                                                                                                                                                        				_v180 = _t175;
                                                                                                                                                                                                                                                        				if(_t144 != 0) {
                                                                                                                                                                                                                                                        					_t174 =  &_v176;
                                                                                                                                                                                                                                                        					E00BB78F0( &_v128,  &_v176, _t175, 0);
                                                                                                                                                                                                                                                        					_t124 = _v168;
                                                                                                                                                                                                                                                        					_t176 = _v176;
                                                                                                                                                                                                                                                        					_t180 = _v172;
                                                                                                                                                                                                                                                        					__eflags = _t124;
                                                                                                                                                                                                                                                        					if(_t124 == 0) {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v168 = 0;
                                                                                                                                                                                                                                                        					__eflags = _t124;
                                                                                                                                                                                                                                                        					if(_t124 != 0) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L35;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t140 = _v144;
                                                                                                                                                                                                                                                        					_t174 =  &_v156;
                                                                                                                                                                                                                                                        					_v176 = _t140;
                                                                                                                                                                                                                                                        					_v172 =  *((intOrPtr*)(_v140 + 0x50)) + _t140;
                                                                                                                                                                                                                                                        					_v168 = 1;
                                                                                                                                                                                                                                                        					E00BB78F0( &_v128,  &_v156, _t175,  &_v176);
                                                                                                                                                                                                                                                        					_t124 = _v148;
                                                                                                                                                                                                                                                        					_t176 = _v156;
                                                                                                                                                                                                                                                        					_t180 = _v152;
                                                                                                                                                                                                                                                        					if(_t124 != 0) {
                                                                                                                                                                                                                                                        						_v148 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					if(_t124 == 0) {
                                                                                                                                                                                                                                                        						L35:
                                                                                                                                                                                                                                                        						_t175 = _v180;
                                                                                                                                                                                                                                                        						 *((char*)(_t175 + 0xc)) = 1;
                                                                                                                                                                                                                                                        						 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t175 + 4)) = 0x7e;
                                                                                                                                                                                                                                                        						 *(_t175 + 8) = 0x8007000d;
                                                                                                                                                                                                                                                        						goto L23;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L11:
                                                                                                                                                                                                                                                        					_t177 = _t176 << 2;
                                                                                                                                                                                                                                                        					_t174 = _t180;
                                                                                                                                                                                                                                                        					E00BB7780( &_v176, _t180, _t177, _a4); // executed
                                                                                                                                                                                                                                                        					_t126 = _v160;
                                                                                                                                                                                                                                                        					if(_t126 < 0) {
                                                                                                                                                                                                                                                        						_t175 = _v180;
                                                                                                                                                                                                                                                        						 *((char*)(_t175 + 0xc)) = 1;
                                                                                                                                                                                                                                                        						 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t175 + 4)) = 0x8c;
                                                                                                                                                                                                                                                        						 *(_t175 + 8) = _t126;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t144 == 0) {
                                                                                                                                                                                                                                                        							_t144 = _t180;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t181 = _a4;
                                                                                                                                                                                                                                                        						_t128 = WriteProcessMemory(_t181, _t180, _t144, _t177,  &_v156); // executed
                                                                                                                                                                                                                                                        						if(_t128 == 0 || _v156 != _t177) {
                                                                                                                                                                                                                                                        							_t129 = GetLastError();
                                                                                                                                                                                                                                                        							_t174 = _v180;
                                                                                                                                                                                                                                                        							__eflags = _t129;
                                                                                                                                                                                                                                                        							_t162 =  <=  ? _t129 : _t129 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							__eflags = _v160;
                                                                                                                                                                                                                                                        							 *((char*)(_t174 + 0xc)) = 1;
                                                                                                                                                                                                                                                        							 *_t174 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t174 + 4)) = 0x92;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t174 + 8)) =  <=  ? _t129 : _t129 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							if(_v160 >= 0) {
                                                                                                                                                                                                                                                        								VirtualProtectEx(_v168, _v176, _v172, _v164,  &_v164);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t175 = _v180;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(_v160 >= 0) {
                                                                                                                                                                                                                                                        								VirtualProtectEx(_v168, _v176, _v172, _v164,  &_v164); // executed
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t175 = _v180;
                                                                                                                                                                                                                                                        							_t132 = 2;
                                                                                                                                                                                                                                                        							if(( *0xbfa538 & 0x00000002) != 0) {
                                                                                                                                                                                                                                                        								_t132 = 3;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v176 = _t132;
                                                                                                                                                                                                                                                        							_t135 = WriteProcessMemory(_t181, 0xbfa538,  &_v176, 4,  &_v156); // executed
                                                                                                                                                                                                                                                        							if(_t135 == 0 || _v156 != 4) {
                                                                                                                                                                                                                                                        								_t136 = GetLastError();
                                                                                                                                                                                                                                                        								 *_t175 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp";
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t175 + 4)) = 0xa2;
                                                                                                                                                                                                                                                        								__eflags = _t136;
                                                                                                                                                                                                                                                        								_t165 =  <=  ? _t136 : _t136 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        								_t137 = 1;
                                                                                                                                                                                                                                                        								 *(_t175 + 8) =  <=  ? _t136 : _t136 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t137 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							 *((char*)(_t175 + 0xc)) = _t137;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
























































                                                                                                                                                                                                                                                        0x00bb27ac
                                                                                                                                                                                                                                                        0x00bb27b2
                                                                                                                                                                                                                                                        0x00bb27b5
                                                                                                                                                                                                                                                        0x00bb27bc
                                                                                                                                                                                                                                                        0x00bb27c3
                                                                                                                                                                                                                                                        0x00bb27c6
                                                                                                                                                                                                                                                        0x00bb27d0
                                                                                                                                                                                                                                                        0x00bb27d5
                                                                                                                                                                                                                                                        0x00bb27d7
                                                                                                                                                                                                                                                        0x00bb27e4
                                                                                                                                                                                                                                                        0x00bb27e4
                                                                                                                                                                                                                                                        0x00bb27e9
                                                                                                                                                                                                                                                        0x00bb27f0
                                                                                                                                                                                                                                                        0x00bb27fa
                                                                                                                                                                                                                                                        0x00bb2801
                                                                                                                                                                                                                                                        0x00bb2805
                                                                                                                                                                                                                                                        0x00bb2809
                                                                                                                                                                                                                                                        0x00bb280e
                                                                                                                                                                                                                                                        0x00bb2815
                                                                                                                                                                                                                                                        0x00bb281c
                                                                                                                                                                                                                                                        0x00bb2823
                                                                                                                                                                                                                                                        0x00bb282f
                                                                                                                                                                                                                                                        0x00bb2837
                                                                                                                                                                                                                                                        0x00bb2839
                                                                                                                                                                                                                                                        0x00bb283c
                                                                                                                                                                                                                                                        0x00bb2841
                                                                                                                                                                                                                                                        0x00bb2843
                                                                                                                                                                                                                                                        0x00bb2ab7
                                                                                                                                                                                                                                                        0x00bb2abb
                                                                                                                                                                                                                                                        0x00bb2ac1
                                                                                                                                                                                                                                                        0x00bb2ac8
                                                                                                                                                                                                                                                        0x00bb2a06
                                                                                                                                                                                                                                                        0x00bb2a09
                                                                                                                                                                                                                                                        0x00bb2a13
                                                                                                                                                                                                                                                        0x00bb2a24
                                                                                                                                                                                                                                                        0x00bb2a24
                                                                                                                                                                                                                                                        0x00bb2849
                                                                                                                                                                                                                                                        0x00bb284e
                                                                                                                                                                                                                                                        0x00bb2855
                                                                                                                                                                                                                                                        0x00bb2ad4
                                                                                                                                                                                                                                                        0x00bb2ad8
                                                                                                                                                                                                                                                        0x00bb2ade
                                                                                                                                                                                                                                                        0x00bb2ae5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2ae5
                                                                                                                                                                                                                                                        0x00bb2869
                                                                                                                                                                                                                                                        0x00bb2872
                                                                                                                                                                                                                                                        0x00bb2af1
                                                                                                                                                                                                                                                        0x00bb2af5
                                                                                                                                                                                                                                                        0x00bb2afb
                                                                                                                                                                                                                                                        0x00bb2b02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2b02
                                                                                                                                                                                                                                                        0x00bb2878
                                                                                                                                                                                                                                                        0x00bb2885
                                                                                                                                                                                                                                                        0x00bb288d
                                                                                                                                                                                                                                                        0x00bb2892
                                                                                                                                                                                                                                                        0x00bb2b0e
                                                                                                                                                                                                                                                        0x00bb2b11
                                                                                                                                                                                                                                                        0x00bb2b19
                                                                                                                                                                                                                                                        0x00bb2b1d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2b1d
                                                                                                                                                                                                                                                        0x00bb28ad
                                                                                                                                                                                                                                                        0x00bb28b9
                                                                                                                                                                                                                                                        0x00bb2b25
                                                                                                                                                                                                                                                        0x00bb2b29
                                                                                                                                                                                                                                                        0x00bb2b2f
                                                                                                                                                                                                                                                        0x00bb2b36
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2b36
                                                                                                                                                                                                                                                        0x00bb28bf
                                                                                                                                                                                                                                                        0x00bb28c2
                                                                                                                                                                                                                                                        0x00bb28ca
                                                                                                                                                                                                                                                        0x00bb2b42
                                                                                                                                                                                                                                                        0x00bb2b4d
                                                                                                                                                                                                                                                        0x00bb2b55
                                                                                                                                                                                                                                                        0x00bb2b5b
                                                                                                                                                                                                                                                        0x00bb2b61
                                                                                                                                                                                                                                                        0x00bb2b67
                                                                                                                                                                                                                                                        0x00bb2b69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2b6f
                                                                                                                                                                                                                                                        0x00bb2b76
                                                                                                                                                                                                                                                        0x00bb2b78
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb28d0
                                                                                                                                                                                                                                                        0x00bb28d6
                                                                                                                                                                                                                                                        0x00bb28dc
                                                                                                                                                                                                                                                        0x00bb28e5
                                                                                                                                                                                                                                                        0x00bb28f3
                                                                                                                                                                                                                                                        0x00bb28f9
                                                                                                                                                                                                                                                        0x00bb2904
                                                                                                                                                                                                                                                        0x00bb290c
                                                                                                                                                                                                                                                        0x00bb2912
                                                                                                                                                                                                                                                        0x00bb2918
                                                                                                                                                                                                                                                        0x00bb2920
                                                                                                                                                                                                                                                        0x00bb2922
                                                                                                                                                                                                                                                        0x00bb2922
                                                                                                                                                                                                                                                        0x00bb2929
                                                                                                                                                                                                                                                        0x00bb292b
                                                                                                                                                                                                                                                        0x00bb2b7e
                                                                                                                                                                                                                                                        0x00bb2b7e
                                                                                                                                                                                                                                                        0x00bb2b84
                                                                                                                                                                                                                                                        0x00bb2b88
                                                                                                                                                                                                                                                        0x00bb2b8e
                                                                                                                                                                                                                                                        0x00bb2b95
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2b95
                                                                                                                                                                                                                                                        0x00bb2931
                                                                                                                                                                                                                                                        0x00bb2931
                                                                                                                                                                                                                                                        0x00bb293a
                                                                                                                                                                                                                                                        0x00bb2940
                                                                                                                                                                                                                                                        0x00bb2948
                                                                                                                                                                                                                                                        0x00bb2950
                                                                                                                                                                                                                                                        0x00bb2ba1
                                                                                                                                                                                                                                                        0x00bb2ba7
                                                                                                                                                                                                                                                        0x00bb2bab
                                                                                                                                                                                                                                                        0x00bb2bb1
                                                                                                                                                                                                                                                        0x00bb2bb8
                                                                                                                                                                                                                                                        0x00bb2956
                                                                                                                                                                                                                                                        0x00bb2958
                                                                                                                                                                                                                                                        0x00bb295a
                                                                                                                                                                                                                                                        0x00bb295a
                                                                                                                                                                                                                                                        0x00bb2966
                                                                                                                                                                                                                                                        0x00bb296a
                                                                                                                                                                                                                                                        0x00bb2972
                                                                                                                                                                                                                                                        0x00bb2a25
                                                                                                                                                                                                                                                        0x00bb2a2e
                                                                                                                                                                                                                                                        0x00bb2a3a
                                                                                                                                                                                                                                                        0x00bb2a3c
                                                                                                                                                                                                                                                        0x00bb2a3f
                                                                                                                                                                                                                                                        0x00bb2a46
                                                                                                                                                                                                                                                        0x00bb2a4a
                                                                                                                                                                                                                                                        0x00bb2a50
                                                                                                                                                                                                                                                        0x00bb2a57
                                                                                                                                                                                                                                                        0x00bb2a5a
                                                                                                                                                                                                                                                        0x00bb2a7b
                                                                                                                                                                                                                                                        0x00bb2a7b
                                                                                                                                                                                                                                                        0x00bb2a81
                                                                                                                                                                                                                                                        0x00bb2984
                                                                                                                                                                                                                                                        0x00bb298b
                                                                                                                                                                                                                                                        0x00bb29ac
                                                                                                                                                                                                                                                        0x00bb29ac
                                                                                                                                                                                                                                                        0x00bb29b9
                                                                                                                                                                                                                                                        0x00bb29bf
                                                                                                                                                                                                                                                        0x00bb29c4
                                                                                                                                                                                                                                                        0x00bb2bc0
                                                                                                                                                                                                                                                        0x00bb2bc0
                                                                                                                                                                                                                                                        0x00bb29ca
                                                                                                                                                                                                                                                        0x00bb29e6
                                                                                                                                                                                                                                                        0x00bb29ee
                                                                                                                                                                                                                                                        0x00bb2a8c
                                                                                                                                                                                                                                                        0x00bb2a95
                                                                                                                                                                                                                                                        0x00bb2a9b
                                                                                                                                                                                                                                                        0x00bb2aa8
                                                                                                                                                                                                                                                        0x00bb2aaa
                                                                                                                                                                                                                                                        0x00bb2aad
                                                                                                                                                                                                                                                        0x00bb2aaf
                                                                                                                                                                                                                                                        0x00bb2a01
                                                                                                                                                                                                                                                        0x00bb2a01
                                                                                                                                                                                                                                                        0x00bb2a01
                                                                                                                                                                                                                                                        0x00bb2a03
                                                                                                                                                                                                                                                        0x00bb2a03
                                                                                                                                                                                                                                                        0x00bb2972
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2950

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBFD70: GetModuleHandleW.KERNEL32(kernel32.dll), ref: 00BBFDAC
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ntdll.dll), ref: 00BB282F
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,?,MZx), ref: 00BB289D
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,?,?,?,?,?,?,00000000,?,MZx), ref: 00BB296A
                                                                                                                                                                                                                                                          • Part of subcall function 00BC0250: WriteProcessMemory.KERNELBASE(?,00BB27F9,00BFA79C,0000000C,?), ref: 00BC027F
                                                                                                                                                                                                                                                          • Part of subcall function 00BC0250: WriteProcessMemory.KERNELBASE(?,00BB27DD,?,00000004,?), ref: 00BC029C
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNELBASE(?,?,?,?,?,?,?,00000000,?,MZx), ref: 00BB29AC
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,00BFA538,?,00000004,?,?,?,00000000,?,MZx), ref: 00BB29E6
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,00000000,?,MZx), ref: 00BB2A25
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNEL32(?,?,?,?,?,?,?,00000000,?,MZx), ref: 00BB2A7B
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,00000000,?,MZx), ref: 00BB2A8C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessWrite$ErrorHandleLastModuleProtectVirtual$LibraryLoad
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/DllBlocklistInit.cpp$MZx$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 1319551569-615912008
                                                                                                                                                                                                                                                        • Opcode ID: bbbf2966de7287ddcc993284d2798ccf5a8692a18519254a2d8e182fce819101
                                                                                                                                                                                                                                                        • Instruction ID: 39a7899e29b1c6220077bbbecf7348ed8fd39e39b17e9692c316903e97d2580f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bbbf2966de7287ddcc993284d2798ccf5a8692a18519254a2d8e182fce819101
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F3B16B71A00359EFDB248F60C844BFABBB5BF49304F1081D9E9996B241DBB59988CF91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegGetValueW.KERNELBASE(80000001,SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers,00BB3A1F,00010002,00000000,00000000,?), ref: 00BB3B34
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF), ref: 00BB3B5D
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB3B6C
                                                                                                                                                                                                                                                        • RegGetValueW.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers,00BB3A1F,00010002,00000000,00000000,?), ref: 00BB3B89
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB3BB6
                                                                                                                                                                                                                                                        • wcstok_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000020,?), ref: 00BB3C35
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,0000000B), ref: 00BB3C67
                                                                                                                                                                                                                                                        • wcstok_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000020,?), ref: 00BB3C7A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp, xrefs: 00BB3B9A, 00BB3BC8
                                                                                                                                                                                                                                                        • SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers, xrefs: 00BB3B2E, 00BB3B83
                                                                                                                                                                                                                                                        • , xrefs: 00BB3C12
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Valuewcstok_s$_wcsnicmpfreememsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: $/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp$SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
                                                                                                                                                                                                                                                        • API String ID: 2494463478-1164482576
                                                                                                                                                                                                                                                        • Opcode ID: 6ac4dce735c6ee73f21a8712a9d86076b63492168305f1fb2b43398afa767860
                                                                                                                                                                                                                                                        • Instruction ID: ef6ad0d501209608a9f87f9f5a65f380afe022d3d37961e1731f863b371aefe4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6ac4dce735c6ee73f21a8712a9d86076b63492168305f1fb2b43398afa767860
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5341E171900308AFD7108F65DC45BFABBF8EF09704F14846DE84AE7291EBB5A904CB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 97%
                                                                                                                                                                                                                                                        			E00BB2540(char** __ecx, WCHAR* __edx, signed int* _a4, void* _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED _v48;
                                                                                                                                                                                                                                                        				long _v52;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v60;
                                                                                                                                                                                                                                                        				void _v64;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				WCHAR* _v72;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        				signed short _t62;
                                                                                                                                                                                                                                                        				int _t69;
                                                                                                                                                                                                                                                        				signed short _t70;
                                                                                                                                                                                                                                                        				char* _t73;
                                                                                                                                                                                                                                                        				int _t76;
                                                                                                                                                                                                                                                        				signed short _t77;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				signed int* _t85;
                                                                                                                                                                                                                                                        				char** _t103;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				long _t107;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t102 = __edx;
                                                                                                                                                                                                                                                        				_t58 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t103 = __ecx;
                                                                                                                                                                                                                                                        				_t85 = _a4;
                                                                                                                                                                                                                                                        				_v24 = _t58 ^ _t108;
                                                                                                                                                                                                                                                        				_t105 = _t85[1];
                                                                                                                                                                                                                                                        				_t60 =  *((intOrPtr*)(_t105 + 0x74));
                                                                                                                                                                                                                                                        				if(_t60 <= 1) {
                                                                                                                                                                                                                                                        					_t106 = 0;
                                                                                                                                                                                                                                                        					if(_t60 > 1) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t61 = CreateFileW(_t102, 0x80000000, 1, 0, 3, 0x80, 0); // executed
                                                                                                                                                                                                                                                        						_t80 = _t61;
                                                                                                                                                                                                                                                        						if(_t61 == 0xffffffff) {
                                                                                                                                                                                                                                                        							_t62 = GetLastError();
                                                                                                                                                                                                                                                        							_t103[3] = 1;
                                                                                                                                                                                                                                                        							 *_t103 = "/builds/worker/workspace/obj-build/dist/include/mozilla/ImportDir.h";
                                                                                                                                                                                                                                                        							_t103[1] = 0x43;
                                                                                                                                                                                                                                                        							_t88 =  <=  ? _t62 : _t62 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							_t103[2] =  <=  ? _t62 : _t62 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							if(_t80 + 1 >= 2) {
                                                                                                                                                                                                                                                        								FindCloseChangeNotification(_t80); // executed
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							E00BEECB0(_v24 ^ _t108, _t102);
                                                                                                                                                                                                                                                        							return _t103;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v72 = _t103;
                                                                                                                                                                                                                                                        						_v48.hEvent = 0;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v64 = 0;
                                                                                                                                                                                                                                                        						_t102 =  &_v52;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        						_v48.Offset = _t106;
                                                                                                                                                                                                                                                        						_v68 = _t80;
                                                                                                                                                                                                                                                        						_t69 = ReadFile(_t80,  &_v64, 8,  &_v52,  &_v48); // executed
                                                                                                                                                                                                                                                        						if(_t69 == 0 || _v52 != 8) {
                                                                                                                                                                                                                                                        							_t70 = GetLastError();
                                                                                                                                                                                                                                                        							_t103 = _v72;
                                                                                                                                                                                                                                                        							_t80 = _v68;
                                                                                                                                                                                                                                                        							_t94 =  <=  ? _t70 : _t70 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							_t103[3] = 1;
                                                                                                                                                                                                                                                        							 *_t103 = "/builds/worker/workspace/obj-build/dist/include/mozilla/ImportDir.h";
                                                                                                                                                                                                                                                        							_t103[1] = 0x16;
                                                                                                                                                                                                                                                        							_t103[2] =  <=  ? _t70 : _t70 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t104 = _a8;
                                                                                                                                                                                                                                                        							_t83 = 0xbb0000 + _t106;
                                                                                                                                                                                                                                                        							_t102 = 0xbb0000;
                                                                                                                                                                                                                                                        							_v60 = _v60;
                                                                                                                                                                                                                                                        							E00BB7780( &_v48, 0xbb0000, 8, _t104); // executed
                                                                                                                                                                                                                                                        							_t73 = _v48.hEvent;
                                                                                                                                                                                                                                                        							if(_t73 < 0) {
                                                                                                                                                                                                                                                        								_t103 = _v72;
                                                                                                                                                                                                                                                        								_t80 = _v68;
                                                                                                                                                                                                                                                        								_t103[3] = 1;
                                                                                                                                                                                                                                                        								 *_t103 = "/builds/worker/workspace/obj-build/dist/include/mozilla/ImportDir.h";
                                                                                                                                                                                                                                                        								_t103[1] = 0x5c;
                                                                                                                                                                                                                                                        								_t103[2] = _t73;
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t76 = WriteProcessMemory(_t104, _t83,  &_v64, 8,  &_v52); // executed
                                                                                                                                                                                                                                                        							if(_t76 == 0) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								_t77 = GetLastError();
                                                                                                                                                                                                                                                        								_t102 = _v72;
                                                                                                                                                                                                                                                        								_t107 = 1;
                                                                                                                                                                                                                                                        								_t99 =  <=  ? _t77 : _t77 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        								_t102[6] = 1;
                                                                                                                                                                                                                                                        								 *_t102 = "/builds/worker/workspace/obj-build/dist/include/mozilla/ImportDir.h";
                                                                                                                                                                                                                                                        								_t102[2] = 0x63;
                                                                                                                                                                                                                                                        								_t102[4] =  <=  ? _t77 : _t77 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        								L8:
                                                                                                                                                                                                                                                        								_t103 = _v72;
                                                                                                                                                                                                                                                        								_t80 = _v68;
                                                                                                                                                                                                                                                        								if(_v48.hEvent >= 0) {
                                                                                                                                                                                                                                                        									VirtualProtectEx(_v48.Offset, _v48, _v48.InternalHigh, _v48.OffsetHigh,  &(_v48.OffsetHigh)); // executed
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(_t107 == 0) {
                                                                                                                                                                                                                                                        									_t103[3] = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t107 = 0;
                                                                                                                                                                                                                                                        							if(_v52 != 8) {
                                                                                                                                                                                                                                                        								goto L16;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L18:
                                                                                                                                                                                                                                                        					_t103[3] = 1;
                                                                                                                                                                                                                                                        					 *_t103 = "/builds/worker/workspace/obj-build/dist/include/mozilla/ImportDir.h";
                                                                                                                                                                                                                                                        					_t103[1] = 0x3c;
                                                                                                                                                                                                                                                        					_t103[2] = 0x800700c1;
                                                                                                                                                                                                                                                        					goto L14;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t106 = _t105 +  ~( *_t85) + 0x80;
                                                                                                                                                                                                                                                        				if(_t60 <= 1) {
                                                                                                                                                                                                                                                        					goto L18;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}





























                                                                                                                                                                                                                                                        0x00bb2540
                                                                                                                                                                                                                                                        0x00bb254c
                                                                                                                                                                                                                                                        0x00bb2551
                                                                                                                                                                                                                                                        0x00bb2553
                                                                                                                                                                                                                                                        0x00bb2558
                                                                                                                                                                                                                                                        0x00bb255c
                                                                                                                                                                                                                                                        0x00bb255f
                                                                                                                                                                                                                                                        0x00bb2565
                                                                                                                                                                                                                                                        0x00bb271b
                                                                                                                                                                                                                                                        0x00bb2720
                                                                                                                                                                                                                                                        0x00bb257f
                                                                                                                                                                                                                                                        0x00bb2592
                                                                                                                                                                                                                                                        0x00bb2598
                                                                                                                                                                                                                                                        0x00bb259d
                                                                                                                                                                                                                                                        0x00bb2743
                                                                                                                                                                                                                                                        0x00bb274c
                                                                                                                                                                                                                                                        0x00bb2750
                                                                                                                                                                                                                                                        0x00bb2756
                                                                                                                                                                                                                                                        0x00bb2765
                                                                                                                                                                                                                                                        0x00bb2768
                                                                                                                                                                                                                                                        0x00bb268f
                                                                                                                                                                                                                                                        0x00bb2695
                                                                                                                                                                                                                                                        0x00bb2698
                                                                                                                                                                                                                                                        0x00bb2698
                                                                                                                                                                                                                                                        0x00bb269e
                                                                                                                                                                                                                                                        0x00bb26a4
                                                                                                                                                                                                                                                        0x00bb26b2
                                                                                                                                                                                                                                                        0x00bb26b2
                                                                                                                                                                                                                                                        0x00bb25a3
                                                                                                                                                                                                                                                        0x00bb25aa
                                                                                                                                                                                                                                                        0x00bb25ae
                                                                                                                                                                                                                                                        0x00bb25b6
                                                                                                                                                                                                                                                        0x00bb25be
                                                                                                                                                                                                                                                        0x00bb25c6
                                                                                                                                                                                                                                                        0x00bb25ce
                                                                                                                                                                                                                                                        0x00bb25d3
                                                                                                                                                                                                                                                        0x00bb25dc
                                                                                                                                                                                                                                                        0x00bb25e1
                                                                                                                                                                                                                                                        0x00bb25e9
                                                                                                                                                                                                                                                        0x00bb26b3
                                                                                                                                                                                                                                                        0x00bb26b9
                                                                                                                                                                                                                                                        0x00bb26c0
                                                                                                                                                                                                                                                        0x00bb26cc
                                                                                                                                                                                                                                                        0x00bb26cf
                                                                                                                                                                                                                                                        0x00bb26d3
                                                                                                                                                                                                                                                        0x00bb26d9
                                                                                                                                                                                                                                                        0x00bb26e0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb25fa
                                                                                                                                                                                                                                                        0x00bb25fa
                                                                                                                                                                                                                                                        0x00bb260d
                                                                                                                                                                                                                                                        0x00bb260f
                                                                                                                                                                                                                                                        0x00bb2615
                                                                                                                                                                                                                                                        0x00bb2620
                                                                                                                                                                                                                                                        0x00bb2628
                                                                                                                                                                                                                                                        0x00bb262e
                                                                                                                                                                                                                                                        0x00bb2770
                                                                                                                                                                                                                                                        0x00bb2774
                                                                                                                                                                                                                                                        0x00bb2778
                                                                                                                                                                                                                                                        0x00bb277c
                                                                                                                                                                                                                                                        0x00bb2782
                                                                                                                                                                                                                                                        0x00bb2789
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2789
                                                                                                                                                                                                                                                        0x00bb2642
                                                                                                                                                                                                                                                        0x00bb264a
                                                                                                                                                                                                                                                        0x00bb26e5
                                                                                                                                                                                                                                                        0x00bb26e5
                                                                                                                                                                                                                                                        0x00bb26eb
                                                                                                                                                                                                                                                        0x00bb26f2
                                                                                                                                                                                                                                                        0x00bb26ff
                                                                                                                                                                                                                                                        0x00bb2702
                                                                                                                                                                                                                                                        0x00bb2706
                                                                                                                                                                                                                                                        0x00bb270c
                                                                                                                                                                                                                                                        0x00bb2713
                                                                                                                                                                                                                                                        0x00bb265d
                                                                                                                                                                                                                                                        0x00bb2662
                                                                                                                                                                                                                                                        0x00bb2666
                                                                                                                                                                                                                                                        0x00bb266a
                                                                                                                                                                                                                                                        0x00bb2681
                                                                                                                                                                                                                                                        0x00bb2681
                                                                                                                                                                                                                                                        0x00bb2689
                                                                                                                                                                                                                                                        0x00bb268b
                                                                                                                                                                                                                                                        0x00bb268b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2689
                                                                                                                                                                                                                                                        0x00bb2650
                                                                                                                                                                                                                                                        0x00bb2657
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2657
                                                                                                                                                                                                                                                        0x00bb25e9
                                                                                                                                                                                                                                                        0x00bb2726
                                                                                                                                                                                                                                                        0x00bb2726
                                                                                                                                                                                                                                                        0x00bb272a
                                                                                                                                                                                                                                                        0x00bb2730
                                                                                                                                                                                                                                                        0x00bb2737
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2737
                                                                                                                                                                                                                                                        0x00bb256f
                                                                                                                                                                                                                                                        0x00bb2579
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateFileW.KERNELBASE(?,80000000,00000001,00000000,00000003,00000080,00000000,?,?,?,?,?,?,?,?,?), ref: 00BB2592
                                                                                                                                                                                                                                                        • ReadFile.KERNELBASE(00000000,00000000,00000008,?,?), ref: 00BB25E1
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7780: VirtualProtectEx.KERNELBASE(?,MZx,?,00000004,?,00000000,?,?,00BB2625,00000008,?), ref: 00BB77AC
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,MZx,?,00000008,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BB2642
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNELBASE(?,?,?,00000000,?), ref: 00BB2681
                                                                                                                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE(00000000,?,?,?,?,?,?,?,?,?,?,?,?,00BB288A,?,?), ref: 00BB2698
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB26B3
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00BB288A,?), ref: 00BB26E5
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00BB288A,?,?,MZx), ref: 00BB2743
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$FileProtectVirtual$ChangeCloseCreateFindMemoryNotificationProcessReadWrite
                                                                                                                                                                                                                                                        • String ID: /builds/worker/workspace/obj-build/dist/include/mozilla/ImportDir.h$MZx
                                                                                                                                                                                                                                                        • API String ID: 2143834628-2088628900
                                                                                                                                                                                                                                                        • Opcode ID: 3ba4f432ee86b3aa13651ae53d8c28cfb2b860154b8fd5a53f2d08f66bc0810b
                                                                                                                                                                                                                                                        • Instruction ID: 2857f45a0f0c2095be7ee78c98aec4d6cdd741e88e5e1724d05ee4e823220664
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ba4f432ee86b3aa13651ae53d8c28cfb2b860154b8fd5a53f2d08f66bc0810b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 81616071508702AFD310CF15C884B6ABBE4FF88314F108A5DF99A97290DBB5E959CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 62%
                                                                                                                                                                                                                                                        			E00BBA640(void* __eax, int* __ecx) {
                                                                                                                                                                                                                                                        				int* _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				long _t12;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				int _t16;
                                                                                                                                                                                                                                                        				WCHAR* _t17;
                                                                                                                                                                                                                                                        				long _t18;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				long _t21;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				int* _t23;
                                                                                                                                                                                                                                                        				int _t25;
                                                                                                                                                                                                                                                        				long _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t10 = __eax;
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_t21 = 0x104;
                                                                                                                                                                                                                                                        				_t22 = 0;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t26 = _t21;
                                                                                                                                                                                                                                                        					_t16 = _t21 + _t21;
                                                                                                                                                                                                                                                        					if(_t16 < 0) {
                                                                                                                                                                                                                                                        						_t16 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t16); // executed
                                                                                                                                                                                                                                                        					_t17 = _t10;
                                                                                                                                                                                                                                                        					memset(_t10, 0, _t16);
                                                                                                                                                                                                                                                        					_t28 = _t28 + 0x10;
                                                                                                                                                                                                                                                        					if(_t22 != 0) {
                                                                                                                                                                                                                                                        						free(_t22);
                                                                                                                                                                                                                                                        						_t28 = _t28 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v24 = _t17;
                                                                                                                                                                                                                                                        					_t12 = GetModuleFileNameW(0, _t17, _t26);
                                                                                                                                                                                                                                                        					if(_t12 == 0) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t18 = _t12;
                                                                                                                                                                                                                                                        					if(_t12 == _t26) {
                                                                                                                                                                                                                                                        						_t10 = GetLastError();
                                                                                                                                                                                                                                                        						_t22 = _v24;
                                                                                                                                                                                                                                                        						_t21 = _t26 + _t26;
                                                                                                                                                                                                                                                        						_t18 = _t26;
                                                                                                                                                                                                                                                        						if(_t10 == 0x7a) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t19 = _t18 + 1;
                                                                                                                                                                                                                                                        					_t25 = _t19 + _t19;
                                                                                                                                                                                                                                                        					if(_t25 < 0) {
                                                                                                                                                                                                                                                        						_t25 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t25); // executed
                                                                                                                                                                                                                                                        					_t27 = _t10;
                                                                                                                                                                                                                                                        					_t14 = memset(_t10, 0, _t25);
                                                                                                                                                                                                                                                        					__imp__wcscpy_s(_t27, _t19, _v24);
                                                                                                                                                                                                                                                        					_t28 = _t28 + 0x1c;
                                                                                                                                                                                                                                                        					if(_t14 != 0) {
                                                                                                                                                                                                                                                        						_t23 = _v20;
                                                                                                                                                                                                                                                        						 *_t23 = 0;
                                                                                                                                                                                                                                                        						free(_t27);
                                                                                                                                                                                                                                                        						_t28 = _t28 + 4;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t23 = _v20;
                                                                                                                                                                                                                                                        						 *_t23 = _t27;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					free(_v24);
                                                                                                                                                                                                                                                        					return _t23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t23 = _v20;
                                                                                                                                                                                                                                                        				 *_t23 = 0;
                                                                                                                                                                                                                                                        				goto L8;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bba640
                                                                                                                                                                                                                                                        0x00bba649
                                                                                                                                                                                                                                                        0x00bba64c
                                                                                                                                                                                                                                                        0x00bba651
                                                                                                                                                                                                                                                        0x00bba653
                                                                                                                                                                                                                                                        0x00bba655
                                                                                                                                                                                                                                                        0x00bba657
                                                                                                                                                                                                                                                        0x00bba659
                                                                                                                                                                                                                                                        0x00bba6e2
                                                                                                                                                                                                                                                        0x00bba6e2
                                                                                                                                                                                                                                                        0x00bba660
                                                                                                                                                                                                                                                        0x00bba66a
                                                                                                                                                                                                                                                        0x00bba66f
                                                                                                                                                                                                                                                        0x00bba674
                                                                                                                                                                                                                                                        0x00bba679
                                                                                                                                                                                                                                                        0x00bba6ed
                                                                                                                                                                                                                                                        0x00bba6f3
                                                                                                                                                                                                                                                        0x00bba6f3
                                                                                                                                                                                                                                                        0x00bba67c
                                                                                                                                                                                                                                                        0x00bba682
                                                                                                                                                                                                                                                        0x00bba68a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba68c
                                                                                                                                                                                                                                                        0x00bba690
                                                                                                                                                                                                                                                        0x00bba703
                                                                                                                                                                                                                                                        0x00bba709
                                                                                                                                                                                                                                                        0x00bba70c
                                                                                                                                                                                                                                                        0x00bba712
                                                                                                                                                                                                                                                        0x00bba714
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba71a
                                                                                                                                                                                                                                                        0x00bba692
                                                                                                                                                                                                                                                        0x00bba695
                                                                                                                                                                                                                                                        0x00bba697
                                                                                                                                                                                                                                                        0x00bba71f
                                                                                                                                                                                                                                                        0x00bba71f
                                                                                                                                                                                                                                                        0x00bba69e
                                                                                                                                                                                                                                                        0x00bba6a7
                                                                                                                                                                                                                                                        0x00bba6ad
                                                                                                                                                                                                                                                        0x00bba6ba
                                                                                                                                                                                                                                                        0x00bba6c0
                                                                                                                                                                                                                                                        0x00bba6c5
                                                                                                                                                                                                                                                        0x00bba729
                                                                                                                                                                                                                                                        0x00bba72c
                                                                                                                                                                                                                                                        0x00bba733
                                                                                                                                                                                                                                                        0x00bba739
                                                                                                                                                                                                                                                        0x00bba6c7
                                                                                                                                                                                                                                                        0x00bba6c7
                                                                                                                                                                                                                                                        0x00bba6ca
                                                                                                                                                                                                                                                        0x00bba6ca
                                                                                                                                                                                                                                                        0x00bba6cc
                                                                                                                                                                                                                                                        0x00bba6cf
                                                                                                                                                                                                                                                        0x00bba6e1
                                                                                                                                                                                                                                                        0x00bba6e1
                                                                                                                                                                                                                                                        0x00bba6f8
                                                                                                                                                                                                                                                        0x00bba6fb
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,00BB2D36,?,00BB3EE0), ref: 00BBA660
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBA66F
                                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA682
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA69E
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBA6AD
                                                                                                                                                                                                                                                        • wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000105,?,?,?,?,?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6BA
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6CF
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6ED
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA703
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00BB2D36), ref: 00BBA733
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$memsetmoz_xmalloc$ErrorFileLastModuleNamewcscpy_s
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2246558024-0
                                                                                                                                                                                                                                                        • Opcode ID: 7157a0f538fdd02a2b60892b942b4c96a790cf706ccabdb894722f5f07c68f01
                                                                                                                                                                                                                                                        • Instruction ID: 3bdf9023a7518ccb4b5bcd0de4dab02a88a2b17dbb9229c2acea8f3aad065779
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7157a0f538fdd02a2b60892b942b4c96a790cf706ccabdb894722f5f07c68f01
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9121F1B2D002069BD7101B65AC88BBF7BB8EF44725F280061E806A3291EBB15D19C7A7
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 28%
                                                                                                                                                                                                                                                        			E00BB5B30(void* __eax) {
                                                                                                                                                                                                                                                        				intOrPtr* _t14;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				__imp__AttachConsole(0xffffffff); // executed
                                                                                                                                                                                                                                                        				if(__eax != 0) {
                                                                                                                                                                                                                                                        					_t14 = __imp____acrt_iob_func;
                                                                                                                                                                                                                                                        					E00BB7720("CONOUT$", 0xbf218a,  *_t14(1), 0xfffffff5);
                                                                                                                                                                                                                                                        					E00BB7720("CONOUT$", 0xbf218a,  *_t14(2), 0xfffffff4);
                                                                                                                                                                                                                                                        					return E00BB7720("CONIN$", 0xbf2473,  *_t14(0), 0xfffffff6);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return __eax;
                                                                                                                                                                                                                                                        			}




                                                                                                                                                                                                                                                        0x00bb5b36
                                                                                                                                                                                                                                                        0x00bb5b3e
                                                                                                                                                                                                                                                        0x00bb5b43
                                                                                                                                                                                                                                                        0x00bb5b5d
                                                                                                                                                                                                                                                        0x00bb5b79
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5b9a
                                                                                                                                                                                                                                                        0x00bb5b42

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • AttachConsole.KERNELBASE(000000FF,?,?,00BB466E), ref: 00BB5B36
                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000001,?,00BB466E), ref: 00BB5B4B
                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,00BB466E), ref: 00BB5B67
                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,?,?,00BB466E), ref: 00BB5B83
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: __acrt_iob_func$AttachConsole
                                                                                                                                                                                                                                                        • String ID: CONIN$$CONOUT$
                                                                                                                                                                                                                                                        • API String ID: 2279943003-123850019
                                                                                                                                                                                                                                                        • Opcode ID: 7cc7f6d9b58291c24d58e950da89762d6d7176e390c72df7c0bf317c66b856e8
                                                                                                                                                                                                                                                        • Instruction ID: 6c3f23f6213264d07bbb7f50b71e65a1e27234c12020bbbdca9be11c1465ac22
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7cc7f6d9b58291c24d58e950da89762d6d7176e390c72df7c0bf317c66b856e8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 05F0B492E4811933CA2066696C46BB734C98B51776F2403B1FB3A2B6C1FC929A1881F3
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BB8B70(void* __ecx, intOrPtr* __edx, intOrPtr* _a4, intOrPtr _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v72;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed char _v104;
                                                                                                                                                                                                                                                        				char _v105;
                                                                                                                                                                                                                                                        				signed char _v106;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t197;
                                                                                                                                                                                                                                                        				signed int _t198;
                                                                                                                                                                                                                                                        				intOrPtr _t199;
                                                                                                                                                                                                                                                        				intOrPtr _t202;
                                                                                                                                                                                                                                                        				intOrPtr* _t203;
                                                                                                                                                                                                                                                        				intOrPtr _t207;
                                                                                                                                                                                                                                                        				intOrPtr* _t208;
                                                                                                                                                                                                                                                        				void* _t212;
                                                                                                                                                                                                                                                        				void* _t213;
                                                                                                                                                                                                                                                        				void* _t216;
                                                                                                                                                                                                                                                        				intOrPtr _t218;
                                                                                                                                                                                                                                                        				char _t219;
                                                                                                                                                                                                                                                        				void* _t220;
                                                                                                                                                                                                                                                        				intOrPtr _t225;
                                                                                                                                                                                                                                                        				intOrPtr _t227;
                                                                                                                                                                                                                                                        				void* _t228;
                                                                                                                                                                                                                                                        				intOrPtr _t230;
                                                                                                                                                                                                                                                        				intOrPtr _t232;
                                                                                                                                                                                                                                                        				intOrPtr _t235;
                                                                                                                                                                                                                                                        				intOrPtr _t239;
                                                                                                                                                                                                                                                        				intOrPtr _t241;
                                                                                                                                                                                                                                                        				intOrPtr _t246;
                                                                                                                                                                                                                                                        				intOrPtr _t251;
                                                                                                                                                                                                                                                        				intOrPtr _t253;
                                                                                                                                                                                                                                                        				intOrPtr _t259;
                                                                                                                                                                                                                                                        				void* _t261;
                                                                                                                                                                                                                                                        				intOrPtr _t262;
                                                                                                                                                                                                                                                        				intOrPtr _t265;
                                                                                                                                                                                                                                                        				intOrPtr _t268;
                                                                                                                                                                                                                                                        				intOrPtr _t281;
                                                                                                                                                                                                                                                        				intOrPtr _t306;
                                                                                                                                                                                                                                                        				intOrPtr* _t317;
                                                                                                                                                                                                                                                        				intOrPtr _t318;
                                                                                                                                                                                                                                                        				intOrPtr* _t319;
                                                                                                                                                                                                                                                        				intOrPtr _t320;
                                                                                                                                                                                                                                                        				intOrPtr* _t321;
                                                                                                                                                                                                                                                        				intOrPtr _t325;
                                                                                                                                                                                                                                                        				intOrPtr _t331;
                                                                                                                                                                                                                                                        				intOrPtr* _t332;
                                                                                                                                                                                                                                                        				intOrPtr _t338;
                                                                                                                                                                                                                                                        				intOrPtr _t340;
                                                                                                                                                                                                                                                        				intOrPtr _t341;
                                                                                                                                                                                                                                                        				intOrPtr _t343;
                                                                                                                                                                                                                                                        				intOrPtr _t345;
                                                                                                                                                                                                                                                        				intOrPtr _t347;
                                                                                                                                                                                                                                                        				intOrPtr _t349;
                                                                                                                                                                                                                                                        				intOrPtr _t351;
                                                                                                                                                                                                                                                        				intOrPtr _t355;
                                                                                                                                                                                                                                                        				signed int _t359;
                                                                                                                                                                                                                                                        				intOrPtr _t360;
                                                                                                                                                                                                                                                        				intOrPtr _t362;
                                                                                                                                                                                                                                                        				intOrPtr _t366;
                                                                                                                                                                                                                                                        				intOrPtr _t368;
                                                                                                                                                                                                                                                        				intOrPtr _t369;
                                                                                                                                                                                                                                                        				intOrPtr _t372;
                                                                                                                                                                                                                                                        				intOrPtr* _t375;
                                                                                                                                                                                                                                                        				intOrPtr* _t378;
                                                                                                                                                                                                                                                        				intOrPtr* _t379;
                                                                                                                                                                                                                                                        				intOrPtr* _t380;
                                                                                                                                                                                                                                                        				intOrPtr* _t384;
                                                                                                                                                                                                                                                        				intOrPtr _t386;
                                                                                                                                                                                                                                                        				intOrPtr* _t387;
                                                                                                                                                                                                                                                        				signed char* _t388;
                                                                                                                                                                                                                                                        				signed int _t389;
                                                                                                                                                                                                                                                        				void* _t390;
                                                                                                                                                                                                                                                        				void* _t391;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t261 = __ecx;
                                                                                                                                                                                                                                                        				_t197 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t375 = __edx;
                                                                                                                                                                                                                                                        				_t317 = _a4;
                                                                                                                                                                                                                                                        				_t198 = _t197 ^ _t389;
                                                                                                                                                                                                                                                        				_v20 = _t198;
                                                                                                                                                                                                                                                        				 *_a12 = 0;
                                                                                                                                                                                                                                                        				if( *_t317 == 0 ||  *((intOrPtr*)(_t317 + 8)) != 0 &&  *((intOrPtr*)(_t317 + 0xc)) != 0 &&  *((intOrPtr*)(_t317 + 4)) != 0 &&  *((char*)(_t317 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        					_t378 = _t317; // executed
                                                                                                                                                                                                                                                        					__imp__EncodePointer(_t261);
                                                                                                                                                                                                                                                        					_t8 = _t378 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        					_t262 =  *_t8;
                                                                                                                                                                                                                                                        					_t9 = _t262 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        					_t318 = _t9;
                                                                                                                                                                                                                                                        					if( *_t378 == 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t378 + 0x10)) = _t318;
                                                                                                                                                                                                                                                        						_t319 = _t378;
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t199 =  *_t375;
                                                                                                                                                                                                                                                        						_t379 = _t319;
                                                                                                                                                                                                                                                        						__imp__EncodePointer( *((intOrPtr*)(_t375 + 8)) +  *((intOrPtr*)(_t199 + 0x20)));
                                                                                                                                                                                                                                                        						_t23 = _t379 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        						_t320 =  *_t23;
                                                                                                                                                                                                                                                        						_t24 = _t320 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        						_t265 = _t24;
                                                                                                                                                                                                                                                        						if( *_t379 == 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t379 + 0x10)) = _t265;
                                                                                                                                                                                                                                                        							_t321 = _t379;
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t321 + 0x14)) = _t265;
                                                                                                                                                                                                                                                        							_t259 = 0xffffffff;
                                                                                                                                                                                                                                                        							_t200 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t375 + 8)) > 4) {
                                                                                                                                                                                                                                                        								L40:
                                                                                                                                                                                                                                                        								_t380 = _a4;
                                                                                                                                                                                                                                                        								E00BB9C70(_t380,  *((intOrPtr*)( *_t375 + 0x20)), _t200); // executed
                                                                                                                                                                                                                                                        								_t323 = _t380;
                                                                                                                                                                                                                                                        								_t391 = _t390 + 4;
                                                                                                                                                                                                                                                        								_t202 =  *_t380;
                                                                                                                                                                                                                                                        								if(_t202 == 0 ||  *((intOrPtr*)(_t323 + 8)) != 0 &&  *((intOrPtr*)(_t323 + 0xc)) != 0 &&  *((intOrPtr*)(_t323 + 4)) != 0 &&  *((char*)(_t323 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t375 + 8)) > 0x64) {
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									if(_t259 >= 0) {
                                                                                                                                                                                                                                                        										_t131 = _t323 + 0x14; // 0xc758b00
                                                                                                                                                                                                                                                        										_t207 =  *_t131;
                                                                                                                                                                                                                                                        										_t133 = _t207 + 5; // 0x100000004
                                                                                                                                                                                                                                                        										_t134 = _t323 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        										__eflags = _t259 + _t133 -  *_t134;
                                                                                                                                                                                                                                                        										if(_t259 + _t133 <=  *_t134) {
                                                                                                                                                                                                                                                        											_t325 =  *_t375;
                                                                                                                                                                                                                                                        											_t168 = _t207 + 1; // 0x100000000
                                                                                                                                                                                                                                                        											_t169 = _t325 + 0x20; // 0x284d8b20
                                                                                                                                                                                                                                                        											_t208 = _a4;
                                                                                                                                                                                                                                                        											_t384 = _t208;
                                                                                                                                                                                                                                                        											_t171 = _t208 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        											_t172 = _t384 + 0xc; // 0x8b000005
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t171 + _t259 + _t168)) =  *((intOrPtr*)( *_t171 + _t259 + _t168)) +  *_t169 - _t207 -  *_t172;
                                                                                                                                                                                                                                                        											L52:
                                                                                                                                                                                                                                                        											_t323 = _t384;
                                                                                                                                                                                                                                                        											if( *((char*)(_t323 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        												goto L61;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L53:
                                                                                                                                                                                                                                                        											if( *_t323 != 0) {
                                                                                                                                                                                                                                                        												_t99 = _t323 + 0x14; // 0xc758b00
                                                                                                                                                                                                                                                        												_t100 = _t323 + 0xc; // 0x8b000005
                                                                                                                                                                                                                                                        												_t386 =  *_t99 +  *_t100;
                                                                                                                                                                                                                                                        												if(_t386 != 0) {
                                                                                                                                                                                                                                                        													_t329 =  &_v104;
                                                                                                                                                                                                                                                        													E00BB9CE0(_t375,  &_v104); // executed
                                                                                                                                                                                                                                                        													if(_v44 != 0 && _v56 != 0) {
                                                                                                                                                                                                                                                        														_v105 = 0xe9;
                                                                                                                                                                                                                                                        														E00BBA2C0( &_v104,  &_v105);
                                                                                                                                                                                                                                                        														_t329 = _a8;
                                                                                                                                                                                                                                                        														E00BBA300( &_v104, _a8);
                                                                                                                                                                                                                                                        														_t216 = E00BB9DB0( &_v104); // executed
                                                                                                                                                                                                                                                        														_t438 = _t216;
                                                                                                                                                                                                                                                        														if(_t216 != 0) {
                                                                                                                                                                                                                                                        															 *_a12 = _t386;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													E00BB9FC0( &_v52, _t329, _t438); // executed
                                                                                                                                                                                                                                                        													_t212 = _v48;
                                                                                                                                                                                                                                                        													if(_t212 !=  &_v36) {
                                                                                                                                                                                                                                                        														free(_t212);
                                                                                                                                                                                                                                                        														_t391 = _t391 + 4;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t213 = _v84;
                                                                                                                                                                                                                                                        													_t323 = _a4;
                                                                                                                                                                                                                                                        													if(_t213 !=  &_v72) {
                                                                                                                                                                                                                                                        														free(_t213);
                                                                                                                                                                                                                                                        														_t323 = _a4;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L61;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L73:
                                                                                                                                                                                                                                                        										_t323 = _a4;
                                                                                                                                                                                                                                                        										 *((char*)(_t323 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t323 + 0x1c));
                                                                                                                                                                                                                                                        										if( *((char*)(_t323 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        											goto L53;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t82 = _t323 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        									_t218 =  *_t82;
                                                                                                                                                                                                                                                        									if(_t202 == 0) {
                                                                                                                                                                                                                                                        										_t138 = _t218 + 1; // 0xbfa01016
                                                                                                                                                                                                                                                        										_t219 = _t218 + 5;
                                                                                                                                                                                                                                                        										__eflags = _t219;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t323 + 0x10)) = _t138;
                                                                                                                                                                                                                                                        										_t281 = _t219;
                                                                                                                                                                                                                                                        										L76:
                                                                                                                                                                                                                                                        										_t323 = _a4;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t323 + 0x10)) = _t281;
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t323 + 0x1c));
                                                                                                                                                                                                                                                        										if( *((char*)(_t323 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        											goto L53;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t387 = _t323;
                                                                                                                                                                                                                                                        									_t83 = _t323 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        									_t331 =  *_t83;
                                                                                                                                                                                                                                                        									if(_t218 >= _t331) {
                                                                                                                                                                                                                                                        										 *((char*)(_t387 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        										_t144 = _t218 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        										__eflags = _t144 - _t331;
                                                                                                                                                                                                                                                        										if(_t144 <= _t331) {
                                                                                                                                                                                                                                                        											L51:
                                                                                                                                                                                                                                                        											_t332 = _a4;
                                                                                                                                                                                                                                                        											_t384 = _t332;
                                                                                                                                                                                                                                                        											_t93 = _t332 + 0xc; // 0x8b000005
                                                                                                                                                                                                                                                        											_t94 = _t332 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t94 + _t218)) =  *((intOrPtr*)( *_t375 + 0x20)) - _t218 +  *((intOrPtr*)(_t375 + 8)) -  *_t93 + 0xfffffffc;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t384 + 0x10)) =  *((intOrPtr*)(_t384 + 0x10)) + 4;
                                                                                                                                                                                                                                                        											goto L52;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L73;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t84 = _t387 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        									 *((char*)( *_t84 + _t218)) = 0xe9;
                                                                                                                                                                                                                                                        									_t86 = _t387 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        									_t87 =  *_t86 + 1; // 0xbfa01016
                                                                                                                                                                                                                                                        									_t218 = _t87;
                                                                                                                                                                                                                                                        									_t281 =  *_t86 + 5;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t387 + 0x10)) = _t218;
                                                                                                                                                                                                                                                        									if( *_t387 == 0) {
                                                                                                                                                                                                                                                        										goto L76;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t89 = _t387 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        									if(_t281 >  *_t89) {
                                                                                                                                                                                                                                                        										goto L73;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L51;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L61;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t388 =  &_v104;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									_t220 = E00BB9AB0(_t375, _t388); // executed
                                                                                                                                                                                                                                                        									if(_t220 < 0 || (_v104 & 0x0000000c) != 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t375 + 8)) = _t220 +  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        									E00BB7F80(_t259,  *_t375, _t220 +  *((intOrPtr*)(_t375 + 8)), _t375, _t388);
                                                                                                                                                                                                                                                        									_t293 =  *_t375;
                                                                                                                                                                                                                                                        									_t337 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        									if( *((char*)( *((intOrPtr*)( *_t375 + 4)) +  *((intOrPtr*)(_t375 + 8)))) < 0x88) {
                                                                                                                                                                                                                                                        										L30:
                                                                                                                                                                                                                                                        										E00BB7F80(_t259, _t293, _t337, _t375, _t388);
                                                                                                                                                                                                                                                        										_t294 =  *_t375;
                                                                                                                                                                                                                                                        										_t338 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        										_t225 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t225 + _t338)) - 0xf;
                                                                                                                                                                                                                                                        										if( *((char*)(_t225 + _t338)) == 0xf) {
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t294, _t338 + 1, _t375, _t388);
                                                                                                                                                                                                                                                        											_t295 =  *_t375;
                                                                                                                                                                                                                                                        											_t340 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t227 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t227 + _t340 + 1)) - 0x10;
                                                                                                                                                                                                                                                        											if( *((char*)(_t227 + _t340 + 1)) == 0x10) {
                                                                                                                                                                                                                                                        												L71:
                                                                                                                                                                                                                                                        												_t341 = _t340 + 2;
                                                                                                                                                                                                                                                        												L26:
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t375 + 8)) = _t341;
                                                                                                                                                                                                                                                        												_t228 = E00BB9B40(_t375);
                                                                                                                                                                                                                                                        												if(_t228 < 0) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t200 = _t228 +  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        													L28:
                                                                                                                                                                                                                                                        													 *((intOrPtr*)(_t375 + 8)) = _t200;
                                                                                                                                                                                                                                                        													if(_t200 < 5) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L40;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t295, _t340 + 1, _t375, _t388);
                                                                                                                                                                                                                                                        											_t294 =  *_t375;
                                                                                                                                                                                                                                                        											_t340 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t230 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t230 + _t340 + 1)) - 0x11;
                                                                                                                                                                                                                                                        											if( *((char*)(_t230 + _t340 + 1)) != 0x11) {
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L71;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L31:
                                                                                                                                                                                                                                                        										E00BB7F80(_t259, _t294, _t340, _t375, _t388);
                                                                                                                                                                                                                                                        										_t297 =  *_t375;
                                                                                                                                                                                                                                                        										_t232 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        										_t343 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t343 + _t232)) - 0xa1;
                                                                                                                                                                                                                                                        										if( *((char*)(_t343 + _t232)) == 0xa1) {
                                                                                                                                                                                                                                                        											L33:
                                                                                                                                                                                                                                                        											_t200 = _t232 + 5;
                                                                                                                                                                                                                                                        											goto L28;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										E00BB7F80(_t259, _t297, _t232, _t375, _t388);
                                                                                                                                                                                                                                                        										_t298 =  *_t375;
                                                                                                                                                                                                                                                        										_t232 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        										_t345 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t345 + _t232)) - 0xb8;
                                                                                                                                                                                                                                                        										if( *((char*)(_t345 + _t232)) != 0xb8) {
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t298, _t232, _t375, _t388);
                                                                                                                                                                                                                                                        											_t299 =  *_t375;
                                                                                                                                                                                                                                                        											_t235 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t347 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t347 + _t235)) - 0x33;
                                                                                                                                                                                                                                                        											if( *((char*)(_t347 + _t235)) == 0x33) {
                                                                                                                                                                                                                                                        												E00BB7F80(_t259, _t299, _t235 + 1, _t375, _t388);
                                                                                                                                                                                                                                                        												_t299 =  *_t375;
                                                                                                                                                                                                                                                        												_t235 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        												_t349 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        												__eflags =  *((char*)(_t349 + _t235 + 1)) - 0xc0;
                                                                                                                                                                                                                                                        												if( *((char*)(_t349 + _t235 + 1)) >= 0xc0) {
                                                                                                                                                                                                                                                        													L90:
                                                                                                                                                                                                                                                        													_t200 = _t235 + 2;
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t299, _t235, _t375, _t388);
                                                                                                                                                                                                                                                        											_t300 =  *_t375;
                                                                                                                                                                                                                                                        											_t239 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t351 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags = ( *(_t351 + _t239) & 0xf8) - 0x40;
                                                                                                                                                                                                                                                        											if(( *(_t351 + _t239) & 0xf8) == 0x40) {
                                                                                                                                                                                                                                                        												L39:
                                                                                                                                                                                                                                                        												_t200 = _t239 + 1;
                                                                                                                                                                                                                                                        												goto L28;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t300, _t239, _t375, _t388);
                                                                                                                                                                                                                                                        											_t301 =  *_t375;
                                                                                                                                                                                                                                                        											_t355 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t241 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t241 + _t355)) - 0x83;
                                                                                                                                                                                                                                                        											if( *((char*)(_t241 + _t355)) == 0x83) {
                                                                                                                                                                                                                                                        												E00BB7F80(_t259, _t301, _t355 + 1, _t375, _t388);
                                                                                                                                                                                                                                                        												_v106 =  *( *((intOrPtr*)( *_t375 + 4)) +  *((intOrPtr*)(_t375 + 8)) + 1) & 0x000000ff;
                                                                                                                                                                                                                                                        												E00BB7F80(_t259,  *_t375,  *((intOrPtr*)(_t375 + 8)) + 1, _t375, _t388);
                                                                                                                                                                                                                                                        												_t359 = _v106 & 0x000000ff;
                                                                                                                                                                                                                                                        												_t246 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        												__eflags = _t359 - 0xc0;
                                                                                                                                                                                                                                                        												if(_t359 < 0xc0) {
                                                                                                                                                                                                                                                        													__eflags = (_t359 & 0x000000c0) - 0x40;
                                                                                                                                                                                                                                                        													if((_t359 & 0x000000c0) != 0x40) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t306 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        													__eflags = ( *(_t306 + _t246 + 1) & 7) - 4;
                                                                                                                                                                                                                                                        													if(( *(_t306 + _t246 + 1) & 7) == 4) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t200 = _t246 + 4;
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t200 = _t246 + 3;
                                                                                                                                                                                                                                                        												goto L28;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t301, _t355, _t375, _t388);
                                                                                                                                                                                                                                                        											_t309 =  *_t375;
                                                                                                                                                                                                                                                        											_t232 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t360 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t360 + _t232)) - 0x68;
                                                                                                                                                                                                                                                        											if( *((char*)(_t360 + _t232)) == 0x68) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t259, _t309, _t232, _t375, _t388);
                                                                                                                                                                                                                                                        											_t310 =  *_t375;
                                                                                                                                                                                                                                                        											_t239 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        											_t362 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        											__eflags = ( *(_t362 + _t239) & 0xf0) - 0x50;
                                                                                                                                                                                                                                                        											if(( *(_t362 + _t239) & 0xf0) != 0x50) {
                                                                                                                                                                                                                                                        												E00BB7F80(_t259, _t310, _t239, _t375, _t388);
                                                                                                                                                                                                                                                        												_t311 =  *_t375;
                                                                                                                                                                                                                                                        												_t235 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        												_t366 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        												__eflags =  *((char*)(_t366 + _t235)) - 0x6a;
                                                                                                                                                                                                                                                        												if( *((char*)(_t366 + _t235)) != 0x6a) {
                                                                                                                                                                                                                                                        													E00BB7F80(_t259, _t311, _t235, _t375, _t388);
                                                                                                                                                                                                                                                        													_t312 =  *_t375;
                                                                                                                                                                                                                                                        													_t368 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        													_t251 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        													__eflags =  *((char*)(_t251 + _t368)) - 0xe9;
                                                                                                                                                                                                                                                        													if( *((char*)(_t251 + _t368)) != 0xe9) {
                                                                                                                                                                                                                                                        														E00BB7F80(_t259, _t312, _t368, _t375, _t388);
                                                                                                                                                                                                                                                        														_t313 =  *_t375;
                                                                                                                                                                                                                                                        														_t253 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        														_t369 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        														__eflags =  *((char*)(_t369 + _t253)) - 0xff;
                                                                                                                                                                                                                                                        														if( *((char*)(_t369 + _t253)) != 0xff) {
                                                                                                                                                                                                                                                        															L102:
                                                                                                                                                                                                                                                        															E00BB7F80(_t259, _t313, _t253, _t375, _t388);
                                                                                                                                                                                                                                                        															break;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														E00BB7F80(_t259, _t313, _t253 + 1, _t375, _t388);
                                                                                                                                                                                                                                                        														_t313 =  *_t375;
                                                                                                                                                                                                                                                        														_t253 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        														_t372 =  *((intOrPtr*)( *_t375 + 4));
                                                                                                                                                                                                                                                        														__eflags =  *((char*)(_t372 + _t253 + 1)) - 0x25;
                                                                                                                                                                                                                                                        														if( *((char*)(_t372 + _t253 + 1)) != 0x25) {
                                                                                                                                                                                                                                                        															goto L102;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t200 = _t253 + 6;
                                                                                                                                                                                                                                                        														goto L28;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t200 = _t368 + 5;
                                                                                                                                                                                                                                                        													_t259 = _t368;
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L90;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L39;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L33;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									E00BB7F80(_t259, _t293, _t337, _t375, _t388);
                                                                                                                                                                                                                                                        									_t293 =  *_t375;
                                                                                                                                                                                                                                                        									_t337 =  *((intOrPtr*)(_t375 + 8));
                                                                                                                                                                                                                                                        									if( *((char*)( *((intOrPtr*)( *_t375 + 4)) + _t337)) > 0x8b) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t341 = _t337 + 1;
                                                                                                                                                                                                                                                        										goto L26;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t323 = _a4;
                                                                                                                                                                                                                                                        								L61:
                                                                                                                                                                                                                                                        								_t203 = _a12;
                                                                                                                                                                                                                                                        								if( *_t203 == 0) {
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t323 + 0x10)) = 0;
                                                                                                                                                                                                                                                        									_t381 = _t323;
                                                                                                                                                                                                                                                        									__imp__EncodePointer(0);
                                                                                                                                                                                                                                                        									_t147 = _t381 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        									_t268 =  *_t147;
                                                                                                                                                                                                                                                        									__eflags =  *_t323;
                                                                                                                                                                                                                                                        									_t148 = _t268 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        									_t323 = _t148;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_a4 + 0x10)) = _t323;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t150 = _a4 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        										__eflags = _t323 -  *_t150;
                                                                                                                                                                                                                                                        										if(_t323 <=  *_t150) {
                                                                                                                                                                                                                                                        											_t324 = _a4;
                                                                                                                                                                                                                                                        											_t178 = _t324 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        											_t323 =  *_t178;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t178 + _t268)) = _t203;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_a4 + 0x10)) =  *((intOrPtr*)(_a4 + 0x10)) + 4;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											 *((char*)(_a4 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L62;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t25 = _t379 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        						if(_t265 >  *_t25) {
                                                                                                                                                                                                                                                        							_t265 = _t320;
                                                                                                                                                                                                                                                        							 *((char*)(_t379 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        							_t323 = _t379;
                                                                                                                                                                                                                                                        							__eflags =  *((intOrPtr*)(_t323 + 8));
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t323 + 8)) != 0) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t323 + 0xc)) == 0 ||  *((intOrPtr*)(_t323 + 4)) == 0 ||  *((char*)(_t323 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        									goto L61;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L61;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t26 = _t379 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t26 + _t320)) = _t199;
                                                                                                                                                                                                                                                        						_t321 = _t379;
                                                                                                                                                                                                                                                        						_t28 = _t379 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        						_t265 =  *_t28 + 4;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t379 + 0x10)) = _t265;
                                                                                                                                                                                                                                                        						if( *_t379 == 0) {
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t321 + 8)) == 0) {
                                                                                                                                                                                                                                                        							goto L61;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t10 = _t378 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        					if(_t318 >  *_t10) {
                                                                                                                                                                                                                                                        						_t323 = _t378;
                                                                                                                                                                                                                                                        						 *((char*)(_t378 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(_t323 + 8));
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t323 + 8)) != 0) {
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t323 + 0xc)) == 0 ||  *((intOrPtr*)(_t323 + 4)) == 0 ||  *((char*)(_t323 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        								goto L62;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L62;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t12 = _a4 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        					 *( *_t12 + _t262) = _t198;
                                                                                                                                                                                                                                                        					_t319 = _a4;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t319 + 0x10)) =  *((intOrPtr*)(_t319 + 0x10)) + 4;
                                                                                                                                                                                                                                                        					if( *_t319 == 0) {
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t319 + 8)) == 0) {
                                                                                                                                                                                                                                                        						goto L62;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L62:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t389, _t323);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



















































































                                                                                                                                                                                                                                                        0x00bb8b70
                                                                                                                                                                                                                                                        0x00bb8b79
                                                                                                                                                                                                                                                        0x00bb8b81
                                                                                                                                                                                                                                                        0x00bb8b83
                                                                                                                                                                                                                                                        0x00bb8b86
                                                                                                                                                                                                                                                        0x00bb8b88
                                                                                                                                                                                                                                                        0x00bb8b8b
                                                                                                                                                                                                                                                        0x00bb8b94
                                                                                                                                                                                                                                                        0x00bb8bbf
                                                                                                                                                                                                                                                        0x00bb8bc1
                                                                                                                                                                                                                                                        0x00bb8bc7
                                                                                                                                                                                                                                                        0x00bb8bc7
                                                                                                                                                                                                                                                        0x00bb8bcd
                                                                                                                                                                                                                                                        0x00bb8bcd
                                                                                                                                                                                                                                                        0x00bb8bd0
                                                                                                                                                                                                                                                        0x00bb8f35
                                                                                                                                                                                                                                                        0x00bb8f38
                                                                                                                                                                                                                                                        0x00bb8c1c
                                                                                                                                                                                                                                                        0x00bb8c1c
                                                                                                                                                                                                                                                        0x00bb8c25
                                                                                                                                                                                                                                                        0x00bb8c27
                                                                                                                                                                                                                                                        0x00bb8c2d
                                                                                                                                                                                                                                                        0x00bb8c2d
                                                                                                                                                                                                                                                        0x00bb8c33
                                                                                                                                                                                                                                                        0x00bb8c33
                                                                                                                                                                                                                                                        0x00bb8c36
                                                                                                                                                                                                                                                        0x00bb8f51
                                                                                                                                                                                                                                                        0x00bb8f54
                                                                                                                                                                                                                                                        0x00bb8c83
                                                                                                                                                                                                                                                        0x00bb8c83
                                                                                                                                                                                                                                                        0x00bb8c86
                                                                                                                                                                                                                                                        0x00bb8c8b
                                                                                                                                                                                                                                                        0x00bb8c91
                                                                                                                                                                                                                                                        0x00bb8de5
                                                                                                                                                                                                                                                        0x00bb8de7
                                                                                                                                                                                                                                                        0x00bb8df0
                                                                                                                                                                                                                                                        0x00bb8df5
                                                                                                                                                                                                                                                        0x00bb8df7
                                                                                                                                                                                                                                                        0x00bb8dfa
                                                                                                                                                                                                                                                        0x00bb8dfe
                                                                                                                                                                                                                                                        0x00bb8e2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8e34
                                                                                                                                                                                                                                                        0x00bb8fa5
                                                                                                                                                                                                                                                        0x00bb8fa5
                                                                                                                                                                                                                                                        0x00bb8fa8
                                                                                                                                                                                                                                                        0x00bb8fac
                                                                                                                                                                                                                                                        0x00bb8fac
                                                                                                                                                                                                                                                        0x00bb8faf
                                                                                                                                                                                                                                                        0x00bb90be
                                                                                                                                                                                                                                                        0x00bb90c0
                                                                                                                                                                                                                                                        0x00bb90c4
                                                                                                                                                                                                                                                        0x00bb90c9
                                                                                                                                                                                                                                                        0x00bb90cc
                                                                                                                                                                                                                                                        0x00bb90ce
                                                                                                                                                                                                                                                        0x00bb90d1
                                                                                                                                                                                                                                                        0x00bb90d4
                                                                                                                                                                                                                                                        0x00bb8e98
                                                                                                                                                                                                                                                        0x00bb8e98
                                                                                                                                                                                                                                                        0x00bb8e9e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ea0
                                                                                                                                                                                                                                                        0x00bb8ea3
                                                                                                                                                                                                                                                        0x00bb8ea5
                                                                                                                                                                                                                                                        0x00bb8ea8
                                                                                                                                                                                                                                                        0x00bb8ea8
                                                                                                                                                                                                                                                        0x00bb8eab
                                                                                                                                                                                                                                                        0x00bb8ead
                                                                                                                                                                                                                                                        0x00bb8eb2
                                                                                                                                                                                                                                                        0x00bb8ebb
                                                                                                                                                                                                                                                        0x00bb8ecc
                                                                                                                                                                                                                                                        0x00bb8ed2
                                                                                                                                                                                                                                                        0x00bb8ed9
                                                                                                                                                                                                                                                        0x00bb8edb
                                                                                                                                                                                                                                                        0x00bb8ee2
                                                                                                                                                                                                                                                        0x00bb8ee7
                                                                                                                                                                                                                                                        0x00bb8ee9
                                                                                                                                                                                                                                                        0x00bb8eee
                                                                                                                                                                                                                                                        0x00bb8eee
                                                                                                                                                                                                                                                        0x00bb8ee9
                                                                                                                                                                                                                                                        0x00bb8ef3
                                                                                                                                                                                                                                                        0x00bb8ef8
                                                                                                                                                                                                                                                        0x00bb8f00
                                                                                                                                                                                                                                                        0x00bb8ffd
                                                                                                                                                                                                                                                        0x00bb9003
                                                                                                                                                                                                                                                        0x00bb9003
                                                                                                                                                                                                                                                        0x00bb8f06
                                                                                                                                                                                                                                                        0x00bb8f09
                                                                                                                                                                                                                                                        0x00bb8f11
                                                                                                                                                                                                                                                        0x00bb900c
                                                                                                                                                                                                                                                        0x00bb9012
                                                                                                                                                                                                                                                        0x00bb9015
                                                                                                                                                                                                                                                        0x00bb8f11
                                                                                                                                                                                                                                                        0x00bb8eab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ea3
                                                                                                                                                                                                                                                        0x00bb8fb5
                                                                                                                                                                                                                                                        0x00bb8fb5
                                                                                                                                                                                                                                                        0x00bb8fb8
                                                                                                                                                                                                                                                        0x00bb8fbc
                                                                                                                                                                                                                                                        0x00bb8fc0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8fc6
                                                                                                                                                                                                                                                        0x00bb8e3c
                                                                                                                                                                                                                                                        0x00bb8e3c
                                                                                                                                                                                                                                                        0x00bb8e3f
                                                                                                                                                                                                                                                        0x00bb8fcb
                                                                                                                                                                                                                                                        0x00bb8fce
                                                                                                                                                                                                                                                        0x00bb8fce
                                                                                                                                                                                                                                                        0x00bb8fd1
                                                                                                                                                                                                                                                        0x00bb8fd4
                                                                                                                                                                                                                                                        0x00bb8fd6
                                                                                                                                                                                                                                                        0x00bb8fd6
                                                                                                                                                                                                                                                        0x00bb8fd9
                                                                                                                                                                                                                                                        0x00bb8fdc
                                                                                                                                                                                                                                                        0x00bb8fe0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8fe6
                                                                                                                                                                                                                                                        0x00bb8e45
                                                                                                                                                                                                                                                        0x00bb8e47
                                                                                                                                                                                                                                                        0x00bb8e47
                                                                                                                                                                                                                                                        0x00bb8e4c
                                                                                                                                                                                                                                                        0x00bb8feb
                                                                                                                                                                                                                                                        0x00bb8fef
                                                                                                                                                                                                                                                        0x00bb8ff2
                                                                                                                                                                                                                                                        0x00bb8ff4
                                                                                                                                                                                                                                                        0x00bb8e79
                                                                                                                                                                                                                                                        0x00bb8e7b
                                                                                                                                                                                                                                                        0x00bb8e81
                                                                                                                                                                                                                                                        0x00bb8e88
                                                                                                                                                                                                                                                        0x00bb8e8b
                                                                                                                                                                                                                                                        0x00bb8e91
                                                                                                                                                                                                                                                        0x00bb8e94
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8e94
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ffa
                                                                                                                                                                                                                                                        0x00bb8e52
                                                                                                                                                                                                                                                        0x00bb8e55
                                                                                                                                                                                                                                                        0x00bb8e59
                                                                                                                                                                                                                                                        0x00bb8e5c
                                                                                                                                                                                                                                                        0x00bb8e5c
                                                                                                                                                                                                                                                        0x00bb8e5f
                                                                                                                                                                                                                                                        0x00bb8e62
                                                                                                                                                                                                                                                        0x00bb8e68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8e6e
                                                                                                                                                                                                                                                        0x00bb8e73
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c97
                                                                                                                                                                                                                                                        0x00bb8c97
                                                                                                                                                                                                                                                        0x00bb8c9a
                                                                                                                                                                                                                                                        0x00bb8c9e
                                                                                                                                                                                                                                                        0x00bb8ca5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8cb8
                                                                                                                                                                                                                                                        0x00bb8cbf
                                                                                                                                                                                                                                                        0x00bb8cc4
                                                                                                                                                                                                                                                        0x00bb8cc6
                                                                                                                                                                                                                                                        0x00bb8cd0
                                                                                                                                                                                                                                                        0x00bb8d10
                                                                                                                                                                                                                                                        0x00bb8d10
                                                                                                                                                                                                                                                        0x00bb8d15
                                                                                                                                                                                                                                                        0x00bb8d17
                                                                                                                                                                                                                                                        0x00bb8d1a
                                                                                                                                                                                                                                                        0x00bb8d1d
                                                                                                                                                                                                                                                        0x00bb8d21
                                                                                                                                                                                                                                                        0x00bb8f70
                                                                                                                                                                                                                                                        0x00bb8f75
                                                                                                                                                                                                                                                        0x00bb8f77
                                                                                                                                                                                                                                                        0x00bb8f7a
                                                                                                                                                                                                                                                        0x00bb8f7d
                                                                                                                                                                                                                                                        0x00bb8f82
                                                                                                                                                                                                                                                        0x00bb8f9d
                                                                                                                                                                                                                                                        0x00bb8f9d
                                                                                                                                                                                                                                                        0x00bb8ce6
                                                                                                                                                                                                                                                        0x00bb8ce8
                                                                                                                                                                                                                                                        0x00bb8ceb
                                                                                                                                                                                                                                                        0x00bb8cf2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8cf8
                                                                                                                                                                                                                                                        0x00bb8cf8
                                                                                                                                                                                                                                                        0x00bb8cfb
                                                                                                                                                                                                                                                        0x00bb8cfe
                                                                                                                                                                                                                                                        0x00bb8d01
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d03
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d03
                                                                                                                                                                                                                                                        0x00bb8d01
                                                                                                                                                                                                                                                        0x00bb8cf2
                                                                                                                                                                                                                                                        0x00bb8f85
                                                                                                                                                                                                                                                        0x00bb8f8a
                                                                                                                                                                                                                                                        0x00bb8f8c
                                                                                                                                                                                                                                                        0x00bb8f8f
                                                                                                                                                                                                                                                        0x00bb8f92
                                                                                                                                                                                                                                                        0x00bb8f97
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f97
                                                                                                                                                                                                                                                        0x00bb8d27
                                                                                                                                                                                                                                                        0x00bb8d27
                                                                                                                                                                                                                                                        0x00bb8d2c
                                                                                                                                                                                                                                                        0x00bb8d2e
                                                                                                                                                                                                                                                        0x00bb8d31
                                                                                                                                                                                                                                                        0x00bb8d34
                                                                                                                                                                                                                                                        0x00bb8d38
                                                                                                                                                                                                                                                        0x00bb8d4f
                                                                                                                                                                                                                                                        0x00bb8d4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d4f
                                                                                                                                                                                                                                                        0x00bb8d3c
                                                                                                                                                                                                                                                        0x00bb8d41
                                                                                                                                                                                                                                                        0x00bb8d43
                                                                                                                                                                                                                                                        0x00bb8d46
                                                                                                                                                                                                                                                        0x00bb8d49
                                                                                                                                                                                                                                                        0x00bb8d4d
                                                                                                                                                                                                                                                        0x00bb8d62
                                                                                                                                                                                                                                                        0x00bb8d67
                                                                                                                                                                                                                                                        0x00bb8d69
                                                                                                                                                                                                                                                        0x00bb8d6c
                                                                                                                                                                                                                                                        0x00bb8d6f
                                                                                                                                                                                                                                                        0x00bb8d73
                                                                                                                                                                                                                                                        0x00bb9058
                                                                                                                                                                                                                                                        0x00bb905d
                                                                                                                                                                                                                                                        0x00bb905f
                                                                                                                                                                                                                                                        0x00bb9062
                                                                                                                                                                                                                                                        0x00bb9065
                                                                                                                                                                                                                                                        0x00bb906a
                                                                                                                                                                                                                                                        0x00bb90b6
                                                                                                                                                                                                                                                        0x00bb90b6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb90b6
                                                                                                                                                                                                                                                        0x00bb906c
                                                                                                                                                                                                                                                        0x00bb8d7b
                                                                                                                                                                                                                                                        0x00bb8d80
                                                                                                                                                                                                                                                        0x00bb8d82
                                                                                                                                                                                                                                                        0x00bb8d85
                                                                                                                                                                                                                                                        0x00bb8d8f
                                                                                                                                                                                                                                                        0x00bb8d92
                                                                                                                                                                                                                                                        0x00bb8ddf
                                                                                                                                                                                                                                                        0x00bb8ddf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ddf
                                                                                                                                                                                                                                                        0x00bb8d96
                                                                                                                                                                                                                                                        0x00bb8d9b
                                                                                                                                                                                                                                                        0x00bb8d9d
                                                                                                                                                                                                                                                        0x00bb8da0
                                                                                                                                                                                                                                                        0x00bb8da3
                                                                                                                                                                                                                                                        0x00bb8da7
                                                                                                                                                                                                                                                        0x00bb9072
                                                                                                                                                                                                                                                        0x00bb9085
                                                                                                                                                                                                                                                        0x00bb9088
                                                                                                                                                                                                                                                        0x00bb908d
                                                                                                                                                                                                                                                        0x00bb9091
                                                                                                                                                                                                                                                        0x00bb9094
                                                                                                                                                                                                                                                        0x00bb9097
                                                                                                                                                                                                                                                        0x00bb9100
                                                                                                                                                                                                                                                        0x00bb9103
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9107
                                                                                                                                                                                                                                                        0x00bb9112
                                                                                                                                                                                                                                                        0x00bb9115
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9117
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9117
                                                                                                                                                                                                                                                        0x00bb9099
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9099
                                                                                                                                                                                                                                                        0x00bb8dad
                                                                                                                                                                                                                                                        0x00bb8db2
                                                                                                                                                                                                                                                        0x00bb8db4
                                                                                                                                                                                                                                                        0x00bb8db7
                                                                                                                                                                                                                                                        0x00bb8dba
                                                                                                                                                                                                                                                        0x00bb8dbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8dc2
                                                                                                                                                                                                                                                        0x00bb8dc7
                                                                                                                                                                                                                                                        0x00bb8dc9
                                                                                                                                                                                                                                                        0x00bb8dcc
                                                                                                                                                                                                                                                        0x00bb8dd6
                                                                                                                                                                                                                                                        0x00bb8dd9
                                                                                                                                                                                                                                                        0x00bb90a3
                                                                                                                                                                                                                                                        0x00bb90a8
                                                                                                                                                                                                                                                        0x00bb90aa
                                                                                                                                                                                                                                                        0x00bb90ad
                                                                                                                                                                                                                                                        0x00bb90b0
                                                                                                                                                                                                                                                        0x00bb90b4
                                                                                                                                                                                                                                                        0x00bb9121
                                                                                                                                                                                                                                                        0x00bb9126
                                                                                                                                                                                                                                                        0x00bb9128
                                                                                                                                                                                                                                                        0x00bb912b
                                                                                                                                                                                                                                                        0x00bb912e
                                                                                                                                                                                                                                                        0x00bb9132
                                                                                                                                                                                                                                                        0x00bb913e
                                                                                                                                                                                                                                                        0x00bb9143
                                                                                                                                                                                                                                                        0x00bb9145
                                                                                                                                                                                                                                                        0x00bb9148
                                                                                                                                                                                                                                                        0x00bb914b
                                                                                                                                                                                                                                                        0x00bb914f
                                                                                                                                                                                                                                                        0x00bb9170
                                                                                                                                                                                                                                                        0x00bb9172
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9172
                                                                                                                                                                                                                                                        0x00bb9154
                                                                                                                                                                                                                                                        0x00bb9159
                                                                                                                                                                                                                                                        0x00bb915b
                                                                                                                                                                                                                                                        0x00bb915e
                                                                                                                                                                                                                                                        0x00bb9161
                                                                                                                                                                                                                                                        0x00bb9166
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9168
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9168
                                                                                                                                                                                                                                                        0x00bb9134
                                                                                                                                                                                                                                                        0x00bb9137
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9137
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb90b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8dd9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d4d
                                                                                                                                                                                                                                                        0x00bb8cd2
                                                                                                                                                                                                                                                        0x00bb8cd7
                                                                                                                                                                                                                                                        0x00bb8cd9
                                                                                                                                                                                                                                                        0x00bb8ce3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ce5
                                                                                                                                                                                                                                                        0x00bb8ce5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ce5
                                                                                                                                                                                                                                                        0x00bb8ce3
                                                                                                                                                                                                                                                        0x00bb9177
                                                                                                                                                                                                                                                        0x00bb8f17
                                                                                                                                                                                                                                                        0x00bb8f17
                                                                                                                                                                                                                                                        0x00bb8f1d
                                                                                                                                                                                                                                                        0x00bb901d
                                                                                                                                                                                                                                                        0x00bb9026
                                                                                                                                                                                                                                                        0x00bb9028
                                                                                                                                                                                                                                                        0x00bb902e
                                                                                                                                                                                                                                                        0x00bb902e
                                                                                                                                                                                                                                                        0x00bb9031
                                                                                                                                                                                                                                                        0x00bb9034
                                                                                                                                                                                                                                                        0x00bb9034
                                                                                                                                                                                                                                                        0x00bb9037
                                                                                                                                                                                                                                                        0x00bb90df
                                                                                                                                                                                                                                                        0x00bb903d
                                                                                                                                                                                                                                                        0x00bb9040
                                                                                                                                                                                                                                                        0x00bb9040
                                                                                                                                                                                                                                                        0x00bb9043
                                                                                                                                                                                                                                                        0x00bb90e7
                                                                                                                                                                                                                                                        0x00bb90ec
                                                                                                                                                                                                                                                        0x00bb90ec
                                                                                                                                                                                                                                                        0x00bb90ef
                                                                                                                                                                                                                                                        0x00bb90f2
                                                                                                                                                                                                                                                        0x00bb9049
                                                                                                                                                                                                                                                        0x00bb904c
                                                                                                                                                                                                                                                        0x00bb904c
                                                                                                                                                                                                                                                        0x00bb9043
                                                                                                                                                                                                                                                        0x00bb9037
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f1d
                                                                                                                                                                                                                                                        0x00bb8c91
                                                                                                                                                                                                                                                        0x00bb8c3c
                                                                                                                                                                                                                                                        0x00bb8c3f
                                                                                                                                                                                                                                                        0x00bb8f5b
                                                                                                                                                                                                                                                        0x00bb8f5d
                                                                                                                                                                                                                                                        0x00bb8f61
                                                                                                                                                                                                                                                        0x00bb8f63
                                                                                                                                                                                                                                                        0x00bb8f67
                                                                                                                                                                                                                                                        0x00bb8c65
                                                                                                                                                                                                                                                        0x00bb8c69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f6d
                                                                                                                                                                                                                                                        0x00bb8c45
                                                                                                                                                                                                                                                        0x00bb8c48
                                                                                                                                                                                                                                                        0x00bb8c4b
                                                                                                                                                                                                                                                        0x00bb8c4d
                                                                                                                                                                                                                                                        0x00bb8c50
                                                                                                                                                                                                                                                        0x00bb8c53
                                                                                                                                                                                                                                                        0x00bb8c59
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c5f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c5f
                                                                                                                                                                                                                                                        0x00bb8bd6
                                                                                                                                                                                                                                                        0x00bb8bd9
                                                                                                                                                                                                                                                        0x00bb8f3f
                                                                                                                                                                                                                                                        0x00bb8f41
                                                                                                                                                                                                                                                        0x00bb8f45
                                                                                                                                                                                                                                                        0x00bb8f49
                                                                                                                                                                                                                                                        0x00bb8bfe
                                                                                                                                                                                                                                                        0x00bb8c02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f4f
                                                                                                                                                                                                                                                        0x00bb8be2
                                                                                                                                                                                                                                                        0x00bb8be5
                                                                                                                                                                                                                                                        0x00bb8be8
                                                                                                                                                                                                                                                        0x00bb8beb
                                                                                                                                                                                                                                                        0x00bb8bf2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8bf8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f23
                                                                                                                                                                                                                                                        0x00bb8f23
                                                                                                                                                                                                                                                        0x00bb8f34
                                                                                                                                                                                                                                                        0x00bb8f34

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlEncodePointer.NTDLL(?), ref: 00BB8BC1
                                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(?), ref: 00BB8C27
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: EncodePointer
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2118026453-0
                                                                                                                                                                                                                                                        • Opcode ID: 44987c4d437ce918743cd29c50a6b5449770ee075dcc719ec48dedc4130b2662
                                                                                                                                                                                                                                                        • Instruction ID: 9a87f16bd14b007c228dc0d68d73d5d94b879c00a0576f437ec0161223b61ceb
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 44987c4d437ce918743cd29c50a6b5449770ee075dcc719ec48dedc4130b2662
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B7123C70604642DBD725DF28C084AB5FBE6FF45314F288AD8D55A4B296CBB4ED86CBC0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 80%
                                                                                                                                                                                                                                                        			E00BB7F80(void* __ebx, void*** __ecx, void* __edx, void* __edi, void* __esi) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void** _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				void** _t46;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				void** _t49;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				int _t56;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				void** _t66;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        				int _t69;
                                                                                                                                                                                                                                                        				long _t74;
                                                                                                                                                                                                                                                        				void** _t75;
                                                                                                                                                                                                                                                        				void** _t78;
                                                                                                                                                                                                                                                        				void** _t81;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void** _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void** _t96;
                                                                                                                                                                                                                                                        				void** _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				void*** _t103;
                                                                                                                                                                                                                                                        				long _t107;
                                                                                                                                                                                                                                                        				long _t109;
                                                                                                                                                                                                                                                        				signed int _t111;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t100 = __edx;
                                                                                                                                                                                                                                                        				_t115 = _t114 - 0x14;
                                                                                                                                                                                                                                                        				_t44 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t44 ^ _t111;
                                                                                                                                                                                                                                                        				_t46 =  *(__ecx + 8);
                                                                                                                                                                                                                                                        				_v32 = _t46;
                                                                                                                                                                                                                                                        				if(_t46 <= __edx) {
                                                                                                                                                                                                                                                        					_t103 = __ecx;
                                                                                                                                                                                                                                                        					_t74 = __edx + 1;
                                                                                                                                                                                                                                                        					__eflags = _t74 - 0x10;
                                                                                                                                                                                                                                                        					_t48 =  >  ? _t74 : 0x10;
                                                                                                                                                                                                                                                        					_t107 = 0x10 - _v32;
                                                                                                                                                                                                                                                        					__eflags = 0x10;
                                                                                                                                                                                                                                                        					if(0x10 <= 0) {
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t103[2] = _t48;
                                                                                                                                                                                                                                                        						_v36 = _t74;
                                                                                                                                                                                                                                                        						_t81 =  *_t103;
                                                                                                                                                                                                                                                        						__eflags =  *_t81;
                                                                                                                                                                                                                                                        						if( *_t81 == 0) {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_t82 = _v36;
                                                                                                                                                                                                                                                        							_t109 = _t82 - _t48;
                                                                                                                                                                                                                                                        							__eflags = _t109;
                                                                                                                                                                                                                                                        							if(_t109 <= 0) {
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eflags = _t103[3] - _t48 - _t109;
                                                                                                                                                                                                                                                        								if(_t103[3] - _t48 < _t109) {
                                                                                                                                                                                                                                                        									goto L23;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__eflags = _t109;
                                                                                                                                                                                                                                                        									if(_t109 > 0) {
                                                                                                                                                                                                                                                        										goto L16;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L17;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t78 = _v32;
                                                                                                                                                                                                                                                        							_v28 = 0;
                                                                                                                                                                                                                                                        							_t100 = _t103[8] + _t78;
                                                                                                                                                                                                                                                        							_t63 = ReadProcessMemory( *_t81, _t103[8] + _t78, _t103[1] + _t78, _t107,  &_v28); // executed
                                                                                                                                                                                                                                                        							__eflags = _t63;
                                                                                                                                                                                                                                                        							if(_t63 == 0) {
                                                                                                                                                                                                                                                        								L12:
                                                                                                                                                                                                                                                        								_t48 = _t103[2];
                                                                                                                                                                                                                                                        								goto L13;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eflags = _v28 - _t107;
                                                                                                                                                                                                                                                        								if(_v28 == _t107) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t96 = _v32;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(__ecx + 0xc)) - _t96 - 0x10;
                                                                                                                                                                                                                                                        						_t66 = _t96;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(__ecx + 0xc)) - _t96 >= 0x10) {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							__eflags = _t107;
                                                                                                                                                                                                                                                        							if(_t107 > 0) {
                                                                                                                                                                                                                                                        								_t97 = _t103[1];
                                                                                                                                                                                                                                                        								_t100 = _t97 + _t66;
                                                                                                                                                                                                                                                        								_t67 = _t66 +  &(_t97[0]);
                                                                                                                                                                                                                                                        								_t98 = _t100 + _t107;
                                                                                                                                                                                                                                                        								__eflags = _t98 - _t67;
                                                                                                                                                                                                                                                        								_t68 =  >  ? _t98 : _t67;
                                                                                                                                                                                                                                                        								_t69 = ( >  ? _t98 : _t67) - _t100;
                                                                                                                                                                                                                                                        								__eflags = _t69;
                                                                                                                                                                                                                                                        								memset(_t100, 0, _t69);
                                                                                                                                                                                                                                                        								_t115 = _t115 + 0xc;
                                                                                                                                                                                                                                                        								_t66 = _t103[2];
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t48 = _t66 + _t107;
                                                                                                                                                                                                                                                        							__eflags = _t48;
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t8 =  &(_t103[1]); // 0x10
                                                                                                                                                                                                                                                        							__eflags = E00BB8170(_t66, _t8, 0x10);
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								L22:
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t48 = E00BB77D5(0x1fb, _t100, __eflags);
                                                                                                                                                                                                                                                        								L23:
                                                                                                                                                                                                                                                        								_t41 =  &(_t103[1]); // 0x10
                                                                                                                                                                                                                                                        								__eflags = E00BB8170(_t48, _t41, _t109);
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									E00BB77D5(0x208, _t100, __eflags);
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t111);
                                                                                                                                                                                                                                                        									_t53 =  *0x00000218;
                                                                                                                                                                                                                                                        									__eflags = _t53 - 0x224;
                                                                                                                                                                                                                                                        									if(_t53 != 0x224) {
                                                                                                                                                                                                                                                        										free(_t53);
                                                                                                                                                                                                                                                        										return _t53;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									return _t53;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t48 = _t103[2];
                                                                                                                                                                                                                                                        									__eflags = _t109;
                                                                                                                                                                                                                                                        									if(_t109 > 0) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_t88 = _t103[1];
                                                                                                                                                                                                                                                        										_t100 = _t88 + _t48;
                                                                                                                                                                                                                                                        										_t54 = _t48 +  &(_t88[0]);
                                                                                                                                                                                                                                                        										_t89 = _t100 + _t109;
                                                                                                                                                                                                                                                        										__eflags = _t89 - _t54;
                                                                                                                                                                                                                                                        										_t55 =  >  ? _t89 : _t54;
                                                                                                                                                                                                                                                        										_t56 = ( >  ? _t89 : _t54) - _t100;
                                                                                                                                                                                                                                                        										__eflags = _t56;
                                                                                                                                                                                                                                                        										memset(_t100, 0, _t56);
                                                                                                                                                                                                                                                        										_t115 = _t115 + 0xc;
                                                                                                                                                                                                                                                        										_t48 = _t103[2];
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										_t58 = _t48 + _t109;
                                                                                                                                                                                                                                                        										__eflags = _t58;
                                                                                                                                                                                                                                                        										_t82 = _t58;
                                                                                                                                                                                                                                                        										L18:
                                                                                                                                                                                                                                                        										_t103[2] = _t82;
                                                                                                                                                                                                                                                        										_t109 = _v36;
                                                                                                                                                                                                                                                        										_t49 =  *_t103;
                                                                                                                                                                                                                                                        										__eflags =  *_t49;
                                                                                                                                                                                                                                                        										if(__eflags == 0) {
                                                                                                                                                                                                                                                        											L21:
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											E00BB77D5(0x20c, _t100, __eflags);
                                                                                                                                                                                                                                                        											goto L22;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t75 = _v32;
                                                                                                                                                                                                                                                        											_t100 =  &_v24;
                                                                                                                                                                                                                                                        											_t109 = _t109 - _t75;
                                                                                                                                                                                                                                                        											_v24 = 0;
                                                                                                                                                                                                                                                        											__eflags = ReadProcessMemory( *_t49, _t75 + _t103[8], _t103[1] + _t75, _t109,  &_v24);
                                                                                                                                                                                                                                                        											if(__eflags == 0) {
                                                                                                                                                                                                                                                        												goto L21;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags = _v24 - _t109;
                                                                                                                                                                                                                                                        												if(__eflags == 0) {
                                                                                                                                                                                                                                                        													goto L1;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L21;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t66 =  *(__ecx + 8);
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t111, _t100);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




































                                                                                                                                                                                                                                                        0x00bb7f80
                                                                                                                                                                                                                                                        0x00bb7f86
                                                                                                                                                                                                                                                        0x00bb7f89
                                                                                                                                                                                                                                                        0x00bb7f90
                                                                                                                                                                                                                                                        0x00bb7f93
                                                                                                                                                                                                                                                        0x00bb7f98
                                                                                                                                                                                                                                                        0x00bb7f9b
                                                                                                                                                                                                                                                        0x00bb7fb6
                                                                                                                                                                                                                                                        0x00bb7fb8
                                                                                                                                                                                                                                                        0x00bb7fb9
                                                                                                                                                                                                                                                        0x00bb7fbc
                                                                                                                                                                                                                                                        0x00bb7fc1
                                                                                                                                                                                                                                                        0x00bb7fc1
                                                                                                                                                                                                                                                        0x00bb7fc4
                                                                                                                                                                                                                                                        0x00bb8011
                                                                                                                                                                                                                                                        0x00bb8011
                                                                                                                                                                                                                                                        0x00bb8014
                                                                                                                                                                                                                                                        0x00bb8017
                                                                                                                                                                                                                                                        0x00bb8019
                                                                                                                                                                                                                                                        0x00bb801c
                                                                                                                                                                                                                                                        0x00bb8051
                                                                                                                                                                                                                                                        0x00bb8051
                                                                                                                                                                                                                                                        0x00bb8056
                                                                                                                                                                                                                                                        0x00bb8056
                                                                                                                                                                                                                                                        0x00bb8058
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb805a
                                                                                                                                                                                                                                                        0x00bb805f
                                                                                                                                                                                                                                                        0x00bb8061
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8063
                                                                                                                                                                                                                                                        0x00bb8063
                                                                                                                                                                                                                                                        0x00bb8065
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8065
                                                                                                                                                                                                                                                        0x00bb8061
                                                                                                                                                                                                                                                        0x00bb801e
                                                                                                                                                                                                                                                        0x00bb8021
                                                                                                                                                                                                                                                        0x00bb8027
                                                                                                                                                                                                                                                        0x00bb8030
                                                                                                                                                                                                                                                        0x00bb803b
                                                                                                                                                                                                                                                        0x00bb8041
                                                                                                                                                                                                                                                        0x00bb8043
                                                                                                                                                                                                                                                        0x00bb804e
                                                                                                                                                                                                                                                        0x00bb804e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8045
                                                                                                                                                                                                                                                        0x00bb8045
                                                                                                                                                                                                                                                        0x00bb8048
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8048
                                                                                                                                                                                                                                                        0x00bb8043
                                                                                                                                                                                                                                                        0x00bb7fc6
                                                                                                                                                                                                                                                        0x00bb7fc9
                                                                                                                                                                                                                                                        0x00bb7fce
                                                                                                                                                                                                                                                        0x00bb7fd0
                                                                                                                                                                                                                                                        0x00bb7fd2
                                                                                                                                                                                                                                                        0x00bb7fe8
                                                                                                                                                                                                                                                        0x00bb7fe8
                                                                                                                                                                                                                                                        0x00bb7fea
                                                                                                                                                                                                                                                        0x00bb7fec
                                                                                                                                                                                                                                                        0x00bb7fef
                                                                                                                                                                                                                                                        0x00bb7ff2
                                                                                                                                                                                                                                                        0x00bb7ff6
                                                                                                                                                                                                                                                        0x00bb7ff9
                                                                                                                                                                                                                                                        0x00bb7ffb
                                                                                                                                                                                                                                                        0x00bb7ffe
                                                                                                                                                                                                                                                        0x00bb7ffe
                                                                                                                                                                                                                                                        0x00bb8004
                                                                                                                                                                                                                                                        0x00bb8009
                                                                                                                                                                                                                                                        0x00bb800c
                                                                                                                                                                                                                                                        0x00bb800c
                                                                                                                                                                                                                                                        0x00bb800f
                                                                                                                                                                                                                                                        0x00bb800f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7fd4
                                                                                                                                                                                                                                                        0x00bb7fd4
                                                                                                                                                                                                                                                        0x00bb7fdd
                                                                                                                                                                                                                                                        0x00bb7fdf
                                                                                                                                                                                                                                                        0x00bb80d6
                                                                                                                                                                                                                                                        0x00bb80d6
                                                                                                                                                                                                                                                        0x00bb80dc
                                                                                                                                                                                                                                                        0x00bb80e1
                                                                                                                                                                                                                                                        0x00bb80e1
                                                                                                                                                                                                                                                        0x00bb80ea
                                                                                                                                                                                                                                                        0x00bb80ec
                                                                                                                                                                                                                                                        0x00bb80fb
                                                                                                                                                                                                                                                        0x00bb8101
                                                                                                                                                                                                                                                        0x00bb8106
                                                                                                                                                                                                                                                        0x00bb8107
                                                                                                                                                                                                                                                        0x00bb8108
                                                                                                                                                                                                                                                        0x00bb8109
                                                                                                                                                                                                                                                        0x00bb810a
                                                                                                                                                                                                                                                        0x00bb810b
                                                                                                                                                                                                                                                        0x00bb810c
                                                                                                                                                                                                                                                        0x00bb810d
                                                                                                                                                                                                                                                        0x00bb810e
                                                                                                                                                                                                                                                        0x00bb810f
                                                                                                                                                                                                                                                        0x00bb8110
                                                                                                                                                                                                                                                        0x00bb8113
                                                                                                                                                                                                                                                        0x00bb8119
                                                                                                                                                                                                                                                        0x00bb811b
                                                                                                                                                                                                                                                        0x00bb811e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8124
                                                                                                                                                                                                                                                        0x00bb8128
                                                                                                                                                                                                                                                        0x00bb80ee
                                                                                                                                                                                                                                                        0x00bb80ee
                                                                                                                                                                                                                                                        0x00bb80f1
                                                                                                                                                                                                                                                        0x00bb80f3
                                                                                                                                                                                                                                                        0x00bb8067
                                                                                                                                                                                                                                                        0x00bb8067
                                                                                                                                                                                                                                                        0x00bb806a
                                                                                                                                                                                                                                                        0x00bb806d
                                                                                                                                                                                                                                                        0x00bb8071
                                                                                                                                                                                                                                                        0x00bb8074
                                                                                                                                                                                                                                                        0x00bb8076
                                                                                                                                                                                                                                                        0x00bb8079
                                                                                                                                                                                                                                                        0x00bb8079
                                                                                                                                                                                                                                                        0x00bb807f
                                                                                                                                                                                                                                                        0x00bb8084
                                                                                                                                                                                                                                                        0x00bb8087
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb80f9
                                                                                                                                                                                                                                                        0x00bb808a
                                                                                                                                                                                                                                                        0x00bb808a
                                                                                                                                                                                                                                                        0x00bb808a
                                                                                                                                                                                                                                                        0x00bb808c
                                                                                                                                                                                                                                                        0x00bb808e
                                                                                                                                                                                                                                                        0x00bb808e
                                                                                                                                                                                                                                                        0x00bb8091
                                                                                                                                                                                                                                                        0x00bb8094
                                                                                                                                                                                                                                                        0x00bb8096
                                                                                                                                                                                                                                                        0x00bb8099
                                                                                                                                                                                                                                                        0x00bb80cb
                                                                                                                                                                                                                                                        0x00bb80cb
                                                                                                                                                                                                                                                        0x00bb80d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb809b
                                                                                                                                                                                                                                                        0x00bb809b
                                                                                                                                                                                                                                                        0x00bb80a1
                                                                                                                                                                                                                                                        0x00bb80a4
                                                                                                                                                                                                                                                        0x00bb80ab
                                                                                                                                                                                                                                                        0x00bb80be
                                                                                                                                                                                                                                                        0x00bb80c0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb80c2
                                                                                                                                                                                                                                                        0x00bb80c2
                                                                                                                                                                                                                                                        0x00bb80c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb80c5
                                                                                                                                                                                                                                                        0x00bb80c0
                                                                                                                                                                                                                                                        0x00bb8099
                                                                                                                                                                                                                                                        0x00bb80f3
                                                                                                                                                                                                                                                        0x00bb7fe5
                                                                                                                                                                                                                                                        0x00bb7fe5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7fe5
                                                                                                                                                                                                                                                        0x00bb7fdf
                                                                                                                                                                                                                                                        0x00bb7fd2
                                                                                                                                                                                                                                                        0x00bb7f9d
                                                                                                                                                                                                                                                        0x00bb7f9d
                                                                                                                                                                                                                                                        0x00bb7fae
                                                                                                                                                                                                                                                        0x00bb7fae

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB8004
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNELBASE(0000000C,?,?,?,00000000), ref: 00BB803B
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB807F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memset$MemoryProcessRead
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1391334130-0
                                                                                                                                                                                                                                                        • Opcode ID: 1763d106cb017e161175537278ff35dde2dec486053f7ed79d95be878da3ad94
                                                                                                                                                                                                                                                        • Instruction ID: 41dfbba8ab32e83c4148da52b9081c0f0e3bcbe622fc017eb666f27f4a82f869
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1763d106cb017e161175537278ff35dde2dec486053f7ed79d95be878da3ad94
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5751B070A0060A9FCB14EF28C894ABAB3F9FF44704F1445A8E819D7641DFB1EC59CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 47%
                                                                                                                                                                                                                                                        			E00BB7B70(signed short* __eax, intOrPtr __ecx, signed short __edx, signed short _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				signed short _v28;
                                                                                                                                                                                                                                                        				signed short* _v32;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed short* _t71;
                                                                                                                                                                                                                                                        				signed short* _t80;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				intOrPtr* _t98;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				signed short _t129;
                                                                                                                                                                                                                                                        				signed short _t130;
                                                                                                                                                                                                                                                        				signed short* _t136;
                                                                                                                                                                                                                                                        				signed short* _t137;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				void* _t161;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t71 = __eax;
                                                                                                                                                                                                                                                        				_t129 = _a4;
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				__imp__moz_xmalloc(0x30);
                                                                                                                                                                                                                                                        				__eax[2] = 1;
                                                                                                                                                                                                                                                        				__eax[4] = 1;
                                                                                                                                                                                                                                                        				 *__eax = 0xbf0238;
                                                                                                                                                                                                                                                        				__eax[6] = _t129;
                                                                                                                                                                                                                                                        				__eax[0xa] = 0;
                                                                                                                                                                                                                                                        				_t98 = __eax;
                                                                                                                                                                                                                                                        				_t7 =  &(_t71[6]); // 0xc
                                                                                                                                                                                                                                                        				__eax[0xc] = 0x10;
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				__eax[8] =  &(__eax[0xe]);
                                                                                                                                                                                                                                                        				__eax[0x16] = __edx;
                                                                                                                                                                                                                                                        				E00BB7F80(__eax, _t7, 0x40, _t129, __edx); // executed
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t98 + 0x2c)) == 0 ||  *((intOrPtr*)(_t98 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        					L29:
                                                                                                                                                                                                                                                        					E00BB7DF0(_v20, _t129);
                                                                                                                                                                                                                                                        					asm("lock dec dword [ebx+0x4]");
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L27;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t80 =  *(_t98 + 0x10);
                                                                                                                                                                                                                                                        					if(_t80 == 0 || ( *_t80 & 0x0000ffff) != 0x5a4d) {
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(0x30);
                                                                                                                                                                                                                                                        						_t18 =  &(_t80[0xe]); // 0x1c
                                                                                                                                                                                                                                                        						_t80[2] = 1;
                                                                                                                                                                                                                                                        						_t80[4] = 1;
                                                                                                                                                                                                                                                        						 *_t80 = 0xbf0238;
                                                                                                                                                                                                                                                        						_t80[6] = _t129;
                                                                                                                                                                                                                                                        						_t80[0xa] = 0;
                                                                                                                                                                                                                                                        						_t80[0xc] = 0x10;
                                                                                                                                                                                                                                                        						_t24 =  &(_t80[6]); // 0xc
                                                                                                                                                                                                                                                        						_t80[8] = _t18;
                                                                                                                                                                                                                                                        						_t80[0x16] = _t80[0x1e] + _v28;
                                                                                                                                                                                                                                                        						_t136 = _t80; // executed
                                                                                                                                                                                                                                                        						E00BB7F80(_t98, _t24, 0xf8, _t129, _t136); // executed
                                                                                                                                                                                                                                                        						_v32 = _t136;
                                                                                                                                                                                                                                                        						if(_t136[0x16] == 0 || _t136[0xa] == 0) {
                                                                                                                                                                                                                                                        							L28:
                                                                                                                                                                                                                                                        							E00BB7DF0(_v20, _a4);
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t130 = _t136[8];
                                                                                                                                                                                                                                                        							if(_t130 == 0 ||  *_t130 != 0x4550) {
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t87 =  *(_t130 + 0x18) & 0x0000ffff;
                                                                                                                                                                                                                                                        								if(_t87 != 0x10b ||  *((intOrPtr*)(_t130 + 0x50)) <= 0x137) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v24 = _t98;
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t130 + 0x74)) == 0) {
                                                                                                                                                                                                                                                        										L32:
                                                                                                                                                                                                                                                        										E00BB7DF0(_v20, _a4);
                                                                                                                                                                                                                                                        										_t98 = _v24;
                                                                                                                                                                                                                                                        										L21:
                                                                                                                                                                                                                                                        										_t137 = _v32;
                                                                                                                                                                                                                                                        										asm("lock dec dword [esi+0x4]");
                                                                                                                                                                                                                                                        										if(_t161 == 0) {
                                                                                                                                                                                                                                                        											 *( *_t137)();
                                                                                                                                                                                                                                                        											asm("lock dec dword [esi+0x8]");
                                                                                                                                                                                                                                                        											if(_t161 == 0) {
                                                                                                                                                                                                                                                        												 *((intOrPtr*)( *_t137 + 4))();
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										asm("lock dec dword [ebx+0x4]");
                                                                                                                                                                                                                                                        										if(_t161 != 0) {
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											return _v20;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L25:
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t98))();
                                                                                                                                                                                                                                                        											asm("lock dec dword [ebx+0x8]");
                                                                                                                                                                                                                                                        											if(_t161 == 0) {
                                                                                                                                                                                                                                                        												 *((intOrPtr*)( *_t98 + 4))();
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t99 =  *((intOrPtr*)(_t130 + 0x78));
                                                                                                                                                                                                                                                        									if(_t99 == 0 ||  *((intOrPtr*)(_t130 + 0x7c)) == 0) {
                                                                                                                                                                                                                                                        										goto L32;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__imp__moz_xmalloc(0x30);
                                                                                                                                                                                                                                                        										_t138 = _t87;
                                                                                                                                                                                                                                                        										 *(_t87 + 4) = 1;
                                                                                                                                                                                                                                                        										 *(_t87 + 8) = 1;
                                                                                                                                                                                                                                                        										 *_t87 = 0xbf0238;
                                                                                                                                                                                                                                                        										_t40 = _t87 + 0xc; // 0xc
                                                                                                                                                                                                                                                        										_t42 = _t138 + 0x1c; // 0x1c
                                                                                                                                                                                                                                                        										 *(_t138 + 0xc) = _a4;
                                                                                                                                                                                                                                                        										 *(_t138 + 0x14) = 0;
                                                                                                                                                                                                                                                        										 *(_t138 + 0x18) = 0x10;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t138 + 0x10)) = _t42;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t138 + 0x2c)) = _t99 + _v28;
                                                                                                                                                                                                                                                        										E00BB7F80(_t99 + _v28, _t40, 0x28, _t130, _t138); // executed
                                                                                                                                                                                                                                                        										if( *((intOrPtr*)(_t138 + 0x2c)) == 0 ||  *(_t138 + 0x14) == 0) {
                                                                                                                                                                                                                                                        											L31:
                                                                                                                                                                                                                                                        											E00BB7DF0(_v20, _a4);
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t96 =  *((intOrPtr*)(_t138 + 0x10));
                                                                                                                                                                                                                                                        											if(_t96 == 0 ||  *((intOrPtr*)(_t96 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t161 =  *((intOrPtr*)(_t130 + 0x7c)) +  *((intOrPtr*)(_t130 + 0x78));
                                                                                                                                                                                                                                                        												E00BB7F10(_v20, _a4, _t161, _v28,  *((intOrPtr*)(_t130 + 0x78)),  *((intOrPtr*)(_t130 + 0x7c)) +  *((intOrPtr*)(_t130 + 0x78)), _t96); // executed
                                                                                                                                                                                                                                                        												L18:
                                                                                                                                                                                                                                                        												asm("lock dec dword [esi+0x4]");
                                                                                                                                                                                                                                                        												_t98 = _v24;
                                                                                                                                                                                                                                                        												if(_t161 == 0) {
                                                                                                                                                                                                                                                        													 *((intOrPtr*)( *_t138))();
                                                                                                                                                                                                                                                        													asm("lock dec dword [esi+0x8]");
                                                                                                                                                                                                                                                        													if(_t161 == 0) {
                                                                                                                                                                                                                                                        														 *((intOrPtr*)( *_t138 + 4))();
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L21;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bb7b70
                                                                                                                                                                                                                                                        0x00bb7b79
                                                                                                                                                                                                                                                        0x00bb7b7e
                                                                                                                                                                                                                                                        0x00bb7b83
                                                                                                                                                                                                                                                        0x00bb7b8c
                                                                                                                                                                                                                                                        0x00bb7b93
                                                                                                                                                                                                                                                        0x00bb7b9a
                                                                                                                                                                                                                                                        0x00bb7ba0
                                                                                                                                                                                                                                                        0x00bb7ba3
                                                                                                                                                                                                                                                        0x00bb7baa
                                                                                                                                                                                                                                                        0x00bb7bac
                                                                                                                                                                                                                                                        0x00bb7baf
                                                                                                                                                                                                                                                        0x00bb7bbe
                                                                                                                                                                                                                                                        0x00bb7bc1
                                                                                                                                                                                                                                                        0x00bb7bc4
                                                                                                                                                                                                                                                        0x00bb7bc7
                                                                                                                                                                                                                                                        0x00bb7bd0
                                                                                                                                                                                                                                                        0x00bb7db0
                                                                                                                                                                                                                                                        0x00bb7db5
                                                                                                                                                                                                                                                        0x00bb7dba
                                                                                                                                                                                                                                                        0x00bb7dbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7be0
                                                                                                                                                                                                                                                        0x00bb7be0
                                                                                                                                                                                                                                                        0x00bb7be5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7bfa
                                                                                                                                                                                                                                                        0x00bb7c02
                                                                                                                                                                                                                                                        0x00bb7c0b
                                                                                                                                                                                                                                                        0x00bb7c0e
                                                                                                                                                                                                                                                        0x00bb7c15
                                                                                                                                                                                                                                                        0x00bb7c1c
                                                                                                                                                                                                                                                        0x00bb7c22
                                                                                                                                                                                                                                                        0x00bb7c25
                                                                                                                                                                                                                                                        0x00bb7c2c
                                                                                                                                                                                                                                                        0x00bb7c33
                                                                                                                                                                                                                                                        0x00bb7c36
                                                                                                                                                                                                                                                        0x00bb7c3e
                                                                                                                                                                                                                                                        0x00bb7c41
                                                                                                                                                                                                                                                        0x00bb7c43
                                                                                                                                                                                                                                                        0x00bb7c4c
                                                                                                                                                                                                                                                        0x00bb7c4f
                                                                                                                                                                                                                                                        0x00bb7da3
                                                                                                                                                                                                                                                        0x00bb7da9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7c5f
                                                                                                                                                                                                                                                        0x00bb7c5f
                                                                                                                                                                                                                                                        0x00bb7c64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7c76
                                                                                                                                                                                                                                                        0x00bb7c76
                                                                                                                                                                                                                                                        0x00bb7c7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7c92
                                                                                                                                                                                                                                                        0x00bb7c96
                                                                                                                                                                                                                                                        0x00bb7c99
                                                                                                                                                                                                                                                        0x00bb7dd2
                                                                                                                                                                                                                                                        0x00bb7dd8
                                                                                                                                                                                                                                                        0x00bb7ddd
                                                                                                                                                                                                                                                        0x00bb7d63
                                                                                                                                                                                                                                                        0x00bb7d63
                                                                                                                                                                                                                                                        0x00bb7d66
                                                                                                                                                                                                                                                        0x00bb7d6a
                                                                                                                                                                                                                                                        0x00bb7d70
                                                                                                                                                                                                                                                        0x00bb7d72
                                                                                                                                                                                                                                                        0x00bb7d76
                                                                                                                                                                                                                                                        0x00bb7d7c
                                                                                                                                                                                                                                                        0x00bb7d7c
                                                                                                                                                                                                                                                        0x00bb7d76
                                                                                                                                                                                                                                                        0x00bb7d7f
                                                                                                                                                                                                                                                        0x00bb7d83
                                                                                                                                                                                                                                                        0x00bb7d98
                                                                                                                                                                                                                                                        0x00bb7da2
                                                                                                                                                                                                                                                        0x00bb7d85
                                                                                                                                                                                                                                                        0x00bb7d85
                                                                                                                                                                                                                                                        0x00bb7d89
                                                                                                                                                                                                                                                        0x00bb7d8b
                                                                                                                                                                                                                                                        0x00bb7d8f
                                                                                                                                                                                                                                                        0x00bb7d95
                                                                                                                                                                                                                                                        0x00bb7d95
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d8f
                                                                                                                                                                                                                                                        0x00bb7d83
                                                                                                                                                                                                                                                        0x00bb7c9f
                                                                                                                                                                                                                                                        0x00bb7ca4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7cb4
                                                                                                                                                                                                                                                        0x00bb7cb9
                                                                                                                                                                                                                                                        0x00bb7cc2
                                                                                                                                                                                                                                                        0x00bb7cc4
                                                                                                                                                                                                                                                        0x00bb7ccb
                                                                                                                                                                                                                                                        0x00bb7cd2
                                                                                                                                                                                                                                                        0x00bb7cd8
                                                                                                                                                                                                                                                        0x00bb7cde
                                                                                                                                                                                                                                                        0x00bb7ce1
                                                                                                                                                                                                                                                        0x00bb7ce4
                                                                                                                                                                                                                                                        0x00bb7ceb
                                                                                                                                                                                                                                                        0x00bb7cf2
                                                                                                                                                                                                                                                        0x00bb7cfa
                                                                                                                                                                                                                                                        0x00bb7cfd
                                                                                                                                                                                                                                                        0x00bb7d06
                                                                                                                                                                                                                                                        0x00bb7dc2
                                                                                                                                                                                                                                                        0x00bb7dc8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d16
                                                                                                                                                                                                                                                        0x00bb7d16
                                                                                                                                                                                                                                                        0x00bb7d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d2b
                                                                                                                                                                                                                                                        0x00bb7d37
                                                                                                                                                                                                                                                        0x00bb7d3f
                                                                                                                                                                                                                                                        0x00bb7d47
                                                                                                                                                                                                                                                        0x00bb7d47
                                                                                                                                                                                                                                                        0x00bb7d4b
                                                                                                                                                                                                                                                        0x00bb7d4e
                                                                                                                                                                                                                                                        0x00bb7d54
                                                                                                                                                                                                                                                        0x00bb7d56
                                                                                                                                                                                                                                                        0x00bb7d5a
                                                                                                                                                                                                                                                        0x00bb7d60
                                                                                                                                                                                                                                                        0x00bb7d60
                                                                                                                                                                                                                                                        0x00bb7d5a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d4e
                                                                                                                                                                                                                                                        0x00bb7d1b
                                                                                                                                                                                                                                                        0x00bb7d06
                                                                                                                                                                                                                                                        0x00bb7ca4
                                                                                                                                                                                                                                                        0x00bb7c7f
                                                                                                                                                                                                                                                        0x00bb7c64
                                                                                                                                                                                                                                                        0x00bb7c4f
                                                                                                                                                                                                                                                        0x00bb7be5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,00BB7A50,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BB7B83
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,00BB7A50,?,?,?,?,?,?,?,?,?,?,?), ref: 00BB7C02
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: memset.NTDLL ref: 00BB8004
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: ReadProcessMemory.KERNELBASE(0000000C,?,?,?,00000000), ref: 00BB803B
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: memset.NTDLL ref: 00BB807F
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,?,00BB7A50,?,?,?,?,?,?,?,?,?,?), ref: 00BB7CB9
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: ReadProcessMemory.KERNEL32(?,?,?,?,?,?,?,?), ref: 00BB80B8
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: free.MOZGLUE(?,?,?,?,00BB7A50,00000000,?,00BB7BCC,?,?,?,00BB7A50,?), ref: 00BB811E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$MemoryProcessReadmemset$free
                                                                                                                                                                                                                                                        • String ID: NtMapViewOfSection
                                                                                                                                                                                                                                                        • API String ID: 2551268302-2752921276
                                                                                                                                                                                                                                                        • Opcode ID: 1a628ab98964d9f6e1317995ca0fc3f7b2920700228dd93ca8e298a7e44b3923
                                                                                                                                                                                                                                                        • Instruction ID: 596246166a6bcdd5361397ccf696a87b269008602b8ed4dff588c90fdc434935
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1a628ab98964d9f6e1317995ca0fc3f7b2920700228dd93ca8e298a7e44b3923
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 887143B0644604CFDB25DF14C488BBABBF1FF84344F0588AAD8095B3A2CBB5E945CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BB77D5(void* __ecx, void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				signed int _t15;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				signed char _t26;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t34 = __edx;
                                                                                                                                                                                                                                                        				_t29 = __ecx;
                                                                                                                                                                                                                                                        				 *0 = __ecx;
                                                                                                                                                                                                                                                        				TerminateProcess(GetCurrentProcess(), 3);
                                                                                                                                                                                                                                                        				asm("int3");
                                                                                                                                                                                                                                                        				asm("int3");
                                                                                                                                                                                                                                                        				asm("int3");
                                                                                                                                                                                                                                                        				_t40 = _t41;
                                                                                                                                                                                                                                                        				_push(_t25);
                                                                                                                                                                                                                                                        				_t15 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t37 = _t29;
                                                                                                                                                                                                                                                        				_t35 = "NtMapViewOfSection";
                                                                                                                                                                                                                                                        				_v20 = _t15 ^ _t41;
                                                                                                                                                                                                                                                        				_t18 = E00BB7A20(_t34, "NtMapViewOfSection", E00BBEE50,  &_v32); // executed
                                                                                                                                                                                                                                                        				if(_t18 == 0) {
                                                                                                                                                                                                                                                        					_t26 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v24 = _v32;
                                                                                                                                                                                                                                                        					_t23 = WriteProcessMemory(_t37, 0xbfa7a8,  &_v24, 4,  &_v28); // executed
                                                                                                                                                                                                                                                        					_t26 = (_t25 & 0xffffff00 | _v28 == 0x00000004) & (_t23 & 0xffffff00 | _t23 != 0x00000000);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t40, _t35);
                                                                                                                                                                                                                                                        				return _t26;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bb77d5
                                                                                                                                                                                                                                                        0x00bb77d5
                                                                                                                                                                                                                                                        0x00bb77d8
                                                                                                                                                                                                                                                        0x00bb77e7
                                                                                                                                                                                                                                                        0x00bb77ed
                                                                                                                                                                                                                                                        0x00bb77ee
                                                                                                                                                                                                                                                        0x00bb77ef
                                                                                                                                                                                                                                                        0x00bb77f1
                                                                                                                                                                                                                                                        0x00bb77f3
                                                                                                                                                                                                                                                        0x00bb77f8
                                                                                                                                                                                                                                                        0x00bb77fd
                                                                                                                                                                                                                                                        0x00bb7801
                                                                                                                                                                                                                                                        0x00bb7808
                                                                                                                                                                                                                                                        0x00bb7814
                                                                                                                                                                                                                                                        0x00bb781e
                                                                                                                                                                                                                                                        0x00bb785d
                                                                                                                                                                                                                                                        0x00bb7820
                                                                                                                                                                                                                                                        0x00bb7826
                                                                                                                                                                                                                                                        0x00bb7836
                                                                                                                                                                                                                                                        0x00bb7848
                                                                                                                                                                                                                                                        0x00bb7848
                                                                                                                                                                                                                                                        0x00bb784f
                                                                                                                                                                                                                                                        0x00bb785c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,00BB80D6,?,00BB7A50,00000000,?,00BB7BCC,?,?,?,00BB7A50,?), ref: 00BB77DE
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00000003,?,00BB80D6,?,00BB7A50,00000000,?,00BB7BCC,?,?,?,00BB7A50,?), ref: 00BB77E7
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,00BFA7A8,?,00000004,?,?,?,?,?,?,00BB80D6,?,00BB7A50,00000000,?,00BB7BCC), ref: 00BB7836
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentMemoryTerminateWrite
                                                                                                                                                                                                                                                        • String ID: NtMapViewOfSection
                                                                                                                                                                                                                                                        • API String ID: 2450937404-2752921276
                                                                                                                                                                                                                                                        • Opcode ID: f29f6b1a4bd77610d6f3df824fdf578b4a2e35430c0cd8609bba14673f7836af
                                                                                                                                                                                                                                                        • Instruction ID: 53e158ee3ffa8b0abed4d3a55d16e52531a0a02e7fdb10a538cf91ee4a0d21c1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f29f6b1a4bd77610d6f3df824fdf578b4a2e35430c0cd8609bba14673f7836af
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1401B971A4420DABDB049FA5DC46AFF77FCEB04300F0444B9FA15A7251DE74AA08C791
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BB6C70(signed int __ecx, signed int* __edx, void* __eflags, signed int _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				signed int _v72;
                                                                                                                                                                                                                                                        				WCHAR* _v76;
                                                                                                                                                                                                                                                        				WCHAR* _v80;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				signed int _v96;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				WCHAR* _v108;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER _v112;
                                                                                                                                                                                                                                                        				signed int* _v116;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				intOrPtr _t101;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER* _t106;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				signed int* _t127;
                                                                                                                                                                                                                                                        				signed int _t128;
                                                                                                                                                                                                                                                        				short _t129;
                                                                                                                                                                                                                                                        				signed int _t130;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v116 = __edx;
                                                                                                                                                                                                                                                        				_t125 =  &_v40;
                                                                                                                                                                                                                                                        				_t126 = __ecx;
                                                                                                                                                                                                                                                        				_t83 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t83 ^ _t131;
                                                                                                                                                                                                                                                        				E00BB6950(__ecx,  &_v40); // executed
                                                                                                                                                                                                                                                        				if(_v28 != 0) {
                                                                                                                                                                                                                                                        					_t86 = _v32;
                                                                                                                                                                                                                                                        					_t127 = _v116;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x50]");
                                                                                                                                                                                                                                                        					L28:
                                                                                                                                                                                                                                                        					_t127[2] = _t86;
                                                                                                                                                                                                                                                        					asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        					_t127[3] = 1;
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t131, _t125);
                                                                                                                                                                                                                                                        					return _t127;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t89 = GetModuleHandleW(0);
                                                                                                                                                                                                                                                        				_t106 =  &_v80;
                                                                                                                                                                                                                                                        				E00BB1EA0(_t106, _t89 & 0xfffffffc);
                                                                                                                                                                                                                                                        				if(_v76 == 0) {
                                                                                                                                                                                                                                                        					_t127 = _v116;
                                                                                                                                                                                                                                                        					_t127[3] = 1;
                                                                                                                                                                                                                                                        					 *_t127 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        					_t127[1] = 0x21;
                                                                                                                                                                                                                                                        					_t127[2] = 0x800700c1;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t125 =  &_v56;
                                                                                                                                                                                                                                                        				_t129 = _v76[4];
                                                                                                                                                                                                                                                        				E00BB6F60(_t126,  &_v56); // executed
                                                                                                                                                                                                                                                        				if(_v44 != 0) {
                                                                                                                                                                                                                                                        					_t86 = _v48;
                                                                                                                                                                                                                                                        					_t127 = _v116;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x40]");
                                                                                                                                                                                                                                                        					goto L28;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_v52 == 0 || _v56 != _t129) {
                                                                                                                                                                                                                                                        					_t125 =  &_v80;
                                                                                                                                                                                                                                                        					E00BB6FB0(_t126,  &_v80, __eflags); // executed
                                                                                                                                                                                                                                                        					__eflags = _v68;
                                                                                                                                                                                                                                                        					if(_v68 != 0) {
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t125 =  &_v104;
                                                                                                                                                                                                                                                        					E00BB7070(_t126,  &_v104, _t129); // executed
                                                                                                                                                                                                                                                        					__eflags = _v92;
                                                                                                                                                                                                                                                        					if(_v92 == 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L22;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t130 = _a4;
                                                                                                                                                                                                                                                        					if(_t130 != 1) {
                                                                                                                                                                                                                                                        						_t96 = _v40;
                                                                                                                                                                                                                                                        						__eflags = _t96 - 1;
                                                                                                                                                                                                                                                        						if(_t96 != 1) {
                                                                                                                                                                                                                                                        							__eflags = _t96;
                                                                                                                                                                                                                                                        							if(_t96 != 0) {
                                                                                                                                                                                                                                                        								_t127 = _v116;
                                                                                                                                                                                                                                                        								_t127[3] = 1;
                                                                                                                                                                                                                                                        								 *_t127 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        								_t127[1] = 0xed;
                                                                                                                                                                                                                                                        								_t127[2] = 0x80070507;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v76 = 0;
                                                                                                                                                                                                                                                        								_v80 = 0;
                                                                                                                                                                                                                                                        								QueryPerformanceCounter(_t106);
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t126 + 4)) = _v76;
                                                                                                                                                                                                                                                        								 *_t126 = _v80;
                                                                                                                                                                                                                                                        								 *(_t126 + 8) = 1;
                                                                                                                                                                                                                                                        								_t127 = _v116;
                                                                                                                                                                                                                                                        								_t127[3] = 0;
                                                                                                                                                                                                                                                        								 *_t127 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L7;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t125 =  &_v80;
                                                                                                                                                                                                                                                        						E00BB70C0(_t126,  &_v80);
                                                                                                                                                                                                                                                        						__eflags = _v64;
                                                                                                                                                                                                                                                        						if(_v64 != 0) {
                                                                                                                                                                                                                                                        							L29:
                                                                                                                                                                                                                                                        							_t86 = _v72;
                                                                                                                                                                                                                                                        							_t127 = _v116;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [esp+0x28]");
                                                                                                                                                                                                                                                        							goto L28;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t125 =  &_v104;
                                                                                                                                                                                                                                                        						_t116 = _t126;
                                                                                                                                                                                                                                                        						E00BB7110(_t116,  &_v104);
                                                                                                                                                                                                                                                        						__eflags = _v88;
                                                                                                                                                                                                                                                        						if(_v88 != 0) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							_t86 = _v96;
                                                                                                                                                                                                                                                        							_t127 = _v116;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [esp+0x10]");
                                                                                                                                                                                                                                                        							goto L28;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t125 = _v72;
                                                                                                                                                                                                                                                        						_t101 = _a8;
                                                                                                                                                                                                                                                        						_t125 = _v96;
                                                                                                                                                                                                                                                        						__eflags = ((_t116 & 0xffffff00 | _t125 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000) ^ ((_t116 & 0xffffff00 | _t125 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000);
                                                                                                                                                                                                                                                        						if((((_t116 & 0xffffff00 | _t125 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000) ^ ((_t116 & 0xffffff00 | _t125 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000)) != 0) {
                                                                                                                                                                                                                                                        							_t120 = 1;
                                                                                                                                                                                                                                                        							__eflags = _t101 - 1;
                                                                                                                                                                                                                                                        							if(_t101 != 1) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								_t130 = _t120;
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								__eflags = _t130;
                                                                                                                                                                                                                                                        								if(_t130 != 0) {
                                                                                                                                                                                                                                                        									__eflags = _t130 - 1;
                                                                                                                                                                                                                                                        									if(_t130 != 1) {
                                                                                                                                                                                                                                                        										_t127 = _v116;
                                                                                                                                                                                                                                                        										_t127[3] = 1;
                                                                                                                                                                                                                                                        										 *_t127 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        										_t127[1] = 0x131;
                                                                                                                                                                                                                                                        										_t127[2] = 0x80070507;
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *(_t126 + 0x14) = 0;
                                                                                                                                                                                                                                                        									 *(_t126 + 0x10) = 0;
                                                                                                                                                                                                                                                        									_t128 = _t126 + 0x18;
                                                                                                                                                                                                                                                        									L19:
                                                                                                                                                                                                                                                        									 *_t128 = 1;
                                                                                                                                                                                                                                                        									_t127 = _v116;
                                                                                                                                                                                                                                                        									_t127[3] = 0;
                                                                                                                                                                                                                                                        									 *_t127 = _t130;
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_v108 = 0;
                                                                                                                                                                                                                                                        								_v112.LowPart = 0;
                                                                                                                                                                                                                                                        								QueryPerformanceCounter( &_v112);
                                                                                                                                                                                                                                                        								asm("movsd xmm0, [esp+0x8]");
                                                                                                                                                                                                                                                        								asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        								_t128 = _t126 + 8;
                                                                                                                                                                                                                                                        								__eflags = _t128;
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _t130;
                                                                                                                                                                                                                                                        						_t120 = _t130;
                                                                                                                                                                                                                                                        						if(_t130 == 0) {
                                                                                                                                                                                                                                                        							__eflags = _t125;
                                                                                                                                                                                                                                                        							_t120 = _t130;
                                                                                                                                                                                                                                                        							if(_t125 != 0) {
                                                                                                                                                                                                                                                        								_t121 = _v80;
                                                                                                                                                                                                                                                        								_t125 = _v76;
                                                                                                                                                                                                                                                        								__eflags = _t121 - _v104;
                                                                                                                                                                                                                                                        								asm("sbb edx, [esp+0x14]");
                                                                                                                                                                                                                                                        								_t41 = _t121 - _v104 >= 0;
                                                                                                                                                                                                                                                        								__eflags = _t41;
                                                                                                                                                                                                                                                        								_t120 = (_t121 & 0xffffff00 | _t41) & 0x000000ff;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _t101 - 1;
                                                                                                                                                                                                                                                        						if(_t101 == 1) {
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						_v80 = 0;
                                                                                                                                                                                                                                                        						QueryPerformanceCounter(_t106);
                                                                                                                                                                                                                                                        						 *(_t126 + 0x14) = _v76;
                                                                                                                                                                                                                                                        						 *(_t126 + 0x10) = _v80;
                                                                                                                                                                                                                                                        						 *(_t126 + 0x18) = 1;
                                                                                                                                                                                                                                                        						_t127 = _v116;
                                                                                                                                                                                                                                                        						_t127[3] = 0;
                                                                                                                                                                                                                                                        						 *_t127 = 1;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}







































                                                                                                                                                                                                                                                        0x00bb6c7c
                                                                                                                                                                                                                                                        0x00bb6c80
                                                                                                                                                                                                                                                        0x00bb6c84
                                                                                                                                                                                                                                                        0x00bb6c86
                                                                                                                                                                                                                                                        0x00bb6c8d
                                                                                                                                                                                                                                                        0x00bb6c91
                                                                                                                                                                                                                                                        0x00bb6c9b
                                                                                                                                                                                                                                                        0x00bb6e8f
                                                                                                                                                                                                                                                        0x00bb6e93
                                                                                                                                                                                                                                                        0x00bb6e97
                                                                                                                                                                                                                                                        0x00bb6ece
                                                                                                                                                                                                                                                        0x00bb6ece
                                                                                                                                                                                                                                                        0x00bb6ed1
                                                                                                                                                                                                                                                        0x00bb6ed5
                                                                                                                                                                                                                                                        0x00bb6d34
                                                                                                                                                                                                                                                        0x00bb6d3a
                                                                                                                                                                                                                                                        0x00bb6d48
                                                                                                                                                                                                                                                        0x00bb6d48
                                                                                                                                                                                                                                                        0x00bb6ca3
                                                                                                                                                                                                                                                        0x00bb6ca9
                                                                                                                                                                                                                                                        0x00bb6cb3
                                                                                                                                                                                                                                                        0x00bb6cbd
                                                                                                                                                                                                                                                        0x00bb6e9f
                                                                                                                                                                                                                                                        0x00bb6ea3
                                                                                                                                                                                                                                                        0x00bb6ea7
                                                                                                                                                                                                                                                        0x00bb6ead
                                                                                                                                                                                                                                                        0x00bb6eb4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6eb4
                                                                                                                                                                                                                                                        0x00bb6cc7
                                                                                                                                                                                                                                                        0x00bb6ccd
                                                                                                                                                                                                                                                        0x00bb6cd0
                                                                                                                                                                                                                                                        0x00bb6cda
                                                                                                                                                                                                                                                        0x00bb6ec0
                                                                                                                                                                                                                                                        0x00bb6ec4
                                                                                                                                                                                                                                                        0x00bb6ec8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6ec8
                                                                                                                                                                                                                                                        0x00bb6ce5
                                                                                                                                                                                                                                                        0x00bb6e09
                                                                                                                                                                                                                                                        0x00bb6e0f
                                                                                                                                                                                                                                                        0x00bb6e14
                                                                                                                                                                                                                                                        0x00bb6e19
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e1f
                                                                                                                                                                                                                                                        0x00bb6e26
                                                                                                                                                                                                                                                        0x00bb6e2e
                                                                                                                                                                                                                                                        0x00bb6e33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6cf5
                                                                                                                                                                                                                                                        0x00bb6cf5
                                                                                                                                                                                                                                                        0x00bb6cf5
                                                                                                                                                                                                                                                        0x00bb6cfb
                                                                                                                                                                                                                                                        0x00bb6d49
                                                                                                                                                                                                                                                        0x00bb6d4d
                                                                                                                                                                                                                                                        0x00bb6d50
                                                                                                                                                                                                                                                        0x00bb6e4c
                                                                                                                                                                                                                                                        0x00bb6e4e
                                                                                                                                                                                                                                                        0x00bb6f01
                                                                                                                                                                                                                                                        0x00bb6f05
                                                                                                                                                                                                                                                        0x00bb6f09
                                                                                                                                                                                                                                                        0x00bb6f0f
                                                                                                                                                                                                                                                        0x00bb6f16
                                                                                                                                                                                                                                                        0x00bb6e54
                                                                                                                                                                                                                                                        0x00bb6e54
                                                                                                                                                                                                                                                        0x00bb6e5c
                                                                                                                                                                                                                                                        0x00bb6e65
                                                                                                                                                                                                                                                        0x00bb6e73
                                                                                                                                                                                                                                                        0x00bb6e76
                                                                                                                                                                                                                                                        0x00bb6e78
                                                                                                                                                                                                                                                        0x00bb6e7c
                                                                                                                                                                                                                                                        0x00bb6e80
                                                                                                                                                                                                                                                        0x00bb6e84
                                                                                                                                                                                                                                                        0x00bb6e84
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e4e
                                                                                                                                                                                                                                                        0x00bb6d56
                                                                                                                                                                                                                                                        0x00bb6d5c
                                                                                                                                                                                                                                                        0x00bb6d61
                                                                                                                                                                                                                                                        0x00bb6d66
                                                                                                                                                                                                                                                        0x00bb6ede
                                                                                                                                                                                                                                                        0x00bb6ede
                                                                                                                                                                                                                                                        0x00bb6ee2
                                                                                                                                                                                                                                                        0x00bb6ee6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6ee6
                                                                                                                                                                                                                                                        0x00bb6d6c
                                                                                                                                                                                                                                                        0x00bb6d70
                                                                                                                                                                                                                                                        0x00bb6d72
                                                                                                                                                                                                                                                        0x00bb6d77
                                                                                                                                                                                                                                                        0x00bb6d7c
                                                                                                                                                                                                                                                        0x00bb6e39
                                                                                                                                                                                                                                                        0x00bb6e39
                                                                                                                                                                                                                                                        0x00bb6e3d
                                                                                                                                                                                                                                                        0x00bb6e41
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e41
                                                                                                                                                                                                                                                        0x00bb6d82
                                                                                                                                                                                                                                                        0x00bb6d86
                                                                                                                                                                                                                                                        0x00bb6d8e
                                                                                                                                                                                                                                                        0x00bb6d96
                                                                                                                                                                                                                                                        0x00bb6d98
                                                                                                                                                                                                                                                        0x00bb6eee
                                                                                                                                                                                                                                                        0x00bb6ef3
                                                                                                                                                                                                                                                        0x00bb6ef6
                                                                                                                                                                                                                                                        0x00bb6dc5
                                                                                                                                                                                                                                                        0x00bb6dc5
                                                                                                                                                                                                                                                        0x00bb6dc7
                                                                                                                                                                                                                                                        0x00bb6dc7
                                                                                                                                                                                                                                                        0x00bb6dc9
                                                                                                                                                                                                                                                        0x00bb6f22
                                                                                                                                                                                                                                                        0x00bb6f25
                                                                                                                                                                                                                                                        0x00bb6f3d
                                                                                                                                                                                                                                                        0x00bb6f41
                                                                                                                                                                                                                                                        0x00bb6f45
                                                                                                                                                                                                                                                        0x00bb6f4b
                                                                                                                                                                                                                                                        0x00bb6f52
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6f52
                                                                                                                                                                                                                                                        0x00bb6f27
                                                                                                                                                                                                                                                        0x00bb6f2e
                                                                                                                                                                                                                                                        0x00bb6f35
                                                                                                                                                                                                                                                        0x00bb6df7
                                                                                                                                                                                                                                                        0x00bb6df7
                                                                                                                                                                                                                                                        0x00bb6dfa
                                                                                                                                                                                                                                                        0x00bb6dfe
                                                                                                                                                                                                                                                        0x00bb6e02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e02
                                                                                                                                                                                                                                                        0x00bb6dd3
                                                                                                                                                                                                                                                        0x00bb6ddb
                                                                                                                                                                                                                                                        0x00bb6de4
                                                                                                                                                                                                                                                        0x00bb6dea
                                                                                                                                                                                                                                                        0x00bb6df0
                                                                                                                                                                                                                                                        0x00bb6df4
                                                                                                                                                                                                                                                        0x00bb6df4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6df4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6efc
                                                                                                                                                                                                                                                        0x00bb6d9e
                                                                                                                                                                                                                                                        0x00bb6da0
                                                                                                                                                                                                                                                        0x00bb6da2
                                                                                                                                                                                                                                                        0x00bb6da4
                                                                                                                                                                                                                                                        0x00bb6da6
                                                                                                                                                                                                                                                        0x00bb6da8
                                                                                                                                                                                                                                                        0x00bb6daa
                                                                                                                                                                                                                                                        0x00bb6dae
                                                                                                                                                                                                                                                        0x00bb6db2
                                                                                                                                                                                                                                                        0x00bb6db6
                                                                                                                                                                                                                                                        0x00bb6dba
                                                                                                                                                                                                                                                        0x00bb6dba
                                                                                                                                                                                                                                                        0x00bb6dbd
                                                                                                                                                                                                                                                        0x00bb6dbd
                                                                                                                                                                                                                                                        0x00bb6da8
                                                                                                                                                                                                                                                        0x00bb6dc0
                                                                                                                                                                                                                                                        0x00bb6dc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6cfd
                                                                                                                                                                                                                                                        0x00bb6cfd
                                                                                                                                                                                                                                                        0x00bb6d05
                                                                                                                                                                                                                                                        0x00bb6d0e
                                                                                                                                                                                                                                                        0x00bb6d1c
                                                                                                                                                                                                                                                        0x00bb6d1f
                                                                                                                                                                                                                                                        0x00bb6d22
                                                                                                                                                                                                                                                        0x00bb6d26
                                                                                                                                                                                                                                                        0x00bb6d2a
                                                                                                                                                                                                                                                        0x00bb6d2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6d2e
                                                                                                                                                                                                                                                        0x00bb6cfb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB6950: RegCreateKeyExW.KERNELBASE(80000001,SOFTWARE\Mozilla\Firefox\Launcher,00000000,00000000,00000000,000F003F,00000000,?,?,76337E20,?,00BB5A6D), ref: 00BB698C
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000), ref: 00BB6CA3
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BB6D0E
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BB6DE4
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BB6E65
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CounterPerformanceQuery$CreateHandleModule
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 935252311-0
                                                                                                                                                                                                                                                        • Opcode ID: c5cc96eec09a210391c436e9a8e06e012f77bea6caee33f7a91257417d0c91fc
                                                                                                                                                                                                                                                        • Instruction ID: 86fddbc5dedcc3ae69537345c3944cd8579dc2ee404b930e5edbba7b16a943d7
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c5cc96eec09a210391c436e9a8e06e012f77bea6caee33f7a91257417d0c91fc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 858158745087859BD711CF24C0847AAFBE1BF85314F148A8DE8991B381D7F9ED98CB82
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BB9600(void* __ecx, void* __edx, intOrPtr _a4, intOrPtr* _a8, intOrPtr* _a12, signed int _a16) {
                                                                                                                                                                                                                                                        				void* _v0;
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				char* _v56;
                                                                                                                                                                                                                                                        				union _MEMORY_INFORMATION_CLASS _v60;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				signed int _v68;
                                                                                                                                                                                                                                                        				signed int _v72;
                                                                                                                                                                                                                                                        				char _v76;
                                                                                                                                                                                                                                                        				signed int _v100;
                                                                                                                                                                                                                                                        				signed int _t63;
                                                                                                                                                                                                                                                        				signed int _t65;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				long _t79;
                                                                                                                                                                                                                                                        				intOrPtr _t81;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				union _MEMORY_INFORMATION_CLASS _t88;
                                                                                                                                                                                                                                                        				intOrPtr* _t94;
                                                                                                                                                                                                                                                        				intOrPtr* _t95;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				signed int _t104;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t113;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				void* _t126;
                                                                                                                                                                                                                                                        				char _t127;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				intOrPtr _t130;
                                                                                                                                                                                                                                                        				intOrPtr _t131;
                                                                                                                                                                                                                                                        				signed int _t133;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				void* _t138;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t137 = (_t135 & 0xfffffff0) - 0x40;
                                                                                                                                                                                                                                                        				_t128 = __edx;
                                                                                                                                                                                                                                                        				_t113 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t63 = _a16;
                                                                                                                                                                                                                                                        				_t94 = _a8;
                                                                                                                                                                                                                                                        				_t114 = _t113 ^ _t133;
                                                                                                                                                                                                                                                        				_v24 = _t113 ^ _t133;
                                                                                                                                                                                                                                                        				if( *((char*)(_t63 + 8)) != 0) {
                                                                                                                                                                                                                                                        					_t115 =  *_t63;
                                                                                                                                                                                                                                                        					__eflags = _t115;
                                                                                                                                                                                                                                                        					_v72 = _t115;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						E00BB77D5(0x2ce, _t115, __eflags);
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						_push(_t133);
                                                                                                                                                                                                                                                        						_t134 = _t137;
                                                                                                                                                                                                                                                        						_push(_t94);
                                                                                                                                                                                                                                                        						_push(_t128);
                                                                                                                                                                                                                                                        						_t138 = _t137 - 0x28;
                                                                                                                                                                                                                                                        						_t65 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        						_v100 = _t65 ^ _t134;
                                                                                                                                                                                                                                                        						_t125 = E00BB94B0();
                                                                                                                                                                                                                                                        						_t68 = 0;
                                                                                                                                                                                                                                                        						__eflags = _v72;
                                                                                                                                                                                                                                                        						if(_v72 != 0) {
                                                                                                                                                                                                                                                        							_t95 = _a12;
                                                                                                                                                                                                                                                        							_t130 = _a8;
                                                                                                                                                                                                                                                        							__eflags = _t130 - _t95;
                                                                                                                                                                                                                                                        							if(_t130 < _t95) {
                                                                                                                                                                                                                                                        								_v32 = 0;
                                                                                                                                                                                                                                                        								_push( &_v32);
                                                                                                                                                                                                                                                        								L00BEF8D6();
                                                                                                                                                                                                                                                        								_t138 = _t138 + 4;
                                                                                                                                                                                                                                                        								_t68 = 0;
                                                                                                                                                                                                                                                        								_t115 = _v32 % (_t95 - _t130 + _a4) / _t125 * _t125 + _t130;
                                                                                                                                                                                                                                                        								_t131 = _a4;
                                                                                                                                                                                                                                                        								_t96 = _t95 - _t131;
                                                                                                                                                                                                                                                        								__eflags = _t115 - _t96;
                                                                                                                                                                                                                                                        								if(_t115 <= _t96) {
                                                                                                                                                                                                                                                        									_t126 =  &_v60;
                                                                                                                                                                                                                                                        									while(1) {
                                                                                                                                                                                                                                                        										_t79 = NtQueryVirtualMemory(_v0, _t115, 0, _t126, 0x1c,  &_v28);
                                                                                                                                                                                                                                                        										__eflags = _t79;
                                                                                                                                                                                                                                                        										if(_t79 < 0) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _v28;
                                                                                                                                                                                                                                                        										if(_v28 == 0) {
                                                                                                                                                                                                                                                        											L29:
                                                                                                                                                                                                                                                        											_t68 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											__eflags = _v44 - 0x10000;
                                                                                                                                                                                                                                                        											_t115 = _v60;
                                                                                                                                                                                                                                                        											_t81 = _v48;
                                                                                                                                                                                                                                                        											if(_v44 != 0x10000) {
                                                                                                                                                                                                                                                        												L22:
                                                                                                                                                                                                                                                        												_t115 = _t115 + _t81;
                                                                                                                                                                                                                                                        												__eflags = _t115 - _t96;
                                                                                                                                                                                                                                                        												if(_t115 > _t96) {
                                                                                                                                                                                                                                                        													goto L29;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags = _t81 - _t131;
                                                                                                                                                                                                                                                        												if(_t81 < _t131) {
                                                                                                                                                                                                                                                        													goto L22;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t68 = _t115;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L20;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_push(RtlNtStatusToDosError(_t79));
                                                                                                                                                                                                                                                        									L00BEF768();
                                                                                                                                                                                                                                                        									goto L29;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L20:
                                                                                                                                                                                                                                                        						__eflags = _v24 ^ _t134;
                                                                                                                                                                                                                                                        						E00BEECB0(_v24 ^ _t134, _t115);
                                                                                                                                                                                                                                                        						return _t68;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t8 = _t63 + 4; // 0xc4689c0
                                                                                                                                                                                                                                                        						_t114 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        						_v76 =  *_t8;
                                                                                                                                                                                                                                                        						_t83 =  *0xbfa794; // 0x0
                                                                                                                                                                                                                                                        						_t104 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        						_t105 =  *((intOrPtr*)( *[fs:0x2c] + _t104 * 4));
                                                                                                                                                                                                                                                        						__eflags = _t83 -  *((intOrPtr*)(_t105 + 4));
                                                                                                                                                                                                                                                        						if(_t83 >  *((intOrPtr*)(_t105 + 4))) {
                                                                                                                                                                                                                                                        							E00BEE547(_t83, 0xbfa794);
                                                                                                                                                                                                                                                        							_t137 = _t137 + 4;
                                                                                                                                                                                                                                                        							__eflags =  *0xbfa794 - 0xffffffff;
                                                                                                                                                                                                                                                        							if( *0xbfa794 == 0xffffffff) {
                                                                                                                                                                                                                                                        								E00BB9890();
                                                                                                                                                                                                                                                        								E00BEE599(0xbfa794);
                                                                                                                                                                                                                                                        								_t137 = _t137 + 4;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t106 =  *0xbfa790; // 0x0
                                                                                                                                                                                                                                                        						__eflags = _t106;
                                                                                                                                                                                                                                                        						if(_t106 == 0) {
                                                                                                                                                                                                                                                        							_v68 = 0xffffffff;
                                                                                                                                                                                                                                                        							_t30 =  &_v72;
                                                                                                                                                                                                                                                        							 *_t30 = _v72 + _v76;
                                                                                                                                                                                                                                                        							__eflags =  *_t30;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t63 = _v68 + 1;
                                                                                                                                                                                                                                                        								__eflags = _t63 - 7;
                                                                                                                                                                                                                                                        								_v68 = _t63;
                                                                                                                                                                                                                                                        								if(_t63 > 7) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_push(_v72);
                                                                                                                                                                                                                                                        								_push(_v76);
                                                                                                                                                                                                                                                        								_push(_a4);
                                                                                                                                                                                                                                                        								_push(_t128);
                                                                                                                                                                                                                                                        								L17();
                                                                                                                                                                                                                                                        								__eflags = _t63;
                                                                                                                                                                                                                                                        								if(_t63 == 0) {
                                                                                                                                                                                                                                                        									 *_t137 = 0;
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__imp__?MapRemoteViewOfFile@mozilla@@YAPAXPAX0_K0KKK@Z( *_t94, _t128, 0, 0, _t63, 0, 0, 0x20);
                                                                                                                                                                                                                                                        									_t137 = _t137 + 0x20;
                                                                                                                                                                                                                                                        									__eflags = _t63;
                                                                                                                                                                                                                                                        									 *_t137 = _t63;
                                                                                                                                                                                                                                                        									if(_t63 == 0) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L2;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t127 = _v76;
                                                                                                                                                                                                                                                        							asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        							asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        							_v60 = 0;
                                                                                                                                                                                                                                                        							_v64 = 1;
                                                                                                                                                                                                                                                        							_v36 = _t127;
                                                                                                                                                                                                                                                        							_v32 = _t127 + _v72 - 1;
                                                                                                                                                                                                                                                        							_v28 = 0;
                                                                                                                                                                                                                                                        							_v56 =  &_v36;
                                                                                                                                                                                                                                                        							_t114 =  &_v64;
                                                                                                                                                                                                                                                        							 *_t137 =  *_t106( *_a12, _t128, 0, 0, 0, _a4, 0, 0x20,  &_v64, 1);
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							E00BEECB0(_v40 ^ _t133, _t114);
                                                                                                                                                                                                                                                        							_t88 =  *_t137;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					__imp__?MapRemoteViewOfFile@mozilla@@YAPAXPAX0_K0KKK@Z( *_t94, _t128, 0, 0, 0, 0, 0, 0x20); // executed
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t133, _t114);
                                                                                                                                                                                                                                                        					_t88 = _t63;
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t88;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}













































                                                                                                                                                                                                                                                        0x00bb9609
                                                                                                                                                                                                                                                        0x00bb960c
                                                                                                                                                                                                                                                        0x00bb960e
                                                                                                                                                                                                                                                        0x00bb9614
                                                                                                                                                                                                                                                        0x00bb9617
                                                                                                                                                                                                                                                        0x00bb961c
                                                                                                                                                                                                                                                        0x00bb961e
                                                                                                                                                                                                                                                        0x00bb9626
                                                                                                                                                                                                                                                        0x00bb9657
                                                                                                                                                                                                                                                        0x00bb9659
                                                                                                                                                                                                                                                        0x00bb965d
                                                                                                                                                                                                                                                        0x00bb9661
                                                                                                                                                                                                                                                        0x00bb979a
                                                                                                                                                                                                                                                        0x00bb97a0
                                                                                                                                                                                                                                                        0x00bb97a5
                                                                                                                                                                                                                                                        0x00bb97a6
                                                                                                                                                                                                                                                        0x00bb97a7
                                                                                                                                                                                                                                                        0x00bb97a8
                                                                                                                                                                                                                                                        0x00bb97a9
                                                                                                                                                                                                                                                        0x00bb97aa
                                                                                                                                                                                                                                                        0x00bb97ab
                                                                                                                                                                                                                                                        0x00bb97ac
                                                                                                                                                                                                                                                        0x00bb97ad
                                                                                                                                                                                                                                                        0x00bb97ae
                                                                                                                                                                                                                                                        0x00bb97af
                                                                                                                                                                                                                                                        0x00bb97b0
                                                                                                                                                                                                                                                        0x00bb97b1
                                                                                                                                                                                                                                                        0x00bb97b3
                                                                                                                                                                                                                                                        0x00bb97b5
                                                                                                                                                                                                                                                        0x00bb97b6
                                                                                                                                                                                                                                                        0x00bb97b9
                                                                                                                                                                                                                                                        0x00bb97c0
                                                                                                                                                                                                                                                        0x00bb97c8
                                                                                                                                                                                                                                                        0x00bb97ca
                                                                                                                                                                                                                                                        0x00bb97cc
                                                                                                                                                                                                                                                        0x00bb97d0
                                                                                                                                                                                                                                                        0x00bb97d2
                                                                                                                                                                                                                                                        0x00bb97d5
                                                                                                                                                                                                                                                        0x00bb97d8
                                                                                                                                                                                                                                                        0x00bb97da
                                                                                                                                                                                                                                                        0x00bb97df
                                                                                                                                                                                                                                                        0x00bb97e6
                                                                                                                                                                                                                                                        0x00bb97e7
                                                                                                                                                                                                                                                        0x00bb97ec
                                                                                                                                                                                                                                                        0x00bb9809
                                                                                                                                                                                                                                                        0x00bb980b
                                                                                                                                                                                                                                                        0x00bb980d
                                                                                                                                                                                                                                                        0x00bb9810
                                                                                                                                                                                                                                                        0x00bb9812
                                                                                                                                                                                                                                                        0x00bb9814
                                                                                                                                                                                                                                                        0x00bb982e
                                                                                                                                                                                                                                                        0x00bb9846
                                                                                                                                                                                                                                                        0x00bb9853
                                                                                                                                                                                                                                                        0x00bb9858
                                                                                                                                                                                                                                                        0x00bb985a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb985c
                                                                                                                                                                                                                                                        0x00bb9860
                                                                                                                                                                                                                                                        0x00bb9885
                                                                                                                                                                                                                                                        0x00bb9885
                                                                                                                                                                                                                                                        0x00bb9862
                                                                                                                                                                                                                                                        0x00bb9862
                                                                                                                                                                                                                                                        0x00bb9869
                                                                                                                                                                                                                                                        0x00bb986c
                                                                                                                                                                                                                                                        0x00bb986f
                                                                                                                                                                                                                                                        0x00bb9840
                                                                                                                                                                                                                                                        0x00bb9840
                                                                                                                                                                                                                                                        0x00bb9842
                                                                                                                                                                                                                                                        0x00bb9844
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9871
                                                                                                                                                                                                                                                        0x00bb9871
                                                                                                                                                                                                                                                        0x00bb9873
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9875
                                                                                                                                                                                                                                                        0x00bb9875
                                                                                                                                                                                                                                                        0x00bb9875
                                                                                                                                                                                                                                                        0x00bb9873
                                                                                                                                                                                                                                                        0x00bb986f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9860
                                                                                                                                                                                                                                                        0x00bb987f
                                                                                                                                                                                                                                                        0x00bb9880
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9880
                                                                                                                                                                                                                                                        0x00bb9814
                                                                                                                                                                                                                                                        0x00bb97da
                                                                                                                                                                                                                                                        0x00bb9816
                                                                                                                                                                                                                                                        0x00bb981b
                                                                                                                                                                                                                                                        0x00bb981d
                                                                                                                                                                                                                                                        0x00bb982b
                                                                                                                                                                                                                                                        0x00bb9667
                                                                                                                                                                                                                                                        0x00bb9667
                                                                                                                                                                                                                                                        0x00bb966a
                                                                                                                                                                                                                                                        0x00bb9671
                                                                                                                                                                                                                                                        0x00bb9675
                                                                                                                                                                                                                                                        0x00bb967a
                                                                                                                                                                                                                                                        0x00bb9680
                                                                                                                                                                                                                                                        0x00bb9683
                                                                                                                                                                                                                                                        0x00bb9689
                                                                                                                                                                                                                                                        0x00bb976e
                                                                                                                                                                                                                                                        0x00bb9773
                                                                                                                                                                                                                                                        0x00bb9776
                                                                                                                                                                                                                                                        0x00bb977d
                                                                                                                                                                                                                                                        0x00bb9783
                                                                                                                                                                                                                                                        0x00bb978d
                                                                                                                                                                                                                                                        0x00bb9792
                                                                                                                                                                                                                                                        0x00bb9792
                                                                                                                                                                                                                                                        0x00bb977d
                                                                                                                                                                                                                                                        0x00bb968f
                                                                                                                                                                                                                                                        0x00bb9695
                                                                                                                                                                                                                                                        0x00bb9697
                                                                                                                                                                                                                                                        0x00bb970b
                                                                                                                                                                                                                                                        0x00bb9713
                                                                                                                                                                                                                                                        0x00bb9713
                                                                                                                                                                                                                                                        0x00bb9713
                                                                                                                                                                                                                                                        0x00bb9717
                                                                                                                                                                                                                                                        0x00bb971b
                                                                                                                                                                                                                                                        0x00bb971c
                                                                                                                                                                                                                                                        0x00bb971f
                                                                                                                                                                                                                                                        0x00bb9723
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb972b
                                                                                                                                                                                                                                                        0x00bb972f
                                                                                                                                                                                                                                                        0x00bb9733
                                                                                                                                                                                                                                                        0x00bb9736
                                                                                                                                                                                                                                                        0x00bb9737
                                                                                                                                                                                                                                                        0x00bb973c
                                                                                                                                                                                                                                                        0x00bb973e
                                                                                                                                                                                                                                                        0x00bb9760
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9740
                                                                                                                                                                                                                                                        0x00bb974e
                                                                                                                                                                                                                                                        0x00bb9754
                                                                                                                                                                                                                                                        0x00bb9757
                                                                                                                                                                                                                                                        0x00bb9759
                                                                                                                                                                                                                                                        0x00bb975c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb975e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb975e
                                                                                                                                                                                                                                                        0x00bb975c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb973e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9699
                                                                                                                                                                                                                                                        0x00bb9699
                                                                                                                                                                                                                                                        0x00bb96a4
                                                                                                                                                                                                                                                        0x00bb96a7
                                                                                                                                                                                                                                                        0x00bb96ac
                                                                                                                                                                                                                                                        0x00bb96b4
                                                                                                                                                                                                                                                        0x00bb96c0
                                                                                                                                                                                                                                                        0x00bb96c4
                                                                                                                                                                                                                                                        0x00bb96cc
                                                                                                                                                                                                                                                        0x00bb96d4
                                                                                                                                                                                                                                                        0x00bb96d8
                                                                                                                                                                                                                                                        0x00bb96f1
                                                                                                                                                                                                                                                        0x00bb96f4
                                                                                                                                                                                                                                                        0x00bb96fa
                                                                                                                                                                                                                                                        0x00bb96ff
                                                                                                                                                                                                                                                        0x00bb96ff
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9697
                                                                                                                                                                                                                                                        0x00bb9628
                                                                                                                                                                                                                                                        0x00bb9628
                                                                                                                                                                                                                                                        0x00bb9637
                                                                                                                                                                                                                                                        0x00bb9648
                                                                                                                                                                                                                                                        0x00bb964d
                                                                                                                                                                                                                                                        0x00bb964f
                                                                                                                                                                                                                                                        0x00bb9656
                                                                                                                                                                                                                                                        0x00bb9656

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ?MapRemoteViewOfFile@mozilla@@YAPAXPAX0_K0KKK@Z.MOZGLUE(?,?,00000000,00000000,00000000,00000000,00000000,00000020), ref: 00BB9637
                                                                                                                                                                                                                                                        • ?MapRemoteViewOfFile@mozilla@@YAPAXPAX0_K0KKK@Z.MOZGLUE(?,?,00000000,00000000,00000000,00000000,00000000,00000020,?,?,?,?), ref: 00BB974E
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BB976E
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BB978D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: File@mozilla@@RemoteView$Init_thread_footerInit_thread_header
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2144199789-0
                                                                                                                                                                                                                                                        • Opcode ID: 37f790cc2ebca23022ffb8330bc086f9e6640223438ea5d1258f286b88a7619a
                                                                                                                                                                                                                                                        • Instruction ID: 146e52dc32d67eff97a45aeb3602f8e00a75c1ebc973fe71b450b99020fa8644
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 37f790cc2ebca23022ffb8330bc086f9e6640223438ea5d1258f286b88a7619a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 794190B5604340AFD714DF15CC85FAABBE1EF89710F10895DFA595B2A0DBB1AC50CB82
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 89%
                                                                                                                                                                                                                                                        			E00BBA460(void** __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _t7;
                                                                                                                                                                                                                                                        				void* _t8;
                                                                                                                                                                                                                                                        				void* _t9;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				int _t11;
                                                                                                                                                                                                                                                        				void** _t15;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				void** _t17;
                                                                                                                                                                                                                                                        				void** _t19;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t17 = __ecx;
                                                                                                                                                                                                                                                        				E00BBA490(__ecx, _t16);
                                                                                                                                                                                                                                                        				_t7 =  *(__ecx + 0x18);
                                                                                                                                                                                                                                                        				if(_t7 != 4) {
                                                                                                                                                                                                                                                        					free(_t7);
                                                                                                                                                                                                                                                        					_t22 = _t22 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t15 = _t17;
                                                                                                                                                                                                                                                        				_pop(_t18);
                                                                                                                                                                                                                                                        				_pop(_t20);
                                                                                                                                                                                                                                                        				_t8 = _t15[2];
                                                                                                                                                                                                                                                        				_t19 = _t15;
                                                                                                                                                                                                                                                        				if(_t8 != 0) {
                                                                                                                                                                                                                                                        					UnmapViewOfFile(_t8);
                                                                                                                                                                                                                                                        					_t19[2] = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t9 = _t19[1];
                                                                                                                                                                                                                                                        				if(_t9 != 0) {
                                                                                                                                                                                                                                                        					CloseHandle(_t9);
                                                                                                                                                                                                                                                        					_t19[1] = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t10 =  *_t19;
                                                                                                                                                                                                                                                        				if(_t10 != 0) {
                                                                                                                                                                                                                                                        					_t11 = FindCloseChangeNotification(_t10); // executed
                                                                                                                                                                                                                                                        					 *_t19 = 0;
                                                                                                                                                                                                                                                        					return _t11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t10;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bba464
                                                                                                                                                                                                                                                        0x00bba466
                                                                                                                                                                                                                                                        0x00bba46b
                                                                                                                                                                                                                                                        0x00bba471
                                                                                                                                                                                                                                                        0x00bba47d
                                                                                                                                                                                                                                                        0x00bba483
                                                                                                                                                                                                                                                        0x00bba483
                                                                                                                                                                                                                                                        0x00bba473
                                                                                                                                                                                                                                                        0x00bba475
                                                                                                                                                                                                                                                        0x00bba476
                                                                                                                                                                                                                                                        0x00bba5f4
                                                                                                                                                                                                                                                        0x00bba5f7
                                                                                                                                                                                                                                                        0x00bba5fb
                                                                                                                                                                                                                                                        0x00bba5fe
                                                                                                                                                                                                                                                        0x00bba604
                                                                                                                                                                                                                                                        0x00bba604
                                                                                                                                                                                                                                                        0x00bba60b
                                                                                                                                                                                                                                                        0x00bba610
                                                                                                                                                                                                                                                        0x00bba613
                                                                                                                                                                                                                                                        0x00bba619
                                                                                                                                                                                                                                                        0x00bba619
                                                                                                                                                                                                                                                        0x00bba620
                                                                                                                                                                                                                                                        0x00bba624
                                                                                                                                                                                                                                                        0x00bba627
                                                                                                                                                                                                                                                        0x00bba62d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba62d
                                                                                                                                                                                                                                                        0x00bba635

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,00BB79AC,?,?,00BB2A0E), ref: 00BBA47D
                                                                                                                                                                                                                                                        • UnmapViewOfFile.KERNEL32(?,00BB2A0E), ref: 00BBA5FE
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00BB10C6,00BB2A0E), ref: 00BBA613
                                                                                                                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE(00BB10C6,00BB2A0E), ref: 00BBA627
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Close$ChangeFileFindHandleNotificationUnmapViewfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1704828286-0
                                                                                                                                                                                                                                                        • Opcode ID: 3ee59a30de28b47457fdb0dc436e51c6ee4fe8df07eb3914030e1b72a9c44839
                                                                                                                                                                                                                                                        • Instruction ID: 8d4cd7fe6df654f1feb922a16afef7aad4f9611e41641fa7c9daf160b36c366f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ee59a30de28b47457fdb0dc436e51c6ee4fe8df07eb3914030e1b72a9c44839
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 34F08C75A003019BD6205F69E848BB2B7ECDF04764F0448A9E846D3640DEB2E840CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB6950(void* __ecx, int* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				signed short _t23;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				int _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				int* _t37;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t35 = __edx;
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t37 = __edx;
                                                                                                                                                                                                                                                        				_v20 = _t18 ^ _t38;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 0x20)) != 0) {
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					_t37[3] = 0;
                                                                                                                                                                                                                                                        					 *_t37 = 1;
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t38, _t35);
                                                                                                                                                                                                                                                        					return _t37;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t36 = __ecx;
                                                                                                                                                                                                                                                        				_t23 = RegCreateKeyExW(0x80000001, L"SOFTWARE\\Mozilla\\Firefox\\Launcher", 0, 0, 0, 0xf003f, 0,  &_v28,  &_v24); // executed
                                                                                                                                                                                                                                                        				if(_t23 != 0) {
                                                                                                                                                                                                                                                        					_t37[3] = 1;
                                                                                                                                                                                                                                                        					 *_t37 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        					_t37[1] = 0x79;
                                                                                                                                                                                                                                                        					_t34 =  <=  ? _t23 : _t23 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					_t37[2] =  <=  ? _t23 : _t23 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t24 =  *(_t36 + 0x20);
                                                                                                                                                                                                                                                        				_t27 = _v28;
                                                                                                                                                                                                                                                        				if(_t24 != 0) {
                                                                                                                                                                                                                                                        					RegCloseKey(_t24);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *(_t36 + 0x20) = _t27;
                                                                                                                                                                                                                                                        				_t26 = _v24;
                                                                                                                                                                                                                                                        				if(_t26 != 2) {
                                                                                                                                                                                                                                                        					if(_t26 != 1) {
                                                                                                                                                                                                                                                        						_t37[3] = 1;
                                                                                                                                                                                                                                                        						 *_t37 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        						_t37[1] = 0x88;
                                                                                                                                                                                                                                                        						_t37[2] = 0x80070507;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t37[3] = 0;
                                                                                                                                                                                                                                                        						 *_t37 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bb6950
                                                                                                                                                                                                                                                        0x00bb6959
                                                                                                                                                                                                                                                        0x00bb695e
                                                                                                                                                                                                                                                        0x00bb6962
                                                                                                                                                                                                                                                        0x00bb6969
                                                                                                                                                                                                                                                        0x00bb69ab
                                                                                                                                                                                                                                                        0x00bb69ab
                                                                                                                                                                                                                                                        0x00bb69af
                                                                                                                                                                                                                                                        0x00bb69b5
                                                                                                                                                                                                                                                        0x00bb69ba
                                                                                                                                                                                                                                                        0x00bb69c8
                                                                                                                                                                                                                                                        0x00bb69c8
                                                                                                                                                                                                                                                        0x00bb696b
                                                                                                                                                                                                                                                        0x00bb698c
                                                                                                                                                                                                                                                        0x00bb6994
                                                                                                                                                                                                                                                        0x00bb69dd
                                                                                                                                                                                                                                                        0x00bb69e1
                                                                                                                                                                                                                                                        0x00bb69e7
                                                                                                                                                                                                                                                        0x00bb69f6
                                                                                                                                                                                                                                                        0x00bb69f9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb69f9
                                                                                                                                                                                                                                                        0x00bb6996
                                                                                                                                                                                                                                                        0x00bb6999
                                                                                                                                                                                                                                                        0x00bb699e
                                                                                                                                                                                                                                                        0x00bb69ff
                                                                                                                                                                                                                                                        0x00bb69ff
                                                                                                                                                                                                                                                        0x00bb69a0
                                                                                                                                                                                                                                                        0x00bb69a3
                                                                                                                                                                                                                                                        0x00bb69a9
                                                                                                                                                                                                                                                        0x00bb69cc
                                                                                                                                                                                                                                                        0x00bb6a07
                                                                                                                                                                                                                                                        0x00bb6a0b
                                                                                                                                                                                                                                                        0x00bb6a11
                                                                                                                                                                                                                                                        0x00bb6a18
                                                                                                                                                                                                                                                        0x00bb69ce
                                                                                                                                                                                                                                                        0x00bb69ce
                                                                                                                                                                                                                                                        0x00bb69d2
                                                                                                                                                                                                                                                        0x00bb69d2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegCreateKeyExW.KERNELBASE(80000001,SOFTWARE\Mozilla\Firefox\Launcher,00000000,00000000,00000000,000F003F,00000000,?,?,76337E20,?,00BB5A6D), ref: 00BB698C
                                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000,?,00BB5A6D), ref: 00BB69FF
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • SOFTWARE\Mozilla\Firefox\Launcher, xrefs: 00BB6982
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseCreate
                                                                                                                                                                                                                                                        • String ID: SOFTWARE\Mozilla\Firefox\Launcher
                                                                                                                                                                                                                                                        • API String ID: 2932200918-1856778397
                                                                                                                                                                                                                                                        • Opcode ID: d9b05f06c38551028447b7fe772bd3f31a25624ca1b05a1ef63d6697a1cdfc6e
                                                                                                                                                                                                                                                        • Instruction ID: 48f3a3375b31e292db549962b3f1c44d59fad29ff83427d73f75bd0928392d1a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d9b05f06c38551028447b7fe772bd3f31a25624ca1b05a1ef63d6697a1cdfc6e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FB216F70600349DFE7248F25C845BBABBE4FB54718F20885DE6CA9B681E7F9AC44CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BBDF80(intOrPtr* __ecx, intOrPtr* __edx) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				char _v16;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				signed short _t14;
                                                                                                                                                                                                                                                        				char* _t25;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t24 = __edx;
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t25 = __ecx;
                                                                                                                                                                                                                                                        				_v12 = _t11 ^ _t26;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx)) = 0;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0x10)) = 0;
                                                                                                                                                                                                                                                        				_t13 = __ecx + 0x14;
                                                                                                                                                                                                                                                        				_v16 = 0x209;
                                                                                                                                                                                                                                                        				__imp__QueryFullProcessImageNameW( *__edx, 1, _t13,  &_v16); // executed
                                                                                                                                                                                                                                                        				if(_t13 == 0) {
                                                                                                                                                                                                                                                        					_t14 = GetLastError();
                                                                                                                                                                                                                                                        					 *((char*)(_t25 + 0x10)) = 1;
                                                                                                                                                                                                                                                        					 *(_t25 + 4) = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t25 + 8)) = 0x1e;
                                                                                                                                                                                                                                                        					_t21 =  <=  ? _t14 : _t14 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t25 + 0xc)) =  <=  ? _t14 : _t14 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v12 ^ _t26, _t24);
                                                                                                                                                                                                                                                        				return _t25;
                                                                                                                                                                                                                                                        			}










                                                                                                                                                                                                                                                        0x00bbdf80
                                                                                                                                                                                                                                                        0x00bbdf87
                                                                                                                                                                                                                                                        0x00bbdf8c
                                                                                                                                                                                                                                                        0x00bbdf90
                                                                                                                                                                                                                                                        0x00bbdf93
                                                                                                                                                                                                                                                        0x00bbdf99
                                                                                                                                                                                                                                                        0x00bbdf9d
                                                                                                                                                                                                                                                        0x00bbdfa3
                                                                                                                                                                                                                                                        0x00bbdfb0
                                                                                                                                                                                                                                                        0x00bbdfb8
                                                                                                                                                                                                                                                        0x00bbdfcc
                                                                                                                                                                                                                                                        0x00bbdfd5
                                                                                                                                                                                                                                                        0x00bbdfd9
                                                                                                                                                                                                                                                        0x00bbdfe0
                                                                                                                                                                                                                                                        0x00bbdfef
                                                                                                                                                                                                                                                        0x00bbdff2
                                                                                                                                                                                                                                                        0x00bbdff2
                                                                                                                                                                                                                                                        0x00bbdfbf
                                                                                                                                                                                                                                                        0x00bbdfcb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • QueryFullProcessImageNameW.KERNELBASE(?,00000001,00000000,?), ref: 00BBDFB0
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00000001,00000000,?), ref: 00BBDFCC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h, xrefs: 00BBDFD9
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorFullImageLastNameProcessQuery
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h
                                                                                                                                                                                                                                                        • API String ID: 2346944364-603462826
                                                                                                                                                                                                                                                        • Opcode ID: df968e19d734f23aa2e874263d20ede910e7c04a671f84d0575fa255b2d7190c
                                                                                                                                                                                                                                                        • Instruction ID: f58263f13492303ac49afd6542f3247b5d8c15592ebbb39dae4e131789f2c8e6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: df968e19d734f23aa2e874263d20ede910e7c04a671f84d0575fa255b2d7190c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6E018170504309AFDB149F25D8597BABFE4EF00304F1084ADE89A9B291EFF9A548CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB7780(intOrPtr* __ecx, void* __edx, long _a4, void* _a8) {
                                                                                                                                                                                                                                                        				void* _t9;
                                                                                                                                                                                                                                                        				int _t10;
                                                                                                                                                                                                                                                        				signed short _t11;
                                                                                                                                                                                                                                                        				long _t14;
                                                                                                                                                                                                                                                        				void** _t20;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t20 = __ecx;
                                                                                                                                                                                                                                                        				_t9 = _a8;
                                                                                                                                                                                                                                                        				_t14 = _a4;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx)) = __edx;
                                                                                                                                                                                                                                                        				 *(__ecx + 4) = _t14;
                                                                                                                                                                                                                                                        				 *(__ecx + 8) = _t9;
                                                                                                                                                                                                                                                        				 *(__ecx + 0xc) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 0x10) = 0;
                                                                                                                                                                                                                                                        				_t10 = VirtualProtectEx(_t9, __edx, _t14, 4, __ecx + 0xc); // executed
                                                                                                                                                                                                                                                        				if(_t10 == 0) {
                                                                                                                                                                                                                                                        					_t11 = GetLastError();
                                                                                                                                                                                                                                                        					_t17 =  <=  ? _t11 : _t11 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t20 + 0x10)) =  <=  ? _t11 : _t11 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t20;
                                                                                                                                                                                                                                                        			}








                                                                                                                                                                                                                                                        0x00bb7785
                                                                                                                                                                                                                                                        0x00bb7787
                                                                                                                                                                                                                                                        0x00bb778a
                                                                                                                                                                                                                                                        0x00bb7790
                                                                                                                                                                                                                                                        0x00bb7792
                                                                                                                                                                                                                                                        0x00bb7795
                                                                                                                                                                                                                                                        0x00bb7798
                                                                                                                                                                                                                                                        0x00bb779f
                                                                                                                                                                                                                                                        0x00bb77ac
                                                                                                                                                                                                                                                        0x00bb77b4
                                                                                                                                                                                                                                                        0x00bb77bc
                                                                                                                                                                                                                                                        0x00bb77cd
                                                                                                                                                                                                                                                        0x00bb77d0
                                                                                                                                                                                                                                                        0x00bb77d0
                                                                                                                                                                                                                                                        0x00bb77bb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNELBASE(?,MZx,?,00000004,?,00000000,?,?,00BB2625,00000008,?), ref: 00BB77AC
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00BB2625,00000008,?), ref: 00BB77BC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLastProtectVirtual
                                                                                                                                                                                                                                                        • String ID: MZx
                                                                                                                                                                                                                                                        • API String ID: 1672467334-2575928145
                                                                                                                                                                                                                                                        • Opcode ID: 4ed5541cdeb74365f75359c5f207ade3ec349820299b6111ca1b6142d31c6449
                                                                                                                                                                                                                                                        • Instruction ID: 83b2366a84d0f8a1ffacc71fa48bf413ce4a4566c3eb43cb18f0610586d23d35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4ed5541cdeb74365f75359c5f207ade3ec349820299b6111ca1b6142d31c6449
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 26F036702447019FD7248F16DC18B67B7E8EB84711F00856EF55AC7750DB74E804CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,?,?,00BC334D,?,00BC164C,?,?,?,?,00BC154C,vector<T> too long), ref: 00BBA832
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,00BC334D,?,00BC164C,?,?,?,?,00BC154C,vector<T> too long,?,00BC34E7,00BC334D), ref: 00BBA85F
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(00BC334D,?,00BC164C,?,?,?,?,00BC154C,vector<T> too long,?,00BC34E7,00BC334D), ref: 00BBA885
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _invalid_parameter_noinfo_noreturnfreememcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 970123828-0
                                                                                                                                                                                                                                                        • Opcode ID: b699070b44ed83e344deaa5cbb18c43369b47cc8b53a678156605af95d5438cb
                                                                                                                                                                                                                                                        • Instruction ID: c2f189e83ae6f7abfea0c36a46b2c8bce462030198097092380d90908a03b442
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b699070b44ed83e344deaa5cbb18c43369b47cc8b53a678156605af95d5438cb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CA11B131A00204AFC7249E78DC944BAB6E9FB85330724476EF463C7AA0EFB1DC418352
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • UnmapViewOfFile.KERNEL32(?,00BB2A0E), ref: 00BBA5FE
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00BB10C6,00BB2A0E), ref: 00BBA613
                                                                                                                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE(00BB10C6,00BB2A0E), ref: 00BBA627
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Close$ChangeFileFindHandleNotificationUnmapView
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 223153180-0
                                                                                                                                                                                                                                                        • Opcode ID: 33e710c5c3822b9fc2b7d2b98be9518664af534612c4d1017fa66926767c24cf
                                                                                                                                                                                                                                                        • Instruction ID: c2e2bdfa7032c5ca046df29b46caedf64ac5db6377a19e22216e5d90d59b8c7c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33e710c5c3822b9fc2b7d2b98be9518664af534612c4d1017fa66926767c24cf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 31F08C71A00701ABC720AF69D858BB2B3ECDF04764F0444A8E84A83A40DFB1E844CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BB854B
                                                                                                                                                                                                                                                        • GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00BB848A,00000000,00000000,00BB7A50,?), ref: 00BB8560
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BB8573
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: InfoInit_thread_footerInit_thread_headerSystem
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3211597695-0
                                                                                                                                                                                                                                                        • Opcode ID: bc0aec8a0f6b6c048aacbc384bb15e7c88cdbcfcb46c8c206bc05b8eec23bd46
                                                                                                                                                                                                                                                        • Instruction ID: c381d2a5a25c35ecbdc9a65e4a6041319d6b436e963ba6b8aee01d3629fdb479
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bc0aec8a0f6b6c048aacbc384bb15e7c88cdbcfcb46c8c206bc05b8eec23bd46
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A7014FB0A002048BC714EF69E886DA9B7F4EB0C320F1445A5D91957391EF31BC45CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000,?,?,?,?,00BB27F5), ref: 00BB79FB
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,00BB27F5), ref: 00BB79FF
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNELBASE(00000000,00000000,00000000,?,00000438,00000000,00000000,?,00BB27F5), ref: 00BB7A10
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CurrentProcess$DuplicateHandle
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1294930198-0
                                                                                                                                                                                                                                                        • Opcode ID: e0b8f8e862ecfe9d973426f4478ac0fe48396f24bb5b1ea70bb378d071cf1a03
                                                                                                                                                                                                                                                        • Instruction ID: aa232f16d893ac5fc3cfdcc543d91c99c528af86ab2c920ed9602ac8926d6136
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e0b8f8e862ecfe9d973426f4478ac0fe48396f24bb5b1ea70bb378d071cf1a03
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FBF05EB1640314ABE7008F55DC18B57BFA8EB4532CF24805DE1089B381CBB79806CBE0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,00BFA7A4,?,00000004,?,?,?,?,?,?,00BB2853), ref: 00BB78B6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessWrite
                                                                                                                                                                                                                                                        • String ID: LdrLoadDll
                                                                                                                                                                                                                                                        • API String ID: 3559483778-406223346
                                                                                                                                                                                                                                                        • Opcode ID: 2b64c889353749c651b143cca79d13e0d78bae629c22a957d71dcfc1ef334a64
                                                                                                                                                                                                                                                        • Instruction ID: 3a951e901b97232b6b490cab0c66139697aa57b87d4ffcd007019a834660b09e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2b64c889353749c651b143cca79d13e0d78bae629c22a957d71dcfc1ef334a64
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E3F08671A44219ABDB049FA59C869FFB7E8EF04304F1444B9E915A3291EE745A08C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,00BFA7A8,?,00000004,?,?,?,?,?,?,00BB80D6,?,00BB7A50,00000000,?,00BB7BCC), ref: 00BB7836
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessWrite
                                                                                                                                                                                                                                                        • String ID: NtMapViewOfSection
                                                                                                                                                                                                                                                        • API String ID: 3559483778-2752921276
                                                                                                                                                                                                                                                        • Opcode ID: 511f784c7fe7f2169fda001b90a6982a629f5e33cda0289b29e8c7277d3d96b7
                                                                                                                                                                                                                                                        • Instruction ID: cfc1aee0b93d7a4c1dc589cdeb24fc3d851688d819ba665bdfacb1daff6f9101
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 511f784c7fe7f2169fda001b90a6982a629f5e33cda0289b29e8c7277d3d96b7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 32F08671A401099B9B049F94DC429FFB7E9EB04200F0444A9E915A3291EE60AE08C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,?,?,?,00000000,00BB7819,?,00BB88A3,00000000), ref: 00BB89D8
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,?,?,?,00000000,00BB7819,?,00BB88A3,00000000), ref: 00BB8A8F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4043078735-0
                                                                                                                                                                                                                                                        • Opcode ID: 91182e59c350d8b1fa065f090334016a436a15886268e814f63646d2e8aa8e08
                                                                                                                                                                                                                                                        • Instruction ID: 27ffee7e189319083569187d3ab99ea73c81cf3335c40df5a5d667b1df856766
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 91182e59c350d8b1fa065f090334016a436a15886268e814f63646d2e8aa8e08
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 065147B0A002199FCB04DF69D484AEEBBF4FF48314F15819AD918AB351DBB5A945CFA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB89B0: moz_xmalloc.MOZGLUE(00000030,?,?,?,?,?,?,00000000,00BB7819,?,00BB88A3,00000000), ref: 00BB89D8
                                                                                                                                                                                                                                                          • Part of subcall function 00BB89B0: moz_xmalloc.MOZGLUE(00000030,?,?,?,?,?,?,00000000,00BB7819,?,00BB88A3,00000000), ref: 00BB8A8F
                                                                                                                                                                                                                                                          • Part of subcall function 00BB98E0: VirtualProtect.KERNELBASE(?,00000080,00000004,?), ref: 00BB9949
                                                                                                                                                                                                                                                        • VirtualProtect.KERNEL32(?,?,00000000,00000000), ref: 00BB898B
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8B70: RtlEncodePointer.NTDLL(?), ref: 00BB8BC1
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8B70: EncodePointer.KERNEL32(?), ref: 00BB8C27
                                                                                                                                                                                                                                                        • VirtualProtect.KERNELBASE(?,?,?,?), ref: 00BB8930
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ProtectVirtual$EncodePointermoz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3171877940-0
                                                                                                                                                                                                                                                        • Opcode ID: 73f09cb123ed905e1b851218f8decbf52f137b17448f0a7c08b7f64afb60fc22
                                                                                                                                                                                                                                                        • Instruction ID: 74514a2ad98d7c4575ff79433b56958ba1d761f9688166b2a0febb8b93867649
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 73f09cb123ed905e1b851218f8decbf52f137b17448f0a7c08b7f64afb60fc22
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3E415970E002499BDF29CFA4D854BFEBBF9EF48704F084059E8896B241CBB46945CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateFileMappingA.KERNEL32 ref: 00BB958D
                                                                                                                                                                                                                                                        • MapViewOfFile.KERNELBASE(00000000,00000002,00000000,00000000,00000000), ref: 00BB95A3
                                                                                                                                                                                                                                                          • Part of subcall function 00BB94B0: __Init_thread_header.LIBCMT ref: 00BB94E3
                                                                                                                                                                                                                                                          • Part of subcall function 00BB94B0: GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00BB9450,?,?,00000000,00BB7819), ref: 00BB94F8
                                                                                                                                                                                                                                                          • Part of subcall function 00BB94B0: __Init_thread_footer.LIBCMT ref: 00BB950B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: File$CreateInfoInit_thread_footerInit_thread_headerMappingSystemView
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2174769828-0
                                                                                                                                                                                                                                                        • Opcode ID: f42c8da9d7ea85c4820f8987a219eeb9360faa467b173d102797d4ab946f6410
                                                                                                                                                                                                                                                        • Instruction ID: 29f32d381ee207fb5f05c3526d73e6e51359894ffa397c0346aa30dec04e4fa8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f42c8da9d7ea85c4820f8987a219eeb9360faa467b173d102797d4ab946f6410
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DC21A470B443059BEB348F299C41FBB7BE6EF84710F14846DA61AD7280EAB0E804C790
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNELBASE(?,00000000,00000000,?,?,00000000,?,00BB9F97), ref: 00BBA017
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNEL32(?,?,00000000,00000000,?,00000000,?,00BB9F97), ref: 00BBA046
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ProtectVirtual
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 544645111-0
                                                                                                                                                                                                                                                        • Opcode ID: 968965790c7028f4175f5d78f6dfae7eec4fb734193fc8f61270eae340fcfb33
                                                                                                                                                                                                                                                        • Instruction ID: 201b7364215b9d974acf211a4ce4dc7a5040d37bae9eb4cc7d2c108036e2dbb9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 968965790c7028f4175f5d78f6dfae7eec4fb734193fc8f61270eae340fcfb33
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 81219071A006058FDB10DF68D8C4BBBB7F9EF89320F644599E51597290DBB1ED04CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(4DD80977,?,?,?,?), ref: 00BB9DFA
                                                                                                                                                                                                                                                        • FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 00BB9E13
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CacheFlushInstructionMemoryProcessWrite
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1231822489-0
                                                                                                                                                                                                                                                        • Opcode ID: 19117917f7ac78dcfc35886254e2c9a07f056921c475a2a91112582412f1350c
                                                                                                                                                                                                                                                        • Instruction ID: e61e38ed961f1f733adeb9c1e909c245083e6313eefc36ea5da889bbe7dd35b3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 19117917f7ac78dcfc35886254e2c9a07f056921c475a2a91112582412f1350c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A91155706007059FDB31CF64D888BAAB7F4EF49304F6409ACE9425B290DBB1ED48CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(?,00000000,00001000,00000004,?,00BF015C,?,00BB9904,?,?,?,?,?,?,00000000,00BB7819), ref: 00BB9A65
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8500: __Init_thread_header.LIBCMT ref: 00BB854B
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8500: GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00BB848A,00000000,00000000,00BB7A50,?), ref: 00BB8560
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8500: __Init_thread_footer.LIBCMT ref: 00BB8573
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNELBASE(?,?,00000000,00001000,00000020,?,00BB9904,?,?,?,?,?,?,00000000,00BB7819), ref: 00BB9A87
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AllocVirtual$InfoInit_thread_footerInit_thread_headerSystem
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2670758311-0
                                                                                                                                                                                                                                                        • Opcode ID: 324be845abaafdd4af475f77021679d364c9d9aec07e8548aa13879d8bf28e70
                                                                                                                                                                                                                                                        • Instruction ID: 2744ae8a8853e9c4de4cf8a7811ab6177767a43bd126def6479e76e795224790
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 324be845abaafdd4af475f77021679d364c9d9aec07e8548aa13879d8bf28e70
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A5018030380704AFE7399B24D854BB6B7E9EF40745F1488ACF64646590CAF2EC44C765
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,00BB27F9,00BFA79C,0000000C,?), ref: 00BC027F
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(?,00BB27DD,?,00000004,?), ref: 00BC029C
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessWrite
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3559483778-0
                                                                                                                                                                                                                                                        • Opcode ID: b2bebd37b2002ec28fabec6588942859822093724f732393c37e53a947951506
                                                                                                                                                                                                                                                        • Instruction ID: bf901b5c2f072410e5ccf22df938aa7e61a8ecac6d811fcb28ea35a0f6d65225
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b2bebd37b2002ec28fabec6588942859822093724f732393c37e53a947951506
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2EF01DB1600109ABE710DF55DC49FBF7B7CFB45354F100419F90497241DB706A48C6A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,string too long,?,00BBD92F,?,00BCA1A9,?,6F6A8BF0,?,00BBD857,?,?,?,?), ref: 00BBA8B8
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,string too long,?,00BBD92F,?,00BCA1A9,?,6F6A8BF0,?,00BBD857,?,?,?,?), ref: 00BBA8DA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4043078735-0
                                                                                                                                                                                                                                                        • Opcode ID: 0521e23af23f3df5a2457dd03508ad69c38b5c2f85298cba9a3df46e98e27e3a
                                                                                                                                                                                                                                                        • Instruction ID: 9dae6eee3201d611e54f56b3fa55405da746bf10d4059b141378da9996d0e525
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0521e23af23f3df5a2457dd03508ad69c38b5c2f85298cba9a3df46e98e27e3a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B6F082B3A002448BDA004678EC496AA73C89B543717048776F426C7AD0FAA6D8D1D25A
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetFileType.KERNELBASE(00000000,00000000,00000000,?,00BB4FD5), ref: 00BBE58A
                                                                                                                                                                                                                                                        • SetHandleInformation.KERNEL32(00000000,00000001,00000001,?,00BB4FD5), ref: 00BBE59D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FileHandleInformationType
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3017937425-0
                                                                                                                                                                                                                                                        • Opcode ID: 2f5781e3bbd7ccd1030198af75f14e0807d4a68c088a2cf42555cc9f5374ac2b
                                                                                                                                                                                                                                                        • Instruction ID: cfffeeb1b64badd3b8acdb9a46e42d6781c2db131b329cdf23609c6de1b39420
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2f5781e3bbd7ccd1030198af75f14e0807d4a68c088a2cf42555cc9f5374ac2b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 10F082312007009BD6308F29C881DFBB3E5EB96724B04889DE466D76A0EBA1F801C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEEAE9: GetModuleHandleW.KERNEL32(00000000), ref: 00BEEAEB
                                                                                                                                                                                                                                                        • _c_exit.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BEF41F
                                                                                                                                                                                                                                                        • _exit.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000007,00BF9878,00000014), ref: 00BEF44E
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModule_c_exit_exit
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 750871209-0
                                                                                                                                                                                                                                                        • Opcode ID: 8cad869f31466b65fea6a4363678dae628d2f7802ca9ce300022d53563ee0d27
                                                                                                                                                                                                                                                        • Instruction ID: 4eada15878309ae50ec9528e55d2e788ab500aa595fc64413517c902da0bbad8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8cad869f31466b65fea6a4363678dae628d2f7802ca9ce300022d53563ee0d27
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 24E04F71D0468A8FDF249B99D4022EDB7F1FB80324F1041B5D811632E1C72558408651
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __scrt_initialize_thread_safe_statics_platform_specific.LIBCMT ref: 00BEE520
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: InitializeCriticalSectionAndSpinCount.KERNEL32(00BFA18C,00000FA0,4DD80977,?,?,?,?,00BEF67A,000000FF), ref: 00BEE6B4
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: GetModuleHandleW.KERNELBASE(api-ms-win-core-synch-l1-2-0.dll,?,?,?,?,00BEF67A,000000FF), ref: 00BEE6BF
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: GetModuleHandleW.KERNEL32(kernel32.dll,?,?,?,?,00BEF67A,000000FF), ref: 00BEE6D0
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: GetProcAddress.KERNEL32(00000000,InitializeConditionVariable), ref: 00BEE6E6
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: GetProcAddress.KERNEL32(00000000,SleepConditionVariableCS), ref: 00BEE6F4
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: GetProcAddress.KERNEL32(00000000,WakeAllConditionVariable), ref: 00BEE702
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: __crt_fast_encode_pointer.LIBVCRUNTIME ref: 00BEE72D
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE685: __crt_fast_encode_pointer.LIBVCRUNTIME ref: 00BEE738
                                                                                                                                                                                                                                                        • ___scrt_fastfail.LIBCMT ref: 00BEE541
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE7BC: __onexit.LIBCMT ref: 00BEE7C2
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressProc$HandleModule__crt_fast_encode_pointer$CountCriticalInitializeSectionSpin___scrt_fastfail__onexit__scrt_initialize_thread_safe_statics_platform_specific
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 66158676-0
                                                                                                                                                                                                                                                        • Opcode ID: 78c452bd385eb929ca0c0e57fb3cb43e3fd03a385422a3befb39923f04d41d47
                                                                                                                                                                                                                                                        • Instruction ID: d70471cc1699a1b32817db4c58d7c85344e842b838cb13aa85c0913853f81d98
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 78c452bd385eb929ca0c0e57fb3cb43e3fd03a385422a3befb39923f04d41d47
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BBC09B052446C212D5487677588775902C30B5171AF244CC5F53C6E5DFBF41D444503A
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB83A2
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8170: malloc.MOZGLUE(00000001,00000000,?,0000000C,00000041,?,00BB80EA,?,?,00BB7A50,00000000,?,00BB7BCC), ref: 00BB81BB
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB83FF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memset$malloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1671641884-0
                                                                                                                                                                                                                                                        • Opcode ID: 99e6a39fb6a489487e880e3b4c14c8f1b771eae5e56a30e517e9a2a200e401a7
                                                                                                                                                                                                                                                        • Instruction ID: 85504d1ab4a0a5ef3e8c98016c7c3c9f46de7b37514abaa3e28db2db4de56b93
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 99e6a39fb6a489487e880e3b4c14c8f1b771eae5e56a30e517e9a2a200e401a7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A23150757006068FD724DE29C8D1EBAB3EAEF94708B18887CE55AC7752EEA1EC05C750
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB9D8A
                                                                                                                                                                                                                                                          • Part of subcall function 00BB9ED0: VirtualProtectEx.KERNELBASE(?,00000000,00000000,00000040,00000000), ref: 00BB9F43
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB9D96
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$ProtectVirtual
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3619942741-0
                                                                                                                                                                                                                                                        • Opcode ID: cec54a5ba3192b1df236b89af315a9a9655bfa843ca0dcb65f7483a3b12ef92d
                                                                                                                                                                                                                                                        • Instruction ID: 9c1abca51ae217090dba6fda1e916581cc92e2bb93b07cef9294ff8dfbf9dfdf
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cec54a5ba3192b1df236b89af315a9a9655bfa843ca0dcb65f7483a3b12ef92d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D5215E74E0020C8BCF04DFA9D895AFEBBF9EF45708F144469E50AAB341DBB5A905CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memmovewcslen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 991614986-0
                                                                                                                                                                                                                                                        • Opcode ID: cfb399daa66e5851c3d93313a16d7065f1b125bc256ca98570c93035ebdfe13f
                                                                                                                                                                                                                                                        • Instruction ID: b751885271524759ad40a5f52ea4cae81383551bb2b1bd3d3f670b5e1b342205
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cfb399daa66e5851c3d93313a16d7065f1b125bc256ca98570c93035ebdfe13f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BB0192B1B182545BD7109F2ADC818BFBBF99B84310B140979E88687302DE709C0483A6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB9A20: VirtualAlloc.KERNELBASE(?,00000000,00001000,00000004,?,00BF015C,?,00BB9904,?,?,?,?,?,?,00000000,00BB7819), ref: 00BB9A65
                                                                                                                                                                                                                                                          • Part of subcall function 00BB9A20: VirtualAllocEx.KERNELBASE(?,?,00000000,00001000,00000020,?,00BB9904,?,?,?,?,?,?,00000000,00BB7819), ref: 00BB9A87
                                                                                                                                                                                                                                                        • VirtualProtect.KERNELBASE(?,00000080,00000004,?), ref: 00BB9949
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Virtual$Alloc$Protect
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 655996629-0
                                                                                                                                                                                                                                                        • Opcode ID: 3d648c78bb0472fa9cc2eef8d9e3e008c708ca524b0323fa13fbe747b00daad9
                                                                                                                                                                                                                                                        • Instruction ID: 4b41217f7137f36e43af602f19c42a53f0e39d20f1da60954fe4efea4b40d95d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3d648c78bb0472fa9cc2eef8d9e3e008c708ca524b0323fa13fbe747b00daad9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F4102B0A007098BDB20CF6AC4947AAFBF0BF48314F24895DD995A7741D7B5A949CFA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNELBASE(?,00000000,00000000,00000040,00000000), ref: 00BB9F43
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ProtectVirtual
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 544645111-0
                                                                                                                                                                                                                                                        • Opcode ID: 422b5ed2e0be58f14c991ac9a4ecbc7b172ff293d892881dfe7fe31562a328f2
                                                                                                                                                                                                                                                        • Instruction ID: 7dcf27878d34a86a0741b0426070a5b0b2359b3d3288e69097818a7a4452800c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 422b5ed2e0be58f14c991ac9a4ecbc7b172ff293d892881dfe7fe31562a328f2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 82313C71A002059FDB14CF59C881AFEB7F5EF88314F2484A9E559DB341DBB5E902CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegQueryValueExW.KERNELBASE(?,?,00000000,?,?,00000008), ref: 00BB756F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: QueryValue
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3660427363-0
                                                                                                                                                                                                                                                        • Opcode ID: 0ab095e99a49587595aa30a97b8fed07d85a7aada1b28771b51ce27e099716c0
                                                                                                                                                                                                                                                        • Instruction ID: d8740f72e5cd937b63c0faaa415c2bacd78b1c8ff05fefee870d83f66c23fe7f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0ab095e99a49587595aa30a97b8fed07d85a7aada1b28771b51ce27e099716c0
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D9217CB1508742DFD3308F15C84476BBBE4EB91314F10895DE4EA8B790DBF5A948CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNELBASE(0000000C,?,?,?,00000000,00000000), ref: 00BB84BA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessRead
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1726664587-0
                                                                                                                                                                                                                                                        • Opcode ID: e1b54fe05504e44ad78711616147f275c1a96ff2d4605d030622a2420b26ff6d
                                                                                                                                                                                                                                                        • Instruction ID: dc2e539019bfd273c7e6bd4e267ce2225ab2272d116dec014f55e3ba61c28659
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e1b54fe05504e44ad78711616147f275c1a96ff2d4605d030622a2420b26ff6d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D8113D71A002298FCB14DFA9C8856FEB7F9EB88710B154569E819B7300DAB15E01CBD0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegQueryValueExW.KERNELBASE(?,00BB7231,00000000,?,?,00000004), ref: 00BB7299
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: QueryValue
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3660427363-0
                                                                                                                                                                                                                                                        • Opcode ID: 7a953b641e845beb8be640c940c7d1544809b54fcd89441c49ac910d55fbf56a
                                                                                                                                                                                                                                                        • Instruction ID: 3799cb612ef8ef749a832c691e9416be76247852226cda7a8f4c4412cbbac936
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7a953b641e845beb8be640c940c7d1544809b54fcd89441c49ac910d55fbf56a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3E219F70504346CFD7208F59C848BBBBBE4EF82308F10885DE59A9B741DBB5A848CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegSetValueExW.KERNELBASE(?,?,00000000,0000000B,?,00000008,?,00BB5AA9,?,?), ref: 00BB747D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Value
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3702945584-0
                                                                                                                                                                                                                                                        • Opcode ID: 980fe5e36d3c838c123fa38ef3d5c914ae37eed06a820aaea600fd131bef142d
                                                                                                                                                                                                                                                        • Instruction ID: b22757e015102198faed13cfe90773aadbac00f8c6ec9b75aaac60a054a02419
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 980fe5e36d3c838c123fa38ef3d5c914ae37eed06a820aaea600fd131bef142d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92019671604304AFD7149F29D801BBABBE4EB84721F00845DE99AC7390DA70E800DB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNELBASE(4DD80977,?,E8EC81F8,00BB8DF5,?), ref: 00BB9CB1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessRead
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1726664587-0
                                                                                                                                                                                                                                                        • Opcode ID: 79b9baceac7134cd9eeeadced01a6ae7c5c37a32899229457be17e3e7b7b0a18
                                                                                                                                                                                                                                                        • Instruction ID: 5e27ab33f8f9fe3d83d6b0932f11aabb0db16a54e548275675ebf99e31e75d17
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 79b9baceac7134cd9eeeadced01a6ae7c5c37a32899229457be17e3e7b7b0a18
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4A018C719042099FDB30CF25D884BBBBBF8EF44764F2005AED51A57250EBB0AD08CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegSetValueExW.KERNELBASE(?,?,00000000,00000004,?,00000004,?,?,?,00BB7094,?,?,|Image,00000006,?,?), ref: 00BB6C2A
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Value
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3702945584-0
                                                                                                                                                                                                                                                        • Opcode ID: b0dfda9cee0e08157469f643be0371cf1fed42c9635f57efa063dc1d2e163698
                                                                                                                                                                                                                                                        • Instruction ID: 710b77d51b28f8c9fa928bb978f382caa6473527bccfcbdf21206cc2111a564b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b0dfda9cee0e08157469f643be0371cf1fed42c9635f57efa063dc1d2e163698
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D90181B0600205AFD728CF29D851BBA7BE4EB04724F00846DE69ACB390EAB4A844CB54
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,00BB7D44,?,?,00BB7F43,8B0450FF,0775084E,00000000,00000000,?,00BB7D44,?,?,00000000,?), ref: 00BB82CF
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8340: memset.NTDLL ref: 00BB83A2
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8340: memset.NTDLL ref: 00BB83FF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memset$moz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 560322061-0
                                                                                                                                                                                                                                                        • Opcode ID: 3ba4e441c4de81c8980c95919a8ec8791427bb31a4aa94bd8965899a9dae2571
                                                                                                                                                                                                                                                        • Instruction ID: 0d889ec2866528030c4262dc61fab989b231ef8521a6053bb0fc1f615382e5e0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ba4e441c4de81c8980c95919a8ec8791427bb31a4aa94bd8965899a9dae2571
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F9014BB15003049FD314CF05D484A96BBE8EF44764F15C4AEE95A8F362D7B1E948CB94
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,00BB7D44,?,?,00BB7F71,00000001,F189068B,?,?,00000000,?), ref: 00BB858F
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8340: memset.NTDLL ref: 00BB83A2
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8340: memset.NTDLL ref: 00BB83FF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memset$moz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 560322061-0
                                                                                                                                                                                                                                                        • Opcode ID: eba0f3dee216d75367e845db94063b08198302b22b5ce732ca6d57d2e87f56c6
                                                                                                                                                                                                                                                        • Instruction ID: ff1b3a76f979d0a99ed78f488235366a5e6ee4d911d3f73cc9c03413c7346825
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eba0f3dee216d75367e845db94063b08198302b22b5ce732ca6d57d2e87f56c6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 17014BB15003049FD354CF05D884A96BBE8FB48324F15C4AEE85E8B362CBB5E948CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,?,00BB879D,?,?), ref: 00BB881F
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8340: memset.NTDLL ref: 00BB83A2
                                                                                                                                                                                                                                                          • Part of subcall function 00BB8340: memset.NTDLL ref: 00BB83FF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memset$moz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 560322061-0
                                                                                                                                                                                                                                                        • Opcode ID: 4632b54b17ae9c33cb83d52fadcfa8bd5dc6eea5456e7b17125b370b5669b6fa
                                                                                                                                                                                                                                                        • Instruction ID: 2b8c8c1f3561de657bc11c603382913f6de685d468cedf60218c4ee6f4303eae
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4632b54b17ae9c33cb83d52fadcfa8bd5dc6eea5456e7b17125b370b5669b6fa
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 10014BB15003009FD344DF05D484AA2BBE8EB44324F15C4AEE85D8B362CBB1E948CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegDeleteValueW.KERNELBASE(?,?,?,?,00BB6B30,?,|Launcher,00000009,?,?,?,?,00BB6FE4), ref: 00BB74E4
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: DeleteValue
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1108222502-0
                                                                                                                                                                                                                                                        • Opcode ID: 895e5376c241659fba47e9230621a4ed44a0818788a864f56686ed2c712252c1
                                                                                                                                                                                                                                                        • Instruction ID: a5709e47e842eb5614d292ca3f3e254d7ae76835c56c967043887e9ddd4b96d4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 895e5376c241659fba47e9230621a4ed44a0818788a864f56686ed2c712252c1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DEF049301487918FD3248B29C444BB2BFD49B52316F14889DD8CACB751EAFAE8808B91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: 1562c8716917986269c61ea01b853e69db5a7bdf1a2fee221fd001579801d4d7
                                                                                                                                                                                                                                                        • Instruction ID: a0a5aa60224cc779ab7d9ca7c60ebfc5f3af1a268f764285fa4c48b15e5c2908
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1562c8716917986269c61ea01b853e69db5a7bdf1a2fee221fd001579801d4d7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CBB012C62A8189BC320855123C13C3602DCE0D0F1133042EBF359D5042E9419C8D1432
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: 22ec62fa3543c550c7ae36d2f79f8acb8573420b54adb116e35064d91a161384
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 22ec62fa3543c550c7ae36d2f79f8acb8573420b54adb116e35064d91a161384
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: 2941f32ffdbbf95ff2069ab803a7ced74a5398f2ca86a6933bc3a1cfd766cc0e
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2941f32ffdbbf95ff2069ab803a7ced74a5398f2ca86a6933bc3a1cfd766cc0e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: 91ebdb3f92a83ee0739815bea23c871c482fd90933a9a01cc50c13503ce3b1d6
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 91ebdb3f92a83ee0739815bea23c871c482fd90933a9a01cc50c13503ce3b1d6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: fd8c342e0584b1842bccbb6dee8c0906ab63704c9dc3b77a3385154b30561cb0
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fd8c342e0584b1842bccbb6dee8c0906ab63704c9dc3b77a3385154b30561cb0
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: 47bf8006e08a80a954640d294cde43943272c0ee6ba693e7772e87010a4ab1f9
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 47bf8006e08a80a954640d294cde43943272c0ee6ba693e7772e87010a4ab1f9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: d9ca12919c4cd7027bd75fba1d15a732c45aa0d67bf2e89d5099b20354cf697c
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d9ca12919c4cd7027bd75fba1d15a732c45aa0d67bf2e89d5099b20354cf697c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: ffa36089a79ad6fb71a855d19512950536ec72cf16606ea062e88d7aa90f09fd
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ffa36089a79ad6fb71a855d19512950536ec72cf16606ea062e88d7aa90f09fd
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ___delayLoadHelper2@8.DELAYIMP ref: 00BEF992
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: DloadReleaseSectionWriteAccess.DELAYIMP ref: 00BEE31E
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE2AB: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 00BEE32F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1269201914-0
                                                                                                                                                                                                                                                        • Opcode ID: 961c4041d128463dc077c7bce9679bfab313524f0e2a322f7704bc7c1e3ed190
                                                                                                                                                                                                                                                        • Instruction ID: ffa7a777d1008f0cb1064e685e47a055caac1ed6d86c6b22bf65123d72da46f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 961c4041d128463dc077c7bce9679bfab313524f0e2a322f7704bc7c1e3ed190
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5A012851A40857C300455022C03C36029CD0D0F11330419AF245C4042A54148050430
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: moz_xmalloc.MOZGLUE(FFFFFFFF,?,00BB2D36,?,00BB3EE0), ref: 00BBA660
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: memset.NTDLL ref: 00BBA66F
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA682
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: moz_xmalloc.MOZGLUE(FFFFFFFF,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA69E
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: memset.NTDLL ref: 00BBA6AD
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000105,?,?,?,?,?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6BA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: free.MOZGLUE(?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6CF
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB2D61
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: freememsetmoz_xmalloc$FileModuleNamememmovewcscpy_swcslen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 114180017-0
                                                                                                                                                                                                                                                        • Opcode ID: f485adaa40b0301144b7e6e30ad312161935ecccf518ca8e47768627aa6bbb73
                                                                                                                                                                                                                                                        • Instruction ID: 511a9e4048d59ec7636cdbe9a7864e2495b6653fa93fe8523853807eb64cb4b8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f485adaa40b0301144b7e6e30ad312161935ecccf518ca8e47768627aa6bbb73
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CD21F9B05007448BE320CF29C959797BBE4BF04308F10086DD49A9B791DBBAA509CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BB6280(intOrPtr __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA _v176;
                                                                                                                                                                                                                                                        				char _v244;
                                                                                                                                                                                                                                                        				char _v312;
                                                                                                                                                                                                                                                        				char _v380;
                                                                                                                                                                                                                                                        				void _v416;
                                                                                                                                                                                                                                                        				int _v420;
                                                                                                                                                                                                                                                        				int _v424;
                                                                                                                                                                                                                                                        				int _v428;
                                                                                                                                                                                                                                                        				int _v432;
                                                                                                                                                                                                                                                        				int _v436;
                                                                                                                                                                                                                                                        				int _v440;
                                                                                                                                                                                                                                                        				int _v444;
                                                                                                                                                                                                                                                        				intOrPtr _v448;
                                                                                                                                                                                                                                                        				union _TOKEN_INFORMATION_CLASS _v452;
                                                                                                                                                                                                                                                        				int _v456;
                                                                                                                                                                                                                                                        				int _v460;
                                                                                                                                                                                                                                                        				int _v464;
                                                                                                                                                                                                                                                        				int _v468;
                                                                                                                                                                                                                                                        				int _v472;
                                                                                                                                                                                                                                                        				int _v476;
                                                                                                                                                                                                                                                        				char* _v480;
                                                                                                                                                                                                                                                        				int _v484;
                                                                                                                                                                                                                                                        				int _v488;
                                                                                                                                                                                                                                                        				int _v492;
                                                                                                                                                                                                                                                        				int _v496;
                                                                                                                                                                                                                                                        				int _v500;
                                                                                                                                                                                                                                                        				int _v504;
                                                                                                                                                                                                                                                        				int _v508;
                                                                                                                                                                                                                                                        				intOrPtr _v512;
                                                                                                                                                                                                                                                        				signed int _v516;
                                                                                                                                                                                                                                                        				int* _v520;
                                                                                                                                                                                                                                                        				void* _v524;
                                                                                                                                                                                                                                                        				long _v528;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR _v548;
                                                                                                                                                                                                                                                        				char _v552;
                                                                                                                                                                                                                                                        				char _v556;
                                                                                                                                                                                                                                                        				char _v560;
                                                                                                                                                                                                                                                        				void* _v564;
                                                                                                                                                                                                                                                        				intOrPtr _v568;
                                                                                                                                                                                                                                                        				void* _v572;
                                                                                                                                                                                                                                                        				void* _v576;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				int _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				int _t137;
                                                                                                                                                                                                                                                        				long _t141;
                                                                                                                                                                                                                                                        				int _t143;
                                                                                                                                                                                                                                                        				char* _t144;
                                                                                                                                                                                                                                                        				char* _t145;
                                                                                                                                                                                                                                                        				intOrPtr _t146;
                                                                                                                                                                                                                                                        				char* _t147;
                                                                                                                                                                                                                                                        				intOrPtr _t149;
                                                                                                                                                                                                                                                        				intOrPtr _t150;
                                                                                                                                                                                                                                                        				signed short _t151;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				void* _t163;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				longlong _t165;
                                                                                                                                                                                                                                                        				signed int _t171;
                                                                                                                                                                                                                                                        				signed int _t173;
                                                                                                                                                                                                                                                        				intOrPtr _t174;
                                                                                                                                                                                                                                                        				void* _t177;
                                                                                                                                                                                                                                                        				void* _t178;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				longlong _t180;
                                                                                                                                                                                                                                                        				void* _t186;
                                                                                                                                                                                                                                                        				void* _t187;
                                                                                                                                                                                                                                                        				void* _t192;
                                                                                                                                                                                                                                                        				int* _t199;
                                                                                                                                                                                                                                                        				void* _t204;
                                                                                                                                                                                                                                                        				void* _t205;
                                                                                                                                                                                                                                                        				void* _t209;
                                                                                                                                                                                                                                                        				char* _t212;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _t213;
                                                                                                                                                                                                                                                        				int _t221;
                                                                                                                                                                                                                                                        				DWORD* _t222;
                                                                                                                                                                                                                                                        				int _t223;
                                                                                                                                                                                                                                                        				intOrPtr _t224;
                                                                                                                                                                                                                                                        				void* _t225;
                                                                                                                                                                                                                                                        				intOrPtr* _t226;
                                                                                                                                                                                                                                                        				intOrPtr* _t227;
                                                                                                                                                                                                                                                        				signed int _t228;
                                                                                                                                                                                                                                                        				void* _t229;
                                                                                                                                                                                                                                                        				void* _t231;
                                                                                                                                                                                                                                                        				void* _t234;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v568 = __ecx;
                                                                                                                                                                                                                                                        				_t122 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t122 ^ _t228;
                                                                                                                                                                                                                                                        				_v524 = 0;
                                                                                                                                                                                                                                                        				if(OpenProcessToken(GetCurrentProcess(), 8,  &_v524) == 0) {
                                                                                                                                                                                                                                                        					_t204 =  <=  ? GetLastError() : _t126 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					L23:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t228, _t201);
                                                                                                                                                                                                                                                        					return _t204;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t205 = _v524;
                                                                                                                                                                                                                                                        				_v528 = 0;
                                                                                                                                                                                                                                                        				_t130 = GetTokenInformation(_t205, 1, 0, 0,  &_v528);
                                                                                                                                                                                                                                                        				_t131 = GetLastError();
                                                                                                                                                                                                                                                        				_v576 = _t205;
                                                                                                                                                                                                                                                        				if(_t130 != 0 || _t131 == 0x7a) {
                                                                                                                                                                                                                                                        					_t221 = _v528;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t221);
                                                                                                                                                                                                                                                        					_t186 = _t131;
                                                                                                                                                                                                                                                        					memset(_t131, 0, _t221);
                                                                                                                                                                                                                                                        					_t231 = _t229 + 0x10;
                                                                                                                                                                                                                                                        					_t222 =  &_v528;
                                                                                                                                                                                                                                                        					_v564 = _t186;
                                                                                                                                                                                                                                                        					if(GetTokenInformation(_t205, 1, _t186, _v528, _t222) == 0) {
                                                                                                                                                                                                                                                        						_t134 = GetLastError();
                                                                                                                                                                                                                                                        						L38:
                                                                                                                                                                                                                                                        						_t187 = _v564;
                                                                                                                                                                                                                                                        						_t204 =  <=  ? _t134 : _t134 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						L20:
                                                                                                                                                                                                                                                        						free(_t187);
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v528 = 0;
                                                                                                                                                                                                                                                        					_t137 = GetTokenInformation(_t205, 5, 0, 0, _t222);
                                                                                                                                                                                                                                                        					_t134 = GetLastError();
                                                                                                                                                                                                                                                        					if(_t137 != 0 || _t134 == 0x7a) {
                                                                                                                                                                                                                                                        						_t223 = _v528;
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(_t223);
                                                                                                                                                                                                                                                        						_t209 = _t134;
                                                                                                                                                                                                                                                        						memset(_t134, 0, _t223);
                                                                                                                                                                                                                                                        						_t234 = _t231 + 0x10;
                                                                                                                                                                                                                                                        						_v572 = _t209;
                                                                                                                                                                                                                                                        						if(GetTokenInformation(_v576, 5, _t209, _v528,  &_v528) == 0) {
                                                                                                                                                                                                                                                        							_t141 = GetLastError();
                                                                                                                                                                                                                                                        							_t187 = _v564;
                                                                                                                                                                                                                                                        							L30:
                                                                                                                                                                                                                                                        							_t204 =  <=  ? _t141 : _t141 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							free(_v572);
                                                                                                                                                                                                                                                        							_t231 = _t234 + 4;
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t143 = InitializeSecurityDescriptor( &_v548, 1);
                                                                                                                                                                                                                                                        						_t187 = _v564;
                                                                                                                                                                                                                                                        						_t224 = _v568;
                                                                                                                                                                                                                                                        						if(_t143 == 0) {
                                                                                                                                                                                                                                                        							L29:
                                                                                                                                                                                                                                                        							_t141 = GetLastError();
                                                                                                                                                                                                                                                        							goto L30;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t144 =  &_v552;
                                                                                                                                                                                                                                                        						_v552 = 0x44;
                                                                                                                                                                                                                                                        						__imp__CreateWellKnownSid(0x16, 0,  &_v244, _t144);
                                                                                                                                                                                                                                                        						if(_t144 == 0) {
                                                                                                                                                                                                                                                        							goto L29;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t145 =  &_v556;
                                                                                                                                                                                                                                                        						_t212 =  &_v312;
                                                                                                                                                                                                                                                        						_v556 = 0x44;
                                                                                                                                                                                                                                                        						__imp__CreateWellKnownSid(0x1a, 0, _t212, _t145);
                                                                                                                                                                                                                                                        						if(_t145 == 0) {
                                                                                                                                                                                                                                                        							goto L29;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v560 = 0x44;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t224 + 4)) == 0) {
                                                                                                                                                                                                                                                        							_t146 =  *0xbfa760; // 0x6020000
                                                                                                                                                                                                                                                        							if(_t146 > 0x601ffff) {
                                                                                                                                                                                                                                                        								L28:
                                                                                                                                                                                                                                                        								_t81 =  &_v560; // 0x44
                                                                                                                                                                                                                                                        								_t147 = _t81;
                                                                                                                                                                                                                                                        								__imp__CreateWellKnownSid(0x54, 0,  &_v380, _t147);
                                                                                                                                                                                                                                                        								if(_t147 != 0) {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L29;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t174 =  *0xbfa038; // 0xffffffff
                                                                                                                                                                                                                                                        							if(_t174 < 0x6020001) {
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							memset( &(_v176.dwBuildNumber), 0, 0x90);
                                                                                                                                                                                                                                                        							_t234 = _t234 + 0xc;
                                                                                                                                                                                                                                                        							_t227 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        							_v176.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        							_v176.dwMajorVersion = 6;
                                                                                                                                                                                                                                                        							_v176.dwMinorVersion = 2;
                                                                                                                                                                                                                                                        							_v176.wServicePackMajor = 0;
                                                                                                                                                                                                                                                        							_t177 =  *_t227(0, 0, 2, 3);
                                                                                                                                                                                                                                                        							_t178 =  *_t227(_t177, _t201, 1, 3);
                                                                                                                                                                                                                                                        							_t179 =  *_t227(_t178, _t201, 0x20, 3);
                                                                                                                                                                                                                                                        							_t180 =  *_t227(_t179, _t201, 0x10, 3);
                                                                                                                                                                                                                                                        							_push(_t201);
                                                                                                                                                                                                                                                        							if(VerifyVersionInfoA( &_v176, 0x33, _t180) == 0) {
                                                                                                                                                                                                                                                        								 *0xbfa038 = 0x6020000;
                                                                                                                                                                                                                                                        								_t224 = _v568;
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *0xbfa760 = 0x6020000;
                                                                                                                                                                                                                                                        								_t224 = _v568;
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t201 =  &_v244;
                                                                                                                                                                                                                                                        						_v512 = 4;
                                                                                                                                                                                                                                                        						_v520 =  &_v508;
                                                                                                                                                                                                                                                        						_v508 = 1;
                                                                                                                                                                                                                                                        						_v504 = 1;
                                                                                                                                                                                                                                                        						_v496 = 0;
                                                                                                                                                                                                                                                        						_v500 = 0;
                                                                                                                                                                                                                                                        						_v488 = 0;
                                                                                                                                                                                                                                                        						_v492 = 0;
                                                                                                                                                                                                                                                        						_v484 = 1;
                                                                                                                                                                                                                                                        						_v480 = _t201;
                                                                                                                                                                                                                                                        						_v476 = 1;
                                                                                                                                                                                                                                                        						_v472 = 1;
                                                                                                                                                                                                                                                        						_v460 = 0;
                                                                                                                                                                                                                                                        						_v456 = 0;
                                                                                                                                                                                                                                                        						_v468 = 0;
                                                                                                                                                                                                                                                        						_v464 = 0;
                                                                                                                                                                                                                                                        						_v452 = 5;
                                                                                                                                                                                                                                                        						_v448 = _t212;
                                                                                                                                                                                                                                                        						_v444 = 1;
                                                                                                                                                                                                                                                        						_v440 = 1;
                                                                                                                                                                                                                                                        						_v428 = 0;
                                                                                                                                                                                                                                                        						_v424 = 0;
                                                                                                                                                                                                                                                        						_v436 = 0;
                                                                                                                                                                                                                                                        						_v432 = 0;
                                                                                                                                                                                                                                                        						_v420 = 1;
                                                                                                                                                                                                                                                        						_t213 =  &_v548;
                                                                                                                                                                                                                                                        						_v416 =  *_t187;
                                                                                                                                                                                                                                                        						_v516 = 3;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t224 + 4)) == 0) {
                                                                                                                                                                                                                                                        							_t149 =  *0xbfa760; // 0x6020000
                                                                                                                                                                                                                                                        							if(_t149 <= 0x601ffff) {
                                                                                                                                                                                                                                                        								_t150 =  *0xbfa038; // 0xffffffff
                                                                                                                                                                                                                                                        								if(_t150 < 0x6020001) {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								memset( &(_v176.dwBuildNumber), 0, 0x90);
                                                                                                                                                                                                                                                        								_t234 = _t234 + 0xc;
                                                                                                                                                                                                                                                        								_t226 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        								_v176.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        								_v176.dwMajorVersion = 6;
                                                                                                                                                                                                                                                        								_v176.dwMinorVersion = 2;
                                                                                                                                                                                                                                                        								_v176.wServicePackMajor = 0;
                                                                                                                                                                                                                                                        								_t162 =  *_t226(0, 0, 2, 3);
                                                                                                                                                                                                                                                        								_t163 =  *_t226(_t162, _t201, 1, 3);
                                                                                                                                                                                                                                                        								_t164 =  *_t226(_t163, _t201, 0x20, 3);
                                                                                                                                                                                                                                                        								_t165 =  *_t226(_t164, _t201, 0x10, 3);
                                                                                                                                                                                                                                                        								_push(_t201);
                                                                                                                                                                                                                                                        								if(VerifyVersionInfoA( &_v176, 0x33, _t165) == 0) {
                                                                                                                                                                                                                                                        									_t213 =  &_v548;
                                                                                                                                                                                                                                                        									 *0xbfa038 = 0x6020000;
                                                                                                                                                                                                                                                        									_t187 = _v564;
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t213 =  &_v548;
                                                                                                                                                                                                                                                        								 *0xbfa760 = 0x6020000;
                                                                                                                                                                                                                                                        								_t187 = _v564;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t171 = _v516;
                                                                                                                                                                                                                                                        							if(_t171 == _v512) {
                                                                                                                                                                                                                                                        								if(E00BBE6A0(_t171,  &_v520) == 0) {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t171 = _v516;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t199 = _v520;
                                                                                                                                                                                                                                                        							_t173 = _t171 << 5;
                                                                                                                                                                                                                                                        							_t201 =  &_v380;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173) = 1;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173 + 4) = 1;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173 + 0xc) = 0;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173 + 8) = 0;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173 + 0x14) = 0;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173 + 0x10) = 0;
                                                                                                                                                                                                                                                        							 *(_t199 + _t173 + 0x18) = 5;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t199 + _t173 + 0x1c)) =  &_v380;
                                                                                                                                                                                                                                                        							_v516 = _v516 + 1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t151 =  &_v176;
                                                                                                                                                                                                                                                        						_v176.dwOSVersionInfoSize = 0;
                                                                                                                                                                                                                                                        						__imp__SetEntriesInAclW(_v516, _v520, 0, _t151);
                                                                                                                                                                                                                                                        						if(_t151 != 0) {
                                                                                                                                                                                                                                                        							_t204 =  <=  ? _t151 : _t151 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							L18:
                                                                                                                                                                                                                                                        							_t152 = _v520;
                                                                                                                                                                                                                                                        							if(_t152 !=  &_v508) {
                                                                                                                                                                                                                                                        								free(_t152);
                                                                                                                                                                                                                                                        								_t234 = _t234 + 4;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t225 = _v176.dwOSVersionInfoSize;
                                                                                                                                                                                                                                                        						if(SetSecurityDescriptorDacl(_t213, 1, _t225, 0) == 0 || SetSecurityDescriptorOwner(_t213,  *_t187, 0) == 0 || SetSecurityDescriptorGroup(_t213,  *_v572, 0) == 0) {
                                                                                                                                                                                                                                                        							_t204 =  <=  ? GetLastError() : _t154 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							if(_t225 != 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t204 =  *0xbfa13c(_t213, 0xffffffff, 0, 0, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                        							if(_t225 == 0) {
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L17:
                                                                                                                                                                                                                                                        							LocalFree(_t225);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L38;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t204 =  <=  ? _t131 : _t131 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					L21:
                                                                                                                                                                                                                                                        					_t192 = _v576;
                                                                                                                                                                                                                                                        					if(_t192 + 1 >= 2) {
                                                                                                                                                                                                                                                        						CloseHandle(_t192);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



























































































                                                                                                                                                                                                                                                        0x00bb628c
                                                                                                                                                                                                                                                        0x00bb6292
                                                                                                                                                                                                                                                        0x00bb6299
                                                                                                                                                                                                                                                        0x00bb629c
                                                                                                                                                                                                                                                        0x00bb62be
                                                                                                                                                                                                                                                        0x00bb67e1
                                                                                                                                                                                                                                                        0x00bb663b
                                                                                                                                                                                                                                                        0x00bb6640
                                                                                                                                                                                                                                                        0x00bb6651
                                                                                                                                                                                                                                                        0x00bb6651
                                                                                                                                                                                                                                                        0x00bb62c4
                                                                                                                                                                                                                                                        0x00bb62d0
                                                                                                                                                                                                                                                        0x00bb62e2
                                                                                                                                                                                                                                                        0x00bb62ea
                                                                                                                                                                                                                                                        0x00bb62f2
                                                                                                                                                                                                                                                        0x00bb62f8
                                                                                                                                                                                                                                                        0x00bb6303
                                                                                                                                                                                                                                                        0x00bb630a
                                                                                                                                                                                                                                                        0x00bb6313
                                                                                                                                                                                                                                                        0x00bb6319
                                                                                                                                                                                                                                                        0x00bb631e
                                                                                                                                                                                                                                                        0x00bb6321
                                                                                                                                                                                                                                                        0x00bb632e
                                                                                                                                                                                                                                                        0x00bb6340
                                                                                                                                                                                                                                                        0x00bb67e9
                                                                                                                                                                                                                                                        0x00bb67ef
                                                                                                                                                                                                                                                        0x00bb67ef
                                                                                                                                                                                                                                                        0x00bb6800
                                                                                                                                                                                                                                                        0x00bb661c
                                                                                                                                                                                                                                                        0x00bb661d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6623
                                                                                                                                                                                                                                                        0x00bb6346
                                                                                                                                                                                                                                                        0x00bb6358
                                                                                                                                                                                                                                                        0x00bb6360
                                                                                                                                                                                                                                                        0x00bb6368
                                                                                                                                                                                                                                                        0x00bb6373
                                                                                                                                                                                                                                                        0x00bb637a
                                                                                                                                                                                                                                                        0x00bb6383
                                                                                                                                                                                                                                                        0x00bb6389
                                                                                                                                                                                                                                                        0x00bb638e
                                                                                                                                                                                                                                                        0x00bb639e
                                                                                                                                                                                                                                                        0x00bb63b5
                                                                                                                                                                                                                                                        0x00bb6808
                                                                                                                                                                                                                                                        0x00bb680e
                                                                                                                                                                                                                                                        0x00bb6725
                                                                                                                                                                                                                                                        0x00bb6730
                                                                                                                                                                                                                                                        0x00bb660d
                                                                                                                                                                                                                                                        0x00bb6613
                                                                                                                                                                                                                                                        0x00bb6619
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6619
                                                                                                                                                                                                                                                        0x00bb63c4
                                                                                                                                                                                                                                                        0x00bb63ca
                                                                                                                                                                                                                                                        0x00bb63d0
                                                                                                                                                                                                                                                        0x00bb63d8
                                                                                                                                                                                                                                                        0x00bb671f
                                                                                                                                                                                                                                                        0x00bb671f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb671f
                                                                                                                                                                                                                                                        0x00bb63de
                                                                                                                                                                                                                                                        0x00bb63e4
                                                                                                                                                                                                                                                        0x00bb63fa
                                                                                                                                                                                                                                                        0x00bb6402
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6408
                                                                                                                                                                                                                                                        0x00bb640e
                                                                                                                                                                                                                                                        0x00bb6414
                                                                                                                                                                                                                                                        0x00bb6424
                                                                                                                                                                                                                                                        0x00bb642c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6432
                                                                                                                                                                                                                                                        0x00bb6440
                                                                                                                                                                                                                                                        0x00bb6652
                                                                                                                                                                                                                                                        0x00bb665c
                                                                                                                                                                                                                                                        0x00bb66ff
                                                                                                                                                                                                                                                        0x00bb66ff
                                                                                                                                                                                                                                                        0x00bb66ff
                                                                                                                                                                                                                                                        0x00bb6711
                                                                                                                                                                                                                                                        0x00bb6719
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6719
                                                                                                                                                                                                                                                        0x00bb6662
                                                                                                                                                                                                                                                        0x00bb666c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6680
                                                                                                                                                                                                                                                        0x00bb6685
                                                                                                                                                                                                                                                        0x00bb6688
                                                                                                                                                                                                                                                        0x00bb668e
                                                                                                                                                                                                                                                        0x00bb6698
                                                                                                                                                                                                                                                        0x00bb66a2
                                                                                                                                                                                                                                                        0x00bb66ac
                                                                                                                                                                                                                                                        0x00bb66bb
                                                                                                                                                                                                                                                        0x00bb66c3
                                                                                                                                                                                                                                                        0x00bb66cb
                                                                                                                                                                                                                                                        0x00bb66d3
                                                                                                                                                                                                                                                        0x00bb66db
                                                                                                                                                                                                                                                        0x00bb66e8
                                                                                                                                                                                                                                                        0x00bb6853
                                                                                                                                                                                                                                                        0x00bb6859
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb66ee
                                                                                                                                                                                                                                                        0x00bb66f3
                                                                                                                                                                                                                                                        0x00bb66f9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb66f9
                                                                                                                                                                                                                                                        0x00bb66e8
                                                                                                                                                                                                                                                        0x00bb6446
                                                                                                                                                                                                                                                        0x00bb644e
                                                                                                                                                                                                                                                        0x00bb6454
                                                                                                                                                                                                                                                        0x00bb645e
                                                                                                                                                                                                                                                        0x00bb6464
                                                                                                                                                                                                                                                        0x00bb646e
                                                                                                                                                                                                                                                        0x00bb6478
                                                                                                                                                                                                                                                        0x00bb6482
                                                                                                                                                                                                                                                        0x00bb648c
                                                                                                                                                                                                                                                        0x00bb6496
                                                                                                                                                                                                                                                        0x00bb64a0
                                                                                                                                                                                                                                                        0x00bb64aa
                                                                                                                                                                                                                                                        0x00bb64b0
                                                                                                                                                                                                                                                        0x00bb64ba
                                                                                                                                                                                                                                                        0x00bb64c4
                                                                                                                                                                                                                                                        0x00bb64ce
                                                                                                                                                                                                                                                        0x00bb64d8
                                                                                                                                                                                                                                                        0x00bb64e2
                                                                                                                                                                                                                                                        0x00bb64ec
                                                                                                                                                                                                                                                        0x00bb64f6
                                                                                                                                                                                                                                                        0x00bb64fc
                                                                                                                                                                                                                                                        0x00bb6506
                                                                                                                                                                                                                                                        0x00bb6510
                                                                                                                                                                                                                                                        0x00bb651a
                                                                                                                                                                                                                                                        0x00bb6524
                                                                                                                                                                                                                                                        0x00bb652e
                                                                                                                                                                                                                                                        0x00bb6538
                                                                                                                                                                                                                                                        0x00bb6542
                                                                                                                                                                                                                                                        0x00bb6548
                                                                                                                                                                                                                                                        0x00bb654e
                                                                                                                                                                                                                                                        0x00bb655c
                                                                                                                                                                                                                                                        0x00bb6738
                                                                                                                                                                                                                                                        0x00bb6742
                                                                                                                                                                                                                                                        0x00bb6864
                                                                                                                                                                                                                                                        0x00bb686e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6882
                                                                                                                                                                                                                                                        0x00bb6887
                                                                                                                                                                                                                                                        0x00bb688a
                                                                                                                                                                                                                                                        0x00bb6890
                                                                                                                                                                                                                                                        0x00bb689a
                                                                                                                                                                                                                                                        0x00bb68a4
                                                                                                                                                                                                                                                        0x00bb68ae
                                                                                                                                                                                                                                                        0x00bb68bd
                                                                                                                                                                                                                                                        0x00bb68c5
                                                                                                                                                                                                                                                        0x00bb68cd
                                                                                                                                                                                                                                                        0x00bb68d5
                                                                                                                                                                                                                                                        0x00bb68dd
                                                                                                                                                                                                                                                        0x00bb68ea
                                                                                                                                                                                                                                                        0x00bb692b
                                                                                                                                                                                                                                                        0x00bb6931
                                                                                                                                                                                                                                                        0x00bb6937
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6937
                                                                                                                                                                                                                                                        0x00bb68f1
                                                                                                                                                                                                                                                        0x00bb68f7
                                                                                                                                                                                                                                                        0x00bb68fd
                                                                                                                                                                                                                                                        0x00bb68fd
                                                                                                                                                                                                                                                        0x00bb6748
                                                                                                                                                                                                                                                        0x00bb6754
                                                                                                                                                                                                                                                        0x00bb6915
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb691b
                                                                                                                                                                                                                                                        0x00bb691b
                                                                                                                                                                                                                                                        0x00bb675a
                                                                                                                                                                                                                                                        0x00bb6760
                                                                                                                                                                                                                                                        0x00bb6763
                                                                                                                                                                                                                                                        0x00bb6769
                                                                                                                                                                                                                                                        0x00bb6770
                                                                                                                                                                                                                                                        0x00bb6778
                                                                                                                                                                                                                                                        0x00bb6780
                                                                                                                                                                                                                                                        0x00bb6788
                                                                                                                                                                                                                                                        0x00bb6790
                                                                                                                                                                                                                                                        0x00bb6798
                                                                                                                                                                                                                                                        0x00bb67a0
                                                                                                                                                                                                                                                        0x00bb67a4
                                                                                                                                                                                                                                                        0x00bb67a4
                                                                                                                                                                                                                                                        0x00bb6562
                                                                                                                                                                                                                                                        0x00bb6562
                                                                                                                                                                                                                                                        0x00bb6568
                                                                                                                                                                                                                                                        0x00bb6581
                                                                                                                                                                                                                                                        0x00bb6589
                                                                                                                                                                                                                                                        0x00bb6824
                                                                                                                                                                                                                                                        0x00bb65f9
                                                                                                                                                                                                                                                        0x00bb65f9
                                                                                                                                                                                                                                                        0x00bb6607
                                                                                                                                                                                                                                                        0x00bb682d
                                                                                                                                                                                                                                                        0x00bb6833
                                                                                                                                                                                                                                                        0x00bb6833
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6607
                                                                                                                                                                                                                                                        0x00bb658f
                                                                                                                                                                                                                                                        0x00bb65a3
                                                                                                                                                                                                                                                        0x00bb67c0
                                                                                                                                                                                                                                                        0x00bb67c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb65d5
                                                                                                                                                                                                                                                        0x00bb65ec
                                                                                                                                                                                                                                                        0x00bb65f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb65f2
                                                                                                                                                                                                                                                        0x00bb65f3
                                                                                                                                                                                                                                                        0x00bb65f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb683b
                                                                                                                                                                                                                                                        0x00bb6846
                                                                                                                                                                                                                                                        0x00bb6626
                                                                                                                                                                                                                                                        0x00bb6626
                                                                                                                                                                                                                                                        0x00bb6632
                                                                                                                                                                                                                                                        0x00bb6635
                                                                                                                                                                                                                                                        0x00bb6635
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6632

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BB62A6
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,00000008,00000000), ref: 00BB62B6
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,00000001(TokenIntegrityLevel),00000000,00000000,?), ref: 00BB62E2
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB62EA
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB630A
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB6319
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,00000001(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00BB6338
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,00000005(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00BB6358
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB6360
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB637A
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB6389
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000005(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00BB63AD
                                                                                                                                                                                                                                                        • InitializeSecurityDescriptor.ADVAPI32(?,00000001), ref: 00BB63C4
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(00000016,00000000,?,?), ref: 00BB63FA
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(0000001A,00000000,?,?), ref: 00BB6424
                                                                                                                                                                                                                                                        • SetEntriesInAclW.ADVAPI32(00000003,?,00000000,?), ref: 00BB6581
                                                                                                                                                                                                                                                        • SetSecurityDescriptorDacl.ADVAPI32(?,00000001,00000000,00000000), ref: 00BB659B
                                                                                                                                                                                                                                                        • SetSecurityDescriptorOwner.ADVAPI32(?,?,00000000), ref: 00BB65AE
                                                                                                                                                                                                                                                        • SetSecurityDescriptorGroup.ADVAPI32(?,?,00000000), ref: 00BB65C7
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BB65F3
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB6613
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB661D
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 00BB6635
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB6680
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BB66BB
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BB66C3
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BB66CB
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BB66D3
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000033,00000000), ref: 00BB66E0
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(00000054,00000000,?,DDD), ref: 00BB6711
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB671F
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB67AF
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB67D0
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB67E9
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB6808
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Token$ConditionDescriptorInformationMaskSecurity$CreateKnownWellmemset$Processfreemoz_xmalloc$CloseCurrentDaclEntriesFreeGroupHandleInfoInitializeLocalOpenOwnerVerifyVersion
                                                                                                                                                                                                                                                        • String ID: D$D$DDD
                                                                                                                                                                                                                                                        • API String ID: 3818353619-2701206848
                                                                                                                                                                                                                                                        • Opcode ID: 1aab8157e06f1c09ec1bb6308cef4444eae71a4c3c008e3939530d3a1acf6e0e
                                                                                                                                                                                                                                                        • Instruction ID: 4321220537eba4b3f6dced6ad30aa7f11002a9cfcd1ba285e568183f0d30b6e1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1aab8157e06f1c09ec1bb6308cef4444eae71a4c3c008e3939530d3a1acf6e0e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 76F150B19403299BEB309F21DC89BFA77B4EF44704F1040D9E909AB291DBB99E84CF55
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BBEE50(intOrPtr _a4, intOrPtr _a8, void** _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, signed short _a32, intOrPtr _a36, intOrPtr _a40) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v64;
                                                                                                                                                                                                                                                        				char _v168;
                                                                                                                                                                                                                                                        				signed short* _v172;
                                                                                                                                                                                                                                                        				signed int _v176;
                                                                                                                                                                                                                                                        				void* _v180;
                                                                                                                                                                                                                                                        				intOrPtr* _v184;
                                                                                                                                                                                                                                                        				signed int _v188;
                                                                                                                                                                                                                                                        				void* _v196;
                                                                                                                                                                                                                                                        				intOrPtr _v200;
                                                                                                                                                                                                                                                        				char _v204;
                                                                                                                                                                                                                                                        				intOrPtr _v208;
                                                                                                                                                                                                                                                        				int _v212;
                                                                                                                                                                                                                                                        				void* _v216;
                                                                                                                                                                                                                                                        				long _v220;
                                                                                                                                                                                                                                                        				long _v224;
                                                                                                                                                                                                                                                        				void* _v228;
                                                                                                                                                                                                                                                        				long _v232;
                                                                                                                                                                                                                                                        				intOrPtr* _v236;
                                                                                                                                                                                                                                                        				char _v252;
                                                                                                                                                                                                                                                        				long _v268;
                                                                                                                                                                                                                                                        				char _v448;
                                                                                                                                                                                                                                                        				signed short* _v452;
                                                                                                                                                                                                                                                        				long _v456;
                                                                                                                                                                                                                                                        				signed short _v460;
                                                                                                                                                                                                                                                        				intOrPtr* _v464;
                                                                                                                                                                                                                                                        				void _v468;
                                                                                                                                                                                                                                                        				signed int _v472;
                                                                                                                                                                                                                                                        				char _v476;
                                                                                                                                                                                                                                                        				void* _v480;
                                                                                                                                                                                                                                                        				char _v484;
                                                                                                                                                                                                                                                        				intOrPtr _v488;
                                                                                                                                                                                                                                                        				long _v492;
                                                                                                                                                                                                                                                        				void* _v496;
                                                                                                                                                                                                                                                        				long _v500;
                                                                                                                                                                                                                                                        				long _v504;
                                                                                                                                                                                                                                                        				char _v508;
                                                                                                                                                                                                                                                        				signed int _v512;
                                                                                                                                                                                                                                                        				char _v516;
                                                                                                                                                                                                                                                        				long _v532;
                                                                                                                                                                                                                                                        				char _v1500;
                                                                                                                                                                                                                                                        				intOrPtr _v1504;
                                                                                                                                                                                                                                                        				signed short _v1508;
                                                                                                                                                                                                                                                        				signed char _v1513;
                                                                                                                                                                                                                                                        				void _v1520;
                                                                                                                                                                                                                                                        				char _v1544;
                                                                                                                                                                                                                                                        				signed short _v1552;
                                                                                                                                                                                                                                                        				signed int _v1554;
                                                                                                                                                                                                                                                        				void* _v1556;
                                                                                                                                                                                                                                                        				signed char _v1568;
                                                                                                                                                                                                                                                        				signed int _v1572;
                                                                                                                                                                                                                                                        				signed short _v1576;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _v1580;
                                                                                                                                                                                                                                                        				signed int _v1584;
                                                                                                                                                                                                                                                        				signed int _v1588;
                                                                                                                                                                                                                                                        				signed short _v1592;
                                                                                                                                                                                                                                                        				signed int _v1596;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _v1600;
                                                                                                                                                                                                                                                        				signed char _v1604;
                                                                                                                                                                                                                                                        				signed short* _v1608;
                                                                                                                                                                                                                                                        				signed char _v1616;
                                                                                                                                                                                                                                                        				signed short* _v1620;
                                                                                                                                                                                                                                                        				signed int _v1624;
                                                                                                                                                                                                                                                        				signed int _v1628;
                                                                                                                                                                                                                                                        				intOrPtr _v1632;
                                                                                                                                                                                                                                                        				signed int _v1636;
                                                                                                                                                                                                                                                        				signed int _v1648;
                                                                                                                                                                                                                                                        				intOrPtr _v1652;
                                                                                                                                                                                                                                                        				long _v1664;
                                                                                                                                                                                                                                                        				intOrPtr _t410;
                                                                                                                                                                                                                                                        				short* _t412;
                                                                                                                                                                                                                                                        				signed short _t414;
                                                                                                                                                                                                                                                        				signed int _t415;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t416;
                                                                                                                                                                                                                                                        				signed int _t421;
                                                                                                                                                                                                                                                        				char _t422;
                                                                                                                                                                                                                                                        				void* _t425;
                                                                                                                                                                                                                                                        				signed int _t426;
                                                                                                                                                                                                                                                        				intOrPtr _t427;
                                                                                                                                                                                                                                                        				signed int _t430;
                                                                                                                                                                                                                                                        				signed int _t431;
                                                                                                                                                                                                                                                        				char* _t437;
                                                                                                                                                                                                                                                        				intOrPtr _t438;
                                                                                                                                                                                                                                                        				intOrPtr _t440;
                                                                                                                                                                                                                                                        				signed int _t445;
                                                                                                                                                                                                                                                        				intOrPtr _t450;
                                                                                                                                                                                                                                                        				signed int _t454;
                                                                                                                                                                                                                                                        				signed int _t456;
                                                                                                                                                                                                                                                        				void* _t460;
                                                                                                                                                                                                                                                        				void* _t462;
                                                                                                                                                                                                                                                        				intOrPtr* _t463;
                                                                                                                                                                                                                                                        				signed int _t465;
                                                                                                                                                                                                                                                        				int _t466;
                                                                                                                                                                                                                                                        				int _t468;
                                                                                                                                                                                                                                                        				int _t469;
                                                                                                                                                                                                                                                        				signed int _t475;
                                                                                                                                                                                                                                                        				signed int _t476;
                                                                                                                                                                                                                                                        				void* _t478;
                                                                                                                                                                                                                                                        				signed int _t480;
                                                                                                                                                                                                                                                        				void* _t481;
                                                                                                                                                                                                                                                        				signed int _t483;
                                                                                                                                                                                                                                                        				signed int _t484;
                                                                                                                                                                                                                                                        				signed int _t485;
                                                                                                                                                                                                                                                        				void* _t486;
                                                                                                                                                                                                                                                        				signed int _t488;
                                                                                                                                                                                                                                                        				signed int _t489;
                                                                                                                                                                                                                                                        				signed short _t494;
                                                                                                                                                                                                                                                        				signed short _t495;
                                                                                                                                                                                                                                                        				signed int _t497;
                                                                                                                                                                                                                                                        				void* _t498;
                                                                                                                                                                                                                                                        				signed int _t499;
                                                                                                                                                                                                                                                        				void* _t500;
                                                                                                                                                                                                                                                        				void* _t504;
                                                                                                                                                                                                                                                        				intOrPtr _t507;
                                                                                                                                                                                                                                                        				intOrPtr _t509;
                                                                                                                                                                                                                                                        				signed short _t511;
                                                                                                                                                                                                                                                        				signed int _t512;
                                                                                                                                                                                                                                                        				signed int _t513;
                                                                                                                                                                                                                                                        				signed int _t514;
                                                                                                                                                                                                                                                        				signed short* _t515;
                                                                                                                                                                                                                                                        				signed int _t516;
                                                                                                                                                                                                                                                        				short* _t521;
                                                                                                                                                                                                                                                        				void* _t522;
                                                                                                                                                                                                                                                        				signed int _t523;
                                                                                                                                                                                                                                                        				void* _t524;
                                                                                                                                                                                                                                                        				signed int _t525;
                                                                                                                                                                                                                                                        				signed int _t526;
                                                                                                                                                                                                                                                        				signed int _t527;
                                                                                                                                                                                                                                                        				void* _t528;
                                                                                                                                                                                                                                                        				void* _t530;
                                                                                                                                                                                                                                                        				unsigned int _t531;
                                                                                                                                                                                                                                                        				void* _t533;
                                                                                                                                                                                                                                                        				signed int _t535;
                                                                                                                                                                                                                                                        				void* _t536;
                                                                                                                                                                                                                                                        				void* _t537;
                                                                                                                                                                                                                                                        				intOrPtr _t542;
                                                                                                                                                                                                                                                        				signed int _t544;
                                                                                                                                                                                                                                                        				signed char _t545;
                                                                                                                                                                                                                                                        				signed char _t546;
                                                                                                                                                                                                                                                        				intOrPtr _t547;
                                                                                                                                                                                                                                                        				signed short* _t554;
                                                                                                                                                                                                                                                        				signed int _t556;
                                                                                                                                                                                                                                                        				void* _t567;
                                                                                                                                                                                                                                                        				signed int _t569;
                                                                                                                                                                                                                                                        				char _t571;
                                                                                                                                                                                                                                                        				signed int _t574;
                                                                                                                                                                                                                                                        				signed int _t580;
                                                                                                                                                                                                                                                        				signed int _t581;
                                                                                                                                                                                                                                                        				void* _t583;
                                                                                                                                                                                                                                                        				signed int _t584;
                                                                                                                                                                                                                                                        				signed int _t585;
                                                                                                                                                                                                                                                        				void* _t587;
                                                                                                                                                                                                                                                        				signed int _t590;
                                                                                                                                                                                                                                                        				signed int _t594;
                                                                                                                                                                                                                                                        				signed int _t595;
                                                                                                                                                                                                                                                        				signed int _t596;
                                                                                                                                                                                                                                                        				signed int _t597;
                                                                                                                                                                                                                                                        				signed int _t598;
                                                                                                                                                                                                                                                        				signed int _t603;
                                                                                                                                                                                                                                                        				signed int _t606;
                                                                                                                                                                                                                                                        				signed int _t607;
                                                                                                                                                                                                                                                        				void* _t613;
                                                                                                                                                                                                                                                        				void* _t614;
                                                                                                                                                                                                                                                        				signed int _t616;
                                                                                                                                                                                                                                                        				signed short* _t617;
                                                                                                                                                                                                                                                        				void** _t629;
                                                                                                                                                                                                                                                        				signed int _t633;
                                                                                                                                                                                                                                                        				void* _t634;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t635;
                                                                                                                                                                                                                                                        				signed int _t636;
                                                                                                                                                                                                                                                        				signed int _t638;
                                                                                                                                                                                                                                                        				long _t639;
                                                                                                                                                                                                                                                        				void* _t640;
                                                                                                                                                                                                                                                        				intOrPtr _t641;
                                                                                                                                                                                                                                                        				void* _t643;
                                                                                                                                                                                                                                                        				void* _t644;
                                                                                                                                                                                                                                                        				void* _t645;
                                                                                                                                                                                                                                                        				intOrPtr _t646;
                                                                                                                                                                                                                                                        				signed int _t647;
                                                                                                                                                                                                                                                        				intOrPtr _t648;
                                                                                                                                                                                                                                                        				signed int _t649;
                                                                                                                                                                                                                                                        				signed int _t650;
                                                                                                                                                                                                                                                        				signed int _t651;
                                                                                                                                                                                                                                                        				signed int _t652;
                                                                                                                                                                                                                                                        				signed int _t654;
                                                                                                                                                                                                                                                        				signed int _t655;
                                                                                                                                                                                                                                                        				intOrPtr _t656;
                                                                                                                                                                                                                                                        				signed char _t657;
                                                                                                                                                                                                                                                        				signed int _t659;
                                                                                                                                                                                                                                                        				signed int _t660;
                                                                                                                                                                                                                                                        				signed int _t661;
                                                                                                                                                                                                                                                        				signed char _t662;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t663;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t664;
                                                                                                                                                                                                                                                        				signed int _t665;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t666;
                                                                                                                                                                                                                                                        				signed int _t670;
                                                                                                                                                                                                                                                        				void* _t671;
                                                                                                                                                                                                                                                        				signed int _t673;
                                                                                                                                                                                                                                                        				signed int _t677;
                                                                                                                                                                                                                                                        				signed int _t679;
                                                                                                                                                                                                                                                        				void* _t680;
                                                                                                                                                                                                                                                        				intOrPtr* _t681;
                                                                                                                                                                                                                                                        				intOrPtr* _t682;
                                                                                                                                                                                                                                                        				signed int _t687;
                                                                                                                                                                                                                                                        				signed int _t688;
                                                                                                                                                                                                                                                        				signed short* _t689;
                                                                                                                                                                                                                                                        				signed int _t690;
                                                                                                                                                                                                                                                        				void* _t691;
                                                                                                                                                                                                                                                        				signed int _t692;
                                                                                                                                                                                                                                                        				signed int _t693;
                                                                                                                                                                                                                                                        				void* _t695;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t695 = (_t693 & 0xfffffff8) - 0x5e8;
                                                                                                                                                                                                                                                        				_t603 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t656 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t603 ^ _t692;
                                                                                                                                                                                                                                                        				_t605 = _a32;
                                                                                                                                                                                                                                                        				_t629 = _a12;
                                                                                                                                                                                                                                                        				_t657 =  *0xbfa7a8(_a4, _t656, _t629, _a16, _a20, _a24, _a28, _a32, _a36, _a40);
                                                                                                                                                                                                                                                        				if(_t656 != 0xffffffff || _t657 < 0) {
                                                                                                                                                                                                                                                        					L18:
                                                                                                                                                                                                                                                        					E00BEECB0(_v64 ^ _t692, _t605);
                                                                                                                                                                                                                                                        					return _t657;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(NtQueryVirtualMemory(0xffffffff,  *_t629, 0,  &_v1520, 0x1c, 0) < 0) {
                                                                                                                                                                                                                                                        						L16:
                                                                                                                                                                                                                                                        						_push( *_t629);
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						NtUnmapViewOfSection(0xffffffff);
                                                                                                                                                                                                                                                        						_t657 = 0xc0000022;
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if((_v1513 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t410 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        					_t605 =  &_v1500;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t410 + 0x24))( &_v1500,  *_t629);
                                                                                                                                                                                                                                                        					_t542 = _v1504;
                                                                                                                                                                                                                                                        					if(_t542 == 0) {
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t605 = _v1508 & 0x0000ffff;
                                                                                                                                                                                                                                                        					if(_t605 == 0) {
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t606 = _t605 >> 1;
                                                                                                                                                                                                                                                        					_t412 = _t542 + _t606 * 2 - 2;
                                                                                                                                                                                                                                                        					_t521 = _t412;
                                                                                                                                                                                                                                                        					if(_t606 == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t605 = _t521 + 2;
                                                                                                                                                                                                                                                        						_v1568 = _t657;
                                                                                                                                                                                                                                                        						_v1552 = _t605;
                                                                                                                                                                                                                                                        						_t414 = _t412 - _t605 + 2;
                                                                                                                                                                                                                                                        						_t659 = _t414 & 0x0000fffe;
                                                                                                                                                                                                                                                        						_v1556 = _t659;
                                                                                                                                                                                                                                                        						_v1554 = _t659;
                                                                                                                                                                                                                                                        						_v1572 =  *_t629;
                                                                                                                                                                                                                                                        						if(_t659 < 0x20) {
                                                                                                                                                                                                                                                        							L41:
                                                                                                                                                                                                                                                        							_t522 = 0x64;
                                                                                                                                                                                                                                                        							_t660 = 0;
                                                                                                                                                                                                                                                        							asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t633 = (_t522 - _t660 >> 1) + _t660;
                                                                                                                                                                                                                                                        								_t415 = _t633 + _t633 * 2;
                                                                                                                                                                                                                                                        								_v1584 = _t415;
                                                                                                                                                                                                                                                        								_t416 = 0xbf0558 + _t415 * 8;
                                                                                                                                                                                                                                                        								_v1580 = _t416;
                                                                                                                                                                                                                                                        								if(RtlCompareUnicodeString( &_v1556, _t416, 1) == 0) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t68 = _t633 + 1; // 0x65
                                                                                                                                                                                                                                                        								_t522 =  <  ? _t633 : _t522;
                                                                                                                                                                                                                                                        								_t660 =  >=  ? _t68 : _t660;
                                                                                                                                                                                                                                                        								if(_t522 != _t660) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L44:
                                                                                                                                                                                                                                                        								if( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18) == 0) {
                                                                                                                                                                                                                                                        									L185:
                                                                                                                                                                                                                                                        									_t657 = _v1604;
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t525 =  *_a12;
                                                                                                                                                                                                                                                        								_push( &_v216);
                                                                                                                                                                                                                                                        								_t437 =  &_v1544;
                                                                                                                                                                                                                                                        								_push(_t437);
                                                                                                                                                                                                                                                        								_push(1);
                                                                                                                                                                                                                                                        								L00BEF720();
                                                                                                                                                                                                                                                        								_t657 = _v1616;
                                                                                                                                                                                                                                                        								if(_t437 < 0) {
                                                                                                                                                                                                                                                        									_v224 = 0;
                                                                                                                                                                                                                                                        									_v228 = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t438 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        								if(_t438 ==  *((intOrPtr*)( *[fs:0x18] + 0x24)) ||  *0xbfa7d8 == 0) {
                                                                                                                                                                                                                                                        									_t636 = E00BC1490();
                                                                                                                                                                                                                                                        									__eflags = _t636;
                                                                                                                                                                                                                                                        									if(_t636 == 0) {
                                                                                                                                                                                                                                                        										goto L50;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L59;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t445 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        									_t636 =  *( *((intOrPtr*)( *[fs:0x2c] + _t445 * 4)) + 8);
                                                                                                                                                                                                                                                        									if(_t636 != 0) {
                                                                                                                                                                                                                                                        										L59:
                                                                                                                                                                                                                                                        										__eflags =  *(_t636 + 0x34);
                                                                                                                                                                                                                                                        										if( *(_t636 + 0x34) == 0) {
                                                                                                                                                                                                                                                        											__eflags =  *(_t636 + 0x30);
                                                                                                                                                                                                                                                        											if( *(_t636 + 0x30) != 0) {
                                                                                                                                                                                                                                                        												_t110 = _t636 + 0x2c; // 0x2c
                                                                                                                                                                                                                                                        												_t666 = _t110;
                                                                                                                                                                                                                                                        												RtlFreeUnicodeString(_t666);
                                                                                                                                                                                                                                                        												 *(_t666 + 4) = 0;
                                                                                                                                                                                                                                                        												 *_t666 = 0;
                                                                                                                                                                                                                                                        												_t657 = _v1620;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											asm("movsd xmm0, [esp+0x588]");
                                                                                                                                                                                                                                                        											asm("movsd [edi+0x2c], xmm0");
                                                                                                                                                                                                                                                        											_v224 = 0;
                                                                                                                                                                                                                                                        											_v228 = 0;
                                                                                                                                                                                                                                                        											 *(_t636 + 0x34) = _t525;
                                                                                                                                                                                                                                                        											__eflags = _v224;
                                                                                                                                                                                                                                                        											if(_v224 != 0) {
                                                                                                                                                                                                                                                        												L62:
                                                                                                                                                                                                                                                        												RtlFreeUnicodeString( &_v228);
                                                                                                                                                                                                                                                        												_v228 = 0;
                                                                                                                                                                                                                                                        												_v232 = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L60:
                                                                                                                                                                                                                                                        										_t605 =  &_v228;
                                                                                                                                                                                                                                                        										E00BC0C00( &_v508,  &_v228, _t525, _t657);
                                                                                                                                                                                                                                                        										E00BBED70( &_v508);
                                                                                                                                                                                                                                                        										L61:
                                                                                                                                                                                                                                                        										if(_v224 == 0) {
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L62;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L50:
                                                                                                                                                                                                                                                        									_t440 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t440 + 0x20))() == 0) {
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L60;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t544 = _v1584;
                                                                                                                                                                                                                                                        							_t523 = _v1596;
                                                                                                                                                                                                                                                        							__eflags = _t544;
                                                                                                                                                                                                                                                        							if(_t544 == 0) {
                                                                                                                                                                                                                                                        								_t661 = 0;
                                                                                                                                                                                                                                                        								_t605 = 0;
                                                                                                                                                                                                                                                        								__eflags = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t661 = 0;
                                                                                                                                                                                                                                                        								_t605 = 0;
                                                                                                                                                                                                                                                        								__eflags = ( *_t544 & 0x0000ffff) - 0x5a4d;
                                                                                                                                                                                                                                                        								if(( *_t544 & 0x0000ffff) == 0x5a4d) {
                                                                                                                                                                                                                                                        									_t507 =  *((intOrPtr*)(_t544 + 0x3c));
                                                                                                                                                                                                                                                        									_t661 = 0;
                                                                                                                                                                                                                                                        									__eflags =  *(_t544 + _t507) - 0x4550;
                                                                                                                                                                                                                                                        									_t605 = _t544 + _t507;
                                                                                                                                                                                                                                                        									if( *(_t544 + _t507) == 0x4550) {
                                                                                                                                                                                                                                                        										__eflags = ( *(_t605 + 0x18) & 0x0000ffff) - 0x10b;
                                                                                                                                                                                                                                                        										if(( *(_t605 + 0x18) & 0x0000ffff) == 0x10b) {
                                                                                                                                                                                                                                                        											_t509 =  *((intOrPtr*)(_t605 + 0x50));
                                                                                                                                                                                                                                                        											__eflags = _t509 - 0x138;
                                                                                                                                                                                                                                                        											if(_t509 >= 0x138) {
                                                                                                                                                                                                                                                        												_t661 = _t509 + _t544 - 1;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t545 =  *(0xbf0568 + _t523 * 8);
                                                                                                                                                                                                                                                        							__eflags = _t633 - 0x21;
                                                                                                                                                                                                                                                        							_v1588 = _t605;
                                                                                                                                                                                                                                                        							_v1596 = _t661;
                                                                                                                                                                                                                                                        							if(_t633 == 0x21) {
                                                                                                                                                                                                                                                        								L67:
                                                                                                                                                                                                                                                        								_t662 = _t545;
                                                                                                                                                                                                                                                        								memset( &_v468, 0, 0x110);
                                                                                                                                                                                                                                                        								_t695 = _t695 + 0xc;
                                                                                                                                                                                                                                                        								_t421 =  &_v472;
                                                                                                                                                                                                                                                        								_v472 = 0x114;
                                                                                                                                                                                                                                                        								_push(_t421);
                                                                                                                                                                                                                                                        								L00BEF738();
                                                                                                                                                                                                                                                        								__eflags = _t421;
                                                                                                                                                                                                                                                        								if(_t421 < 0) {
                                                                                                                                                                                                                                                        									_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        									_t634 = 0xffffffff;
                                                                                                                                                                                                                                                        									_t546 = _t662;
                                                                                                                                                                                                                                                        									_v1608 = 2;
                                                                                                                                                                                                                                                        									goto L103;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t633 - 0x39;
                                                                                                                                                                                                                                                        								if(_t633 == 0x39) {
                                                                                                                                                                                                                                                        									__eflags = _v472 - 6;
                                                                                                                                                                                                                                                        									if(__eflags > 0) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t546 = _t662;
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										L84:
                                                                                                                                                                                                                                                        										_t661 = _v1600;
                                                                                                                                                                                                                                                        										goto L85;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v468 - 1;
                                                                                                                                                                                                                                                        									if(_v468 > 1) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L84;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t633 - 0x21;
                                                                                                                                                                                                                                                        								_t546 = _t662;
                                                                                                                                                                                                                                                        								if(_t633 != 0x21) {
                                                                                                                                                                                                                                                        									goto L84;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v472 - 6;
                                                                                                                                                                                                                                                        								if(__eflags > 0) {
                                                                                                                                                                                                                                                        									goto L44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(__eflags != 0) {
                                                                                                                                                                                                                                                        									goto L84;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v468 - 2;
                                                                                                                                                                                                                                                        								if(_v468 > 2) {
                                                                                                                                                                                                                                                        									goto L44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L84;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eflags = _t633 - 0x60;
                                                                                                                                                                                                                                                        								if(_t633 == 0x60) {
                                                                                                                                                                                                                                                        									__eflags =  *0xbfa538 & 0x00000001;
                                                                                                                                                                                                                                                        									if(( *0xbfa538 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L85:
                                                                                                                                                                                                                                                        									__eflags = _t546 & 0x00000010;
                                                                                                                                                                                                                                                        									if((_t546 & 0x00000010) == 0) {
                                                                                                                                                                                                                                                        										L87:
                                                                                                                                                                                                                                                        										_t649 = _t633 << 3;
                                                                                                                                                                                                                                                        										_t126 = _t649 * 2; // 0x0
                                                                                                                                                                                                                                                        										_t605 =  *(_t649 + _t126 + 0xbf0564);
                                                                                                                                                                                                                                                        										_t129 = _t649 * 2; // 0x80005
                                                                                                                                                                                                                                                        										_t650 =  *(_t649 + _t129 + 0xbf0560);
                                                                                                                                                                                                                                                        										__eflags = (_t650 & _t605) - 0xffffffff;
                                                                                                                                                                                                                                                        										if((_t650 & _t605) == 0xffffffff) {
                                                                                                                                                                                                                                                        											_v1608 = 3;
                                                                                                                                                                                                                                                        											L101:
                                                                                                                                                                                                                                                        											_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        											L102:
                                                                                                                                                                                                                                                        											_t634 = 0xffffffff;
                                                                                                                                                                                                                                                        											L103:
                                                                                                                                                                                                                                                        											_v1604 = _t546;
                                                                                                                                                                                                                                                        											_push(0xbfa7a0);
                                                                                                                                                                                                                                                        											L00BEF708();
                                                                                                                                                                                                                                                        											_t663 =  *0xbfa79c; // 0x0
                                                                                                                                                                                                                                                        											__eflags = _t663;
                                                                                                                                                                                                                                                        											if(_t663 != 0) {
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													_t422 = RtlEqualUnicodeString(_t663, _v1600, 1);
                                                                                                                                                                                                                                                        													__eflags = _t422;
                                                                                                                                                                                                                                                        													if(_t422 == 0) {
                                                                                                                                                                                                                                                        														goto L105;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags =  *(_t663 + 0xc) ^ _t634 |  *(_t663 + 8) ^ _t524;
                                                                                                                                                                                                                                                        													if(( *(_t663 + 0xc) ^ _t634 |  *(_t663 + 8) ^ _t524) != 0) {
                                                                                                                                                                                                                                                        														goto L105;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L113:
                                                                                                                                                                                                                                                        													_push(0xbfa7a0);
                                                                                                                                                                                                                                                        													L00BEF756();
                                                                                                                                                                                                                                                        													__eflags = _v1624 & 0x00000020;
                                                                                                                                                                                                                                                        													if((_v1624 & 0x00000020) == 0) {
                                                                                                                                                                                                                                                        														L181:
                                                                                                                                                                                                                                                        														_t426 = _v1628;
                                                                                                                                                                                                                                                        														__eflags = _t426 - 4;
                                                                                                                                                                                                                                                        														if(_t426 == 4) {
                                                                                                                                                                                                                                                        															goto L185;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _t426 - 1;
                                                                                                                                                                                                                                                        														if(_t426 == 1) {
                                                                                                                                                                                                                                                        															_t427 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        															_t547 =  *[fs:0x18];
                                                                                                                                                                                                                                                        															__eflags = _t427 -  *((intOrPtr*)(_t547 + 0x24));
                                                                                                                                                                                                                                                        															if(_t427 ==  *((intOrPtr*)(_t547 + 0x24))) {
                                                                                                                                                                                                                                                        																L190:
                                                                                                                                                                                                                                                        																_t665 = E00BC1490();
                                                                                                                                                                                                                                                        																__eflags = _t665;
                                                                                                                                                                                                                                                        																if(_t665 == 0) {
                                                                                                                                                                                                                                                        																	L197:
                                                                                                                                                                                                                                                        																	_push( *_a12);
                                                                                                                                                                                                                                                        																	goto L17;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L191:
                                                                                                                                                                                                                                                        																__eflags =  *(_t665 + 0x34);
                                                                                                                                                                                                                                                        																if( *(_t665 + 0x34) == 0) {
                                                                                                                                                                                                                                                        																	__eflags =  *(_t665 + 0x28);
                                                                                                                                                                                                                                                        																	_t364 = _t665 + 0x24; // 0x24
                                                                                                                                                                                                                                                        																	_t635 = _t364;
                                                                                                                                                                                                                                                        																	if( *(_t665 + 0x28) != 0) {
                                                                                                                                                                                                                                                        																		RtlFreeUnicodeString(_t635);
                                                                                                                                                                                                                                                        																		 *(_t635 + 4) = 0;
                                                                                                                                                                                                                                                        																		 *_t635 = 0;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_push(_t635);
                                                                                                                                                                                                                                                        																	_t430 =  &_v1592;
                                                                                                                                                                                                                                                        																	_push(_t430);
                                                                                                                                                                                                                                                        																	_push(1);
                                                                                                                                                                                                                                                        																	L00BEF720();
                                                                                                                                                                                                                                                        																	__eflags = _t430;
                                                                                                                                                                                                                                                        																	if(_t430 < 0) {
                                                                                                                                                                                                                                                        																		 *(_t635 + 4) = 0;
                                                                                                                                                                                                                                                        																		 *_t635 = 0;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	 *((char*)(_t665 + 8)) = 1;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L197;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															__eflags =  *0xbfa7d8;
                                                                                                                                                                                                                                                        															if( *0xbfa7d8 == 0) {
                                                                                                                                                                                                                                                        																goto L190;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t431 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        															_t665 =  *( *((intOrPtr*)( *[fs:0x2c] + _t431 * 4)) + 8);
                                                                                                                                                                                                                                                        															__eflags = _t665;
                                                                                                                                                                                                                                                        															if(_t665 != 0) {
                                                                                                                                                                                                                                                        																goto L191;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L197;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _t426;
                                                                                                                                                                                                                                                        														if(_t426 == 0) {
                                                                                                                                                                                                                                                        															goto L44;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L197;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_push(0);
                                                                                                                                                                                                                                                        													_push(0xbfa7ac);
                                                                                                                                                                                                                                                        													_push(E00BC0120);
                                                                                                                                                                                                                                                        													_push(0xbfa7cc);
                                                                                                                                                                                                                                                        													L00BEF762();
                                                                                                                                                                                                                                                        													__eflags =  *0xbfa7b8 - 2;
                                                                                                                                                                                                                                                        													_t526 = _v1636;
                                                                                                                                                                                                                                                        													if( *0xbfa7b8 != 2) {
                                                                                                                                                                                                                                                        														goto L44;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v1572 = 0xbfa7ac;
                                                                                                                                                                                                                                                        													 *0xbfa7b0( &_v512);
                                                                                                                                                                                                                                                        													_t638 = _v512;
                                                                                                                                                                                                                                                        													__eflags = _t526;
                                                                                                                                                                                                                                                        													_v1572 = _t638;
                                                                                                                                                                                                                                                        													if(_t526 == 0) {
                                                                                                                                                                                                                                                        														_t639 = 0;
                                                                                                                                                                                                                                                        														L180:
                                                                                                                                                                                                                                                        														_v1648 = _t639;
                                                                                                                                                                                                                                                        														goto L181;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t607 = _v1628;
                                                                                                                                                                                                                                                        													_t554 =  &_v1576;
                                                                                                                                                                                                                                                        													_t450 =  *((intOrPtr*)(_v1632 + 0x28));
                                                                                                                                                                                                                                                        													_v516 = _t554;
                                                                                                                                                                                                                                                        													_t527 = _t607 + _t450;
                                                                                                                                                                                                                                                        													_v512 = _t527;
                                                                                                                                                                                                                                                        													_v508 = 5;
                                                                                                                                                                                                                                                        													_v504 = 0;
                                                                                                                                                                                                                                                        													_v500 = 0;
                                                                                                                                                                                                                                                        													_v492 = 0;
                                                                                                                                                                                                                                                        													_v488 = 0x10;
                                                                                                                                                                                                                                                        													_v496 =  &_v484;
                                                                                                                                                                                                                                                        													_v468 = 1;
                                                                                                                                                                                                                                                        													_v464 = _t554;
                                                                                                                                                                                                                                                        													_v456 = 0;
                                                                                                                                                                                                                                                        													_v452 = 2;
                                                                                                                                                                                                                                                        													_v460 =  &_v448;
                                                                                                                                                                                                                                                        													_t556 = 0;
                                                                                                                                                                                                                                                        													_t454 = _t527 / _t638;
                                                                                                                                                                                                                                                        													_t670 = (_t607 + _t450 + 4) / _t638 - _t454 + 1;
                                                                                                                                                                                                                                                        													__eflags = _t670;
                                                                                                                                                                                                                                                        													_v1636 = _t670;
                                                                                                                                                                                                                                                        													if(_t670 == 0) {
                                                                                                                                                                                                                                                        														L139:
                                                                                                                                                                                                                                                        														asm("movups xmm0, [esp+0x470]");
                                                                                                                                                                                                                                                        														_t640 =  &_v484;
                                                                                                                                                                                                                                                        														asm("movups [esp+0x588], xmm0");
                                                                                                                                                                                                                                                        														_v220 = _v500;
                                                                                                                                                                                                                                                        														_t456 = _v492;
                                                                                                                                                                                                                                                        														_v212 = _t456;
                                                                                                                                                                                                                                                        														_v208 = _v488;
                                                                                                                                                                                                                                                        														_t613 = _v496;
                                                                                                                                                                                                                                                        														__eflags = _t613 - _t640;
                                                                                                                                                                                                                                                        														if(_t613 == _t640) {
                                                                                                                                                                                                                                                        															_t614 =  &_v204;
                                                                                                                                                                                                                                                        															__eflags = _t456;
                                                                                                                                                                                                                                                        															_v216 = _t614;
                                                                                                                                                                                                                                                        															if(_t456 <= 0) {
                                                                                                                                                                                                                                                        																L148:
                                                                                                                                                                                                                                                        																_t605 =  &_v448;
                                                                                                                                                                                                                                                        																_v188 = _v468;
                                                                                                                                                                                                                                                        																_v184 = _v464;
                                                                                                                                                                                                                                                        																_v176 = _t556;
                                                                                                                                                                                                                                                        																_v172 = _v452;
                                                                                                                                                                                                                                                        																_t460 = _v460;
                                                                                                                                                                                                                                                        																__eflags = _t460 - _t605;
                                                                                                                                                                                                                                                        																if(_t460 == _t605) {
                                                                                                                                                                                                                                                        																	_t605 =  &_v168;
                                                                                                                                                                                                                                                        																	__eflags = _t556;
                                                                                                                                                                                                                                                        																	_v180 =  &_v168;
                                                                                                                                                                                                                                                        																	if(_t556 <= 0) {
                                                                                                                                                                                                                                                        																		L154:
                                                                                                                                                                                                                                                        																		_v468 = 0;
                                                                                                                                                                                                                                                        																		_v456 = 0;
                                                                                                                                                                                                                                                        																		_t639 = 0;
                                                                                                                                                                                                                                                        																		__eflags = _t556;
                                                                                                                                                                                                                                                        																		if(_t556 == 0) {
                                                                                                                                                                                                                                                        																			L168:
                                                                                                                                                                                                                                                        																			_t556 = 0;
                                                                                                                                                                                                                                                        																			__eflags = 0;
                                                                                                                                                                                                                                                        																			L169:
                                                                                                                                                                                                                                                        																			_t671 = _v180;
                                                                                                                                                                                                                                                        																			__eflags = _t556;
                                                                                                                                                                                                                                                        																			if(_t556 == 0) {
                                                                                                                                                                                                                                                        																				L176:
                                                                                                                                                                                                                                                        																				_v176 = 0;
                                                                                                                                                                                                                                                        																				__eflags = _t671 -  &_v168;
                                                                                                                                                                                                                                                        																				if(_t671 !=  &_v168) {
                                                                                                                                                                                                                                                        																					free(_t671);
                                                                                                                                                                                                                                                        																					_t695 = _t695 + 4;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t462 = _v216;
                                                                                                                                                                                                                                                        																				__eflags = _t462 -  &_v204;
                                                                                                                                                                                                                                                        																				if(_t462 !=  &_v204) {
                                                                                                                                                                                                                                                        																					free(_t462);
                                                                                                                                                                                                                                                        																					_t695 = _t695 + 4;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				goto L180;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t463 = _v184;
                                                                                                                                                                                                                                                        																			_v1648 = _t639;
                                                                                                                                                                                                                                                        																			_t528 = _t671 + _t556 * 8;
                                                                                                                                                                                                                                                        																			_t641 =  *((intOrPtr*)(_t463 + 4));
                                                                                                                                                                                                                                                        																			while(1) {
                                                                                                                                                                                                                                                        																				_t465 =  *((intOrPtr*)( *_t463 + 8))( *((intOrPtr*)(_t671 + 4)), _t641,  *_t671,  &_v516);
                                                                                                                                                                                                                                                        																				__eflags = _t465;
                                                                                                                                                                                                                                                        																				if(_t465 == 0) {
                                                                                                                                                                                                                                                        																					_v532 = 0;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t671 = _t671 + 8;
                                                                                                                                                                                                                                                        																				__eflags = _t671 - _t528;
                                                                                                                                                                                                                                                        																				if(_t671 == _t528) {
                                                                                                                                                                                                                                                        																					break;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t463 = _v200;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t671 = _v196;
                                                                                                                                                                                                                                                        																			_t639 = _v1664;
                                                                                                                                                                                                                                                        																			goto L176;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		__eflags = _v188;
                                                                                                                                                                                                                                                        																		if(_v188 == 0) {
                                                                                                                                                                                                                                                        																			goto L169;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t466 = _v212;
                                                                                                                                                                                                                                                        																		_t642 =  &_v216;
                                                                                                                                                                                                                                                        																		__eflags = _t466 - _v208;
                                                                                                                                                                                                                                                        																		if(_t466 != _v208) {
                                                                                                                                                                                                                                                        																			L159:
                                                                                                                                                                                                                                                        																			 *((char*)(_v216 + _t466)) = 0xe9;
                                                                                                                                                                                                                                                        																			_t468 = _v212 + 1;
                                                                                                                                                                                                                                                        																			_t673 = _v224 + 1;
                                                                                                                                                                                                                                                        																			__eflags = _t673;
                                                                                                                                                                                                                                                        																			_v212 = _t468;
                                                                                                                                                                                                                                                        																			_v224 = _t673;
                                                                                                                                                                                                                                                        																			L160:
                                                                                                                                                                                                                                                        																			_t530 = 0xbc0d2c - _v232;
                                                                                                                                                                                                                                                        																			__eflags = _t468 + 4 - _v208;
                                                                                                                                                                                                                                                        																			if(_t468 + 4 <= _v208) {
                                                                                                                                                                                                                                                        																				L163:
                                                                                                                                                                                                                                                        																				_t643 = _v216;
                                                                                                                                                                                                                                                        																				_t531 = _t530 - _t673;
                                                                                                                                                                                                                                                        																				_t605 = _t531 >> 0x18;
                                                                                                                                                                                                                                                        																				 *(_t643 + _t468) = _t531;
                                                                                                                                                                                                                                                        																				 *(_t643 + _t468 + 1) = _t531;
                                                                                                                                                                                                                                                        																				 *((char*)(_t643 + _t468 + 2)) = _t531 >> 0x10;
                                                                                                                                                                                                                                                        																				 *((char*)(_t643 + _t468 + 3)) = _t531 >> 0x18;
                                                                                                                                                                                                                                                        																				_v212 = _v212 + 4;
                                                                                                                                                                                                                                                        																				_t324 =  &_v224;
                                                                                                                                                                                                                                                        																				 *_t324 = _v224 + 4;
                                                                                                                                                                                                                                                        																				__eflags =  *_t324;
                                                                                                                                                                                                                                                        																				L164:
                                                                                                                                                                                                                                                        																				_t556 = _v176;
                                                                                                                                                                                                                                                        																				_t639 = 0;
                                                                                                                                                                                                                                                        																				__eflags = _t556;
                                                                                                                                                                                                                                                        																				if(_t556 == 0) {
                                                                                                                                                                                                                                                        																					goto L168;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				__eflags = _v188;
                                                                                                                                                                                                                                                        																				if(_v188 != 0) {
                                                                                                                                                                                                                                                        																					_t469 = _v212;
                                                                                                                                                                                                                                                        																					_t639 = 4;
                                                                                                                                                                                                                                                        																					__eflags = _t469;
                                                                                                                                                                                                                                                        																					if(_t469 != 0) {
                                                                                                                                                                                                                                                        																						memcpy(_v220 + _v232, _v216, _t469);
                                                                                                                                                                                                                                                        																						_t695 = _t695 + 0xc;
                                                                                                                                                                                                                                                        																						 *((intOrPtr*)( *_v236))(0xffffffff, 0, 0);
                                                                                                                                                                                                                                                        																						_t556 = _v188;
                                                                                                                                                                                                                                                        																						_v232 = _v232 + _v224;
                                                                                                                                                                                                                                                        																						_v224 = 0;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				goto L169;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t475 = E00BB8170(_t468, _t642, 4);
                                                                                                                                                                                                                                                        																			__eflags = _t475;
                                                                                                                                                                                                                                                        																			if(_t475 == 0) {
                                                                                                                                                                                                                                                        																				_v188 = 0;
                                                                                                                                                                                                                                                        																				goto L164;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t468 = _v212;
                                                                                                                                                                                                                                                        																			goto L163;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t476 = E00BB8170(_t466,  &_v216, 1);
                                                                                                                                                                                                                                                        																		__eflags = _t476;
                                                                                                                                                                                                                                                        																		if(_t476 == 0) {
                                                                                                                                                                                                                                                        																			_v188 = 0;
                                                                                                                                                                                                                                                        																			_t673 = _v224;
                                                                                                                                                                                                                                                        																			_t468 = _v212;
                                                                                                                                                                                                                                                        																			goto L160;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t466 = _v212;
                                                                                                                                                                                                                                                        																		goto L159;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t567 = _t460 + _t556 * 8;
                                                                                                                                                                                                                                                        																	_t616 = 0;
                                                                                                                                                                                                                                                        																	__eflags = 0;
                                                                                                                                                                                                                                                        																	do {
                                                                                                                                                                                                                                                        																		_t644 = _t460 + _t616 + 8;
                                                                                                                                                                                                                                                        																		 *((intOrPtr*)(_t695 + _t616 + 0x5cc)) =  *((intOrPtr*)(_t460 + _t616));
                                                                                                                                                                                                                                                        																		 *((intOrPtr*)(_t695 + _t616 + 0x5d0)) =  *((intOrPtr*)(_t460 + _t616 + 4));
                                                                                                                                                                                                                                                        																		_t616 = _t616 + 8;
                                                                                                                                                                                                                                                        																		__eflags = _t644 - _t567;
                                                                                                                                                                                                                                                        																	} while (_t644 < _t567);
                                                                                                                                                                                                                                                        																	_t556 = _v176;
                                                                                                                                                                                                                                                        																	goto L154;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_v460 = _t605;
                                                                                                                                                                                                                                                        																_v180 = _t460;
                                                                                                                                                                                                                                                        																_v452 = 2;
                                                                                                                                                                                                                                                        																goto L154;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															__eflags = _t456 - 0x20;
                                                                                                                                                                                                                                                        															if(_t456 < 0x20) {
                                                                                                                                                                                                                                                        																L146:
                                                                                                                                                                                                                                                        																_t478 = _t456 - _t640 +  &_v516 + 0x20;
                                                                                                                                                                                                                                                        																_t677 = 0;
                                                                                                                                                                                                                                                        																__eflags = 0;
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	 *((char*)(_t614 + _t677)) =  *(_t640 + _t677) & 0x000000ff;
                                                                                                                                                                                                                                                        																	_t677 = _t677 + 1;
                                                                                                                                                                                                                                                        																	__eflags = _t478 - _t677;
                                                                                                                                                                                                                                                        																} while (_t478 != _t677);
                                                                                                                                                                                                                                                        																goto L148;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t645 = 0;
                                                                                                                                                                                                                                                        															_t679 = _t456 & 0xffffffe0;
                                                                                                                                                                                                                                                        															__eflags = _t679;
                                                                                                                                                                                                                                                        															_t533 = _t695 + _t679 + 0x490;
                                                                                                                                                                                                                                                        															_t614 = _t695 + _t679 + 0x5a8;
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																asm("movups xmm0, [esp+edi+0x490]");
                                                                                                                                                                                                                                                        																asm("movups xmm1, [esp+edi+0x4a0]");
                                                                                                                                                                                                                                                        																asm("movups [esp+edi+0x5a8], xmm0");
                                                                                                                                                                                                                                                        																asm("movups [esp+edi+0x5b8], xmm1");
                                                                                                                                                                                                                                                        																_t645 = _t645 + 0x20;
                                                                                                                                                                                                                                                        																__eflags = _t679 - _t645;
                                                                                                                                                                                                                                                        															} while (_t679 != _t645);
                                                                                                                                                                                                                                                        															__eflags = _t456 - _t679;
                                                                                                                                                                                                                                                        															_t640 = _t533;
                                                                                                                                                                                                                                                        															if(_t456 == _t679) {
                                                                                                                                                                                                                                                        																goto L148;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L146;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_v496 = _t640;
                                                                                                                                                                                                                                                        														_v488 = 0x10;
                                                                                                                                                                                                                                                        														_v216 = _t613;
                                                                                                                                                                                                                                                        														_v492 = 0;
                                                                                                                                                                                                                                                        														goto L148;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t680 = 0;
                                                                                                                                                                                                                                                        													_v1648 = _t638;
                                                                                                                                                                                                                                                        													_t535 = _t454 * _t638;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														_t480 =  *((intOrPtr*)(_v1576 + 8))(_t535, _t638, 0x40,  &_v1568);
                                                                                                                                                                                                                                                        														__eflags = _t480;
                                                                                                                                                                                                                                                        														if(_t480 == 0) {
                                                                                                                                                                                                                                                        															break;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t484 = _v472;
                                                                                                                                                                                                                                                        														_t647 = _v1584;
                                                                                                                                                                                                                                                        														__eflags = _t484 - _v468;
                                                                                                                                                                                                                                                        														if(_t484 != _v468) {
                                                                                                                                                                                                                                                        															L119:
                                                                                                                                                                                                                                                        															_t571 = _v476;
                                                                                                                                                                                                                                                        															_t680 = _t680 + 1;
                                                                                                                                                                                                                                                        															 *((intOrPtr*)(_t571 + _t484 * 8)) = _t647;
                                                                                                                                                                                                                                                        															 *(_t571 + 4 + _t484 * 8) = _t535;
                                                                                                                                                                                                                                                        															_t638 = _v1664;
                                                                                                                                                                                                                                                        															_t535 = _t535 + _t638;
                                                                                                                                                                                                                                                        															_t556 = _v472 + 1;
                                                                                                                                                                                                                                                        															__eflags = _t680 - _v1652;
                                                                                                                                                                                                                                                        															_v472 = _t556;
                                                                                                                                                                                                                                                        															if(_t680 >= _v1652) {
                                                                                                                                                                                                                                                        																goto L139;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															continue;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t485 = E00BBA080( &_v476, 1);
                                                                                                                                                                                                                                                        														__eflags = _t485;
                                                                                                                                                                                                                                                        														if(_t485 != 0) {
                                                                                                                                                                                                                                                        															_t484 = _v472;
                                                                                                                                                                                                                                                        															goto L119;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t574 = _v472;
                                                                                                                                                                                                                                                        														__eflags = _t574;
                                                                                                                                                                                                                                                        														if(_t574 == 0) {
                                                                                                                                                                                                                                                        															L138:
                                                                                                                                                                                                                                                        															_t556 = 0;
                                                                                                                                                                                                                                                        															__eflags = 0;
                                                                                                                                                                                                                                                        															_v472 = 0;
                                                                                                                                                                                                                                                        															goto L139;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t486 = _v480;
                                                                                                                                                                                                                                                        														_t682 = _v476;
                                                                                                                                                                                                                                                        														_t648 =  *((intOrPtr*)(_t486 + 4));
                                                                                                                                                                                                                                                        														_t537 = _t682 + _t574 * 8;
                                                                                                                                                                                                                                                        														while(1) {
                                                                                                                                                                                                                                                        															_t488 =  *((intOrPtr*)( *_t486 + 8))( *((intOrPtr*)(_t682 + 4)), _t648,  *_t682,  &_v252);
                                                                                                                                                                                                                                                        															__eflags = _t488;
                                                                                                                                                                                                                                                        															if(_t488 == 0) {
                                                                                                                                                                                                                                                        																_v268 = 0;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t682 = _t682 + 8;
                                                                                                                                                                                                                                                        															__eflags = _t682 - _t537;
                                                                                                                                                                                                                                                        															if(_t682 == _t537) {
                                                                                                                                                                                                                                                        																goto L138;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t486 = _v496;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L138;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t569 = _v472;
                                                                                                                                                                                                                                                        													_v1584 = 0;
                                                                                                                                                                                                                                                        													__eflags = _t569;
                                                                                                                                                                                                                                                        													if(_t569 == 0) {
                                                                                                                                                                                                                                                        														goto L138;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t481 = _v480;
                                                                                                                                                                                                                                                        													_t681 = _v476;
                                                                                                                                                                                                                                                        													_t646 =  *((intOrPtr*)(_t481 + 4));
                                                                                                                                                                                                                                                        													_t536 = _t681 + _t569 * 8;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														_t483 =  *((intOrPtr*)( *_t481 + 8))( *((intOrPtr*)(_t681 + 4)), _t646,  *_t681,  &_v252);
                                                                                                                                                                                                                                                        														__eflags = _t483;
                                                                                                                                                                                                                                                        														if(_t483 == 0) {
                                                                                                                                                                                                                                                        															_v268 = 0;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t681 = _t681 + 8;
                                                                                                                                                                                                                                                        														__eflags = _t681 - _t536;
                                                                                                                                                                                                                                                        														if(_t681 == _t536) {
                                                                                                                                                                                                                                                        															goto L138;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t481 = _v496;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L138;
                                                                                                                                                                                                                                                        													L105:
                                                                                                                                                                                                                                                        													_t663 =  *(_t663 + 0x10);
                                                                                                                                                                                                                                                        													__eflags = _t663;
                                                                                                                                                                                                                                                        												} while (_t663 != 0);
                                                                                                                                                                                                                                                        												_t664 =  *0xbfa79c; // 0x0
                                                                                                                                                                                                                                                        												L110:
                                                                                                                                                                                                                                                        												_t425 =  *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18);
                                                                                                                                                                                                                                                        												__eflags = _t425;
                                                                                                                                                                                                                                                        												if(_t425 != 0) {
                                                                                                                                                                                                                                                        													_t489 = RtlAllocateHeap(_t425, 0, 0x18);
                                                                                                                                                                                                                                                        													__eflags = _t489;
                                                                                                                                                                                                                                                        													if(_t489 != 0) {
                                                                                                                                                                                                                                                        														_t617 = _v1620;
                                                                                                                                                                                                                                                        														_t605 =  *_t617;
                                                                                                                                                                                                                                                        														 *(_t489 + 4) = _t617[2];
                                                                                                                                                                                                                                                        														 *_t489 =  *_t617;
                                                                                                                                                                                                                                                        														 *(_t489 + 8) = _t524;
                                                                                                                                                                                                                                                        														 *(_t489 + 0xc) = _t634;
                                                                                                                                                                                                                                                        														 *(_t489 + 0x10) = _t664;
                                                                                                                                                                                                                                                        														 *0xbfa79c = _t489;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L113;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t664 = 0;
                                                                                                                                                                                                                                                        											goto L110;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t661;
                                                                                                                                                                                                                                                        										if(_t661 == 0) {
                                                                                                                                                                                                                                                        											_v1608 = 2;
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t546 & 0x00000004;
                                                                                                                                                                                                                                                        										if((_t546 & 0x00000004) != 0) {
                                                                                                                                                                                                                                                        											_t494 = _v1592;
                                                                                                                                                                                                                                                        											_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        											_v1608 = 3;
                                                                                                                                                                                                                                                        											__eflags = _t650 -  *((intOrPtr*)(_t494 + 8));
                                                                                                                                                                                                                                                        											_t634 = 0xffffffff;
                                                                                                                                                                                                                                                        											asm("sbb edx, 0x0");
                                                                                                                                                                                                                                                        											if(_t650 <  *((intOrPtr*)(_t494 + 8))) {
                                                                                                                                                                                                                                                        												goto L44;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L103;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t495 = _v1592;
                                                                                                                                                                                                                                                        										_v1608 = 2;
                                                                                                                                                                                                                                                        										__eflags =  *((intOrPtr*)(_t495 + 0x74)) - 3;
                                                                                                                                                                                                                                                        										if( *((intOrPtr*)(_t495 + 0x74)) < 3) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v1580 = _t650;
                                                                                                                                                                                                                                                        										_t651 = _v1588;
                                                                                                                                                                                                                                                        										_v1576 = _t605;
                                                                                                                                                                                                                                                        										_t605 =  *(_t495 + 0x88);
                                                                                                                                                                                                                                                        										_t497 = _t651 + _t605;
                                                                                                                                                                                                                                                        										__eflags = _t497;
                                                                                                                                                                                                                                                        										if(_t497 == 0) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t605;
                                                                                                                                                                                                                                                        										if(_t605 < 0) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t497 - _t661;
                                                                                                                                                                                                                                                        										if(_t497 > _t661) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v1604 = _t546;
                                                                                                                                                                                                                                                        										_t580 =  *(_t497 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        										__eflags = _t580;
                                                                                                                                                                                                                                                        										if(_t580 == 0) {
                                                                                                                                                                                                                                                        											L98:
                                                                                                                                                                                                                                                        											_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        											L199:
                                                                                                                                                                                                                                                        											_t546 = _v1604;
                                                                                                                                                                                                                                                        											goto L102;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t605 = _t651 + _t605 + ( *(_t497 + 0xc) & 0x0000ffff) * 8 + 0x14;
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											__eflags =  *((short*)(_t605 - 4)) - 0x10;
                                                                                                                                                                                                                                                        											if( *((short*)(_t605 - 4)) == 0x10) {
                                                                                                                                                                                                                                                        												break;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t605 = _t605 + 8;
                                                                                                                                                                                                                                                        											_t580 = _t580 - 1;
                                                                                                                                                                                                                                                        											__eflags = _t580;
                                                                                                                                                                                                                                                        											if(_t580 != 0) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L98;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t581 =  *_t605;
                                                                                                                                                                                                                                                        										_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        										__eflags = _t581;
                                                                                                                                                                                                                                                        										if(_t581 < 0) {
                                                                                                                                                                                                                                                        											_t583 = (_t581 & 0x7fffffff) + _t497;
                                                                                                                                                                                                                                                        											__eflags = _t583 - _t651;
                                                                                                                                                                                                                                                        											_t620 =  <  ? 0 : _t583;
                                                                                                                                                                                                                                                        											__eflags = _t583 - _v1600;
                                                                                                                                                                                                                                                        											_t605 =  >  ? 0 :  <  ? 0 : _t583;
                                                                                                                                                                                                                                                        											_t584 =  *(_t605 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        											__eflags = _t584;
                                                                                                                                                                                                                                                        											if(_t584 == 0) {
                                                                                                                                                                                                                                                        												L204:
                                                                                                                                                                                                                                                        												_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        												L207:
                                                                                                                                                                                                                                                        												_t546 = _v1604;
                                                                                                                                                                                                                                                        												_t634 = 0xffffffff;
                                                                                                                                                                                                                                                        												_v1608 = 2;
                                                                                                                                                                                                                                                        												goto L103;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t605 = _t605 + 0x14 + ( *(_t605 + 0xc) & 0x0000ffff) * 8;
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												__eflags =  *((short*)(_t605 - 4)) - 1;
                                                                                                                                                                                                                                                        												if( *((short*)(_t605 - 4)) == 1) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t605 = _t605 + 8;
                                                                                                                                                                                                                                                        												_t584 = _t584 - 1;
                                                                                                                                                                                                                                                        												__eflags = _t584;
                                                                                                                                                                                                                                                        												if(_t584 != 0) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L204;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t585 =  *_t605;
                                                                                                                                                                                                                                                        											_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        											__eflags = _t585;
                                                                                                                                                                                                                                                        											if(_t585 >= 0) {
                                                                                                                                                                                                                                                        												goto L207;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        											_t587 = (_t585 & 0x7fffffff) + _t497;
                                                                                                                                                                                                                                                        											__eflags = _t587 - _v1588;
                                                                                                                                                                                                                                                        											_t622 =  <  ? 0 : _t587;
                                                                                                                                                                                                                                                        											__eflags = _t587 - _v1600;
                                                                                                                                                                                                                                                        											_t605 =  >  ? 0 :  <  ? 0 : _t587;
                                                                                                                                                                                                                                                        											__eflags = ( *(_t605 + 0xc) & 0x0000ffff) +  *(_t605 + 0xe);
                                                                                                                                                                                                                                                        											if(( *(_t605 + 0xc) & 0x0000ffff) +  *(_t605 + 0xe) != 0) {
                                                                                                                                                                                                                                                        												_t590 =  *(_t605 + 0x14);
                                                                                                                                                                                                                                                        												__eflags = _t590;
                                                                                                                                                                                                                                                        												if(_t590 < 0) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t687 = _v1588;
                                                                                                                                                                                                                                                        												_t498 = _t497 + _t590;
                                                                                                                                                                                                                                                        												_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        												__eflags = _t498 - _t687;
                                                                                                                                                                                                                                                        												_t624 =  <  ? 0 : _t498;
                                                                                                                                                                                                                                                        												__eflags = _t498 - _v1600;
                                                                                                                                                                                                                                                        												_t605 =  >  ? 0 :  <  ? 0 : _t498;
                                                                                                                                                                                                                                                        												_t499 =  *( >  ? 0 :  <  ? 0 : _t498);
                                                                                                                                                                                                                                                        												_t688 = _t687 + _t499;
                                                                                                                                                                                                                                                        												__eflags = _t688;
                                                                                                                                                                                                                                                        												if(_t688 == 0) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t499;
                                                                                                                                                                                                                                                        												if(_t499 < 0) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t688 - _v1600;
                                                                                                                                                                                                                                                        												if(_t688 > _v1600) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t652 =  *_t688 & 0x0000ffff;
                                                                                                                                                                                                                                                        												_t524 = 0xffffffff;
                                                                                                                                                                                                                                                        												__eflags = _t652 - 0x26;
                                                                                                                                                                                                                                                        												if(_t652 < 0x26) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												asm("movsd xmm1, [0xbf0ee0]");
                                                                                                                                                                                                                                                        												asm("movsd xmm0, [0xbf0ee8]");
                                                                                                                                                                                                                                                        												asm("movsd xmm2, [0xbf0ed8]");
                                                                                                                                                                                                                                                        												_t500 = _t688 + 6;
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x480], xmm1");
                                                                                                                                                                                                                                                        												asm("movsd xmm1, [0xbf0ed0]");
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x488], xmm0");
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x478], xmm2");
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x470], xmm1");
                                                                                                                                                                                                                                                        												__imp__RtlCompareMemory(_t500,  &_v476, 0x10);
                                                                                                                                                                                                                                                        												__eflags = _t500 - 0x10;
                                                                                                                                                                                                                                                        												if(_t500 != 0x10) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags =  *((short*)(2 + _t688)) - 0x34;
                                                                                                                                                                                                                                                        												if( *((short*)(2 + _t688)) != 0x34) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t504 = (0x00000002 - _t688 & 0x00000003) + 0x26;
                                                                                                                                                                                                                                                        												__eflags = 2 - _t652;
                                                                                                                                                                                                                                                        												if(2 >= _t652) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags =  *((intOrPtr*)(2 + _t688)) - 0xfeef04bd;
                                                                                                                                                                                                                                                        												if( *((intOrPtr*)(2 + _t688)) != 0xfeef04bd) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t634 =  *(_t688 + 0xa);
                                                                                                                                                                                                                                                        												_t546 = _v1616;
                                                                                                                                                                                                                                                        												_v1620 = 3;
                                                                                                                                                                                                                                                        												__eflags = _v1592 - 2;
                                                                                                                                                                                                                                                        												_t524 =  *(_t688 + _t504 + 0xc);
                                                                                                                                                                                                                                                        												asm("sbb [esp+0x24], edi");
                                                                                                                                                                                                                                                        												if(_v1592 < 2) {
                                                                                                                                                                                                                                                        													goto L44;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L103;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L207;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L199;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags =  *0xbfa538 & 0x00000001;
                                                                                                                                                                                                                                                        									if(( *0xbfa538 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L87;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t633 - 0x39;
                                                                                                                                                                                                                                                        								if(_t633 != 0x39) {
                                                                                                                                                                                                                                                        									goto L85;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L67;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t511 = (_t414 & 0x0000ffff) >> 1;
                                                                                                                                                                                                                                                        						if(_t511 == 0) {
                                                                                                                                                                                                                                                        							goto L41;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t594 = _t511 & 0x0000ffff;
                                                                                                                                                                                                                                                        							_v1592 = _t605;
                                                                                                                                                                                                                                                        							_v1580 = _t511;
                                                                                                                                                                                                                                                        							_t605 = 1;
                                                                                                                                                                                                                                                        							_t512 = 0xd;
                                                                                                                                                                                                                                                        							_v1576 = _t659;
                                                                                                                                                                                                                                                        							_v1588 = _t594;
                                                                                                                                                                                                                                                        							_t654 = 0xfffffffc - _t521;
                                                                                                                                                                                                                                                        							_t595 =  ~_t594;
                                                                                                                                                                                                                                                        							asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        							while( *((short*)(_t521 + _t512 * 2 - 0x18)) != 0x2e) {
                                                                                                                                                                                                                                                        								_t691 = _t595 + _t512 + 1;
                                                                                                                                                                                                                                                        								_t654 = _t654 + 0xfffffffe;
                                                                                                                                                                                                                                                        								_t605 = _t605 + 1;
                                                                                                                                                                                                                                                        								_t512 = _t512 + 1;
                                                                                                                                                                                                                                                        								if(_t691 != 0xd) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L30:
                                                                                                                                                                                                                                                        									_t689 = _v1592;
                                                                                                                                                                                                                                                        									_t597 = _v1588;
                                                                                                                                                                                                                                                        									if(_v1576 < 0x28) {
                                                                                                                                                                                                                                                        										goto L41;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t513 = 0;
                                                                                                                                                                                                                                                        										while(_t689[_t513] != 0x2e) {
                                                                                                                                                                                                                                                        											_t513 = _t513 + 1;
                                                                                                                                                                                                                                                        											if(_t597 != _t513) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L41;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t513 - 0x10;
                                                                                                                                                                                                                                                        										if(_t513 < 0x10) {
                                                                                                                                                                                                                                                        											goto L41;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t514 = _t513 & 0x00007fff;
                                                                                                                                                                                                                                                        										__eflags = _t514;
                                                                                                                                                                                                                                                        										if(_t514 != 0) {
                                                                                                                                                                                                                                                        											_t515 =  &(_t689[_t514]);
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												_t598 =  *_t689 & 0x0000ffff;
                                                                                                                                                                                                                                                        												_t60 = _t598 - 0x30; // -20
                                                                                                                                                                                                                                                        												_t605 = _t60;
                                                                                                                                                                                                                                                        												__eflags = _t60 - 0xa;
                                                                                                                                                                                                                                                        												if(_t60 < 0xa) {
                                                                                                                                                                                                                                                        													goto L38;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = (_t598 & 0xffffffdf) + 0xffffffbf - 6;
                                                                                                                                                                                                                                                        												if((_t598 & 0xffffffdf) + 0xffffffbf < 6) {
                                                                                                                                                                                                                                                        													goto L38;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L41;
                                                                                                                                                                                                                                                        												L38:
                                                                                                                                                                                                                                                        												_t689 =  &(_t689[1]);
                                                                                                                                                                                                                                                        												__eflags = _t689 - _t515;
                                                                                                                                                                                                                                                        											} while (_t689 < _t515);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L197;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t40 = _t512 - 0xc; // 0x1
                                                                                                                                                                                                                                                        							_t596 = _t40;
                                                                                                                                                                                                                                                        							__eflags = _v1580 - _t596;
                                                                                                                                                                                                                                                        							if(_v1580 <= _t596) {
                                                                                                                                                                                                                                                        								goto L30;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t690 = 0;
                                                                                                                                                                                                                                                        								__eflags = 0;
                                                                                                                                                                                                                                                        								_v1584 = 0;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									__eflags =  *((short*)(_t521 +  &(2[_t596]))) - 0x2e;
                                                                                                                                                                                                                                                        									if( *((short*)(_t521 +  &(2[_t596]))) == 0x2e) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t596 = _t596 + 1;
                                                                                                                                                                                                                                                        									_t690 = _t690 + 1;
                                                                                                                                                                                                                                                        									_v1584 = _v1584 + 1;
                                                                                                                                                                                                                                                        									_t605 = _t605 + 1;
                                                                                                                                                                                                                                                        									__eflags = _v1580 - _t596;
                                                                                                                                                                                                                                                        									if(_v1580 != _t596) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = (_t605 & 0x0000ffff) - _t512;
                                                                                                                                                                                                                                                        								if((_t605 & 0x0000ffff) != _t512) {
                                                                                                                                                                                                                                                        									goto L30;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t690 & 0x00007fff;
                                                                                                                                                                                                                                                        								if((_t690 & 0x00007fff) != 0) {
                                                                                                                                                                                                                                                        									_t605 = (_v1584 & 0x00007fff) + (_v1584 & 0x00007fff) - _t654;
                                                                                                                                                                                                                                                        									_t655 =  ~_t654;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t516 =  *_t655 & 0x0000ffff;
                                                                                                                                                                                                                                                        										_t52 = _t516 - 0x30; // -35
                                                                                                                                                                                                                                                        										__eflags = _t52 - 0xa;
                                                                                                                                                                                                                                                        										if(_t52 < 0xa) {
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = (_t516 & 0xffffffdf) + 0xffffffbf - 6;
                                                                                                                                                                                                                                                        										if((_t516 & 0xffffffdf) + 0xffffffbf < 6) {
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_t655 = 2 + _t655;
                                                                                                                                                                                                                                                        										__eflags = _t655 - _t605;
                                                                                                                                                                                                                                                        									} while (_t655 < _t605);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L197;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t521 = _t412;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						while( *_t521 != 0x5c) {
                                                                                                                                                                                                                                                        							_t521 = _t521 + 0xfffffffe;
                                                                                                                                                                                                                                                        							if(_t521 >= _t542) {
                                                                                                                                                                                                                                                        								continue;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
























































































































































































































                                                                                                                                                                                                                                                        0x00bbee59
                                                                                                                                                                                                                                                        0x00bbee5f
                                                                                                                                                                                                                                                        0x00bbee65
                                                                                                                                                                                                                                                        0x00bbee76
                                                                                                                                                                                                                                                        0x00bbee7d
                                                                                                                                                                                                                                                        0x00bbee85
                                                                                                                                                                                                                                                        0x00bbee9b
                                                                                                                                                                                                                                                        0x00bbeea0
                                                                                                                                                                                                                                                        0x00bbefc9
                                                                                                                                                                                                                                                        0x00bbefd2
                                                                                                                                                                                                                                                        0x00bbefe0
                                                                                                                                                                                                                                                        0x00bbeeae
                                                                                                                                                                                                                                                        0x00bbeec4
                                                                                                                                                                                                                                                        0x00bbefbb
                                                                                                                                                                                                                                                        0x00bbefbb
                                                                                                                                                                                                                                                        0x00bbefbd
                                                                                                                                                                                                                                                        0x00bbefbf
                                                                                                                                                                                                                                                        0x00bbefc4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefc4
                                                                                                                                                                                                                                                        0x00bbeecf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeed5
                                                                                                                                                                                                                                                        0x00bbeedf
                                                                                                                                                                                                                                                        0x00bbeee6
                                                                                                                                                                                                                                                        0x00bbeee9
                                                                                                                                                                                                                                                        0x00bbeeef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeef5
                                                                                                                                                                                                                                                        0x00bbeefc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef02
                                                                                                                                                                                                                                                        0x00bbef04
                                                                                                                                                                                                                                                        0x00bbef0b
                                                                                                                                                                                                                                                        0x00bbef0d
                                                                                                                                                                                                                                                        0x00bbef2d
                                                                                                                                                                                                                                                        0x00bbef2d
                                                                                                                                                                                                                                                        0x00bbef30
                                                                                                                                                                                                                                                        0x00bbef36
                                                                                                                                                                                                                                                        0x00bbef3a
                                                                                                                                                                                                                                                        0x00bbef3f
                                                                                                                                                                                                                                                        0x00bbef45
                                                                                                                                                                                                                                                        0x00bbef4a
                                                                                                                                                                                                                                                        0x00bbef55
                                                                                                                                                                                                                                                        0x00bbef59
                                                                                                                                                                                                                                                        0x00bbf0b3
                                                                                                                                                                                                                                                        0x00bbf0b3
                                                                                                                                                                                                                                                        0x00bbf0b8
                                                                                                                                                                                                                                                        0x00bbf0ba
                                                                                                                                                                                                                                                        0x00bbf0c0
                                                                                                                                                                                                                                                        0x00bbf0c6
                                                                                                                                                                                                                                                        0x00bbf0c8
                                                                                                                                                                                                                                                        0x00bbf0cb
                                                                                                                                                                                                                                                        0x00bbf0cf
                                                                                                                                                                                                                                                        0x00bbf0d8
                                                                                                                                                                                                                                                        0x00bbf0e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf0f1
                                                                                                                                                                                                                                                        0x00bbf0f4
                                                                                                                                                                                                                                                        0x00bbf0f7
                                                                                                                                                                                                                                                        0x00bbf0fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf0fe
                                                                                                                                                                                                                                                        0x00bbf10b
                                                                                                                                                                                                                                                        0x00bbfb09
                                                                                                                                                                                                                                                        0x00bbfb09
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb09
                                                                                                                                                                                                                                                        0x00bbf114
                                                                                                                                                                                                                                                        0x00bbf11d
                                                                                                                                                                                                                                                        0x00bbf11e
                                                                                                                                                                                                                                                        0x00bbf122
                                                                                                                                                                                                                                                        0x00bbf123
                                                                                                                                                                                                                                                        0x00bbf125
                                                                                                                                                                                                                                                        0x00bbf12a
                                                                                                                                                                                                                                                        0x00bbf130
                                                                                                                                                                                                                                                        0x00bbf132
                                                                                                                                                                                                                                                        0x00bbf13d
                                                                                                                                                                                                                                                        0x00bbf13d
                                                                                                                                                                                                                                                        0x00bbf148
                                                                                                                                                                                                                                                        0x00bbf157
                                                                                                                                                                                                                                                        0x00bbf1f8
                                                                                                                                                                                                                                                        0x00bbf1fa
                                                                                                                                                                                                                                                        0x00bbf1fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf16a
                                                                                                                                                                                                                                                        0x00bbf16a
                                                                                                                                                                                                                                                        0x00bbf179
                                                                                                                                                                                                                                                        0x00bbf181
                                                                                                                                                                                                                                                        0x00bbf1fe
                                                                                                                                                                                                                                                        0x00bbf1fe
                                                                                                                                                                                                                                                        0x00bbf202
                                                                                                                                                                                                                                                        0x00bbf30b
                                                                                                                                                                                                                                                        0x00bbf30f
                                                                                                                                                                                                                                                        0x00bbf311
                                                                                                                                                                                                                                                        0x00bbf311
                                                                                                                                                                                                                                                        0x00bbf315
                                                                                                                                                                                                                                                        0x00bbf31a
                                                                                                                                                                                                                                                        0x00bbf321
                                                                                                                                                                                                                                                        0x00bbf327
                                                                                                                                                                                                                                                        0x00bbf327
                                                                                                                                                                                                                                                        0x00bbf32b
                                                                                                                                                                                                                                                        0x00bbf334
                                                                                                                                                                                                                                                        0x00bbf339
                                                                                                                                                                                                                                                        0x00bbf344
                                                                                                                                                                                                                                                        0x00bbf34f
                                                                                                                                                                                                                                                        0x00bbf352
                                                                                                                                                                                                                                                        0x00bbf35a
                                                                                                                                                                                                                                                        0x00bbf237
                                                                                                                                                                                                                                                        0x00bbf23f
                                                                                                                                                                                                                                                        0x00bbf244
                                                                                                                                                                                                                                                        0x00bbf24f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf360
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf35a
                                                                                                                                                                                                                                                        0x00bbf208
                                                                                                                                                                                                                                                        0x00bbf20f
                                                                                                                                                                                                                                                        0x00bbf21a
                                                                                                                                                                                                                                                        0x00bbf224
                                                                                                                                                                                                                                                        0x00bbf229
                                                                                                                                                                                                                                                        0x00bbf231
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf231
                                                                                                                                                                                                                                                        0x00bbf183
                                                                                                                                                                                                                                                        0x00bbf183
                                                                                                                                                                                                                                                        0x00bbf192
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf198
                                                                                                                                                                                                                                                        0x00bbf157
                                                                                                                                                                                                                                                        0x00bbf19a
                                                                                                                                                                                                                                                        0x00bbf19e
                                                                                                                                                                                                                                                        0x00bbf1a2
                                                                                                                                                                                                                                                        0x00bbf1a4
                                                                                                                                                                                                                                                        0x00bbf25f
                                                                                                                                                                                                                                                        0x00bbf261
                                                                                                                                                                                                                                                        0x00bbf261
                                                                                                                                                                                                                                                        0x00bbf1aa
                                                                                                                                                                                                                                                        0x00bbf1ad
                                                                                                                                                                                                                                                        0x00bbf1af
                                                                                                                                                                                                                                                        0x00bbf1b4
                                                                                                                                                                                                                                                        0x00bbf1b9
                                                                                                                                                                                                                                                        0x00bbf1bf
                                                                                                                                                                                                                                                        0x00bbf1c2
                                                                                                                                                                                                                                                        0x00bbf1c4
                                                                                                                                                                                                                                                        0x00bbf1cb
                                                                                                                                                                                                                                                        0x00bbf1ce
                                                                                                                                                                                                                                                        0x00bbf1d8
                                                                                                                                                                                                                                                        0x00bbf1dd
                                                                                                                                                                                                                                                        0x00bbf1e3
                                                                                                                                                                                                                                                        0x00bbf1e6
                                                                                                                                                                                                                                                        0x00bbf1eb
                                                                                                                                                                                                                                                        0x00bbf1ed
                                                                                                                                                                                                                                                        0x00bbf1ed
                                                                                                                                                                                                                                                        0x00bbf1eb
                                                                                                                                                                                                                                                        0x00bbf1dd
                                                                                                                                                                                                                                                        0x00bbf1ce
                                                                                                                                                                                                                                                        0x00bbf1b9
                                                                                                                                                                                                                                                        0x00bbf263
                                                                                                                                                                                                                                                        0x00bbf26a
                                                                                                                                                                                                                                                        0x00bbf26d
                                                                                                                                                                                                                                                        0x00bbf271
                                                                                                                                                                                                                                                        0x00bbf275
                                                                                                                                                                                                                                                        0x00bbf285
                                                                                                                                                                                                                                                        0x00bbf285
                                                                                                                                                                                                                                                        0x00bbf296
                                                                                                                                                                                                                                                        0x00bbf29b
                                                                                                                                                                                                                                                        0x00bbf29e
                                                                                                                                                                                                                                                        0x00bbf2a5
                                                                                                                                                                                                                                                        0x00bbf2b0
                                                                                                                                                                                                                                                        0x00bbf2b1
                                                                                                                                                                                                                                                        0x00bbf2b6
                                                                                                                                                                                                                                                        0x00bbf2b8
                                                                                                                                                                                                                                                        0x00bbf365
                                                                                                                                                                                                                                                        0x00bbf36a
                                                                                                                                                                                                                                                        0x00bbf36f
                                                                                                                                                                                                                                                        0x00bbf371
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf371
                                                                                                                                                                                                                                                        0x00bbf2be
                                                                                                                                                                                                                                                        0x00bbf2c1
                                                                                                                                                                                                                                                        0x00bbf37e
                                                                                                                                                                                                                                                        0x00bbf386
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf38c
                                                                                                                                                                                                                                                        0x00bbf38e
                                                                                                                                                                                                                                                        0x00bbf39e
                                                                                                                                                                                                                                                        0x00bbf39e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf39e
                                                                                                                                                                                                                                                        0x00bbf390
                                                                                                                                                                                                                                                        0x00bbf398
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf398
                                                                                                                                                                                                                                                        0x00bbf2c7
                                                                                                                                                                                                                                                        0x00bbf2ca
                                                                                                                                                                                                                                                        0x00bbf2cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf2d2
                                                                                                                                                                                                                                                        0x00bbf2da
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf2e0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf2e6
                                                                                                                                                                                                                                                        0x00bbf2ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf277
                                                                                                                                                                                                                                                        0x00bbf277
                                                                                                                                                                                                                                                        0x00bbf27a
                                                                                                                                                                                                                                                        0x00bbf2f9
                                                                                                                                                                                                                                                        0x00bbf300
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf3a2
                                                                                                                                                                                                                                                        0x00bbf3a2
                                                                                                                                                                                                                                                        0x00bbf3a5
                                                                                                                                                                                                                                                        0x00bbf3b4
                                                                                                                                                                                                                                                        0x00bbf3b4
                                                                                                                                                                                                                                                        0x00bbf3b7
                                                                                                                                                                                                                                                        0x00bbf3b7
                                                                                                                                                                                                                                                        0x00bbf3be
                                                                                                                                                                                                                                                        0x00bbf3be
                                                                                                                                                                                                                                                        0x00bbf3c9
                                                                                                                                                                                                                                                        0x00bbf3cc
                                                                                                                                                                                                                                                        0x00bbf43f
                                                                                                                                                                                                                                                        0x00bbf451
                                                                                                                                                                                                                                                        0x00bbf451
                                                                                                                                                                                                                                                        0x00bbf456
                                                                                                                                                                                                                                                        0x00bbf456
                                                                                                                                                                                                                                                        0x00bbf45b
                                                                                                                                                                                                                                                        0x00bbf45b
                                                                                                                                                                                                                                                        0x00bbf45f
                                                                                                                                                                                                                                                        0x00bbf464
                                                                                                                                                                                                                                                        0x00bbf469
                                                                                                                                                                                                                                                        0x00bbf46f
                                                                                                                                                                                                                                                        0x00bbf471
                                                                                                                                                                                                                                                        0x00bbf487
                                                                                                                                                                                                                                                        0x00bbf48e
                                                                                                                                                                                                                                                        0x00bbf493
                                                                                                                                                                                                                                                        0x00bbf495
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf4a1
                                                                                                                                                                                                                                                        0x00bbf4a3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf4e7
                                                                                                                                                                                                                                                        0x00bbf4e7
                                                                                                                                                                                                                                                        0x00bbf4ec
                                                                                                                                                                                                                                                        0x00bbf4f1
                                                                                                                                                                                                                                                        0x00bbf4f6
                                                                                                                                                                                                                                                        0x00bbfaee
                                                                                                                                                                                                                                                        0x00bbfaee
                                                                                                                                                                                                                                                        0x00bbfaf2
                                                                                                                                                                                                                                                        0x00bbfaf5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfaf7
                                                                                                                                                                                                                                                        0x00bbfafa
                                                                                                                                                                                                                                                        0x00bbfb12
                                                                                                                                                                                                                                                        0x00bbfb17
                                                                                                                                                                                                                                                        0x00bbfb1e
                                                                                                                                                                                                                                                        0x00bbfb21
                                                                                                                                                                                                                                                        0x00bbfb47
                                                                                                                                                                                                                                                        0x00bbfb4c
                                                                                                                                                                                                                                                        0x00bbfb4e
                                                                                                                                                                                                                                                        0x00bbfb50
                                                                                                                                                                                                                                                        0x00bbfb96
                                                                                                                                                                                                                                                        0x00bbfb99
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb99
                                                                                                                                                                                                                                                        0x00bbfb52
                                                                                                                                                                                                                                                        0x00bbfb52
                                                                                                                                                                                                                                                        0x00bbfb56
                                                                                                                                                                                                                                                        0x00bbfb58
                                                                                                                                                                                                                                                        0x00bbfb5c
                                                                                                                                                                                                                                                        0x00bbfb5c
                                                                                                                                                                                                                                                        0x00bbfb5f
                                                                                                                                                                                                                                                        0x00bbfb62
                                                                                                                                                                                                                                                        0x00bbfb67
                                                                                                                                                                                                                                                        0x00bbfb6e
                                                                                                                                                                                                                                                        0x00bbfb6e
                                                                                                                                                                                                                                                        0x00bbfb74
                                                                                                                                                                                                                                                        0x00bbfb75
                                                                                                                                                                                                                                                        0x00bbfb79
                                                                                                                                                                                                                                                        0x00bbfb7a
                                                                                                                                                                                                                                                        0x00bbfb7c
                                                                                                                                                                                                                                                        0x00bbfb81
                                                                                                                                                                                                                                                        0x00bbfb83
                                                                                                                                                                                                                                                        0x00bbfb85
                                                                                                                                                                                                                                                        0x00bbfb8c
                                                                                                                                                                                                                                                        0x00bbfb8c
                                                                                                                                                                                                                                                        0x00bbfb92
                                                                                                                                                                                                                                                        0x00bbfb92
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb56
                                                                                                                                                                                                                                                        0x00bbfb23
                                                                                                                                                                                                                                                        0x00bbfb2a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb2c
                                                                                                                                                                                                                                                        0x00bbfb3b
                                                                                                                                                                                                                                                        0x00bbfb41
                                                                                                                                                                                                                                                        0x00bbfb43
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb45
                                                                                                                                                                                                                                                        0x00bbfafc
                                                                                                                                                                                                                                                        0x00bbfafe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb04
                                                                                                                                                                                                                                                        0x00bbf4fc
                                                                                                                                                                                                                                                        0x00bbf4fe
                                                                                                                                                                                                                                                        0x00bbf503
                                                                                                                                                                                                                                                        0x00bbf508
                                                                                                                                                                                                                                                        0x00bbf50d
                                                                                                                                                                                                                                                        0x00bbf512
                                                                                                                                                                                                                                                        0x00bbf519
                                                                                                                                                                                                                                                        0x00bbf51d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf52a
                                                                                                                                                                                                                                                        0x00bbf533
                                                                                                                                                                                                                                                        0x00bbf539
                                                                                                                                                                                                                                                        0x00bbf540
                                                                                                                                                                                                                                                        0x00bbf542
                                                                                                                                                                                                                                                        0x00bbf546
                                                                                                                                                                                                                                                        0x00bbf703
                                                                                                                                                                                                                                                        0x00bbfaea
                                                                                                                                                                                                                                                        0x00bbfaea
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfaea
                                                                                                                                                                                                                                                        0x00bbf550
                                                                                                                                                                                                                                                        0x00bbf554
                                                                                                                                                                                                                                                        0x00bbf55f
                                                                                                                                                                                                                                                        0x00bbf562
                                                                                                                                                                                                                                                        0x00bbf569
                                                                                                                                                                                                                                                        0x00bbf572
                                                                                                                                                                                                                                                        0x00bbf579
                                                                                                                                                                                                                                                        0x00bbf584
                                                                                                                                                                                                                                                        0x00bbf58f
                                                                                                                                                                                                                                                        0x00bbf59a
                                                                                                                                                                                                                                                        0x00bbf5a5
                                                                                                                                                                                                                                                        0x00bbf5b0
                                                                                                                                                                                                                                                        0x00bbf5b7
                                                                                                                                                                                                                                                        0x00bbf5bf
                                                                                                                                                                                                                                                        0x00bbf5cd
                                                                                                                                                                                                                                                        0x00bbf5d8
                                                                                                                                                                                                                                                        0x00bbf5e3
                                                                                                                                                                                                                                                        0x00bbf5ec
                                                                                                                                                                                                                                                        0x00bbf5f4
                                                                                                                                                                                                                                                        0x00bbf5f8
                                                                                                                                                                                                                                                        0x00bbf5f8
                                                                                                                                                                                                                                                        0x00bbf5f9
                                                                                                                                                                                                                                                        0x00bbf5fd
                                                                                                                                                                                                                                                        0x00bbf770
                                                                                                                                                                                                                                                        0x00bbf770
                                                                                                                                                                                                                                                        0x00bbf786
                                                                                                                                                                                                                                                        0x00bbf78d
                                                                                                                                                                                                                                                        0x00bbf795
                                                                                                                                                                                                                                                        0x00bbf79c
                                                                                                                                                                                                                                                        0x00bbf7a3
                                                                                                                                                                                                                                                        0x00bbf7aa
                                                                                                                                                                                                                                                        0x00bbf7b1
                                                                                                                                                                                                                                                        0x00bbf7b8
                                                                                                                                                                                                                                                        0x00bbf7ba
                                                                                                                                                                                                                                                        0x00bbf7e2
                                                                                                                                                                                                                                                        0x00bbf7e9
                                                                                                                                                                                                                                                        0x00bbf7eb
                                                                                                                                                                                                                                                        0x00bbf7f2
                                                                                                                                                                                                                                                        0x00bbf856
                                                                                                                                                                                                                                                        0x00bbf85d
                                                                                                                                                                                                                                                        0x00bbf864
                                                                                                                                                                                                                                                        0x00bbf872
                                                                                                                                                                                                                                                        0x00bbf880
                                                                                                                                                                                                                                                        0x00bbf887
                                                                                                                                                                                                                                                        0x00bbf88e
                                                                                                                                                                                                                                                        0x00bbf895
                                                                                                                                                                                                                                                        0x00bbf897
                                                                                                                                                                                                                                                        0x00bbf8b4
                                                                                                                                                                                                                                                        0x00bbf8bb
                                                                                                                                                                                                                                                        0x00bbf8bd
                                                                                                                                                                                                                                                        0x00bbf8c4
                                                                                                                                                                                                                                                        0x00bbf8f2
                                                                                                                                                                                                                                                        0x00bbf8f2
                                                                                                                                                                                                                                                        0x00bbf8fa
                                                                                                                                                                                                                                                        0x00bbf905
                                                                                                                                                                                                                                                        0x00bbf907
                                                                                                                                                                                                                                                        0x00bbf909
                                                                                                                                                                                                                                                        0x00bbfa53
                                                                                                                                                                                                                                                        0x00bbfa53
                                                                                                                                                                                                                                                        0x00bbfa53
                                                                                                                                                                                                                                                        0x00bbfa55
                                                                                                                                                                                                                                                        0x00bbfa55
                                                                                                                                                                                                                                                        0x00bbfa5c
                                                                                                                                                                                                                                                        0x00bbfa5e
                                                                                                                                                                                                                                                        0x00bbfaae
                                                                                                                                                                                                                                                        0x00bbfab5
                                                                                                                                                                                                                                                        0x00bbfac0
                                                                                                                                                                                                                                                        0x00bbfac2
                                                                                                                                                                                                                                                        0x00bbfac5
                                                                                                                                                                                                                                                        0x00bbfacb
                                                                                                                                                                                                                                                        0x00bbfacb
                                                                                                                                                                                                                                                        0x00bbface
                                                                                                                                                                                                                                                        0x00bbfadc
                                                                                                                                                                                                                                                        0x00bbfade
                                                                                                                                                                                                                                                        0x00bbfae1
                                                                                                                                                                                                                                                        0x00bbfae7
                                                                                                                                                                                                                                                        0x00bbfae7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfade
                                                                                                                                                                                                                                                        0x00bbfa60
                                                                                                                                                                                                                                                        0x00bbfa67
                                                                                                                                                                                                                                                        0x00bbfa6b
                                                                                                                                                                                                                                                        0x00bbfa6e
                                                                                                                                                                                                                                                        0x00bbfa71
                                                                                                                                                                                                                                                        0x00bbfa81
                                                                                                                                                                                                                                                        0x00bbfa84
                                                                                                                                                                                                                                                        0x00bbfa86
                                                                                                                                                                                                                                                        0x00bbfa88
                                                                                                                                                                                                                                                        0x00bbfa88
                                                                                                                                                                                                                                                        0x00bbfa93
                                                                                                                                                                                                                                                        0x00bbfa96
                                                                                                                                                                                                                                                        0x00bbfa98
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfa9a
                                                                                                                                                                                                                                                        0x00bbfa9a
                                                                                                                                                                                                                                                        0x00bbfaa3
                                                                                                                                                                                                                                                        0x00bbfaaa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfaaa
                                                                                                                                                                                                                                                        0x00bbf90f
                                                                                                                                                                                                                                                        0x00bbf917
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf91d
                                                                                                                                                                                                                                                        0x00bbf924
                                                                                                                                                                                                                                                        0x00bbf92b
                                                                                                                                                                                                                                                        0x00bbf932
                                                                                                                                                                                                                                                        0x00bbf94c
                                                                                                                                                                                                                                                        0x00bbf953
                                                                                                                                                                                                                                                        0x00bbf965
                                                                                                                                                                                                                                                        0x00bbf966
                                                                                                                                                                                                                                                        0x00bbf966
                                                                                                                                                                                                                                                        0x00bbf967
                                                                                                                                                                                                                                                        0x00bbf96e
                                                                                                                                                                                                                                                        0x00bbf975
                                                                                                                                                                                                                                                        0x00bbf97d
                                                                                                                                                                                                                                                        0x00bbf984
                                                                                                                                                                                                                                                        0x00bbf98b
                                                                                                                                                                                                                                                        0x00bbf9a5
                                                                                                                                                                                                                                                        0x00bbf9a5
                                                                                                                                                                                                                                                        0x00bbf9ac
                                                                                                                                                                                                                                                        0x00bbf9b5
                                                                                                                                                                                                                                                        0x00bbf9b8
                                                                                                                                                                                                                                                        0x00bbf9bb
                                                                                                                                                                                                                                                        0x00bbf9bf
                                                                                                                                                                                                                                                        0x00bbf9c3
                                                                                                                                                                                                                                                        0x00bbf9c7
                                                                                                                                                                                                                                                        0x00bbf9cf
                                                                                                                                                                                                                                                        0x00bbf9cf
                                                                                                                                                                                                                                                        0x00bbf9cf
                                                                                                                                                                                                                                                        0x00bbf9d7
                                                                                                                                                                                                                                                        0x00bbf9d7
                                                                                                                                                                                                                                                        0x00bbf9de
                                                                                                                                                                                                                                                        0x00bbf9e3
                                                                                                                                                                                                                                                        0x00bbf9e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf9e7
                                                                                                                                                                                                                                                        0x00bbf9ef
                                                                                                                                                                                                                                                        0x00bbf9f1
                                                                                                                                                                                                                                                        0x00bbf9f8
                                                                                                                                                                                                                                                        0x00bbf9fd
                                                                                                                                                                                                                                                        0x00bbf9ff
                                                                                                                                                                                                                                                        0x00bbfa18
                                                                                                                                                                                                                                                        0x00bbfa1d
                                                                                                                                                                                                                                                        0x00bbfa2f
                                                                                                                                                                                                                                                        0x00bbfa38
                                                                                                                                                                                                                                                        0x00bbfa3f
                                                                                                                                                                                                                                                        0x00bbfa46
                                                                                                                                                                                                                                                        0x00bbfa46
                                                                                                                                                                                                                                                        0x00bbf9ff
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf9ef
                                                                                                                                                                                                                                                        0x00bbf991
                                                                                                                                                                                                                                                        0x00bbf996
                                                                                                                                                                                                                                                        0x00bbf998
                                                                                                                                                                                                                                                        0x00bbfd4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd4b
                                                                                                                                                                                                                                                        0x00bbf99e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf99e
                                                                                                                                                                                                                                                        0x00bbf938
                                                                                                                                                                                                                                                        0x00bbf93d
                                                                                                                                                                                                                                                        0x00bbf93f
                                                                                                                                                                                                                                                        0x00bbfd30
                                                                                                                                                                                                                                                        0x00bbfd38
                                                                                                                                                                                                                                                        0x00bbfd3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd3f
                                                                                                                                                                                                                                                        0x00bbf945
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf945
                                                                                                                                                                                                                                                        0x00bbf8c6
                                                                                                                                                                                                                                                        0x00bbf8c9
                                                                                                                                                                                                                                                        0x00bbf8c9
                                                                                                                                                                                                                                                        0x00bbf8cb
                                                                                                                                                                                                                                                        0x00bbf8ce
                                                                                                                                                                                                                                                        0x00bbf8d2
                                                                                                                                                                                                                                                        0x00bbf8dd
                                                                                                                                                                                                                                                        0x00bbf8e4
                                                                                                                                                                                                                                                        0x00bbf8e7
                                                                                                                                                                                                                                                        0x00bbf8e7
                                                                                                                                                                                                                                                        0x00bbf8eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf8eb
                                                                                                                                                                                                                                                        0x00bbf899
                                                                                                                                                                                                                                                        0x00bbf8a0
                                                                                                                                                                                                                                                        0x00bbf8a7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf8a7
                                                                                                                                                                                                                                                        0x00bbf7f4
                                                                                                                                                                                                                                                        0x00bbf7f7
                                                                                                                                                                                                                                                        0x00bbf83b
                                                                                                                                                                                                                                                        0x00bbf844
                                                                                                                                                                                                                                                        0x00bbf848
                                                                                                                                                                                                                                                        0x00bbf848
                                                                                                                                                                                                                                                        0x00bbf84a
                                                                                                                                                                                                                                                        0x00bbf84e
                                                                                                                                                                                                                                                        0x00bbf851
                                                                                                                                                                                                                                                        0x00bbf852
                                                                                                                                                                                                                                                        0x00bbf852
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf84a
                                                                                                                                                                                                                                                        0x00bbf7fb
                                                                                                                                                                                                                                                        0x00bbf7fd
                                                                                                                                                                                                                                                        0x00bbf7fd
                                                                                                                                                                                                                                                        0x00bbf800
                                                                                                                                                                                                                                                        0x00bbf807
                                                                                                                                                                                                                                                        0x00bbf80e
                                                                                                                                                                                                                                                        0x00bbf80e
                                                                                                                                                                                                                                                        0x00bbf816
                                                                                                                                                                                                                                                        0x00bbf81e
                                                                                                                                                                                                                                                        0x00bbf826
                                                                                                                                                                                                                                                        0x00bbf82e
                                                                                                                                                                                                                                                        0x00bbf831
                                                                                                                                                                                                                                                        0x00bbf831
                                                                                                                                                                                                                                                        0x00bbf835
                                                                                                                                                                                                                                                        0x00bbf837
                                                                                                                                                                                                                                                        0x00bbf839
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf839
                                                                                                                                                                                                                                                        0x00bbf7bc
                                                                                                                                                                                                                                                        0x00bbf7c3
                                                                                                                                                                                                                                                        0x00bbf7ce
                                                                                                                                                                                                                                                        0x00bbf7d5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf7d5
                                                                                                                                                                                                                                                        0x00bbf605
                                                                                                                                                                                                                                                        0x00bbf607
                                                                                                                                                                                                                                                        0x00bbf60b
                                                                                                                                                                                                                                                        0x00bbf645
                                                                                                                                                                                                                                                        0x00bbf652
                                                                                                                                                                                                                                                        0x00bbf655
                                                                                                                                                                                                                                                        0x00bbf657
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf65d
                                                                                                                                                                                                                                                        0x00bbf664
                                                                                                                                                                                                                                                        0x00bbf668
                                                                                                                                                                                                                                                        0x00bbf66f
                                                                                                                                                                                                                                                        0x00bbf617
                                                                                                                                                                                                                                                        0x00bbf617
                                                                                                                                                                                                                                                        0x00bbf61e
                                                                                                                                                                                                                                                        0x00bbf61f
                                                                                                                                                                                                                                                        0x00bbf622
                                                                                                                                                                                                                                                        0x00bbf626
                                                                                                                                                                                                                                                        0x00bbf631
                                                                                                                                                                                                                                                        0x00bbf633
                                                                                                                                                                                                                                                        0x00bbf634
                                                                                                                                                                                                                                                        0x00bbf638
                                                                                                                                                                                                                                                        0x00bbf63f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf63f
                                                                                                                                                                                                                                                        0x00bbf67a
                                                                                                                                                                                                                                                        0x00bbf67f
                                                                                                                                                                                                                                                        0x00bbf681
                                                                                                                                                                                                                                                        0x00bbf610
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf610
                                                                                                                                                                                                                                                        0x00bbf683
                                                                                                                                                                                                                                                        0x00bbf68a
                                                                                                                                                                                                                                                        0x00bbf68c
                                                                                                                                                                                                                                                        0x00bbf763
                                                                                                                                                                                                                                                        0x00bbf763
                                                                                                                                                                                                                                                        0x00bbf763
                                                                                                                                                                                                                                                        0x00bbf765
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf765
                                                                                                                                                                                                                                                        0x00bbf692
                                                                                                                                                                                                                                                        0x00bbf699
                                                                                                                                                                                                                                                        0x00bbf6a0
                                                                                                                                                                                                                                                        0x00bbf6a3
                                                                                                                                                                                                                                                        0x00bbf6a6
                                                                                                                                                                                                                                                        0x00bbf6b6
                                                                                                                                                                                                                                                        0x00bbf6b9
                                                                                                                                                                                                                                                        0x00bbf6bb
                                                                                                                                                                                                                                                        0x00bbf6bd
                                                                                                                                                                                                                                                        0x00bbf6bd
                                                                                                                                                                                                                                                        0x00bbf6c8
                                                                                                                                                                                                                                                        0x00bbf6cb
                                                                                                                                                                                                                                                        0x00bbf6cd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf6d3
                                                                                                                                                                                                                                                        0x00bbf6d3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf6a6
                                                                                                                                                                                                                                                        0x00bbf70a
                                                                                                                                                                                                                                                        0x00bbf711
                                                                                                                                                                                                                                                        0x00bbf719
                                                                                                                                                                                                                                                        0x00bbf71b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf71d
                                                                                                                                                                                                                                                        0x00bbf724
                                                                                                                                                                                                                                                        0x00bbf72b
                                                                                                                                                                                                                                                        0x00bbf72e
                                                                                                                                                                                                                                                        0x00bbf731
                                                                                                                                                                                                                                                        0x00bbf741
                                                                                                                                                                                                                                                        0x00bbf744
                                                                                                                                                                                                                                                        0x00bbf746
                                                                                                                                                                                                                                                        0x00bbf748
                                                                                                                                                                                                                                                        0x00bbf748
                                                                                                                                                                                                                                                        0x00bbf753
                                                                                                                                                                                                                                                        0x00bbf756
                                                                                                                                                                                                                                                        0x00bbf758
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf75a
                                                                                                                                                                                                                                                        0x00bbf75a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf480
                                                                                                                                                                                                                                                        0x00bbf480
                                                                                                                                                                                                                                                        0x00bbf483
                                                                                                                                                                                                                                                        0x00bbf483
                                                                                                                                                                                                                                                        0x00bbf4a7
                                                                                                                                                                                                                                                        0x00bbf4ad
                                                                                                                                                                                                                                                        0x00bbf4b6
                                                                                                                                                                                                                                                        0x00bbf4b9
                                                                                                                                                                                                                                                        0x00bbf4bb
                                                                                                                                                                                                                                                        0x00bbf4c2
                                                                                                                                                                                                                                                        0x00bbf4c7
                                                                                                                                                                                                                                                        0x00bbf4c9
                                                                                                                                                                                                                                                        0x00bbf4cb
                                                                                                                                                                                                                                                        0x00bbf4d2
                                                                                                                                                                                                                                                        0x00bbf4d4
                                                                                                                                                                                                                                                        0x00bbf4d7
                                                                                                                                                                                                                                                        0x00bbf4d9
                                                                                                                                                                                                                                                        0x00bbf4dc
                                                                                                                                                                                                                                                        0x00bbf4df
                                                                                                                                                                                                                                                        0x00bbf4e2
                                                                                                                                                                                                                                                        0x00bbf4e2
                                                                                                                                                                                                                                                        0x00bbf4c9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf4bb
                                                                                                                                                                                                                                                        0x00bbf473
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf473
                                                                                                                                                                                                                                                        0x00bbf3ce
                                                                                                                                                                                                                                                        0x00bbf3d0
                                                                                                                                                                                                                                                        0x00bbf449
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf449
                                                                                                                                                                                                                                                        0x00bbf3d2
                                                                                                                                                                                                                                                        0x00bbf3d5
                                                                                                                                                                                                                                                        0x00bbf6dc
                                                                                                                                                                                                                                                        0x00bbf6e0
                                                                                                                                                                                                                                                        0x00bbf6e5
                                                                                                                                                                                                                                                        0x00bbf6ed
                                                                                                                                                                                                                                                        0x00bbf6f0
                                                                                                                                                                                                                                                        0x00bbf6f5
                                                                                                                                                                                                                                                        0x00bbf6f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf6fe
                                                                                                                                                                                                                                                        0x00bbf3db
                                                                                                                                                                                                                                                        0x00bbf3df
                                                                                                                                                                                                                                                        0x00bbf3e7
                                                                                                                                                                                                                                                        0x00bbf3eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf3ed
                                                                                                                                                                                                                                                        0x00bbf3f1
                                                                                                                                                                                                                                                        0x00bbf3f5
                                                                                                                                                                                                                                                        0x00bbf3f9
                                                                                                                                                                                                                                                        0x00bbf401
                                                                                                                                                                                                                                                        0x00bbf401
                                                                                                                                                                                                                                                        0x00bbf403
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf405
                                                                                                                                                                                                                                                        0x00bbf407
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf409
                                                                                                                                                                                                                                                        0x00bbf40b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf40d
                                                                                                                                                                                                                                                        0x00bbf411
                                                                                                                                                                                                                                                        0x00bbf415
                                                                                                                                                                                                                                                        0x00bbf417
                                                                                                                                                                                                                                                        0x00bbf435
                                                                                                                                                                                                                                                        0x00bbf435
                                                                                                                                                                                                                                                        0x00bbfbab
                                                                                                                                                                                                                                                        0x00bbfbab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfbab
                                                                                                                                                                                                                                                        0x00bbf420
                                                                                                                                                                                                                                                        0x00bbf424
                                                                                                                                                                                                                                                        0x00bbf424
                                                                                                                                                                                                                                                        0x00bbf429
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf42f
                                                                                                                                                                                                                                                        0x00bbf432
                                                                                                                                                                                                                                                        0x00bbf432
                                                                                                                                                                                                                                                        0x00bbf433
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf433
                                                                                                                                                                                                                                                        0x00bbfba0
                                                                                                                                                                                                                                                        0x00bbfba2
                                                                                                                                                                                                                                                        0x00bbfba7
                                                                                                                                                                                                                                                        0x00bbfba9
                                                                                                                                                                                                                                                        0x00bbfbbc
                                                                                                                                                                                                                                                        0x00bbfbbe
                                                                                                                                                                                                                                                        0x00bbfbc2
                                                                                                                                                                                                                                                        0x00bbfbc5
                                                                                                                                                                                                                                                        0x00bbfbc9
                                                                                                                                                                                                                                                        0x00bbfbcc
                                                                                                                                                                                                                                                        0x00bbfbd0
                                                                                                                                                                                                                                                        0x00bbfbd2
                                                                                                                                                                                                                                                        0x00bbfbe9
                                                                                                                                                                                                                                                        0x00bbfbe9
                                                                                                                                                                                                                                                        0x00bbfc24
                                                                                                                                                                                                                                                        0x00bbfc24
                                                                                                                                                                                                                                                        0x00bbfc28
                                                                                                                                                                                                                                                        0x00bbfc2d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc2d
                                                                                                                                                                                                                                                        0x00bbfbd8
                                                                                                                                                                                                                                                        0x00bbfbdc
                                                                                                                                                                                                                                                        0x00bbfbdc
                                                                                                                                                                                                                                                        0x00bbfbe1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfbe3
                                                                                                                                                                                                                                                        0x00bbfbe6
                                                                                                                                                                                                                                                        0x00bbfbe6
                                                                                                                                                                                                                                                        0x00bbfbe7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfbe7
                                                                                                                                                                                                                                                        0x00bbfbf0
                                                                                                                                                                                                                                                        0x00bbfbf2
                                                                                                                                                                                                                                                        0x00bbfbf7
                                                                                                                                                                                                                                                        0x00bbfbf9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc03
                                                                                                                                                                                                                                                        0x00bbfc08
                                                                                                                                                                                                                                                        0x00bbfc0a
                                                                                                                                                                                                                                                        0x00bbfc10
                                                                                                                                                                                                                                                        0x00bbfc13
                                                                                                                                                                                                                                                        0x00bbfc17
                                                                                                                                                                                                                                                        0x00bbfc1e
                                                                                                                                                                                                                                                        0x00bbfc22
                                                                                                                                                                                                                                                        0x00bbfc3a
                                                                                                                                                                                                                                                        0x00bbfc3d
                                                                                                                                                                                                                                                        0x00bbfc3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc41
                                                                                                                                                                                                                                                        0x00bbfc45
                                                                                                                                                                                                                                                        0x00bbfc49
                                                                                                                                                                                                                                                        0x00bbfc50
                                                                                                                                                                                                                                                        0x00bbfc52
                                                                                                                                                                                                                                                        0x00bbfc55
                                                                                                                                                                                                                                                        0x00bbfc59
                                                                                                                                                                                                                                                        0x00bbfc5c
                                                                                                                                                                                                                                                        0x00bbfc5e
                                                                                                                                                                                                                                                        0x00bbfc5e
                                                                                                                                                                                                                                                        0x00bbfc60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc62
                                                                                                                                                                                                                                                        0x00bbfc64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc66
                                                                                                                                                                                                                                                        0x00bbfc6a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc6c
                                                                                                                                                                                                                                                        0x00bbfc6f
                                                                                                                                                                                                                                                        0x00bbfc74
                                                                                                                                                                                                                                                        0x00bbfc77
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc79
                                                                                                                                                                                                                                                        0x00bbfc81
                                                                                                                                                                                                                                                        0x00bbfc89
                                                                                                                                                                                                                                                        0x00bbfc91
                                                                                                                                                                                                                                                        0x00bbfc9b
                                                                                                                                                                                                                                                        0x00bbfca4
                                                                                                                                                                                                                                                        0x00bbfcac
                                                                                                                                                                                                                                                        0x00bbfcb5
                                                                                                                                                                                                                                                        0x00bbfcbe
                                                                                                                                                                                                                                                        0x00bbfccb
                                                                                                                                                                                                                                                        0x00bbfcd1
                                                                                                                                                                                                                                                        0x00bbfcd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfcda
                                                                                                                                                                                                                                                        0x00bbfcdf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfcef
                                                                                                                                                                                                                                                        0x00bbfcf2
                                                                                                                                                                                                                                                        0x00bbfcf4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfcfa
                                                                                                                                                                                                                                                        0x00bbfd01
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd07
                                                                                                                                                                                                                                                        0x00bbfd0f
                                                                                                                                                                                                                                                        0x00bbfd13
                                                                                                                                                                                                                                                        0x00bbfd1b
                                                                                                                                                                                                                                                        0x00bbfd1f
                                                                                                                                                                                                                                                        0x00bbfd21
                                                                                                                                                                                                                                                        0x00bbfd25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfba9
                                                                                                                                                                                                                                                        0x00bbf3a7
                                                                                                                                                                                                                                                        0x00bbf3ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf3ae
                                                                                                                                                                                                                                                        0x00bbf27c
                                                                                                                                                                                                                                                        0x00bbf27f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf27f
                                                                                                                                                                                                                                                        0x00bbf275
                                                                                                                                                                                                                                                        0x00bbef62
                                                                                                                                                                                                                                                        0x00bbef67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef6d
                                                                                                                                                                                                                                                        0x00bbef72
                                                                                                                                                                                                                                                        0x00bbef75
                                                                                                                                                                                                                                                        0x00bbef79
                                                                                                                                                                                                                                                        0x00bbef7d
                                                                                                                                                                                                                                                        0x00bbef81
                                                                                                                                                                                                                                                        0x00bbef86
                                                                                                                                                                                                                                                        0x00bbef8a
                                                                                                                                                                                                                                                        0x00bbef8e
                                                                                                                                                                                                                                                        0x00bbef90
                                                                                                                                                                                                                                                        0x00bbef92
                                                                                                                                                                                                                                                        0x00bbefa0
                                                                                                                                                                                                                                                        0x00bbefa8
                                                                                                                                                                                                                                                        0x00bbefac
                                                                                                                                                                                                                                                        0x00bbefaf
                                                                                                                                                                                                                                                        0x00bbefb0
                                                                                                                                                                                                                                                        0x00bbefb4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefb6
                                                                                                                                                                                                                                                        0x00bbf057
                                                                                                                                                                                                                                                        0x00bbf05d
                                                                                                                                                                                                                                                        0x00bbf061
                                                                                                                                                                                                                                                        0x00bbf065
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf067
                                                                                                                                                                                                                                                        0x00bbf067
                                                                                                                                                                                                                                                        0x00bbf069
                                                                                                                                                                                                                                                        0x00bbf070
                                                                                                                                                                                                                                                        0x00bbf073
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf075
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf075
                                                                                                                                                                                                                                                        0x00bbf073
                                                                                                                                                                                                                                                        0x00bbf077
                                                                                                                                                                                                                                                        0x00bbf07b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf07d
                                                                                                                                                                                                                                                        0x00bbf082
                                                                                                                                                                                                                                                        0x00bbf085
                                                                                                                                                                                                                                                        0x00bbf08b
                                                                                                                                                                                                                                                        0x00bbf09b
                                                                                                                                                                                                                                                        0x00bbf09b
                                                                                                                                                                                                                                                        0x00bbf09e
                                                                                                                                                                                                                                                        0x00bbf09e
                                                                                                                                                                                                                                                        0x00bbf0a1
                                                                                                                                                                                                                                                        0x00bbf0a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf0ad
                                                                                                                                                                                                                                                        0x00bbf0b1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf090
                                                                                                                                                                                                                                                        0x00bbf090
                                                                                                                                                                                                                                                        0x00bbf093
                                                                                                                                                                                                                                                        0x00bbf093
                                                                                                                                                                                                                                                        0x00bbf09b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf085
                                                                                                                                                                                                                                                        0x00bbf065
                                                                                                                                                                                                                                                        0x00bbefb4
                                                                                                                                                                                                                                                        0x00bbefe3
                                                                                                                                                                                                                                                        0x00bbefe3
                                                                                                                                                                                                                                                        0x00bbefe6
                                                                                                                                                                                                                                                        0x00bbefeb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefed
                                                                                                                                                                                                                                                        0x00bbefed
                                                                                                                                                                                                                                                        0x00bbefed
                                                                                                                                                                                                                                                        0x00bbefef
                                                                                                                                                                                                                                                        0x00bbeff7
                                                                                                                                                                                                                                                        0x00bbeff7
                                                                                                                                                                                                                                                        0x00bbeffd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefff
                                                                                                                                                                                                                                                        0x00bbf000
                                                                                                                                                                                                                                                        0x00bbf001
                                                                                                                                                                                                                                                        0x00bbf005
                                                                                                                                                                                                                                                        0x00bbf006
                                                                                                                                                                                                                                                        0x00bbf00b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf00d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf00d
                                                                                                                                                                                                                                                        0x00bbf00b
                                                                                                                                                                                                                                                        0x00bbf012
                                                                                                                                                                                                                                                        0x00bbf014
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf016
                                                                                                                                                                                                                                                        0x00bbf01c
                                                                                                                                                                                                                                                        0x00bbf02e
                                                                                                                                                                                                                                                        0x00bbf030
                                                                                                                                                                                                                                                        0x00bbf03f
                                                                                                                                                                                                                                                        0x00bbf03f
                                                                                                                                                                                                                                                        0x00bbf042
                                                                                                                                                                                                                                                        0x00bbf045
                                                                                                                                                                                                                                                        0x00bbf049
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf051
                                                                                                                                                                                                                                                        0x00bbf055
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf034
                                                                                                                                                                                                                                                        0x00bbf034
                                                                                                                                                                                                                                                        0x00bbf037
                                                                                                                                                                                                                                                        0x00bbf037
                                                                                                                                                                                                                                                        0x00bbf03f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf01c
                                                                                                                                                                                                                                                        0x00bbefeb
                                                                                                                                                                                                                                                        0x00bbef0f
                                                                                                                                                                                                                                                        0x00bbef0f
                                                                                                                                                                                                                                                        0x00bbef11
                                                                                                                                                                                                                                                        0x00bbef20
                                                                                                                                                                                                                                                        0x00bbef26
                                                                                                                                                                                                                                                        0x00bbef2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef20
                                                                                                                                                                                                                                                        0x00bbef0d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(000000FF,?,00000000,?,0000001C,00000000), ref: 00BBEEBD
                                                                                                                                                                                                                                                        • NtUnmapViewOfSection.NTDLL(000000FF,?), ref: 00BBEFBF
                                                                                                                                                                                                                                                        • RtlCompareUnicodeString.NTDLL(?,?,00000001), ref: 00BBF0E2
                                                                                                                                                                                                                                                        • RtlDuplicateUnicodeString.NTDLL(00000001,?,?), ref: 00BBF125
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?), ref: 00BBF23F
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBF296
                                                                                                                                                                                                                                                        • RtlGetVersion.NTDLL ref: 00BBF2B1
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(0000002C,00000001,?,?,00BFA7A0,00000000,?,00000001,?), ref: 00BBF315
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(00BFA7A0), ref: 00BBF464
                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL ref: 00BBF4C2
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BBF4EC
                                                                                                                                                                                                                                                        • RtlRunOnceExecuteOnce.NTDLL ref: 00BBF50D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: StringUnicode$ExclusiveFreeLockOnce$AcquireAllocateCompareDuplicateExecuteHeapMemoryQueryReleaseSectionUnmapVersionViewVirtualmemset
                                                                                                                                                                                                                                                        • String ID: $(
                                                                                                                                                                                                                                                        • API String ID: 3919415482-55695022
                                                                                                                                                                                                                                                        • Opcode ID: 6b4d4ec93c2ac9c335e02ff322a7116d347caef45be353d4c1e034a4cfecf95f
                                                                                                                                                                                                                                                        • Instruction ID: 4c5cbfc0e95cfb11ec9d89332575d4313f440b1e3d11b9dc760f4aa26b0fc129
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6b4d4ec93c2ac9c335e02ff322a7116d347caef45be353d4c1e034a4cfecf95f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9D928F716087428FD734DF18C884BBBB7E1FF85314F148AADE99997291DBB0A845CB42
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BE99D0(void* __ecx, void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				short _v40;
                                                                                                                                                                                                                                                        				short _v44;
                                                                                                                                                                                                                                                        				short _v48;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v217;
                                                                                                                                                                                                                                                        				char _v221;
                                                                                                                                                                                                                                                        				char _v232;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				int _t25;
                                                                                                                                                                                                                                                        				int _t28;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				void* _t44;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t66 = __edx;
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t71 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t18 ^ _t72;
                                                                                                                                                                                                                                                        				if(E00BE2E40(__edx,  *0xbfa060) != 0) {
                                                                                                                                                                                                                                                        					TerminateProcess(GetCurrentProcess(), 0x1b5e);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t71 + 4)) <= 1) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t71 + 4)) = 2;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(RevertToSelf() == 0) {
                                                                                                                                                                                                                                                        					TerminateProcess(GetCurrentProcess(), 0x1b5f);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(E00BE9CA0(0x80000002) != 0) {
                                                                                                                                                                                                                                                        					_t23 = E00BE9CA0(0x80000000);
                                                                                                                                                                                                                                                        					__eflags = _t23;
                                                                                                                                                                                                                                                        					if(_t23 == 0) {
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t25 = E00BE9CA0(0x80000003);
                                                                                                                                                                                                                                                        						__eflags = _t25;
                                                                                                                                                                                                                                                        						if(_t25 == 0) {
                                                                                                                                                                                                                                                        							goto L7;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L28:
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_t25 = TerminateProcess(GetCurrentProcess(), 0x1b60);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L8:
                                                                                                                                                                                                                                                        				__imp__RegDisablePredefinedCache();
                                                                                                                                                                                                                                                        				if(_t25 != 0) {
                                                                                                                                                                                                                                                        					TerminateProcess(GetCurrentProcess(), 0x1b61);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				GetUserDefaultLangID();
                                                                                                                                                                                                                                                        				GetUserDefaultLCID();
                                                                                                                                                                                                                                                        				asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v40 = 0;
                                                                                                                                                                                                                                                        				_t28 =  &_v208;
                                                                                                                                                                                                                                                        				asm("movaps [esp+0xa0], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x90], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x80], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x70], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x60], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x50], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        				__imp__GetUserDefaultLocaleName(_t28, 0x55);
                                                                                                                                                                                                                                                        				if(_t28 == 0) {
                                                                                                                                                                                                                                                        					_t28 = TerminateProcess(GetCurrentProcess(), 0x1b65);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v217 = 1;
                                                                                                                                                                                                                                                        				if(E00BD3F60(_t28) != 0) {
                                                                                                                                                                                                                                                        					E00BD3F70( &_v216);
                                                                                                                                                                                                                                                        					_t38 = E00BD4210( &_v216, _t66,  &_v217);
                                                                                                                                                                                                                                                        					_t87 = _v221;
                                                                                                                                                                                                                                                        					if(_v221 == 0) {
                                                                                                                                                                                                                                                        						__imp__EnumSystemLocalesEx(E00BC0D30, 1, 0, 0);
                                                                                                                                                                                                                                                        						__eflags = _t38;
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							E00BD3FD0( &_v232, __eflags);
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t42 = E00BD5880(_t38);
                                                                                                                                                                                                                                                        							__eflags = _t42;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								HeapDestroy(_t42);
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						_t44 = E00BD43C0( &_v232, _t66);
                                                                                                                                                                                                                                                        						E00BD3FD0( &_v232, _t87);
                                                                                                                                                                                                                                                        						if(_t44 == 0) {
                                                                                                                                                                                                                                                        							L20:
                                                                                                                                                                                                                                                        							TerminateProcess(GetCurrentProcess(), 0x1b62);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *((char*)(_t71 + 8)) = _v217;
                                                                                                                                                                                                                                                        				_t31 =  *0xbfb6c0;
                                                                                                                                                                                                                                                        				_t57 =  *0xbfb6c4;
                                                                                                                                                                                                                                                        				_t68 = _t31 | _t57;
                                                                                                                                                                                                                                                        				if((_t31 | _t57) != 0 && E00BD97A0(_t31, _t57) == 0) {
                                                                                                                                                                                                                                                        					TerminateProcess(GetCurrentProcess(), 0x1b63);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v32 ^ _t72, _t68);
                                                                                                                                                                                                                                                        				goto L28;
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00be99d0
                                                                                                                                                                                                                                                        0x00be99df
                                                                                                                                                                                                                                                        0x00be99e4
                                                                                                                                                                                                                                                        0x00be99e8
                                                                                                                                                                                                                                                        0x00be99ff
                                                                                                                                                                                                                                                        0x00be9a0d
                                                                                                                                                                                                                                                        0x00be9a0d
                                                                                                                                                                                                                                                        0x00be9a17
                                                                                                                                                                                                                                                        0x00be9a19
                                                                                                                                                                                                                                                        0x00be9a19
                                                                                                                                                                                                                                                        0x00be9a28
                                                                                                                                                                                                                                                        0x00be9a36
                                                                                                                                                                                                                                                        0x00be9a36
                                                                                                                                                                                                                                                        0x00be9a48
                                                                                                                                                                                                                                                        0x00be9be4
                                                                                                                                                                                                                                                        0x00be9be9
                                                                                                                                                                                                                                                        0x00be9beb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9bf1
                                                                                                                                                                                                                                                        0x00be9bf6
                                                                                                                                                                                                                                                        0x00be9bfb
                                                                                                                                                                                                                                                        0x00be9bfd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9c03
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9c03
                                                                                                                                                                                                                                                        0x00be9bfd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9a4e
                                                                                                                                                                                                                                                        0x00be9a4e
                                                                                                                                                                                                                                                        0x00be9a5a
                                                                                                                                                                                                                                                        0x00be9a5a
                                                                                                                                                                                                                                                        0x00be9a60
                                                                                                                                                                                                                                                        0x00be9a60
                                                                                                                                                                                                                                                        0x00be9a68
                                                                                                                                                                                                                                                        0x00be9a76
                                                                                                                                                                                                                                                        0x00be9a76
                                                                                                                                                                                                                                                        0x00be9a7c
                                                                                                                                                                                                                                                        0x00be9a82
                                                                                                                                                                                                                                                        0x00be9a88
                                                                                                                                                                                                                                                        0x00be9a8b
                                                                                                                                                                                                                                                        0x00be9a96
                                                                                                                                                                                                                                                        0x00be9aa1
                                                                                                                                                                                                                                                        0x00be9aab
                                                                                                                                                                                                                                                        0x00be9aaf
                                                                                                                                                                                                                                                        0x00be9ab7
                                                                                                                                                                                                                                                        0x00be9abf
                                                                                                                                                                                                                                                        0x00be9ac7
                                                                                                                                                                                                                                                        0x00be9acc
                                                                                                                                                                                                                                                        0x00be9ad1
                                                                                                                                                                                                                                                        0x00be9ad6
                                                                                                                                                                                                                                                        0x00be9adb
                                                                                                                                                                                                                                                        0x00be9ae0
                                                                                                                                                                                                                                                        0x00be9ae5
                                                                                                                                                                                                                                                        0x00be9aed
                                                                                                                                                                                                                                                        0x00be9af5
                                                                                                                                                                                                                                                        0x00be9b03
                                                                                                                                                                                                                                                        0x00be9b03
                                                                                                                                                                                                                                                        0x00be9b09
                                                                                                                                                                                                                                                        0x00be9b15
                                                                                                                                                                                                                                                        0x00be9b1d
                                                                                                                                                                                                                                                        0x00be9b29
                                                                                                                                                                                                                                                        0x00be9b2e
                                                                                                                                                                                                                                                        0x00be9b33
                                                                                                                                                                                                                                                        0x00be9b5a
                                                                                                                                                                                                                                                        0x00be9b60
                                                                                                                                                                                                                                                        0x00be9b62
                                                                                                                                                                                                                                                        0x00be9b76
                                                                                                                                                                                                                                                        0x00be9b7a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b64
                                                                                                                                                                                                                                                        0x00be9b64
                                                                                                                                                                                                                                                        0x00be9b69
                                                                                                                                                                                                                                                        0x00be9b6b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b6d
                                                                                                                                                                                                                                                        0x00be9b6e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b6e
                                                                                                                                                                                                                                                        0x00be9b6b
                                                                                                                                                                                                                                                        0x00be9b35
                                                                                                                                                                                                                                                        0x00be9b35
                                                                                                                                                                                                                                                        0x00be9b3b
                                                                                                                                                                                                                                                        0x00be9b44
                                                                                                                                                                                                                                                        0x00be9b4b
                                                                                                                                                                                                                                                        0x00be9b7f
                                                                                                                                                                                                                                                        0x00be9b8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b4d
                                                                                                                                                                                                                                                        0x00be9b4b
                                                                                                                                                                                                                                                        0x00be9b33
                                                                                                                                                                                                                                                        0x00be9b95
                                                                                                                                                                                                                                                        0x00be9b98
                                                                                                                                                                                                                                                        0x00be9b9d
                                                                                                                                                                                                                                                        0x00be9ba5
                                                                                                                                                                                                                                                        0x00be9ba7
                                                                                                                                                                                                                                                        0x00be9bc3
                                                                                                                                                                                                                                                        0x00be9bc3
                                                                                                                                                                                                                                                        0x00be9bde
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A01
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B5E), ref: 00BE9A0D
                                                                                                                                                                                                                                                        • RevertToSelf.ADVAPI32 ref: 00BE9A20
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A2A
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B5F), ref: 00BE9A36
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A4E
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B60), ref: 00BE9A5A
                                                                                                                                                                                                                                                        • RegDisablePredefinedCache.ADVAPI32 ref: 00BE9A60
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A6A
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B61), ref: 00BE9A76
                                                                                                                                                                                                                                                        • GetUserDefaultLangID.KERNEL32 ref: 00BE9A7C
                                                                                                                                                                                                                                                        • GetUserDefaultLCID.KERNEL32 ref: 00BE9A82
                                                                                                                                                                                                                                                        • GetUserDefaultLocaleName.KERNEL32(?,00000055), ref: 00BE9AED
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9AF7
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B65), ref: 00BE9B03
                                                                                                                                                                                                                                                        • EnumSystemLocalesEx.KERNEL32(?,00000001,00000000,00000000), ref: 00BE9B5A
                                                                                                                                                                                                                                                        • HeapDestroy.KERNEL32(00000000), ref: 00BE9B6E
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9B7F
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B62), ref: 00BE9B8B
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9BB7
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B63), ref: 00BE9BC3
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentTerminate$DefaultUser$CacheDestroyDisableEnumHeapLangLocaleLocalesNamePredefinedRevertSelfSystem
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 623231726-0
                                                                                                                                                                                                                                                        • Opcode ID: 6bd5e85b3ceb1d9a67d0fd83d6810fa8c6474a802527f6a8246eebdc79fd4afc
                                                                                                                                                                                                                                                        • Instruction ID: 5282efd1ece4213a5852badb082672d3373c2d5e3246bb420a41d9d5de7b0dc5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6bd5e85b3ceb1d9a67d0fd83d6810fa8c6474a802527f6a8246eebdc79fd4afc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5751D3705483C19BEB24AB75AC0ABFA77F8EF80301F040599F945932A1EF718549C752
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BD6270(void*** __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				int _v212;
                                                                                                                                                                                                                                                        				long _v220;
                                                                                                                                                                                                                                                        				void _v224;
                                                                                                                                                                                                                                                        				long _v228;
                                                                                                                                                                                                                                                        				long _v232;
                                                                                                                                                                                                                                                        				void* _v236;
                                                                                                                                                                                                                                                        				void _v240;
                                                                                                                                                                                                                                                        				void* _v244;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				int _t39;
                                                                                                                                                                                                                                                        				int _t44;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				int _t69;
                                                                                                                                                                                                                                                        				void*** _t70;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __edx;
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t70 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t26 ^ _t71;
                                                                                                                                                                                                                                                        				if(__edx != 0) {
                                                                                                                                                                                                                                                        					_push(0);
                                                                                                                                                                                                                                                        					_push("_TargetNtMapViewOfSection@44");
                                                                                                                                                                                                                                                        					E00BD5BD0(__ecx, __eflags,  &M00BF146A, "NtMapViewOfSection", 1);
                                                                                                                                                                                                                                                        					_push(1);
                                                                                                                                                                                                                                                        					_push("_TargetNtUnmapViewOfSection@12");
                                                                                                                                                                                                                                                        					E00BD5BD0(__ecx, __eflags,  &M00BF146A, "NtUnmapViewOfSection", 1);
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					_t31 =  *( *_t70);
                                                                                                                                                                                                                                                        					_v244 = _t31;
                                                                                                                                                                                                                                                        					_v236 = VirtualAllocEx(_t31, 0, 0x10000, 0x2000, 1);
                                                                                                                                                                                                                                                        					_t8 = (_t70[2] << 6) + 0x50; // 0x50
                                                                                                                                                                                                                                                        					_v240 = _t8;
                                                                                                                                                                                                                                                        					_t33 = E00BD5940(_t8);
                                                                                                                                                                                                                                                        					_t67 = _t33 & 0x00000fff;
                                                                                                                                                                                                                                                        					_t36 = VirtualAllocEx(_v244, (_t33 & 0xfffff000) + _v236, (_t70[2] << 0x00000006) + 0x0000104f & 0xfffff000, 0x1000, 0x40);
                                                                                                                                                                                                                                                        					_t53 = _t36;
                                                                                                                                                                                                                                                        					__eflags = _t36;
                                                                                                                                                                                                                                                        					if(_t36 == 0) {
                                                                                                                                                                                                                                                        						_push("thunk_base");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v224, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/interception.cc", 0x188);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t54 = _t53 + _t67;
                                                                                                                                                                                                                                                        					_t68 = _v240;
                                                                                                                                                                                                                                                        					_v224 = _v240;
                                                                                                                                                                                                                                                        					_v212 = 0;
                                                                                                                                                                                                                                                        					_v220 = 0x10;
                                                                                                                                                                                                                                                        					memset("true", 0, 0xa8);
                                                                                                                                                                                                                                                        					_t65 = _t54;
                                                                                                                                                                                                                                                        					_t39 = E00BD66A0(_t54, _t70, _t54, _v240, _t70, _t68,  &_v224);
                                                                                                                                                                                                                                                        					_t69 = _t39;
                                                                                                                                                                                                                                                        					__eflags = _t39;
                                                                                                                                                                                                                                                        					if(_t39 == 0) {
                                                                                                                                                                                                                                                        						_t44 = WriteProcessMemory(_v244, _t54,  &_v224, 0x10,  &_v228);
                                                                                                                                                                                                                                                        						__eflags = _t44;
                                                                                                                                                                                                                                                        						_t69 = 0x2a;
                                                                                                                                                                                                                                                        						if(_t44 != 0) {
                                                                                                                                                                                                                                                        							__eflags = _v228 - 0x10;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								VirtualProtectEx(_v244, _t54, _v240, 0x20,  &_v232);
                                                                                                                                                                                                                                                        								_t69 = E00BE9630( *_t70, _t65, __eflags, "g_originals", "true", 0xa8);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					E00BEECB0(_v40 ^ _t71, _t65);
                                                                                                                                                                                                                                                        					return _t69;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t69 = 0;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 8)) != 0) {
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}





























                                                                                                                                                                                                                                                        0x00bd6270
                                                                                                                                                                                                                                                        0x00bd627f
                                                                                                                                                                                                                                                        0x00bd6284
                                                                                                                                                                                                                                                        0x00bd628a
                                                                                                                                                                                                                                                        0x00bd6291
                                                                                                                                                                                                                                                        0x00bd62b5
                                                                                                                                                                                                                                                        0x00bd62b7
                                                                                                                                                                                                                                                        0x00bd62c8
                                                                                                                                                                                                                                                        0x00bd62cf
                                                                                                                                                                                                                                                        0x00bd62d1
                                                                                                                                                                                                                                                        0x00bd62e2
                                                                                                                                                                                                                                                        0x00bd62e7
                                                                                                                                                                                                                                                        0x00bd62e9
                                                                                                                                                                                                                                                        0x00bd62eb
                                                                                                                                                                                                                                                        0x00bd6307
                                                                                                                                                                                                                                                        0x00bd630e
                                                                                                                                                                                                                                                        0x00bd6311
                                                                                                                                                                                                                                                        0x00bd6315
                                                                                                                                                                                                                                                        0x00bd632b
                                                                                                                                                                                                                                                        0x00bd6344
                                                                                                                                                                                                                                                        0x00bd634a
                                                                                                                                                                                                                                                        0x00bd634c
                                                                                                                                                                                                                                                        0x00bd634e
                                                                                                                                                                                                                                                        0x00bd6354
                                                                                                                                                                                                                                                        0x00bd6363
                                                                                                                                                                                                                                                        0x00bd636c
                                                                                                                                                                                                                                                        0x00bd636c
                                                                                                                                                                                                                                                        0x00bd6371
                                                                                                                                                                                                                                                        0x00bd6373
                                                                                                                                                                                                                                                        0x00bd6377
                                                                                                                                                                                                                                                        0x00bd637b
                                                                                                                                                                                                                                                        0x00bd6383
                                                                                                                                                                                                                                                        0x00bd6397
                                                                                                                                                                                                                                                        0x00bd63a5
                                                                                                                                                                                                                                                        0x00bd63a9
                                                                                                                                                                                                                                                        0x00bd63b1
                                                                                                                                                                                                                                                        0x00bd63b3
                                                                                                                                                                                                                                                        0x00bd63b5
                                                                                                                                                                                                                                                        0x00bd63cc
                                                                                                                                                                                                                                                        0x00bd63d2
                                                                                                                                                                                                                                                        0x00bd63d4
                                                                                                                                                                                                                                                        0x00bd63d9
                                                                                                                                                                                                                                                        0x00bd63df
                                                                                                                                                                                                                                                        0x00bd63e4
                                                                                                                                                                                                                                                        0x00bd63fa
                                                                                                                                                                                                                                                        0x00bd6416
                                                                                                                                                                                                                                                        0x00bd6416
                                                                                                                                                                                                                                                        0x00bd63e4
                                                                                                                                                                                                                                                        0x00bd63d9
                                                                                                                                                                                                                                                        0x00bd629b
                                                                                                                                                                                                                                                        0x00bd62a4
                                                                                                                                                                                                                                                        0x00bd62b2
                                                                                                                                                                                                                                                        0x00bd62b2
                                                                                                                                                                                                                                                        0x00bd6293
                                                                                                                                                                                                                                                        0x00bd6299
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNEL32(?,00000000,00010000,00002000,00000001,ntdll.dll,NtUnmapViewOfSection,00000001,_TargetNtUnmapViewOfSection@12,00000001,ntdll.dll,NtMapViewOfSection,00000001,_TargetNtMapViewOfSection@44,00000000), ref: 00BD62FE
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNEL32(?,?,-0000104F,00001000,00000040), ref: 00BD6344
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BD6397
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNEL32(?,00000000,?,00000010,?), ref: 00BD63CC
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNEL32(00000010,00000000,?,00000020,?), ref: 00BD63FA
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • g_originals, xrefs: 00BD640C
                                                                                                                                                                                                                                                        • NtMapViewOfSection, xrefs: 00BD62BE
                                                                                                                                                                                                                                                        • thunk_base, xrefs: 00BD6354
                                                                                                                                                                                                                                                        • NtUnmapViewOfSection, xrefs: 00BD62D8
                                                                                                                                                                                                                                                        • _TargetNtMapViewOfSection@44, xrefs: 00BD62B7
                                                                                                                                                                                                                                                        • ntdll.dll, xrefs: 00BD62C3, 00BD62DD
                                                                                                                                                                                                                                                        • _TargetNtUnmapViewOfSection@12, xrefs: 00BD62D1
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/interception.cc, xrefs: 00BD635E
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Virtual$Alloc$MemoryProcessProtectWritememset
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/interception.cc$NtMapViewOfSection$NtUnmapViewOfSection$_TargetNtMapViewOfSection@44$_TargetNtUnmapViewOfSection@12$g_originals$ntdll.dll$thunk_base
                                                                                                                                                                                                                                                        • API String ID: 3767303471-1816357452
                                                                                                                                                                                                                                                        • Opcode ID: 05adbf8d82cfe06e7ed980f4bd1f7bd64cb45543dea7064cff15d3eef9bc7773
                                                                                                                                                                                                                                                        • Instruction ID: f32caef61adbd540ee9436d31114a1df7b95d469e5386a8e51ea992096fa6d12
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 05adbf8d82cfe06e7ed980f4bd1f7bd64cb45543dea7064cff15d3eef9bc7773
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4541B371784309ABE320DF14DC42F6AB7D5EB94B55F10086AF684973D1EBB09808CB62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 80%
                                                                                                                                                                                                                                                        			E00BCB820() {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v296;
                                                                                                                                                                                                                                                        				void _v300;
                                                                                                                                                                                                                                                        				char _v304;
                                                                                                                                                                                                                                                        				int _v308;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __ebp;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				int* _t22;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOW* _t34;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t14 ^ _t35;
                                                                                                                                                                                                                                                        				_t27 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t32 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t16 =  *0xbfb4b0;
                                                                                                                                                                                                                                                        				if( *0xbfb4b0 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t27 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					E00BEE547(_t16, 0xbfb4b0);
                                                                                                                                                                                                                                                        					if( *0xbfb4b0 == 0xffffffff) {
                                                                                                                                                                                                                                                        						memset( &_v300, 0, 0x118);
                                                                                                                                                                                                                                                        						_t34 =  &_v304;
                                                                                                                                                                                                                                                        						_v304 = 0x11c;
                                                                                                                                                                                                                                                        						GetVersionExW(_t34);
                                                                                                                                                                                                                                                        						_t22 =  &_v308;
                                                                                                                                                                                                                                                        						_v308 = 0;
                                                                                                                                                                                                                                                        						__imp__GetProductInfo(_v300, _v296, 0, 0, _t22);
                                                                                                                                                                                                                                                        						_push(0x74);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t33 = _t22;
                                                                                                                                                                                                                                                        						E00BCB920();
                                                                                                                                                                                                                                                        						_t32 = _t34;
                                                                                                                                                                                                                                                        						E00BCB9F0(_v308, _t33, _t34, _t33, _v308);
                                                                                                                                                                                                                                                        						 *0xbfb4ac = _t33;
                                                                                                                                                                                                                                                        						E00BEE599(0xbfb4b0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v20 ^ _t35, _t32);
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bcb82c
                                                                                                                                                                                                                                                        0x00bcb833
                                                                                                                                                                                                                                                        0x00bcb836
                                                                                                                                                                                                                                                        0x00bcb83c
                                                                                                                                                                                                                                                        0x00bcb843
                                                                                                                                                                                                                                                        0x00bcb851
                                                                                                                                                                                                                                                        0x00bcb86d
                                                                                                                                                                                                                                                        0x00bcb87c
                                                                                                                                                                                                                                                        0x00bcb88c
                                                                                                                                                                                                                                                        0x00bcb894
                                                                                                                                                                                                                                                        0x00bcb89a
                                                                                                                                                                                                                                                        0x00bcb8a5
                                                                                                                                                                                                                                                        0x00bcb8ab
                                                                                                                                                                                                                                                        0x00bcb8b1
                                                                                                                                                                                                                                                        0x00bcb8cc
                                                                                                                                                                                                                                                        0x00bcb8d2
                                                                                                                                                                                                                                                        0x00bcb8d4
                                                                                                                                                                                                                                                        0x00bcb8e2
                                                                                                                                                                                                                                                        0x00bcb8e4
                                                                                                                                                                                                                                                        0x00bcb8eb
                                                                                                                                                                                                                                                        0x00bcb8ee
                                                                                                                                                                                                                                                        0x00bcb8f6
                                                                                                                                                                                                                                                        0x00bcb901
                                                                                                                                                                                                                                                        0x00bcb906
                                                                                                                                                                                                                                                        0x00bcb87c
                                                                                                                                                                                                                                                        0x00bcb867

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCB86D
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BCB88C
                                                                                                                                                                                                                                                        • GetVersionExW.KERNEL32(?), ref: 00BCB8A5
                                                                                                                                                                                                                                                        • GetProductInfo.KERNEL32(?,?,00000000,00000000,?), ref: 00BCB8CC
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000074), ref: 00BCB8D4
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCB901
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@InfoInit_thread_footerInit_thread_headerProductVersionmemset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2496309583-0
                                                                                                                                                                                                                                                        • Opcode ID: cd7b80ec20684fdfd30e9659517074e905f2b10be3fa9d4d599f07248e2bc38d
                                                                                                                                                                                                                                                        • Instruction ID: c9898d3d4fffe78a83955fa05252aad06c96fe41768248f458fac23c790bfe7d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cd7b80ec20684fdfd30e9659517074e905f2b10be3fa9d4d599f07248e2bc38d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 742105B1E002589BDB209B61EC47FEE77F8EB08314F0040E8EA0957392EB756A14CF91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 77%
                                                                                                                                                                                                                                                        			E00BB2BD0(void** __ecx, void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v180;
                                                                                                                                                                                                                                                        				char _v184;
                                                                                                                                                                                                                                                        				char _v196;
                                                                                                                                                                                                                                                        				char _v356;
                                                                                                                                                                                                                                                        				int _v364;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				int _t30;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				int _t56;
                                                                                                                                                                                                                                                        				void** _t57;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __eflags;
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t57 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t20 ^ _t58;
                                                                                                                                                                                                                                                        				E00BB2D00( &_v356, __edx, __eflags);
                                                                                                                                                                                                                                                        				E00BB2DD0( &_v356,  &_v180, _t65);
                                                                                                                                                                                                                                                        				E00BB2D00( &_v180,  &_v180, _t65);
                                                                                                                                                                                                                                                        				_t53 =  &_v196;
                                                                                                                                                                                                                                                        				E00BB71B0( &_v180,  &_v196, _t65);
                                                                                                                                                                                                                                                        				if(_v184 != 0 || _v196 == 0) {
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					E00BB2EF0( &_v180);
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t30 = E00BBA900("MOZ_DISABLE_POISON_IO_INTERPOSER=1");
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0x10);
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esi]");
                                                                                                                                                                                                                                                        					_t56 = _t30;
                                                                                                                                                                                                                                                        					asm("movsd [eax], xmm0");
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t56 + 8)) =  *((intOrPtr*)(__ecx + 8));
                                                                                                                                                                                                                                                        					_t32 = CreateToolhelp32Snapshot(8, 0);
                                                                                                                                                                                                                                                        					 *(_t56 + 0xc) = _t32;
                                                                                                                                                                                                                                                        					_v364 = _t56;
                                                                                                                                                                                                                                                        					__imp___beginthreadex(0, 0, E00BBA910, _t56, 0x10000, 0);
                                                                                                                                                                                                                                                        					if(_t32 != 0) {
                                                                                                                                                                                                                                                        						_v364 = 0;
                                                                                                                                                                                                                                                        						CloseHandle(_t32);
                                                                                                                                                                                                                                                        						E00BBA960( &_v364);
                                                                                                                                                                                                                                                        						E00BB2EF0( &_v184);
                                                                                                                                                                                                                                                        						__eflags =  *0xbfa764;
                                                                                                                                                                                                                                                        						if( *0xbfa764 != 0) {
                                                                                                                                                                                                                                                        							L5:
                                                                                                                                                                                                                                                        							E00BB2E50(_t57);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						E00BBA960( &_v364);
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BB2EF0( &_v356);
                                                                                                                                                                                                                                                        				return E00BEECB0(_v16 ^ _t58, _t53);
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bb2bd0
                                                                                                                                                                                                                                                        0x00bb2bde
                                                                                                                                                                                                                                                        0x00bb2be7
                                                                                                                                                                                                                                                        0x00bb2bed
                                                                                                                                                                                                                                                        0x00bb2bf4
                                                                                                                                                                                                                                                        0x00bb2c02
                                                                                                                                                                                                                                                        0x00bb2c10
                                                                                                                                                                                                                                                        0x00bb2c15
                                                                                                                                                                                                                                                        0x00bb2c1e
                                                                                                                                                                                                                                                        0x00bb2c2b
                                                                                                                                                                                                                                                        0x00bb2c93
                                                                                                                                                                                                                                                        0x00bb2c9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2c37
                                                                                                                                                                                                                                                        0x00bb2c3c
                                                                                                                                                                                                                                                        0x00bb2c43
                                                                                                                                                                                                                                                        0x00bb2c4c
                                                                                                                                                                                                                                                        0x00bb2c50
                                                                                                                                                                                                                                                        0x00bb2c52
                                                                                                                                                                                                                                                        0x00bb2c59
                                                                                                                                                                                                                                                        0x00bb2c60
                                                                                                                                                                                                                                                        0x00bb2c65
                                                                                                                                                                                                                                                        0x00bb2c68
                                                                                                                                                                                                                                                        0x00bb2c7d
                                                                                                                                                                                                                                                        0x00bb2c88
                                                                                                                                                                                                                                                        0x00bb2cc4
                                                                                                                                                                                                                                                        0x00bb2ccd
                                                                                                                                                                                                                                                        0x00bb2cd7
                                                                                                                                                                                                                                                        0x00bb2ce3
                                                                                                                                                                                                                                                        0x00bb2ce8
                                                                                                                                                                                                                                                        0x00bb2cef
                                                                                                                                                                                                                                                        0x00bb2c9f
                                                                                                                                                                                                                                                        0x00bb2ca1
                                                                                                                                                                                                                                                        0x00bb2ca1
                                                                                                                                                                                                                                                        0x00bb2c8a
                                                                                                                                                                                                                                                        0x00bb2c8e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2c8e
                                                                                                                                                                                                                                                        0x00bb2c88
                                                                                                                                                                                                                                                        0x00bb2caa
                                                                                                                                                                                                                                                        0x00bb2cc3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2D00: free.MOZGLUE(?), ref: 00BB2D61
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00BB2CCD
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA900: _putenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_DISABLE_POISON_IO_INTERPOSER=1,?,00BB2C41), ref: 00BBA904
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000010), ref: 00BB2C43
                                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 00BB2C60
                                                                                                                                                                                                                                                        • _beginthreadex.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,00000000,00BBA910,00000000,00010000,00000000), ref: 00BB2C7D
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA960: CloseHandle.KERNEL32(?,?,?,00BB2CDC), ref: 00BBA97C
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA960: free.MOZGLUE(?,?,?,00BB2CDC), ref: 00BBA983
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • MOZ_DISABLE_POISON_IO_INTERPOSER=1, xrefs: 00BB2C37
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseHandlefree$CreateSnapshotToolhelp32_beginthreadex_putenvmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: MOZ_DISABLE_POISON_IO_INTERPOSER=1
                                                                                                                                                                                                                                                        • API String ID: 444372769-2110291925
                                                                                                                                                                                                                                                        • Opcode ID: 77c163c5be331c0545eec74fbe2ec272145c7b2636196d30ec9a46d7e0ec0e1e
                                                                                                                                                                                                                                                        • Instruction ID: a35a32d804c6995ba021a702b8882c9c7b47b0938ffea2f4043138cbcc6fd8e0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 77c163c5be331c0545eec74fbe2ec272145c7b2636196d30ec9a46d7e0ec0e1e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC216D30604344ABD725EB25C856BFEBBE5EFC5710F0088A8F489572A1DFB06949D793
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB9890() {
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t1;
                                                                                                                                                                                                                                                        				int _t2;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 = LoadLibraryW(L"kernelbase.dll");
                                                                                                                                                                                                                                                        				 *0xbfa78c = _t1;
                                                                                                                                                                                                                                                        				 *0xbfa790 = 0;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t1 = GetProcAddress(_t1, "MapViewOfFile3");
                                                                                                                                                                                                                                                        					 *0xbfa790 = _t1;
                                                                                                                                                                                                                                                        					if(_t1 == 0) {
                                                                                                                                                                                                                                                        						_t2 = FreeLibrary( *0xbfa78c);
                                                                                                                                                                                                                                                        						 *0xbfa78c = 0;
                                                                                                                                                                                                                                                        						return _t2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bb9898
                                                                                                                                                                                                                                                        0x00bb98a0
                                                                                                                                                                                                                                                        0x00bb98a5
                                                                                                                                                                                                                                                        0x00bb98af
                                                                                                                                                                                                                                                        0x00bb98c7
                                                                                                                                                                                                                                                        0x00bb98c7
                                                                                                                                                                                                                                                        0x00bb98b1
                                                                                                                                                                                                                                                        0x00bb98b7
                                                                                                                                                                                                                                                        0x00bb98bf
                                                                                                                                                                                                                                                        0x00bb98c4
                                                                                                                                                                                                                                                        0x00bb98ce
                                                                                                                                                                                                                                                        0x00bb98d4
                                                                                                                                                                                                                                                        0x00bb98df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb98c4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernelbase.dll,?,00BB9788,?,?,?,?,?,?,?,?,?,?,?,?,00BB95D1), ref: 00BB9898
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,MapViewOfFile3), ref: 00BB98B7
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,00BB9788,?,?,?,?,?,?,?,?,?,?,?,?,00BB95D1,?), ref: 00BB98CE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                        • String ID: MapViewOfFile3$kernelbase.dll
                                                                                                                                                                                                                                                        • API String ID: 145871493-966841072
                                                                                                                                                                                                                                                        • Opcode ID: bc86c9762c308399154c17c6a39f386a12f2a200c694a942e2e639bb21419781
                                                                                                                                                                                                                                                        • Instruction ID: 5c60332457800dcc698a4456e83f842dc8ae5c09407a9206b0ba234eaf0c1e6d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bc86c9762c308399154c17c6a39f386a12f2a200c694a942e2e639bb21419781
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 30E075B05843049FD7156F66BC09B727BF8E705755F1040A5A50DC32A0DFB59854DB11
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BC0120(intOrPtr* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed int _v42;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				union _PROCESSINFOCLASS _v80;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				intOrPtr _t39;
                                                                                                                                                                                                                                                        				signed int _t43;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				short* _t58;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				SIZE_T* _t65;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t66;
                                                                                                                                                                                                                                                        				intOrPtr* _t75;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				short* _t82;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t85;
                                                                                                                                                                                                                                                        				long _t86;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				intOrPtr _t90;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				void* _t94;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t95 = _t94 - 0x28;
                                                                                                                                                                                                                                                        				_t37 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t37 ^ _t92;
                                                                                                                                                                                                                                                        				_t39 =  *((intOrPtr*)(_a8 + 0xc));
                                                                                                                                                                                                                                                        				if(_t39 == 2) {
                                                                                                                                                                                                                                                        					L14:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t92, _t84);
                                                                                                                                                                                                                                                        					return 1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(_t39 != 1) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						E00BB77D5(0x43, _t84, __eflags);
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						_push(_t92);
                                                                                                                                                                                                                                                        						_t93 = _t95;
                                                                                                                                                                                                                                                        						_push(_t85);
                                                                                                                                                                                                                                                        						_t43 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        						_t86 = _v48;
                                                                                                                                                                                                                                                        						_t89 = _v52;
                                                                                                                                                                                                                                                        						_t65 =  &_v80;
                                                                                                                                                                                                                                                        						_v76 = _t43 ^ _t93;
                                                                                                                                                                                                                                                        						_v80 = 0;
                                                                                                                                                                                                                                                        						_t33 = _t86 + 0x10; // 0xbb27f9
                                                                                                                                                                                                                                                        						_t46 = WriteProcessMemory(_t89, _t33, 0x53, 0xc, _t65); // executed
                                                                                                                                                                                                                                                        						__eflags = _t46;
                                                                                                                                                                                                                                                        						if(_t46 != 0) {
                                                                                                                                                                                                                                                        							_v32 = 1;
                                                                                                                                                                                                                                                        							_t87 = _t86 + 0xc;
                                                                                                                                                                                                                                                        							__eflags = _t87;
                                                                                                                                                                                                                                                        							WriteProcessMemory(_t89, _t87,  &_v32, 4, _t65); // executed
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _v24 ^ _t93;
                                                                                                                                                                                                                                                        						return E00BEECB0(_v24 ^ _t93, _t84);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						RtlInitUnicodeString( &_v56, L"kernel32.dll");
                                                                                                                                                                                                                                                        						_t66 =  &_v44;
                                                                                                                                                                                                                                                        						if(NtQueryInformationProcess(0xffffffff, 0, _t66, 0x18,  &_v48) < 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							E00BB77D5(0x4b, _t84, _t108);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t90 =  *((intOrPtr*)(_v40 + 0xc));
                                                                                                                                                                                                                                                        							if(_t90 != 0) {
                                                                                                                                                                                                                                                        								_t85 =  *((intOrPtr*)(_t90 + 0x14));
                                                                                                                                                                                                                                                        								_t91 = _t90 + 0x14;
                                                                                                                                                                                                                                                        								if(_t85 != _t91) {
                                                                                                                                                                                                                                                        									asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t84 =  *((intOrPtr*)(_t85 + 0x20));
                                                                                                                                                                                                                                                        										_t81 = ( *(_t85 + 0x1c) & 0x0000ffff) >> 1;
                                                                                                                                                                                                                                                        										_t58 = _t84 + _t81 * 2 - 2;
                                                                                                                                                                                                                                                        										_t82 = _t58;
                                                                                                                                                                                                                                                        										if(_t81 != 0) {
                                                                                                                                                                                                                                                        											_t82 = _t58;
                                                                                                                                                                                                                                                        											asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        											while( *_t82 != 0x5c) {
                                                                                                                                                                                                                                                        												_t82 = _t82 + 0xfffffffe;
                                                                                                                                                                                                                                                        												if(_t82 >= _t84) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L10;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L10:
                                                                                                                                                                                                                                                        										_t83 = _t82 + 2;
                                                                                                                                                                                                                                                        										_v40 = _t83;
                                                                                                                                                                                                                                                        										_t61 = _t58 - _t83 + 0x00000002 & 0x0000fffe;
                                                                                                                                                                                                                                                        										_v44 = _t61;
                                                                                                                                                                                                                                                        										_v42 = _t61;
                                                                                                                                                                                                                                                        										if(RtlCompareUnicodeString(_t66,  &_v56, 1) != 0) {
                                                                                                                                                                                                                                                        											goto L11;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        										L11:
                                                                                                                                                                                                                                                        										_t85 =  *_t85;
                                                                                                                                                                                                                                                        										_t108 = _t85 - _t91;
                                                                                                                                                                                                                                                        									} while (_t85 != _t91);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_t75 = _a8;
                                                                                                                                                                                                                                                        						_t84 = _t75;
                                                                                                                                                                                                                                                        						_t55 =  *(_t85 + 0x10) & 0xfffffffc;
                                                                                                                                                                                                                                                        						 *_t84 =  *((intOrPtr*)(_t75 + 0x10)) + _t55;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t84 + 4)) =  *((intOrPtr*)(_t84 + 0x14)) + _t55;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t84 + 8)) = _t55 +  *((intOrPtr*)(_t84 + 0x18));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t84 + 0xc)) = 2;
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






































                                                                                                                                                                                                                                                        0x00bc0126
                                                                                                                                                                                                                                                        0x00bc0129
                                                                                                                                                                                                                                                        0x00bc0133
                                                                                                                                                                                                                                                        0x00bc0136
                                                                                                                                                                                                                                                        0x00bc013c
                                                                                                                                                                                                                                                        0x00bc021d
                                                                                                                                                                                                                                                        0x00bc0222
                                                                                                                                                                                                                                                        0x00bc0233
                                                                                                                                                                                                                                                        0x00bc0142
                                                                                                                                                                                                                                                        0x00bc0145
                                                                                                                                                                                                                                                        0x00bc0236
                                                                                                                                                                                                                                                        0x00bc023c
                                                                                                                                                                                                                                                        0x00bc0241
                                                                                                                                                                                                                                                        0x00bc0242
                                                                                                                                                                                                                                                        0x00bc0243
                                                                                                                                                                                                                                                        0x00bc0244
                                                                                                                                                                                                                                                        0x00bc0245
                                                                                                                                                                                                                                                        0x00bc0246
                                                                                                                                                                                                                                                        0x00bc0247
                                                                                                                                                                                                                                                        0x00bc0248
                                                                                                                                                                                                                                                        0x00bc0249
                                                                                                                                                                                                                                                        0x00bc024a
                                                                                                                                                                                                                                                        0x00bc024b
                                                                                                                                                                                                                                                        0x00bc024c
                                                                                                                                                                                                                                                        0x00bc024d
                                                                                                                                                                                                                                                        0x00bc024e
                                                                                                                                                                                                                                                        0x00bc024f
                                                                                                                                                                                                                                                        0x00bc0250
                                                                                                                                                                                                                                                        0x00bc0251
                                                                                                                                                                                                                                                        0x00bc0254
                                                                                                                                                                                                                                                        0x00bc0259
                                                                                                                                                                                                                                                        0x00bc025e
                                                                                                                                                                                                                                                        0x00bc0261
                                                                                                                                                                                                                                                        0x00bc0264
                                                                                                                                                                                                                                                        0x00bc026c
                                                                                                                                                                                                                                                        0x00bc026f
                                                                                                                                                                                                                                                        0x00bc0276
                                                                                                                                                                                                                                                        0x00bc027f
                                                                                                                                                                                                                                                        0x00bc0285
                                                                                                                                                                                                                                                        0x00bc0287
                                                                                                                                                                                                                                                        0x00bc0289
                                                                                                                                                                                                                                                        0x00bc0290
                                                                                                                                                                                                                                                        0x00bc0290
                                                                                                                                                                                                                                                        0x00bc029c
                                                                                                                                                                                                                                                        0x00bc029c
                                                                                                                                                                                                                                                        0x00bc02a5
                                                                                                                                                                                                                                                        0x00bc02b3
                                                                                                                                                                                                                                                        0x00bc014b
                                                                                                                                                                                                                                                        0x00bc0154
                                                                                                                                                                                                                                                        0x00bc015c
                                                                                                                                                                                                                                                        0x00bc016e
                                                                                                                                                                                                                                                        0x00bc01eb
                                                                                                                                                                                                                                                        0x00bc01eb
                                                                                                                                                                                                                                                        0x00bc01f1
                                                                                                                                                                                                                                                        0x00bc0170
                                                                                                                                                                                                                                                        0x00bc0173
                                                                                                                                                                                                                                                        0x00bc0178
                                                                                                                                                                                                                                                        0x00bc017a
                                                                                                                                                                                                                                                        0x00bc017d
                                                                                                                                                                                                                                                        0x00bc0182
                                                                                                                                                                                                                                                        0x00bc0184
                                                                                                                                                                                                                                                        0x00bc0190
                                                                                                                                                                                                                                                        0x00bc0194
                                                                                                                                                                                                                                                        0x00bc0197
                                                                                                                                                                                                                                                        0x00bc0199
                                                                                                                                                                                                                                                        0x00bc01a0
                                                                                                                                                                                                                                                        0x00bc01a2
                                                                                                                                                                                                                                                        0x00bc01a4
                                                                                                                                                                                                                                                        0x00bc01a6
                                                                                                                                                                                                                                                        0x00bc01b0
                                                                                                                                                                                                                                                        0x00bc01b6
                                                                                                                                                                                                                                                        0x00bc01bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc01bb
                                                                                                                                                                                                                                                        0x00bc01b0
                                                                                                                                                                                                                                                        0x00bc01bd
                                                                                                                                                                                                                                                        0x00bc01bd
                                                                                                                                                                                                                                                        0x00bc01c2
                                                                                                                                                                                                                                                        0x00bc01c8
                                                                                                                                                                                                                                                        0x00bc01cd
                                                                                                                                                                                                                                                        0x00bc01d1
                                                                                                                                                                                                                                                        0x00bc01e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc01e5
                                                                                                                                                                                                                                                        0x00bc01e5
                                                                                                                                                                                                                                                        0x00bc01e7
                                                                                                                                                                                                                                                        0x00bc01e7
                                                                                                                                                                                                                                                        0x00bc0190
                                                                                                                                                                                                                                                        0x00bc0182
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0178
                                                                                                                                                                                                                                                        0x00bc01f6
                                                                                                                                                                                                                                                        0x00bc01f6
                                                                                                                                                                                                                                                        0x00bc01fc
                                                                                                                                                                                                                                                        0x00bc0201
                                                                                                                                                                                                                                                        0x00bc0206
                                                                                                                                                                                                                                                        0x00bc020d
                                                                                                                                                                                                                                                        0x00bc0213
                                                                                                                                                                                                                                                        0x00bc0216
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0216
                                                                                                                                                                                                                                                        0x00bc0145

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,kernel32.dll), ref: 00BC0154
                                                                                                                                                                                                                                                        • NtQueryInformationProcess.NTDLL(000000FF,00000000,?,00000018,?), ref: 00BC0167
                                                                                                                                                                                                                                                        • RtlCompareUnicodeString.NTDLL(?,?,00000001), ref: 00BC01DC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: StringUnicode$CompareInformationInitProcessQuery
                                                                                                                                                                                                                                                        • String ID: kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 3041476385-1793498882
                                                                                                                                                                                                                                                        • Opcode ID: e6ea83b8b052373a49d1ab04855202cd85af836241660182395e12306cc1ac5a
                                                                                                                                                                                                                                                        • Instruction ID: 111d92c54a76a79dca76db19416617e6d5a3caf7732d8f6d35ba1c0b4e13774c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e6ea83b8b052373a49d1ab04855202cd85af836241660182395e12306cc1ac5a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A318171A002099BCB18DF68D895FAEB3E5FF58720F2845ADE515AB281EB30DD41C7A4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BB97B0(void* __eflags, void* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				long _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t27 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t27 ^ _t61;
                                                                                                                                                                                                                                                        				_t56 = E00BB94B0();
                                                                                                                                                                                                                                                        				_t30 = 0;
                                                                                                                                                                                                                                                        				if(_a8 != 0) {
                                                                                                                                                                                                                                                        					_t44 = _a16;
                                                                                                                                                                                                                                                        					_t59 = _a12;
                                                                                                                                                                                                                                                        					if(_t59 < _t44) {
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						_push( &_v28);
                                                                                                                                                                                                                                                        						L00BEF8D6();
                                                                                                                                                                                                                                                        						_t30 = 0;
                                                                                                                                                                                                                                                        						_t50 = _v28 % (_t44 - _t59 + _a8) / _t56 * _t56 + _t59;
                                                                                                                                                                                                                                                        						_t60 = _a8;
                                                                                                                                                                                                                                                        						_t45 = _t44 - _t60;
                                                                                                                                                                                                                                                        						if(_t50 <= _t45) {
                                                                                                                                                                                                                                                        							_t57 =  &_v56;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t41 = NtQueryVirtualMemory(_a4, _t50, 0, _t57, 0x1c,  &_v24);
                                                                                                                                                                                                                                                        								if(_t41 < 0) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(_v24 == 0) {
                                                                                                                                                                                                                                                        									L12:
                                                                                                                                                                                                                                                        									_t30 = 0;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t50 = _v56;
                                                                                                                                                                                                                                                        									_t43 = _v44;
                                                                                                                                                                                                                                                        									if(_v40 != 0x10000 || _t43 < _t60) {
                                                                                                                                                                                                                                                        										_t50 = _t50 + _t43;
                                                                                                                                                                                                                                                        										if(_t50 > _t45) {
                                                                                                                                                                                                                                                        											goto L12;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t30 = _t50;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_push(RtlNtStatusToDosError(_t41));
                                                                                                                                                                                                                                                        							L00BEF768();
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L3:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t61, _t50);
                                                                                                                                                                                                                                                        				return _t30;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bb97b9
                                                                                                                                                                                                                                                        0x00bb97c0
                                                                                                                                                                                                                                                        0x00bb97c8
                                                                                                                                                                                                                                                        0x00bb97ca
                                                                                                                                                                                                                                                        0x00bb97d0
                                                                                                                                                                                                                                                        0x00bb97d2
                                                                                                                                                                                                                                                        0x00bb97d5
                                                                                                                                                                                                                                                        0x00bb97da
                                                                                                                                                                                                                                                        0x00bb97df
                                                                                                                                                                                                                                                        0x00bb97e6
                                                                                                                                                                                                                                                        0x00bb97e7
                                                                                                                                                                                                                                                        0x00bb9809
                                                                                                                                                                                                                                                        0x00bb980b
                                                                                                                                                                                                                                                        0x00bb980d
                                                                                                                                                                                                                                                        0x00bb9810
                                                                                                                                                                                                                                                        0x00bb9814
                                                                                                                                                                                                                                                        0x00bb982e
                                                                                                                                                                                                                                                        0x00bb9846
                                                                                                                                                                                                                                                        0x00bb9853
                                                                                                                                                                                                                                                        0x00bb985a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9860
                                                                                                                                                                                                                                                        0x00bb9885
                                                                                                                                                                                                                                                        0x00bb9885
                                                                                                                                                                                                                                                        0x00bb9862
                                                                                                                                                                                                                                                        0x00bb9869
                                                                                                                                                                                                                                                        0x00bb986c
                                                                                                                                                                                                                                                        0x00bb986f
                                                                                                                                                                                                                                                        0x00bb9840
                                                                                                                                                                                                                                                        0x00bb9844
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9875
                                                                                                                                                                                                                                                        0x00bb9875
                                                                                                                                                                                                                                                        0x00bb9875
                                                                                                                                                                                                                                                        0x00bb986f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9860
                                                                                                                                                                                                                                                        0x00bb987f
                                                                                                                                                                                                                                                        0x00bb9880
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9880
                                                                                                                                                                                                                                                        0x00bb9814
                                                                                                                                                                                                                                                        0x00bb97da
                                                                                                                                                                                                                                                        0x00bb9816
                                                                                                                                                                                                                                                        0x00bb981d
                                                                                                                                                                                                                                                        0x00bb982b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB94B0: __Init_thread_header.LIBCMT ref: 00BB94E3
                                                                                                                                                                                                                                                          • Part of subcall function 00BB94B0: GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00BB9450,?,?,00000000,00BB7819), ref: 00BB94F8
                                                                                                                                                                                                                                                          • Part of subcall function 00BB94B0: __Init_thread_footer.LIBCMT ref: 00BB950B
                                                                                                                                                                                                                                                        • rand_s.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 00BB97E7
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(?,00000000,00000000,?,0000001C,?), ref: 00BB9853
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: InfoInit_thread_footerInit_thread_headerMemoryQuerySystemVirtualrand_s
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4054616492-0
                                                                                                                                                                                                                                                        • Opcode ID: bea8c8ca30ec11029a9df5f045bae3f26536651445d2490a084b5a0f4cec229e
                                                                                                                                                                                                                                                        • Instruction ID: b43508db989975f4426b9e3743cc40809ca35013224cbe662b858bfd947d7897
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bea8c8ca30ec11029a9df5f045bae3f26536651445d2490a084b5a0f4cec229e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6021B371F002199BDB14EE65CC85AFF77FAAB89790F148875EA01E7244DBB09D44C6A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BD5880(void* __eax) {
                                                                                                                                                                                                                                                        				HANDLE* _v20;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				signed int _t15;
                                                                                                                                                                                                                                                        				HANDLE* _t16;
                                                                                                                                                                                                                                                        				long _t17;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				HANDLE* _t24;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				HANDLE* _t29;
                                                                                                                                                                                                                                                        				long _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t13 = E00BCBDD0();
                                                                                                                                                                                                                                                        				_t20 = 0;
                                                                                                                                                                                                                                                        				if(_t13 >= 7) {
                                                                                                                                                                                                                                                        					_t15 = GetProcessHeaps(0, 0);
                                                                                                                                                                                                                                                        					_t31 = _t15;
                                                                                                                                                                                                                                                        					_t16 = _t15 * 4;
                                                                                                                                                                                                                                                        					_t27 =  >=  ? _t16 : 0xffffffff;
                                                                                                                                                                                                                                                        					_push( >=  ? _t16 : 0xffffffff);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t34 = _t32 + 4;
                                                                                                                                                                                                                                                        					_t29 = _t16;
                                                                                                                                                                                                                                                        					_t17 = GetProcessHeaps(_t31, _t16);
                                                                                                                                                                                                                                                        					_t20 = 0;
                                                                                                                                                                                                                                                        					if(_t31 != 0 && _t17 == _t31) {
                                                                                                                                                                                                                                                        						_t28 = 0;
                                                                                                                                                                                                                                                        						_t24 = _t29;
                                                                                                                                                                                                                                                        						_v20 = _t29;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t22 =  *_t24;
                                                                                                                                                                                                                                                        							if(_t22 == 0 ||  *((intOrPtr*)(_t22 + 8)) != 0xffeeffee ||  *((intOrPtr*)(_t22 + 0x18)) != _t22 ||  *((intOrPtr*)(_t22 + 0x60)) != 0xeeffeeff) {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t20 = _t28;
                                                                                                                                                                                                                                                        								goto L8;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(( *(_t22 + 0x40) & 0x0000f000) != 0x8000) {
                                                                                                                                                                                                                                                        									_t29 = _v20;
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t29 = _v20;
                                                                                                                                                                                                                                                        									if(_t28 == 0) {
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t20 = 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							_t24 =  &(_t24[1]);
                                                                                                                                                                                                                                                        							_t31 = _t31 - 1;
                                                                                                                                                                                                                                                        							_t28 = _t20;
                                                                                                                                                                                                                                                        						} while (_t31 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L16:
                                                                                                                                                                                                                                                        					_push(_t29);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        					_t32 = _t34 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t20;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bd5887
                                                                                                                                                                                                                                                        0x00bd588c
                                                                                                                                                                                                                                                        0x00bd5891
                                                                                                                                                                                                                                                        0x00bd58a1
                                                                                                                                                                                                                                                        0x00bd58a8
                                                                                                                                                                                                                                                        0x00bd58aa
                                                                                                                                                                                                                                                        0x00bd58b1
                                                                                                                                                                                                                                                        0x00bd58b4
                                                                                                                                                                                                                                                        0x00bd58b5
                                                                                                                                                                                                                                                        0x00bd58ba
                                                                                                                                                                                                                                                        0x00bd58bd
                                                                                                                                                                                                                                                        0x00bd58c1
                                                                                                                                                                                                                                                        0x00bd58c3
                                                                                                                                                                                                                                                        0x00bd58c7
                                                                                                                                                                                                                                                        0x00bd58cd
                                                                                                                                                                                                                                                        0x00bd58cf
                                                                                                                                                                                                                                                        0x00bd58d1
                                                                                                                                                                                                                                                        0x00bd58d4
                                                                                                                                                                                                                                                        0x00bd58e0
                                                                                                                                                                                                                                                        0x00bd58e0
                                                                                                                                                                                                                                                        0x00bd58e4
                                                                                                                                                                                                                                                        0x00bd58f4
                                                                                                                                                                                                                                                        0x00bd58f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5909
                                                                                                                                                                                                                                                        0x00bd5918
                                                                                                                                                                                                                                                        0x00bd5923
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd591a
                                                                                                                                                                                                                                                        0x00bd591a
                                                                                                                                                                                                                                                        0x00bd591f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5921
                                                                                                                                                                                                                                                        0x00bd5928
                                                                                                                                                                                                                                                        0x00bd5928
                                                                                                                                                                                                                                                        0x00bd591f
                                                                                                                                                                                                                                                        0x00bd5918
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd58f6
                                                                                                                                                                                                                                                        0x00bd58f6
                                                                                                                                                                                                                                                        0x00bd58f9
                                                                                                                                                                                                                                                        0x00bd58fa
                                                                                                                                                                                                                                                        0x00bd58fa
                                                                                                                                                                                                                                                        0x00bd58fe
                                                                                                                                                                                                                                                        0x00bd592a
                                                                                                                                                                                                                                                        0x00bd592a
                                                                                                                                                                                                                                                        0x00bd592b
                                                                                                                                                                                                                                                        0x00bd5930
                                                                                                                                                                                                                                                        0x00bd5930
                                                                                                                                                                                                                                                        0x00bd593c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetProcessHeaps.KERNEL32(00000000,00000000), ref: 00BD58A1
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BD58B5
                                                                                                                                                                                                                                                        • GetProcessHeaps.KERNEL32(00000000,00000000), ref: 00BD58C1
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BD592B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HeapsProcess$??2@??3@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3663680098-0
                                                                                                                                                                                                                                                        • Opcode ID: 557d8b3fb411aa387303b267fa7a67957e59e8fccf9938b389f22fe4a6143253
                                                                                                                                                                                                                                                        • Instruction ID: 28b2bb8a9d68c982f2e1947e082b30055c6bda3087ea19347f4f12e775b745b0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 557d8b3fb411aa387303b267fa7a67957e59e8fccf9938b389f22fe4a6143253
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E2112672B00A45CBEB3049A59CD177AB2E9EB90330F5800FBEA048B351F6799C00D291
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateNamedPipeW.KERNEL32(?,?,?,?,?,?,?,00000000,00000008,?), ref: 00BD7862
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD786F
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000003), ref: 00BD7882
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CreateCurrentDuplicateHandleNamedPipeProcess
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2255566786-0
                                                                                                                                                                                                                                                        • Opcode ID: 3f125fa0d08251af3208d23862a822de58053bf1fc7d5f651f4369d5f8eb2529
                                                                                                                                                                                                                                                        • Instruction ID: 9cb4cf311ced9272e95ac37ee75e6c7cbd65bfb495c975621a2b60e167cb3741
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3f125fa0d08251af3208d23862a822de58053bf1fc7d5f651f4369d5f8eb2529
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 27215171A04119AFCB188F64DC59EAF7B65EF09324F110759F92AAB3D0DB31AD10CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNEL32(00000000,00000000,?,00001000,00000004,00000000,?,?,?,?,?,?), ref: 00BEB50B
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?), ref: 00BEB521
                                                                                                                                                                                                                                                        • VirtualFreeEx.KERNEL32(00000000,00000000,00000000,00008000,?,?,?,?,?), ref: 00BEB560
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Virtual$AllocFreeMemoryProcessWrite
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3247110995-0
                                                                                                                                                                                                                                                        • Opcode ID: 5eceafc9b5af2f31f16ad825a84292c562c764de98c1dc6f460c3f380c285f98
                                                                                                                                                                                                                                                        • Instruction ID: 95ba83ad459ae7b8760205e625b26995ce694a70d8ac9d58facb3c84fcb8ad4f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5eceafc9b5af2f31f16ad825a84292c562c764de98c1dc6f460c3f380c285f98
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21115E71641249AFDB209F56AC95FBF3BE8EB55755F5000A8FA09AB280CB709804D7B1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(?,?,00000000,?,0000001C,?), ref: 00BB92C1
                                                                                                                                                                                                                                                        • RtlNtStatusToDosError.NTDLL ref: 00BB92E9
                                                                                                                                                                                                                                                        • RtlSetLastWin32Error.NTDLL(00000000,00000000,?,?,?,?,?,?,00BB88A3,?,00BB8B5C), ref: 00BB92EF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Error$LastMemoryQueryStatusVirtualWin32
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 304294125-0
                                                                                                                                                                                                                                                        • Opcode ID: 9f521ad033c1dd0bfe407ee5d853c4d3a8d99bf8631755554897dca44b4a138a
                                                                                                                                                                                                                                                        • Instruction ID: 966bbe0876f14c35e069dc55febdffd23d91c7d1d3b5c9a7ac6f251a80d8a52d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9f521ad033c1dd0bfe407ee5d853c4d3a8d99bf8631755554897dca44b4a138a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 26F0A4B0D0025AABDF209BA68CC9BFFB7F8EF04304F1040B9E604A6041C7B49984DA91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(000000FF,00BEC053,00000000,?,0000001C,00BEC053), ref: 00BEC7A0
                                                                                                                                                                                                                                                        • RtlNtStatusToDosError.NTDLL ref: 00BEC7C8
                                                                                                                                                                                                                                                        • RtlSetLastWin32Error.NTDLL(00000000,00000000,000000FF,00BEC053,00000000,?,0000001C,00BEC053,?,?,?,?,?,?,00BEC053), ref: 00BEC7CE
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Error$LastMemoryQueryStatusVirtualWin32
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 304294125-0
                                                                                                                                                                                                                                                        • Opcode ID: 831a71000eb27be33f30d765ee6682692bcc221fca464b90e66df854466c3f24
                                                                                                                                                                                                                                                        • Instruction ID: b075eee2ef1eedcb3844bb6f26e47a6547c66942f43d012f5df69cbf3cd073aa
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 831a71000eb27be33f30d765ee6682692bcc221fca464b90e66df854466c3f24
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 10F0C8B0940289ABDF149BA68C86BFF7FFCDB08324F1001B5A811621C1E7749EC5CB61
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(000000FF,?,00000002,04100000,00000418,00000000), ref: 00BC0AD5
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,04100000,000000FF,?,00000002,04100000,00000418,00000000), ref: 00BC0B09
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryQueryVirtualmemmove
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4084461704-0
                                                                                                                                                                                                                                                        • Opcode ID: 5c1c935a1fdd277803bc7c15d83b8cc33cad28c89e7806d1069f502348d0e473
                                                                                                                                                                                                                                                        • Instruction ID: de73612c3307683baae6b27b14e2dbde5bcd07ba93101d7919cf61d32f1e2b36
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5c1c935a1fdd277803bc7c15d83b8cc33cad28c89e7806d1069f502348d0e473
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9411A3B0A002189AD724DF11DD41BABB7F8EF48314F0084ADB65967281E770A988CB99
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(000000FF,?,00000002,?,00000418,00000000), ref: 00BC0A45
                                                                                                                                                                                                                                                        • RtlDuplicateUnicodeString.NTDLL(00000001,?,?), ref: 00BC0A52
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: DuplicateMemoryQueryStringUnicodeVirtual
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1485092074-0
                                                                                                                                                                                                                                                        • Opcode ID: 5686a56e8e1e65fc61c86d5cafa48aa0a10d3e57d180f3218d5c0e64d76ed4a6
                                                                                                                                                                                                                                                        • Instruction ID: 35f3f532a509ac12b8d06a6b97c26249ab1f8589611335291b4b4aedbb15ba0c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5686a56e8e1e65fc61c86d5cafa48aa0a10d3e57d180f3218d5c0e64d76ed4a6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6001A2B07002196BDB209F15DC01FEBBBF8EB84714F0080A8B6186B2C1D6706944CBA8
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 69%
                                                                                                                                                                                                                                                        			E00BB2000(void* __edx, long* _a4, void* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA _v540;
                                                                                                                                                                                                                                                        				intOrPtr _v785;
                                                                                                                                                                                                                                                        				intOrPtr _v788;
                                                                                                                                                                                                                                                        				intOrPtr _v792;
                                                                                                                                                                                                                                                        				intOrPtr _v796;
                                                                                                                                                                                                                                                        				void _v800;
                                                                                                                                                                                                                                                        				char _v1060;
                                                                                                                                                                                                                                                        				void* _v1064;
                                                                                                                                                                                                                                                        				char* _v1068;
                                                                                                                                                                                                                                                        				intOrPtr _v1072;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				char* _t81;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				char* _t86;
                                                                                                                                                                                                                                                        				char* _t87;
                                                                                                                                                                                                                                                        				int _t89;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t91;
                                                                                                                                                                                                                                                        				char* _t93;
                                                                                                                                                                                                                                                        				struct HINSTANCE__** _t95;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t96;
                                                                                                                                                                                                                                                        				int _t100;
                                                                                                                                                                                                                                                        				char* _t101;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t107;
                                                                                                                                                                                                                                                        				struct HINSTANCE__** _t108;
                                                                                                                                                                                                                                                        				intOrPtr _t110;
                                                                                                                                                                                                                                                        				longlong _t112;
                                                                                                                                                                                                                                                        				char* _t122;
                                                                                                                                                                                                                                                        				intOrPtr _t129;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				void* _t135;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t136;
                                                                                                                                                                                                                                                        				long* _t137;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				short* _t140;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t141;
                                                                                                                                                                                                                                                        				int _t142;
                                                                                                                                                                                                                                                        				WCHAR* _t144;
                                                                                                                                                                                                                                                        				void* _t147;
                                                                                                                                                                                                                                                        				int _t149;
                                                                                                                                                                                                                                                        				signed int _t150;
                                                                                                                                                                                                                                                        				void* _t151;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				void* _t154;
                                                                                                                                                                                                                                                        				void* _t155;
                                                                                                                                                                                                                                                        				void* _t157;
                                                                                                                                                                                                                                                        				void* _t158;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t133 = __edx;
                                                                                                                                                                                                                                                        				_t77 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t134 = _a8;
                                                                                                                                                                                                                                                        				_t137 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t77 ^ _t150;
                                                                                                                                                                                                                                                        				if(_t134 == 0) {
                                                                                                                                                                                                                                                        					 *_t137 = 0;
                                                                                                                                                                                                                                                        					L32:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t150, _t133);
                                                                                                                                                                                                                                                        					return _t137;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t81 = strrchr(_t134, 0x5c);
                                                                                                                                                                                                                                                        				_t152 = _t151 + 8;
                                                                                                                                                                                                                                                        				if(_t81 == 0) {
                                                                                                                                                                                                                                                        					_t137 = _a4;
                                                                                                                                                                                                                                                        					 *_t137 = 0;
                                                                                                                                                                                                                                                        					goto L32;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t139 = _t81 - _t134;
                                                                                                                                                                                                                                                        				_t4 = _t139 + 9; // 0x9
                                                                                                                                                                                                                                                        				_t5 = _t139 + 1; // 0x1
                                                                                                                                                                                                                                                        				_t83 = malloc(_t4);
                                                                                                                                                                                                                                                        				_t135 = _t83;
                                                                                                                                                                                                                                                        				memcpy(_t83, _t134, _t5);
                                                                                                                                                                                                                                                        				_t154 = _t152 + 0x10;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t135 + _t139 + 5)) = 0x6c6c64;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t135 + _t139 + 1)) = 0x2e6c7578;
                                                                                                                                                                                                                                                        				_t85 =  *_t135;
                                                                                                                                                                                                                                                        				if( *_t135 == 0) {
                                                                                                                                                                                                                                                        					L33:
                                                                                                                                                                                                                                                        					_t86 =  &_v800;
                                                                                                                                                                                                                                                        					_v785 = 0x747369;
                                                                                                                                                                                                                                                        					_v788 = 0x696c2e73;
                                                                                                                                                                                                                                                        					_v792 = 0x62696c74;
                                                                                                                                                                                                                                                        					_v796 = 0x6e65646e;
                                                                                                                                                                                                                                                        					_v800 = 0x65706564;
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					_v1068 = _t86;
                                                                                                                                                                                                                                                        					_t87 = getenv("MOZ_RUN_GTEST");
                                                                                                                                                                                                                                                        					_t155 = _t154 + 4;
                                                                                                                                                                                                                                                        					if(_t87 != 0) {
                                                                                                                                                                                                                                                        						_t69 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        						_t89 = strlen(_t69);
                                                                                                                                                                                                                                                        						_t155 = _t155 + 4;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t150 + _t89 - 0x31c)) = 0x6574672e;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t150 + _t89 - 0x319)) = 0x747365;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t25 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        					_t140 =  &_v540;
                                                                                                                                                                                                                                                        					_t91 = MultiByteToWideChar(0xfde9, 0, _t25, 0xffffffff, _t140, 0x104);
                                                                                                                                                                                                                                                        					__imp___wfopen(_t140, 0xbf412a);
                                                                                                                                                                                                                                                        					_t154 = _t155 + 8;
                                                                                                                                                                                                                                                        					if(_t91 == 0) {
                                                                                                                                                                                                                                                        						L40:
                                                                                                                                                                                                                                                        						_t137 = _a4;
                                                                                                                                                                                                                                                        						 *_t137 = 0;
                                                                                                                                                                                                                                                        						if(_t135 != 0) {
                                                                                                                                                                                                                                                        							goto L31;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t141 = _t91;
                                                                                                                                                                                                                                                        						_t122 =  &_v1060;
                                                                                                                                                                                                                                                        						_v1064 = _t135;
                                                                                                                                                                                                                                                        						 *_v1068 = 0;
                                                                                                                                                                                                                                                        						_t93 = fgets(_t122, 0x104, _t141);
                                                                                                                                                                                                                                                        						_t157 = _t154 + 0xc;
                                                                                                                                                                                                                                                        						if(_t93 == 0) {
                                                                                                                                                                                                                                                        							L28:
                                                                                                                                                                                                                                                        							fclose(_t141);
                                                                                                                                                                                                                                                        							_t154 = _t157 + 4;
                                                                                                                                                                                                                                                        							_t95 =  *0xbfa75c; // 0x0
                                                                                                                                                                                                                                                        							_t96 = GetProcAddress( *_t95, "XRE_GetBootstrap");
                                                                                                                                                                                                                                                        							if(_t96 == 0) {
                                                                                                                                                                                                                                                        								_t137 = _a4;
                                                                                                                                                                                                                                                        								 *_t137 = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v540.dwOSVersionInfoSize = 0;
                                                                                                                                                                                                                                                        								 *_t96( &_v540);
                                                                                                                                                                                                                                                        								_t154 = _t154 + 4;
                                                                                                                                                                                                                                                        								_t137 = _a4;
                                                                                                                                                                                                                                                        								 *_t137 = _v540.dwOSVersionInfoSize;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t135 = _v1064;
                                                                                                                                                                                                                                                        							if(_t135 != 0) {
                                                                                                                                                                                                                                                        								L31:
                                                                                                                                                                                                                                                        								free(_t135);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L32;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t31 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        						_v1072 = _v1068 - _t31;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t136 = _t141;
                                                                                                                                                                                                                                                        							_t100 = strlen(_t122);
                                                                                                                                                                                                                                                        							_t158 = _t157 + 4;
                                                                                                                                                                                                                                                        							if(_t100 != 0 && _v1060 != 0x23) {
                                                                                                                                                                                                                                                        								_t129 =  *0xbfa760; // 0x6020000
                                                                                                                                                                                                                                                        								_t142 = _t100;
                                                                                                                                                                                                                                                        								if(_t129 > 0x9ffffff) {
                                                                                                                                                                                                                                                        									L46:
                                                                                                                                                                                                                                                        									if(_v1060 != 0x2d697061) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										if( *((char*)(_t142 + _t122 - 1)) != 0xa) {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											if(_t142 + _v1072 > 0x104) {
                                                                                                                                                                                                                                                        												L39:
                                                                                                                                                                                                                                                        												fclose(_t136);
                                                                                                                                                                                                                                                        												_t154 = _t158 + 4;
                                                                                                                                                                                                                                                        												_t135 = _v1064;
                                                                                                                                                                                                                                                        												goto L40;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											strcpy(_v1068, _t122);
                                                                                                                                                                                                                                                        											_t158 = _t158 + 8;
                                                                                                                                                                                                                                                        											_t144 =  &_v540;
                                                                                                                                                                                                                                                        											_t41 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        											MultiByteToWideChar(0xfde9, 0, _t41, 0xffffffff, _t144, 0x104);
                                                                                                                                                                                                                                                        											if(_a12 == 1) {
                                                                                                                                                                                                                                                        												E00BB1D50(_t122, _t133, _t136, _t144);
                                                                                                                                                                                                                                                        												_t158 = _t158 + 4;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t107 = LoadLibraryExW(_t144, 0, 8);
                                                                                                                                                                                                                                                        											if(_t107 == 0) {
                                                                                                                                                                                                                                                        												_t108 =  *0xbfa75c; // 0x0
                                                                                                                                                                                                                                                        												if(_t108 == 0) {
                                                                                                                                                                                                                                                        													goto L39;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													FreeLibrary( *_t108);
                                                                                                                                                                                                                                                        													_t130 =  *0xbfa75c; // 0x0
                                                                                                                                                                                                                                                        													_t108 =  *(_t130 + 4);
                                                                                                                                                                                                                                                        													 *0xbfa75c = _t108;
                                                                                                                                                                                                                                                        													if(_t130 != 0) {
                                                                                                                                                                                                                                                        														free(_t130);
                                                                                                                                                                                                                                                        														_t158 = _t158 + 4;
                                                                                                                                                                                                                                                        														_t108 =  *0xbfa75c; // 0x0
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} while (_t108 != 0);
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__imp__moz_xmalloc(8);
                                                                                                                                                                                                                                                        												_t158 = _t158 + 4;
                                                                                                                                                                                                                                                        												_t131 =  *0xbfa75c; // 0x0
                                                                                                                                                                                                                                                        												 *0xbfa75c = _t107;
                                                                                                                                                                                                                                                        												 *(_t107 + 4) = _t131;
                                                                                                                                                                                                                                                        												_t107->i = _t107;
                                                                                                                                                                                                                                                        												goto L22;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										 *((char*)(_t150 + _t142 - 0x421)) = 0;
                                                                                                                                                                                                                                                        										goto L18;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L22;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110 =  *0xbfa038; // 0xffffffff
                                                                                                                                                                                                                                                        								if(_t110 >= 0xa000001) {
                                                                                                                                                                                                                                                        									_t112 = memset( &(_v540.dwBuildNumber), 0, 0x90);
                                                                                                                                                                                                                                                        									_t158 = _t158 + 0xc;
                                                                                                                                                                                                                                                        									_v540.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        									_v540.dwMajorVersion = 0xa;
                                                                                                                                                                                                                                                        									_v540.dwMinorVersion = 0;
                                                                                                                                                                                                                                                        									_v540.wServicePackMajor = 0;
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(0, 0, 2, 3);
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(_t112, _t133, 1, 3);
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(_t112, _t133, 0x20, 3);
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(_t112, _t133, 0x10, 3);
                                                                                                                                                                                                                                                        									_push(_t133);
                                                                                                                                                                                                                                                        									if(VerifyVersionInfoA( &_v540, 0x33, _t112) != 0) {
                                                                                                                                                                                                                                                        										 *0xbfa760 = 0xa000000;
                                                                                                                                                                                                                                                        										goto L46;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *0xbfa038 = 0xa000000;
                                                                                                                                                                                                                                                        									if( *((char*)(_t142 + _t122 - 1)) == 0xa) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L16;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							_t141 = _t136;
                                                                                                                                                                                                                                                        							_t101 = fgets(_t122, 0x104, _t136);
                                                                                                                                                                                                                                                        							_t157 = _t158 + 0xc;
                                                                                                                                                                                                                                                        						} while (_t101 != 0);
                                                                                                                                                                                                                                                        						goto L28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t147 = 0;
                                                                                                                                                                                                                                                        				_t132 = _t135;
                                                                                                                                                                                                                                                        				asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        				do {
                                                                                                                                                                                                                                                        					_t148 =  ==  ? _t132 : _t147;
                                                                                                                                                                                                                                                        					_t85 =  *(_t132 + 1) & 0x000000ff;
                                                                                                                                                                                                                                                        					_t147 =  ==  ? _t132 :  ==  ? _t132 : _t147;
                                                                                                                                                                                                                                                        					_t132 = _t132 + 1;
                                                                                                                                                                                                                                                        				} while (_t85 != 0);
                                                                                                                                                                                                                                                        				if(_t147 == 0) {
                                                                                                                                                                                                                                                        					goto L33;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t149 = _t147 - _t135;
                                                                                                                                                                                                                                                        				if(_t149 > 0xf0) {
                                                                                                                                                                                                                                                        					goto L40;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				memcpy( &_v800, _t135, _t149);
                                                                                                                                                                                                                                                        				_t154 = _t154 + 0xc;
                                                                                                                                                                                                                                                        				_t86 = _t150 + _t149 - 0x31b;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t150 + _t149 - 0x31c)) = 0x7065645c;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t150 + _t149 - 0x318)) = 0x65646e65;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t150 + _t149 - 0x314)) = 0x696c746e;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t150 + _t149 - 0x310)) = 0x6c2e7362;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t150 + _t149 - 0x30c)) = 0x747369;
                                                                                                                                                                                                                                                        				goto L8;
                                                                                                                                                                                                                                                        			}
























































                                                                                                                                                                                                                                                        0x00bb2000
                                                                                                                                                                                                                                                        0x00bb200c
                                                                                                                                                                                                                                                        0x00bb2011
                                                                                                                                                                                                                                                        0x00bb2014
                                                                                                                                                                                                                                                        0x00bb201b
                                                                                                                                                                                                                                                        0x00bb201e
                                                                                                                                                                                                                                                        0x00bb243b
                                                                                                                                                                                                                                                        0x00bb2383
                                                                                                                                                                                                                                                        0x00bb2388
                                                                                                                                                                                                                                                        0x00bb2399
                                                                                                                                                                                                                                                        0x00bb2399
                                                                                                                                                                                                                                                        0x00bb2027
                                                                                                                                                                                                                                                        0x00bb202c
                                                                                                                                                                                                                                                        0x00bb2031
                                                                                                                                                                                                                                                        0x00bb2446
                                                                                                                                                                                                                                                        0x00bb2449
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2449
                                                                                                                                                                                                                                                        0x00bb2039
                                                                                                                                                                                                                                                        0x00bb203b
                                                                                                                                                                                                                                                        0x00bb203e
                                                                                                                                                                                                                                                        0x00bb2042
                                                                                                                                                                                                                                                        0x00bb204d
                                                                                                                                                                                                                                                        0x00bb2050
                                                                                                                                                                                                                                                        0x00bb2055
                                                                                                                                                                                                                                                        0x00bb2058
                                                                                                                                                                                                                                                        0x00bb2060
                                                                                                                                                                                                                                                        0x00bb2068
                                                                                                                                                                                                                                                        0x00bb206c
                                                                                                                                                                                                                                                        0x00bb239a
                                                                                                                                                                                                                                                        0x00bb239a
                                                                                                                                                                                                                                                        0x00bb23a0
                                                                                                                                                                                                                                                        0x00bb23aa
                                                                                                                                                                                                                                                        0x00bb23b4
                                                                                                                                                                                                                                                        0x00bb23be
                                                                                                                                                                                                                                                        0x00bb23c8
                                                                                                                                                                                                                                                        0x00bb20f8
                                                                                                                                                                                                                                                        0x00bb20f8
                                                                                                                                                                                                                                                        0x00bb2103
                                                                                                                                                                                                                                                        0x00bb2109
                                                                                                                                                                                                                                                        0x00bb210e
                                                                                                                                                                                                                                                        0x00bb2454
                                                                                                                                                                                                                                                        0x00bb245b
                                                                                                                                                                                                                                                        0x00bb2460
                                                                                                                                                                                                                                                        0x00bb2463
                                                                                                                                                                                                                                                        0x00bb246e
                                                                                                                                                                                                                                                        0x00bb246e
                                                                                                                                                                                                                                                        0x00bb2114
                                                                                                                                                                                                                                                        0x00bb211a
                                                                                                                                                                                                                                                        0x00bb2130
                                                                                                                                                                                                                                                        0x00bb213c
                                                                                                                                                                                                                                                        0x00bb2142
                                                                                                                                                                                                                                                        0x00bb2147
                                                                                                                                                                                                                                                        0x00bb2425
                                                                                                                                                                                                                                                        0x00bb2425
                                                                                                                                                                                                                                                        0x00bb2428
                                                                                                                                                                                                                                                        0x00bb2430
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb214d
                                                                                                                                                                                                                                                        0x00bb214d
                                                                                                                                                                                                                                                        0x00bb2155
                                                                                                                                                                                                                                                        0x00bb215b
                                                                                                                                                                                                                                                        0x00bb2161
                                                                                                                                                                                                                                                        0x00bb216b
                                                                                                                                                                                                                                                        0x00bb2171
                                                                                                                                                                                                                                                        0x00bb2176
                                                                                                                                                                                                                                                        0x00bb232a
                                                                                                                                                                                                                                                        0x00bb232b
                                                                                                                                                                                                                                                        0x00bb2331
                                                                                                                                                                                                                                                        0x00bb2334
                                                                                                                                                                                                                                                        0x00bb2340
                                                                                                                                                                                                                                                        0x00bb2348
                                                                                                                                                                                                                                                        0x00bb249e
                                                                                                                                                                                                                                                        0x00bb24a1
                                                                                                                                                                                                                                                        0x00bb234e
                                                                                                                                                                                                                                                        0x00bb2354
                                                                                                                                                                                                                                                        0x00bb235f
                                                                                                                                                                                                                                                        0x00bb2361
                                                                                                                                                                                                                                                        0x00bb2364
                                                                                                                                                                                                                                                        0x00bb236d
                                                                                                                                                                                                                                                        0x00bb236d
                                                                                                                                                                                                                                                        0x00bb236f
                                                                                                                                                                                                                                                        0x00bb2377
                                                                                                                                                                                                                                                        0x00bb2379
                                                                                                                                                                                                                                                        0x00bb237a
                                                                                                                                                                                                                                                        0x00bb2380
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2377
                                                                                                                                                                                                                                                        0x00bb2182
                                                                                                                                                                                                                                                        0x00bb218a
                                                                                                                                                                                                                                                        0x00bb2190
                                                                                                                                                                                                                                                        0x00bb2190
                                                                                                                                                                                                                                                        0x00bb2193
                                                                                                                                                                                                                                                        0x00bb2198
                                                                                                                                                                                                                                                        0x00bb219d
                                                                                                                                                                                                                                                        0x00bb21b0
                                                                                                                                                                                                                                                        0x00bb21b6
                                                                                                                                                                                                                                                        0x00bb21be
                                                                                                                                                                                                                                                        0x00bb2489
                                                                                                                                                                                                                                                        0x00bb2493
                                                                                                                                                                                                                                                        0x00bb21d4
                                                                                                                                                                                                                                                        0x00bb21d9
                                                                                                                                                                                                                                                        0x00bb21e3
                                                                                                                                                                                                                                                        0x00bb21ef
                                                                                                                                                                                                                                                        0x00bb2415
                                                                                                                                                                                                                                                        0x00bb2416
                                                                                                                                                                                                                                                        0x00bb241c
                                                                                                                                                                                                                                                        0x00bb241f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb241f
                                                                                                                                                                                                                                                        0x00bb21fc
                                                                                                                                                                                                                                                        0x00bb2201
                                                                                                                                                                                                                                                        0x00bb2209
                                                                                                                                                                                                                                                        0x00bb2212
                                                                                                                                                                                                                                                        0x00bb2220
                                                                                                                                                                                                                                                        0x00bb222a
                                                                                                                                                                                                                                                        0x00bb227c
                                                                                                                                                                                                                                                        0x00bb2281
                                                                                                                                                                                                                                                        0x00bb2281
                                                                                                                                                                                                                                                        0x00bb2231
                                                                                                                                                                                                                                                        0x00bb2239
                                                                                                                                                                                                                                                        0x00bb23d7
                                                                                                                                                                                                                                                        0x00bb23de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb23f2
                                                                                                                                                                                                                                                        0x00bb23f4
                                                                                                                                                                                                                                                        0x00bb23f6
                                                                                                                                                                                                                                                        0x00bb23fc
                                                                                                                                                                                                                                                        0x00bb2401
                                                                                                                                                                                                                                                        0x00bb2406
                                                                                                                                                                                                                                                        0x00bb2409
                                                                                                                                                                                                                                                        0x00bb240b
                                                                                                                                                                                                                                                        0x00bb240e
                                                                                                                                                                                                                                                        0x00bb240e
                                                                                                                                                                                                                                                        0x00bb23ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb223f
                                                                                                                                                                                                                                                        0x00bb2243
                                                                                                                                                                                                                                                        0x00bb2249
                                                                                                                                                                                                                                                        0x00bb224c
                                                                                                                                                                                                                                                        0x00bb2252
                                                                                                                                                                                                                                                        0x00bb2257
                                                                                                                                                                                                                                                        0x00bb225a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb225a
                                                                                                                                                                                                                                                        0x00bb2239
                                                                                                                                                                                                                                                        0x00bb21db
                                                                                                                                                                                                                                                        0x00bb21db
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb21db
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2499
                                                                                                                                                                                                                                                        0x00bb21c4
                                                                                                                                                                                                                                                        0x00bb21ce
                                                                                                                                                                                                                                                        0x00bb2294
                                                                                                                                                                                                                                                        0x00bb2299
                                                                                                                                                                                                                                                        0x00bb229c
                                                                                                                                                                                                                                                        0x00bb22a6
                                                                                                                                                                                                                                                        0x00bb22b0
                                                                                                                                                                                                                                                        0x00bb22ba
                                                                                                                                                                                                                                                        0x00bb22cc
                                                                                                                                                                                                                                                        0x00bb22d8
                                                                                                                                                                                                                                                        0x00bb22e4
                                                                                                                                                                                                                                                        0x00bb22f0
                                                                                                                                                                                                                                                        0x00bb22f6
                                                                                                                                                                                                                                                        0x00bb2309
                                                                                                                                                                                                                                                        0x00bb2483
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2483
                                                                                                                                                                                                                                                        0x00bb2314
                                                                                                                                                                                                                                                        0x00bb231f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2325
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb21ce
                                                                                                                                                                                                                                                        0x00bb225c
                                                                                                                                                                                                                                                        0x00bb225c
                                                                                                                                                                                                                                                        0x00bb2265
                                                                                                                                                                                                                                                        0x00bb226b
                                                                                                                                                                                                                                                        0x00bb226e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2276
                                                                                                                                                                                                                                                        0x00bb2147
                                                                                                                                                                                                                                                        0x00bb2072
                                                                                                                                                                                                                                                        0x00bb2074
                                                                                                                                                                                                                                                        0x00bb2076
                                                                                                                                                                                                                                                        0x00bb2080
                                                                                                                                                                                                                                                        0x00bb2082
                                                                                                                                                                                                                                                        0x00bb2087
                                                                                                                                                                                                                                                        0x00bb208b
                                                                                                                                                                                                                                                        0x00bb208e
                                                                                                                                                                                                                                                        0x00bb208f
                                                                                                                                                                                                                                                        0x00bb2095
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb209b
                                                                                                                                                                                                                                                        0x00bb20a3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb20b2
                                                                                                                                                                                                                                                        0x00bb20b7
                                                                                                                                                                                                                                                        0x00bb20ba
                                                                                                                                                                                                                                                        0x00bb20c1
                                                                                                                                                                                                                                                        0x00bb20cc
                                                                                                                                                                                                                                                        0x00bb20d7
                                                                                                                                                                                                                                                        0x00bb20e2
                                                                                                                                                                                                                                                        0x00bb20ed
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • strrchr.VCRUNTIME140(?,0000005C), ref: 00BB2027
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000009), ref: 00BB2042
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000001), ref: 00BB2050
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,00000000), ref: 00BB20B2
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_RUN_GTEST), ref: 00BB2103
                                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,\dependentlibs.list,000000FF,?,00000104), ref: 00BB2130
                                                                                                                                                                                                                                                        • _wfopen.API-MS-WIN-CRT-STDIO-L1-1-0(?,00BF412A), ref: 00BB213C
                                                                                                                                                                                                                                                        • fgets.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000104,00000000), ref: 00BB216B
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB2193
                                                                                                                                                                                                                                                        • strcpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 00BB21FC
                                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,\dependentlibs.list,000000FF,?,00000104), ref: 00BB2220
                                                                                                                                                                                                                                                        • LoadLibraryExW.KERNEL32(?,00000000,00000008), ref: 00BB2231
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000008), ref: 00BB2243
                                                                                                                                                                                                                                                        • fgets.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000104,00000000), ref: 00BB2265
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB2294
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BB22CC
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BB22D8
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BB22E4
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BB22F0
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000033,00000000), ref: 00BB2301
                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 00BB232B
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,XRE_GetBootstrap), ref: 00BB2340
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB237A
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(00000000), ref: 00BB23F4
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB2409
                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 00BB2416
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(\dependentlibs.list), ref: 00BB245B
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ConditionMask$ByteCharLibraryMultiWidefclosefgetsfreememcpystrlen$AddressFreeInfoLoadProcVerifyVersion_wfopengetenvmallocmemsetmoz_xmallocstrcpystrrchr
                                                                                                                                                                                                                                                        • String ID: MOZ_RUN_GTEST$XRE_GetBootstrap$\dependentlibs.list$api-$dll$xul.
                                                                                                                                                                                                                                                        • API String ID: 197452271-3346686870
                                                                                                                                                                                                                                                        • Opcode ID: 87a0e1fdfdcb57621b849baf6e8c7398d495f4f09eb398175b071afef09b5feb
                                                                                                                                                                                                                                                        • Instruction ID: 4cc96221f1adaa7e6bc1b704483aa84190db70ac2e8d79af2d2792cb525aac52
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 87a0e1fdfdcb57621b849baf6e8c7398d495f4f09eb398175b071afef09b5feb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BAC192B1A403199FDB219F24DC45BFA7BF8EB04704F0441E8E909AB291DBB49E85CF95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BD78C0(void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t33;
                                                                                                                                                                                                                                                        				intOrPtr _t34;
                                                                                                                                                                                                                                                        				intOrPtr _t37;
                                                                                                                                                                                                                                                        				intOrPtr _t38;
                                                                                                                                                                                                                                                        				intOrPtr _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t40;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t42;
                                                                                                                                                                                                                                                        				intOrPtr _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				intOrPtr _t48;
                                                                                                                                                                                                                                                        				intOrPtr _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t50;
                                                                                                                                                                                                                                                        				intOrPtr _t51;
                                                                                                                                                                                                                                                        				intOrPtr _t52;
                                                                                                                                                                                                                                                        				intOrPtr _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t54;
                                                                                                                                                                                                                                                        				intOrPtr _t55;
                                                                                                                                                                                                                                                        				intOrPtr _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t58;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				signed int _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t90 = __eflags;
                                                                                                                                                                                                                                                        				_t31 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v12 = _t31 ^ _t89;
                                                                                                                                                                                                                                                        				_t33 = GetModuleHandleW(L"ntdll.dll");
                                                                                                                                                                                                                                                        				_v20 = 0xbf0f50;
                                                                                                                                                                                                                                                        				_v16 = _t33;
                                                                                                                                                                                                                                                        				_t34 = E00BCAA70(_t33,  &_v20, _t88, _t90, "NtAllocateVirtualMemory");
                                                                                                                                                                                                                                                        				_t91 = _t34;
                                                                                                                                                                                                                                                        				 *0xbfb61c = _t34;
                                                                                                                                                                                                                                                        				if(_t34 == 0) {
                                                                                                                                                                                                                                                        					L24:
                                                                                                                                                                                                                                                        					_t61 = 0;
                                                                                                                                                                                                                                                        					__eflags = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t37 = E00BCAA70(_t34,  &_v20, _t88, _t91, "NtClose");
                                                                                                                                                                                                                                                        					_t92 = _t37;
                                                                                                                                                                                                                                                        					 *0xbfb620 = _t37;
                                                                                                                                                                                                                                                        					if(_t37 == 0) {
                                                                                                                                                                                                                                                        						goto L24;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t38 = E00BCAA70(_t37,  &_v20, _t88, _t92, "NtDuplicateObject");
                                                                                                                                                                                                                                                        						_t93 = _t38;
                                                                                                                                                                                                                                                        						 *0xbfb624 = _t38;
                                                                                                                                                                                                                                                        						if(_t38 == 0) {
                                                                                                                                                                                                                                                        							goto L24;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t39 = E00BCAA70(_t38,  &_v20, _t88, _t93, "NtFreeVirtualMemory");
                                                                                                                                                                                                                                                        							_t94 = _t39;
                                                                                                                                                                                                                                                        							 *0xbfb628 = _t39;
                                                                                                                                                                                                                                                        							if(_t39 == 0) {
                                                                                                                                                                                                                                                        								goto L24;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t40 = E00BCAA70(_t39,  &_v20, _t88, _t94, "NtMapViewOfSection");
                                                                                                                                                                                                                                                        								_t95 = _t40;
                                                                                                                                                                                                                                                        								 *0xbfb62c = _t40;
                                                                                                                                                                                                                                                        								if(_t40 == 0) {
                                                                                                                                                                                                                                                        									goto L24;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t41 = E00BCAA70(_t40,  &_v20, _t88, _t95, "NtProtectVirtualMemory");
                                                                                                                                                                                                                                                        									_t96 = _t41;
                                                                                                                                                                                                                                                        									 *0xbfb630 = _t41;
                                                                                                                                                                                                                                                        									if(_t41 == 0) {
                                                                                                                                                                                                                                                        										goto L24;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t42 = E00BCAA70(_t41,  &_v20, _t88, _t96, "NtQueryInformationProcess");
                                                                                                                                                                                                                                                        										_t97 = _t42;
                                                                                                                                                                                                                                                        										 *0xbfb634 = _t42;
                                                                                                                                                                                                                                                        										if(_t42 == 0) {
                                                                                                                                                                                                                                                        											goto L24;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t43 = E00BCAA70(_t42,  &_v20, _t88, _t97, "NtQueryObject");
                                                                                                                                                                                                                                                        											_t98 = _t43;
                                                                                                                                                                                                                                                        											 *0xbfb638 = _t43;
                                                                                                                                                                                                                                                        											if(_t43 == 0) {
                                                                                                                                                                                                                                                        												goto L24;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t44 = E00BCAA70(_t43,  &_v20, _t88, _t98, "NtQuerySection");
                                                                                                                                                                                                                                                        												_t99 = _t44;
                                                                                                                                                                                                                                                        												 *0xbfb63c = _t44;
                                                                                                                                                                                                                                                        												if(_t44 == 0) {
                                                                                                                                                                                                                                                        													goto L24;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t45 = E00BCAA70(_t44,  &_v20, _t88, _t99, "NtQueryVirtualMemory");
                                                                                                                                                                                                                                                        													_t100 = _t45;
                                                                                                                                                                                                                                                        													 *0xbfb640 = _t45;
                                                                                                                                                                                                                                                        													if(_t45 == 0) {
                                                                                                                                                                                                                                                        														goto L24;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t46 = E00BCAA70(_t45,  &_v20, _t88, _t100, "NtUnmapViewOfSection");
                                                                                                                                                                                                                                                        														_t101 = _t46;
                                                                                                                                                                                                                                                        														 *0xbfb644 = _t46;
                                                                                                                                                                                                                                                        														if(_t46 == 0) {
                                                                                                                                                                                                                                                        															goto L24;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t47 = E00BCAA70(_t46,  &_v20, _t88, _t101, "NtSignalAndWaitForSingleObject");
                                                                                                                                                                                                                                                        															_t102 = _t47;
                                                                                                                                                                                                                                                        															 *0xbfb648 = _t47;
                                                                                                                                                                                                                                                        															if(_t47 == 0) {
                                                                                                                                                                                                                                                        																goto L24;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t48 = E00BCAA70(_t47,  &_v20, _t88, _t102, "NtWaitForSingleObject");
                                                                                                                                                                                                                                                        																_t103 = _t48;
                                                                                                                                                                                                                                                        																 *0xbfb64c = _t48;
                                                                                                                                                                                                                                                        																if(_t48 == 0) {
                                                                                                                                                                                                                                                        																	goto L24;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t49 = E00BCAA70(_t48,  &_v20, _t88, _t103, "RtlAllocateHeap");
                                                                                                                                                                                                                                                        																	_t104 = _t49;
                                                                                                                                                                                                                                                        																	 *0xbfb650 = _t49;
                                                                                                                                                                                                                                                        																	if(_t49 == 0) {
                                                                                                                                                                                                                                                        																		goto L24;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t50 = E00BCAA70(_t49,  &_v20, _t88, _t104, "RtlAnsiStringToUnicodeString");
                                                                                                                                                                                                                                                        																		_t105 = _t50;
                                                                                                                                                                                                                                                        																		 *0xbfb654 = _t50;
                                                                                                                                                                                                                                                        																		if(_t50 == 0) {
                                                                                                                                                                                                                                                        																			goto L24;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t51 = E00BCAA70(_t50,  &_v20, _t88, _t105, "RtlCompareUnicodeString");
                                                                                                                                                                                                                                                        																			_t106 = _t51;
                                                                                                                                                                                                                                                        																			 *0xbfb658 = _t51;
                                                                                                                                                                                                                                                        																			if(_t51 == 0) {
                                                                                                                                                                                                                                                        																				goto L24;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t52 = E00BCAA70(_t51,  &_v20, _t88, _t106, "RtlCreateHeap");
                                                                                                                                                                                                                                                        																				_t107 = _t52;
                                                                                                                                                                                                                                                        																				 *0xbfb65c = _t52;
                                                                                                                                                                                                                                                        																				if(_t52 == 0) {
                                                                                                                                                                                                                                                        																					goto L24;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t53 = E00BCAA70(_t52,  &_v20, _t88, _t107, "RtlCreateUserThread");
                                                                                                                                                                                                                                                        																					_t108 = _t53;
                                                                                                                                                                                                                                                        																					 *0xbfb660 = _t53;
                                                                                                                                                                                                                                                        																					if(_t53 == 0) {
                                                                                                                                                                                                                                                        																						goto L24;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t54 = E00BCAA70(_t53,  &_v20, _t88, _t108, "RtlDestroyHeap");
                                                                                                                                                                                                                                                        																						_t109 = _t54;
                                                                                                                                                                                                                                                        																						 *0xbfb664 = _t54;
                                                                                                                                                                                                                                                        																						if(_t54 == 0) {
                                                                                                                                                                                                                                                        																							goto L24;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							_t55 = E00BCAA70(_t54,  &_v20, _t88, _t109, "RtlFreeHeap");
                                                                                                                                                                                                                                                        																							_t110 = _t55;
                                                                                                                                                                                                                                                        																							 *0xbfb668 = _t55;
                                                                                                                                                                                                                                                        																							if(_t55 == 0) {
                                                                                                                                                                                                                                                        																								goto L24;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								_t56 = E00BCAA70(_t55,  &_v20, _t88, _t110, "_strnicmp");
                                                                                                                                                                                                                                                        																								_t111 = _t56;
                                                                                                                                                                                                                                                        																								 *0xbfb66c = _t56;
                                                                                                                                                                                                                                                        																								if(_t56 == 0) {
                                                                                                                                                                                                                                                        																									goto L24;
                                                                                                                                                                                                                                                        																								} else {
                                                                                                                                                                                                                                                        																									_t57 = E00BCAA70(_t56,  &_v20, _t88, _t111, "strlen");
                                                                                                                                                                                                                                                        																									_t112 = _t57;
                                                                                                                                                                                                                                                        																									 *0xbfb670 = _t57;
                                                                                                                                                                                                                                                        																									if(_t57 == 0) {
                                                                                                                                                                                                                                                        																										goto L24;
                                                                                                                                                                                                                                                        																									} else {
                                                                                                                                                                                                                                                        																										_t58 = E00BCAA70(_t57,  &_v20, _t88, _t112, "wcslen");
                                                                                                                                                                                                                                                        																										_t113 = _t58;
                                                                                                                                                                                                                                                        																										 *0xbfb674 = _t58;
                                                                                                                                                                                                                                                        																										if(_t58 == 0) {
                                                                                                                                                                                                                                                        																											goto L24;
                                                                                                                                                                                                                                                        																										} else {
                                                                                                                                                                                                                                                        																											_t59 = E00BCAA70(_t58,  &_v20, _t88, _t113, "memcpy");
                                                                                                                                                                                                                                                        																											 *0xbfb678 = _t59;
                                                                                                                                                                                                                                                        																											_t61 = _t60 & 0xffffff00 | _t59 != 0x00000000;
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v12 ^ _t89, _t88);
                                                                                                                                                                                                                                                        				return _t61;
                                                                                                                                                                                                                                                        			}





































                                                                                                                                                                                                                                                        0x00bd78c0
                                                                                                                                                                                                                                                        0x00bd78c7
                                                                                                                                                                                                                                                        0x00bd78ce
                                                                                                                                                                                                                                                        0x00bd78d6
                                                                                                                                                                                                                                                        0x00bd78dc
                                                                                                                                                                                                                                                        0x00bd78e3
                                                                                                                                                                                                                                                        0x00bd78ee
                                                                                                                                                                                                                                                        0x00bd78f3
                                                                                                                                                                                                                                                        0x00bd78f5
                                                                                                                                                                                                                                                        0x00bd78fa
                                                                                                                                                                                                                                                        0x00bd7b41
                                                                                                                                                                                                                                                        0x00bd7b41
                                                                                                                                                                                                                                                        0x00bd7b41
                                                                                                                                                                                                                                                        0x00bd7900
                                                                                                                                                                                                                                                        0x00bd7908
                                                                                                                                                                                                                                                        0x00bd790d
                                                                                                                                                                                                                                                        0x00bd790f
                                                                                                                                                                                                                                                        0x00bd7914
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd791a
                                                                                                                                                                                                                                                        0x00bd7922
                                                                                                                                                                                                                                                        0x00bd7927
                                                                                                                                                                                                                                                        0x00bd7929
                                                                                                                                                                                                                                                        0x00bd792e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7934
                                                                                                                                                                                                                                                        0x00bd793c
                                                                                                                                                                                                                                                        0x00bd7941
                                                                                                                                                                                                                                                        0x00bd7943
                                                                                                                                                                                                                                                        0x00bd7948
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd794e
                                                                                                                                                                                                                                                        0x00bd7956
                                                                                                                                                                                                                                                        0x00bd795b
                                                                                                                                                                                                                                                        0x00bd795d
                                                                                                                                                                                                                                                        0x00bd7962
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7968
                                                                                                                                                                                                                                                        0x00bd7970
                                                                                                                                                                                                                                                        0x00bd7975
                                                                                                                                                                                                                                                        0x00bd7977
                                                                                                                                                                                                                                                        0x00bd797c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7982
                                                                                                                                                                                                                                                        0x00bd798a
                                                                                                                                                                                                                                                        0x00bd798f
                                                                                                                                                                                                                                                        0x00bd7991
                                                                                                                                                                                                                                                        0x00bd7996
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd799c
                                                                                                                                                                                                                                                        0x00bd79a4
                                                                                                                                                                                                                                                        0x00bd79a9
                                                                                                                                                                                                                                                        0x00bd79ab
                                                                                                                                                                                                                                                        0x00bd79b0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd79b6
                                                                                                                                                                                                                                                        0x00bd79be
                                                                                                                                                                                                                                                        0x00bd79c3
                                                                                                                                                                                                                                                        0x00bd79c5
                                                                                                                                                                                                                                                        0x00bd79ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd79d0
                                                                                                                                                                                                                                                        0x00bd79d8
                                                                                                                                                                                                                                                        0x00bd79dd
                                                                                                                                                                                                                                                        0x00bd79df
                                                                                                                                                                                                                                                        0x00bd79e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd79ea
                                                                                                                                                                                                                                                        0x00bd79f2
                                                                                                                                                                                                                                                        0x00bd79f7
                                                                                                                                                                                                                                                        0x00bd79f9
                                                                                                                                                                                                                                                        0x00bd79fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a04
                                                                                                                                                                                                                                                        0x00bd7a0c
                                                                                                                                                                                                                                                        0x00bd7a11
                                                                                                                                                                                                                                                        0x00bd7a13
                                                                                                                                                                                                                                                        0x00bd7a18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a1e
                                                                                                                                                                                                                                                        0x00bd7a26
                                                                                                                                                                                                                                                        0x00bd7a2b
                                                                                                                                                                                                                                                        0x00bd7a2d
                                                                                                                                                                                                                                                        0x00bd7a32
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a38
                                                                                                                                                                                                                                                        0x00bd7a40
                                                                                                                                                                                                                                                        0x00bd7a45
                                                                                                                                                                                                                                                        0x00bd7a47
                                                                                                                                                                                                                                                        0x00bd7a4c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a52
                                                                                                                                                                                                                                                        0x00bd7a5a
                                                                                                                                                                                                                                                        0x00bd7a5f
                                                                                                                                                                                                                                                        0x00bd7a61
                                                                                                                                                                                                                                                        0x00bd7a66
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a6c
                                                                                                                                                                                                                                                        0x00bd7a74
                                                                                                                                                                                                                                                        0x00bd7a79
                                                                                                                                                                                                                                                        0x00bd7a7b
                                                                                                                                                                                                                                                        0x00bd7a80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a86
                                                                                                                                                                                                                                                        0x00bd7a8e
                                                                                                                                                                                                                                                        0x00bd7a93
                                                                                                                                                                                                                                                        0x00bd7a95
                                                                                                                                                                                                                                                        0x00bd7a9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7aa0
                                                                                                                                                                                                                                                        0x00bd7aa8
                                                                                                                                                                                                                                                        0x00bd7aad
                                                                                                                                                                                                                                                        0x00bd7aaf
                                                                                                                                                                                                                                                        0x00bd7ab4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7aba
                                                                                                                                                                                                                                                        0x00bd7ac2
                                                                                                                                                                                                                                                        0x00bd7ac7
                                                                                                                                                                                                                                                        0x00bd7ac9
                                                                                                                                                                                                                                                        0x00bd7ace
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7ad0
                                                                                                                                                                                                                                                        0x00bd7ad8
                                                                                                                                                                                                                                                        0x00bd7add
                                                                                                                                                                                                                                                        0x00bd7adf
                                                                                                                                                                                                                                                        0x00bd7ae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7ae6
                                                                                                                                                                                                                                                        0x00bd7aee
                                                                                                                                                                                                                                                        0x00bd7af3
                                                                                                                                                                                                                                                        0x00bd7af5
                                                                                                                                                                                                                                                        0x00bd7afa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7afc
                                                                                                                                                                                                                                                        0x00bd7b04
                                                                                                                                                                                                                                                        0x00bd7b09
                                                                                                                                                                                                                                                        0x00bd7b0b
                                                                                                                                                                                                                                                        0x00bd7b10
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7b12
                                                                                                                                                                                                                                                        0x00bd7b1a
                                                                                                                                                                                                                                                        0x00bd7b1f
                                                                                                                                                                                                                                                        0x00bd7b21
                                                                                                                                                                                                                                                        0x00bd7b26
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7b28
                                                                                                                                                                                                                                                        0x00bd7b30
                                                                                                                                                                                                                                                        0x00bd7b37
                                                                                                                                                                                                                                                        0x00bd7b3c
                                                                                                                                                                                                                                                        0x00bd7b3c
                                                                                                                                                                                                                                                        0x00bd7b26
                                                                                                                                                                                                                                                        0x00bd7b10
                                                                                                                                                                                                                                                        0x00bd7afa
                                                                                                                                                                                                                                                        0x00bd7ae4
                                                                                                                                                                                                                                                        0x00bd7ace
                                                                                                                                                                                                                                                        0x00bd7ab4
                                                                                                                                                                                                                                                        0x00bd7a9a
                                                                                                                                                                                                                                                        0x00bd7a80
                                                                                                                                                                                                                                                        0x00bd7a66
                                                                                                                                                                                                                                                        0x00bd7a4c
                                                                                                                                                                                                                                                        0x00bd7a32
                                                                                                                                                                                                                                                        0x00bd7a18
                                                                                                                                                                                                                                                        0x00bd79fe
                                                                                                                                                                                                                                                        0x00bd79e4
                                                                                                                                                                                                                                                        0x00bd79ca
                                                                                                                                                                                                                                                        0x00bd79b0
                                                                                                                                                                                                                                                        0x00bd7996
                                                                                                                                                                                                                                                        0x00bd797c
                                                                                                                                                                                                                                                        0x00bd7962
                                                                                                                                                                                                                                                        0x00bd7948
                                                                                                                                                                                                                                                        0x00bd792e
                                                                                                                                                                                                                                                        0x00bd7914
                                                                                                                                                                                                                                                        0x00bd7b48
                                                                                                                                                                                                                                                        0x00bd7b54

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,?,00BE587C,?,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD78D6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModule
                                                                                                                                                                                                                                                        • String ID: NtAllocateVirtualMemory$NtClose$NtDuplicateObject$NtFreeVirtualMemory$NtMapViewOfSection$NtProtectVirtualMemory$NtQueryInformationProcess$NtQueryObject$NtQuerySection$NtQueryVirtualMemory$NtSignalAndWaitForSingleObject$NtUnmapViewOfSection$NtWaitForSingleObject$RtlAllocateHeap$RtlAnsiStringToUnicodeString$RtlCompareUnicodeString$RtlCreateHeap$RtlCreateUserThread$RtlDestroyHeap$RtlFreeHeap$_strnicmp$memcpy$ntdll.dll$strlen$wcslen
                                                                                                                                                                                                                                                        • API String ID: 4139908857-148567080
                                                                                                                                                                                                                                                        • Opcode ID: 5a8614c92a7fbc67ffc4448d0426dabcf9c79c8b221869f4de60d209196d4fab
                                                                                                                                                                                                                                                        • Instruction ID: d10347191ee6173c6ac31a7c86f5d98cea3b2f72c0be2f7f263f3e8a02f65a02
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a8614c92a7fbc67ffc4448d0426dabcf9c79c8b221869f4de60d209196d4fab
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1951557198025E9E5B04EFB6CD62EBAF7E4EA08308B5414EEEA15C3290FF309508CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 49%
                                                                                                                                                                                                                                                        			E00BED7F0() {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				short _v24;
                                                                                                                                                                                                                                                        				short _v48;
                                                                                                                                                                                                                                                        				char _v560;
                                                                                                                                                                                                                                                        				char _v576;
                                                                                                                                                                                                                                                        				short _v580;
                                                                                                                                                                                                                                                        				short _v584;
                                                                                                                                                                                                                                                        				void* _v588;
                                                                                                                                                                                                                                                        				int _v592;
                                                                                                                                                                                                                                                        				int _v596;
                                                                                                                                                                                                                                                        				void* _v600;
                                                                                                                                                                                                                                                        				void* _v604;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t37;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				long _t45;
                                                                                                                                                                                                                                                        				short _t47;
                                                                                                                                                                                                                                                        				int* _t48;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				short* _t52;
                                                                                                                                                                                                                                                        				char* _t53;
                                                                                                                                                                                                                                                        				int _t54;
                                                                                                                                                                                                                                                        				int* _t55;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        				char* _t62;
                                                                                                                                                                                                                                                        				short* _t63;
                                                                                                                                                                                                                                                        				int _t67;
                                                                                                                                                                                                                                                        				int _t68;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				void* _t72;
                                                                                                                                                                                                                                                        				void* _t75;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t29 ^ _t69;
                                                                                                                                                                                                                                                        				if(GetModuleHandleW(L"detoured.dll") != 0 || GetModuleHandleW(L"_etoured.dll") != 0 || GetModuleHandleW(L"nvd3d9wrap.dll") != 0 || GetModuleHandleW(L"nvdxgiwrap.dll") != 0) {
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					_t54 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t37 = GetModuleHandleW(L"user32.dll");
                                                                                                                                                                                                                                                        					_t54 = 1;
                                                                                                                                                                                                                                                        					if(_t37 == 0) {
                                                                                                                                                                                                                                                        						_v588 = 0;
                                                                                                                                                                                                                                                        						if(RegOpenKeyExW(0x80000002, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows", 0, 1,  &_v588) == 0) {
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [0xbf1e70]");
                                                                                                                                                                                                                                                        							asm("movsd xmm2, [0xbf1e68]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [0xbf1e60]");
                                                                                                                                                                                                                                                        							_t59 = _v588;
                                                                                                                                                                                                                                                        							_t55 =  &_v592;
                                                                                                                                                                                                                                                        							_v592 = 0;
                                                                                                                                                                                                                                                        							_v24 =  *0xbf1e78 & 0x0000ffff;
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x1c], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x24], xmm2");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x2c], xmm1");
                                                                                                                                                                                                                                                        							_v604 = _t59;
                                                                                                                                                                                                                                                        							_t42 = RegQueryValueExW(_t59,  &_v48, 0, 0, 0, _t55);
                                                                                                                                                                                                                                                        							if(_t42 == 0) {
                                                                                                                                                                                                                                                        								_t67 = _v592 + 0x00000001 & 0xfffffffe;
                                                                                                                                                                                                                                                        								__imp__moz_xmalloc(_t67);
                                                                                                                                                                                                                                                        								_t62 = _t42;
                                                                                                                                                                                                                                                        								memset(_t42, 0, _t67);
                                                                                                                                                                                                                                                        								_t72 = _t70 + 0x10;
                                                                                                                                                                                                                                                        								_v600 = _t62;
                                                                                                                                                                                                                                                        								_t45 = RegQueryValueExW(_v588,  &_v48, 0, 0, _t62, _t55);
                                                                                                                                                                                                                                                        								_t68 = 0;
                                                                                                                                                                                                                                                        								if(_t45 == 0) {
                                                                                                                                                                                                                                                        									_v596 = 0;
                                                                                                                                                                                                                                                        									_v580 =  *0xbf1e7e & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t47 = L", "; // 0x20002c
                                                                                                                                                                                                                                                        									_v584 = _t47;
                                                                                                                                                                                                                                                        									_t48 =  &_v596;
                                                                                                                                                                                                                                                        									__imp__wcstok_s(_v600,  &_v584, _t48);
                                                                                                                                                                                                                                                        									_t72 = _t72 + 0xc;
                                                                                                                                                                                                                                                        									_t68 = 0;
                                                                                                                                                                                                                                                        									if(_t48 != 0) {
                                                                                                                                                                                                                                                        										_t63 = _t48;
                                                                                                                                                                                                                                                        										_t56 =  &_v560;
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											_t50 = memset(_t56, 0, 0x200);
                                                                                                                                                                                                                                                        											__imp___wsplitpath_s(_t63, 0, 0, 0, 0, _t56, 0x100, 0, 0);
                                                                                                                                                                                                                                                        											_t75 = _t72 + 0x30;
                                                                                                                                                                                                                                                        											if(_t50 != 0) {
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												asm("movsd xmm0, [0xbf1e86]");
                                                                                                                                                                                                                                                        												asm("movsd xmm1, [0xbf1e80]");
                                                                                                                                                                                                                                                        												asm("movsd [ebp-0x236], xmm0");
                                                                                                                                                                                                                                                        												asm("movsd [ebp-0x23c], xmm1");
                                                                                                                                                                                                                                                        												_t53 =  &_v576;
                                                                                                                                                                                                                                                        												__imp___wcsnicmp(_t56, _t53, 7);
                                                                                                                                                                                                                                                        												_t75 = _t75 + 0xc;
                                                                                                                                                                                                                                                        												if(_t53 != 0) {
                                                                                                                                                                                                                                                        													goto L18;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t68 = 1;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											_t52 =  &_v584;
                                                                                                                                                                                                                                                        											__imp__wcstok_s(0, _t52,  &_v596);
                                                                                                                                                                                                                                                        											_t72 = _t75 + 0xc;
                                                                                                                                                                                                                                                        											_t63 = _t52;
                                                                                                                                                                                                                                                        										} while (_t52 != 0);
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L14:
                                                                                                                                                                                                                                                        								free(_v600);
                                                                                                                                                                                                                                                        								if(_v604 != 0) {
                                                                                                                                                                                                                                                        									goto L10;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_v604 != 0) {
                                                                                                                                                                                                                                                        									L10:
                                                                                                                                                                                                                                                        									RegCloseKey(_v604);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if(_t68 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_t54 = 1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t69, _t61);
                                                                                                                                                                                                                                                        				return _t54;
                                                                                                                                                                                                                                                        			}





































                                                                                                                                                                                                                                                        0x00bed7fc
                                                                                                                                                                                                                                                        0x00bed803
                                                                                                                                                                                                                                                        0x00bed813
                                                                                                                                                                                                                                                        0x00bed92a
                                                                                                                                                                                                                                                        0x00bed92a
                                                                                                                                                                                                                                                        0x00bed852
                                                                                                                                                                                                                                                        0x00bed857
                                                                                                                                                                                                                                                        0x00bed85d
                                                                                                                                                                                                                                                        0x00bed861
                                                                                                                                                                                                                                                        0x00bed880
                                                                                                                                                                                                                                                        0x00bed8a1
                                                                                                                                                                                                                                                        0x00bed8ae
                                                                                                                                                                                                                                                        0x00bed8b6
                                                                                                                                                                                                                                                        0x00bed8be
                                                                                                                                                                                                                                                        0x00bed8c6
                                                                                                                                                                                                                                                        0x00bed8cc
                                                                                                                                                                                                                                                        0x00bed8d2
                                                                                                                                                                                                                                                        0x00bed8dc
                                                                                                                                                                                                                                                        0x00bed8e0
                                                                                                                                                                                                                                                        0x00bed8e5
                                                                                                                                                                                                                                                        0x00bed8ea
                                                                                                                                                                                                                                                        0x00bed8fa
                                                                                                                                                                                                                                                        0x00bed901
                                                                                                                                                                                                                                                        0x00bed90b
                                                                                                                                                                                                                                                        0x00bed938
                                                                                                                                                                                                                                                        0x00bed93c
                                                                                                                                                                                                                                                        0x00bed945
                                                                                                                                                                                                                                                        0x00bed94b
                                                                                                                                                                                                                                                        0x00bed950
                                                                                                                                                                                                                                                        0x00bed954
                                                                                                                                                                                                                                                        0x00bed969
                                                                                                                                                                                                                                                        0x00bed96f
                                                                                                                                                                                                                                                        0x00bed973
                                                                                                                                                                                                                                                        0x00bed996
                                                                                                                                                                                                                                                        0x00bed9a6
                                                                                                                                                                                                                                                        0x00bed9ad
                                                                                                                                                                                                                                                        0x00bed9b2
                                                                                                                                                                                                                                                        0x00bed9b8
                                                                                                                                                                                                                                                        0x00bed9c6
                                                                                                                                                                                                                                                        0x00bed9cc
                                                                                                                                                                                                                                                        0x00bed9cf
                                                                                                                                                                                                                                                        0x00bed9d3
                                                                                                                                                                                                                                                        0x00bed9d5
                                                                                                                                                                                                                                                        0x00bed9d7
                                                                                                                                                                                                                                                        0x00beda02
                                                                                                                                                                                                                                                        0x00beda0a
                                                                                                                                                                                                                                                        0x00beda25
                                                                                                                                                                                                                                                        0x00beda2b
                                                                                                                                                                                                                                                        0x00beda30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beda32
                                                                                                                                                                                                                                                        0x00beda32
                                                                                                                                                                                                                                                        0x00beda3a
                                                                                                                                                                                                                                                        0x00beda42
                                                                                                                                                                                                                                                        0x00beda4a
                                                                                                                                                                                                                                                        0x00beda54
                                                                                                                                                                                                                                                        0x00beda5c
                                                                                                                                                                                                                                                        0x00beda62
                                                                                                                                                                                                                                                        0x00beda67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beda6d
                                                                                                                                                                                                                                                        0x00beda6d
                                                                                                                                                                                                                                                        0x00beda6d
                                                                                                                                                                                                                                                        0x00beda67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed9df
                                                                                                                                                                                                                                                        0x00bed9e6
                                                                                                                                                                                                                                                        0x00bed9ef
                                                                                                                                                                                                                                                        0x00bed9f5
                                                                                                                                                                                                                                                        0x00bed9f8
                                                                                                                                                                                                                                                        0x00bed9fa
                                                                                                                                                                                                                                                        0x00beda02
                                                                                                                                                                                                                                                        0x00bed9d3
                                                                                                                                                                                                                                                        0x00bed975
                                                                                                                                                                                                                                                        0x00bed97b
                                                                                                                                                                                                                                                        0x00bed98b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed98d
                                                                                                                                                                                                                                                        0x00bed90d
                                                                                                                                                                                                                                                        0x00bed914
                                                                                                                                                                                                                                                        0x00bed916
                                                                                                                                                                                                                                                        0x00bed91c
                                                                                                                                                                                                                                                        0x00bed91c
                                                                                                                                                                                                                                                        0x00bed914
                                                                                                                                                                                                                                                        0x00bed924
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed8a3
                                                                                                                                                                                                                                                        0x00bed8a3
                                                                                                                                                                                                                                                        0x00bed8a3
                                                                                                                                                                                                                                                        0x00bed8a3
                                                                                                                                                                                                                                                        0x00bed8a1
                                                                                                                                                                                                                                                        0x00bed861
                                                                                                                                                                                                                                                        0x00bed868
                                                                                                                                                                                                                                                        0x00bed879

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(detoured.dll), ref: 00BED80B
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(_etoured.dll), ref: 00BED81E
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(nvd3d9wrap.dll), ref: 00BED831
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(nvdxgiwrap.dll), ref: 00BED844
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(user32.dll), ref: 00BED857
                                                                                                                                                                                                                                                        • RegOpenKeyExW.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows,00000000,00000001,?), ref: 00BED899
                                                                                                                                                                                                                                                        • RegQueryValueExW.ADVAPI32(00000000,?,00000000,00000000,00000000,?), ref: 00BED901
                                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 00BED91C
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001), ref: 00BED93C
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BED94B
                                                                                                                                                                                                                                                        • RegQueryValueExW.ADVAPI32(00000000,?,00000000,00000000,00000000,?), ref: 00BED969
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BED97B
                                                                                                                                                                                                                                                        • wcstok_s.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000000), ref: 00BED9C6
                                                                                                                                                                                                                                                        • wcstok_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00000000), ref: 00BED9EF
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BEDA0A
                                                                                                                                                                                                                                                        • _wsplitpath_s.API-MS-WIN-CRT-FILESYSTEM-L1-1-0(00000000,00000000,00000000,00000000,00000000,?,00000100,00000000,00000000), ref: 00BEDA25
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000007), ref: 00BEDA5C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModule$QueryValuememsetwcstok_s$CloseOpen_wcsnicmp_wsplitpath_sfreemoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows$_etoured.dll$detoured.dll$nvd3d9wrap.dll$nvdxgiwrap.dll$user32.dll
                                                                                                                                                                                                                                                        • API String ID: 1929582461-2878602165
                                                                                                                                                                                                                                                        • Opcode ID: 6cfb8b4aa20980f339ee9dc8aa0ef94c84b7960ebe5ed332c01ebc0aaa2bd146
                                                                                                                                                                                                                                                        • Instruction ID: 4a982cc5e87d5656abb2c5524561c7d1b0c0a8c04fc6882b6f12b67107b76557
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6cfb8b4aa20980f339ee9dc8aa0ef94c84b7960ebe5ed332c01ebc0aaa2bd146
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8D51C135A40258ABEB209F65DC49BBA77B8EF44745F1001E4FD09B71A1EFB09E84CB64
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 33%
                                                                                                                                                                                                                                                        			E00BD97A0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _t70;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t74;
                                                                                                                                                                                                                                                        				signed int _t75;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				signed int _t117;
                                                                                                                                                                                                                                                        				signed int _t118;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t129;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int _t132;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t117 = _a4;
                                                                                                                                                                                                                                                        				_t119 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t119 ^ _t132;
                                                                                                                                                                                                                                                        				_t128 = _t117 & 0xffe08084 | _a8;
                                                                                                                                                                                                                                                        				if((_t117 & 0xffe08084 | _a8) == 0) {
                                                                                                                                                                                                                                                        					_t131 = E00BCBDD0();
                                                                                                                                                                                                                                                        					_t70 = GetModuleHandleA("kernel32.dll");
                                                                                                                                                                                                                                                        					_t129 = _t70;
                                                                                                                                                                                                                                                        					if((_t117 & 0x00000200) != 0) {
                                                                                                                                                                                                                                                        						_t70 = GetProcAddress(_t129, "SetDefaultDllDirectories");
                                                                                                                                                                                                                                                        						if(_t70 == 0) {
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t70 =  *_t70(0x1000);
                                                                                                                                                                                                                                                        							if(_t70 != 0) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t70 = GetLastError();
                                                                                                                                                                                                                                                        								if(_t70 != 5) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						if((_t117 & 0x00000020) == 0) {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							if((_t117 & 0x00000400) != 0) {
                                                                                                                                                                                                                                                        								_t71 = E00BE3070();
                                                                                                                                                                                                                                                        								if(_t71 == 5 || _t71 == 0) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								if((_t117 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        									L9:
                                                                                                                                                                                                                                                        									_t118 = 1;
                                                                                                                                                                                                                                                        									if(_t131 >= 5) {
                                                                                                                                                                                                                                                        										_t74 = GetProcAddress(_t129, "SetProcessMitigationPolicy");
                                                                                                                                                                                                                                                        										if(_t74 == 0) {
                                                                                                                                                                                                                                                        											goto L1;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t130 = _t74;
                                                                                                                                                                                                                                                        											_t75 = _a4;
                                                                                                                                                                                                                                                        											if((_t75 & 0x00000008) != 0) {
                                                                                                                                                                                                                                                        												_v24 = _t75 >> 0x00000001 & 0x00000008 | 0x00000002;
                                                                                                                                                                                                                                                        												_push(4);
                                                                                                                                                                                                                                                        												_push( &_v24);
                                                                                                                                                                                                                                                        												_push(1);
                                                                                                                                                                                                                                                        												if( *_t130() == 0) {
                                                                                                                                                                                                                                                        													if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        														goto L1;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L30;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L30:
                                                                                                                                                                                                                                                        													_t75 = _a4;
                                                                                                                                                                                                                                                        													if((_t75 & 0x00000100) == 0) {
                                                                                                                                                                                                                                                        														goto L13;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L31;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												if((_t75 & 0x00000100) != 0) {
                                                                                                                                                                                                                                                        													L31:
                                                                                                                                                                                                                                                        													_v24 = 3;
                                                                                                                                                                                                                                                        													_push(4);
                                                                                                                                                                                                                                                        													_push( &_v24);
                                                                                                                                                                                                                                                        													_push(3);
                                                                                                                                                                                                                                                        													if( *_t130() == 0) {
                                                                                                                                                                                                                                                        														if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        															goto L1;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															goto L32;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L32:
                                                                                                                                                                                                                                                        														_t75 = _a4;
                                                                                                                                                                                                                                                        														if((_t75 & 0x00000800) == 0) {
                                                                                                                                                                                                                                                        															goto L14;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															goto L33;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L13:
                                                                                                                                                                                                                                                        													if((_t75 & 0x00000800) != 0) {
                                                                                                                                                                                                                                                        														L33:
                                                                                                                                                                                                                                                        														_v24 = 1;
                                                                                                                                                                                                                                                        														_push(4);
                                                                                                                                                                                                                                                        														_push( &_v24);
                                                                                                                                                                                                                                                        														_push(4);
                                                                                                                                                                                                                                                        														if( *_t130() == 0) {
                                                                                                                                                                                                                                                        															if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																goto L1;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																goto L34;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L34:
                                                                                                                                                                                                                                                        															if((_a4 & 0x00001000) != 0) {
                                                                                                                                                                                                                                                        																goto L15;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																goto L35;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L14:
                                                                                                                                                                                                                                                        														if((_t75 & 0x00001000) == 0) {
                                                                                                                                                                                                                                                        															L35:
                                                                                                                                                                                                                                                        															if(_t131 >= 6) {
                                                                                                                                                                                                                                                        																_t88 = E00BD9B70();
                                                                                                                                                                                                                                                        																if((_a4 & 0x00002000) == 0 || _t88 != 0) {
                                                                                                                                                                                                                                                        																	L39:
                                                                                                                                                                                                                                                        																	if(_t131 >= 7) {
                                                                                                                                                                                                                                                        																		if((_a4 & 0x00010000) == 0) {
                                                                                                                                                                                                                                                        																			L42:
                                                                                                                                                                                                                                                        																			if(_t131 >= 8) {
                                                                                                                                                                                                                                                        																				if((_a4 & 0x00020000) == 0) {
                                                                                                                                                                                                                                                        																					L45:
                                                                                                                                                                                                                                                        																					if((_a4 & 0x001c0000) == 0) {
                                                                                                                                                                                                                                                        																						L47:
                                                                                                                                                                                                                                                        																						if(_t131 >= 9) {
                                                                                                                                                                                                                                                        																							_t89 = E00BD9B70();
                                                                                                                                                                                                                                                        																							if((_a4 & 0x00004000) != 0 && _t89 == 0) {
                                                                                                                                                                                                                                                        																								_v24 = 3;
                                                                                                                                                                                                                                                        																								_push(4);
                                                                                                                                                                                                                                                        																								_push( &_v24);
                                                                                                                                                                                                                                                        																								_push(2);
                                                                                                                                                                                                                                                        																								if( *_t130() == 0) {
                                                                                                                                                                                                                                                        																									if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																										goto L1;
                                                                                                                                                                                                                                                        																									} else {
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t128 = _a4;
                                                                                                                                                                                                                                                        																						_t95 = _a4 >> 0x00000012 & 0x00000003;
                                                                                                                                                                                                                                                        																						_t58 = _t95 + 4; // 0x1c0004
                                                                                                                                                                                                                                                        																						_t124 =  <  ? _t95 : _t58;
                                                                                                                                                                                                                                                        																						_t125 =  ==  ? _t95 :  <  ? _t95 : _t58;
                                                                                                                                                                                                                                                        																						_v24 =  ==  ? _t95 :  <  ? _t95 : _t58;
                                                                                                                                                                                                                                                        																						_push(4);
                                                                                                                                                                                                                                                        																						_push( &_v24);
                                                                                                                                                                                                                                                        																						_push(0xa);
                                                                                                                                                                                                                                                        																						if( *_t130() == 0) {
                                                                                                                                                                                                                                                        																							if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																								goto L1;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								goto L47;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L47;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_v24 = 1;
                                                                                                                                                                                                                                                        																					_push(4);
                                                                                                                                                                                                                                                        																					_push( &_v24);
                                                                                                                                                                                                                                                        																					_push(8);
                                                                                                                                                                                                                                                        																					if( *_t130() == 0) {
                                                                                                                                                                                                                                                        																						if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																							goto L1;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L45;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						goto L45;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_v24 = 1;
                                                                                                                                                                                                                                                        																			_push(4);
                                                                                                                                                                                                                                                        																			_push( &_v24);
                                                                                                                                                                                                                                                        																			_push(9);
                                                                                                                                                                                                                                                        																			if( *_t130() == 0) {
                                                                                                                                                                                                                                                        																				if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																					goto L1;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					goto L42;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				goto L42;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_v24 = 1;
                                                                                                                                                                                                                                                        																	_push(4);
                                                                                                                                                                                                                                                        																	_push( &_v24);
                                                                                                                                                                                                                                                        																	_push(2);
                                                                                                                                                                                                                                                        																	if( *_t130() == 0) {
                                                                                                                                                                                                                                                        																		if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																			goto L1;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			goto L39;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		goto L39;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L15:
                                                                                                                                                                                                                                                        															_v24 = 1;
                                                                                                                                                                                                                                                        															_push(4);
                                                                                                                                                                                                                                                        															_push( &_v24);
                                                                                                                                                                                                                                                        															_push(6);
                                                                                                                                                                                                                                                        															if( *_t130() != 0) {
                                                                                                                                                                                                                                                        																goto L35;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																	goto L1;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	goto L35;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t114 = _t117 & 0x00000002 | 0x00000001;
                                                                                                                                                                                                                                                        									__imp__SetProcessDEPPolicy(_t114);
                                                                                                                                                                                                                                                        									if(_t114 == 0) {
                                                                                                                                                                                                                                                        										if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        											goto L1;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L9;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L9;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__imp__HeapSetInformation(0, 1, 0, 0);
                                                                                                                                                                                                                                                        							if(_t70 == 0) {
                                                                                                                                                                                                                                                        								if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L6;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t118 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t132, _t128);
                                                                                                                                                                                                                                                        				return _t118;
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bd97a9
                                                                                                                                                                                                                                                        0x00bd97ac
                                                                                                                                                                                                                                                        0x00bd97bf
                                                                                                                                                                                                                                                        0x00bd97c2
                                                                                                                                                                                                                                                        0x00bd97c4
                                                                                                                                                                                                                                                        0x00bd97e1
                                                                                                                                                                                                                                                        0x00bd97e8
                                                                                                                                                                                                                                                        0x00bd97ee
                                                                                                                                                                                                                                                        0x00bd97f6
                                                                                                                                                                                                                                                        0x00bd98bb
                                                                                                                                                                                                                                                        0x00bd98c3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98c9
                                                                                                                                                                                                                                                        0x00bd98ce
                                                                                                                                                                                                                                                        0x00bd98d2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98d8
                                                                                                                                                                                                                                                        0x00bd98d8
                                                                                                                                                                                                                                                        0x00bd98e1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98e7
                                                                                                                                                                                                                                                        0x00bd98e1
                                                                                                                                                                                                                                                        0x00bd98d2
                                                                                                                                                                                                                                                        0x00bd97fc
                                                                                                                                                                                                                                                        0x00bd97fc
                                                                                                                                                                                                                                                        0x00bd97ff
                                                                                                                                                                                                                                                        0x00bd9817
                                                                                                                                                                                                                                                        0x00bd981d
                                                                                                                                                                                                                                                        0x00bd98ec
                                                                                                                                                                                                                                                        0x00bd98f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9902
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9902
                                                                                                                                                                                                                                                        0x00bd9823
                                                                                                                                                                                                                                                        0x00bd9823
                                                                                                                                                                                                                                                        0x00bd9826
                                                                                                                                                                                                                                                        0x00bd983f
                                                                                                                                                                                                                                                        0x00bd983f
                                                                                                                                                                                                                                                        0x00bd9844
                                                                                                                                                                                                                                                        0x00bd984c
                                                                                                                                                                                                                                                        0x00bd9854
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd985a
                                                                                                                                                                                                                                                        0x00bd985a
                                                                                                                                                                                                                                                        0x00bd985c
                                                                                                                                                                                                                                                        0x00bd9861
                                                                                                                                                                                                                                                        0x00bd9937
                                                                                                                                                                                                                                                        0x00bd993d
                                                                                                                                                                                                                                                        0x00bd993f
                                                                                                                                                                                                                                                        0x00bd9940
                                                                                                                                                                                                                                                        0x00bd9946
                                                                                                                                                                                                                                                        0x00bd9ac6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9acc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9acc
                                                                                                                                                                                                                                                        0x00bd994c
                                                                                                                                                                                                                                                        0x00bd994c
                                                                                                                                                                                                                                                        0x00bd994c
                                                                                                                                                                                                                                                        0x00bd9954
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9954
                                                                                                                                                                                                                                                        0x00bd9867
                                                                                                                                                                                                                                                        0x00bd986c
                                                                                                                                                                                                                                                        0x00bd995a
                                                                                                                                                                                                                                                        0x00bd995a
                                                                                                                                                                                                                                                        0x00bd9964
                                                                                                                                                                                                                                                        0x00bd9966
                                                                                                                                                                                                                                                        0x00bd9967
                                                                                                                                                                                                                                                        0x00bd996d
                                                                                                                                                                                                                                                        0x00bd9ada
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9ae0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9ae0
                                                                                                                                                                                                                                                        0x00bd9973
                                                                                                                                                                                                                                                        0x00bd9973
                                                                                                                                                                                                                                                        0x00bd9973
                                                                                                                                                                                                                                                        0x00bd997b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd997b
                                                                                                                                                                                                                                                        0x00bd9872
                                                                                                                                                                                                                                                        0x00bd9872
                                                                                                                                                                                                                                                        0x00bd9877
                                                                                                                                                                                                                                                        0x00bd9981
                                                                                                                                                                                                                                                        0x00bd9981
                                                                                                                                                                                                                                                        0x00bd998b
                                                                                                                                                                                                                                                        0x00bd998d
                                                                                                                                                                                                                                                        0x00bd998e
                                                                                                                                                                                                                                                        0x00bd9994
                                                                                                                                                                                                                                                        0x00bd9aee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9af4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9af4
                                                                                                                                                                                                                                                        0x00bd999a
                                                                                                                                                                                                                                                        0x00bd999a
                                                                                                                                                                                                                                                        0x00bd99a2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd99a2
                                                                                                                                                                                                                                                        0x00bd987d
                                                                                                                                                                                                                                                        0x00bd987d
                                                                                                                                                                                                                                                        0x00bd9882
                                                                                                                                                                                                                                                        0x00bd99a8
                                                                                                                                                                                                                                                        0x00bd99ab
                                                                                                                                                                                                                                                        0x00bd99b1
                                                                                                                                                                                                                                                        0x00bd99bd
                                                                                                                                                                                                                                                        0x00bd99dc
                                                                                                                                                                                                                                                        0x00bd99df
                                                                                                                                                                                                                                                        0x00bd99ec
                                                                                                                                                                                                                                                        0x00bd9a07
                                                                                                                                                                                                                                                        0x00bd9a0a
                                                                                                                                                                                                                                                        0x00bd9a17
                                                                                                                                                                                                                                                        0x00bd9a32
                                                                                                                                                                                                                                                        0x00bd9a39
                                                                                                                                                                                                                                                        0x00bd9a6d
                                                                                                                                                                                                                                                        0x00bd9a70
                                                                                                                                                                                                                                                        0x00bd9a76
                                                                                                                                                                                                                                                        0x00bd9a82
                                                                                                                                                                                                                                                        0x00bd9a90
                                                                                                                                                                                                                                                        0x00bd9a9a
                                                                                                                                                                                                                                                        0x00bd9a9c
                                                                                                                                                                                                                                                        0x00bd9a9d
                                                                                                                                                                                                                                                        0x00bd9aa3
                                                                                                                                                                                                                                                        0x00bd9ab2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9ab8
                                                                                                                                                                                                                                                        0x00bd9ab2
                                                                                                                                                                                                                                                        0x00bd9aa3
                                                                                                                                                                                                                                                        0x00bd9a82
                                                                                                                                                                                                                                                        0x00bd9a3b
                                                                                                                                                                                                                                                        0x00bd9a3b
                                                                                                                                                                                                                                                        0x00bd9a43
                                                                                                                                                                                                                                                        0x00bd9a49
                                                                                                                                                                                                                                                        0x00bd9a4c
                                                                                                                                                                                                                                                        0x00bd9a55
                                                                                                                                                                                                                                                        0x00bd9a5b
                                                                                                                                                                                                                                                        0x00bd9a5e
                                                                                                                                                                                                                                                        0x00bd9a60
                                                                                                                                                                                                                                                        0x00bd9a61
                                                                                                                                                                                                                                                        0x00bd9a67
                                                                                                                                                                                                                                                        0x00bd9b2a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9a67
                                                                                                                                                                                                                                                        0x00bd9a19
                                                                                                                                                                                                                                                        0x00bd9a19
                                                                                                                                                                                                                                                        0x00bd9a23
                                                                                                                                                                                                                                                        0x00bd9a25
                                                                                                                                                                                                                                                        0x00bd9a26
                                                                                                                                                                                                                                                        0x00bd9a2c
                                                                                                                                                                                                                                                        0x00bd9b3e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b44
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b44
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9a2c
                                                                                                                                                                                                                                                        0x00bd9a17
                                                                                                                                                                                                                                                        0x00bd99ee
                                                                                                                                                                                                                                                        0x00bd99ee
                                                                                                                                                                                                                                                        0x00bd99f8
                                                                                                                                                                                                                                                        0x00bd99fa
                                                                                                                                                                                                                                                        0x00bd99fb
                                                                                                                                                                                                                                                        0x00bd9a01
                                                                                                                                                                                                                                                        0x00bd9b16
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b1c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b1c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9a01
                                                                                                                                                                                                                                                        0x00bd99ec
                                                                                                                                                                                                                                                        0x00bd99c3
                                                                                                                                                                                                                                                        0x00bd99c3
                                                                                                                                                                                                                                                        0x00bd99cd
                                                                                                                                                                                                                                                        0x00bd99cf
                                                                                                                                                                                                                                                        0x00bd99d0
                                                                                                                                                                                                                                                        0x00bd99d6
                                                                                                                                                                                                                                                        0x00bd9b02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b08
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b08
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd99d6
                                                                                                                                                                                                                                                        0x00bd99bd
                                                                                                                                                                                                                                                        0x00bd9888
                                                                                                                                                                                                                                                        0x00bd9888
                                                                                                                                                                                                                                                        0x00bd9888
                                                                                                                                                                                                                                                        0x00bd9892
                                                                                                                                                                                                                                                        0x00bd9894
                                                                                                                                                                                                                                                        0x00bd9895
                                                                                                                                                                                                                                                        0x00bd989b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98a1
                                                                                                                                                                                                                                                        0x00bd98aa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98b0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98b0
                                                                                                                                                                                                                                                        0x00bd98aa
                                                                                                                                                                                                                                                        0x00bd989b
                                                                                                                                                                                                                                                        0x00bd9882
                                                                                                                                                                                                                                                        0x00bd9877
                                                                                                                                                                                                                                                        0x00bd986c
                                                                                                                                                                                                                                                        0x00bd9861
                                                                                                                                                                                                                                                        0x00bd9854
                                                                                                                                                                                                                                                        0x00bd9828
                                                                                                                                                                                                                                                        0x00bd982d
                                                                                                                                                                                                                                                        0x00bd9831
                                                                                                                                                                                                                                                        0x00bd9839
                                                                                                                                                                                                                                                        0x00bd9924
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd992a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd992a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9839
                                                                                                                                                                                                                                                        0x00bd9826
                                                                                                                                                                                                                                                        0x00bd9801
                                                                                                                                                                                                                                                        0x00bd9809
                                                                                                                                                                                                                                                        0x00bd9811
                                                                                                                                                                                                                                                        0x00bd9910
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9916
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9916
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9811
                                                                                                                                                                                                                                                        0x00bd97ff
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97cd
                                                                                                                                                                                                                                                        0x00bd97db

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00BD97E8
                                                                                                                                                                                                                                                        • HeapSetInformation.KERNEL32(00000000,00000001,00000000,00000000), ref: 00BD9809
                                                                                                                                                                                                                                                        • SetProcessDEPPolicy.KERNEL32 ref: 00BD9831
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetProcessMitigationPolicy), ref: 00BD984C
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD98A1
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressErrorHandleHeapInformationLastModulePolicyProcProcess
                                                                                                                                                                                                                                                        • String ID: SetDefaultDllDirectories$SetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 1350721561-1152130905
                                                                                                                                                                                                                                                        • Opcode ID: 73338b8b660127126963374e56844be3fa8411e63cbe6e2be17bec06a740d032
                                                                                                                                                                                                                                                        • Instruction ID: cb974b4a9e3231b87d3862c2fb9be517bb4142d1bc6ef14c9a63472d7fca02b8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 73338b8b660127126963374e56844be3fa8411e63cbe6e2be17bec06a740d032
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EF8150716502069AEB209FA5CCC9BBEB6E4EF01B50F540097EA16E72D0FF74CD44CA62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 87%
                                                                                                                                                                                                                                                        			E00BE9220(void* __ecx, void* __edx, WCHAR* _a4, intOrPtr _a8, signed char _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, long* _a28) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v128;
                                                                                                                                                                                                                                                        				intOrPtr _v132;
                                                                                                                                                                                                                                                        				void* _v136;
                                                                                                                                                                                                                                                        				char _v144;
                                                                                                                                                                                                                                                        				void* _v156;
                                                                                                                                                                                                                                                        				char _v160;
                                                                                                                                                                                                                                                        				long _v164;
                                                                                                                                                                                                                                                        				int _v168;
                                                                                                                                                                                                                                                        				void* _v172;
                                                                                                                                                                                                                                                        				struct _PROCESS_INFORMATION _v192;
                                                                                                                                                                                                                                                        				void* _v208;
                                                                                                                                                                                                                                                        				void* _v212;
                                                                                                                                                                                                                                                        				void* _v216;
                                                                                                                                                                                                                                                        				void* _v224;
                                                                                                                                                                                                                                                        				void* _v228;
                                                                                                                                                                                                                                                        				void* _v232;
                                                                                                                                                                                                                                                        				intOrPtr _v240;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				WCHAR* _t101;
                                                                                                                                                                                                                                                        				int _t108;
                                                                                                                                                                                                                                                        				int _t111;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				intOrPtr _t114;
                                                                                                                                                                                                                                                        				int _t116;
                                                                                                                                                                                                                                                        				int _t120;
                                                                                                                                                                                                                                                        				int _t123;
                                                                                                                                                                                                                                                        				int _t129;
                                                                                                                                                                                                                                                        				long _t130;
                                                                                                                                                                                                                                                        				int _t134;
                                                                                                                                                                                                                                                        				int _t142;
                                                                                                                                                                                                                                                        				long _t150;
                                                                                                                                                                                                                                                        				void* _t151;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				signed int _t154;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				void* _t158;
                                                                                                                                                                                                                                                        				void* _t163;
                                                                                                                                                                                                                                                        				int _t165;
                                                                                                                                                                                                                                                        				void* _t168;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				void* _t185;
                                                                                                                                                                                                                                                        				void* _t188;
                                                                                                                                                                                                                                                        				void* _t189;
                                                                                                                                                                                                                                                        				intOrPtr _t190;
                                                                                                                                                                                                                                                        				void* _t191;
                                                                                                                                                                                                                                                        				void* _t192;
                                                                                                                                                                                                                                                        				intOrPtr* _t193;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				int _t197;
                                                                                                                                                                                                                                                        				void _t198;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				signed int _t201;
                                                                                                                                                                                                                                                        				void* _t204;
                                                                                                                                                                                                                                                        				void* _t205;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t184 = __edx;
                                                                                                                                                                                                                                                        				_t99 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t190 = _a8;
                                                                                                                                                                                                                                                        				_t185 = __ecx;
                                                                                                                                                                                                                                                        				_t100 = _t99 ^ _t200;
                                                                                                                                                                                                                                                        				_v24 = _t100;
                                                                                                                                                                                                                                                        				__imp___wcsdup(_a4);
                                                                                                                                                                                                                                                        				_t204 = (_t201 & 0xfffffff0) - 0xe0 + 4;
                                                                                                                                                                                                                                                        				_t158 =  *(__ecx + 0x2c);
                                                                                                                                                                                                                                                        				 *(__ecx + 0x2c) = _t100;
                                                                                                                                                                                                                                                        				if(_t158 != 0) {
                                                                                                                                                                                                                                                        					free(_t158);
                                                                                                                                                                                                                                                        					_t204 = _t204 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp___wcsdup(_t190);
                                                                                                                                                                                                                                                        				_t205 = _t204 + 4;
                                                                                                                                                                                                                                                        				_v224 = _t100;
                                                                                                                                                                                                                                                        				_v216 = _t185;
                                                                                                                                                                                                                                                        				_t150 = (0 |  *((intOrPtr*)(_a16 + 0x48)) != 0x00000000) << 0x00000013 | 0x0000040c;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t185 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        					_t13 = _t150 + 0x1000000; // 0x1000000
                                                                                                                                                                                                                                                        					E00BCBDD0();
                                                                                                                                                                                                                                                        					_t150 =  <  ? _t13 : _t150;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t101 = GetEnvironmentStringsW();
                                                                                                                                                                                                                                                        				_t191 =  &_v156;
                                                                                                                                                                                                                                                        				E00BC58B0(_t191, _t101, _a24);
                                                                                                                                                                                                                                                        				_t206 = _t205 + 0xc;
                                                                                                                                                                                                                                                        				FreeEnvironmentStringsW(_t101);
                                                                                                                                                                                                                                                        				if(_v136 > 7) {
                                                                                                                                                                                                                                                        					_t191 = _v156;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        				_t151 = _v224;
                                                                                                                                                                                                                                                        				_t192 = _v216;
                                                                                                                                                                                                                                                        				if(CreateProcessAsUserW( *(_t192 + 0x10), _a4, _t151, 0, 0, _a12 & 0x000000ff, _t150, _t191, 0, _a16 + 4,  &_v192) != 0) {
                                                                                                                                                                                                                                                        					E00BCB460( &_v208,  &_v192);
                                                                                                                                                                                                                                                        					_t108 =  *(_t192 + 0x1c);
                                                                                                                                                                                                                                                        					_t188 = _t192;
                                                                                                                                                                                                                                                        					__eflags = _t108;
                                                                                                                                                                                                                                                        					if(_t108 == 0) {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t163 =  *((intOrPtr*)(_t188 + 0x14));
                                                                                                                                                                                                                                                        						_t193 = _a28;
                                                                                                                                                                                                                                                        						_t33 = _t163 + 1; // 0x1
                                                                                                                                                                                                                                                        						__eflags = _t33 - 2;
                                                                                                                                                                                                                                                        						if(__eflags >= 0) {
                                                                                                                                                                                                                                                        							_v228 = _t163;
                                                                                                                                                                                                                                                        							_v212 = 0;
                                                                                                                                                                                                                                                        							_t111 = OpenProcessToken(_v208, 8,  &_v164);
                                                                                                                                                                                                                                                        							__eflags = _t111;
                                                                                                                                                                                                                                                        							if(_t111 != 0) {
                                                                                                                                                                                                                                                        								_v168 = 0;
                                                                                                                                                                                                                                                        								_t113 = E00BC5200(_v164,  &_v168, _v164);
                                                                                                                                                                                                                                                        								_push(0x48);
                                                                                                                                                                                                                                                        								L00BEF6BA();
                                                                                                                                                                                                                                                        								_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        								_t152 = _t113;
                                                                                                                                                                                                                                                        								_v136 = _t113;
                                                                                                                                                                                                                                                        								_t114 = _t113 + 0x48;
                                                                                                                                                                                                                                                        								_v128 = _t114;
                                                                                                                                                                                                                                                        								_v132 = _t114;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x40) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x44) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x38) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x3c) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x30) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x34) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x28) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x2c) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x20) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x24) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x18) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x1c) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x10) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x14) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 8) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0xc) = 0;
                                                                                                                                                                                                                                                        								 *_t152 = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 4) = 0;
                                                                                                                                                                                                                                                        								_t116 = GetTokenInformation(_v172, 0x1f, _t152, 0x48,  &_v164);
                                                                                                                                                                                                                                                        								_t165 = 0;
                                                                                                                                                                                                                                                        								__eflags = _t116;
                                                                                                                                                                                                                                                        								_t117 = 0;
                                                                                                                                                                                                                                                        								if(_t116 != 0) {
                                                                                                                                                                                                                                                        									_t198 =  *_t152;
                                                                                                                                                                                                                                                        									_t165 = 0;
                                                                                                                                                                                                                                                        									_t117 = 0;
                                                                                                                                                                                                                                                        									__eflags = _t198;
                                                                                                                                                                                                                                                        									if(_t198 != 0) {
                                                                                                                                                                                                                                                        										_push(0x44);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        										E00BE7140(0, _t198);
                                                                                                                                                                                                                                                        										_t165 = 0;
                                                                                                                                                                                                                                                        										_t117 = 1;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t195 =  &_v136;
                                                                                                                                                                                                                                                        								_v224 = _t165;
                                                                                                                                                                                                                                                        								E00BC51B0(E00BC3010(_t195),  &_v172);
                                                                                                                                                                                                                                                        								__eflags = _t117;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									_t193 = _a28;
                                                                                                                                                                                                                                                        									_t120 = _v224;
                                                                                                                                                                                                                                                        									_t154 = 0;
                                                                                                                                                                                                                                                        									__eflags = _t120;
                                                                                                                                                                                                                                                        									if(_t120 == 0) {
                                                                                                                                                                                                                                                        										goto L34;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L33;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t155 = _t195;
                                                                                                                                                                                                                                                        									_t197 = _v224;
                                                                                                                                                                                                                                                        									E00BE5D50(_t195, __eflags, _t197, _t188 + 0x30);
                                                                                                                                                                                                                                                        									_t142 = E00BE30E0(_t184, __eflags, _v240, 0, _t155, 0, 0,  &_v224);
                                                                                                                                                                                                                                                        									_t206 = _t206 + 0x18;
                                                                                                                                                                                                                                                        									__eflags = _t142;
                                                                                                                                                                                                                                                        									_t154 = _t155 & 0xffffff00 | _t142 == 0x00000000;
                                                                                                                                                                                                                                                        									E00BE5EA0( &_v144, _t184);
                                                                                                                                                                                                                                                        									_t120 = _t197;
                                                                                                                                                                                                                                                        									_t193 = _a28;
                                                                                                                                                                                                                                                        									__eflags = _t120;
                                                                                                                                                                                                                                                        									if(_t120 != 0) {
                                                                                                                                                                                                                                                        										L33:
                                                                                                                                                                                                                                                        										_push(_t120);
                                                                                                                                                                                                                                                        										L00BEF6C0();
                                                                                                                                                                                                                                                        										_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        										L34:
                                                                                                                                                                                                                                                        										__eflags = _t154;
                                                                                                                                                                                                                                                        										_t151 = _v228;
                                                                                                                                                                                                                                                        										_t168 = _v232;
                                                                                                                                                                                                                                                        										if(_t154 != 0) {
                                                                                                                                                                                                                                                        											_t168 = _v216;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L22:
                                                                                                                                                                                                                                                        										_v136 = _v208;
                                                                                                                                                                                                                                                        										_t123 = SetThreadToken( &_v136, _t168);
                                                                                                                                                                                                                                                        										__eflags = _t123;
                                                                                                                                                                                                                                                        										if(_t123 != 0) {
                                                                                                                                                                                                                                                        											E00BC51B0(E00BC51B0(_t123, _t188 + 0x14),  &_v216);
                                                                                                                                                                                                                                                        											goto L12;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *_t193 = GetLastError();
                                                                                                                                                                                                                                                        										_t129 = E00BC51B0(TerminateProcess(_v212, 0),  &_v216);
                                                                                                                                                                                                                                                        										_t189 = 0x15;
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_t130 = E00BCB510(_t129,  &_v212);
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										E00BBDF30(_t130,  &_v160, _t184);
                                                                                                                                                                                                                                                        										if(_t151 != 0) {
                                                                                                                                                                                                                                                        											free(_t151);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										E00BEECB0(_v28 ^ _t200, _t184);
                                                                                                                                                                                                                                                        										return _t189;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L34;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t168 = _v228;
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						__eflags = E00BCB570(_a20, __eflags,  &_v212);
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							 *_t193 = GetLastError();
                                                                                                                                                                                                                                                        							_t129 = TerminateProcess(_v212, 0);
                                                                                                                                                                                                                                                        							_t189 = 0x17;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t134 = E00BEB5C0(_t184, __eflags, _v212);
                                                                                                                                                                                                                                                        							_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        							__eflags = _t134;
                                                                                                                                                                                                                                                        							 *(_t188 + 0x28) = _t134;
                                                                                                                                                                                                                                                        							if(_t134 != 0) {
                                                                                                                                                                                                                                                        								E00BCB630( &_v212,  &_v136);
                                                                                                                                                                                                                                                        								_t129 = E00BCB4A0(_t188,  &_v136);
                                                                                                                                                                                                                                                        								_t189 = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *_t193 = GetLastError();
                                                                                                                                                                                                                                                        								_t129 = TerminateProcess(_v212, 0);
                                                                                                                                                                                                                                                        								_t189 = 0x2b;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__AssignProcessToJobObject(_t108, _v208);
                                                                                                                                                                                                                                                        					__eflags = _t108;
                                                                                                                                                                                                                                                        					if(_t108 != 0) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *_a28 = GetLastError();
                                                                                                                                                                                                                                                        					_t129 = TerminateProcess(_v216, 0);
                                                                                                                                                                                                                                                        					_t189 = 0x14;
                                                                                                                                                                                                                                                        					goto L16;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t130 = GetLastError();
                                                                                                                                                                                                                                                        				_t189 = 0x12;
                                                                                                                                                                                                                                                        				 *_a28 = _t130;
                                                                                                                                                                                                                                                        				goto L17;
                                                                                                                                                                                                                                                        			}






























































                                                                                                                                                                                                                                                        0x00be9220
                                                                                                                                                                                                                                                        0x00be922f
                                                                                                                                                                                                                                                        0x00be9234
                                                                                                                                                                                                                                                        0x00be9237
                                                                                                                                                                                                                                                        0x00be9239
                                                                                                                                                                                                                                                        0x00be923b
                                                                                                                                                                                                                                                        0x00be9245
                                                                                                                                                                                                                                                        0x00be924b
                                                                                                                                                                                                                                                        0x00be924e
                                                                                                                                                                                                                                                        0x00be9251
                                                                                                                                                                                                                                                        0x00be9256
                                                                                                                                                                                                                                                        0x00be9259
                                                                                                                                                                                                                                                        0x00be925f
                                                                                                                                                                                                                                                        0x00be925f
                                                                                                                                                                                                                                                        0x00be9263
                                                                                                                                                                                                                                                        0x00be9269
                                                                                                                                                                                                                                                        0x00be9271
                                                                                                                                                                                                                                                        0x00be9275
                                                                                                                                                                                                                                                        0x00be9283
                                                                                                                                                                                                                                                        0x00be928d
                                                                                                                                                                                                                                                        0x00be928f
                                                                                                                                                                                                                                                        0x00be9295
                                                                                                                                                                                                                                                        0x00be929d
                                                                                                                                                                                                                                                        0x00be929d
                                                                                                                                                                                                                                                        0x00be92a0
                                                                                                                                                                                                                                                        0x00be92a6
                                                                                                                                                                                                                                                        0x00be92b1
                                                                                                                                                                                                                                                        0x00be92b6
                                                                                                                                                                                                                                                        0x00be92ba
                                                                                                                                                                                                                                                        0x00be92c5
                                                                                                                                                                                                                                                        0x00be92c7
                                                                                                                                                                                                                                                        0x00be92c7
                                                                                                                                                                                                                                                        0x00be92ce
                                                                                                                                                                                                                                                        0x00be92d5
                                                                                                                                                                                                                                                        0x00be92ee
                                                                                                                                                                                                                                                        0x00be92f6
                                                                                                                                                                                                                                                        0x00be9305
                                                                                                                                                                                                                                                        0x00be9321
                                                                                                                                                                                                                                                        0x00be9326
                                                                                                                                                                                                                                                        0x00be9329
                                                                                                                                                                                                                                                        0x00be932b
                                                                                                                                                                                                                                                        0x00be932d
                                                                                                                                                                                                                                                        0x00be935c
                                                                                                                                                                                                                                                        0x00be935c
                                                                                                                                                                                                                                                        0x00be935f
                                                                                                                                                                                                                                                        0x00be9362
                                                                                                                                                                                                                                                        0x00be9365
                                                                                                                                                                                                                                                        0x00be9368
                                                                                                                                                                                                                                                        0x00be9408
                                                                                                                                                                                                                                                        0x00be940c
                                                                                                                                                                                                                                                        0x00be941b
                                                                                                                                                                                                                                                        0x00be9421
                                                                                                                                                                                                                                                        0x00be9423
                                                                                                                                                                                                                                                        0x00be9491
                                                                                                                                                                                                                                                        0x00be949a
                                                                                                                                                                                                                                                        0x00be94a3
                                                                                                                                                                                                                                                        0x00be94a5
                                                                                                                                                                                                                                                        0x00be94aa
                                                                                                                                                                                                                                                        0x00be94ad
                                                                                                                                                                                                                                                        0x00be94af
                                                                                                                                                                                                                                                        0x00be94b3
                                                                                                                                                                                                                                                        0x00be94b6
                                                                                                                                                                                                                                                        0x00be94ba
                                                                                                                                                                                                                                                        0x00be94c2
                                                                                                                                                                                                                                                        0x00be94c9
                                                                                                                                                                                                                                                        0x00be94d0
                                                                                                                                                                                                                                                        0x00be94d7
                                                                                                                                                                                                                                                        0x00be94de
                                                                                                                                                                                                                                                        0x00be94e5
                                                                                                                                                                                                                                                        0x00be94ec
                                                                                                                                                                                                                                                        0x00be94f3
                                                                                                                                                                                                                                                        0x00be94fa
                                                                                                                                                                                                                                                        0x00be9501
                                                                                                                                                                                                                                                        0x00be9508
                                                                                                                                                                                                                                                        0x00be950f
                                                                                                                                                                                                                                                        0x00be9516
                                                                                                                                                                                                                                                        0x00be951d
                                                                                                                                                                                                                                                        0x00be9524
                                                                                                                                                                                                                                                        0x00be952b
                                                                                                                                                                                                                                                        0x00be9532
                                                                                                                                                                                                                                                        0x00be9538
                                                                                                                                                                                                                                                        0x00be9546
                                                                                                                                                                                                                                                        0x00be954c
                                                                                                                                                                                                                                                        0x00be954e
                                                                                                                                                                                                                                                        0x00be9550
                                                                                                                                                                                                                                                        0x00be9555
                                                                                                                                                                                                                                                        0x00be9557
                                                                                                                                                                                                                                                        0x00be9559
                                                                                                                                                                                                                                                        0x00be955b
                                                                                                                                                                                                                                                        0x00be9560
                                                                                                                                                                                                                                                        0x00be9562
                                                                                                                                                                                                                                                        0x00be9564
                                                                                                                                                                                                                                                        0x00be9566
                                                                                                                                                                                                                                                        0x00be956b
                                                                                                                                                                                                                                                        0x00be9573
                                                                                                                                                                                                                                                        0x00be9578
                                                                                                                                                                                                                                                        0x00be957a
                                                                                                                                                                                                                                                        0x00be957a
                                                                                                                                                                                                                                                        0x00be9562
                                                                                                                                                                                                                                                        0x00be957c
                                                                                                                                                                                                                                                        0x00be9580
                                                                                                                                                                                                                                                        0x00be9591
                                                                                                                                                                                                                                                        0x00be9596
                                                                                                                                                                                                                                                        0x00be9598
                                                                                                                                                                                                                                                        0x00be95f3
                                                                                                                                                                                                                                                        0x00be95f6
                                                                                                                                                                                                                                                        0x00be95fa
                                                                                                                                                                                                                                                        0x00be95fc
                                                                                                                                                                                                                                                        0x00be95fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be959a
                                                                                                                                                                                                                                                        0x00be95a0
                                                                                                                                                                                                                                                        0x00be95a2
                                                                                                                                                                                                                                                        0x00be95a7
                                                                                                                                                                                                                                                        0x00be95bc
                                                                                                                                                                                                                                                        0x00be95c1
                                                                                                                                                                                                                                                        0x00be95c4
                                                                                                                                                                                                                                                        0x00be95ca
                                                                                                                                                                                                                                                        0x00be95cd
                                                                                                                                                                                                                                                        0x00be95d2
                                                                                                                                                                                                                                                        0x00be95d4
                                                                                                                                                                                                                                                        0x00be95d7
                                                                                                                                                                                                                                                        0x00be95d9
                                                                                                                                                                                                                                                        0x00be9600
                                                                                                                                                                                                                                                        0x00be9600
                                                                                                                                                                                                                                                        0x00be9601
                                                                                                                                                                                                                                                        0x00be9606
                                                                                                                                                                                                                                                        0x00be9609
                                                                                                                                                                                                                                                        0x00be9609
                                                                                                                                                                                                                                                        0x00be960b
                                                                                                                                                                                                                                                        0x00be960f
                                                                                                                                                                                                                                                        0x00be9613
                                                                                                                                                                                                                                                        0x00be9619
                                                                                                                                                                                                                                                        0x00be9619
                                                                                                                                                                                                                                                        0x00be9429
                                                                                                                                                                                                                                                        0x00be942d
                                                                                                                                                                                                                                                        0x00be9437
                                                                                                                                                                                                                                                        0x00be943d
                                                                                                                                                                                                                                                        0x00be943f
                                                                                                                                                                                                                                                        0x00be95e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be95e9
                                                                                                                                                                                                                                                        0x00be944b
                                                                                                                                                                                                                                                        0x00be945d
                                                                                                                                                                                                                                                        0x00be9462
                                                                                                                                                                                                                                                        0x00be93ca
                                                                                                                                                                                                                                                        0x00be93ce
                                                                                                                                                                                                                                                        0x00be93d3
                                                                                                                                                                                                                                                        0x00be93d7
                                                                                                                                                                                                                                                        0x00be93de
                                                                                                                                                                                                                                                        0x00be93e1
                                                                                                                                                                                                                                                        0x00be93e7
                                                                                                                                                                                                                                                        0x00be93f3
                                                                                                                                                                                                                                                        0x00be9401
                                                                                                                                                                                                                                                        0x00be9401
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be95db
                                                                                                                                                                                                                                                        0x00be9598
                                                                                                                                                                                                                                                        0x00be9425
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9425
                                                                                                                                                                                                                                                        0x00be936e
                                                                                                                                                                                                                                                        0x00be937b
                                                                                                                                                                                                                                                        0x00be937d
                                                                                                                                                                                                                                                        0x00be93b7
                                                                                                                                                                                                                                                        0x00be93bf
                                                                                                                                                                                                                                                        0x00be93c5
                                                                                                                                                                                                                                                        0x00be937f
                                                                                                                                                                                                                                                        0x00be9383
                                                                                                                                                                                                                                                        0x00be9388
                                                                                                                                                                                                                                                        0x00be938b
                                                                                                                                                                                                                                                        0x00be938d
                                                                                                                                                                                                                                                        0x00be9390
                                                                                                                                                                                                                                                        0x00be9475
                                                                                                                                                                                                                                                        0x00be947d
                                                                                                                                                                                                                                                        0x00be9482
                                                                                                                                                                                                                                                        0x00be9396
                                                                                                                                                                                                                                                        0x00be939c
                                                                                                                                                                                                                                                        0x00be93a4
                                                                                                                                                                                                                                                        0x00be93aa
                                                                                                                                                                                                                                                        0x00be93aa
                                                                                                                                                                                                                                                        0x00be9390
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be937d
                                                                                                                                                                                                                                                        0x00be9334
                                                                                                                                                                                                                                                        0x00be933a
                                                                                                                                                                                                                                                        0x00be933c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9347
                                                                                                                                                                                                                                                        0x00be934f
                                                                                                                                                                                                                                                        0x00be9355
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9355
                                                                                                                                                                                                                                                        0x00be9307
                                                                                                                                                                                                                                                        0x00be9310
                                                                                                                                                                                                                                                        0x00be9315
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _wcsdup.MOZGLUE(00000000), ref: 00BE9245
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BE9259
                                                                                                                                                                                                                                                        • _wcsdup.MOZGLUE(?), ref: 00BE9263
                                                                                                                                                                                                                                                        • GetEnvironmentStringsW.KERNEL32 ref: 00BE92A0
                                                                                                                                                                                                                                                        • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00BE92BA
                                                                                                                                                                                                                                                        • CreateProcessAsUserW.ADVAPI32(00000000,00000000,?,00000000,00000000,00000000,00000000,?,00000000,-00000004,?), ref: 00BE92FD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE9307
                                                                                                                                                                                                                                                        • AssignProcessToJobObject.KERNEL32 ref: 00BE9334
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE933E
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE934F
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE9396
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE93A4
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE93B1
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE93BF
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BE93E1
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(?,00000008,?), ref: 00BE941B
                                                                                                                                                                                                                                                        • SetThreadToken.ADVAPI32(?,?), ref: 00BE9437
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE9445
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE9453
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000048,?), ref: 00BE94A5
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,0000001F(TokenIntegrityLevel),00000000,00000048,?), ref: 00BE9546
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000044), ref: 00BE9566
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE9601
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$ErrorLast$Terminate$Token$??2@EnvironmentStrings_wcsdupfree$??3@AssignCreateFreeInformationObjectOpenThreadUser
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4032390575-0
                                                                                                                                                                                                                                                        • Opcode ID: 484b2e5070303265b230744292cce82365e4873e0fb86f8bac3ce6e1fdb125db
                                                                                                                                                                                                                                                        • Instruction ID: c18fd78e9734c4212cafedac979c701302ae8ae424d9b00deae635ded3eef699
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 484b2e5070303265b230744292cce82365e4873e0fb86f8bac3ce6e1fdb125db
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5AB159B16043419FEB109F21CC95B6B7BE8FF88304F0444ADF9859B291EB75E909CB96
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 41%
                                                                                                                                                                                                                                                        			E00BB1230(char* __ecx, char** __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char* _v300;
                                                                                                                                                                                                                                                        				intOrPtr _v304;
                                                                                                                                                                                                                                                        				intOrPtr _v308;
                                                                                                                                                                                                                                                        				char _v312;
                                                                                                                                                                                                                                                        				char _v316;
                                                                                                                                                                                                                                                        				char _v320;
                                                                                                                                                                                                                                                        				char _v324;
                                                                                                                                                                                                                                                        				char _v328;
                                                                                                                                                                                                                                                        				char* _v384;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				char* _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t51;
                                                                                                                                                                                                                                                        				char* _t58;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				char _t73;
                                                                                                                                                                                                                                                        				int _t80;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				char* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				intOrPtr* _t102;
                                                                                                                                                                                                                                                        				intOrPtr* _t103;
                                                                                                                                                                                                                                                        				intOrPtr* _t104;
                                                                                                                                                                                                                                                        				intOrPtr* _t105;
                                                                                                                                                                                                                                                        				intOrPtr* _t107;
                                                                                                                                                                                                                                                        				intOrPtr* _t110;
                                                                                                                                                                                                                                                        				intOrPtr _t114;
                                                                                                                                                                                                                                                        				intOrPtr* _t115;
                                                                                                                                                                                                                                                        				char* _t119;
                                                                                                                                                                                                                                                        				char _t120;
                                                                                                                                                                                                                                                        				intOrPtr _t121;
                                                                                                                                                                                                                                                        				char** _t123;
                                                                                                                                                                                                                                                        				void* _t124;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int* _t133;
                                                                                                                                                                                                                                                        				signed int* _t134;
                                                                                                                                                                                                                                                        				intOrPtr* _t137;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t117 = __edx;
                                                                                                                                                                                                                                                        				_t46 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t123 = __edx;
                                                                                                                                                                                                                                                        				_t119 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t46 ^ _t125;
                                                                                                                                                                                                                                                        				__imp__?Now@TimeStamp@mozilla@@CA?AV12@_N@Z( &_v320, 1);
                                                                                                                                                                                                                                                        				_t49 =  &_v324;
                                                                                                                                                                                                                                                        				__imp__?profiler_init@baseprofiler@mozilla@@YAXPAX@Z(_t49);
                                                                                                                                                                                                                                                        				_t130 = (_t126 & 0xfffffff8) - 0x150 + 0xc;
                                                                                                                                                                                                                                                        				__imp__?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPAVProfilingStack@23@XZ();
                                                                                                                                                                                                                                                        				_v328 = _t49;
                                                                                                                                                                                                                                                        				if(_t49 != 0) {
                                                                                                                                                                                                                                                        					_t117 =  &_v328;
                                                                                                                                                                                                                                                        					E00BB1860(_t49,  &_v328);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t119 < 2) {
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					__imp__?DllBlocklist_Initialize@@YAXI@Z( *0xbfa538);
                                                                                                                                                                                                                                                        					_t131 = _t130 + 4;
                                                                                                                                                                                                                                                        					if(E00BB1760(1, _t117) < 0) {
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x20]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [esp+0x28]");
                                                                                                                                                                                                                                                        					_t102 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        					asm("movsd [esp], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x30]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x8], xmm1");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        					_t133 = _t131 - 0x1c;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x2c]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x14], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x1c]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [esp+0x24]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0xc], xmm1");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x4], xmm0");
                                                                                                                                                                                                                                                        					 *_t133 = 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t102 + 0x14))();
                                                                                                                                                                                                                                                        					_t103 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t103 + 0x30))();
                                                                                                                                                                                                                                                        					_v316 = _t119;
                                                                                                                                                                                                                                                        					_t58 = getenv("XUL_APP_FILE");
                                                                                                                                                                                                                                                        					_t134 =  &(_t133[1]);
                                                                                                                                                                                                                                                        					_t94 = _t58;
                                                                                                                                                                                                                                                        					if(_t58 != 0) {
                                                                                                                                                                                                                                                        						if( *_t94 != 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							if(_t119 < 2) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								if(_t94 != 0) {
                                                                                                                                                                                                                                                        									L38:
                                                                                                                                                                                                                                                        									_t59 = 0;
                                                                                                                                                                                                                                                        									if( *_t94 == 0) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L18:
                                                                                                                                                                                                                                                        									_v304 = _t59;
                                                                                                                                                                                                                                                        									_v300 = _t94;
                                                                                                                                                                                                                                                        									_t120 = E00BEBD40();
                                                                                                                                                                                                                                                        									_t61 = L00BEBE10();
                                                                                                                                                                                                                                                        									if(_t120 == 0) {
                                                                                                                                                                                                                                                        										_push("Couldn\'t initialize the broker services.\n");
                                                                                                                                                                                                                                                        										L35:
                                                                                                                                                                                                                                                        										E00BB16A0();
                                                                                                                                                                                                                                                        										_t124 = 0xff;
                                                                                                                                                                                                                                                        										L21:
                                                                                                                                                                                                                                                        										_t104 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        										 *((intOrPtr*)( *_t104 + 0xc))();
                                                                                                                                                                                                                                                        										_t105 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        										 *0xbfa534 = 0;
                                                                                                                                                                                                                                                        										if(_t105 != 0) {
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t105 + 4))();
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									asm("movsd xmm0, [0xbf0198]");
                                                                                                                                                                                                                                                        									_v312 = _t120;
                                                                                                                                                                                                                                                        									_v308 = _t61;
                                                                                                                                                                                                                                                        									asm("movsd [esp+0x38], xmm0");
                                                                                                                                                                                                                                                        									E00BB19E0(_t94,  &_v316, _t123, _t120, _t123,  &_v324);
                                                                                                                                                                                                                                                        									_t107 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        									_t117 =  &_v312;
                                                                                                                                                                                                                                                        									_t70 =  *((intOrPtr*)( *_t107 + 0x18))(_v316, _t123,  &_v312);
                                                                                                                                                                                                                                                        									L20:
                                                                                                                                                                                                                                                        									_t124 = _t70;
                                                                                                                                                                                                                                                        									goto L21;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t94 = "browser";
                                                                                                                                                                                                                                                        								_t59 = 0xbf015c;
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t117 = "xpcshell";
                                                                                                                                                                                                                                                        							if(E00BB1670(_t123[1], "xpcshell") != 0) {
                                                                                                                                                                                                                                                        								_t95 = _a4;
                                                                                                                                                                                                                                                        								_t72 = 1;
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									_t123[_t72] =  *(_t123 + 4 + _t72 * 4);
                                                                                                                                                                                                                                                        									_t72 = _t72 + 1;
                                                                                                                                                                                                                                                        								} while (_t119 != _t72);
                                                                                                                                                                                                                                                        								_t73 = E00BEBD40();
                                                                                                                                                                                                                                                        								_t110 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        								_t121 = _t119 - 1;
                                                                                                                                                                                                                                                        								_v312 = _t73;
                                                                                                                                                                                                                                                        								_t117 =  &_v312;
                                                                                                                                                                                                                                                        								_v316 = _t121;
                                                                                                                                                                                                                                                        								_t70 =  *((intOrPtr*)( *_t110 + 0x20))(_t121, _t123, _t95,  &_v312);
                                                                                                                                                                                                                                                        								goto L20;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t119 >= 2) {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_t117 = 0xbf2659;
                                                                                                                                                                                                                                                        							if(E00BB1670(_t123[1], 0xbf2659) != 0) {
                                                                                                                                                                                                                                                        								if(_t119 != 2) {
                                                                                                                                                                                                                                                        									_t94 = _t123[2];
                                                                                                                                                                                                                                                        									_t137 = _t134 - 0xc;
                                                                                                                                                                                                                                                        									_v384 = _t94;
                                                                                                                                                                                                                                                        									 *_t137 =  &_v312;
                                                                                                                                                                                                                                                        									E00BB1980();
                                                                                                                                                                                                                                                        									_t80 = _putenv(strdup( &_v312));
                                                                                                                                                                                                                                                        									_t134 = _t137 + 0x14;
                                                                                                                                                                                                                                                        									if(_t80 != 0) {
                                                                                                                                                                                                                                                        										E00BB16A0("Couldn\'t set %s.\n",  &_v312);
                                                                                                                                                                                                                                                        										_t124 = 0xff;
                                                                                                                                                                                                                                                        										goto L21;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t123[2] =  *_t123;
                                                                                                                                                                                                                                                        									_t123 =  &(_t123[2]);
                                                                                                                                                                                                                                                        									_v316 = _t119 + 0xfffffffe;
                                                                                                                                                                                                                                                        									if(_t94 == 0) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L38;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_push("Incorrect number of arguments passed to -app");
                                                                                                                                                                                                                                                        								goto L35;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t119 <= 1) {
                                                                                                                                                                                                                                                        						goto L17;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L13;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t117 = "contentproc";
                                                                                                                                                                                                                                                        					if(E00BB1670(_t123[1], "contentproc") == 0) {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t85 =  *0xbfa538; // 0x0
                                                                                                                                                                                                                                                        					__imp__?DllBlocklist_Initialize@@YAXI@Z(_t85 | 0x00000001);
                                                                                                                                                                                                                                                        					if( *0xbfb618 != 0) {
                                                                                                                                                                                                                                                        						if(E00BEBC30() != 0) {
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_push("Failed to initialize the sandbox target services.");
                                                                                                                                                                                                                                                        						E00BB16A0();
                                                                                                                                                                                                                                                        						L25:
                                                                                                                                                                                                                                                        						_t124 = 0xff;
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						_t51 = _v328;
                                                                                                                                                                                                                                                        						if(_t51 != 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t51 + 8)) =  *((intOrPtr*)(_t51 + 8)) - 1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__imp__?profiler_shutdown@baseprofiler@mozilla@@YAXXZ();
                                                                                                                                                                                                                                                        						E00BEECB0(_v24 ^ _t125, _t117);
                                                                                                                                                                                                                                                        						return _t124;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					if(E00BB1760(0, _t117) < 0) {
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t114 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        					_t117 = _t119;
                                                                                                                                                                                                                                                        					_t89 = E00BB15A0(_t114, _t119, _t123);
                                                                                                                                                                                                                                                        					_t115 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        					_t124 = _t89;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t115 + 0xc))();
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



















































                                                                                                                                                                                                                                                        0x00bb1230
                                                                                                                                                                                                                                                        0x00bb123f
                                                                                                                                                                                                                                                        0x00bb1244
                                                                                                                                                                                                                                                        0x00bb1246
                                                                                                                                                                                                                                                        0x00bb124a
                                                                                                                                                                                                                                                        0x00bb1258
                                                                                                                                                                                                                                                        0x00bb1261
                                                                                                                                                                                                                                                        0x00bb1266
                                                                                                                                                                                                                                                        0x00bb126c
                                                                                                                                                                                                                                                        0x00bb126f
                                                                                                                                                                                                                                                        0x00bb1277
                                                                                                                                                                                                                                                        0x00bb127b
                                                                                                                                                                                                                                                        0x00bb127d
                                                                                                                                                                                                                                                        0x00bb1283
                                                                                                                                                                                                                                                        0x00bb1283
                                                                                                                                                                                                                                                        0x00bb128b
                                                                                                                                                                                                                                                        0x00bb131b
                                                                                                                                                                                                                                                        0x00bb1321
                                                                                                                                                                                                                                                        0x00bb1327
                                                                                                                                                                                                                                                        0x00bb1336
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb133c
                                                                                                                                                                                                                                                        0x00bb1342
                                                                                                                                                                                                                                                        0x00bb1348
                                                                                                                                                                                                                                                        0x00bb134e
                                                                                                                                                                                                                                                        0x00bb1353
                                                                                                                                                                                                                                                        0x00bb1359
                                                                                                                                                                                                                                                        0x00bb135f
                                                                                                                                                                                                                                                        0x00bb1367
                                                                                                                                                                                                                                                        0x00bb136a
                                                                                                                                                                                                                                                        0x00bb1370
                                                                                                                                                                                                                                                        0x00bb1376
                                                                                                                                                                                                                                                        0x00bb137c
                                                                                                                                                                                                                                                        0x00bb1382
                                                                                                                                                                                                                                                        0x00bb1388
                                                                                                                                                                                                                                                        0x00bb138e
                                                                                                                                                                                                                                                        0x00bb1395
                                                                                                                                                                                                                                                        0x00bb1398
                                                                                                                                                                                                                                                        0x00bb13a0
                                                                                                                                                                                                                                                        0x00bb13a3
                                                                                                                                                                                                                                                        0x00bb13ac
                                                                                                                                                                                                                                                        0x00bb13b2
                                                                                                                                                                                                                                                        0x00bb13b5
                                                                                                                                                                                                                                                        0x00bb13b9
                                                                                                                                                                                                                                                        0x00bb14b5
                                                                                                                                                                                                                                                        0x00bb13d9
                                                                                                                                                                                                                                                        0x00bb13dc
                                                                                                                                                                                                                                                        0x00bb13f3
                                                                                                                                                                                                                                                        0x00bb13f5
                                                                                                                                                                                                                                                        0x00bb1572
                                                                                                                                                                                                                                                        0x00bb1572
                                                                                                                                                                                                                                                        0x00bb1577
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1405
                                                                                                                                                                                                                                                        0x00bb1405
                                                                                                                                                                                                                                                        0x00bb1409
                                                                                                                                                                                                                                                        0x00bb1412
                                                                                                                                                                                                                                                        0x00bb1414
                                                                                                                                                                                                                                                        0x00bb141b
                                                                                                                                                                                                                                                        0x00bb150f
                                                                                                                                                                                                                                                        0x00bb1514
                                                                                                                                                                                                                                                        0x00bb1514
                                                                                                                                                                                                                                                        0x00bb151c
                                                                                                                                                                                                                                                        0x00bb1461
                                                                                                                                                                                                                                                        0x00bb1461
                                                                                                                                                                                                                                                        0x00bb1469
                                                                                                                                                                                                                                                        0x00bb146c
                                                                                                                                                                                                                                                        0x00bb1472
                                                                                                                                                                                                                                                        0x00bb147e
                                                                                                                                                                                                                                                        0x00bb1486
                                                                                                                                                                                                                                                        0x00bb1486
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb147e
                                                                                                                                                                                                                                                        0x00bb1421
                                                                                                                                                                                                                                                        0x00bb1429
                                                                                                                                                                                                                                                        0x00bb142d
                                                                                                                                                                                                                                                        0x00bb143b
                                                                                                                                                                                                                                                        0x00bb1442
                                                                                                                                                                                                                                                        0x00bb144a
                                                                                                                                                                                                                                                        0x00bb1450
                                                                                                                                                                                                                                                        0x00bb145c
                                                                                                                                                                                                                                                        0x00bb145f
                                                                                                                                                                                                                                                        0x00bb145f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb145f
                                                                                                                                                                                                                                                        0x00bb13fb
                                                                                                                                                                                                                                                        0x00bb13fb
                                                                                                                                                                                                                                                        0x00bb1400
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1400
                                                                                                                                                                                                                                                        0x00bb13e1
                                                                                                                                                                                                                                                        0x00bb13ed
                                                                                                                                                                                                                                                        0x00bb14d5
                                                                                                                                                                                                                                                        0x00bb14d8
                                                                                                                                                                                                                                                        0x00bb14dd
                                                                                                                                                                                                                                                        0x00bb14e1
                                                                                                                                                                                                                                                        0x00bb14e4
                                                                                                                                                                                                                                                        0x00bb14e5
                                                                                                                                                                                                                                                        0x00bb14e9
                                                                                                                                                                                                                                                        0x00bb14ee
                                                                                                                                                                                                                                                        0x00bb14f4
                                                                                                                                                                                                                                                        0x00bb14f5
                                                                                                                                                                                                                                                        0x00bb14f9
                                                                                                                                                                                                                                                        0x00bb14fd
                                                                                                                                                                                                                                                        0x00bb1507
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1507
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb13ed
                                                                                                                                                                                                                                                        0x00bb14be
                                                                                                                                                                                                                                                        0x00bb13c4
                                                                                                                                                                                                                                                        0x00bb13c7
                                                                                                                                                                                                                                                        0x00bb13d3
                                                                                                                                                                                                                                                        0x00bb14cc
                                                                                                                                                                                                                                                        0x00bb1526
                                                                                                                                                                                                                                                        0x00bb1529
                                                                                                                                                                                                                                                        0x00bb1530
                                                                                                                                                                                                                                                        0x00bb1534
                                                                                                                                                                                                                                                        0x00bb1537
                                                                                                                                                                                                                                                        0x00bb154e
                                                                                                                                                                                                                                                        0x00bb1554
                                                                                                                                                                                                                                                        0x00bb1559
                                                                                                                                                                                                                                                        0x00bb158c
                                                                                                                                                                                                                                                        0x00bb1594
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1594
                                                                                                                                                                                                                                                        0x00bb1560
                                                                                                                                                                                                                                                        0x00bb1563
                                                                                                                                                                                                                                                        0x00bb1566
                                                                                                                                                                                                                                                        0x00bb156c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb156c
                                                                                                                                                                                                                                                        0x00bb14ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb14ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb13d3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb14c4
                                                                                                                                                                                                                                                        0x00bb13c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1291
                                                                                                                                                                                                                                                        0x00bb1294
                                                                                                                                                                                                                                                        0x00bb12a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb12a2
                                                                                                                                                                                                                                                        0x00bb12ab
                                                                                                                                                                                                                                                        0x00bb12bb
                                                                                                                                                                                                                                                        0x00bb1495
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb149b
                                                                                                                                                                                                                                                        0x00bb14a0
                                                                                                                                                                                                                                                        0x00bb14a8
                                                                                                                                                                                                                                                        0x00bb14a8
                                                                                                                                                                                                                                                        0x00bb12ee
                                                                                                                                                                                                                                                        0x00bb12ee
                                                                                                                                                                                                                                                        0x00bb12f4
                                                                                                                                                                                                                                                        0x00bb12fa
                                                                                                                                                                                                                                                        0x00bb12fa
                                                                                                                                                                                                                                                        0x00bb12fd
                                                                                                                                                                                                                                                        0x00bb130c
                                                                                                                                                                                                                                                        0x00bb131a
                                                                                                                                                                                                                                                        0x00bb131a
                                                                                                                                                                                                                                                        0x00bb12c1
                                                                                                                                                                                                                                                        0x00bb12ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb12d0
                                                                                                                                                                                                                                                        0x00bb12d6
                                                                                                                                                                                                                                                        0x00bb12d9
                                                                                                                                                                                                                                                        0x00bb12e1
                                                                                                                                                                                                                                                        0x00bb12e7
                                                                                                                                                                                                                                                        0x00bb12eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb12eb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 00BB1258
                                                                                                                                                                                                                                                        • ?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(?), ref: 00BB1266
                                                                                                                                                                                                                                                        • ?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPAVProfilingStack@23@XZ.MOZGLUE ref: 00BB126F
                                                                                                                                                                                                                                                        • ?DllBlocklist_Initialize@@YAXI@Z.MOZGLUE(00000000), ref: 00BB12AB
                                                                                                                                                                                                                                                        • ?profiler_shutdown@baseprofiler@mozilla@@YAXXZ.MOZGLUE ref: 00BB12FD
                                                                                                                                                                                                                                                          • Part of subcall function 00BB1860: ?ensureCapacitySlow@ProfilingStack@baseprofiler@mozilla@@AAEXXZ.MOZGLUE(00000000,?,?,?,00BB1288), ref: 00BB1873
                                                                                                                                                                                                                                                        • ?DllBlocklist_Initialize@@YAXI@Z.MOZGLUE ref: 00BB1321
                                                                                                                                                                                                                                                          • Part of subcall function 00BB1760: strdup.MOZGLUE(?), ref: 00BB1797
                                                                                                                                                                                                                                                          • Part of subcall function 00BB1760: free.MOZGLUE(00000000), ref: 00BB17E6
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(XUL_APP_FILE), ref: 00BB13AC
                                                                                                                                                                                                                                                        • strdup.MOZGLUE(?), ref: 00BB1544
                                                                                                                                                                                                                                                        • _putenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(00000000), ref: 00BB154E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Incorrect number of arguments passed to -app, xrefs: 00BB14CE
                                                                                                                                                                                                                                                        • XUL_APP_FILE, xrefs: 00BB13A7
                                                                                                                                                                                                                                                        • browser, xrefs: 00BB13FB
                                                                                                                                                                                                                                                        • Couldn't initialize the broker services., xrefs: 00BB150F
                                                                                                                                                                                                                                                        • contentproc, xrefs: 00BB1294
                                                                                                                                                                                                                                                        • xpcshell, xrefs: 00BB13E1
                                                                                                                                                                                                                                                        • Couldn't set %s., xrefs: 00BB1587
                                                                                                                                                                                                                                                        • Failed to initialize the sandbox target services., xrefs: 00BB149B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Profiling$Blocklist_Initialize@@strdup$?ensure?profiler_init@baseprofiler@mozilla@@?profiler_shutdown@baseprofiler@mozilla@@AutoCapacityLabel@baseprofiler@mozilla@@Now@ProfilerSlow@Stack@Stack@23@Stack@baseprofiler@mozilla@@Stamp@mozilla@@TimeV12@__putenvfreegetenv
                                                                                                                                                                                                                                                        • String ID: Couldn't initialize the broker services.$Couldn't set %s.$Failed to initialize the sandbox target services.$Incorrect number of arguments passed to -app$XUL_APP_FILE$browser$contentproc$xpcshell
                                                                                                                                                                                                                                                        • API String ID: 4264558517-1743212616
                                                                                                                                                                                                                                                        • Opcode ID: 58ed8372c01dd56749db8119ea6955025630c28e085632d2860cfca8dfb516be
                                                                                                                                                                                                                                                        • Instruction ID: b4eabd281711365e4281fefe103e49bea4756757cc83bb838c442bfdbf0b30a8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 58ed8372c01dd56749db8119ea6955025630c28e085632d2860cfca8dfb516be
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4891CFB1A043048BC720EF28D8959BB77F5EF96344F4049A9E94AC7261EBB1D844CB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BCA060(void* __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v2012;
                                                                                                                                                                                                                                                        				char _v2072;
                                                                                                                                                                                                                                                        				void _v2073;
                                                                                                                                                                                                                                                        				long _v2076;
                                                                                                                                                                                                                                                        				long _v2080;
                                                                                                                                                                                                                                                        				long _v2084;
                                                                                                                                                                                                                                                        				intOrPtr _v2088;
                                                                                                                                                                                                                                                        				char _v2092;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				long _t33;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				intOrPtr* _t65;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				signed int _t88;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t86 = __edx;
                                                                                                                                                                                                                                                        				_t101 = (_t99 & 0xfffffff8) - 0x810;
                                                                                                                                                                                                                                                        				_t31 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t31 ^ _t98;
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa054; // 0xffffffff
                                                                                                                                                                                                                                                        				_v2076 = _t33;
                                                                                                                                                                                                                                                        				if(_t33 != 0xffffffff) {
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					_t88 = TlsGetValue(_t33) & 0x00000003;
                                                                                                                                                                                                                                                        					if(_t88 != 0) {
                                                                                                                                                                                                                                                        						_t93 =  &_v2072;
                                                                                                                                                                                                                                                        						E00BBC880( &_v2072, 2, 1);
                                                                                                                                                                                                                                                        						E00BBC940(__eflags, E00BBC940(__eflags,  &_v2072, "GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized"), " (");
                                                                                                                                                                                                                                                        						_t65 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z;
                                                                                                                                                                                                                                                        						 *_t65(_t88);
                                                                                                                                                                                                                                                        						E00BBC940(__eflags,  &_v2072, " vs. ");
                                                                                                                                                                                                                                                        						 *_t65(0);
                                                                                                                                                                                                                                                        						_t41 = E00BBC940(__eflags, _t93, 0xbf3ee8);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t101 = _t101 + 0x24;
                                                                                                                                                                                                                                                        						E00BBD7F0( &_v2084, _t41);
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t101 +  *((intOrPtr*)(_v2092 + 4)) + 8)) = 0xbf0324;
                                                                                                                                                                                                                                                        						_t20 = _v2092 + 4; // 0xbbd0b0
                                                                                                                                                                                                                                                        						_t21 =  *_t20 - 0x50; // 0xbbd060
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t101 +  *_t20 + 4)) = _t21;
                                                                                                                                                                                                                                                        						_v2088 = 0xbf0330;
                                                                                                                                                                                                                                                        						E00BBD690( &_v2084, _t41, 0x18);
                                                                                                                                                                                                                                                        						__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        						__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        						E00BC2030( &_v2092, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0xec, _t41);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t91 =  &_v2076;
                                                                                                                                                                                                                                                        					memset(_t91, 0, 0x800);
                                                                                                                                                                                                                                                        					_t51 = TlsSetValue(_v2080,  &_v2073);
                                                                                                                                                                                                                                                        					_push(0x800);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t95 = _t51;
                                                                                                                                                                                                                                                        					memcpy(_t51, _t91, 0x800);
                                                                                                                                                                                                                                                        					TlsSetValue(_v2080, _t95 | 0x00000003);
                                                                                                                                                                                                                                                        					E00BEECB0(_v28 ^ _t98, _t86);
                                                                                                                                                                                                                                                        					return _t95;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t92 =  &_v2076;
                                                                                                                                                                                                                                                        				_t58 = E00BCA3A0( &_v2076);
                                                                                                                                                                                                                                                        				_t101 = _t101 + 4;
                                                                                                                                                                                                                                                        				if(_t58 == 0) {
                                                                                                                                                                                                                                                        					_push("PlatformThreadLocalStorage::AllocTLS(&key)");
                                                                                                                                                                                                                                                        					E00BC1FF0( &_v2072, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0xd0);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t113 = _v2080 - 0xffffffff;
                                                                                                                                                                                                                                                        				if(_t113 == 0) {
                                                                                                                                                                                                                                                        					_t60 = E00BCA3A0(_t92);
                                                                                                                                                                                                                                                        					_t110 = _t101 + 4;
                                                                                                                                                                                                                                                        					__eflags = _t60;
                                                                                                                                                                                                                                                        					if(_t60 == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_push("PlatformThreadLocalStorage::AllocTLS(&key) && key != PlatformThreadLocalStorage::TLS_KEY_OUT_OF_INDEXES");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v2076, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0xda);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						E00BCA3C0(0xffffffff);
                                                                                                                                                                                                                                                        						_t101 = _t110 + 4;
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _v2080 - 0xffffffff;
                                                                                                                                                                                                                                                        					if(_v2080 != 0xffffffff) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					asm("lock cmpxchg [0xbfa054], ecx");
                                                                                                                                                                                                                                                        					_t33 = _v2084;
                                                                                                                                                                                                                                                        					if(_t113 != 0) {
                                                                                                                                                                                                                                                        						E00BCA3C0(_t33);
                                                                                                                                                                                                                                                        						_t101 = _t101 + 4;
                                                                                                                                                                                                                                                        						_t33 =  *0xbfa054; // 0xffffffff
                                                                                                                                                                                                                                                        						_v2084 = _t33;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bca060
                                                                                                                                                                                                                                                        0x00bca069
                                                                                                                                                                                                                                                        0x00bca06f
                                                                                                                                                                                                                                                        0x00bca076
                                                                                                                                                                                                                                                        0x00bca07d
                                                                                                                                                                                                                                                        0x00bca085
                                                                                                                                                                                                                                                        0x00bca089
                                                                                                                                                                                                                                                        0x00bca0c4
                                                                                                                                                                                                                                                        0x00bca0cd
                                                                                                                                                                                                                                                        0x00bca0d0
                                                                                                                                                                                                                                                        0x00bca139
                                                                                                                                                                                                                                                        0x00bca143
                                                                                                                                                                                                                                                        0x00bca15c
                                                                                                                                                                                                                                                        0x00bca164
                                                                                                                                                                                                                                                        0x00bca16d
                                                                                                                                                                                                                                                        0x00bca175
                                                                                                                                                                                                                                                        0x00bca181
                                                                                                                                                                                                                                                        0x00bca189
                                                                                                                                                                                                                                                        0x00bca193
                                                                                                                                                                                                                                                        0x00bca198
                                                                                                                                                                                                                                                        0x00bca1a4
                                                                                                                                                                                                                                                        0x00bca1b4
                                                                                                                                                                                                                                                        0x00bca1c0
                                                                                                                                                                                                                                                        0x00bca1c3
                                                                                                                                                                                                                                                        0x00bca1c6
                                                                                                                                                                                                                                                        0x00bca1cc
                                                                                                                                                                                                                                                        0x00bca1d4
                                                                                                                                                                                                                                                        0x00bca1db
                                                                                                                                                                                                                                                        0x00bca1e3
                                                                                                                                                                                                                                                        0x00bca1fa
                                                                                                                                                                                                                                                        0x00bca201
                                                                                                                                                                                                                                                        0x00bca201
                                                                                                                                                                                                                                                        0x00bca0d2
                                                                                                                                                                                                                                                        0x00bca0de
                                                                                                                                                                                                                                                        0x00bca0f5
                                                                                                                                                                                                                                                        0x00bca0f7
                                                                                                                                                                                                                                                        0x00bca0fc
                                                                                                                                                                                                                                                        0x00bca104
                                                                                                                                                                                                                                                        0x00bca10d
                                                                                                                                                                                                                                                        0x00bca11f
                                                                                                                                                                                                                                                        0x00bca12a
                                                                                                                                                                                                                                                        0x00bca138
                                                                                                                                                                                                                                                        0x00bca138
                                                                                                                                                                                                                                                        0x00bca08b
                                                                                                                                                                                                                                                        0x00bca090
                                                                                                                                                                                                                                                        0x00bca095
                                                                                                                                                                                                                                                        0x00bca09a
                                                                                                                                                                                                                                                        0x00bca211
                                                                                                                                                                                                                                                        0x00bca220
                                                                                                                                                                                                                                                        0x00bca227
                                                                                                                                                                                                                                                        0x00bca227
                                                                                                                                                                                                                                                        0x00bca0a4
                                                                                                                                                                                                                                                        0x00bca0a7
                                                                                                                                                                                                                                                        0x00bca232
                                                                                                                                                                                                                                                        0x00bca237
                                                                                                                                                                                                                                                        0x00bca23a
                                                                                                                                                                                                                                                        0x00bca23c
                                                                                                                                                                                                                                                        0x00bca245
                                                                                                                                                                                                                                                        0x00bca24b
                                                                                                                                                                                                                                                        0x00bca25a
                                                                                                                                                                                                                                                        0x00bca261
                                                                                                                                                                                                                                                        0x00bca266
                                                                                                                                                                                                                                                        0x00bca268
                                                                                                                                                                                                                                                        0x00bca26d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca270
                                                                                                                                                                                                                                                        0x00bca23e
                                                                                                                                                                                                                                                        0x00bca243
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca0ad
                                                                                                                                                                                                                                                        0x00bca0ad
                                                                                                                                                                                                                                                        0x00bca0b2
                                                                                                                                                                                                                                                        0x00bca0ba
                                                                                                                                                                                                                                                        0x00bca0be
                                                                                                                                                                                                                                                        0x00bca27a
                                                                                                                                                                                                                                                        0x00bca27f
                                                                                                                                                                                                                                                        0x00bca282
                                                                                                                                                                                                                                                        0x00bca287
                                                                                                                                                                                                                                                        0x00bca287
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca0be

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • TlsGetValue.KERNEL32(FFFFFFFF), ref: 00BCA0C5
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BCA0DE
                                                                                                                                                                                                                                                        • TlsSetValue.KERNEL32(?,?), ref: 00BCA0F5
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000800), ref: 00BCA0FC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000800), ref: 00BCA10D
                                                                                                                                                                                                                                                        • TlsSetValue.KERNEL32(?,00000000), ref: 00BCA11F
                                                                                                                                                                                                                                                          • Part of subcall function 00BCA3A0: TlsAlloc.KERNEL32(?,00BCA095,?), ref: 00BCA3A3
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(00000000,?,?,00000002,00000001), ref: 00BCA16D
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(00000000,?,?,?,?,00000002,00000001), ref: 00BCA181
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BCA193
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BCA1DB
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BCA1E3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc, xrefs: 00BCA1F5, 00BCA21B, 00BCA255
                                                                                                                                                                                                                                                        • PlatformThreadLocalStorage::AllocTLS(&key), xrefs: 00BCA211
                                                                                                                                                                                                                                                        • GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized, xrefs: 00BCA148
                                                                                                                                                                                                                                                        • vs. , xrefs: 00BCA16F
                                                                                                                                                                                                                                                        • PlatformThreadLocalStorage::AllocTLS(&key) && key != PlatformThreadLocalStorage::TLS_KEY_OUT_OF_INDEXES, xrefs: 00BCA24B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@Value$??2@??6?$basic_ostream@V01@$??1?$basic_streambuf@??1ios_base@std@@Allocmemcpymemset
                                                                                                                                                                                                                                                        • String ID: vs. $/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc$GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized$PlatformThreadLocalStorage::AllocTLS(&key)$PlatformThreadLocalStorage::AllocTLS(&key) && key != PlatformThreadLocalStorage::TLS_KEY_OUT_OF_INDEXES
                                                                                                                                                                                                                                                        • API String ID: 2252309073-2247040611
                                                                                                                                                                                                                                                        • Opcode ID: 33d48ef5891c70f56af7b6e23f4e62c8253961dc7073f2041562d30a378a7c4b
                                                                                                                                                                                                                                                        • Instruction ID: b64c0b55e29efe85565913c0e0dc6ab3112c62c31a1d36cd0c6849e50ecc1d34
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33d48ef5891c70f56af7b6e23f4e62c8253961dc7073f2041562d30a378a7c4b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7A512471B04304ABD610AB249C46F7F77D5AB84B68F0045ACF989672E2DF70AD09C797
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BD43C0(intOrPtr* __ecx, int __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				int _v72;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				void* _v80;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				int _v100;
                                                                                                                                                                                                                                                        				intOrPtr* _v104;
                                                                                                                                                                                                                                                        				int _v108;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				void* _t75;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				int _t82;
                                                                                                                                                                                                                                                        				void* _t84;
                                                                                                                                                                                                                                                        				intOrPtr _t86;
                                                                                                                                                                                                                                                        				int _t97;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				intOrPtr _t103;
                                                                                                                                                                                                                                                        				int _t108;
                                                                                                                                                                                                                                                        				int _t110;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				int _t114;
                                                                                                                                                                                                                                                        				void* _t116;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				int _t119;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				int _t132;
                                                                                                                                                                                                                                                        				signed int _t149;
                                                                                                                                                                                                                                                        				int _t150;
                                                                                                                                                                                                                                                        				void* _t154;
                                                                                                                                                                                                                                                        				void* _t157;
                                                                                                                                                                                                                                                        				intOrPtr* _t158;
                                                                                                                                                                                                                                                        				intOrPtr _t159;
                                                                                                                                                                                                                                                        				intOrPtr* _t161;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				void* _t163;
                                                                                                                                                                                                                                                        				signed int _t166;
                                                                                                                                                                                                                                                        				void* _t167;
                                                                                                                                                                                                                                                        				void* _t169;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t151 = __edx;
                                                                                                                                                                                                                                                        				_t73 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t161 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t73 ^ _t166;
                                                                                                                                                                                                                                                        				_v72 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t75 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				__imp__GetProcessHandleCount(_t75,  &_v72);
                                                                                                                                                                                                                                                        				if(_t75 == 0) {
                                                                                                                                                                                                                                                        					_t116 = 0;
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t166, _t151);
                                                                                                                                                                                                                                                        					return _t116;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t78 = GetModuleHandleA("verifier.dll");
                                                                                                                                                                                                                                                        				_t116 = 1;
                                                                                                                                                                                                                                                        				if(_t78 == 0) {
                                                                                                                                                                                                                                                        					_push(0xa0);
                                                                                                                                                                                                                                                        					L00BEF6BA();
                                                                                                                                                                                                                                                        					_t5 = _t78 + 0xa0; // 0xa0
                                                                                                                                                                                                                                                        					_t154 = _t5;
                                                                                                                                                                                                                                                        					_v84 = _t78;
                                                                                                                                                                                                                                                        					_v76 = _t154;
                                                                                                                                                                                                                                                        					_v96 = _t78;
                                                                                                                                                                                                                                                        					_t79 = memset(_t78, 0, 0xa0);
                                                                                                                                                                                                                                                        					_t169 = _t167 + 0x10;
                                                                                                                                                                                                                                                        					__eflags = _v72;
                                                                                                                                                                                                                                                        					_v80 = _t154;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					if(_v72 != 0) {
                                                                                                                                                                                                                                                        						_t80 = _v96;
                                                                                                                                                                                                                                                        						_v104 = _t161;
                                                                                                                                                                                                                                                        						_t117 = 0;
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_t162 = _t80;
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							_t117 = _t117 + 4;
                                                                                                                                                                                                                                                        							__eflags = _t117;
                                                                                                                                                                                                                                                        							_v88 = _t154 - _t80;
                                                                                                                                                                                                                                                        							_t82 = E00BD4740(_t117, _t162,  &_v88);
                                                                                                                                                                                                                                                        							_t169 = _t169 + 0xc;
                                                                                                                                                                                                                                                        							_v96 = _t117;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								__eflags = _t82 - 0xc0000004;
                                                                                                                                                                                                                                                        								if(_t82 == 0xc0000004) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								__eflags = _t82 - 0x80000005;
                                                                                                                                                                                                                                                        								if(_t82 != 0x80000005) {
                                                                                                                                                                                                                                                        									__eflags = _t82;
                                                                                                                                                                                                                                                        									if(_t82 < 0) {
                                                                                                                                                                                                                                                        										L30:
                                                                                                                                                                                                                                                        										_t79 = _v100 + 1;
                                                                                                                                                                                                                                                        										__eflags = _t79 - 0x63;
                                                                                                                                                                                                                                                        										if(_t79 > 0x63) {
                                                                                                                                                                                                                                                        											goto L5;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L31:
                                                                                                                                                                                                                                                        										__eflags = _v72;
                                                                                                                                                                                                                                                        										if(_v72 == 0) {
                                                                                                                                                                                                                                                        											goto L5;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v100 = _t79;
                                                                                                                                                                                                                                                        										_t80 = _v84;
                                                                                                                                                                                                                                                        										_t154 = _v80;
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t97 =  *(_t162 + 4);
                                                                                                                                                                                                                                                        									__eflags = _t97;
                                                                                                                                                                                                                                                        									if(_t97 != 0) {
                                                                                                                                                                                                                                                        										_v72 = _v72 - 1;
                                                                                                                                                                                                                                                        										 *((short*)(_t97 + ( *_t162 & 0xfffe))) = 0;
                                                                                                                                                                                                                                                        										_v48 = 7;
                                                                                                                                                                                                                                                        										_v52 = 0;
                                                                                                                                                                                                                                                        										_v68 = 0;
                                                                                                                                                                                                                                                        										E00BBA740( &_v68,  *(_t162 + 4));
                                                                                                                                                                                                                                                        										_t158 = _v104;
                                                                                                                                                                                                                                                        										_t101 = E00BD2C90( &_v92, _t158,  &_v92,  &_v68);
                                                                                                                                                                                                                                                        										_t117 = _v96;
                                                                                                                                                                                                                                                        										E00BBDF30(_t101,  &_v68, _t151);
                                                                                                                                                                                                                                                        										_t103 = _v92;
                                                                                                                                                                                                                                                        										__eflags = _t103 -  *_t158;
                                                                                                                                                                                                                                                        										if(_t103 ==  *_t158) {
                                                                                                                                                                                                                                                        											L39:
                                                                                                                                                                                                                                                        											_t79 = _v100;
                                                                                                                                                                                                                                                        											__eflags = _t79 - 0x63;
                                                                                                                                                                                                                                                        											if(_t79 <= 0x63) {
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L5;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags =  *(_t103 + 0x2c);
                                                                                                                                                                                                                                                        										_t159 = _t103;
                                                                                                                                                                                                                                                        										if( *(_t103 + 0x2c) == 0) {
                                                                                                                                                                                                                                                        											L44:
                                                                                                                                                                                                                                                        											_t79 = SetHandleInformation(_t117, 2, 0);
                                                                                                                                                                                                                                                        											__eflags = _t79;
                                                                                                                                                                                                                                                        											if(_t79 == 0) {
                                                                                                                                                                                                                                                        												L46:
                                                                                                                                                                                                                                                        												_t116 = 0;
                                                                                                                                                                                                                                                        												L6:
                                                                                                                                                                                                                                                        												E00BBDF30(_t79,  &_v44, _t151);
                                                                                                                                                                                                                                                        												E00BC14C0(_t116,  &_v84);
                                                                                                                                                                                                                                                        												goto L2;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = CloseHandle(_t117);
                                                                                                                                                                                                                                                        											if(__eflags != 0) {
                                                                                                                                                                                                                                                        												_t151 = _t117;
                                                                                                                                                                                                                                                        												E00BD4020(_v104, _t117, __eflags, _v92 + 0x10);
                                                                                                                                                                                                                                                        												_t169 = _t169 + 4;
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L46;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t108 = E00BD3070(_t117,  &_v44);
                                                                                                                                                                                                                                                        										_t169 = _t169 + 8;
                                                                                                                                                                                                                                                        										__eflags = _t108;
                                                                                                                                                                                                                                                        										if(_t108 != 0) {
                                                                                                                                                                                                                                                        											_t110 = E00BD47D0(_t159 + 0x28,  &_v44);
                                                                                                                                                                                                                                                        											__eflags = _t110;
                                                                                                                                                                                                                                                        											if(_t110 == 0) {
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L44;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L39;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L30;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									L11:
                                                                                                                                                                                                                                                        									_t127 = _v80;
                                                                                                                                                                                                                                                        									_t163 = _v84;
                                                                                                                                                                                                                                                        									_t119 = _v88 + 2;
                                                                                                                                                                                                                                                        									_t84 = _v76 - _t163;
                                                                                                                                                                                                                                                        									_t157 = _t127 - _t163;
                                                                                                                                                                                                                                                        									__eflags = _t84 - _t119;
                                                                                                                                                                                                                                                        									if(_t84 < _t119) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t114 = _t119 - _t157;
                                                                                                                                                                                                                                                        										__eflags = _t114;
                                                                                                                                                                                                                                                        										if(__eflags <= 0) {
                                                                                                                                                                                                                                                        											if(__eflags != 0) {
                                                                                                                                                                                                                                                        												_v80 = _t119 + _t163;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											memset(_t127, 0, _t114);
                                                                                                                                                                                                                                                        											_t169 = _t169 + 0xc;
                                                                                                                                                                                                                                                        											_v80 = _t127 + _t114;
                                                                                                                                                                                                                                                        											_t162 = _v84;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L14:
                                                                                                                                                                                                                                                        									_t117 = _v96;
                                                                                                                                                                                                                                                        									_t82 = E00BD4740(_t117, _t162,  &_v88);
                                                                                                                                                                                                                                                        									_t169 = _t169 + 0xc;
                                                                                                                                                                                                                                                        									__eflags = _t82;
                                                                                                                                                                                                                                                        									if(_t82 < 0) {
                                                                                                                                                                                                                                                        										__eflags = _t82 - 0xc0000004;
                                                                                                                                                                                                                                                        										if(_t82 == 0xc0000004) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L10;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v88 - _v80 - _v84;
                                                                                                                                                                                                                                                        									_t82 =  ==  ? 0xc0000004 : _t82;
                                                                                                                                                                                                                                                        									__eflags = _t82 - 0xc0000004;
                                                                                                                                                                                                                                                        									if(_t82 != 0xc0000004) {
                                                                                                                                                                                                                                                        										goto L10;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        									L17:
                                                                                                                                                                                                                                                        									__eflags = _t119;
                                                                                                                                                                                                                                                        									if(_t119 < 0) {
                                                                                                                                                                                                                                                        										E00BC14B0(_t119, _t127);
                                                                                                                                                                                                                                                        										L52:
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										L53:
                                                                                                                                                                                                                                                        										_t86 = 0xffffffff;
                                                                                                                                                                                                                                                        										L35:
                                                                                                                                                                                                                                                        										_push(_t86);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										_t169 = _t169 + 4;
                                                                                                                                                                                                                                                        										_t51 = _t86 + 0x23; // 0x23
                                                                                                                                                                                                                                                        										_t162 = _t51 & 0xffffffe0;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t162 - 4)) = _t86;
                                                                                                                                                                                                                                                        										L24:
                                                                                                                                                                                                                                                        										memset(_t162 + _t157, 0, _t119 - _t157);
                                                                                                                                                                                                                                                        										memmove(_t162, _v84, _v80 - _v84);
                                                                                                                                                                                                                                                        										_t169 = _t169 + 0x18;
                                                                                                                                                                                                                                                        										_t132 = _v84;
                                                                                                                                                                                                                                                        										__eflags = _t132;
                                                                                                                                                                                                                                                        										if(_t132 == 0) {
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											_v84 = _t162;
                                                                                                                                                                                                                                                        											_v80 = _t162 + _t119;
                                                                                                                                                                                                                                                        											_v76 = _t162 + _v108;
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t112 = _v76 - _t132;
                                                                                                                                                                                                                                                        										__eflags = _t112 - 0x1000;
                                                                                                                                                                                                                                                        										if(_t112 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t151 =  *(_t132 - 4);
                                                                                                                                                                                                                                                        											__eflags = _t132 + 0xfffffffc - _t151 - 0x20;
                                                                                                                                                                                                                                                        											if(_t132 + 0xfffffffc - _t151 >= 0x20) {
                                                                                                                                                                                                                                                        												goto L52;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t112 = _t112 + 0x23;
                                                                                                                                                                                                                                                        											_t132 = _t151;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_push(_t112);
                                                                                                                                                                                                                                                        										_push(_t132);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t169 = _t169 + 8;
                                                                                                                                                                                                                                                        										goto L27;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t149 = _t84 >> 1;
                                                                                                                                                                                                                                                        									__eflags = _t84 - (_t149 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        									_t151 = _t119;
                                                                                                                                                                                                                                                        									if(_t84 <= (_t149 ^ 0x7fffffff)) {
                                                                                                                                                                                                                                                        										_t150 = _t84 + _t149;
                                                                                                                                                                                                                                                        										_t151 = _t119;
                                                                                                                                                                                                                                                        										__eflags = _t150 - _t119;
                                                                                                                                                                                                                                                        										if(_t150 >= _t119) {
                                                                                                                                                                                                                                                        											_t151 = _t150;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _t151 - 0x1000;
                                                                                                                                                                                                                                                        									_v108 = _t151;
                                                                                                                                                                                                                                                        									if(_t151 >= 0x1000) {
                                                                                                                                                                                                                                                        										__eflags = _t151 - 0xffffffdc;
                                                                                                                                                                                                                                                        										if(_t151 > 0xffffffdc) {
                                                                                                                                                                                                                                                        											goto L53;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t86 = _t151 + 0x23;
                                                                                                                                                                                                                                                        										goto L35;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__eflags = _t151;
                                                                                                                                                                                                                                                        										if(_t151 == 0) {
                                                                                                                                                                                                                                                        											_t162 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_push(_t151);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											_t169 = _t169 + 4;
                                                                                                                                                                                                                                                        											_t162 = _t84;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L24;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								_t127 = _v80;
                                                                                                                                                                                                                                                        								_t163 = _v84;
                                                                                                                                                                                                                                                        								_t119 = _v88 + 2;
                                                                                                                                                                                                                                                        								_t84 = _v76 - _t163;
                                                                                                                                                                                                                                                        								_t157 = _t127 - _t163;
                                                                                                                                                                                                                                                        								__eflags = _t84 - _t119;
                                                                                                                                                                                                                                                        								if(_t84 < _t119) {
                                                                                                                                                                                                                                                        									goto L17;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t114 = _t119 - _t157;
                                                                                                                                                                                                                                                        									__eflags = _t114;
                                                                                                                                                                                                                                                        									if(__eflags <= 0) {
                                                                                                                                                                                                                                                        										if(__eflags != 0) {
                                                                                                                                                                                                                                                        											_v80 = _t119 + _t163;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										memset(_t127, 0, _t114);
                                                                                                                                                                                                                                                        										_t169 = _t169 + 0xc;
                                                                                                                                                                                                                                                        										_v80 = _t127 + _t114;
                                                                                                                                                                                                                                                        										_t162 = _v84;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t116 = 1;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}




















































                                                                                                                                                                                                                                                        0x00bd43c0
                                                                                                                                                                                                                                                        0x00bd43c9
                                                                                                                                                                                                                                                        0x00bd43ce
                                                                                                                                                                                                                                                        0x00bd43d2
                                                                                                                                                                                                                                                        0x00bd43d5
                                                                                                                                                                                                                                                        0x00bd43dc
                                                                                                                                                                                                                                                        0x00bd43e7
                                                                                                                                                                                                                                                        0x00bd43ef
                                                                                                                                                                                                                                                        0x00bd4416
                                                                                                                                                                                                                                                        0x00bd4402
                                                                                                                                                                                                                                                        0x00bd4407
                                                                                                                                                                                                                                                        0x00bd4415
                                                                                                                                                                                                                                                        0x00bd4415
                                                                                                                                                                                                                                                        0x00bd43f6
                                                                                                                                                                                                                                                        0x00bd43fc
                                                                                                                                                                                                                                                        0x00bd4400
                                                                                                                                                                                                                                                        0x00bd441a
                                                                                                                                                                                                                                                        0x00bd441f
                                                                                                                                                                                                                                                        0x00bd4427
                                                                                                                                                                                                                                                        0x00bd4427
                                                                                                                                                                                                                                                        0x00bd442d
                                                                                                                                                                                                                                                        0x00bd4430
                                                                                                                                                                                                                                                        0x00bd443a
                                                                                                                                                                                                                                                        0x00bd443e
                                                                                                                                                                                                                                                        0x00bd4443
                                                                                                                                                                                                                                                        0x00bd4446
                                                                                                                                                                                                                                                        0x00bd444a
                                                                                                                                                                                                                                                        0x00bd444d
                                                                                                                                                                                                                                                        0x00bd4454
                                                                                                                                                                                                                                                        0x00bd445b
                                                                                                                                                                                                                                                        0x00bd4461
                                                                                                                                                                                                                                                        0x00bd4477
                                                                                                                                                                                                                                                        0x00bd447a
                                                                                                                                                                                                                                                        0x00bd447d
                                                                                                                                                                                                                                                        0x00bd447d
                                                                                                                                                                                                                                                        0x00bd447f
                                                                                                                                                                                                                                                        0x00bd4486
                                                                                                                                                                                                                                                        0x00bd4490
                                                                                                                                                                                                                                                        0x00bd4490
                                                                                                                                                                                                                                                        0x00bd4492
                                                                                                                                                                                                                                                        0x00bd4492
                                                                                                                                                                                                                                                        0x00bd4498
                                                                                                                                                                                                                                                        0x00bd449e
                                                                                                                                                                                                                                                        0x00bd44a3
                                                                                                                                                                                                                                                        0x00bd44a6
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd44b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44b7
                                                                                                                                                                                                                                                        0x00bd44b7
                                                                                                                                                                                                                                                        0x00bd44bc
                                                                                                                                                                                                                                                        0x00bd45e0
                                                                                                                                                                                                                                                        0x00bd45e2
                                                                                                                                                                                                                                                        0x00bd45eb
                                                                                                                                                                                                                                                        0x00bd45ee
                                                                                                                                                                                                                                                        0x00bd45ef
                                                                                                                                                                                                                                                        0x00bd45f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd45f8
                                                                                                                                                                                                                                                        0x00bd45f8
                                                                                                                                                                                                                                                        0x00bd45fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4602
                                                                                                                                                                                                                                                        0x00bd4605
                                                                                                                                                                                                                                                        0x00bd4608
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4608
                                                                                                                                                                                                                                                        0x00bd45e4
                                                                                                                                                                                                                                                        0x00bd45e7
                                                                                                                                                                                                                                                        0x00bd45e9
                                                                                                                                                                                                                                                        0x00bd4633
                                                                                                                                                                                                                                                        0x00bd463f
                                                                                                                                                                                                                                                        0x00bd464d
                                                                                                                                                                                                                                                        0x00bd4650
                                                                                                                                                                                                                                                        0x00bd4657
                                                                                                                                                                                                                                                        0x00bd4660
                                                                                                                                                                                                                                                        0x00bd4665
                                                                                                                                                                                                                                                        0x00bd466f
                                                                                                                                                                                                                                                        0x00bd4676
                                                                                                                                                                                                                                                        0x00bd4679
                                                                                                                                                                                                                                                        0x00bd467e
                                                                                                                                                                                                                                                        0x00bd4681
                                                                                                                                                                                                                                                        0x00bd4683
                                                                                                                                                                                                                                                        0x00bd469e
                                                                                                                                                                                                                                                        0x00bd469e
                                                                                                                                                                                                                                                        0x00bd46a1
                                                                                                                                                                                                                                                        0x00bd46a4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46aa
                                                                                                                                                                                                                                                        0x00bd4685
                                                                                                                                                                                                                                                        0x00bd4689
                                                                                                                                                                                                                                                        0x00bd468b
                                                                                                                                                                                                                                                        0x00bd46d8
                                                                                                                                                                                                                                                        0x00bd46dd
                                                                                                                                                                                                                                                        0x00bd46e3
                                                                                                                                                                                                                                                        0x00bd46e5
                                                                                                                                                                                                                                                        0x00bd46f2
                                                                                                                                                                                                                                                        0x00bd46f2
                                                                                                                                                                                                                                                        0x00bd4465
                                                                                                                                                                                                                                                        0x00bd4468
                                                                                                                                                                                                                                                        0x00bd4470
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4470
                                                                                                                                                                                                                                                        0x00bd46ee
                                                                                                                                                                                                                                                        0x00bd46f0
                                                                                                                                                                                                                                                        0x00bd46ff
                                                                                                                                                                                                                                                        0x00bd4705
                                                                                                                                                                                                                                                        0x00bd470a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd470a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46f0
                                                                                                                                                                                                                                                        0x00bd4692
                                                                                                                                                                                                                                                        0x00bd4697
                                                                                                                                                                                                                                                        0x00bd469a
                                                                                                                                                                                                                                                        0x00bd469c
                                                                                                                                                                                                                                                        0x00bd46cf
                                                                                                                                                                                                                                                        0x00bd46d4
                                                                                                                                                                                                                                                        0x00bd46d6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46d6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd469c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44c2
                                                                                                                                                                                                                                                        0x00bd44c2
                                                                                                                                                                                                                                                        0x00bd44c5
                                                                                                                                                                                                                                                        0x00bd44c8
                                                                                                                                                                                                                                                        0x00bd44d0
                                                                                                                                                                                                                                                        0x00bd44d3
                                                                                                                                                                                                                                                        0x00bd44d5
                                                                                                                                                                                                                                                        0x00bd44d7
                                                                                                                                                                                                                                                        0x00bd44d9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44db
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd470f
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd44e5
                                                                                                                                                                                                                                                        0x00bd44ec
                                                                                                                                                                                                                                                        0x00bd44f1
                                                                                                                                                                                                                                                        0x00bd44f4
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd44fa
                                                                                                                                                                                                                                                        0x00bd44ff
                                                                                                                                                                                                                                                        0x00bd4503
                                                                                                                                                                                                                                                        0x00bd4508
                                                                                                                                                                                                                                                        0x00bd450b
                                                                                                                                                                                                                                                        0x00bd450d
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd44b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44b5
                                                                                                                                                                                                                                                        0x00bd4515
                                                                                                                                                                                                                                                        0x00bd451d
                                                                                                                                                                                                                                                        0x00bd4520
                                                                                                                                                                                                                                                        0x00bd4525
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4530
                                                                                                                                                                                                                                                        0x00bd4530
                                                                                                                                                                                                                                                        0x00bd4532
                                                                                                                                                                                                                                                        0x00bd4726
                                                                                                                                                                                                                                                        0x00bd472b
                                                                                                                                                                                                                                                        0x00bd472b
                                                                                                                                                                                                                                                        0x00bd4731
                                                                                                                                                                                                                                                        0x00bd4731
                                                                                                                                                                                                                                                        0x00bd461c
                                                                                                                                                                                                                                                        0x00bd461c
                                                                                                                                                                                                                                                        0x00bd461d
                                                                                                                                                                                                                                                        0x00bd4622
                                                                                                                                                                                                                                                        0x00bd4625
                                                                                                                                                                                                                                                        0x00bd4628
                                                                                                                                                                                                                                                        0x00bd462b
                                                                                                                                                                                                                                                        0x00bd4576
                                                                                                                                                                                                                                                        0x00bd4581
                                                                                                                                                                                                                                                        0x00bd4594
                                                                                                                                                                                                                                                        0x00bd4599
                                                                                                                                                                                                                                                        0x00bd459c
                                                                                                                                                                                                                                                        0x00bd459f
                                                                                                                                                                                                                                                        0x00bd45a1
                                                                                                                                                                                                                                                        0x00bd45bd
                                                                                                                                                                                                                                                        0x00bd45c2
                                                                                                                                                                                                                                                        0x00bd45c5
                                                                                                                                                                                                                                                        0x00bd45ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd45ca
                                                                                                                                                                                                                                                        0x00bd45a6
                                                                                                                                                                                                                                                        0x00bd45a8
                                                                                                                                                                                                                                                        0x00bd45ad
                                                                                                                                                                                                                                                        0x00bd46af
                                                                                                                                                                                                                                                        0x00bd46b7
                                                                                                                                                                                                                                                        0x00bd46ba
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46bc
                                                                                                                                                                                                                                                        0x00bd46bf
                                                                                                                                                                                                                                                        0x00bd46bf
                                                                                                                                                                                                                                                        0x00bd45b3
                                                                                                                                                                                                                                                        0x00bd45b4
                                                                                                                                                                                                                                                        0x00bd45b5
                                                                                                                                                                                                                                                        0x00bd45ba
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd45ba
                                                                                                                                                                                                                                                        0x00bd453a
                                                                                                                                                                                                                                                        0x00bd4544
                                                                                                                                                                                                                                                        0x00bd4546
                                                                                                                                                                                                                                                        0x00bd4548
                                                                                                                                                                                                                                                        0x00bd454a
                                                                                                                                                                                                                                                        0x00bd454c
                                                                                                                                                                                                                                                        0x00bd454e
                                                                                                                                                                                                                                                        0x00bd4550
                                                                                                                                                                                                                                                        0x00bd4552
                                                                                                                                                                                                                                                        0x00bd4552
                                                                                                                                                                                                                                                        0x00bd4550
                                                                                                                                                                                                                                                        0x00bd4554
                                                                                                                                                                                                                                                        0x00bd455a
                                                                                                                                                                                                                                                        0x00bd455d
                                                                                                                                                                                                                                                        0x00bd4610
                                                                                                                                                                                                                                                        0x00bd4613
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4619
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4563
                                                                                                                                                                                                                                                        0x00bd4563
                                                                                                                                                                                                                                                        0x00bd4565
                                                                                                                                                                                                                                                        0x00bd471f
                                                                                                                                                                                                                                                        0x00bd456b
                                                                                                                                                                                                                                                        0x00bd456b
                                                                                                                                                                                                                                                        0x00bd456c
                                                                                                                                                                                                                                                        0x00bd4571
                                                                                                                                                                                                                                                        0x00bd4574
                                                                                                                                                                                                                                                        0x00bd4574
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4565
                                                                                                                                                                                                                                                        0x00bd455d
                                                                                                                                                                                                                                                        0x00bd44c2
                                                                                                                                                                                                                                                        0x00bd44c5
                                                                                                                                                                                                                                                        0x00bd44c8
                                                                                                                                                                                                                                                        0x00bd44d0
                                                                                                                                                                                                                                                        0x00bd44d3
                                                                                                                                                                                                                                                        0x00bd44d5
                                                                                                                                                                                                                                                        0x00bd44d7
                                                                                                                                                                                                                                                        0x00bd44d9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44db
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd470f
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd44e5
                                                                                                                                                                                                                                                        0x00bd44ec
                                                                                                                                                                                                                                                        0x00bd44f1
                                                                                                                                                                                                                                                        0x00bd44f4
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd44d9
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd4490
                                                                                                                                                                                                                                                        0x00bd4463
                                                                                                                                                                                                                                                        0x00bd4463
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4463
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD43DC
                                                                                                                                                                                                                                                        • GetProcessHandleCount.KERNEL32(00000000,FFFFFFFF), ref: 00BD43E7
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(verifier.dll), ref: 00BD43F6
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(000000A0), ref: 00BD441F
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BD443E
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BD44EC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleProcessmemset$??2@CountCurrentModule
                                                                                                                                                                                                                                                        • String ID: verifier.dll
                                                                                                                                                                                                                                                        • API String ID: 576989540-3265496382
                                                                                                                                                                                                                                                        • Opcode ID: fb48b03c148a57adc2169315e4b715559557b28b8139dcf717467a4622618d32
                                                                                                                                                                                                                                                        • Instruction ID: 385b84d7ddaf3cd464489c6d4dfc67c4c4f733f202bc2a642e7971ca681a1ce0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb48b03c148a57adc2169315e4b715559557b28b8139dcf717467a4622618d32
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 68A19C71E002088FDB14DFA4DC85BAEB7F9EF45314F1445AAE806AB384EB74AC45CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 97%
                                                                                                                                                                                                                                                        			E00BE96D0(void** __ecx, intOrPtr _a4, void* _a8, int _a12, int _a16, long* _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				int _t41;
                                                                                                                                                                                                                                                        				int _t46;
                                                                                                                                                                                                                                                        				int _t51;
                                                                                                                                                                                                                                                        				long _t57;
                                                                                                                                                                                                                                                        				int _t61;
                                                                                                                                                                                                                                                        				intOrPtr* _t63;
                                                                                                                                                                                                                                                        				int _t64;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				int _t85;
                                                                                                                                                                                                                                                        				int _t90;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				void** _t93;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				void* _t95;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t35 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t93 = __ecx;
                                                                                                                                                                                                                                                        				_t87 = _a16;
                                                                                                                                                                                                                                                        				_t63 = _a20;
                                                                                                                                                                                                                                                        				_t4 =  &(_t93[6]); // 0x18
                                                                                                                                                                                                                                                        				_v20 = _t35 ^ _t94;
                                                                                                                                                                                                                                                        				E00BC5200(CreateFileMappingW(0xffffffff, 0, 0x8000004, 0, _a16 + _a12, 0), _t4, _t38);
                                                                                                                                                                                                                                                        				_t40 = _t93[6];
                                                                                                                                                                                                                                                        				if(_t40 + 1 > 1) {
                                                                                                                                                                                                                                                        					_t41 = MapViewOfFile(_t40, 6, 0, 0, 0);
                                                                                                                                                                                                                                                        					__eflags = _t41;
                                                                                                                                                                                                                                                        					_v28 = _t41;
                                                                                                                                                                                                                                                        					if(_t41 == 0) {
                                                                                                                                                                                                                                                        						 *_t63 = GetLastError();
                                                                                                                                                                                                                                                        						_t64 = 0x1b;
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t94, _t87);
                                                                                                                                                                                                                                                        						return _t64;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t65 = _a8;
                                                                                                                                                                                                                                                        					_t87 = _a16;
                                                                                                                                                                                                                                                        					__eflags = _t65;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						 *0xbfb680 = _a12;
                                                                                                                                                                                                                                                        						_t46 = E00BE9630(_t93, _t87, __eflags, "g_shared_IPC_size", "true", 4);
                                                                                                                                                                                                                                                        						__eflags = _t46;
                                                                                                                                                                                                                                                        						 *0xbfb680 = 0;
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							 *0xbfb684 = _a16;
                                                                                                                                                                                                                                                        							_t46 = E00BE9630(_t93, _t87, __eflags, "g_shared_policy_size", "true", 4);
                                                                                                                                                                                                                                                        							__eflags = _t46;
                                                                                                                                                                                                                                                        							 *0xbfb684 = 0;
                                                                                                                                                                                                                                                        							if(_t46 != 0) {
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_push(0x1c);
                                                                                                                                                                                                                                                        							L00BEF6BA();
                                                                                                                                                                                                                                                        							_t66 = _t46;
                                                                                                                                                                                                                                                        							E00BE69D0(_t46, _t46,  *_t93, _t93[2], _t93[9], _a4);
                                                                                                                                                                                                                                                        							_t90 = _t93[8];
                                                                                                                                                                                                                                                        							_t93[8] = _t46;
                                                                                                                                                                                                                                                        							__eflags = _t90;
                                                                                                                                                                                                                                                        							if(_t90 != 0) {
                                                                                                                                                                                                                                                        								E00BE6A50(_t90);
                                                                                                                                                                                                                                                        								_push(_t90);
                                                                                                                                                                                                                                                        								L00BEF6C0();
                                                                                                                                                                                                                                                        								_t66 = _t93[8];
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t51 = E00BE6B10(_t66, _v28, _a12, 0x400);
                                                                                                                                                                                                                                                        							_t64 = 4;
                                                                                                                                                                                                                                                        							__eflags = _t51;
                                                                                                                                                                                                                                                        							if(_t51 == 0) {
                                                                                                                                                                                                                                                        								goto L2;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = DuplicateHandle(GetCurrentProcess(), _t93[6],  *_t93,  &_v24, 7, 0, 0);
                                                                                                                                                                                                                                                        							if(__eflags != 0) {
                                                                                                                                                                                                                                                        								 *0xbfb618 = _v24;
                                                                                                                                                                                                                                                        								_t46 = E00BE9630(_t93, _t87, __eflags, "g_shared_section", "true", 4);
                                                                                                                                                                                                                                                        								__eflags = _t46;
                                                                                                                                                                                                                                                        								 *0xbfb618 = 0;
                                                                                                                                                                                                                                                        								if(_t46 != 0) {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								CloseHandle(E00BCB670(_t46, _t93));
                                                                                                                                                                                                                                                        								_t64 = 0;
                                                                                                                                                                                                                                                        								goto L2;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t57 = GetLastError();
                                                                                                                                                                                                                                                        							_t64 = 0x1a;
                                                                                                                                                                                                                                                        							 *_a20 = _t57;
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t64 = _t46;
                                                                                                                                                                                                                                                        						 *_a20 = GetLastError();
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t87;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t92 = _v28 + _a12;
                                                                                                                                                                                                                                                        					memcpy(_t92, _t65, _t87);
                                                                                                                                                                                                                                                        					_t95 = _t95 + 0xc;
                                                                                                                                                                                                                                                        					_t61 = 0xffffff00;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t85 =  *(_t92 + _t61 + 0x100);
                                                                                                                                                                                                                                                        						__eflags = _t85;
                                                                                                                                                                                                                                                        						if(_t85 != 0) {
                                                                                                                                                                                                                                                        							 *(_t92 + _t61 + 0x100) = _t85 - _t65;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        						__eflags = _t61;
                                                                                                                                                                                                                                                        					} while (__eflags != 0);
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t63 = GetLastError();
                                                                                                                                                                                                                                                        				_t64 = 0x19;
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00be96d9
                                                                                                                                                                                                                                                        0x00be96de
                                                                                                                                                                                                                                                        0x00be96e0
                                                                                                                                                                                                                                                        0x00be96e6
                                                                                                                                                                                                                                                        0x00be96e9
                                                                                                                                                                                                                                                        0x00be96ee
                                                                                                                                                                                                                                                        0x00be970b
                                                                                                                                                                                                                                                        0x00be9710
                                                                                                                                                                                                                                                        0x00be9719
                                                                                                                                                                                                                                                        0x00be9747
                                                                                                                                                                                                                                                        0x00be974d
                                                                                                                                                                                                                                                        0x00be974f
                                                                                                                                                                                                                                                        0x00be9752
                                                                                                                                                                                                                                                        0x00be97ec
                                                                                                                                                                                                                                                        0x00be97ee
                                                                                                                                                                                                                                                        0x00be9728
                                                                                                                                                                                                                                                        0x00be972d
                                                                                                                                                                                                                                                        0x00be973b
                                                                                                                                                                                                                                                        0x00be973b
                                                                                                                                                                                                                                                        0x00be9758
                                                                                                                                                                                                                                                        0x00be975b
                                                                                                                                                                                                                                                        0x00be975e
                                                                                                                                                                                                                                                        0x00be9760
                                                                                                                                                                                                                                                        0x00be97ab
                                                                                                                                                                                                                                                        0x00be97b0
                                                                                                                                                                                                                                                        0x00be97c1
                                                                                                                                                                                                                                                        0x00be97c6
                                                                                                                                                                                                                                                        0x00be97c8
                                                                                                                                                                                                                                                        0x00be97d2
                                                                                                                                                                                                                                                        0x00be97fd
                                                                                                                                                                                                                                                        0x00be980e
                                                                                                                                                                                                                                                        0x00be9813
                                                                                                                                                                                                                                                        0x00be9815
                                                                                                                                                                                                                                                        0x00be981f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9824
                                                                                                                                                                                                                                                        0x00be9826
                                                                                                                                                                                                                                                        0x00be982e
                                                                                                                                                                                                                                                        0x00be983b
                                                                                                                                                                                                                                                        0x00be9840
                                                                                                                                                                                                                                                        0x00be9843
                                                                                                                                                                                                                                                        0x00be9846
                                                                                                                                                                                                                                                        0x00be9848
                                                                                                                                                                                                                                                        0x00be984c
                                                                                                                                                                                                                                                        0x00be9851
                                                                                                                                                                                                                                                        0x00be9852
                                                                                                                                                                                                                                                        0x00be985a
                                                                                                                                                                                                                                                        0x00be985a
                                                                                                                                                                                                                                                        0x00be986b
                                                                                                                                                                                                                                                        0x00be9870
                                                                                                                                                                                                                                                        0x00be9875
                                                                                                                                                                                                                                                        0x00be9877
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be989b
                                                                                                                                                                                                                                                        0x00be989d
                                                                                                                                                                                                                                                        0x00be98b9
                                                                                                                                                                                                                                                        0x00be98ca
                                                                                                                                                                                                                                                        0x00be98cf
                                                                                                                                                                                                                                                        0x00be98d1
                                                                                                                                                                                                                                                        0x00be98db
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be98e9
                                                                                                                                                                                                                                                        0x00be98ef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be98ef
                                                                                                                                                                                                                                                        0x00be989f
                                                                                                                                                                                                                                                        0x00be98a8
                                                                                                                                                                                                                                                        0x00be98ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be98ad
                                                                                                                                                                                                                                                        0x00be97d4
                                                                                                                                                                                                                                                        0x00be97d4
                                                                                                                                                                                                                                                        0x00be97df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be97df
                                                                                                                                                                                                                                                        0x00be9762
                                                                                                                                                                                                                                                        0x00be9764
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be976c
                                                                                                                                                                                                                                                        0x00be9772
                                                                                                                                                                                                                                                        0x00be9777
                                                                                                                                                                                                                                                        0x00be977a
                                                                                                                                                                                                                                                        0x00be9795
                                                                                                                                                                                                                                                        0x00be9795
                                                                                                                                                                                                                                                        0x00be979c
                                                                                                                                                                                                                                                        0x00be979e
                                                                                                                                                                                                                                                        0x00be97a2
                                                                                                                                                                                                                                                        0x00be97a2
                                                                                                                                                                                                                                                        0x00be9790
                                                                                                                                                                                                                                                        0x00be9790
                                                                                                                                                                                                                                                        0x00be9790
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9795
                                                                                                                                                                                                                                                        0x00be9721
                                                                                                                                                                                                                                                        0x00be9723
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateFileMappingW.KERNEL32(000000FF,00000000,08000004,00000000,4DD80977,00000000,0000E000,?,00000000), ref: 00BE9702
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00000000), ref: 00BE971B
                                                                                                                                                                                                                                                        • MapViewOfFile.KERNEL32(?,00000006,00000000,00000000,00000000,00000000), ref: 00BE9747
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000018,?,?), ref: 00BE9772
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(g_shared_policy_size,?,00000004,g_shared_IPC_size,?,00000004), ref: 00BE97D6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$File$CreateHandleMappingVerifierViewmemcpy
                                                                                                                                                                                                                                                        • String ID: g_shared_IPC_size$g_shared_policy_size$g_shared_section
                                                                                                                                                                                                                                                        • API String ID: 4257819580-3236103580
                                                                                                                                                                                                                                                        • Opcode ID: ae940b062e3769a65a9240b737c4970910e36f030567aab40f9146f797f527d9
                                                                                                                                                                                                                                                        • Instruction ID: 00953b1d783f67c2be64256517c6058409c273a082d305a084f71f175d09c129
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ae940b062e3769a65a9240b737c4970910e36f030567aab40f9146f797f527d9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 65515CB4650349AFDB249F65DC85FBA77E5EF48740F1005A8FA029B391DB70AC08CB64
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 80%
                                                                                                                                                                                                                                                        			E00BB5BA0(signed char* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				signed short _t28;
                                                                                                                                                                                                                                                        				long _t30;
                                                                                                                                                                                                                                                        				signed short _t31;
                                                                                                                                                                                                                                                        				long _t33;
                                                                                                                                                                                                                                                        				signed short _t34;
                                                                                                                                                                                                                                                        				long _t36;
                                                                                                                                                                                                                                                        				signed short _t37;
                                                                                                                                                                                                                                                        				long _t39;
                                                                                                                                                                                                                                                        				signed short _t40;
                                                                                                                                                                                                                                                        				long _t42;
                                                                                                                                                                                                                                                        				signed short _t43;
                                                                                                                                                                                                                                                        				long _t45;
                                                                                                                                                                                                                                                        				signed short _t46;
                                                                                                                                                                                                                                                        				long _t48;
                                                                                                                                                                                                                                                        				signed short _t49;
                                                                                                                                                                                                                                                        				long _t51;
                                                                                                                                                                                                                                                        				signed short _t52;
                                                                                                                                                                                                                                                        				long _t54;
                                                                                                                                                                                                                                                        				signed short* _t55;
                                                                                                                                                                                                                                                        				signed char _t56;
                                                                                                                                                                                                                                                        				signed short* _t58;
                                                                                                                                                                                                                                                        				char* _t59;
                                                                                                                                                                                                                                                        				signed short** _t65;
                                                                                                                                                                                                                                                        				char* _t66;
                                                                                                                                                                                                                                                        				signed char* _t67;
                                                                                                                                                                                                                                                        				signed int _t68;
                                                                                                                                                                                                                                                        				void* _t69;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t63 = __edx;
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t67 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t20 ^ _t68;
                                                                                                                                                                                                                                                        				_t55 =  *(__edx + 4);
                                                                                                                                                                                                                                                        				if(_t55 == 0) {
                                                                                                                                                                                                                                                        					L31:
                                                                                                                                                                                                                                                        					_t56 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t65 = __edx + 8;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						if(( *_t55 & 0x0000ffff | 0x00000002) == 0x2f) {
                                                                                                                                                                                                                                                        							if(_t55[1] == 0x2d) {
                                                                                                                                                                                                                                                        								_t58 =  &(_t55[2]);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t58 =  &(_t55[1]);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t28 =  *_t58 & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t28 == 0) {
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t30 = towlower(_t28 & 0x0000ffff);
                                                                                                                                                                                                                                                        								_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        								if(_t30 != 0x73) {
                                                                                                                                                                                                                                                        									goto L3;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t31 = _t58[1] & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t31 == 0) {
                                                                                                                                                                                                                                                        										goto L3;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t33 = towlower(_t31 & 0x0000ffff);
                                                                                                                                                                                                                                                        										_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        										if(_t33 != 0x61) {
                                                                                                                                                                                                                                                        											goto L3;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t34 = _t58[2] & 0x0000ffff;
                                                                                                                                                                                                                                                        											if(_t34 == 0) {
                                                                                                                                                                                                                                                        												goto L3;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t36 = towlower(_t34 & 0x0000ffff);
                                                                                                                                                                                                                                                        												_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        												if(_t36 != 0x66) {
                                                                                                                                                                                                                                                        													goto L3;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t37 = _t58[3] & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t37 == 0) {
                                                                                                                                                                                                                                                        														goto L3;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t39 = towlower(_t37 & 0x0000ffff);
                                                                                                                                                                                                                                                        														_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        														if(_t39 != 0x65) {
                                                                                                                                                                                                                                                        															goto L3;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t40 = _t58[4] & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t40 == 0) {
                                                                                                                                                                                                                                                        																goto L3;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t42 = towlower(_t40 & 0x0000ffff);
                                                                                                                                                                                                                                                        																_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        																if(_t42 != 0x2d) {
                                                                                                                                                                                                                                                        																	goto L3;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t43 = _t58[5] & 0x0000ffff;
                                                                                                                                                                                                                                                        																	if(_t43 == 0) {
                                                                                                                                                                                                                                                        																		goto L3;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t45 = towlower(_t43 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        																		if(_t45 != 0x6d) {
                                                                                                                                                                                                                                                        																			goto L3;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t46 = _t58[6] & 0x0000ffff;
                                                                                                                                                                                                                                                        																			if(_t46 == 0) {
                                                                                                                                                                                                                                                        																				goto L3;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t48 = towlower(_t46 & 0x0000ffff);
                                                                                                                                                                                                                                                        																				_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        																				if(_t48 != 0x6f) {
                                                                                                                                                                                                                                                        																					goto L3;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t49 = _t58[7] & 0x0000ffff;
                                                                                                                                                                                                                                                        																					if(_t49 == 0) {
                                                                                                                                                                                                                                                        																						goto L3;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t51 = towlower(_t49 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        																						if(_t51 != 0x64) {
                                                                                                                                                                                                                                                        																							goto L3;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							_t52 = _t58[8] & 0x0000ffff;
                                                                                                                                                                                                                                                        																							if(_t52 == 0) {
                                                                                                                                                                                                                                                        																								goto L3;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								_t54 = towlower(_t52 & 0x0000ffff);
                                                                                                                                                                                                                                                        																								_t69 = _t69 + 4;
                                                                                                                                                                                                                                                        																								if(_t54 != 0x65 || _t58[9] != 0) {
                                                                                                                                                                                                                                                        																									goto L3;
                                                                                                                                                                                                                                                        																								} else {
                                                                                                                                                                                                                                                        																									_t66 =  &_v24;
                                                                                                                                                                                                                                                        																									_t59 =  &_v28;
                                                                                                                                                                                                                                                        																									_v24 = 4;
                                                                                                                                                                                                                                                        																									__imp__RegGetValueW(0x80000002, L"SOFTWARE\\Policies\\Mozilla\\Firefox", L"DisableSafeMode", 0x18, 0, _t59, _t66);
                                                                                                                                                                                                                                                        																									if(_t54 == 0) {
                                                                                                                                                                                                                                                        																										L30:
                                                                                                                                                                                                                                                        																										_t56 = 1;
                                                                                                                                                                                                                                                        																										if(_v28 == 1) {
                                                                                                                                                                                                                                                        																											goto L31;
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									} else {
                                                                                                                                                                                                                                                        																										_v24 = 4;
                                                                                                                                                                                                                                                        																										__imp__RegGetValueW(0x80000001, L"SOFTWARE\\Policies\\Mozilla\\Firefox", L"DisableSafeMode", 0x18, 0, _t59, _t66);
                                                                                                                                                                                                                                                        																										if(_t54 == 0) {
                                                                                                                                                                                                                                                        																											goto L30;
                                                                                                                                                                                                                                                        																										} else {
                                                                                                                                                                                                                                                        																											_t56 = 1;
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						_t55 =  *_t65;
                                                                                                                                                                                                                                                        						_t65 =  &(_t65[1]);
                                                                                                                                                                                                                                                        					} while (_t55 != 0);
                                                                                                                                                                                                                                                        					goto L31;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L32:
                                                                                                                                                                                                                                                        				if(getenv("MOZ_SAFE_MODE_RESTART") != 0) {
                                                                                                                                                                                                                                                        					_t56 =  ==  ? _t56 & 0x000000ff : 1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t67 = _t56;
                                                                                                                                                                                                                                                        				_t67[1] = 1;
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t68, _t63);
                                                                                                                                                                                                                                                        				return _t67;
                                                                                                                                                                                                                                                        			}


































                                                                                                                                                                                                                                                        0x00bb5ba0
                                                                                                                                                                                                                                                        0x00bb5ba9
                                                                                                                                                                                                                                                        0x00bb5bae
                                                                                                                                                                                                                                                        0x00bb5bb2
                                                                                                                                                                                                                                                        0x00bb5bb5
                                                                                                                                                                                                                                                        0x00bb5bba
                                                                                                                                                                                                                                                        0x00bb5d86
                                                                                                                                                                                                                                                        0x00bb5d86
                                                                                                                                                                                                                                                        0x00bb5bc0
                                                                                                                                                                                                                                                        0x00bb5bc2
                                                                                                                                                                                                                                                        0x00bb5bc5
                                                                                                                                                                                                                                                        0x00bb5bcf
                                                                                                                                                                                                                                                        0x00bb5be5
                                                                                                                                                                                                                                                        0x00bb5d76
                                                                                                                                                                                                                                                        0x00bb5beb
                                                                                                                                                                                                                                                        0x00bb5beb
                                                                                                                                                                                                                                                        0x00bb5beb
                                                                                                                                                                                                                                                        0x00bb5bee
                                                                                                                                                                                                                                                        0x00bb5bf4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5bf6
                                                                                                                                                                                                                                                        0x00bb5bfa
                                                                                                                                                                                                                                                        0x00bb5c00
                                                                                                                                                                                                                                                        0x00bb5c07
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c09
                                                                                                                                                                                                                                                        0x00bb5c09
                                                                                                                                                                                                                                                        0x00bb5c10
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c12
                                                                                                                                                                                                                                                        0x00bb5c16
                                                                                                                                                                                                                                                        0x00bb5c1c
                                                                                                                                                                                                                                                        0x00bb5c23
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c25
                                                                                                                                                                                                                                                        0x00bb5c25
                                                                                                                                                                                                                                                        0x00bb5c2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c2e
                                                                                                                                                                                                                                                        0x00bb5c32
                                                                                                                                                                                                                                                        0x00bb5c38
                                                                                                                                                                                                                                                        0x00bb5c3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c41
                                                                                                                                                                                                                                                        0x00bb5c41
                                                                                                                                                                                                                                                        0x00bb5c48
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c4a
                                                                                                                                                                                                                                                        0x00bb5c4e
                                                                                                                                                                                                                                                        0x00bb5c54
                                                                                                                                                                                                                                                        0x00bb5c5b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c61
                                                                                                                                                                                                                                                        0x00bb5c61
                                                                                                                                                                                                                                                        0x00bb5c68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c6e
                                                                                                                                                                                                                                                        0x00bb5c72
                                                                                                                                                                                                                                                        0x00bb5c78
                                                                                                                                                                                                                                                        0x00bb5c7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c85
                                                                                                                                                                                                                                                        0x00bb5c85
                                                                                                                                                                                                                                                        0x00bb5c8c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c92
                                                                                                                                                                                                                                                        0x00bb5c96
                                                                                                                                                                                                                                                        0x00bb5c9c
                                                                                                                                                                                                                                                        0x00bb5ca3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ca9
                                                                                                                                                                                                                                                        0x00bb5ca9
                                                                                                                                                                                                                                                        0x00bb5cb0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cb6
                                                                                                                                                                                                                                                        0x00bb5cba
                                                                                                                                                                                                                                                        0x00bb5cc0
                                                                                                                                                                                                                                                        0x00bb5cc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ccd
                                                                                                                                                                                                                                                        0x00bb5ccd
                                                                                                                                                                                                                                                        0x00bb5cd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cda
                                                                                                                                                                                                                                                        0x00bb5cde
                                                                                                                                                                                                                                                        0x00bb5ce4
                                                                                                                                                                                                                                                        0x00bb5ceb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cf1
                                                                                                                                                                                                                                                        0x00bb5cf1
                                                                                                                                                                                                                                                        0x00bb5cf8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cfe
                                                                                                                                                                                                                                                        0x00bb5d02
                                                                                                                                                                                                                                                        0x00bb5d08
                                                                                                                                                                                                                                                        0x00bb5d0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5d20
                                                                                                                                                                                                                                                        0x00bb5d20
                                                                                                                                                                                                                                                        0x00bb5d23
                                                                                                                                                                                                                                                        0x00bb5d26
                                                                                                                                                                                                                                                        0x00bb5d42
                                                                                                                                                                                                                                                        0x00bb5d4a
                                                                                                                                                                                                                                                        0x00bb5d7e
                                                                                                                                                                                                                                                        0x00bb5d82
                                                                                                                                                                                                                                                        0x00bb5d84
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5d4c
                                                                                                                                                                                                                                                        0x00bb5d4c
                                                                                                                                                                                                                                                        0x00bb5d68
                                                                                                                                                                                                                                                        0x00bb5d70
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5d72
                                                                                                                                                                                                                                                        0x00bb5d72
                                                                                                                                                                                                                                                        0x00bb5d72
                                                                                                                                                                                                                                                        0x00bb5d70
                                                                                                                                                                                                                                                        0x00bb5d4a
                                                                                                                                                                                                                                                        0x00bb5d0f
                                                                                                                                                                                                                                                        0x00bb5cf8
                                                                                                                                                                                                                                                        0x00bb5ceb
                                                                                                                                                                                                                                                        0x00bb5cd4
                                                                                                                                                                                                                                                        0x00bb5cc7
                                                                                                                                                                                                                                                        0x00bb5cb0
                                                                                                                                                                                                                                                        0x00bb5ca3
                                                                                                                                                                                                                                                        0x00bb5c8c
                                                                                                                                                                                                                                                        0x00bb5c7f
                                                                                                                                                                                                                                                        0x00bb5c68
                                                                                                                                                                                                                                                        0x00bb5c5b
                                                                                                                                                                                                                                                        0x00bb5c48
                                                                                                                                                                                                                                                        0x00bb5c3f
                                                                                                                                                                                                                                                        0x00bb5c2c
                                                                                                                                                                                                                                                        0x00bb5c23
                                                                                                                                                                                                                                                        0x00bb5c10
                                                                                                                                                                                                                                                        0x00bb5c07
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5bd1
                                                                                                                                                                                                                                                        0x00bb5bd1
                                                                                                                                                                                                                                                        0x00bb5bd3
                                                                                                                                                                                                                                                        0x00bb5bd6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5bda
                                                                                                                                                                                                                                                        0x00bb5d88
                                                                                                                                                                                                                                                        0x00bb5d98
                                                                                                                                                                                                                                                        0x00bb5dbf
                                                                                                                                                                                                                                                        0x00bb5dbf
                                                                                                                                                                                                                                                        0x00bb5d9a
                                                                                                                                                                                                                                                        0x00bb5d9c
                                                                                                                                                                                                                                                        0x00bb5da5
                                                                                                                                                                                                                                                        0x00bb5db3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,00BB4F4B), ref: 00BB5BFA
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,00BB4F4B), ref: 00BB5C16
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB4F4B), ref: 00BB5C32
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB4F4B), ref: 00BB5C4E
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5C72
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5C96
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5CBA
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5CDE
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5D02
                                                                                                                                                                                                                                                        • RegGetValueW.ADVAPI32(80000002,SOFTWARE\Policies\Mozilla\Firefox,DisableSafeMode,00000018,00000000,?,?), ref: 00BB5D42
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_SAFE_MODE_RESTART,?,?,00BB4F4B), ref: 00BB5D8D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: towlower$Valuegetenv
                                                                                                                                                                                                                                                        • String ID: DisableSafeMode$MOZ_SAFE_MODE_RESTART$SOFTWARE\Policies\Mozilla\Firefox
                                                                                                                                                                                                                                                        • API String ID: 242805946-4180355920
                                                                                                                                                                                                                                                        • Opcode ID: eb29dd452935ef142d42cb6df4475c9872f7bdd7a2d925c0a2d434b0e1f1f974
                                                                                                                                                                                                                                                        • Instruction ID: e7bcd8a8839c8bfe9ff77fd7b37499fa9e4a6ab2a443340fbab224c18dab631c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eb29dd452935ef142d42cb6df4475c9872f7bdd7a2d925c0a2d434b0e1f1f974
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E651F3E4A0062557DF305F299C4ABF236E4DB00705F5840E5FD859B1C1DEA8CD96E27B
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BD66A0(void* __ebx, intOrPtr* __ecx, intOrPtr __edx, void* __edi, void* __esi, intOrPtr _a4, char* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				intOrPtr* _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				intOrPtr* _v52;
                                                                                                                                                                                                                                                        				long _v56;
                                                                                                                                                                                                                                                        				long _v72;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				intOrPtr _v80;
                                                                                                                                                                                                                                                        				char _v96;
                                                                                                                                                                                                                                                        				signed int _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				intOrPtr _v108;
                                                                                                                                                                                                                                                        				long _v112;
                                                                                                                                                                                                                                                        				char _v128;
                                                                                                                                                                                                                                                        				char _v132;
                                                                                                                                                                                                                                                        				char _v136;
                                                                                                                                                                                                                                                        				intOrPtr _v140;
                                                                                                                                                                                                                                                        				intOrPtr _v144;
                                                                                                                                                                                                                                                        				intOrPtr _v148;
                                                                                                                                                                                                                                                        				intOrPtr _v152;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v156;
                                                                                                                                                                                                                                                        				intOrPtr _v160;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v164;
                                                                                                                                                                                                                                                        				intOrPtr* _v168;
                                                                                                                                                                                                                                                        				intOrPtr _v188;
                                                                                                                                                                                                                                                        				intOrPtr _v192;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t136;
                                                                                                                                                                                                                                                        				intOrPtr _t139;
                                                                                                                                                                                                                                                        				intOrPtr* _t141;
                                                                                                                                                                                                                                                        				intOrPtr* _t143;
                                                                                                                                                                                                                                                        				intOrPtr* _t148;
                                                                                                                                                                                                                                                        				long _t150;
                                                                                                                                                                                                                                                        				long _t151;
                                                                                                                                                                                                                                                        				signed int* _t152;
                                                                                                                                                                                                                                                        				long _t156;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t161;
                                                                                                                                                                                                                                                        				long _t164;
                                                                                                                                                                                                                                                        				char* _t166;
                                                                                                                                                                                                                                                        				long _t170;
                                                                                                                                                                                                                                                        				intOrPtr _t178;
                                                                                                                                                                                                                                                        				intOrPtr* _t179;
                                                                                                                                                                                                                                                        				intOrPtr* _t180;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				long _t195;
                                                                                                                                                                                                                                                        				intOrPtr _t197;
                                                                                                                                                                                                                                                        				intOrPtr _t201;
                                                                                                                                                                                                                                                        				long* _t202;
                                                                                                                                                                                                                                                        				long _t204;
                                                                                                                                                                                                                                                        				char* _t208;
                                                                                                                                                                                                                                                        				signed int _t210;
                                                                                                                                                                                                                                                        				char* _t216;
                                                                                                                                                                                                                                                        				intOrPtr _t222;
                                                                                                                                                                                                                                                        				long _t224;
                                                                                                                                                                                                                                                        				signed int _t226;
                                                                                                                                                                                                                                                        				intOrPtr _t229;
                                                                                                                                                                                                                                                        				intOrPtr* _t231;
                                                                                                                                                                                                                                                        				intOrPtr _t232;
                                                                                                                                                                                                                                                        				intOrPtr* _t236;
                                                                                                                                                                                                                                                        				intOrPtr _t237;
                                                                                                                                                                                                                                                        				intOrPtr* _t239;
                                                                                                                                                                                                                                                        				long _t240;
                                                                                                                                                                                                                                                        				intOrPtr* _t242;
                                                                                                                                                                                                                                                        				long _t243;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t245;
                                                                                                                                                                                                                                                        				signed int _t246;
                                                                                                                                                                                                                                                        				signed int _t247;
                                                                                                                                                                                                                                                        				void* _t249;
                                                                                                                                                                                                                                                        				void* _t252;
                                                                                                                                                                                                                                                        				void* _t253;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t221 = __edx;
                                                                                                                                                                                                                                                        				_t253 = _t252 - 0x98;
                                                                                                                                                                                                                                                        				_t134 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t229 = __edx;
                                                                                                                                                                                                                                                        				_t236 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t134 ^ _t247;
                                                                                                                                                                                                                                                        				_t136 = GetModuleHandleW( &M00BF146A);
                                                                                                                                                                                                                                                        				if(_t136 == 0) {
                                                                                                                                                                                                                                                        					_t237 = 7;
                                                                                                                                                                                                                                                        					L11:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t247, _t221);
                                                                                                                                                                                                                                                        					return _t237;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v164 = _t136;
                                                                                                                                                                                                                                                        					_t139 =  *_t236;
                                                                                                                                                                                                                                                        					_v148 =  *((intOrPtr*)(_t139 + 0x28));
                                                                                                                                                                                                                                                        					_v156 = LoadLibraryW( *(_t139 + 0x2c));
                                                                                                                                                                                                                                                        					_t141 = E00BCB910();
                                                                                                                                                                                                                                                        					_t178 =  *_t141;
                                                                                                                                                                                                                                                        					_v152 = _t229;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t141 + 0x58)) != 1) {
                                                                                                                                                                                                                                                        						_push(0x1c);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t253 = _t253 + 4;
                                                                                                                                                                                                                                                        						_t231 = _t141;
                                                                                                                                                                                                                                                        						__eflags = _t178 - 5;
                                                                                                                                                                                                                                                        						 *_t231 = 0xbf1540;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t231 + 0xc)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t231 + 0x10)) =  *((intOrPtr*)( *_t236));
                                                                                                                                                                                                                                                        						 *((char*)(_t231 + 0x14)) =  *((intOrPtr*)(_t236 + 0xd));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t231 + 0x18)) = 0;
                                                                                                                                                                                                                                                        						if(_t178 >= 5) {
                                                                                                                                                                                                                                                        							 *_t231 = 0xbf1510;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t178 < 7) {
                                                                                                                                                                                                                                                        							_push(0x1c);
                                                                                                                                                                                                                                                        							L00BEF6BA();
                                                                                                                                                                                                                                                        							_t253 = _t253 + 4;
                                                                                                                                                                                                                                                        							_t231 = _t141;
                                                                                                                                                                                                                                                        							__eflags = _t178 - 5;
                                                                                                                                                                                                                                                        							 *_t231 = 0xbf1540;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t231 + 0xc)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t231 + 0x10)) =  *((intOrPtr*)( *_t236));
                                                                                                                                                                                                                                                        							 *((char*)(_t231 + 0x14)) =  *((intOrPtr*)(_t236 + 0xd));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t231 + 0x18)) = 0;
                                                                                                                                                                                                                                                        							if(_t178 < 5) {
                                                                                                                                                                                                                                                        								 *_t231 = 0xbf14e0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *_t231 = 0xbf14b0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_push(0x1c);
                                                                                                                                                                                                                                                        							L00BEF6BA();
                                                                                                                                                                                                                                                        							_t253 = _t253 + 4;
                                                                                                                                                                                                                                                        							_t231 = _t141;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t231 + 0xc)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t231 + 0x10)) =  *((intOrPtr*)( *_t236));
                                                                                                                                                                                                                                                        							 *((char*)(_t231 + 0x14)) =  *((intOrPtr*)(_t236 + 0xd));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t231 + 0x18)) = 0;
                                                                                                                                                                                                                                                        							 *_t231 = 0xbf1480;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t179 =  *((intOrPtr*)(_t236 + 4));
                                                                                                                                                                                                                                                        					_t143 =  *_t179;
                                                                                                                                                                                                                                                        					if(_t143 != _t179) {
                                                                                                                                                                                                                                                        						_t222 = _t143;
                                                                                                                                                                                                                                                        						_v144 = _t179;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t223 = _t222 + 8;
                                                                                                                                                                                                                                                        							_v168 = _t143;
                                                                                                                                                                                                                                                        							E00BD5A10( &_v104, _t222 + 8);
                                                                                                                                                                                                                                                        							_v108 = 7;
                                                                                                                                                                                                                                                        							_v112 = 0;
                                                                                                                                                                                                                                                        							_v128 = 0;
                                                                                                                                                                                                                                                        							E00BBA740( &_v128,  &M00BF146A);
                                                                                                                                                                                                                                                        							_t146 = _v112;
                                                                                                                                                                                                                                                        							__eflags = _v80 - _t146;
                                                                                                                                                                                                                                                        							if(_v80 != _t146) {
                                                                                                                                                                                                                                                        								_v136 = 0;
                                                                                                                                                                                                                                                        								_v140 = 2;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eflags = _t146;
                                                                                                                                                                                                                                                        								if(_t146 == 0) {
                                                                                                                                                                                                                                                        									L25:
                                                                                                                                                                                                                                                        									__eflags = _v104 - 1;
                                                                                                                                                                                                                                                        									if(_v104 != 1) {
                                                                                                                                                                                                                                                        										goto L37;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t164 = _v24;
                                                                                                                                                                                                                                                        										__eflags = _t164;
                                                                                                                                                                                                                                                        										if(_t164 != 0) {
                                                                                                                                                                                                                                                        											L31:
                                                                                                                                                                                                                                                        											_t208 = _a8;
                                                                                                                                                                                                                                                        											_t242 = _v52;
                                                                                                                                                                                                                                                        											_t182 =  &_v48;
                                                                                                                                                                                                                                                        											_t223 = _a4 -  *((intOrPtr*)(_t208 + 4));
                                                                                                                                                                                                                                                        											_t210 =  *(_t208 + 0xc) << 6;
                                                                                                                                                                                                                                                        											__eflags = _v28 - 0xf;
                                                                                                                                                                                                                                                        											if(_v28 > 0xf) {
                                                                                                                                                                                                                                                        												_t182 = _v48;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v136 = _t182;
                                                                                                                                                                                                                                                        											__eflags = _t242 - 0xf;
                                                                                                                                                                                                                                                        											_t243 =  &_v72;
                                                                                                                                                                                                                                                        											_v160 = _v152 + _t210 + 0x10;
                                                                                                                                                                                                                                                        											if(_t242 > 0xf) {
                                                                                                                                                                                                                                                        												_t243 = _v72;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags =  *((intOrPtr*)( *_t231 + 4))(_v164, _v148, _t243, _v136, _t164, _v160, _t223, 0);
                                                                                                                                                                                                                                                        											if(__eflags < 0) {
                                                                                                                                                                                                                                                        												_t146 = E00BEB570(_t223, __eflags, _t165);
                                                                                                                                                                                                                                                        												_t253 = _t253 + 4;
                                                                                                                                                                                                                                                        												SetLastError(_t146);
                                                                                                                                                                                                                                                        												_v140 = 0x28;
                                                                                                                                                                                                                                                        												_v136 = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t166 = _a8;
                                                                                                                                                                                                                                                        												_t223 = _t166;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(0xbfb514 + _v100 * 4)) = _v152 + ( *(_t166 + 0xc) << 6) + 0x10;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t223 + 0xc)) =  *((intOrPtr*)(_t223 + 0xc)) + 1;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t223 + 4)) =  *((intOrPtr*)(_t223 + 4)) + 0x40;
                                                                                                                                                                                                                                                        												_t146 = 1;
                                                                                                                                                                                                                                                        												_v136 = 1;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											__eflags = _v28 - 0xf;
                                                                                                                                                                                                                                                        											_t170 =  &_v48;
                                                                                                                                                                                                                                                        											if(_v28 > 0xf) {
                                                                                                                                                                                                                                                        												_t170 = _v48;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t223 =  *_t231;
                                                                                                                                                                                                                                                        											_t245 = _v156;
                                                                                                                                                                                                                                                        											__eflags =  *((intOrPtr*)( *_t231 + 8))(_t245, _t170,  &_v132);
                                                                                                                                                                                                                                                        											if(__eflags < 0) {
                                                                                                                                                                                                                                                        												_t146 = E00BEB570(_t223, __eflags, _t171);
                                                                                                                                                                                                                                                        												_t253 = _t253 + 4;
                                                                                                                                                                                                                                                        												SetLastError(_t146);
                                                                                                                                                                                                                                                        												_v140 = 0x29;
                                                                                                                                                                                                                                                        												_v136 = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t164 = _v132 - _t245 + _v148;
                                                                                                                                                                                                                                                        												__eflags = _t164;
                                                                                                                                                                                                                                                        												_v24 = _t164;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__eflags = _v108 - 7;
                                                                                                                                                                                                                                                        									_t216 =  &_v128;
                                                                                                                                                                                                                                                        									if(_v108 > 7) {
                                                                                                                                                                                                                                                        										_t216 = _v128;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v76 - 7;
                                                                                                                                                                                                                                                        									_t223 =  &_v96;
                                                                                                                                                                                                                                                        									if(_v76 > 7) {
                                                                                                                                                                                                                                                        										_t223 = _v96;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t246 = 0;
                                                                                                                                                                                                                                                        									__eflags = 0;
                                                                                                                                                                                                                                                        									while(1) {
                                                                                                                                                                                                                                                        										__eflags = ( *(_t223 + _t246 * 2) & 0x0000ffff) -  *((intOrPtr*)(_t216 + _t246 * 2));
                                                                                                                                                                                                                                                        										if(( *(_t223 + _t246 * 2) & 0x0000ffff) !=  *((intOrPtr*)(_t216 + _t246 * 2))) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t246 = _t246 + 1;
                                                                                                                                                                                                                                                        										__eflags = _t146 - _t246;
                                                                                                                                                                                                                                                        										if(_t146 != _t246) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L25;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L37:
                                                                                                                                                                                                                                                        									_v136 = 0;
                                                                                                                                                                                                                                                        									_v140 = 2;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L38:
                                                                                                                                                                                                                                                        								_t179 = _v144;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							E00BBDF30(_t146,  &_v128, _t223);
                                                                                                                                                                                                                                                        							_t148 = _v28;
                                                                                                                                                                                                                                                        							__eflags = _t148 - 0x10;
                                                                                                                                                                                                                                                        							if(_t148 >= 0x10) {
                                                                                                                                                                                                                                                        								_t195 = _v48;
                                                                                                                                                                                                                                                        								_t239 = _t148 + 1;
                                                                                                                                                                                                                                                        								__eflags = _t239 - 0x1000;
                                                                                                                                                                                                                                                        								if(_t239 >= 0x1000) {
                                                                                                                                                                                                                                                        									_t224 =  *(_t195 - 4);
                                                                                                                                                                                                                                                        									_t197 = _t195 + 0xfffffffc - _t224;
                                                                                                                                                                                                                                                        									__eflags = _t197 - 0x20;
                                                                                                                                                                                                                                                        									if(_t197 >= 0x20) {
                                                                                                                                                                                                                                                        										goto L56;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t195 = _t224;
                                                                                                                                                                                                                                                        										_t239 = _t148 + 0x24;
                                                                                                                                                                                                                                                        										goto L45;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L45:
                                                                                                                                                                                                                                                        									_push(_t239);
                                                                                                                                                                                                                                                        									_push(_t195);
                                                                                                                                                                                                                                                        									L00BEF6C6();
                                                                                                                                                                                                                                                        									_t253 = _t253 + 8;
                                                                                                                                                                                                                                                        									goto L40;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L40:
                                                                                                                                                                                                                                                        								_v32 = 0;
                                                                                                                                                                                                                                                        								_v28 = 0xf;
                                                                                                                                                                                                                                                        								_v48 = 0;
                                                                                                                                                                                                                                                        								_t148 = _v52;
                                                                                                                                                                                                                                                        								__eflags = _t148 - 0x10;
                                                                                                                                                                                                                                                        								if(_t148 >= 0x10) {
                                                                                                                                                                                                                                                        									_t204 = _v72;
                                                                                                                                                                                                                                                        									_t239 = _t148 + 1;
                                                                                                                                                                                                                                                        									__eflags = _t239 - 0x1000;
                                                                                                                                                                                                                                                        									if(_t239 >= 0x1000) {
                                                                                                                                                                                                                                                        										_t224 =  *(_t204 - 4);
                                                                                                                                                                                                                                                        										_t197 = _t204 + 0xfffffffc - _t224;
                                                                                                                                                                                                                                                        										__eflags = _t197 - 0x20;
                                                                                                                                                                                                                                                        										if(_t197 >= 0x20) {
                                                                                                                                                                                                                                                        											L56:
                                                                                                                                                                                                                                                        											__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											_push(_t247);
                                                                                                                                                                                                                                                        											_t249 = _t253;
                                                                                                                                                                                                                                                        											_push(_t179);
                                                                                                                                                                                                                                                        											_push(_t231);
                                                                                                                                                                                                                                                        											_push(_t239);
                                                                                                                                                                                                                                                        											_t232 =  *((intOrPtr*)(_t224 + 4));
                                                                                                                                                                                                                                                        											_t240 = _t224;
                                                                                                                                                                                                                                                        											_v188 = _t197;
                                                                                                                                                                                                                                                        											_push(0x5c);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											__eflags = _t240;
                                                                                                                                                                                                                                                        											_v192 = _t232;
                                                                                                                                                                                                                                                        											_t180 = _t148;
                                                                                                                                                                                                                                                        											_t199 =  ==  ? _t148 : _t240;
                                                                                                                                                                                                                                                        											_t233 =  ==  ? _t148 : _t232;
                                                                                                                                                                                                                                                        											 *_t148 =  ==  ? _t148 : _t240;
                                                                                                                                                                                                                                                        											_t122 = _t148 + 8; // 0x8
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t148 + 4)) =  ==  ? _t148 : _t232;
                                                                                                                                                                                                                                                        											E00BD5A10(_t122, _v164);
                                                                                                                                                                                                                                                        											_t201 = _v188;
                                                                                                                                                                                                                                                        											_t150 =  *(_t201 + 4);
                                                                                                                                                                                                                                                        											__eflags = _t150 - 0x2c8590a;
                                                                                                                                                                                                                                                        											if(_t150 == 0x2c8590a) {
                                                                                                                                                                                                                                                        												_push("list<T> too long");
                                                                                                                                                                                                                                                        												L00BEF798();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t249);
                                                                                                                                                                                                                                                        												_t151 =  *0xbfb5c0;
                                                                                                                                                                                                                                                        												__eflags = _t151;
                                                                                                                                                                                                                                                        												if(_t151 == 0) {
                                                                                                                                                                                                                                                        													_t152 =  *0xbfb5bc;
                                                                                                                                                                                                                                                        													__eflags = _t152;
                                                                                                                                                                                                                                                        													if(_t152 == 0) {
                                                                                                                                                                                                                                                        														__eflags = 0;
                                                                                                                                                                                                                                                        														return 0;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_push(0);
                                                                                                                                                                                                                                                        														_t151 = E00BE3CE0(8 +  *_t152 * 4, 0);
                                                                                                                                                                                                                                                        														_t202 =  *0xbfb5bc;
                                                                                                                                                                                                                                                        														 *0xbfb5c0 = _t151;
                                                                                                                                                                                                                                                        														 *_t151 = _t202;
                                                                                                                                                                                                                                                        														__eflags =  *_t202;
                                                                                                                                                                                                                                                        														if( *_t202 > 0) {
                                                                                                                                                                                                                                                        															_t226 = 0;
                                                                                                                                                                                                                                                        															__eflags = 0;
                                                                                                                                                                                                                                                        															asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																 *((intOrPtr*)(_t151 + 4 + _t226 * 4)) = 0;
                                                                                                                                                                                                                                                        																_t226 = _t226 + 1;
                                                                                                                                                                                                                                                        																__eflags = _t226 -  *_t202;
                                                                                                                                                                                                                                                        															} while (_t226 <  *_t202);
                                                                                                                                                                                                                                                        															return _t151;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L61;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L61:
                                                                                                                                                                                                                                                        													return _t151;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t156 = _t150 + 1;
                                                                                                                                                                                                                                                        												__eflags = _t156;
                                                                                                                                                                                                                                                        												 *(_t201 + 4) = _t156;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t240 + 4)) = _t180;
                                                                                                                                                                                                                                                        												 *_v28 = _t180;
                                                                                                                                                                                                                                                        												return _t156;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t148 = _t148 + 0x24;
                                                                                                                                                                                                                                                        											_t204 = _t224;
                                                                                                                                                                                                                                                        											_t239 = _t148;
                                                                                                                                                                                                                                                        											goto L47;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L47:
                                                                                                                                                                                                                                                        										_push(_t239);
                                                                                                                                                                                                                                                        										_push(_t204);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t253 = _t253 + 8;
                                                                                                                                                                                                                                                        										goto L41;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L41:
                                                                                                                                                                                                                                                        									_v56 = 0;
                                                                                                                                                                                                                                                        									_v52 = 0xf;
                                                                                                                                                                                                                                                        									_v72 = 0;
                                                                                                                                                                                                                                                        									E00BBDF30(_t148,  &_v96, _t224);
                                                                                                                                                                                                                                                        									__eflags = _v136;
                                                                                                                                                                                                                                                        									if(_v136 == 0) {
                                                                                                                                                                                                                                                        										_t237 = _v140;
                                                                                                                                                                                                                                                        										goto L9;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L42;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L68;
                                                                                                                                                                                                                                                        							L42:
                                                                                                                                                                                                                                                        							_t237 = 0;
                                                                                                                                                                                                                                                        							_t222 =  *_v168;
                                                                                                                                                                                                                                                        							__eflags = _t222 - _t179;
                                                                                                                                                                                                                                                        							_t143 = _t222;
                                                                                                                                                                                                                                                        						} while (_t222 != _t179);
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t237 = 0;
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t231))(1);
                                                                                                                                                                                                                                                        						_t161 = _v156;
                                                                                                                                                                                                                                                        						if(_t161 != 0) {
                                                                                                                                                                                                                                                        							FreeLibrary(_t161);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L68:
                                                                                                                                                                                                                                                        			}











































































                                                                                                                                                                                                                                                        0x00bd66a0
                                                                                                                                                                                                                                                        0x00bd66a6
                                                                                                                                                                                                                                                        0x00bd66ac
                                                                                                                                                                                                                                                        0x00bd66b1
                                                                                                                                                                                                                                                        0x00bd66b3
                                                                                                                                                                                                                                                        0x00bd66b7
                                                                                                                                                                                                                                                        0x00bd66bf
                                                                                                                                                                                                                                                        0x00bd66c7
                                                                                                                                                                                                                                                        0x00bd6734
                                                                                                                                                                                                                                                        0x00bd6797
                                                                                                                                                                                                                                                        0x00bd679c
                                                                                                                                                                                                                                                        0x00bd67ad
                                                                                                                                                                                                                                                        0x00bd66c9
                                                                                                                                                                                                                                                        0x00bd66c9
                                                                                                                                                                                                                                                        0x00bd66cf
                                                                                                                                                                                                                                                        0x00bd66d4
                                                                                                                                                                                                                                                        0x00bd66e3
                                                                                                                                                                                                                                                        0x00bd66e9
                                                                                                                                                                                                                                                        0x00bd66ee
                                                                                                                                                                                                                                                        0x00bd66f4
                                                                                                                                                                                                                                                        0x00bd66fa
                                                                                                                                                                                                                                                        0x00bd673b
                                                                                                                                                                                                                                                        0x00bd673d
                                                                                                                                                                                                                                                        0x00bd6742
                                                                                                                                                                                                                                                        0x00bd6747
                                                                                                                                                                                                                                                        0x00bd674c
                                                                                                                                                                                                                                                        0x00bd6751
                                                                                                                                                                                                                                                        0x00bd6757
                                                                                                                                                                                                                                                        0x00bd675e
                                                                                                                                                                                                                                                        0x00bd6761
                                                                                                                                                                                                                                                        0x00bd6764
                                                                                                                                                                                                                                                        0x00bd676b
                                                                                                                                                                                                                                                        0x00bd676d
                                                                                                                                                                                                                                                        0x00bd676d
                                                                                                                                                                                                                                                        0x00bd66fc
                                                                                                                                                                                                                                                        0x00bd66ff
                                                                                                                                                                                                                                                        0x00bd67ae
                                                                                                                                                                                                                                                        0x00bd67b0
                                                                                                                                                                                                                                                        0x00bd67b5
                                                                                                                                                                                                                                                        0x00bd67ba
                                                                                                                                                                                                                                                        0x00bd67bf
                                                                                                                                                                                                                                                        0x00bd67c4
                                                                                                                                                                                                                                                        0x00bd67ca
                                                                                                                                                                                                                                                        0x00bd67d1
                                                                                                                                                                                                                                                        0x00bd67d4
                                                                                                                                                                                                                                                        0x00bd67d7
                                                                                                                                                                                                                                                        0x00bd67de
                                                                                                                                                                                                                                                        0x00bd67e8
                                                                                                                                                                                                                                                        0x00bd67e0
                                                                                                                                                                                                                                                        0x00bd67e0
                                                                                                                                                                                                                                                        0x00bd67e0
                                                                                                                                                                                                                                                        0x00bd6705
                                                                                                                                                                                                                                                        0x00bd6705
                                                                                                                                                                                                                                                        0x00bd6707
                                                                                                                                                                                                                                                        0x00bd670c
                                                                                                                                                                                                                                                        0x00bd6711
                                                                                                                                                                                                                                                        0x00bd6718
                                                                                                                                                                                                                                                        0x00bd671f
                                                                                                                                                                                                                                                        0x00bd6722
                                                                                                                                                                                                                                                        0x00bd6725
                                                                                                                                                                                                                                                        0x00bd672c
                                                                                                                                                                                                                                                        0x00bd672c
                                                                                                                                                                                                                                                        0x00bd66ff
                                                                                                                                                                                                                                                        0x00bd6773
                                                                                                                                                                                                                                                        0x00bd6776
                                                                                                                                                                                                                                                        0x00bd677a
                                                                                                                                                                                                                                                        0x00bd67f0
                                                                                                                                                                                                                                                        0x00bd67f2
                                                                                                                                                                                                                                                        0x00bd6800
                                                                                                                                                                                                                                                        0x00bd6800
                                                                                                                                                                                                                                                        0x00bd6806
                                                                                                                                                                                                                                                        0x00bd680c
                                                                                                                                                                                                                                                        0x00bd6811
                                                                                                                                                                                                                                                        0x00bd6818
                                                                                                                                                                                                                                                        0x00bd681f
                                                                                                                                                                                                                                                        0x00bd682d
                                                                                                                                                                                                                                                        0x00bd6832
                                                                                                                                                                                                                                                        0x00bd6835
                                                                                                                                                                                                                                                        0x00bd6838
                                                                                                                                                                                                                                                        0x00bd6a72
                                                                                                                                                                                                                                                        0x00bd6a7c
                                                                                                                                                                                                                                                        0x00bd683e
                                                                                                                                                                                                                                                        0x00bd683e
                                                                                                                                                                                                                                                        0x00bd6840
                                                                                                                                                                                                                                                        0x00bd6873
                                                                                                                                                                                                                                                        0x00bd6873
                                                                                                                                                                                                                                                        0x00bd6877
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd687d
                                                                                                                                                                                                                                                        0x00bd687d
                                                                                                                                                                                                                                                        0x00bd6880
                                                                                                                                                                                                                                                        0x00bd6882
                                                                                                                                                                                                                                                        0x00bd68b9
                                                                                                                                                                                                                                                        0x00bd68bc
                                                                                                                                                                                                                                                        0x00bd68bf
                                                                                                                                                                                                                                                        0x00bd68c2
                                                                                                                                                                                                                                                        0x00bd68c5
                                                                                                                                                                                                                                                        0x00bd68cb
                                                                                                                                                                                                                                                        0x00bd68ce
                                                                                                                                                                                                                                                        0x00bd68d2
                                                                                                                                                                                                                                                        0x00bd68d4
                                                                                                                                                                                                                                                        0x00bd68d4
                                                                                                                                                                                                                                                        0x00bd68d7
                                                                                                                                                                                                                                                        0x00bd68e3
                                                                                                                                                                                                                                                        0x00bd68e6
                                                                                                                                                                                                                                                        0x00bd68ed
                                                                                                                                                                                                                                                        0x00bd68f3
                                                                                                                                                                                                                                                        0x00bd68f5
                                                                                                                                                                                                                                                        0x00bd68f5
                                                                                                                                                                                                                                                        0x00bd691c
                                                                                                                                                                                                                                                        0x00bd691e
                                                                                                                                                                                                                                                        0x00bd6a21
                                                                                                                                                                                                                                                        0x00bd6a26
                                                                                                                                                                                                                                                        0x00bd6a2a
                                                                                                                                                                                                                                                        0x00bd6a30
                                                                                                                                                                                                                                                        0x00bd6a3a
                                                                                                                                                                                                                                                        0x00bd6924
                                                                                                                                                                                                                                                        0x00bd6924
                                                                                                                                                                                                                                                        0x00bd692d
                                                                                                                                                                                                                                                        0x00bd693c
                                                                                                                                                                                                                                                        0x00bd6943
                                                                                                                                                                                                                                                        0x00bd6946
                                                                                                                                                                                                                                                        0x00bd694a
                                                                                                                                                                                                                                                        0x00bd694c
                                                                                                                                                                                                                                                        0x00bd694c
                                                                                                                                                                                                                                                        0x00bd6884
                                                                                                                                                                                                                                                        0x00bd6884
                                                                                                                                                                                                                                                        0x00bd6888
                                                                                                                                                                                                                                                        0x00bd688b
                                                                                                                                                                                                                                                        0x00bd688d
                                                                                                                                                                                                                                                        0x00bd688d
                                                                                                                                                                                                                                                        0x00bd6890
                                                                                                                                                                                                                                                        0x00bd6899
                                                                                                                                                                                                                                                        0x00bd68a3
                                                                                                                                                                                                                                                        0x00bd68a5
                                                                                                                                                                                                                                                        0x00bd6a4a
                                                                                                                                                                                                                                                        0x00bd6a4f
                                                                                                                                                                                                                                                        0x00bd6a53
                                                                                                                                                                                                                                                        0x00bd6a59
                                                                                                                                                                                                                                                        0x00bd6a63
                                                                                                                                                                                                                                                        0x00bd68ab
                                                                                                                                                                                                                                                        0x00bd68b0
                                                                                                                                                                                                                                                        0x00bd68b0
                                                                                                                                                                                                                                                        0x00bd68b6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd68b6
                                                                                                                                                                                                                                                        0x00bd68a5
                                                                                                                                                                                                                                                        0x00bd6882
                                                                                                                                                                                                                                                        0x00bd6842
                                                                                                                                                                                                                                                        0x00bd6842
                                                                                                                                                                                                                                                        0x00bd6846
                                                                                                                                                                                                                                                        0x00bd6849
                                                                                                                                                                                                                                                        0x00bd684b
                                                                                                                                                                                                                                                        0x00bd684b
                                                                                                                                                                                                                                                        0x00bd684e
                                                                                                                                                                                                                                                        0x00bd6852
                                                                                                                                                                                                                                                        0x00bd6855
                                                                                                                                                                                                                                                        0x00bd6857
                                                                                                                                                                                                                                                        0x00bd6857
                                                                                                                                                                                                                                                        0x00bd685a
                                                                                                                                                                                                                                                        0x00bd685a
                                                                                                                                                                                                                                                        0x00bd6860
                                                                                                                                                                                                                                                        0x00bd6864
                                                                                                                                                                                                                                                        0x00bd6868
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd686e
                                                                                                                                                                                                                                                        0x00bd686f
                                                                                                                                                                                                                                                        0x00bd6871
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6871
                                                                                                                                                                                                                                                        0x00bd6960
                                                                                                                                                                                                                                                        0x00bd6960
                                                                                                                                                                                                                                                        0x00bd696a
                                                                                                                                                                                                                                                        0x00bd696a
                                                                                                                                                                                                                                                        0x00bd6974
                                                                                                                                                                                                                                                        0x00bd6974
                                                                                                                                                                                                                                                        0x00bd6974
                                                                                                                                                                                                                                                        0x00bd697d
                                                                                                                                                                                                                                                        0x00bd6982
                                                                                                                                                                                                                                                        0x00bd6985
                                                                                                                                                                                                                                                        0x00bd6988
                                                                                                                                                                                                                                                        0x00bd69e4
                                                                                                                                                                                                                                                        0x00bd69e7
                                                                                                                                                                                                                                                        0x00bd69ea
                                                                                                                                                                                                                                                        0x00bd69f0
                                                                                                                                                                                                                                                        0x00bd6a96
                                                                                                                                                                                                                                                        0x00bd6a9c
                                                                                                                                                                                                                                                        0x00bd6a9e
                                                                                                                                                                                                                                                        0x00bd6aa1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6aa3
                                                                                                                                                                                                                                                        0x00bd6aa6
                                                                                                                                                                                                                                                        0x00bd6aa8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6aa8
                                                                                                                                                                                                                                                        0x00bd69f6
                                                                                                                                                                                                                                                        0x00bd69f6
                                                                                                                                                                                                                                                        0x00bd69f6
                                                                                                                                                                                                                                                        0x00bd69f7
                                                                                                                                                                                                                                                        0x00bd69f8
                                                                                                                                                                                                                                                        0x00bd69fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd69fd
                                                                                                                                                                                                                                                        0x00bd698a
                                                                                                                                                                                                                                                        0x00bd698a
                                                                                                                                                                                                                                                        0x00bd698a
                                                                                                                                                                                                                                                        0x00bd6991
                                                                                                                                                                                                                                                        0x00bd6998
                                                                                                                                                                                                                                                        0x00bd699c
                                                                                                                                                                                                                                                        0x00bd699f
                                                                                                                                                                                                                                                        0x00bd69a2
                                                                                                                                                                                                                                                        0x00bd6a02
                                                                                                                                                                                                                                                        0x00bd6a05
                                                                                                                                                                                                                                                        0x00bd6a08
                                                                                                                                                                                                                                                        0x00bd6a0e
                                                                                                                                                                                                                                                        0x00bd6aaf
                                                                                                                                                                                                                                                        0x00bd6ab5
                                                                                                                                                                                                                                                        0x00bd6ab7
                                                                                                                                                                                                                                                        0x00bd6aba
                                                                                                                                                                                                                                                        0x00bd6ac8
                                                                                                                                                                                                                                                        0x00bd6ac8
                                                                                                                                                                                                                                                        0x00bd6ace
                                                                                                                                                                                                                                                        0x00bd6acf
                                                                                                                                                                                                                                                        0x00bd6ad0
                                                                                                                                                                                                                                                        0x00bd6ad1
                                                                                                                                                                                                                                                        0x00bd6ad3
                                                                                                                                                                                                                                                        0x00bd6ad4
                                                                                                                                                                                                                                                        0x00bd6ad5
                                                                                                                                                                                                                                                        0x00bd6ad9
                                                                                                                                                                                                                                                        0x00bd6adc
                                                                                                                                                                                                                                                        0x00bd6ade
                                                                                                                                                                                                                                                        0x00bd6ae1
                                                                                                                                                                                                                                                        0x00bd6ae3
                                                                                                                                                                                                                                                        0x00bd6aee
                                                                                                                                                                                                                                                        0x00bd6af2
                                                                                                                                                                                                                                                        0x00bd6af5
                                                                                                                                                                                                                                                        0x00bd6af7
                                                                                                                                                                                                                                                        0x00bd6afa
                                                                                                                                                                                                                                                        0x00bd6afd
                                                                                                                                                                                                                                                        0x00bd6aff
                                                                                                                                                                                                                                                        0x00bd6b02
                                                                                                                                                                                                                                                        0x00bd6b05
                                                                                                                                                                                                                                                        0x00bd6b0a
                                                                                                                                                                                                                                                        0x00bd6b0d
                                                                                                                                                                                                                                                        0x00bd6b10
                                                                                                                                                                                                                                                        0x00bd6b15
                                                                                                                                                                                                                                                        0x00bd6b2b
                                                                                                                                                                                                                                                        0x00bd6b30
                                                                                                                                                                                                                                                        0x00bd6b35
                                                                                                                                                                                                                                                        0x00bd6b36
                                                                                                                                                                                                                                                        0x00bd6b37
                                                                                                                                                                                                                                                        0x00bd6b38
                                                                                                                                                                                                                                                        0x00bd6b39
                                                                                                                                                                                                                                                        0x00bd6b3a
                                                                                                                                                                                                                                                        0x00bd6b3b
                                                                                                                                                                                                                                                        0x00bd6b3c
                                                                                                                                                                                                                                                        0x00bd6b3d
                                                                                                                                                                                                                                                        0x00bd6b3e
                                                                                                                                                                                                                                                        0x00bd6b3f
                                                                                                                                                                                                                                                        0x00bd6b40
                                                                                                                                                                                                                                                        0x00bd6b43
                                                                                                                                                                                                                                                        0x00bd6b48
                                                                                                                                                                                                                                                        0x00bd6b4a
                                                                                                                                                                                                                                                        0x00bd6b4e
                                                                                                                                                                                                                                                        0x00bd6b53
                                                                                                                                                                                                                                                        0x00bd6b55
                                                                                                                                                                                                                                                        0x00bd6b9f
                                                                                                                                                                                                                                                        0x00bd6ba2
                                                                                                                                                                                                                                                        0x00bd6b57
                                                                                                                                                                                                                                                        0x00bd6b60
                                                                                                                                                                                                                                                        0x00bd6b65
                                                                                                                                                                                                                                                        0x00bd6b6d
                                                                                                                                                                                                                                                        0x00bd6b73
                                                                                                                                                                                                                                                        0x00bd6b78
                                                                                                                                                                                                                                                        0x00bd6b7a
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b7f
                                                                                                                                                                                                                                                        0x00bd6b7f
                                                                                                                                                                                                                                                        0x00bd6b81
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b98
                                                                                                                                                                                                                                                        0x00bd6b99
                                                                                                                                                                                                                                                        0x00bd6b99
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b18
                                                                                                                                                                                                                                                        0x00bd6b1e
                                                                                                                                                                                                                                                        0x00bd6b21
                                                                                                                                                                                                                                                        0x00bd6b2a
                                                                                                                                                                                                                                                        0x00bd6b2a
                                                                                                                                                                                                                                                        0x00bd6abc
                                                                                                                                                                                                                                                        0x00bd6abc
                                                                                                                                                                                                                                                        0x00bd6abf
                                                                                                                                                                                                                                                        0x00bd6ac1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6ac1
                                                                                                                                                                                                                                                        0x00bd6a14
                                                                                                                                                                                                                                                        0x00bd6a14
                                                                                                                                                                                                                                                        0x00bd6a14
                                                                                                                                                                                                                                                        0x00bd6a15
                                                                                                                                                                                                                                                        0x00bd6a16
                                                                                                                                                                                                                                                        0x00bd6a1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6a1b
                                                                                                                                                                                                                                                        0x00bd69a4
                                                                                                                                                                                                                                                        0x00bd69a4
                                                                                                                                                                                                                                                        0x00bd69a7
                                                                                                                                                                                                                                                        0x00bd69ae
                                                                                                                                                                                                                                                        0x00bd69b5
                                                                                                                                                                                                                                                        0x00bd69b9
                                                                                                                                                                                                                                                        0x00bd69be
                                                                                                                                                                                                                                                        0x00bd69c5
                                                                                                                                                                                                                                                        0x00bd6a8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd69c5
                                                                                                                                                                                                                                                        0x00bd69a2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd69cb
                                                                                                                                                                                                                                                        0x00bd69d1
                                                                                                                                                                                                                                                        0x00bd69d3
                                                                                                                                                                                                                                                        0x00bd69d5
                                                                                                                                                                                                                                                        0x00bd69d7
                                                                                                                                                                                                                                                        0x00bd69d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd677c
                                                                                                                                                                                                                                                        0x00bd677c
                                                                                                                                                                                                                                                        0x00bd677e
                                                                                                                                                                                                                                                        0x00bd6784
                                                                                                                                                                                                                                                        0x00bd6786
                                                                                                                                                                                                                                                        0x00bd678e
                                                                                                                                                                                                                                                        0x00bd6791
                                                                                                                                                                                                                                                        0x00bd6791
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd678e
                                                                                                                                                                                                                                                        0x00bd677a
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll), ref: 00BD66BF
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(?), ref: 00BD66DD
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000001C), ref: 00BD6707
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000001C), ref: 00BD673D
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?), ref: 00BD6791
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000001C), ref: 00BD67B0
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$Library$FreeHandleLoadModule
                                                                                                                                                                                                                                                        • String ID: )$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 3382075784-2989091322
                                                                                                                                                                                                                                                        • Opcode ID: 5a869acee0362095c91bab18be7e46fbb60eccd25bb552bad5056ebbdc29cc9b
                                                                                                                                                                                                                                                        • Instruction ID: 282817ac8e0fd9fe7087f4eccd270420aa2f8f0b634471031316e0f43539d1bd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a869acee0362095c91bab18be7e46fbb60eccd25bb552bad5056ebbdc29cc9b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0FC13871E002199FDB24CF64C894BA9FBF1FF48318F24859AD559AB351EB31A984CF90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(00BB1447,browser,?,00BB1447,?), ref: 00BB1A33
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(0000002D,?,?,?,00BB1447,?), ref: 00BB1A49
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB1447,?), ref: 00BB1A5F
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB1447,?), ref: 00BB1A75
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1A8B
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1ADE
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1AFC
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1B1A
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1B38
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1B56
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: tolower
                                                                                                                                                                                                                                                        • String ID: browser
                                                                                                                                                                                                                                                        • API String ID: 3025214199-3658682170
                                                                                                                                                                                                                                                        • Opcode ID: e240a6de989f1abd2550bd97a851a2a839820f78a2b5f69bb5cd5a581b819341
                                                                                                                                                                                                                                                        • Instruction ID: bced11c54c0ac7e22f555f4f3d3d8e318411d66858ca5f8a2ed26ade39799a05
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e240a6de989f1abd2550bd97a851a2a839820f78a2b5f69bb5cd5a581b819341
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4671E570A882495FDF208B3C98646FBBFE5DF02304F8848E9D8959B202D775ED12C755
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 85%
                                                                                                                                                                                                                                                        			E00BE1360(intOrPtr* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				long _v104;
                                                                                                                                                                                                                                                        				int _v108;
                                                                                                                                                                                                                                                        				signed int _v112;
                                                                                                                                                                                                                                                        				intOrPtr* _v116;
                                                                                                                                                                                                                                                        				int _v120;
                                                                                                                                                                                                                                                        				signed int _v124;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				int _t105;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				void* _t116;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				intOrPtr _t124;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				intOrPtr _t127;
                                                                                                                                                                                                                                                        				intOrPtr _t128;
                                                                                                                                                                                                                                                        				intOrPtr _t133;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				intOrPtr _t137;
                                                                                                                                                                                                                                                        				signed int _t139;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        				signed int _t147;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				int* _t156;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				signed int _t163;
                                                                                                                                                                                                                                                        				signed int _t165;
                                                                                                                                                                                                                                                        				void* _t172;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				intOrPtr* _t180;
                                                                                                                                                                                                                                                        				intOrPtr _t181;
                                                                                                                                                                                                                                                        				signed int _t183;
                                                                                                                                                                                                                                                        				signed int _t184;
                                                                                                                                                                                                                                                        				signed int _t185;
                                                                                                                                                                                                                                                        				signed int _t189;
                                                                                                                                                                                                                                                        				signed int _t190;
                                                                                                                                                                                                                                                        				intOrPtr* _t192;
                                                                                                                                                                                                                                                        				void* _t194;
                                                                                                                                                                                                                                                        				void* _t195;
                                                                                                                                                                                                                                                        				signed int _t197;
                                                                                                                                                                                                                                                        				void* _t198;
                                                                                                                                                                                                                                                        				void* _t199;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t92 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t92 ^ _t197;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t185 = 0x3f0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t180 = __ecx;
                                                                                                                                                                                                                                                        					_t133 =  *((intOrPtr*)(__ecx + 0x1c));
                                                                                                                                                                                                                                                        					_t186 =  *((intOrPtr*)(__ecx + 0x18));
                                                                                                                                                                                                                                                        					_v116 = __ecx;
                                                                                                                                                                                                                                                        					_t165 =  *((intOrPtr*)(__ecx + 4)) -  *__ecx;
                                                                                                                                                                                                                                                        					_t97 = _t133 - _t186;
                                                                                                                                                                                                                                                        					_t147 = (_t97 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        					_v104 = _t165;
                                                                                                                                                                                                                                                        					_v100 = _t147;
                                                                                                                                                                                                                                                        					_v112 = _t165 >> 2;
                                                                                                                                                                                                                                                        					_v108 =  *((intOrPtr*)(__ecx + 0x10)) -  *((intOrPtr*)(__ecx + 0xc));
                                                                                                                                                                                                                                                        					_t163 = 0;
                                                                                                                                                                                                                                                        					if(_t97 == 0) {
                                                                                                                                                                                                                                                        						_v120 = 0;
                                                                                                                                                                                                                                                        						_t98 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t126 = _t147 * 8;
                                                                                                                                                                                                                                                        						_t179 =  >=  ? _t126 : 0xffffffff;
                                                                                                                                                                                                                                                        						_push( >=  ? _t126 : 0xffffffff);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t198 = _t198 + 4;
                                                                                                                                                                                                                                                        						_t161 = _t126;
                                                                                                                                                                                                                                                        						_v120 = _t126;
                                                                                                                                                                                                                                                        						if(_t133 != _t186) {
                                                                                                                                                                                                                                                        							_t141 = 0;
                                                                                                                                                                                                                                                        							_t184 = 0;
                                                                                                                                                                                                                                                        							asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t161 + 4 + _t184 * 8)) = 0x10;
                                                                                                                                                                                                                                                        								_t127 = E00BE7750(_t186 + _t141);
                                                                                                                                                                                                                                                        								_t161 = _v120;
                                                                                                                                                                                                                                                        								_t141 = _t141 + 0x44;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t161 + _t184 * 8)) = _t127;
                                                                                                                                                                                                                                                        								_t128 = _v116;
                                                                                                                                                                                                                                                        								_t184 = _t184 + 1;
                                                                                                                                                                                                                                                        								_t186 =  *((intOrPtr*)(_t128 + 0x18));
                                                                                                                                                                                                                                                        							} while (_t184 < ( *((intOrPtr*)(_t128 + 0x1c)) -  *((intOrPtr*)(_t128 + 0x18)) >> 2) * 0xf0f0f0f1);
                                                                                                                                                                                                                                                        							_t180 = _v116;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t98 = _t161;
                                                                                                                                                                                                                                                        						_t147 = _v100;
                                                                                                                                                                                                                                                        						_t163 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v124 = _t98;
                                                                                                                                                                                                                                                        					_t135 = _v112 * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        					_v104 = _t135;
                                                                                                                                                                                                                                                        					if(_v104 != 0) {
                                                                                                                                                                                                                                                        						_t122 = _t135 * 8;
                                                                                                                                                                                                                                                        						_t175 =  >=  ? _t122 : 0xffffffff;
                                                                                                                                                                                                                                                        						_t195 = 0;
                                                                                                                                                                                                                                                        						_push( >=  ? _t122 : 0xffffffff);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t198 = _t198 + 4;
                                                                                                                                                                                                                                                        						_t176 = _t122;
                                                                                                                                                                                                                                                        						_t183 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							 *(_t176 + 4 + _t183 * 8) = 0;
                                                                                                                                                                                                                                                        							_t124 = E00BE7750( *_v116 + _t195);
                                                                                                                                                                                                                                                        							_t135 = _v104;
                                                                                                                                                                                                                                                        							_t195 = _t195 + 0x44;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t176 + _t183 * 8)) = _t124;
                                                                                                                                                                                                                                                        							_t183 = _t183 + 1;
                                                                                                                                                                                                                                                        						} while (_t183 < _t135);
                                                                                                                                                                                                                                                        						_t180 = _v116;
                                                                                                                                                                                                                                                        						_t147 = _v100;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t99 = _v108;
                                                                                                                                                                                                                                                        					_t189 = _t99 >> 3;
                                                                                                                                                                                                                                                        					if(_t99 == 0) {
                                                                                                                                                                                                                                                        						_v108 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t139 = _t163;
                                                                                                                                                                                                                                                        						_t119 = _t189 * 0xc;
                                                                                                                                                                                                                                                        						_t171 =  >=  ? _t119 : 0xffffffff;
                                                                                                                                                                                                                                                        						_push( >=  ? _t119 : 0xffffffff);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t198 = _t198 + 4;
                                                                                                                                                                                                                                                        						_t155 = _t119;
                                                                                                                                                                                                                                                        						_t172 = 0;
                                                                                                                                                                                                                                                        						_v108 = _t155;
                                                                                                                                                                                                                                                        						_t156 = _t155 + 8;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							 *_t156 = 0;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax+edx*8]");
                                                                                                                                                                                                                                                        							_t172 = _t172 + 1;
                                                                                                                                                                                                                                                        							asm("movsd [ecx-0x8], xmm0");
                                                                                                                                                                                                                                                        							_t156 =  &(_t156[3]);
                                                                                                                                                                                                                                                        						} while (_t172 < _t189);
                                                                                                                                                                                                                                                        						_t163 = _t139;
                                                                                                                                                                                                                                                        						_t147 = _v100;
                                                                                                                                                                                                                                                        						_t135 = _v104;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					_v112 = _t163;
                                                                                                                                                                                                                                                        					_t103 =  *(_t180 + 0x30);
                                                                                                                                                                                                                                                        					if((_t135 | _t147 | _t189) == 0) {
                                                                                                                                                                                                                                                        						_t103 = DuplicateTokenEx(_t103, 0xf01ff, 0, 1, 1,  &_v92);
                                                                                                                                                                                                                                                        						_t190 = _v124;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t190 = _v124;
                                                                                                                                                                                                                                                        						__imp__CreateRestrictedToken(_t103, 0, _v100, _t190, _t189, _v108, _t135, _t163,  &_v92);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v100 = _t103;
                                                                                                                                                                                                                                                        					_v104 = GetLastError();
                                                                                                                                                                                                                                                        					if(_t190 != 0) {
                                                                                                                                                                                                                                                        						_push(_v120);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t198 = _t198 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t136 = _v112;
                                                                                                                                                                                                                                                        					if(_t136 != 0) {
                                                                                                                                                                                                                                                        						_push(_t136);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t198 = _t198 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t105 = _v108;
                                                                                                                                                                                                                                                        					_t185 = _v104;
                                                                                                                                                                                                                                                        					if(_t105 != 0) {
                                                                                                                                                                                                                                                        						_push(_t105);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t198 = _t198 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_v100 != 0) {
                                                                                                                                                                                                                                                        						_v96 = 0;
                                                                                                                                                                                                                                                        						E00BC5200(_v92,  &_v96, _v92);
                                                                                                                                                                                                                                                        						if( *((char*)(_t180 + 0x39)) == 0) {
                                                                                                                                                                                                                                                        							E00BE71D0( &_v88, 0x12);
                                                                                                                                                                                                                                                        							_t109 = E00BCBE80(_t163, _v96,  &_v88, 1, 0x10000000);
                                                                                                                                                                                                                                                        							_t199 = _t198 + 0x10;
                                                                                                                                                                                                                                                        							if(_t109 != 0) {
                                                                                                                                                                                                                                                        								goto L31;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L38;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t117 = E00BCBF70(_t163, _v96);
                                                                                                                                                                                                                                                        							_t199 = _t198 + 4;
                                                                                                                                                                                                                                                        							if(_t117 == 0) {
                                                                                                                                                                                                                                                        								L38:
                                                                                                                                                                                                                                                        								_t185 = GetLastError();
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L31:
                                                                                                                                                                                                                                                        								_t192 =  *((intOrPtr*)(_t180 + 0x24));
                                                                                                                                                                                                                                                        								_t137 = _t180;
                                                                                                                                                                                                                                                        								_t181 =  *((intOrPtr*)(_t180 + 0x28));
                                                                                                                                                                                                                                                        								if(_t192 == _t181) {
                                                                                                                                                                                                                                                        									L35:
                                                                                                                                                                                                                                                        									if(E00BCC020(_t163, _v96, 0x10000000) == 0) {
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t111 = E00BE2D90(_v96,  *((intOrPtr*)(_t137 + 0x34)));
                                                                                                                                                                                                                                                        										_t185 = _t111;
                                                                                                                                                                                                                                                        										if(_t111 == 0) {
                                                                                                                                                                                                                                                        											_t113 = GetCurrentProcess();
                                                                                                                                                                                                                                                        											if(DuplicateHandle(GetCurrentProcess(), _v96, _t113,  &_v88, 0xf01ff, 0, 0) != 0) {
                                                                                                                                                                                                                                                        												_t111 = E00BC5200(_t115, _a4, _v88);
                                                                                                                                                                                                                                                        												_t185 = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L38;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        									while(1) {
                                                                                                                                                                                                                                                        										_t194 = _t192 + 8;
                                                                                                                                                                                                                                                        										_t116 = E00BCBE80(_t163, _v96, _t194,  *((intOrPtr*)(_t192 + 4)),  *_t192);
                                                                                                                                                                                                                                                        										_t199 = _t199 + 0x10;
                                                                                                                                                                                                                                                        										if(_t116 == 0) {
                                                                                                                                                                                                                                                        											goto L38;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t192 = _t194 + 0x44;
                                                                                                                                                                                                                                                        										if(_t192 != _t181) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L35;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L39;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L38;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L39:
                                                                                                                                                                                                                                                        						E00BC51B0(_t111,  &_v96);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t197, _t163);
                                                                                                                                                                                                                                                        				return _t185;
                                                                                                                                                                                                                                                        			}

























































                                                                                                                                                                                                                                                        0x00be1369
                                                                                                                                                                                                                                                        0x00be1370
                                                                                                                                                                                                                                                        0x00be1377
                                                                                                                                                                                                                                                        0x00be158d
                                                                                                                                                                                                                                                        0x00be137d
                                                                                                                                                                                                                                                        0x00be137d
                                                                                                                                                                                                                                                        0x00be137f
                                                                                                                                                                                                                                                        0x00be1382
                                                                                                                                                                                                                                                        0x00be1388
                                                                                                                                                                                                                                                        0x00be138d
                                                                                                                                                                                                                                                        0x00be138f
                                                                                                                                                                                                                                                        0x00be1396
                                                                                                                                                                                                                                                        0x00be139c
                                                                                                                                                                                                                                                        0x00be13a2
                                                                                                                                                                                                                                                        0x00be13a5
                                                                                                                                                                                                                                                        0x00be13ae
                                                                                                                                                                                                                                                        0x00be13b1
                                                                                                                                                                                                                                                        0x00be13b5
                                                                                                                                                                                                                                                        0x00be1594
                                                                                                                                                                                                                                                        0x00be159b
                                                                                                                                                                                                                                                        0x00be13bb
                                                                                                                                                                                                                                                        0x00be13c2
                                                                                                                                                                                                                                                        0x00be13c9
                                                                                                                                                                                                                                                        0x00be13cc
                                                                                                                                                                                                                                                        0x00be13cd
                                                                                                                                                                                                                                                        0x00be13d2
                                                                                                                                                                                                                                                        0x00be13d5
                                                                                                                                                                                                                                                        0x00be13d9
                                                                                                                                                                                                                                                        0x00be13dc
                                                                                                                                                                                                                                                        0x00be13de
                                                                                                                                                                                                                                                        0x00be13e0
                                                                                                                                                                                                                                                        0x00be13e2
                                                                                                                                                                                                                                                        0x00be13f0
                                                                                                                                                                                                                                                        0x00be13f2
                                                                                                                                                                                                                                                        0x00be13fc
                                                                                                                                                                                                                                                        0x00be1401
                                                                                                                                                                                                                                                        0x00be1404
                                                                                                                                                                                                                                                        0x00be1407
                                                                                                                                                                                                                                                        0x00be140a
                                                                                                                                                                                                                                                        0x00be140d
                                                                                                                                                                                                                                                        0x00be140e
                                                                                                                                                                                                                                                        0x00be141f
                                                                                                                                                                                                                                                        0x00be1423
                                                                                                                                                                                                                                                        0x00be1423
                                                                                                                                                                                                                                                        0x00be1426
                                                                                                                                                                                                                                                        0x00be1428
                                                                                                                                                                                                                                                        0x00be142b
                                                                                                                                                                                                                                                        0x00be142b
                                                                                                                                                                                                                                                        0x00be1433
                                                                                                                                                                                                                                                        0x00be1436
                                                                                                                                                                                                                                                        0x00be143e
                                                                                                                                                                                                                                                        0x00be1441
                                                                                                                                                                                                                                                        0x00be144a
                                                                                                                                                                                                                                                        0x00be1451
                                                                                                                                                                                                                                                        0x00be1454
                                                                                                                                                                                                                                                        0x00be1456
                                                                                                                                                                                                                                                        0x00be1457
                                                                                                                                                                                                                                                        0x00be145c
                                                                                                                                                                                                                                                        0x00be145f
                                                                                                                                                                                                                                                        0x00be1461
                                                                                                                                                                                                                                                        0x00be1463
                                                                                                                                                                                                                                                        0x00be1470
                                                                                                                                                                                                                                                        0x00be1473
                                                                                                                                                                                                                                                        0x00be1481
                                                                                                                                                                                                                                                        0x00be1488
                                                                                                                                                                                                                                                        0x00be148b
                                                                                                                                                                                                                                                        0x00be148e
                                                                                                                                                                                                                                                        0x00be1491
                                                                                                                                                                                                                                                        0x00be1492
                                                                                                                                                                                                                                                        0x00be1496
                                                                                                                                                                                                                                                        0x00be1499
                                                                                                                                                                                                                                                        0x00be1499
                                                                                                                                                                                                                                                        0x00be149c
                                                                                                                                                                                                                                                        0x00be14a1
                                                                                                                                                                                                                                                        0x00be14a6
                                                                                                                                                                                                                                                        0x00be15a2
                                                                                                                                                                                                                                                        0x00be14ac
                                                                                                                                                                                                                                                        0x00be14b3
                                                                                                                                                                                                                                                        0x00be14b5
                                                                                                                                                                                                                                                        0x00be14bc
                                                                                                                                                                                                                                                        0x00be14bf
                                                                                                                                                                                                                                                        0x00be14c0
                                                                                                                                                                                                                                                        0x00be14c5
                                                                                                                                                                                                                                                        0x00be14c8
                                                                                                                                                                                                                                                        0x00be14cd
                                                                                                                                                                                                                                                        0x00be14cf
                                                                                                                                                                                                                                                        0x00be14d2
                                                                                                                                                                                                                                                        0x00be14d5
                                                                                                                                                                                                                                                        0x00be14e0
                                                                                                                                                                                                                                                        0x00be14e0
                                                                                                                                                                                                                                                        0x00be14e6
                                                                                                                                                                                                                                                        0x00be14eb
                                                                                                                                                                                                                                                        0x00be14ec
                                                                                                                                                                                                                                                        0x00be14f1
                                                                                                                                                                                                                                                        0x00be14f4
                                                                                                                                                                                                                                                        0x00be14f8
                                                                                                                                                                                                                                                        0x00be14fa
                                                                                                                                                                                                                                                        0x00be14fd
                                                                                                                                                                                                                                                        0x00be14fd
                                                                                                                                                                                                                                                        0x00be1502
                                                                                                                                                                                                                                                        0x00be1509
                                                                                                                                                                                                                                                        0x00be1513
                                                                                                                                                                                                                                                        0x00be1516
                                                                                                                                                                                                                                                        0x00be15bb
                                                                                                                                                                                                                                                        0x00be15c1
                                                                                                                                                                                                                                                        0x00be151c
                                                                                                                                                                                                                                                        0x00be1523
                                                                                                                                                                                                                                                        0x00be152d
                                                                                                                                                                                                                                                        0x00be152d
                                                                                                                                                                                                                                                        0x00be1533
                                                                                                                                                                                                                                                        0x00be153e
                                                                                                                                                                                                                                                        0x00be1541
                                                                                                                                                                                                                                                        0x00be1543
                                                                                                                                                                                                                                                        0x00be1546
                                                                                                                                                                                                                                                        0x00be154b
                                                                                                                                                                                                                                                        0x00be154b
                                                                                                                                                                                                                                                        0x00be154e
                                                                                                                                                                                                                                                        0x00be1553
                                                                                                                                                                                                                                                        0x00be1555
                                                                                                                                                                                                                                                        0x00be1556
                                                                                                                                                                                                                                                        0x00be155b
                                                                                                                                                                                                                                                        0x00be155b
                                                                                                                                                                                                                                                        0x00be155e
                                                                                                                                                                                                                                                        0x00be1561
                                                                                                                                                                                                                                                        0x00be1566
                                                                                                                                                                                                                                                        0x00be1568
                                                                                                                                                                                                                                                        0x00be1569
                                                                                                                                                                                                                                                        0x00be156e
                                                                                                                                                                                                                                                        0x00be156e
                                                                                                                                                                                                                                                        0x00be1575
                                                                                                                                                                                                                                                        0x00be15cc
                                                                                                                                                                                                                                                        0x00be15d7
                                                                                                                                                                                                                                                        0x00be15e0
                                                                                                                                                                                                                                                        0x00be169c
                                                                                                                                                                                                                                                        0x00be16ac
                                                                                                                                                                                                                                                        0x00be16b1
                                                                                                                                                                                                                                                        0x00be16b6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be16bc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be16bc
                                                                                                                                                                                                                                                        0x00be15e6
                                                                                                                                                                                                                                                        0x00be15e9
                                                                                                                                                                                                                                                        0x00be15ee
                                                                                                                                                                                                                                                        0x00be15f3
                                                                                                                                                                                                                                                        0x00be1680
                                                                                                                                                                                                                                                        0x00be1686
                                                                                                                                                                                                                                                        0x00be15f9
                                                                                                                                                                                                                                                        0x00be15f9
                                                                                                                                                                                                                                                        0x00be15f9
                                                                                                                                                                                                                                                        0x00be15fc
                                                                                                                                                                                                                                                        0x00be15fe
                                                                                                                                                                                                                                                        0x00be1603
                                                                                                                                                                                                                                                        0x00be162f
                                                                                                                                                                                                                                                        0x00be1641
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1643
                                                                                                                                                                                                                                                        0x00be1649
                                                                                                                                                                                                                                                        0x00be1651
                                                                                                                                                                                                                                                        0x00be1655
                                                                                                                                                                                                                                                        0x00be165d
                                                                                                                                                                                                                                                        0x00be167e
                                                                                                                                                                                                                                                        0x00be16c4
                                                                                                                                                                                                                                                        0x00be16c9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be167e
                                                                                                                                                                                                                                                        0x00be1655
                                                                                                                                                                                                                                                        0x00be1605
                                                                                                                                                                                                                                                        0x00be1605
                                                                                                                                                                                                                                                        0x00be1610
                                                                                                                                                                                                                                                        0x00be1615
                                                                                                                                                                                                                                                        0x00be161c
                                                                                                                                                                                                                                                        0x00be1621
                                                                                                                                                                                                                                                        0x00be1626
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1628
                                                                                                                                                                                                                                                        0x00be162d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be162d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1610
                                                                                                                                                                                                                                                        0x00be1603
                                                                                                                                                                                                                                                        0x00be15f3
                                                                                                                                                                                                                                                        0x00be1688
                                                                                                                                                                                                                                                        0x00be168b
                                                                                                                                                                                                                                                        0x00be168b
                                                                                                                                                                                                                                                        0x00be1575
                                                                                                                                                                                                                                                        0x00be157c
                                                                                                                                                                                                                                                        0x00be158a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BE13CD
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BE1457
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BE14C0
                                                                                                                                                                                                                                                        • CreateRestrictedToken.ADVAPI32(?,00000000,?,00000000,?,00000000,?,00000000,00000000), ref: 00BE152D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE1536
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE1546
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE1556
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BE1569
                                                                                                                                                                                                                                                        • DuplicateTokenEx.ADVAPI32(?,000F01FF,00000000,00000001,00000001,00000000), ref: 00BE15BB
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,00000012,00000000), ref: 00BE165D
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,00000012,00000000), ref: 00BE1664
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,00000000,?,000F01FF,00000000,00000000,?,?,?,?,?,?,00000012,00000000), ref: 00BE1676
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,00000012,00000000), ref: 00BE1680
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$??2@??3@$CurrentDuplicateHandleProcessToken$CreateRestrictedVerifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1132497096-0
                                                                                                                                                                                                                                                        • Opcode ID: 9bd4e405f4233c1c91ba6f3204a32774e732a25713a1bb07fe323d27e716aa85
                                                                                                                                                                                                                                                        • Instruction ID: 81901b1d7d49ad76fb394d0b0f7910be03a5a7cdf31d8d6a86db2c544e1603a4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9bd4e405f4233c1c91ba6f3204a32774e732a25713a1bb07fe323d27e716aa85
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 15A18E71E002549BDF14DFA9CC45BAEB7F6EF48354F2545A9E809AB392DB31AC05CB80
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 17%
                                                                                                                                                                                                                                                        			E00BB5EC0(signed int __ecx, char** __edx, void* __eflags, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				char** _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				void* _t66;
                                                                                                                                                                                                                                                        				int* _t68;
                                                                                                                                                                                                                                                        				signed short _t69;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				void* _t73;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				signed short _t75;
                                                                                                                                                                                                                                                        				char** _t77;
                                                                                                                                                                                                                                                        				int _t78;
                                                                                                                                                                                                                                                        				signed int* _t79;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				int _t99;
                                                                                                                                                                                                                                                        				intOrPtr* _t101;
                                                                                                                                                                                                                                                        				char* _t102;
                                                                                                                                                                                                                                                        				int _t103;
                                                                                                                                                                                                                                                        				signed int _t104;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t61 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t101 = _a4;
                                                                                                                                                                                                                                                        				_t77 = __edx;
                                                                                                                                                                                                                                                        				_v20 = _t61 ^ _t104;
                                                                                                                                                                                                                                                        				 *(_t101 + 8) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 4) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x10) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0xc) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x18) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x14) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x20) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x1c) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x28) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x24) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x30) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x2c) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x38) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x34) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x40) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x3c) = 0;
                                                                                                                                                                                                                                                        				 *(_t101 + 0x44) = 0;
                                                                                                                                                                                                                                                        				 *_t101 = 0x44;
                                                                                                                                                                                                                                                        				_v36 = __ecx;
                                                                                                                                                                                                                                                        				_t96 =  *(__ecx + 0xc);
                                                                                                                                                                                                                                                        				_t24 = __eflags != 0;
                                                                                                                                                                                                                                                        				_t81 = __ecx & 0xffffff00 | _t24;
                                                                                                                                                                                                                                                        				if(_t24 != 0) {
                                                                                                                                                                                                                                                        					_t97 = 2;
                                                                                                                                                                                                                                                        					__eflags = _t96;
                                                                                                                                                                                                                                                        					if(_t96 != 0) {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L13;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t97 = 1;
                                                                                                                                                                                                                                                        					if(_t96 == 0) {
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_t97 = _t81;
                                                                                                                                                                                                                                                        						__eflags = _t97;
                                                                                                                                                                                                                                                        						if(_t97 != 0) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						if(_t97 == 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t77[3] = 0;
                                                                                                                                                                                                                                                        							 *_t77 = 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L3:
                                                                                                                                                                                                                                                        							_t66 =  &_v24;
                                                                                                                                                                                                                                                        							_v32 = _t77;
                                                                                                                                                                                                                                                        							_v24 = 0;
                                                                                                                                                                                                                                                        							_v28 = _t97;
                                                                                                                                                                                                                                                        							__imp__InitializeProcThreadAttributeList(0, _t97, 0, _t66);
                                                                                                                                                                                                                                                        							if(_t66 != 0) {
                                                                                                                                                                                                                                                        								L5:
                                                                                                                                                                                                                                                        								_t78 = _v24;
                                                                                                                                                                                                                                                        								__imp__moz_xmalloc(_t78);
                                                                                                                                                                                                                                                        								_t98 = _t66;
                                                                                                                                                                                                                                                        								memset(_t66, 0, _t78);
                                                                                                                                                                                                                                                        								_t68 =  &_v24;
                                                                                                                                                                                                                                                        								_v28 = _t98;
                                                                                                                                                                                                                                                        								__imp__InitializeProcThreadAttributeList(_t98, _v28, 0, _t68);
                                                                                                                                                                                                                                                        								if(_t68 == 0) {
                                                                                                                                                                                                                                                        									_t69 = GetLastError();
                                                                                                                                                                                                                                                        									_t77 = _v32;
                                                                                                                                                                                                                                                        									__eflags = _t69;
                                                                                                                                                                                                                                                        									_t86 =  <=  ? _t69 : _t69 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        									_t77[3] = 1;
                                                                                                                                                                                                                                                        									 *_t77 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/ProcThreadAttributes.h";
                                                                                                                                                                                                                                                        									_t77[1] = 0x72;
                                                                                                                                                                                                                                                        									_t77[2] =  <=  ? _t69 : _t69 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        									_push(_v28);
                                                                                                                                                                                                                                                        									goto L21;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t79 = _v36;
                                                                                                                                                                                                                                                        									_t71 =  *_t79 | _t79[1];
                                                                                                                                                                                                                                                        									if(_t71 != 0) {
                                                                                                                                                                                                                                                        										__imp__UpdateProcThreadAttribute(_v28, 0, 0x20007, _t79, 8, 0, 0);
                                                                                                                                                                                                                                                        										__eflags = _t71;
                                                                                                                                                                                                                                                        										if(_t71 != 0) {
                                                                                                                                                                                                                                                        											goto L7;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t102 = 0x81;
                                                                                                                                                                                                                                                        											goto L20;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L7:
                                                                                                                                                                                                                                                        										_t72 = _t79[3];
                                                                                                                                                                                                                                                        										_t99 = _v28;
                                                                                                                                                                                                                                                        										if(_t72 == 0) {
                                                                                                                                                                                                                                                        											L9:
                                                                                                                                                                                                                                                        											_t73 = _t79[8];
                                                                                                                                                                                                                                                        											_t79[8] = _t99;
                                                                                                                                                                                                                                                        											if(_t73 != 0) {
                                                                                                                                                                                                                                                        												__imp__DeleteProcThreadAttributeList(_t73);
                                                                                                                                                                                                                                                        												free(_t73);
                                                                                                                                                                                                                                                        												_t99 = _t79[8];
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t77 = _v32;
                                                                                                                                                                                                                                                        											 *(_t101 + 0x44) = _t99;
                                                                                                                                                                                                                                                        											 *_t101 = 0x48;
                                                                                                                                                                                                                                                        											_t77[3] = 0;
                                                                                                                                                                                                                                                        											 *_t77 = 1;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t74 = _t72 << 2;
                                                                                                                                                                                                                                                        											__imp__UpdateProcThreadAttribute(_t99, 0, 0x20002, _t79[2], _t74, 0, 0);
                                                                                                                                                                                                                                                        											if(_t74 == 0) {
                                                                                                                                                                                                                                                        												_t102 = 0x8b;
                                                                                                                                                                                                                                                        												L20:
                                                                                                                                                                                                                                                        												_t75 = GetLastError();
                                                                                                                                                                                                                                                        												_t77 = _v32;
                                                                                                                                                                                                                                                        												__eflags = _t75;
                                                                                                                                                                                                                                                        												_t89 =  <=  ? _t75 : _t75 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        												__eflags = _t89;
                                                                                                                                                                                                                                                        												_t77[3] = 1;
                                                                                                                                                                                                                                                        												 *_t77 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/ProcThreadAttributes.h";
                                                                                                                                                                                                                                                        												_t77[1] = _t102;
                                                                                                                                                                                                                                                        												_t103 = _v28;
                                                                                                                                                                                                                                                        												_t77[2] = _t89;
                                                                                                                                                                                                                                                        												__imp__DeleteProcThreadAttributeList(_t103);
                                                                                                                                                                                                                                                        												_push(_t103);
                                                                                                                                                                                                                                                        												L21:
                                                                                                                                                                                                                                                        												free();
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L9;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t66 = GetLastError();
                                                                                                                                                                                                                                                        								if(_t66 != 0x7a) {
                                                                                                                                                                                                                                                        									_t77 = _v32;
                                                                                                                                                                                                                                                        									__eflags = _t66;
                                                                                                                                                                                                                                                        									_t92 =  <=  ? _t66 : _t66 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        									_t77[3] = 1;
                                                                                                                                                                                                                                                        									 *_t77 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/ProcThreadAttributes.h";
                                                                                                                                                                                                                                                        									_t77[1] = 0x67;
                                                                                                                                                                                                                                                        									_t77[2] =  <=  ? _t66 : _t66 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L5;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t104, _t96);
                                                                                                                                                                                                                                                        				return _t77;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bb5ec9
                                                                                                                                                                                                                                                        0x00bb5ece
                                                                                                                                                                                                                                                        0x00bb5ed1
                                                                                                                                                                                                                                                        0x00bb5ed5
                                                                                                                                                                                                                                                        0x00bb5ed8
                                                                                                                                                                                                                                                        0x00bb5edf
                                                                                                                                                                                                                                                        0x00bb5ee6
                                                                                                                                                                                                                                                        0x00bb5eed
                                                                                                                                                                                                                                                        0x00bb5ef4
                                                                                                                                                                                                                                                        0x00bb5efb
                                                                                                                                                                                                                                                        0x00bb5f02
                                                                                                                                                                                                                                                        0x00bb5f09
                                                                                                                                                                                                                                                        0x00bb5f10
                                                                                                                                                                                                                                                        0x00bb5f17
                                                                                                                                                                                                                                                        0x00bb5f1e
                                                                                                                                                                                                                                                        0x00bb5f25
                                                                                                                                                                                                                                                        0x00bb5f2c
                                                                                                                                                                                                                                                        0x00bb5f33
                                                                                                                                                                                                                                                        0x00bb5f3a
                                                                                                                                                                                                                                                        0x00bb5f41
                                                                                                                                                                                                                                                        0x00bb5f48
                                                                                                                                                                                                                                                        0x00bb5f4f
                                                                                                                                                                                                                                                        0x00bb5f57
                                                                                                                                                                                                                                                        0x00bb5f5f
                                                                                                                                                                                                                                                        0x00bb5f62
                                                                                                                                                                                                                                                        0x00bb5f62
                                                                                                                                                                                                                                                        0x00bb5f65
                                                                                                                                                                                                                                                        0x00bb6053
                                                                                                                                                                                                                                                        0x00bb6058
                                                                                                                                                                                                                                                        0x00bb605a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5f6b
                                                                                                                                                                                                                                                        0x00bb5f6b
                                                                                                                                                                                                                                                        0x00bb5f72
                                                                                                                                                                                                                                                        0x00bb6060
                                                                                                                                                                                                                                                        0x00bb6062
                                                                                                                                                                                                                                                        0x00bb6064
                                                                                                                                                                                                                                                        0x00bb6066
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5f78
                                                                                                                                                                                                                                                        0x00bb5f78
                                                                                                                                                                                                                                                        0x00bb5f7a
                                                                                                                                                                                                                                                        0x00bb606c
                                                                                                                                                                                                                                                        0x00bb606c
                                                                                                                                                                                                                                                        0x00bb6070
                                                                                                                                                                                                                                                        0x00bb5f80
                                                                                                                                                                                                                                                        0x00bb5f80
                                                                                                                                                                                                                                                        0x00bb5f80
                                                                                                                                                                                                                                                        0x00bb5f83
                                                                                                                                                                                                                                                        0x00bb5f86
                                                                                                                                                                                                                                                        0x00bb5f90
                                                                                                                                                                                                                                                        0x00bb5f96
                                                                                                                                                                                                                                                        0x00bb5f9e
                                                                                                                                                                                                                                                        0x00bb5faf
                                                                                                                                                                                                                                                        0x00bb5faf
                                                                                                                                                                                                                                                        0x00bb5fb3
                                                                                                                                                                                                                                                        0x00bb5fbc
                                                                                                                                                                                                                                                        0x00bb5fc2
                                                                                                                                                                                                                                                        0x00bb5fca
                                                                                                                                                                                                                                                        0x00bb5fd3
                                                                                                                                                                                                                                                        0x00bb5fd7
                                                                                                                                                                                                                                                        0x00bb5fdf
                                                                                                                                                                                                                                                        0x00bb609c
                                                                                                                                                                                                                                                        0x00bb60a2
                                                                                                                                                                                                                                                        0x00bb60ae
                                                                                                                                                                                                                                                        0x00bb60b0
                                                                                                                                                                                                                                                        0x00bb60b3
                                                                                                                                                                                                                                                        0x00bb60b7
                                                                                                                                                                                                                                                        0x00bb60bd
                                                                                                                                                                                                                                                        0x00bb60c4
                                                                                                                                                                                                                                                        0x00bb60c7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5fe5
                                                                                                                                                                                                                                                        0x00bb5fe5
                                                                                                                                                                                                                                                        0x00bb5fea
                                                                                                                                                                                                                                                        0x00bb5fed
                                                                                                                                                                                                                                                        0x00bb60dd
                                                                                                                                                                                                                                                        0x00bb60e3
                                                                                                                                                                                                                                                        0x00bb60e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb60eb
                                                                                                                                                                                                                                                        0x00bb60eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb60eb
                                                                                                                                                                                                                                                        0x00bb5ff3
                                                                                                                                                                                                                                                        0x00bb5ff3
                                                                                                                                                                                                                                                        0x00bb5ff3
                                                                                                                                                                                                                                                        0x00bb5ff6
                                                                                                                                                                                                                                                        0x00bb5ffb
                                                                                                                                                                                                                                                        0x00bb601e
                                                                                                                                                                                                                                                        0x00bb601e
                                                                                                                                                                                                                                                        0x00bb6021
                                                                                                                                                                                                                                                        0x00bb6026
                                                                                                                                                                                                                                                        0x00bb613a
                                                                                                                                                                                                                                                        0x00bb6141
                                                                                                                                                                                                                                                        0x00bb614a
                                                                                                                                                                                                                                                        0x00bb614a
                                                                                                                                                                                                                                                        0x00bb602c
                                                                                                                                                                                                                                                        0x00bb602f
                                                                                                                                                                                                                                                        0x00bb6032
                                                                                                                                                                                                                                                        0x00bb6038
                                                                                                                                                                                                                                                        0x00bb603c
                                                                                                                                                                                                                                                        0x00bb5ffd
                                                                                                                                                                                                                                                        0x00bb5ffd
                                                                                                                                                                                                                                                        0x00bb6010
                                                                                                                                                                                                                                                        0x00bb6018
                                                                                                                                                                                                                                                        0x00bb60f2
                                                                                                                                                                                                                                                        0x00bb60f7
                                                                                                                                                                                                                                                        0x00bb60f7
                                                                                                                                                                                                                                                        0x00bb60fd
                                                                                                                                                                                                                                                        0x00bb6109
                                                                                                                                                                                                                                                        0x00bb610b
                                                                                                                                                                                                                                                        0x00bb610b
                                                                                                                                                                                                                                                        0x00bb610e
                                                                                                                                                                                                                                                        0x00bb6112
                                                                                                                                                                                                                                                        0x00bb6118
                                                                                                                                                                                                                                                        0x00bb611b
                                                                                                                                                                                                                                                        0x00bb611e
                                                                                                                                                                                                                                                        0x00bb6122
                                                                                                                                                                                                                                                        0x00bb6128
                                                                                                                                                                                                                                                        0x00bb6129
                                                                                                                                                                                                                                                        0x00bb6129
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6018
                                                                                                                                                                                                                                                        0x00bb5ffb
                                                                                                                                                                                                                                                        0x00bb5fed
                                                                                                                                                                                                                                                        0x00bb5fa0
                                                                                                                                                                                                                                                        0x00bb5fa0
                                                                                                                                                                                                                                                        0x00bb5fa9
                                                                                                                                                                                                                                                        0x00bb6075
                                                                                                                                                                                                                                                        0x00bb6081
                                                                                                                                                                                                                                                        0x00bb6083
                                                                                                                                                                                                                                                        0x00bb6086
                                                                                                                                                                                                                                                        0x00bb608a
                                                                                                                                                                                                                                                        0x00bb6090
                                                                                                                                                                                                                                                        0x00bb6097
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5fa9
                                                                                                                                                                                                                                                        0x00bb5f9e
                                                                                                                                                                                                                                                        0x00bb5f7a
                                                                                                                                                                                                                                                        0x00bb5f72
                                                                                                                                                                                                                                                        0x00bb6044
                                                                                                                                                                                                                                                        0x00bb6052

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • InitializeProcThreadAttributeList.KERNEL32(00000000,00000002,00000000,?), ref: 00BB5F96
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB5FA0
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB5FB3
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB5FC2
                                                                                                                                                                                                                                                        • InitializeProcThreadAttributeList.KERNEL32(00000000,?,00000000,?), ref: 00BB5FD7
                                                                                                                                                                                                                                                        • UpdateProcThreadAttribute.KERNEL32(?,00000000,00020002,00000000,00000000,00000000,00000000), ref: 00BB6010
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB609C
                                                                                                                                                                                                                                                        • UpdateProcThreadAttribute.KERNEL32(?,00000000,00020007,?,00000008,00000000,00000000), ref: 00BB60DD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB60F7
                                                                                                                                                                                                                                                        • DeleteProcThreadAttributeList.KERNEL32(?), ref: 00BB6122
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB6129
                                                                                                                                                                                                                                                        • DeleteProcThreadAttributeList.KERNEL32(00000000), ref: 00BB613A
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB6141
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AttributeProcThread$List$ErrorLast$DeleteInitializeUpdatefree$memsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 378947704-0
                                                                                                                                                                                                                                                        • Opcode ID: 9acff796f1c24c15f054abc8081520c06c2702636416e95081d58869077ea749
                                                                                                                                                                                                                                                        • Instruction ID: 86f2ab210f7fc7a7bae2fa0b601456eee40da39ee0313c96b0df1b9ca6ac9920
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9acff796f1c24c15f054abc8081520c06c2702636416e95081d58869077ea749
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DD7141B1500301DFEB209F65C895BBBBBF4FF44704F148499E9499F281DBBAA804CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BD4020(void* __ecx, long __edx, void* __eflags, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void** _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				long _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				long _t49;
                                                                                                                                                                                                                                                        				int _t53;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				int _t63;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				int _t72;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t90;
                                                                                                                                                                                                                                                        				long _t96;
                                                                                                                                                                                                                                                        				long _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				void* _t99;
                                                                                                                                                                                                                                                        				void** _t100;
                                                                                                                                                                                                                                                        				signed int _t101;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t92 = __edx;
                                                                                                                                                                                                                                                        				_v56 = __edx;
                                                                                                                                                                                                                                                        				_t71 = _a4;
                                                                                                                                                                                                                                                        				_t99 = __ecx;
                                                                                                                                                                                                                                                        				_t42 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t42 ^ _t101;
                                                                                                                                                                                                                                                        				if(E00BD48E0(_a4, L"Event") == 0) {
                                                                                                                                                                                                                                                        					if(E00BD48E0(_t71, L"File") != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t101, _t92);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				_t47 =  *((intOrPtr*)(_t99 + 8)) + 1;
                                                                                                                                                                                                                                                        				if(_t47 >= 2) {
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					__imp__GetCurrentProcessorNumber();
                                                                                                                                                                                                                                                        					_v44 = _t47;
                                                                                                                                                                                                                                                        					_t49 = SetThreadAffinityMask(GetCurrentThread(), 1 << _t47);
                                                                                                                                                                                                                                                        					_t72 = 0;
                                                                                                                                                                                                                                                        					_v48 = _t49;
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_v40 = _v44;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t96 = 1 << _v40;
                                                                                                                                                                                                                                                        						asm("bt eax, ecx");
                                                                                                                                                                                                                                                        						if(1 >= 0) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v40 != _v44) {
                                                                                                                                                                                                                                                        							SetThreadAffinityMask(GetCurrentThread(), _t96);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t98 = 0xffffffef;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							_t60 = GetCurrentProcess();
                                                                                                                                                                                                                                                        							_v60 =  *((intOrPtr*)(_t99 + 8));
                                                                                                                                                                                                                                                        							_t63 = DuplicateHandle(GetCurrentProcess(), _v60, _t60,  &_v36, 0, 0, 0);
                                                                                                                                                                                                                                                        							_t72 = _t63;
                                                                                                                                                                                                                                                        							if(_t63 == 0) {
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t64 = _v36;
                                                                                                                                                                                                                                                        							if(_t64 == _v56) {
                                                                                                                                                                                                                                                        								_v52 = 1;
                                                                                                                                                                                                                                                        								_t98 = _t98 + 1;
                                                                                                                                                                                                                                                        								if(_t98 == 0) {
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L14:
                                                                                                                                                                                                                                                        								if(_v36 < _v56) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t90 = _v28;
                                                                                                                                                                                                                                                        							_t92 = _v24;
                                                                                                                                                                                                                                                        							if(_v24 == _t90) {
                                                                                                                                                                                                                                                        								E00BCF210( &_v32, _t92,  &_v36);
                                                                                                                                                                                                                                                        								_t98 = _t98 + 1;
                                                                                                                                                                                                                                                        								if(_t98 != 0) {
                                                                                                                                                                                                                                                        									goto L14;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							 *_t90 = _t64;
                                                                                                                                                                                                                                                        							_v28 = _v28 + 4;
                                                                                                                                                                                                                                                        							_t98 = _t98 + 1;
                                                                                                                                                                                                                                                        							if(_t98 != 0) {
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L18:
                                                                                                                                                                                                                                                        						_t84 =  ==  ? 0 : _v40 + 1;
                                                                                                                                                                                                                                                        						_v40 = _t84;
                                                                                                                                                                                                                                                        					} while (_t84 != _v44 && _t72 != 0 && (_v52 & 0x00000001) == 0);
                                                                                                                                                                                                                                                        					_t53 = SetThreadAffinityMask(GetCurrentThread(), _v48);
                                                                                                                                                                                                                                                        					_t100 = _v32;
                                                                                                                                                                                                                                                        					_t97 = _v28;
                                                                                                                                                                                                                                                        					if(_t100 == _t97) {
                                                                                                                                                                                                                                                        						L24:
                                                                                                                                                                                                                                                        						E00BCF1B0(_t53,  &_v32);
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t53 = CloseHandle( *_t100);
                                                                                                                                                                                                                                                        						_t100 =  &(_t100[1]);
                                                                                                                                                                                                                                                        					} while (_t97 != _t100);
                                                                                                                                                                                                                                                        					goto L24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bd4020
                                                                                                                                                                                                                                                        0x00bd4029
                                                                                                                                                                                                                                                        0x00bd402c
                                                                                                                                                                                                                                                        0x00bd402f
                                                                                                                                                                                                                                                        0x00bd4031
                                                                                                                                                                                                                                                        0x00bd403a
                                                                                                                                                                                                                                                        0x00bd4049
                                                                                                                                                                                                                                                        0x00bd41f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4058
                                                                                                                                                                                                                                                        0x00bd4069
                                                                                                                                                                                                                                                        0x00bd4069
                                                                                                                                                                                                                                                        0x00bd404f
                                                                                                                                                                                                                                                        0x00bd4052
                                                                                                                                                                                                                                                        0x00bd4056
                                                                                                                                                                                                                                                        0x00bd406a
                                                                                                                                                                                                                                                        0x00bd4071
                                                                                                                                                                                                                                                        0x00bd4078
                                                                                                                                                                                                                                                        0x00bd407f
                                                                                                                                                                                                                                                        0x00bd408c
                                                                                                                                                                                                                                                        0x00bd4099
                                                                                                                                                                                                                                                        0x00bd40a2
                                                                                                                                                                                                                                                        0x00bd40a4
                                                                                                                                                                                                                                                        0x00bd40a7
                                                                                                                                                                                                                                                        0x00bd40ae
                                                                                                                                                                                                                                                        0x00bd40b1
                                                                                                                                                                                                                                                        0x00bd40c0
                                                                                                                                                                                                                                                        0x00bd40cb
                                                                                                                                                                                                                                                        0x00bd40cd
                                                                                                                                                                                                                                                        0x00bd40d0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd40dc
                                                                                                                                                                                                                                                        0x00bd40e6
                                                                                                                                                                                                                                                        0x00bd40e6
                                                                                                                                                                                                                                                        0x00bd40ec
                                                                                                                                                                                                                                                        0x00bd40f1
                                                                                                                                                                                                                                                        0x00bd4100
                                                                                                                                                                                                                                                        0x00bd4107
                                                                                                                                                                                                                                                        0x00bd4110
                                                                                                                                                                                                                                                        0x00bd4124
                                                                                                                                                                                                                                                        0x00bd412a
                                                                                                                                                                                                                                                        0x00bd412e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4130
                                                                                                                                                                                                                                                        0x00bd4136
                                                                                                                                                                                                                                                        0x00bd4152
                                                                                                                                                                                                                                                        0x00bd4155
                                                                                                                                                                                                                                                        0x00bd4156
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4158
                                                                                                                                                                                                                                                        0x00bd415e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4160
                                                                                                                                                                                                                                                        0x00bd4138
                                                                                                                                                                                                                                                        0x00bd413b
                                                                                                                                                                                                                                                        0x00bd4140
                                                                                                                                                                                                                                                        0x00bd416a
                                                                                                                                                                                                                                                        0x00bd416f
                                                                                                                                                                                                                                                        0x00bd4170
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4172
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4172
                                                                                                                                                                                                                                                        0x00bd4142
                                                                                                                                                                                                                                                        0x00bd4144
                                                                                                                                                                                                                                                        0x00bd4148
                                                                                                                                                                                                                                                        0x00bd4149
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd414b
                                                                                                                                                                                                                                                        0x00bd4180
                                                                                                                                                                                                                                                        0x00bd418c
                                                                                                                                                                                                                                                        0x00bd4192
                                                                                                                                                                                                                                                        0x00bd4192
                                                                                                                                                                                                                                                        0x00bd41b0
                                                                                                                                                                                                                                                        0x00bd41b6
                                                                                                                                                                                                                                                        0x00bd41b9
                                                                                                                                                                                                                                                        0x00bd41be
                                                                                                                                                                                                                                                        0x00bd41db
                                                                                                                                                                                                                                                        0x00bd41de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd41de
                                                                                                                                                                                                                                                        0x00bd41c6
                                                                                                                                                                                                                                                        0x00bd41d0
                                                                                                                                                                                                                                                        0x00bd41d2
                                                                                                                                                                                                                                                        0x00bd41d4
                                                                                                                                                                                                                                                        0x00bd41d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd41d0
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BD48E0: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BD4047,?,?,?,?,00BD4047,Event), ref: 00BD48EC
                                                                                                                                                                                                                                                        • GetCurrentProcessorNumber.KERNEL32(File,Event), ref: 00BD407F
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD4091
                                                                                                                                                                                                                                                        • SetThreadAffinityMask.KERNEL32(00000000,00000001), ref: 00BD4099
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD40DE
                                                                                                                                                                                                                                                        • SetThreadAffinityMask.KERNEL32(00000000,00000001), ref: 00BD40E6
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000), ref: 00BD4124
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD41A6
                                                                                                                                                                                                                                                        • SetThreadAffinityMask.KERNEL32(00000000,?), ref: 00BD41B0
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00BD41D2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Thread$Current$AffinityMask$Handle$CloseDuplicateNumberProcessorwcslen
                                                                                                                                                                                                                                                        • String ID: Event$File
                                                                                                                                                                                                                                                        • API String ID: 1300822950-4063823755
                                                                                                                                                                                                                                                        • Opcode ID: 7314ec050b50fdcbcdfbe3fbaf0ba9da180908c33a74da0cf54c8ee464c8e897
                                                                                                                                                                                                                                                        • Instruction ID: 98a67c5786ece510888e95dc09727f72b5e47e4a900cb2cb5beae2d21fae8d76
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7314ec050b50fdcbcdfbe3fbaf0ba9da180908c33a74da0cf54c8ee464c8e897
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D514775A00209ABDB14DFA4E884BBEBBF5FF48314F1400A9E916B7350EB319C84CB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BB5790(void* __ebx, signed short* __ecx, char __edx, signed int _a4) {
                                                                                                                                                                                                                                                        				signed short* _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				signed int _t91;
                                                                                                                                                                                                                                                        				signed short _t92;
                                                                                                                                                                                                                                                        				long _t94;
                                                                                                                                                                                                                                                        				signed short _t95;
                                                                                                                                                                                                                                                        				long _t97;
                                                                                                                                                                                                                                                        				signed short _t98;
                                                                                                                                                                                                                                                        				long _t100;
                                                                                                                                                                                                                                                        				signed short _t101;
                                                                                                                                                                                                                                                        				long _t103;
                                                                                                                                                                                                                                                        				signed short _t104;
                                                                                                                                                                                                                                                        				long _t106;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				intOrPtr _t114;
                                                                                                                                                                                                                                                        				signed short* _t118;
                                                                                                                                                                                                                                                        				signed short _t119;
                                                                                                                                                                                                                                                        				long _t121;
                                                                                                                                                                                                                                                        				signed short _t122;
                                                                                                                                                                                                                                                        				long _t124;
                                                                                                                                                                                                                                                        				signed short _t125;
                                                                                                                                                                                                                                                        				long _t127;
                                                                                                                                                                                                                                                        				signed short _t128;
                                                                                                                                                                                                                                                        				long _t130;
                                                                                                                                                                                                                                                        				signed short _t131;
                                                                                                                                                                                                                                                        				long _t133;
                                                                                                                                                                                                                                                        				intOrPtr* _t135;
                                                                                                                                                                                                                                                        				signed short* _t138;
                                                                                                                                                                                                                                                        				signed int _t141;
                                                                                                                                                                                                                                                        				intOrPtr _t145;
                                                                                                                                                                                                                                                        				long _t148;
                                                                                                                                                                                                                                                        				signed int _t157;
                                                                                                                                                                                                                                                        				intOrPtr _t164;
                                                                                                                                                                                                                                                        				signed int _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				signed int _t182;
                                                                                                                                                                                                                                                        				void* _t187;
                                                                                                                                                                                                                                                        				signed int _t188;
                                                                                                                                                                                                                                                        				void* _t190;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t188 = _t187 - 0xc;
                                                                                                                                                                                                                                                        				_t91 =  *(__edx + 4);
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = __edx;
                                                                                                                                                                                                                                                        				if(_t91 == 0) {
                                                                                                                                                                                                                                                        					L42:
                                                                                                                                                                                                                                                        					return _t91;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t175 = _v24 + 8;
                                                                                                                                                                                                                                                        					_v28 = _a4;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						if(( *_t91 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t157 = _t91 + 4;
                                                                                                                                                                                                                                                        							_t171 = 0 |  *((short*)(_t91 + 2)) == 0x0000002d;
                                                                                                                                                                                                                                                        							_t181 =  ==  ? _t157 : _t91 + 2;
                                                                                                                                                                                                                                                        							_t92 =  *(_t91 + 2 + _t171 * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t92 == 0) {
                                                                                                                                                                                                                                                        								goto L2;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t94 = towlower(_t92 & 0x0000ffff);
                                                                                                                                                                                                                                                        								_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        								if(_t94 != 0x6f) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t95 =  *(_t181 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t95 == 0) {
                                                                                                                                                                                                                                                        										goto L2;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t97 = towlower(_t95 & 0x0000ffff);
                                                                                                                                                                                                                                                        										_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        										if(_t97 != 0x73) {
                                                                                                                                                                                                                                                        											goto L2;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t98 =  *(_t181 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        											if(_t98 == 0) {
                                                                                                                                                                                                                                                        												goto L2;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t100 = towlower(_t98 & 0x0000ffff);
                                                                                                                                                                                                                                                        												_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        												if(_t100 != 0x69) {
                                                                                                                                                                                                                                                        													goto L2;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t101 =  *(_t181 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t101 == 0) {
                                                                                                                                                                                                                                                        														goto L2;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t103 = towlower(_t101 & 0x0000ffff);
                                                                                                                                                                                                                                                        														_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        														if(_t103 != 0x6e) {
                                                                                                                                                                                                                                                        															goto L2;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t104 =  *(_t181 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t104 == 0) {
                                                                                                                                                                                                                                                        																goto L2;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t106 = towlower(_t104 & 0x0000ffff);
                                                                                                                                                                                                                                                        																_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																if(_t106 != 0x74 ||  *((short*)(_t181 + 0xa)) != 0) {
                                                                                                                                                                                                                                                        																	goto L2;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	if( *_v20 != 4) {
                                                                                                                                                                                                                                                        																		L43:
                                                                                                                                                                                                                                                        																		exit(0x7f);
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		_t186 = _t188;
                                                                                                                                                                                                                                                        																		_push(_t175);
                                                                                                                                                                                                                                                        																		_push(_t181);
                                                                                                                                                                                                                                                        																		_t190 = _t188 - 0x24;
                                                                                                                                                                                                                                                        																		_t108 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        																		_t182 = _t171;
                                                                                                                                                                                                                                                        																		_t176 = _t157;
                                                                                                                                                                                                                                                        																		_v48 = _t108 ^ _t188;
                                                                                                                                                                                                                                                        																		if( *0xbfa778 == 1) {
                                                                                                                                                                                                                                                        																			__eflags =  *((char*)(_t176 + 0x18));
                                                                                                                                                                                                                                                        																			if( *((char*)(_t176 + 0x18)) != 0) {
                                                                                                                                                                                                                                                        																				 *((char*)(_t176 + 0x18)) = 0;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        																			asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        																			asm("movsd [edi+0x8], xmm1");
                                                                                                                                                                                                                                                        																			asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        																			goto L48;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t171 =  &_v36;
                                                                                                                                                                                                                                                        																			E00BB6950(_t176,  &_v36);
                                                                                                                                                                                                                                                        																			if(_v24 != 0) {
                                                                                                                                                                                                                                                        																				_t114 = _v28;
                                                                                                                                                                                                                                                        																				asm("movsd xmm0, [ebp-0x1c]");
                                                                                                                                                                                                                                                        																				goto L60;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				if( *((char*)(_t176 + 8)) != 0) {
                                                                                                                                                                                                                                                        																					_t171 =  &_v52;
                                                                                                                                                                                                                                                        																					E00BB7160(_t176,  &_v52,  *_t176,  *((intOrPtr*)(_t176 + 4))); // executed
                                                                                                                                                                                                                                                        																					_t190 = _t190 + 8;
                                                                                                                                                                                                                                                        																					__eflags = _v40;
                                                                                                                                                                                                                                                        																					if(_v40 != 0) {
                                                                                                                                                                                                                                                        																						goto L61;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						__eflags =  *((char*)(_t176 + 8));
                                                                                                                                                                                                                                                        																						if( *((char*)(_t176 + 8)) == 0) {
                                                                                                                                                                                                                                                        																							goto L47;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							 *((char*)(_t176 + 8)) = 0;
                                                                                                                                                                                                                                                        																							__eflags =  *((char*)(_t176 + 0x18));
                                                                                                                                                                                                                                                        																							if( *((char*)(_t176 + 0x18)) == 0) {
                                                                                                                                                                                                                                                        																								goto L48;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								goto L53;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					L47:
                                                                                                                                                                                                                                                        																					if( *((char*)(_t176 + 0x18)) != 0) {
                                                                                                                                                                                                                                                        																						L53:
                                                                                                                                                                                                                                                        																						_t171 =  &_v52;
                                                                                                                                                                                                                                                        																						E00BB6B60(_t176,  &_v52,  *((intOrPtr*)(_t176 + 0x10)),  *((intOrPtr*)(_t176 + 0x14)));
                                                                                                                                                                                                                                                        																						_t190 = _t190 + 8;
                                                                                                                                                                                                                                                        																						__eflags = _v40;
                                                                                                                                                                                                                                                        																						if(_v40 != 0) {
                                                                                                                                                                                                                                                        																							L61:
                                                                                                                                                                                                                                                        																							_t114 = _v44;
                                                                                                                                                                                                                                                        																							asm("movsd xmm0, [ebp-0x2c]");
                                                                                                                                                                                                                                                        																							L60:
                                                                                                                                                                                                                                                        																							 *((intOrPtr*)(_t182 + 8)) = _t114;
                                                                                                                                                                                                                                                        																							asm("movsd [esi], xmm0");
                                                                                                                                                                                                                                                        																							 *((char*)(_t182 + 0xc)) = 1;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							__eflags =  *((char*)(_t176 + 0x18));
                                                                                                                                                                                                                                                        																							if( *((char*)(_t176 + 0x18)) != 0) {
                                                                                                                                                                                                                                                        																								 *((char*)(_t176 + 0x18)) = 0;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							goto L48;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						L48:
                                                                                                                                                                                                                                                        																						 *((char*)(_t182 + 0xc)) = 0;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		E00BEECB0(_v20 ^ _t186, _t171);
                                                                                                                                                                                                                                                        																		return _t182;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t118 =  *(_v24 + 4);
                                                                                                                                                                                                                                                        																		_t157 =  *_t118 & 0x0000ffff | 0x00000002;
                                                                                                                                                                                                                                                        																		if(_t157 == 0x2f) {
                                                                                                                                                                                                                                                        																			_t157 =  &(_t118[2]);
                                                                                                                                                                                                                                                        																			_t171 = 0 | _t118[1] == 0x0000002d;
                                                                                                                                                                                                                                                        																			_t181 =  ==  ? _t157 :  &(_t118[1]);
                                                                                                                                                                                                                                                        																			_t119 =  *(_t118 + 2 + _t171 * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																			if(_t119 != 0) {
                                                                                                                                                                                                                                                        																				_t121 = towlower(_t119 & 0x0000ffff);
                                                                                                                                                                                                                                                        																				_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																				if(_t121 == 0x6f) {
                                                                                                                                                                                                                                                        																					_t122 =  *(_t181 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																					if(_t122 != 0) {
                                                                                                                                                                                                                                                        																						_t124 = towlower(_t122 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																						if(_t124 == 0x73) {
                                                                                                                                                                                                                                                        																							_t125 =  *(_t181 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        																							if(_t125 != 0) {
                                                                                                                                                                                                                                                        																								_t127 = towlower(_t125 & 0x0000ffff);
                                                                                                                                                                                                                                                        																								_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																								if(_t127 == 0x69) {
                                                                                                                                                                                                                                                        																									_t128 =  *(_t181 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        																									if(_t128 != 0) {
                                                                                                                                                                                                                                                        																										_t130 = towlower(_t128 & 0x0000ffff);
                                                                                                                                                                                                                                                        																										_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																										if(_t130 == 0x6e) {
                                                                                                                                                                                                                                                        																											_t131 =  *(_t181 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        																											if(_t131 != 0) {
                                                                                                                                                                                                                                                        																												_t133 = towlower(_t131 & 0x0000ffff);
                                                                                                                                                                                                                                                        																												_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																												if(_t133 == 0x74 &&  *((short*)(_t181 + 0xa)) == 0) {
                                                                                                                                                                                                                                                        																													_t135 = _v24 + 8;
                                                                                                                                                                                                                                                        																													do {
                                                                                                                                                                                                                                                        																														_t164 =  *_t135;
                                                                                                                                                                                                                                                        																														 *((intOrPtr*)(_t135 - 4)) = _t164;
                                                                                                                                                                                                                                                        																														_t135 = _t135 + 4;
                                                                                                                                                                                                                                                        																													} while (_t164 != 0);
                                                                                                                                                                                                                                                        																													 *_v20 =  *_v20 - 1;
                                                                                                                                                                                                                                                        																													_t138 =  *(_v24 + 4);
                                                                                                                                                                                                                                                        																													_t157 =  *_t138 & 0x0000ffff | 0x00000002;
                                                                                                                                                                                                                                                        																													if(_t157 == 0x2f) {
                                                                                                                                                                                                                                                        																														_t167 =  ==  ?  &(_t138[2]) :  &(_t138[1]);
                                                                                                                                                                                                                                                        																														_v20 =  ==  ?  &(_t138[2]) :  &(_t138[1]);
                                                                                                                                                                                                                                                        																														_t157 = _a4;
                                                                                                                                                                                                                                                        																														_t175 =  *_t157;
                                                                                                                                                                                                                                                        																														if(_t175 != 0) {
                                                                                                                                                                                                                                                        																															do {
                                                                                                                                                                                                                                                        																																_t141 =  *_v20 & 0x0000ffff;
                                                                                                                                                                                                                                                        																																__eflags = _t141;
                                                                                                                                                                                                                                                        																																_t157 = _t157 & 0xffffff00 | _t141 != 0x00000000;
                                                                                                                                                                                                                                                        																																__eflags =  *_t175;
                                                                                                                                                                                                                                                        																																if( *_t175 == 0) {
                                                                                                                                                                                                                                                        																																	L33:
                                                                                                                                                                                                                                                        																																	__eflags = _t157;
                                                                                                                                                                                                                                                        																																	if(_t157 == 0) {
                                                                                                                                                                                                                                                        																																		_t91 =  *( *(_v24 + 8)) & 0x0000ffff | 0x00000002;
                                                                                                                                                                                                                                                        																																		__eflags = _t91 - 0x2f;
                                                                                                                                                                                                                                                        																																		if(_t91 == 0x2f) {
                                                                                                                                                                                                                                                        																																			goto L43;
                                                                                                                                                                                                                                                        																																		} else {
                                                                                                                                                                                                                                                        																																			goto L42;
                                                                                                                                                                                                                                                        																																		}
                                                                                                                                                                                                                                                        																																	} else {
                                                                                                                                                                                                                                                        																																		goto L34;
                                                                                                                                                                                                                                                        																																	}
                                                                                                                                                                                                                                                        																																} else {
                                                                                                                                                                                                                                                        																																	_t181 = 2;
                                                                                                                                                                                                                                                        																																	while(1) {
                                                                                                                                                                                                                                                        																																		__eflags = _t157 & 0x00000001;
                                                                                                                                                                                                                                                        																																		if((_t157 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        																																			goto L34;
                                                                                                                                                                                                                                                        																																		}
                                                                                                                                                                                                                                                        																																		_t148 = towlower(_t141 & 0x0000ffff);
                                                                                                                                                                                                                                                        																																		_t188 = _t188 + 4;
                                                                                                                                                                                                                                                        																																		__eflags = _t148 -  *((intOrPtr*)(_t175 + _t181 - 2));
                                                                                                                                                                                                                                                        																																		if(_t148 !=  *((intOrPtr*)(_t175 + _t181 - 2))) {
                                                                                                                                                                                                                                                        																																			goto L34;
                                                                                                                                                                                                                                                        																																		} else {
                                                                                                                                                                                                                                                        																																			_t141 =  *(_v20 + _t181) & 0x0000ffff;
                                                                                                                                                                                                                                                        																																			__eflags = _t141;
                                                                                                                                                                                                                                                        																																			_t157 = _t157 & 0xffffff00 | _t141 != 0x00000000;
                                                                                                                                                                                                                                                        																																			__eflags =  *((short*)(_t175 + _t181));
                                                                                                                                                                                                                                                        																																			_t181 = _t181 + 2;
                                                                                                                                                                                                                                                        																																			if(__eflags != 0) {
                                                                                                                                                                                                                                                        																																				continue;
                                                                                                                                                                                                                                                        																																			} else {
                                                                                                                                                                                                                                                        																																				goto L33;
                                                                                                                                                                                                                                                        																																			}
                                                                                                                                                                                                                                                        																																		}
                                                                                                                                                                                                                                                        																																		goto L62;
                                                                                                                                                                                                                                                        																																	}
                                                                                                                                                                                                                                                        																																	goto L34;
                                                                                                                                                                                                                                                        																																}
                                                                                                                                                                                                                                                        																																goto L62;
                                                                                                                                                                                                                                                        																																L34:
                                                                                                                                                                                                                                                        																																_t145 = _v28;
                                                                                                                                                                                                                                                        																																_t175 =  *(_t145 + 4);
                                                                                                                                                                                                                                                        																																_v28 = _t145 + 4;
                                                                                                                                                                                                                                                        																																__eflags = _t175;
                                                                                                                                                                                                                                                        																															} while (_t175 != 0);
                                                                                                                                                                                                                                                        																														} else {
                                                                                                                                                                                                                                                        																														}
                                                                                                                                                                                                                                                        																													}
                                                                                                                                                                                                                                                        																												}
                                                                                                                                                                                                                                                        																											}
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		goto L43;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L62;
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t91 =  *_t175;
                                                                                                                                                                                                                                                        						_t175 = _t175 + 4;
                                                                                                                                                                                                                                                        						__eflags = _t91;
                                                                                                                                                                                                                                                        					} while (_t91 != 0);
                                                                                                                                                                                                                                                        					goto L42;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L62:
                                                                                                                                                                                                                                                        			}

















































                                                                                                                                                                                                                                                        0x00bb5796
                                                                                                                                                                                                                                                        0x00bb5799
                                                                                                                                                                                                                                                        0x00bb579c
                                                                                                                                                                                                                                                        0x00bb579f
                                                                                                                                                                                                                                                        0x00bb57a4
                                                                                                                                                                                                                                                        0x00bb5a25
                                                                                                                                                                                                                                                        0x00bb5a2c
                                                                                                                                                                                                                                                        0x00bb57aa
                                                                                                                                                                                                                                                        0x00bb57b6
                                                                                                                                                                                                                                                        0x00bb57b9
                                                                                                                                                                                                                                                        0x00bb57cd
                                                                                                                                                                                                                                                        0x00bb57d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb57d9
                                                                                                                                                                                                                                                        0x00bb57e3
                                                                                                                                                                                                                                                        0x00bb57e6
                                                                                                                                                                                                                                                        0x00bb57e9
                                                                                                                                                                                                                                                        0x00bb57ec
                                                                                                                                                                                                                                                        0x00bb57f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb57f6
                                                                                                                                                                                                                                                        0x00bb57fa
                                                                                                                                                                                                                                                        0x00bb57fc
                                                                                                                                                                                                                                                        0x00bb5803
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5805
                                                                                                                                                                                                                                                        0x00bb5805
                                                                                                                                                                                                                                                        0x00bb580c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb580e
                                                                                                                                                                                                                                                        0x00bb5812
                                                                                                                                                                                                                                                        0x00bb5814
                                                                                                                                                                                                                                                        0x00bb581b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb581d
                                                                                                                                                                                                                                                        0x00bb581d
                                                                                                                                                                                                                                                        0x00bb5824
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5826
                                                                                                                                                                                                                                                        0x00bb582a
                                                                                                                                                                                                                                                        0x00bb582c
                                                                                                                                                                                                                                                        0x00bb5833
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5835
                                                                                                                                                                                                                                                        0x00bb5835
                                                                                                                                                                                                                                                        0x00bb583c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb583e
                                                                                                                                                                                                                                                        0x00bb5842
                                                                                                                                                                                                                                                        0x00bb5844
                                                                                                                                                                                                                                                        0x00bb584b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5851
                                                                                                                                                                                                                                                        0x00bb5851
                                                                                                                                                                                                                                                        0x00bb5858
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb585e
                                                                                                                                                                                                                                                        0x00bb5862
                                                                                                                                                                                                                                                        0x00bb5864
                                                                                                                                                                                                                                                        0x00bb586b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb587c
                                                                                                                                                                                                                                                        0x00bb5882
                                                                                                                                                                                                                                                        0x00bb5a2d
                                                                                                                                                                                                                                                        0x00bb5a2f
                                                                                                                                                                                                                                                        0x00bb5a35
                                                                                                                                                                                                                                                        0x00bb5a36
                                                                                                                                                                                                                                                        0x00bb5a37
                                                                                                                                                                                                                                                        0x00bb5a38
                                                                                                                                                                                                                                                        0x00bb5a39
                                                                                                                                                                                                                                                        0x00bb5a3a
                                                                                                                                                                                                                                                        0x00bb5a3b
                                                                                                                                                                                                                                                        0x00bb5a3c
                                                                                                                                                                                                                                                        0x00bb5a3d
                                                                                                                                                                                                                                                        0x00bb5a3e
                                                                                                                                                                                                                                                        0x00bb5a3f
                                                                                                                                                                                                                                                        0x00bb5a41
                                                                                                                                                                                                                                                        0x00bb5a43
                                                                                                                                                                                                                                                        0x00bb5a44
                                                                                                                                                                                                                                                        0x00bb5a45
                                                                                                                                                                                                                                                        0x00bb5a48
                                                                                                                                                                                                                                                        0x00bb5a4d
                                                                                                                                                                                                                                                        0x00bb5a4f
                                                                                                                                                                                                                                                        0x00bb5a53
                                                                                                                                                                                                                                                        0x00bb5a5d
                                                                                                                                                                                                                                                        0x00bb5ae7
                                                                                                                                                                                                                                                        0x00bb5aee
                                                                                                                                                                                                                                                        0x00bb5af0
                                                                                                                                                                                                                                                        0x00bb5af0
                                                                                                                                                                                                                                                        0x00bb5af4
                                                                                                                                                                                                                                                        0x00bb5af8
                                                                                                                                                                                                                                                        0x00bb5afd
                                                                                                                                                                                                                                                        0x00bb5b02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5a63
                                                                                                                                                                                                                                                        0x00bb5a63
                                                                                                                                                                                                                                                        0x00bb5a68
                                                                                                                                                                                                                                                        0x00bb5a71
                                                                                                                                                                                                                                                        0x00bb5b0b
                                                                                                                                                                                                                                                        0x00bb5b0e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5a77
                                                                                                                                                                                                                                                        0x00bb5a7b
                                                                                                                                                                                                                                                        0x00bb5a9a
                                                                                                                                                                                                                                                        0x00bb5aa4
                                                                                                                                                                                                                                                        0x00bb5aa9
                                                                                                                                                                                                                                                        0x00bb5aac
                                                                                                                                                                                                                                                        0x00bb5ab0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ab2
                                                                                                                                                                                                                                                        0x00bb5ab2
                                                                                                                                                                                                                                                        0x00bb5ab6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ab8
                                                                                                                                                                                                                                                        0x00bb5ab8
                                                                                                                                                                                                                                                        0x00bb5abc
                                                                                                                                                                                                                                                        0x00bb5ac0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ac0
                                                                                                                                                                                                                                                        0x00bb5ab6
                                                                                                                                                                                                                                                        0x00bb5a7d
                                                                                                                                                                                                                                                        0x00bb5a7d
                                                                                                                                                                                                                                                        0x00bb5a81
                                                                                                                                                                                                                                                        0x00bb5ac2
                                                                                                                                                                                                                                                        0x00bb5ac2
                                                                                                                                                                                                                                                        0x00bb5acd
                                                                                                                                                                                                                                                        0x00bb5ad2
                                                                                                                                                                                                                                                        0x00bb5ad5
                                                                                                                                                                                                                                                        0x00bb5ad9
                                                                                                                                                                                                                                                        0x00bb5b23
                                                                                                                                                                                                                                                        0x00bb5b23
                                                                                                                                                                                                                                                        0x00bb5b26
                                                                                                                                                                                                                                                        0x00bb5b13
                                                                                                                                                                                                                                                        0x00bb5b13
                                                                                                                                                                                                                                                        0x00bb5b16
                                                                                                                                                                                                                                                        0x00bb5b1a
                                                                                                                                                                                                                                                        0x00bb5adb
                                                                                                                                                                                                                                                        0x00bb5adb
                                                                                                                                                                                                                                                        0x00bb5adf
                                                                                                                                                                                                                                                        0x00bb5ae1
                                                                                                                                                                                                                                                        0x00bb5ae1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5adf
                                                                                                                                                                                                                                                        0x00bb5a83
                                                                                                                                                                                                                                                        0x00bb5a83
                                                                                                                                                                                                                                                        0x00bb5a83
                                                                                                                                                                                                                                                        0x00bb5a83
                                                                                                                                                                                                                                                        0x00bb5a81
                                                                                                                                                                                                                                                        0x00bb5a7b
                                                                                                                                                                                                                                                        0x00bb5a71
                                                                                                                                                                                                                                                        0x00bb5a8c
                                                                                                                                                                                                                                                        0x00bb5a99
                                                                                                                                                                                                                                                        0x00bb5888
                                                                                                                                                                                                                                                        0x00bb588b
                                                                                                                                                                                                                                                        0x00bb5891
                                                                                                                                                                                                                                                        0x00bb5898
                                                                                                                                                                                                                                                        0x00bb58a8
                                                                                                                                                                                                                                                        0x00bb58ab
                                                                                                                                                                                                                                                        0x00bb58ae
                                                                                                                                                                                                                                                        0x00bb58b1
                                                                                                                                                                                                                                                        0x00bb58b9
                                                                                                                                                                                                                                                        0x00bb58c3
                                                                                                                                                                                                                                                        0x00bb58c9
                                                                                                                                                                                                                                                        0x00bb58d0
                                                                                                                                                                                                                                                        0x00bb58d6
                                                                                                                                                                                                                                                        0x00bb58dd
                                                                                                                                                                                                                                                        0x00bb58e7
                                                                                                                                                                                                                                                        0x00bb58ed
                                                                                                                                                                                                                                                        0x00bb58f4
                                                                                                                                                                                                                                                        0x00bb58fa
                                                                                                                                                                                                                                                        0x00bb5901
                                                                                                                                                                                                                                                        0x00bb590b
                                                                                                                                                                                                                                                        0x00bb5911
                                                                                                                                                                                                                                                        0x00bb5918
                                                                                                                                                                                                                                                        0x00bb591e
                                                                                                                                                                                                                                                        0x00bb5925
                                                                                                                                                                                                                                                        0x00bb592f
                                                                                                                                                                                                                                                        0x00bb5935
                                                                                                                                                                                                                                                        0x00bb593c
                                                                                                                                                                                                                                                        0x00bb5942
                                                                                                                                                                                                                                                        0x00bb5949
                                                                                                                                                                                                                                                        0x00bb5953
                                                                                                                                                                                                                                                        0x00bb5959
                                                                                                                                                                                                                                                        0x00bb5960
                                                                                                                                                                                                                                                        0x00bb5974
                                                                                                                                                                                                                                                        0x00bb5977
                                                                                                                                                                                                                                                        0x00bb5977
                                                                                                                                                                                                                                                        0x00bb5979
                                                                                                                                                                                                                                                        0x00bb597c
                                                                                                                                                                                                                                                        0x00bb597f
                                                                                                                                                                                                                                                        0x00bb5986
                                                                                                                                                                                                                                                        0x00bb598b
                                                                                                                                                                                                                                                        0x00bb5991
                                                                                                                                                                                                                                                        0x00bb5998
                                                                                                                                                                                                                                                        0x00bb59a9
                                                                                                                                                                                                                                                        0x00bb59ac
                                                                                                                                                                                                                                                        0x00bb59af
                                                                                                                                                                                                                                                        0x00bb59b2
                                                                                                                                                                                                                                                        0x00bb59b6
                                                                                                                                                                                                                                                        0x00bb59ce
                                                                                                                                                                                                                                                        0x00bb59d1
                                                                                                                                                                                                                                                        0x00bb59d4
                                                                                                                                                                                                                                                        0x00bb59d7
                                                                                                                                                                                                                                                        0x00bb59da
                                                                                                                                                                                                                                                        0x00bb59de
                                                                                                                                                                                                                                                        0x00bb59ba
                                                                                                                                                                                                                                                        0x00bb59ba
                                                                                                                                                                                                                                                        0x00bb59bc
                                                                                                                                                                                                                                                        0x00bb5a1c
                                                                                                                                                                                                                                                        0x00bb5a1f
                                                                                                                                                                                                                                                        0x00bb5a23
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59e0
                                                                                                                                                                                                                                                        0x00bb59e0
                                                                                                                                                                                                                                                        0x00bb59e5
                                                                                                                                                                                                                                                        0x00bb59e5
                                                                                                                                                                                                                                                        0x00bb59e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59ee
                                                                                                                                                                                                                                                        0x00bb59f0
                                                                                                                                                                                                                                                        0x00bb59f3
                                                                                                                                                                                                                                                        0x00bb59f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59fa
                                                                                                                                                                                                                                                        0x00bb59fd
                                                                                                                                                                                                                                                        0x00bb5a01
                                                                                                                                                                                                                                                        0x00bb5a04
                                                                                                                                                                                                                                                        0x00bb5a07
                                                                                                                                                                                                                                                        0x00bb5a0c
                                                                                                                                                                                                                                                        0x00bb5a0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5a11
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5a11
                                                                                                                                                                                                                                                        0x00bb5a0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59be
                                                                                                                                                                                                                                                        0x00bb59be
                                                                                                                                                                                                                                                        0x00bb59c1
                                                                                                                                                                                                                                                        0x00bb59c7
                                                                                                                                                                                                                                                        0x00bb59ca
                                                                                                                                                                                                                                                        0x00bb59ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb59b8
                                                                                                                                                                                                                                                        0x00bb59b6
                                                                                                                                                                                                                                                        0x00bb5998
                                                                                                                                                                                                                                                        0x00bb5960
                                                                                                                                                                                                                                                        0x00bb5949
                                                                                                                                                                                                                                                        0x00bb593c
                                                                                                                                                                                                                                                        0x00bb5925
                                                                                                                                                                                                                                                        0x00bb5918
                                                                                                                                                                                                                                                        0x00bb5901
                                                                                                                                                                                                                                                        0x00bb58f4
                                                                                                                                                                                                                                                        0x00bb58dd
                                                                                                                                                                                                                                                        0x00bb58d0
                                                                                                                                                                                                                                                        0x00bb58b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5898
                                                                                                                                                                                                                                                        0x00bb5882
                                                                                                                                                                                                                                                        0x00bb586b
                                                                                                                                                                                                                                                        0x00bb5858
                                                                                                                                                                                                                                                        0x00bb584b
                                                                                                                                                                                                                                                        0x00bb583c
                                                                                                                                                                                                                                                        0x00bb5833
                                                                                                                                                                                                                                                        0x00bb5824
                                                                                                                                                                                                                                                        0x00bb581b
                                                                                                                                                                                                                                                        0x00bb580c
                                                                                                                                                                                                                                                        0x00bb5803
                                                                                                                                                                                                                                                        0x00bb57f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb57c0
                                                                                                                                                                                                                                                        0x00bb57c0
                                                                                                                                                                                                                                                        0x00bb57c2
                                                                                                                                                                                                                                                        0x00bb57c5
                                                                                                                                                                                                                                                        0x00bb57c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb57cd
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00BB3E10,?), ref: 00BB57FA
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,00BB3E10,?), ref: 00BB5812
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,00BB3E10,?), ref: 00BB582A
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB3E10,?), ref: 00BB5842
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB3E10,?), ref: 00BB5862
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB58C3
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB58E7
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB590B
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB592F
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB5953
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB59EE
                                                                                                                                                                                                                                                        • exit.API-MS-WIN-CRT-RUNTIME-L1-1-0(0000007F,?,?,?,?,?,?,00BB3E10,?), ref: 00BB5A2F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: towlower$exit
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 135973829-0
                                                                                                                                                                                                                                                        • Opcode ID: 2be2da56336251f3454439df891963faa664f71317447881c691323b6724c90e
                                                                                                                                                                                                                                                        • Instruction ID: 8a85578b5cdbae220c39bb7ba98e8252dc976c9ccaf4ba39c45df494880cb3fa
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2be2da56336251f3454439df891963faa664f71317447881c691323b6724c90e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3671EBB8900A168BDF309F15D4466F673F4EF00710B8480E6EDC697151EBB4ED96D2A7
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 42%
                                                                                                                                                                                                                                                        			E00BE8770(void* __ecx, char __edx, void* __eflags, void* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v220;
                                                                                                                                                                                                                                                        				char _v224;
                                                                                                                                                                                                                                                        				intOrPtr _v232;
                                                                                                                                                                                                                                                        				char _v236;
                                                                                                                                                                                                                                                        				short _v240;
                                                                                                                                                                                                                                                        				intOrPtr _v244;
                                                                                                                                                                                                                                                        				intOrPtr _v248;
                                                                                                                                                                                                                                                        				char _v252;
                                                                                                                                                                                                                                                        				char _v256;
                                                                                                                                                                                                                                                        				char _v260;
                                                                                                                                                                                                                                                        				char _v264;
                                                                                                                                                                                                                                                        				char _v268;
                                                                                                                                                                                                                                                        				intOrPtr _v276;
                                                                                                                                                                                                                                                        				intOrPtr _v280;
                                                                                                                                                                                                                                                        				intOrPtr _v292;
                                                                                                                                                                                                                                                        				short _v296;
                                                                                                                                                                                                                                                        				short _v300;
                                                                                                                                                                                                                                                        				char _v316;
                                                                                                                                                                                                                                                        				short _v320;
                                                                                                                                                                                                                                                        				char _v324;
                                                                                                                                                                                                                                                        				char _v328;
                                                                                                                                                                                                                                                        				intOrPtr _v344;
                                                                                                                                                                                                                                                        				short _v352;
                                                                                                                                                                                                                                                        				void* _v356;
                                                                                                                                                                                                                                                        				void* _v360;
                                                                                                                                                                                                                                                        				intOrPtr _v364;
                                                                                                                                                                                                                                                        				signed short _v366;
                                                                                                                                                                                                                                                        				short _v368;
                                                                                                                                                                                                                                                        				signed short _v372;
                                                                                                                                                                                                                                                        				void* _v376;
                                                                                                                                                                                                                                                        				intOrPtr _v380;
                                                                                                                                                                                                                                                        				signed int _v384;
                                                                                                                                                                                                                                                        				void* _v392;
                                                                                                                                                                                                                                                        				char _v396;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				signed short _t91;
                                                                                                                                                                                                                                                        				intOrPtr _t93;
                                                                                                                                                                                                                                                        				void* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				char* _t102;
                                                                                                                                                                                                                                                        				char* _t103;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				char* _t118;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				void* _t123;
                                                                                                                                                                                                                                                        				void* _t124;
                                                                                                                                                                                                                                                        				char* _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				void* _t136;
                                                                                                                                                                                                                                                        				signed int* _t137;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t116 = __edx;
                                                                                                                                                                                                                                                        				_t67 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t123 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t67 ^ _t126;
                                                                                                                                                                                                                                                        				_v212 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenDirectoryObject",  &_v212);
                                                                                                                                                                                                                                                        				_v216 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtQuerySymbolicLinkObject",  &_v216);
                                                                                                                                                                                                                                                        				_v220 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenSymbolicLinkObject",  &_v220);
                                                                                                                                                                                                                                                        				_v224 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtClose",  &_v224);
                                                                                                                                                                                                                                                        				asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        				_v236 = 0;
                                                                                                                                                                                                                                                        				_v240 = 0;
                                                                                                                                                                                                                                                        				_v260 = 0;
                                                                                                                                                                                                                                                        				_v264 = 0;
                                                                                                                                                                                                                                                        				_t102 =  &_v256;
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x50], xmm0");
                                                                                                                                                                                                                                                        				E00BE5CE0(_t123, 0x40, 0, _t102,  &_v264, 0);
                                                                                                                                                                                                                                                        				_t134 = (_t127 & 0xfffffff0) - 0x140 + 0x38;
                                                                                                                                                                                                                                                        				_v268 = 0;
                                                                                                                                                                                                                                                        				_t80 = _v212( &_v268, 1, _t102);
                                                                                                                                                                                                                                                        				if(_t80 < 0) {
                                                                                                                                                                                                                                                        					_t124 = _t80;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        					_t125 =  &_v316;
                                                                                                                                                                                                                                                        					_v296 = 0;
                                                                                                                                                                                                                                                        					_v300 = 0;
                                                                                                                                                                                                                                                        					_v320 = 0;
                                                                                                                                                                                                                                                        					_v324 = 0;
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        					E00BE5CE0(__edx, 0x40, _v280, _t125,  &_v324, 0);
                                                                                                                                                                                                                                                        					_t136 = _t134 + 0x18;
                                                                                                                                                                                                                                                        					_v328 = 0;
                                                                                                                                                                                                                                                        					_t124 = _v232( &_v328, 0x80000000, _t125);
                                                                                                                                                                                                                                                        					_push(_v292);
                                                                                                                                                                                                                                                        					if(_v248() < 0) {
                                                                                                                                                                                                                                                        						_push("NT_SUCCESS(NtClose(symbolic_link_directory))");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v236, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sync_policy.cc", 0x3e);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t124 >= 0) {
                                                                                                                                                                                                                                                        						_t118 =  &_v360;
                                                                                                                                                                                                                                                        						_t103 =  &_v356;
                                                                                                                                                                                                                                                        						_v352 = 0;
                                                                                                                                                                                                                                                        						_v356 = 0;
                                                                                                                                                                                                                                                        						_v360 = 0;
                                                                                                                                                                                                                                                        						_t88 = _v244(_v344, _t103, _t118);
                                                                                                                                                                                                                                                        						if(_t88 != 0xc0000023) {
                                                                                                                                                                                                                                                        							_t124 = _t88;
                                                                                                                                                                                                                                                        							_push(_v356);
                                                                                                                                                                                                                                                        							if(_v264() < 0) {
                                                                                                                                                                                                                                                        								_push("NT_SUCCESS(NtClose(symbolic_link))");
                                                                                                                                                                                                                                                        								E00BC1FF0( &_v252, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sync_policy.cc", 0x47);
                                                                                                                                                                                                                                                        								E00BC20C0();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t91 = _v372;
                                                                                                                                                                                                                                                        							_v368 = 0;
                                                                                                                                                                                                                                                        							_v366 = _t91;
                                                                                                                                                                                                                                                        							_t93 = (_t91 & 0x0000ffff) + (_t91 & 0x0000ffff) + 2;
                                                                                                                                                                                                                                                        							L00BEF6CC();
                                                                                                                                                                                                                                                        							_t137 = _t136 + 4;
                                                                                                                                                                                                                                                        							_v364 = _t93;
                                                                                                                                                                                                                                                        							_t94 = _v256(_v356, _t103, _t118, _t93);
                                                                                                                                                                                                                                                        							_t124 = _t94;
                                                                                                                                                                                                                                                        							if(_t94 >= 0) {
                                                                                                                                                                                                                                                        								_t112 = _a4;
                                                                                                                                                                                                                                                        								_t121 = _v384;
                                                                                                                                                                                                                                                        								_t98 = _v376;
                                                                                                                                                                                                                                                        								_t116 =  *((intOrPtr*)(_t112 + 0x14));
                                                                                                                                                                                                                                                        								if(_t116 < _t121) {
                                                                                                                                                                                                                                                        									_t137 = _t137 - 0xc;
                                                                                                                                                                                                                                                        									_t116 = _v260;
                                                                                                                                                                                                                                                        									_v396 = _v260;
                                                                                                                                                                                                                                                        									_v392 = _t98;
                                                                                                                                                                                                                                                        									 *_t137 = _t121;
                                                                                                                                                                                                                                                        									E00BBA7D0(_t103, _t112, _t121, _t124);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t104 = _t112;
                                                                                                                                                                                                                                                        									if(_t116 >= 8) {
                                                                                                                                                                                                                                                        										_t104 =  *_t112;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *(_t112 + 0x10) = _t121;
                                                                                                                                                                                                                                                        									memmove(_t104, _t98, _t121 + _t121);
                                                                                                                                                                                                                                                        									_t137 =  &(_t137[3]);
                                                                                                                                                                                                                                                        									 *((short*)(_t104 + _t121 * 2)) = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_push(_v368);
                                                                                                                                                                                                                                                        							if(_v276() < 0) {
                                                                                                                                                                                                                                                        								_push("NT_SUCCESS(NtClose(symbolic_link))");
                                                                                                                                                                                                                                                        								E00BC1FF0( &_v264, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sync_policy.cc", 0x53);
                                                                                                                                                                                                                                                        								E00BC20C0();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t96 = _v380;
                                                                                                                                                                                                                                                        							if(_t96 != 0) {
                                                                                                                                                                                                                                                        								_push(_t96);
                                                                                                                                                                                                                                                        								L00BEF6D2();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v36 ^ _t126, _t116);
                                                                                                                                                                                                                                                        				return _t124;
                                                                                                                                                                                                                                                        			}



































































                                                                                                                                                                                                                                                        0x00be8770
                                                                                                                                                                                                                                                        0x00be877f
                                                                                                                                                                                                                                                        0x00be8786
                                                                                                                                                                                                                                                        0x00be878a
                                                                                                                                                                                                                                                        0x00be8795
                                                                                                                                                                                                                                                        0x00be87a3
                                                                                                                                                                                                                                                        0x00be87af
                                                                                                                                                                                                                                                        0x00be87bd
                                                                                                                                                                                                                                                        0x00be87c9
                                                                                                                                                                                                                                                        0x00be87d7
                                                                                                                                                                                                                                                        0x00be87e3
                                                                                                                                                                                                                                                        0x00be87f1
                                                                                                                                                                                                                                                        0x00be87f9
                                                                                                                                                                                                                                                        0x00be8800
                                                                                                                                                                                                                                                        0x00be8808
                                                                                                                                                                                                                                                        0x00be8810
                                                                                                                                                                                                                                                        0x00be8818
                                                                                                                                                                                                                                                        0x00be8820
                                                                                                                                                                                                                                                        0x00be8824
                                                                                                                                                                                                                                                        0x00be8832
                                                                                                                                                                                                                                                        0x00be8837
                                                                                                                                                                                                                                                        0x00be883e
                                                                                                                                                                                                                                                        0x00be884a
                                                                                                                                                                                                                                                        0x00be8853
                                                                                                                                                                                                                                                        0x00be89d2
                                                                                                                                                                                                                                                        0x00be8859
                                                                                                                                                                                                                                                        0x00be8859
                                                                                                                                                                                                                                                        0x00be885c
                                                                                                                                                                                                                                                        0x00be8860
                                                                                                                                                                                                                                                        0x00be8868
                                                                                                                                                                                                                                                        0x00be8870
                                                                                                                                                                                                                                                        0x00be8878
                                                                                                                                                                                                                                                        0x00be8884
                                                                                                                                                                                                                                                        0x00be8894
                                                                                                                                                                                                                                                        0x00be8899
                                                                                                                                                                                                                                                        0x00be889c
                                                                                                                                                                                                                                                        0x00be88b6
                                                                                                                                                                                                                                                        0x00be88b8
                                                                                                                                                                                                                                                        0x00be88c2
                                                                                                                                                                                                                                                        0x00be88cd
                                                                                                                                                                                                                                                        0x00be88d9
                                                                                                                                                                                                                                                        0x00be88e0
                                                                                                                                                                                                                                                        0x00be88e0
                                                                                                                                                                                                                                                        0x00be88e7
                                                                                                                                                                                                                                                        0x00be88ed
                                                                                                                                                                                                                                                        0x00be88f1
                                                                                                                                                                                                                                                        0x00be88f5
                                                                                                                                                                                                                                                        0x00be88fd
                                                                                                                                                                                                                                                        0x00be8905
                                                                                                                                                                                                                                                        0x00be8913
                                                                                                                                                                                                                                                        0x00be891f
                                                                                                                                                                                                                                                        0x00be89ec
                                                                                                                                                                                                                                                        0x00be89ee
                                                                                                                                                                                                                                                        0x00be89f8
                                                                                                                                                                                                                                                        0x00be8a03
                                                                                                                                                                                                                                                        0x00be8a0f
                                                                                                                                                                                                                                                        0x00be8a16
                                                                                                                                                                                                                                                        0x00be8a16
                                                                                                                                                                                                                                                        0x00be8925
                                                                                                                                                                                                                                                        0x00be8925
                                                                                                                                                                                                                                                        0x00be8929
                                                                                                                                                                                                                                                        0x00be8930
                                                                                                                                                                                                                                                        0x00be8938
                                                                                                                                                                                                                                                        0x00be893d
                                                                                                                                                                                                                                                        0x00be8942
                                                                                                                                                                                                                                                        0x00be8945
                                                                                                                                                                                                                                                        0x00be894f
                                                                                                                                                                                                                                                        0x00be8956
                                                                                                                                                                                                                                                        0x00be895a
                                                                                                                                                                                                                                                        0x00be895c
                                                                                                                                                                                                                                                        0x00be895f
                                                                                                                                                                                                                                                        0x00be8963
                                                                                                                                                                                                                                                        0x00be8967
                                                                                                                                                                                                                                                        0x00be896c
                                                                                                                                                                                                                                                        0x00be8a1d
                                                                                                                                                                                                                                                        0x00be8a20
                                                                                                                                                                                                                                                        0x00be8a27
                                                                                                                                                                                                                                                        0x00be8a2b
                                                                                                                                                                                                                                                        0x00be8a2f
                                                                                                                                                                                                                                                        0x00be8a32
                                                                                                                                                                                                                                                        0x00be8972
                                                                                                                                                                                                                                                        0x00be8975
                                                                                                                                                                                                                                                        0x00be8977
                                                                                                                                                                                                                                                        0x00be8979
                                                                                                                                                                                                                                                        0x00be8979
                                                                                                                                                                                                                                                        0x00be897b
                                                                                                                                                                                                                                                        0x00be8984
                                                                                                                                                                                                                                                        0x00be8989
                                                                                                                                                                                                                                                        0x00be898c
                                                                                                                                                                                                                                                        0x00be898c
                                                                                                                                                                                                                                                        0x00be896c
                                                                                                                                                                                                                                                        0x00be8992
                                                                                                                                                                                                                                                        0x00be899c
                                                                                                                                                                                                                                                        0x00be89a7
                                                                                                                                                                                                                                                        0x00be89b3
                                                                                                                                                                                                                                                        0x00be89ba
                                                                                                                                                                                                                                                        0x00be89ba
                                                                                                                                                                                                                                                        0x00be89bf
                                                                                                                                                                                                                                                        0x00be89c5
                                                                                                                                                                                                                                                        0x00be89c7
                                                                                                                                                                                                                                                        0x00be89c8
                                                                                                                                                                                                                                                        0x00be89cd
                                                                                                                                                                                                                                                        0x00be89c5
                                                                                                                                                                                                                                                        0x00be891f
                                                                                                                                                                                                                                                        0x00be88e7
                                                                                                                                                                                                                                                        0x00be89dd
                                                                                                                                                                                                                                                        0x00be89eb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetModuleHandleW.KERNEL32(ntdll.dll,00BE3B27,NtQueryObject,00BFB690), ref: 00BEB424
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5CE0: GetModuleHandleW.KERNEL32(ntdll.dll,?,00000000,?,?,00BE33B2,?,00000000,00000000,?,?,00000000), ref: 00BE5CF7
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5CE0: GetProcAddress.KERNEL32(00000000,RtlInitUnicodeString), ref: 00BE5D03
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(?), ref: 00BE893D
                                                                                                                                                                                                                                                        • memmove.NTDLL(00000000,?,00000000), ref: 00BE8984
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE89C8
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc$??1?$basic_streambuf@??2@??3@D@std@@@std@@U?$char_traits@memmove
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sync_policy.cc$NT_SUCCESS(NtClose(symbolic_link))$NT_SUCCESS(NtClose(symbolic_link_directory))$NtClose$NtOpenDirectoryObject$NtOpenSymbolicLinkObject$NtQuerySymbolicLinkObject
                                                                                                                                                                                                                                                        • API String ID: 147643932-953511637
                                                                                                                                                                                                                                                        • Opcode ID: 327ed70e389701dcababaf6a1b17a491e1bb55ca13bb211f7766255a42041f20
                                                                                                                                                                                                                                                        • Instruction ID: 8874b39991ce47583a065eacdb62bffd2dbb4b3c865d150c47603b17dfdc83a9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 327ed70e389701dcababaf6a1b17a491e1bb55ca13bb211f7766255a42041f20
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EA7183B4508344ABE7209F21C845B6FBBE9EF84704F10495DF99897291EB75D908CBA3
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBE2F4
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BBE32D
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BBE335
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BBE33D
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BBE345
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000033,00000000), ref: 00BBE350
                                                                                                                                                                                                                                                        • GetFileInformationByHandleEx.KERNEL32(00000000,00000012,?,00000018), ref: 00BBE36E
                                                                                                                                                                                                                                                        • GetFileInformationByHandle.KERNEL32(00000000,?), ref: 00BBE3DD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00BBE42F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h, xrefs: 00BBE293
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ConditionMask$FileHandleInformation$ErrorInfoLastVerifyVersionmemset
                                                                                                                                                                                                                                                        • String ID: /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h
                                                                                                                                                                                                                                                        • API String ID: 938157213-3364526140
                                                                                                                                                                                                                                                        • Opcode ID: 23adda15b5d5ba365648eac1e04b4bd746a4bf739505571e380deb096b28d9a2
                                                                                                                                                                                                                                                        • Instruction ID: bedd199001f899aec169a3e9c9ba1389a3f38995c10c6f4f452d014b4fcbd6bc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 23adda15b5d5ba365648eac1e04b4bd746a4bf739505571e380deb096b28d9a2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 59519070548B45ABE321CF24DC45BAAB7F8FF88700F008A1DF5999B290EBB1D584CB56
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BE2C30(void* __eflags, intOrPtr _a4, intOrPtr _a8, wchar_t* _a12, wchar_t* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v48;
                                                                                                                                                                                                                                                        				struct _ACL* _v52;
                                                                                                                                                                                                                                                        				int _v56;
                                                                                                                                                                                                                                                        				int _v60;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				void** _t36;
                                                                                                                                                                                                                                                        				long _t42;
                                                                                                                                                                                                                                                        				char* _t57;
                                                                                                                                                                                                                                                        				long _t58;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t25 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t57 =  &_v44;
                                                                                                                                                                                                                                                        				_v20 = _t25 ^ _t59;
                                                                                                                                                                                                                                                        				_v24 = 7;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				E00BBA740(_t57, L"S:(");
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, L"ML", 2);
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, 0xbf53d0, 2);
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, _a12, wcslen(_a12));
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, L";;;", 3);
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, _a16, wcslen(_a16));
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, ")", 1);
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v52 = 0;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v60 = 0;
                                                                                                                                                                                                                                                        				if(_v24 > 7) {
                                                                                                                                                                                                                                                        					_t57 = _v44;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t36 =  &_v48;
                                                                                                                                                                                                                                                        				_push(0);
                                                                                                                                                                                                                                                        				_push(_t36);
                                                                                                                                                                                                                                                        				_push(1);
                                                                                                                                                                                                                                                        				_push(_t57);
                                                                                                                                                                                                                                                        				L00BEF6DE();
                                                                                                                                                                                                                                                        				if(_t36 == 0) {
                                                                                                                                                                                                                                                        					_t58 = GetLastError();
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t55 =  &_v56;
                                                                                                                                                                                                                                                        					_t42 = GetSecurityDescriptorSacl(_v48,  &_v56,  &_v52,  &_v60);
                                                                                                                                                                                                                                                        					if(_t42 == 0) {
                                                                                                                                                                                                                                                        						_t42 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__imp__SetSecurityInfo(_a4, _a8, 0x10, 0, 0, 0, _v52);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t58 = _t42;
                                                                                                                                                                                                                                                        					_t37 = LocalFree(_v48);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BBDF30(_t37,  &_v44, _t55);
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t59, _t55);
                                                                                                                                                                                                                                                        				return _t58;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00be2c39
                                                                                                                                                                                                                                                        0x00be2c44
                                                                                                                                                                                                                                                        0x00be2c4b
                                                                                                                                                                                                                                                        0x00be2c4e
                                                                                                                                                                                                                                                        0x00be2c55
                                                                                                                                                                                                                                                        0x00be2c5c
                                                                                                                                                                                                                                                        0x00be2c67
                                                                                                                                                                                                                                                        0x00be2c75
                                                                                                                                                                                                                                                        0x00be2c83
                                                                                                                                                                                                                                                        0x00be2c95
                                                                                                                                                                                                                                                        0x00be2ca3
                                                                                                                                                                                                                                                        0x00be2cb5
                                                                                                                                                                                                                                                        0x00be2cc3
                                                                                                                                                                                                                                                        0x00be2ccc
                                                                                                                                                                                                                                                        0x00be2cd3
                                                                                                                                                                                                                                                        0x00be2cda
                                                                                                                                                                                                                                                        0x00be2ce1
                                                                                                                                                                                                                                                        0x00be2ce8
                                                                                                                                                                                                                                                        0x00be2cea
                                                                                                                                                                                                                                                        0x00be2cea
                                                                                                                                                                                                                                                        0x00be2ced
                                                                                                                                                                                                                                                        0x00be2cf0
                                                                                                                                                                                                                                                        0x00be2cf2
                                                                                                                                                                                                                                                        0x00be2cf3
                                                                                                                                                                                                                                                        0x00be2cf5
                                                                                                                                                                                                                                                        0x00be2cf6
                                                                                                                                                                                                                                                        0x00be2cfd
                                                                                                                                                                                                                                                        0x00be2d5c
                                                                                                                                                                                                                                                        0x00be2cff
                                                                                                                                                                                                                                                        0x00be2d05
                                                                                                                                                                                                                                                        0x00be2d0e
                                                                                                                                                                                                                                                        0x00be2d16
                                                                                                                                                                                                                                                        0x00be2d60
                                                                                                                                                                                                                                                        0x00be2d18
                                                                                                                                                                                                                                                        0x00be2d29
                                                                                                                                                                                                                                                        0x00be2d29
                                                                                                                                                                                                                                                        0x00be2d2f
                                                                                                                                                                                                                                                        0x00be2d34
                                                                                                                                                                                                                                                        0x00be2d34
                                                                                                                                                                                                                                                        0x00be2d3d
                                                                                                                                                                                                                                                        0x00be2d47
                                                                                                                                                                                                                                                        0x00be2d55

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BB73B0: memmove.NTDLL(00000000,?,?,?,?), ref: 00BB73EF
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BF53D0,00000002,00BF52B6,00000002,S:(), ref: 00BE2C89
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BE55E6,;;;,00000003,?,00000000,S:(), ref: 00BE2CA9
                                                                                                                                                                                                                                                        • ConvertStringSecurityDescriptorToSecurityDescriptorW.ADVAPI32(?,00000001,00000000,00000000), ref: 00BE2CF6
                                                                                                                                                                                                                                                        • GetSecurityDescriptorSacl.ADVAPI32(00000000,00000000,00000000,00000000,00BF5498,00000001,00BE55E6), ref: 00BE2D0E
                                                                                                                                                                                                                                                        • SetSecurityInfo.ADVAPI32(00BF54A2,00000007,00000010,00000000,00000000,00000000,00000000), ref: 00BE2D29
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BE2D34
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00BF5498,00000001,00BE55E6), ref: 00BE2D56
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE2D60
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Security$Descriptorwcslen$ErrorLastmemmove$ConvertFreeInfoLocalSaclString
                                                                                                                                                                                                                                                        • String ID: ;;;$S:(
                                                                                                                                                                                                                                                        • API String ID: 3467144744-3740438060
                                                                                                                                                                                                                                                        • Opcode ID: 21d1f4617d7ba002f02a7848699c299007958048067a680e18a4b1294269d8d4
                                                                                                                                                                                                                                                        • Instruction ID: dc25b440bc88050a1adb05a1c2cd76b9ad51056f375f5cfcfb9cdf6bd454ff1b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 21d1f4617d7ba002f02a7848699c299007958048067a680e18a4b1294269d8d4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9D315E71A40219ABDB20AB61DC8ABFE7BB9EF44714F104054FA0177290DFB16905DBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 84%
                                                                                                                                                                                                                                                        			E00BB3CA0(void** __ecx, void** __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				void* _v104;
                                                                                                                                                                                                                                                        				void* _v108;
                                                                                                                                                                                                                                                        				void* _v120;
                                                                                                                                                                                                                                                        				intOrPtr _v132;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				signed short _t25;
                                                                                                                                                                                                                                                        				void** _t28;
                                                                                                                                                                                                                                                        				signed short _t29;
                                                                                                                                                                                                                                                        				signed short _t34;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void _t50;
                                                                                                                                                                                                                                                        				void** _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t49 = __edx;
                                                                                                                                                                                                                                                        				_t55 = (_t53 & 0xfffffff8) - 0x60;
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t51 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t21 ^ _t52;
                                                                                                                                                                                                                                                        				if(DuplicateTokenEx( *__edx, 0, 0, 2, 1,  &_v96) == 0) {
                                                                                                                                                                                                                                                        					_t25 = GetLastError();
                                                                                                                                                                                                                                                        					_t51[3] = 1;
                                                                                                                                                                                                                                                        					 *_t51 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        					_t51[1] = 0x32;
                                                                                                                                                                                                                                                        					_t40 =  <=  ? _t25 : _t25 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					_t51[2] =  <=  ? _t25 : _t25 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t36 = _v104;
                                                                                                                                                                                                                                                        					_t28 =  &_v108;
                                                                                                                                                                                                                                                        					_t50 =  &_v100;
                                                                                                                                                                                                                                                        					_v108 = 0x44;
                                                                                                                                                                                                                                                        					__imp__CreateWellKnownSid(0x43, 0, _t50, _t28);
                                                                                                                                                                                                                                                        					if(_t28 == 0) {
                                                                                                                                                                                                                                                        						_t29 = GetLastError();
                                                                                                                                                                                                                                                        						_t51[3] = 1;
                                                                                                                                                                                                                                                        						 *_t51 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        						_t51[1] = 0x3b;
                                                                                                                                                                                                                                                        						_t45 =  <=  ? _t29 : _t29 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t51[2] =  <=  ? _t29 : _t29 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v132 = 0x20;
                                                                                                                                                                                                                                                        						 *_t55 = _t50;
                                                                                                                                                                                                                                                        						if(SetTokenInformation(_v120, 0x19, _t55, 8) == 0) {
                                                                                                                                                                                                                                                        							_t34 = GetLastError();
                                                                                                                                                                                                                                                        							 *_t51 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        							_t51[1] = 0x44;
                                                                                                                                                                                                                                                        							_t48 =  <=  ? _t34 : _t34 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							_t35 = 1;
                                                                                                                                                                                                                                                        							_t51[2] =  <=  ? _t34 : _t34 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *_t51 = _t36;
                                                                                                                                                                                                                                                        							_t35 = 0;
                                                                                                                                                                                                                                                        							_t36 = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t51[3] = _t35;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t36 + 1 >= 2) {
                                                                                                                                                                                                                                                        						CloseHandle(_t36);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v32 ^ _t52, _t49);
                                                                                                                                                                                                                                                        				return _t51;
                                                                                                                                                                                                                                                        			}
























                                                                                                                                                                                                                                                        0x00bb3ca0
                                                                                                                                                                                                                                                        0x00bb3ca9
                                                                                                                                                                                                                                                        0x00bb3cac
                                                                                                                                                                                                                                                        0x00bb3cb1
                                                                                                                                                                                                                                                        0x00bb3cb5
                                                                                                                                                                                                                                                        0x00bb3cd0
                                                                                                                                                                                                                                                        0x00bb3d34
                                                                                                                                                                                                                                                        0x00bb3d3d
                                                                                                                                                                                                                                                        0x00bb3d41
                                                                                                                                                                                                                                                        0x00bb3d47
                                                                                                                                                                                                                                                        0x00bb3d56
                                                                                                                                                                                                                                                        0x00bb3d59
                                                                                                                                                                                                                                                        0x00bb3cd2
                                                                                                                                                                                                                                                        0x00bb3cd2
                                                                                                                                                                                                                                                        0x00bb3cd6
                                                                                                                                                                                                                                                        0x00bb3cda
                                                                                                                                                                                                                                                        0x00bb3cde
                                                                                                                                                                                                                                                        0x00bb3cec
                                                                                                                                                                                                                                                        0x00bb3cf4
                                                                                                                                                                                                                                                        0x00bb3d71
                                                                                                                                                                                                                                                        0x00bb3d7a
                                                                                                                                                                                                                                                        0x00bb3d7e
                                                                                                                                                                                                                                                        0x00bb3d84
                                                                                                                                                                                                                                                        0x00bb3d93
                                                                                                                                                                                                                                                        0x00bb3d96
                                                                                                                                                                                                                                                        0x00bb3cf6
                                                                                                                                                                                                                                                        0x00bb3cf6
                                                                                                                                                                                                                                                        0x00bb3cfe
                                                                                                                                                                                                                                                        0x00bb3d14
                                                                                                                                                                                                                                                        0x00bb3d9b
                                                                                                                                                                                                                                                        0x00bb3da4
                                                                                                                                                                                                                                                        0x00bb3daa
                                                                                                                                                                                                                                                        0x00bb3db9
                                                                                                                                                                                                                                                        0x00bb3dbc
                                                                                                                                                                                                                                                        0x00bb3dbe
                                                                                                                                                                                                                                                        0x00bb3d1a
                                                                                                                                                                                                                                                        0x00bb3d1a
                                                                                                                                                                                                                                                        0x00bb3d1c
                                                                                                                                                                                                                                                        0x00bb3d1e
                                                                                                                                                                                                                                                        0x00bb3d1e
                                                                                                                                                                                                                                                        0x00bb3d20
                                                                                                                                                                                                                                                        0x00bb3d20
                                                                                                                                                                                                                                                        0x00bb3d29
                                                                                                                                                                                                                                                        0x00bb3d2c
                                                                                                                                                                                                                                                        0x00bb3d2c
                                                                                                                                                                                                                                                        0x00bb3d29
                                                                                                                                                                                                                                                        0x00bb3d62
                                                                                                                                                                                                                                                        0x00bb3d70

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • DuplicateTokenEx.ADVAPI32(?,00000000,00000000,00000002,00000001,?), ref: 00BB3CC8
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(00000043,00000000,?,?), ref: 00BB3CEC
                                                                                                                                                                                                                                                        • SetTokenInformation.ADVAPI32(?,00000019,?,00000008), ref: 00BB3D0C
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 00BB3D2C
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB3D34
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB3D71
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00000008), ref: 00BB3D9B
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Token$CloseCreateDuplicateHandleInformationKnownWell
                                                                                                                                                                                                                                                        • String ID: $/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp$D
                                                                                                                                                                                                                                                        • API String ID: 1699151596-3170737904
                                                                                                                                                                                                                                                        • Opcode ID: eaf5daa35a68eaaf4850250d914b169efbaf27e05abcea6f68521ef118f7f4a3
                                                                                                                                                                                                                                                        • Instruction ID: d2f885f032c7d5daac8da8b171fa4cd7c52aa0cdb975bdac8cffcd28893832a2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eaf5daa35a68eaaf4850250d914b169efbaf27e05abcea6f68521ef118f7f4a3
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9C316F712047419FE7248F25DC89B76BBE8FF44B14F10886EE99ACB290DBB4D548CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                                                                                                                        			E00BEB830(void* __eflags, intOrPtr _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v76;
                                                                                                                                                                                                                                                        				char _v144;
                                                                                                                                                                                                                                                        				void* _v148;
                                                                                                                                                                                                                                                        				void* _v152;
                                                                                                                                                                                                                                                        				char _v156;
                                                                                                                                                                                                                                                        				long _v160;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				long _t36;
                                                                                                                                                                                                                                                        				int _t38;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				char* _t51;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				char* _t65;
                                                                                                                                                                                                                                                        				wchar_t* _t67;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				intOrPtr* _t69;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t32 ^ _t70;
                                                                                                                                                                                                                                                        				_v24 = 7;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				E00BBA740( &_v44, L"sbox_alternate_desktop_");
                                                                                                                                                                                                                                                        				if(_a4 == 0) {
                                                                                                                                                                                                                                                        					E00BB73B0( &_v44, L"local_winstation_", 0x11);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t36 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        				_t67 =  &_v76;
                                                                                                                                                                                                                                                        				_v160 = _t36;
                                                                                                                                                                                                                                                        				 *(_t71 - 0x10) = _t67;
                                                                                                                                                                                                                                                        				E00BEBA50();
                                                                                                                                                                                                                                                        				_t38 = wcslen(_t67);
                                                                                                                                                                                                                                                        				_t65 =  &_v44;
                                                                                                                                                                                                                                                        				E00BB73B0(_t65, _t67, _t38);
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa0ec(GetCurrentThreadId());
                                                                                                                                                                                                                                                        				if(_t41 == 0) {
                                                                                                                                                                                                                                                        					_t68 = 0x24;
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v148 = 0;
                                                                                                                                                                                                                                                        					_v152 = 0;
                                                                                                                                                                                                                                                        					_v156 = 0xc;
                                                                                                                                                                                                                                                        					_v144 = 0;
                                                                                                                                                                                                                                                        					_t64 =  &_v144;
                                                                                                                                                                                                                                                        					__imp__GetSecurityInfo(_t41, 7, 4, 0, 0,  &_v144, 0,  &_v152);
                                                                                                                                                                                                                                                        					if(_t41 != 0) {
                                                                                                                                                                                                                                                        						_t68 = 0x25;
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						E00BBDF30(_t41,  &_v44, _t64);
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t70, _t64);
                                                                                                                                                                                                                                                        						return _t68;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t69 = _a8;
                                                                                                                                                                                                                                                        					_t54 =  *0xbfa0e8();
                                                                                                                                                                                                                                                        					_t46 = _a4;
                                                                                                                                                                                                                                                        					if(_t46 == 0) {
                                                                                                                                                                                                                                                        						if(_v24 > 7) {
                                                                                                                                                                                                                                                        							_t65 = _v44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t69 =  *0xbfa0e0(_t65, 0, 0, 0, 0xe0003,  &_v156);
                                                                                                                                                                                                                                                        						_t41 = LocalFree(_v152);
                                                                                                                                                                                                                                                        						if( *_t69 != 0) {
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							E00BE71D0( &_v144, 0x12);
                                                                                                                                                                                                                                                        							_t41 = E00BCC0B0( *_t69, 7,  &_v144, 3, 0xd013e);
                                                                                                                                                                                                                                                        							_t68 = 0;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						_t68 = 0xb;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t46);
                                                                                                                                                                                                                                                        					if( *0xbfa0f4() == 0) {
                                                                                                                                                                                                                                                        						_t41 = LocalFree(_v152);
                                                                                                                                                                                                                                                        						_t68 = 0xb;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_v24 <= 7) {
                                                                                                                                                                                                                                                        						_t51 =  &_v44;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t51 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *_t69 =  *0xbfa0e0(_t51, 0, 0, 0, 0xe0003,  &_v156);
                                                                                                                                                                                                                                                        					LocalFree(_v152);
                                                                                                                                                                                                                                                        					_push(_t54);
                                                                                                                                                                                                                                                        					if( *0xbfa0f4() == 0) {
                                                                                                                                                                                                                                                        						_t68 = 0xd;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if( *_t69 == 0) {
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00beb83c
                                                                                                                                                                                                                                                        0x00beb846
                                                                                                                                                                                                                                                        0x00beb849
                                                                                                                                                                                                                                                        0x00beb850
                                                                                                                                                                                                                                                        0x00beb857
                                                                                                                                                                                                                                                        0x00beb862
                                                                                                                                                                                                                                                        0x00beb86b
                                                                                                                                                                                                                                                        0x00beb9c4
                                                                                                                                                                                                                                                        0x00beb9c4
                                                                                                                                                                                                                                                        0x00beb871
                                                                                                                                                                                                                                                        0x00beb87a
                                                                                                                                                                                                                                                        0x00beb87d
                                                                                                                                                                                                                                                        0x00beb881
                                                                                                                                                                                                                                                        0x00beb884
                                                                                                                                                                                                                                                        0x00beb88d
                                                                                                                                                                                                                                                        0x00beb895
                                                                                                                                                                                                                                                        0x00beb89c
                                                                                                                                                                                                                                                        0x00beb8a8
                                                                                                                                                                                                                                                        0x00beb8b0
                                                                                                                                                                                                                                                        0x00beb9ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb8b6
                                                                                                                                                                                                                                                        0x00beb8bc
                                                                                                                                                                                                                                                        0x00beb8c6
                                                                                                                                                                                                                                                        0x00beb8d0
                                                                                                                                                                                                                                                        0x00beb8da
                                                                                                                                                                                                                                                        0x00beb8e4
                                                                                                                                                                                                                                                        0x00beb8f7
                                                                                                                                                                                                                                                        0x00beb8ff
                                                                                                                                                                                                                                                        0x00beb9d5
                                                                                                                                                                                                                                                        0x00beb99b
                                                                                                                                                                                                                                                        0x00beb99e
                                                                                                                                                                                                                                                        0x00beb9a8
                                                                                                                                                                                                                                                        0x00beb9b9
                                                                                                                                                                                                                                                        0x00beb9b9
                                                                                                                                                                                                                                                        0x00beb905
                                                                                                                                                                                                                                                        0x00beb90e
                                                                                                                                                                                                                                                        0x00beb910
                                                                                                                                                                                                                                                        0x00beb915
                                                                                                                                                                                                                                                        0x00beb9e0
                                                                                                                                                                                                                                                        0x00beb9e2
                                                                                                                                                                                                                                                        0x00beb9e2
                                                                                                                                                                                                                                                        0x00beb9fe
                                                                                                                                                                                                                                                        0x00beba06
                                                                                                                                                                                                                                                        0x00beba0f
                                                                                                                                                                                                                                                        0x00beb976
                                                                                                                                                                                                                                                        0x00beb980
                                                                                                                                                                                                                                                        0x00beb991
                                                                                                                                                                                                                                                        0x00beb999
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb999
                                                                                                                                                                                                                                                        0x00beba15
                                                                                                                                                                                                                                                        0x00beba15
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beba15
                                                                                                                                                                                                                                                        0x00beb91b
                                                                                                                                                                                                                                                        0x00beb924
                                                                                                                                                                                                                                                        0x00beba25
                                                                                                                                                                                                                                                        0x00beba2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beba2b
                                                                                                                                                                                                                                                        0x00beb92e
                                                                                                                                                                                                                                                        0x00beba35
                                                                                                                                                                                                                                                        0x00beb934
                                                                                                                                                                                                                                                        0x00beb934
                                                                                                                                                                                                                                                        0x00beb934
                                                                                                                                                                                                                                                        0x00beb950
                                                                                                                                                                                                                                                        0x00beb958
                                                                                                                                                                                                                                                        0x00beb95e
                                                                                                                                                                                                                                                        0x00beb967
                                                                                                                                                                                                                                                        0x00beba3d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb96d
                                                                                                                                                                                                                                                        0x00beb970
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb970
                                                                                                                                                                                                                                                        0x00beb967

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32(sbox_alternate_desktop_), ref: 00BEB871
                                                                                                                                                                                                                                                          • Part of subcall function 00BEBA50: __stdio_common_vsnwprintf_s.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,00000010,00000010,0x%X,00000000,?,?,00BEB889), ref: 00BEBA82
                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 00BEB8A1
                                                                                                                                                                                                                                                        • GetSecurityInfo.ADVAPI32(00000000,00000007,00000004,00000000,00000000,00000000,00000000,?), ref: 00BEB8F7
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BEB958
                                                                                                                                                                                                                                                          • Part of subcall function 00BE71D0: CreateWellKnownSid.ADVAPI32(00BCC1F2,00000000,?,?), ref: 00BE71F6
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: GetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,?,00000000,?), ref: 00BCC0F0
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: SetEntriesInAclW.ADVAPI32(00000001,?,?,00000000), ref: 00BCC146
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: SetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,00000000,00000000), ref: 00BCC15D
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: LocalFree.KERNEL32(00000000), ref: 00BCC16E
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: LocalFree.KERNEL32(00000000), ref: 00BCC173
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BEB88D
                                                                                                                                                                                                                                                          • Part of subcall function 00BB73B0: memmove.NTDLL(00000000,?,?,?,?), ref: 00BB73EF
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BEBA06
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BEBA25
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FreeLocal$InfoSecurity$Currentmemmovewcslen$CreateEntriesKnownProcessThreadWell__stdio_common_vsnwprintf_s
                                                                                                                                                                                                                                                        • String ID: local_winstation_$sbox_alternate_desktop_
                                                                                                                                                                                                                                                        • API String ID: 2206787284-58166206
                                                                                                                                                                                                                                                        • Opcode ID: f0c79a2e1ed0aa57bd0e20b6a90accc2876c5279d27ee721c43349e05722164a
                                                                                                                                                                                                                                                        • Instruction ID: a21438720a9b6391c58d74196c919dd5efec5eb715795b0c9eae93722d5c80c4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f0c79a2e1ed0aa57bd0e20b6a90accc2876c5279d27ee721c43349e05722164a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 73516E71A00218EBEB209F61DC49FBE7BF8EB04700F1044A9F649B7291DF745A84CB65
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BDFA90(intOrPtr __edx, intOrPtr _a4, intOrPtr* _a8, WCHAR* _a12, WCHAR* _a16, intOrPtr* _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _STARTUPINFOW _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				WCHAR* _t47;
                                                                                                                                                                                                                                                        				int _t48;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				int _t56;
                                                                                                                                                                                                                                                        				HANDLE* _t61;
                                                                                                                                                                                                                                                        				intOrPtr* _t65;
                                                                                                                                                                                                                                                        				intOrPtr _t72;
                                                                                                                                                                                                                                                        				void* _t73;
                                                                                                                                                                                                                                                        				intOrPtr* _t74;
                                                                                                                                                                                                                                                        				WCHAR* _t75;
                                                                                                                                                                                                                                                        				WCHAR* _t78;
                                                                                                                                                                                                                                                        				void* _t81;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t72 = __edx;
                                                                                                                                                                                                                                                        				_t45 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t73 = 5;
                                                                                                                                                                                                                                                        				_v20 = _t45 ^ _t82;
                                                                                                                                                                                                                                                        				if(_a4 + 0xfffffffb <= 1) {
                                                                                                                                                                                                                                                        					_t47 = _a16;
                                                                                                                                                                                                                                                        					_v88.lpDesktop = 0;
                                                                                                                                                                                                                                                        					_v88.lpReserved = 0;
                                                                                                                                                                                                                                                        					_v88.dwX = 0;
                                                                                                                                                                                                                                                        					_v88.lpTitle = 0;
                                                                                                                                                                                                                                                        					_v88.dwXSize = 0;
                                                                                                                                                                                                                                                        					_v88.dwY = 0;
                                                                                                                                                                                                                                                        					_v88.dwXCountChars = 0;
                                                                                                                                                                                                                                                        					_v88.dwYSize = 0;
                                                                                                                                                                                                                                                        					_v88.dwFillAttribute = 0;
                                                                                                                                                                                                                                                        					_v88.dwYCountChars = 0;
                                                                                                                                                                                                                                                        					_v88.wShowWindow = 0;
                                                                                                                                                                                                                                                        					_v88.dwFlags = 0;
                                                                                                                                                                                                                                                        					_v88.hStdInput = 0;
                                                                                                                                                                                                                                                        					_v88.lpReserved2 = 0;
                                                                                                                                                                                                                                                        					_v88.hStdError = 0;
                                                                                                                                                                                                                                                        					_v88.hStdOutput = 0;
                                                                                                                                                                                                                                                        					_v88.cb = 0x44;
                                                                                                                                                                                                                                                        					_t74 = _a20;
                                                                                                                                                                                                                                                        					if(_t47[0xa] > 7) {
                                                                                                                                                                                                                                                        						_t47 =  *_t47;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t78 = _a12;
                                                                                                                                                                                                                                                        					__imp___wcsdup(_t47);
                                                                                                                                                                                                                                                        					_t72 =  *((intOrPtr*)(_t74 + 0x10));
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t74 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        						_t74 =  *_t74;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t61 = _a24;
                                                                                                                                                                                                                                                        					_t65 = _a8;
                                                                                                                                                                                                                                                        					_t75 =  ==  ? _t72 : _t74;
                                                                                                                                                                                                                                                        					if(_t78[0xa] > 7) {
                                                                                                                                                                                                                                                        						_t78 =  *_t78;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v96 =  *_t65;
                                                                                                                                                                                                                                                        					_v92 = _t47;
                                                                                                                                                                                                                                                        					_t48 = CreateProcessW(_t78, _t47, 0, 0, 0, 0, 0, _t75,  &_v88, _t61);
                                                                                                                                                                                                                                                        					_t73 = 5;
                                                                                                                                                                                                                                                        					if(_t48 != 0) {
                                                                                                                                                                                                                                                        						_t80 =  ==  ? 0x1fffff : 0x101c01;
                                                                                                                                                                                                                                                        						_v100 =  *_t61;
                                                                                                                                                                                                                                                        						_t56 = DuplicateHandle(GetCurrentProcess(), _v100, _v96, _t61,  ==  ? 0x1fffff : 0x101c01, 0, 1);
                                                                                                                                                                                                                                                        						_t81 = _t61[1];
                                                                                                                                                                                                                                                        						if(_t56 == 0) {
                                                                                                                                                                                                                                                        							CloseHandle(_t81);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t77 =  ==  ? 0x1fffff : 0x100c43;
                                                                                                                                                                                                                                                        							_t73 = (0 | DuplicateHandle(GetCurrentProcess(), _t81, _v96,  &(_t61[1]),  ==  ? 0x1fffff : 0x100c43, 0, 1) == 0x00000000) + (0 | DuplicateHandle(GetCurrentProcess(), _t81, _v96,  &(_t61[1]),  ==  ? 0x1fffff : 0x100c43, 0, 1) == 0x00000000) * 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t49 = _v92;
                                                                                                                                                                                                                                                        					if(_t49 != 0) {
                                                                                                                                                                                                                                                        						free(_t49);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t82, _t72);
                                                                                                                                                                                                                                                        				return _t73;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bdfa90
                                                                                                                                                                                                                                                        0x00bdfa9c
                                                                                                                                                                                                                                                        0x00bdfaa1
                                                                                                                                                                                                                                                        0x00bdfaae
                                                                                                                                                                                                                                                        0x00bdfab1
                                                                                                                                                                                                                                                        0x00bdfac7
                                                                                                                                                                                                                                                        0x00bdfaca
                                                                                                                                                                                                                                                        0x00bdfad1
                                                                                                                                                                                                                                                        0x00bdfad8
                                                                                                                                                                                                                                                        0x00bdfadf
                                                                                                                                                                                                                                                        0x00bdfae6
                                                                                                                                                                                                                                                        0x00bdfaed
                                                                                                                                                                                                                                                        0x00bdfaf4
                                                                                                                                                                                                                                                        0x00bdfafb
                                                                                                                                                                                                                                                        0x00bdfb02
                                                                                                                                                                                                                                                        0x00bdfb09
                                                                                                                                                                                                                                                        0x00bdfb10
                                                                                                                                                                                                                                                        0x00bdfb17
                                                                                                                                                                                                                                                        0x00bdfb1e
                                                                                                                                                                                                                                                        0x00bdfb25
                                                                                                                                                                                                                                                        0x00bdfb2c
                                                                                                                                                                                                                                                        0x00bdfb33
                                                                                                                                                                                                                                                        0x00bdfb3a
                                                                                                                                                                                                                                                        0x00bdfb41
                                                                                                                                                                                                                                                        0x00bdfb48
                                                                                                                                                                                                                                                        0x00bdfb4a
                                                                                                                                                                                                                                                        0x00bdfb4a
                                                                                                                                                                                                                                                        0x00bdfb4c
                                                                                                                                                                                                                                                        0x00bdfb50
                                                                                                                                                                                                                                                        0x00bdfb59
                                                                                                                                                                                                                                                        0x00bdfb60
                                                                                                                                                                                                                                                        0x00bdfb62
                                                                                                                                                                                                                                                        0x00bdfb62
                                                                                                                                                                                                                                                        0x00bdfb66
                                                                                                                                                                                                                                                        0x00bdfb69
                                                                                                                                                                                                                                                        0x00bdfb6c
                                                                                                                                                                                                                                                        0x00bdfb73
                                                                                                                                                                                                                                                        0x00bdfb75
                                                                                                                                                                                                                                                        0x00bdfb75
                                                                                                                                                                                                                                                        0x00bdfb79
                                                                                                                                                                                                                                                        0x00bdfb8c
                                                                                                                                                                                                                                                        0x00bdfb91
                                                                                                                                                                                                                                                        0x00bdfb97
                                                                                                                                                                                                                                                        0x00bdfb9e
                                                                                                                                                                                                                                                        0x00bdfbb0
                                                                                                                                                                                                                                                        0x00bdfbb5
                                                                                                                                                                                                                                                        0x00bdfbcb
                                                                                                                                                                                                                                                        0x00bdfbd1
                                                                                                                                                                                                                                                        0x00bdfbd6
                                                                                                                                                                                                                                                        0x00bdfc28
                                                                                                                                                                                                                                                        0x00bdfbd8
                                                                                                                                                                                                                                                        0x00bdfbe9
                                                                                                                                                                                                                                                        0x00bdfc0a
                                                                                                                                                                                                                                                        0x00bdfc0a
                                                                                                                                                                                                                                                        0x00bdfbd6
                                                                                                                                                                                                                                                        0x00bdfc0d
                                                                                                                                                                                                                                                        0x00bdfc12
                                                                                                                                                                                                                                                        0x00bdfc19
                                                                                                                                                                                                                                                        0x00bdfc1f
                                                                                                                                                                                                                                                        0x00bdfc12
                                                                                                                                                                                                                                                        0x00bdfab8
                                                                                                                                                                                                                                                        0x00bdfac6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _wcsdup.MOZGLUE(00000000), ref: 00BDFB50
                                                                                                                                                                                                                                                        • CreateProcessW.KERNEL32 ref: 00BDFB91
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDFBB8
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,00000001,00000000,00101C01,00000000,00000001), ref: 00BDFBCB
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDFBEC
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000001,-00000004,00100C43,00000000,00000001), ref: 00BDFBFD
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BDFC19
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentDuplicateHandle$Create_wcsdupfree
                                                                                                                                                                                                                                                        • String ID: D
                                                                                                                                                                                                                                                        • API String ID: 588577352-2746444292
                                                                                                                                                                                                                                                        • Opcode ID: de9179062feb86628b885b46becc92ceb7f5c18bf1239d459eb491e89896a51a
                                                                                                                                                                                                                                                        • Instruction ID: bbdab96d93a01d1c0d75b343e85765eb1c4da7f19073517608077c25ed419d6a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: de9179062feb86628b885b46becc92ceb7f5c18bf1239d459eb491e89896a51a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 014158B1900209AFEB10CFA4DC98BAFBBB5FF44318F144469E916AB380DB759945CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 86%
                                                                                                                                                                                                                                                        			E00BCC210(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        				intOrPtr* _t29;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				intOrPtr* _t41;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				intOrPtr* _t48;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t22 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t22 ^ _t50;
                                                                                                                                                                                                                                                        				_t39 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t45 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t24 =  *0xbfb4e0;
                                                                                                                                                                                                                                                        				if( *0xbfb4e0 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t39 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					E00BEE547(_t24, 0xbfb4e0);
                                                                                                                                                                                                                                                        					_t51 = _t51 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfb4e0 == 0xffffffff) {
                                                                                                                                                                                                                                                        						 *0xbfb4dc = GetProcAddress(GetModuleHandleW(L"userenv"), "CreateAppContainerProfile");
                                                                                                                                                                                                                                                        						E00BEE599(0xbfb4e0);
                                                                                                                                                                                                                                                        						_t51 = _t51 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t41 =  *0xbfb4dc;
                                                                                                                                                                                                                                                        				if(_t41 == 0) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t48 = 0;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t49 = _a4;
                                                                                                                                                                                                                                                        					_t45 = _a8;
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					_t29 =  *_t41(_a4, _a8, _a12, 0, 0,  &_v92);
                                                                                                                                                                                                                                                        					if(_t29 == 0x800700b7) {
                                                                                                                                                                                                                                                        						_t48 = E00BCC360(_t49);
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t50, _t45);
                                                                                                                                                                                                                                                        						return _t48;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t29 < 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t38 = _v92;
                                                                                                                                                                                                                                                        						_push(0x68);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t48 = _t29;
                                                                                                                                                                                                                                                        						_t47 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t47, _t38);
                                                                                                                                                                                                                                                        						 *_t48 = 0xbf1210;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 4)) = 0;
                                                                                                                                                                                                                                                        						_t13 = _t48 + 8; // 0x8
                                                                                                                                                                                                                                                        						memcpy(_t13, _t47, 0x44);
                                                                                                                                                                                                                                                        						 *((char*)(_t48 + 0x4c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 0x54)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 0x50)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 0x5c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 0x58)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 0x64)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t48 + 0x60)) = 0;
                                                                                                                                                                                                                                                        						if(_t38 != 0) {
                                                                                                                                                                                                                                                        							FreeSid(_t38);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bcc219
                                                                                                                                                                                                                                                        0x00bcc220
                                                                                                                                                                                                                                                        0x00bcc223
                                                                                                                                                                                                                                                        0x00bcc229
                                                                                                                                                                                                                                                        0x00bcc230
                                                                                                                                                                                                                                                        0x00bcc23e
                                                                                                                                                                                                                                                        0x00bcc317
                                                                                                                                                                                                                                                        0x00bcc31c
                                                                                                                                                                                                                                                        0x00bcc326
                                                                                                                                                                                                                                                        0x00bcc343
                                                                                                                                                                                                                                                        0x00bcc34d
                                                                                                                                                                                                                                                        0x00bcc352
                                                                                                                                                                                                                                                        0x00bcc352
                                                                                                                                                                                                                                                        0x00bcc326
                                                                                                                                                                                                                                                        0x00bcc244
                                                                                                                                                                                                                                                        0x00bcc24c
                                                                                                                                                                                                                                                        0x00bcc2ef
                                                                                                                                                                                                                                                        0x00bcc2ef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc252
                                                                                                                                                                                                                                                        0x00bcc255
                                                                                                                                                                                                                                                        0x00bcc258
                                                                                                                                                                                                                                                        0x00bcc25e
                                                                                                                                                                                                                                                        0x00bcc26d
                                                                                                                                                                                                                                                        0x00bcc274
                                                                                                                                                                                                                                                        0x00bcc30e
                                                                                                                                                                                                                                                        0x00bcc2f1
                                                                                                                                                                                                                                                        0x00bcc2f6
                                                                                                                                                                                                                                                        0x00bcc304
                                                                                                                                                                                                                                                        0x00bcc304
                                                                                                                                                                                                                                                        0x00bcc27c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc27e
                                                                                                                                                                                                                                                        0x00bcc27e
                                                                                                                                                                                                                                                        0x00bcc281
                                                                                                                                                                                                                                                        0x00bcc283
                                                                                                                                                                                                                                                        0x00bcc28b
                                                                                                                                                                                                                                                        0x00bcc28d
                                                                                                                                                                                                                                                        0x00bcc293
                                                                                                                                                                                                                                                        0x00bcc298
                                                                                                                                                                                                                                                        0x00bcc29e
                                                                                                                                                                                                                                                        0x00bcc2a5
                                                                                                                                                                                                                                                        0x00bcc2ac
                                                                                                                                                                                                                                                        0x00bcc2b6
                                                                                                                                                                                                                                                        0x00bcc2ba
                                                                                                                                                                                                                                                        0x00bcc2c1
                                                                                                                                                                                                                                                        0x00bcc2c8
                                                                                                                                                                                                                                                        0x00bcc2cf
                                                                                                                                                                                                                                                        0x00bcc2d6
                                                                                                                                                                                                                                                        0x00bcc2dd
                                                                                                                                                                                                                                                        0x00bcc2e4
                                                                                                                                                                                                                                                        0x00bcc2e7
                                                                                                                                                                                                                                                        0x00bcc2e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc2e4
                                                                                                                                                                                                                                                        0x00bcc27c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000068), ref: 00BCC283
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000008,?,00000044,00000000), ref: 00BCC2AC
                                                                                                                                                                                                                                                        • FreeSid.ADVAPI32(00000000), ref: 00BCC2E7
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCC317
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(userenv), ref: 00BCC331
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CreateAppContainerProfile), ref: 00BCC33D
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCC34D
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC360: ??2@YAPAXI@Z.MOZGLUE(00000068,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BCC3BC
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC360: memcpy.NTDLL(00000008,?,00000044,00000000), ref: 00BCC3E5
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC360: FreeSid.ADVAPI32(00000000,?,?,00000000), ref: 00BCC420
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Freememcpy$AddressHandleInit_thread_footerInit_thread_headerModuleProc
                                                                                                                                                                                                                                                        • String ID: CreateAppContainerProfile$userenv
                                                                                                                                                                                                                                                        • API String ID: 1127064212-483217340
                                                                                                                                                                                                                                                        • Opcode ID: 98f238339a5534011c9cbb6780eac3d20333193198f0d900264e37f0fc6fa36e
                                                                                                                                                                                                                                                        • Instruction ID: ab431ef86954a4b1eb34701c7b51d9496d497b2866598e7e7fe62f53040a5e35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 98f238339a5534011c9cbb6780eac3d20333193198f0d900264e37f0fc6fa36e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6531D0B16003849FD720DFA5DC4AF6B7BE4EB54708F0044ACE90AAB391DB75A908CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BE4EF0(void* __ecx, void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				intOrPtr _t26;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				intOrPtr _t37;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				void* _t44;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t26 = _a4;
                                                                                                                                                                                                                                                        				_t37 = _a8;
                                                                                                                                                                                                                                                        				_t36 = _t26;
                                                                                                                                                                                                                                                        				_v24 = _t9 ^ _t39;
                                                                                                                                                                                                                                                        				_t38 = E00BE4FF0(_t9 ^ _t39, __ecx, _t26, _t37, _a12);
                                                                                                                                                                                                                                                        				_t12 = E00BC1FA0(_t11, 2);
                                                                                                                                                                                                                                                        				_t44 = (_t40 & 0xfffffff8) - 0xc0 + 0xc;
                                                                                                                                                                                                                                                        				if(_t12 != 0 && _t38 != 0) {
                                                                                                                                                                                                                                                        					E00BC1FB0(_t44, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x16d, 2);
                                                                                                                                                                                                                                                        					_t18 = E00BBC940(__eflags, E00BBC940(__eflags,  &_v212, "Failed to add sandbox rule."), " error = ");
                                                                                                                                                                                                                                                        					__imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z(_t38);
                                                                                                                                                                                                                                                        					E00BBC940(__eflags, _t18, ", subsystem = ");
                                                                                                                                                                                                                                                        					_t27 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z;
                                                                                                                                                                                                                                                        					E00BBC940(__eflags,  *_t27(_t26), ", semantics = ");
                                                                                                                                                                                                                                                        					_t23 = E00BBC940(__eflags,  *_t27(_t37), ", pattern = \'");
                                                                                                                                                                                                                                                        					_push(_a12);
                                                                                                                                                                                                                                                        					E00BBC940(__eflags, E00BC21B0(_t36, __eflags, _t23), 0xbf3ef9);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t39, _t36);
                                                                                                                                                                                                                                                        				return _t38;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00be4eff
                                                                                                                                                                                                                                                        0x00be4f04
                                                                                                                                                                                                                                                        0x00be4f07
                                                                                                                                                                                                                                                        0x00be4f0c
                                                                                                                                                                                                                                                        0x00be4f0e
                                                                                                                                                                                                                                                        0x00be4f21
                                                                                                                                                                                                                                                        0x00be4f25
                                                                                                                                                                                                                                                        0x00be4f2a
                                                                                                                                                                                                                                                        0x00be4f2f
                                                                                                                                                                                                                                                        0x00be4f5d
                                                                                                                                                                                                                                                        0x00be4f7a
                                                                                                                                                                                                                                                        0x00be4f85
                                                                                                                                                                                                                                                        0x00be4f91
                                                                                                                                                                                                                                                        0x00be4f9c
                                                                                                                                                                                                                                                        0x00be4faa
                                                                                                                                                                                                                                                        0x00be4fbd
                                                                                                                                                                                                                                                        0x00be4fc5
                                                                                                                                                                                                                                                        0x00be4fd7
                                                                                                                                                                                                                                                        0x00be4fe1
                                                                                                                                                                                                                                                        0x00be4fe1
                                                                                                                                                                                                                                                        0x00be4f3e
                                                                                                                                                                                                                                                        0x00be4f4c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BE4FF0: ??2@YAPAXI@Z.MOZGLUE(0000E000,4DD80977,?,?,?,?,00BE4F1E,?,?), ref: 00BE5007
                                                                                                                                                                                                                                                          • Part of subcall function 00BE4FF0: memset.NTDLL ref: 00BE5019
                                                                                                                                                                                                                                                          • Part of subcall function 00BE4FF0: ??2@YAPAXI@Z.MOZGLUE(0000000C), ref: 00BE5033
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(00000000), ref: 00BE4F85
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(?), ref: 00BE4FA2
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(?), ref: 00BE4FB5
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Failed to add sandbox rule., xrefs: 00BE4F66
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc, xrefs: 00BE4F58
                                                                                                                                                                                                                                                        • , pattern = ', xrefs: 00BE4FB7
                                                                                                                                                                                                                                                        • , subsystem = , xrefs: 00BE4F8B
                                                                                                                                                                                                                                                        • , semantics = , xrefs: 00BE4FA4
                                                                                                                                                                                                                                                        • error = , xrefs: 00BE4F74
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??6?$basic_ostream@D@std@@@std@@U?$char_traits@V01@$??2@$memset
                                                                                                                                                                                                                                                        • String ID: error = $, pattern = '$, semantics = $, subsystem = $/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc$Failed to add sandbox rule.
                                                                                                                                                                                                                                                        • API String ID: 1411306108-3097601370
                                                                                                                                                                                                                                                        • Opcode ID: 646af93479f80b00f2f79156f0d3557fbc6460d5b04b8658c3d25958bb434e1b
                                                                                                                                                                                                                                                        • Instruction ID: b00de9531114b32e1885396e1e01ee284222bdf046c7f7089f9acf3a94068f55
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 646af93479f80b00f2f79156f0d3557fbc6460d5b04b8658c3d25958bb434e1b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8021DBA5F403046BE610BB747C43EBF76D9DB55B11F4404A8FD4857293EF619A1882F2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 84%
                                                                                                                                                                                                                                                        			E00BCC360(intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        				intOrPtr* _t38;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t20 ^ _t45;
                                                                                                                                                                                                                                                        				_t36 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t42 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t22 =  *0xbfb4e8;
                                                                                                                                                                                                                                                        				if( *0xbfb4e8 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t36 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					E00BEE547(_t22, 0xbfb4e8);
                                                                                                                                                                                                                                                        					_t46 = _t46 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfb4e8 == 0xffffffff) {
                                                                                                                                                                                                                                                        						 *0xbfb4e4 = GetProcAddress(GetModuleHandleW(L"userenv"), "DeriveAppContainerSidFromAppContainerName");
                                                                                                                                                                                                                                                        						E00BEE599(0xbfb4e8);
                                                                                                                                                                                                                                                        						_t46 = _t46 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t38 =  *0xbfb4e4;
                                                                                                                                                                                                                                                        				if(_t38 == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t44 = 0;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t42 =  &_v92;
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					_t27 =  *_t38(_a4,  &_v92);
                                                                                                                                                                                                                                                        					if(_t27 < 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t35 = _v92;
                                                                                                                                                                                                                                                        						_push(0x68);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t44 = _t27;
                                                                                                                                                                                                                                                        						_t43 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t43, _t35);
                                                                                                                                                                                                                                                        						 *_t44 = 0xbf1210;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 4)) = 0;
                                                                                                                                                                                                                                                        						_t11 = _t44 + 8; // 0x8
                                                                                                                                                                                                                                                        						memcpy(_t11, _t43, 0x44);
                                                                                                                                                                                                                                                        						 *((char*)(_t44 + 0x4c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x54)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x50)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x5c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x58)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x64)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x60)) = 0;
                                                                                                                                                                                                                                                        						if(_t35 != 0) {
                                                                                                                                                                                                                                                        							FreeSid(_t35);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t45, _t42);
                                                                                                                                                                                                                                                        						return _t44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bcc369
                                                                                                                                                                                                                                                        0x00bcc370
                                                                                                                                                                                                                                                        0x00bcc373
                                                                                                                                                                                                                                                        0x00bcc379
                                                                                                                                                                                                                                                        0x00bcc380
                                                                                                                                                                                                                                                        0x00bcc38e
                                                                                                                                                                                                                                                        0x00bcc443
                                                                                                                                                                                                                                                        0x00bcc448
                                                                                                                                                                                                                                                        0x00bcc452
                                                                                                                                                                                                                                                        0x00bcc46f
                                                                                                                                                                                                                                                        0x00bcc479
                                                                                                                                                                                                                                                        0x00bcc47e
                                                                                                                                                                                                                                                        0x00bcc47e
                                                                                                                                                                                                                                                        0x00bcc452
                                                                                                                                                                                                                                                        0x00bcc394
                                                                                                                                                                                                                                                        0x00bcc39c
                                                                                                                                                                                                                                                        0x00bcc428
                                                                                                                                                                                                                                                        0x00bcc428
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc3a2
                                                                                                                                                                                                                                                        0x00bcc3a5
                                                                                                                                                                                                                                                        0x00bcc3a8
                                                                                                                                                                                                                                                        0x00bcc3b1
                                                                                                                                                                                                                                                        0x00bcc3b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc3b7
                                                                                                                                                                                                                                                        0x00bcc3b7
                                                                                                                                                                                                                                                        0x00bcc3ba
                                                                                                                                                                                                                                                        0x00bcc3bc
                                                                                                                                                                                                                                                        0x00bcc3c4
                                                                                                                                                                                                                                                        0x00bcc3c6
                                                                                                                                                                                                                                                        0x00bcc3cc
                                                                                                                                                                                                                                                        0x00bcc3d1
                                                                                                                                                                                                                                                        0x00bcc3d7
                                                                                                                                                                                                                                                        0x00bcc3de
                                                                                                                                                                                                                                                        0x00bcc3e5
                                                                                                                                                                                                                                                        0x00bcc3ef
                                                                                                                                                                                                                                                        0x00bcc3f3
                                                                                                                                                                                                                                                        0x00bcc3fa
                                                                                                                                                                                                                                                        0x00bcc401
                                                                                                                                                                                                                                                        0x00bcc408
                                                                                                                                                                                                                                                        0x00bcc40f
                                                                                                                                                                                                                                                        0x00bcc416
                                                                                                                                                                                                                                                        0x00bcc41d
                                                                                                                                                                                                                                                        0x00bcc420
                                                                                                                                                                                                                                                        0x00bcc420
                                                                                                                                                                                                                                                        0x00bcc42a
                                                                                                                                                                                                                                                        0x00bcc42f
                                                                                                                                                                                                                                                        0x00bcc43d
                                                                                                                                                                                                                                                        0x00bcc43d
                                                                                                                                                                                                                                                        0x00bcc3b5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000068,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BCC3BC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000008,?,00000044,00000000), ref: 00BCC3E5
                                                                                                                                                                                                                                                        • FreeSid.ADVAPI32(00000000,?,?,00000000), ref: 00BCC420
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCC443
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(userenv), ref: 00BCC45D
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,DeriveAppContainerSidFromAppContainerName), ref: 00BCC469
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCC479
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • DeriveAppContainerSidFromAppContainerName, xrefs: 00BCC463
                                                                                                                                                                                                                                                        • userenv, xrefs: 00BCC458
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@AddressFreeHandleInit_thread_footerInit_thread_headerModuleProcmemcpy
                                                                                                                                                                                                                                                        • String ID: DeriveAppContainerSidFromAppContainerName$userenv
                                                                                                                                                                                                                                                        • API String ID: 3618151330-855603467
                                                                                                                                                                                                                                                        • Opcode ID: 708bee6671afa7fe189da63097acc6f5a09d28d307798e61096ee09c49e2066e
                                                                                                                                                                                                                                                        • Instruction ID: 7a65fb6e572d9b7b301bae6b18fcb3771beb7c67a5b6a873d3ec196b199abd82
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 708bee6671afa7fe189da63097acc6f5a09d28d307798e61096ee09c49e2066e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D31C3B16003449BD724DFA5DC59F6B7BF4EF44704F00485CE9065B391DB75A948CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 91%
                                                                                                                                                                                                                                                        			E00BC88B0(void* __ecx, void* __edx, void* __eflags, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				intOrPtr _t18;
                                                                                                                                                                                                                                                        				intOrPtr _t19;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				intOrPtr* _t33;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        				intOrPtr* _t38;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				char* _t45;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t44 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t14 ^ _t46;
                                                                                                                                                                                                                                                        				E00BC8F00(L00BC8E90(_t32, __edx, _t44), _t44);
                                                                                                                                                                                                                                                        				_t36 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t43 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa86c; // 0x0
                                                                                                                                                                                                                                                        				if(_t18 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t36 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					E00BEE547(_t18, 0xbfa86c);
                                                                                                                                                                                                                                                        					_t47 = _t47 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfa86c == 0xffffffff) {
                                                                                                                                                                                                                                                        						 *0xbfa868 = GetProcAddress(GetModuleHandleW(L"Kernel32.dll"), "SetThreadDescription");
                                                                                                                                                                                                                                                        						E00BEE599(0xbfa86c);
                                                                                                                                                                                                                                                        						_t47 = _t47 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa868; // 0x0
                                                                                                                                                                                                                                                        				if(_t33 != 0) {
                                                                                                                                                                                                                                                        					_t19 =  *((intOrPtr*)(_t44 + 0x10));
                                                                                                                                                                                                                                                        					__eflags =  *((intOrPtr*)(_t44 + 0x14)) - 0xf;
                                                                                                                                                                                                                                                        					_t38 = _t44;
                                                                                                                                                                                                                                                        					if(__eflags > 0) {
                                                                                                                                                                                                                                                        						_t38 =  *_t44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t45 =  &_v44;
                                                                                                                                                                                                                                                        					E00BC7C90(__eflags, _t45, _t38, _t19);
                                                                                                                                                                                                                                                        					_t47 = _t47 + 0xc;
                                                                                                                                                                                                                                                        					__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        					if(_v24 > 7) {
                                                                                                                                                                                                                                                        						_t45 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t21 = GetCurrentThread();
                                                                                                                                                                                                                                                        					E00BBDF30( *_t33(_t21, _t45),  &_v44, _t43);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(IsDebuggerPresent() != 0) {
                                                                                                                                                                                                                                                        					__eflags =  *((intOrPtr*)(_t44 + 0x14)) - 0xf;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t44 + 0x14)) > 0xf) {
                                                                                                                                                                                                                                                        						_t44 =  *_t44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BC89B0(GetCurrentThreadId(), _t44);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v20 ^ _t46, _t43);
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bc88b9
                                                                                                                                                                                                                                                        0x00bc88be
                                                                                                                                                                                                                                                        0x00bc88c3
                                                                                                                                                                                                                                                        0x00bc88ce
                                                                                                                                                                                                                                                        0x00bc88d3
                                                                                                                                                                                                                                                        0x00bc88d9
                                                                                                                                                                                                                                                        0x00bc88e0
                                                                                                                                                                                                                                                        0x00bc88ee
                                                                                                                                                                                                                                                        0x00bc88f5
                                                                                                                                                                                                                                                        0x00bc88fa
                                                                                                                                                                                                                                                        0x00bc8904
                                                                                                                                                                                                                                                        0x00bc891d
                                                                                                                                                                                                                                                        0x00bc8927
                                                                                                                                                                                                                                                        0x00bc892c
                                                                                                                                                                                                                                                        0x00bc892c
                                                                                                                                                                                                                                                        0x00bc8904
                                                                                                                                                                                                                                                        0x00bc892f
                                                                                                                                                                                                                                                        0x00bc8937
                                                                                                                                                                                                                                                        0x00bc8955
                                                                                                                                                                                                                                                        0x00bc8958
                                                                                                                                                                                                                                                        0x00bc895c
                                                                                                                                                                                                                                                        0x00bc895e
                                                                                                                                                                                                                                                        0x00bc8960
                                                                                                                                                                                                                                                        0x00bc8960
                                                                                                                                                                                                                                                        0x00bc8962
                                                                                                                                                                                                                                                        0x00bc8968
                                                                                                                                                                                                                                                        0x00bc896d
                                                                                                                                                                                                                                                        0x00bc8970
                                                                                                                                                                                                                                                        0x00bc8974
                                                                                                                                                                                                                                                        0x00bc8976
                                                                                                                                                                                                                                                        0x00bc8976
                                                                                                                                                                                                                                                        0x00bc8979
                                                                                                                                                                                                                                                        0x00bc8986
                                                                                                                                                                                                                                                        0x00bc8986
                                                                                                                                                                                                                                                        0x00bc8941
                                                                                                                                                                                                                                                        0x00bc898d
                                                                                                                                                                                                                                                        0x00bc8991
                                                                                                                                                                                                                                                        0x00bc8993
                                                                                                                                                                                                                                                        0x00bc8993
                                                                                                                                                                                                                                                        0x00bc899d
                                                                                                                                                                                                                                                        0x00bc89a2
                                                                                                                                                                                                                                                        0x00bc8954

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8F00: GetCurrentThreadId.KERNEL32 ref: 00BC8F15
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8F00: ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00BC88D3,?), ref: 00BC8F45
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8F00: RtlReleaseSRWLockExclusive.NTDLL ref: 00BC8FCD
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BC88F5
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE552
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: LeaveCriticalSection.KERNEL32(00BFA18C,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE58F
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(Kernel32.dll,?), ref: 00BC890B
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetThreadDescription), ref: 00BC8917
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BC8927
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE599: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,00BCAD2A,00BFB4A8), ref: 00BEE5A3
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE599: LeaveCriticalSection.KERNEL32(00BFA18C,?,00BCAD2A,00BFB4A8), ref: 00BEE5D6
                                                                                                                                                                                                                                                        • IsDebuggerPresent.KERNEL32(?,?,?), ref: 00BC8939
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BC8979
                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 00BC8995
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$CurrentThread$EnterLeave$??2@AddressDebuggerExclusiveHandleInit_thread_footerInit_thread_headerLockModulePresentProcRelease
                                                                                                                                                                                                                                                        • String ID: Kernel32.dll$SetThreadDescription
                                                                                                                                                                                                                                                        • API String ID: 3618487677-1724334159
                                                                                                                                                                                                                                                        • Opcode ID: 1468b37b9ee926948d788733ed8cac0d7fd91443a13b63bf615dc32944b37229
                                                                                                                                                                                                                                                        • Instruction ID: 8924fd905d441659f5631b1e97b2d281181b2cd439abeecce5482ff73ad11f10
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1468b37b9ee926948d788733ed8cac0d7fd91443a13b63bf615dc32944b37229
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4F21DEB1A002059BDB14AFA1EC49EBE77F4EF44710B0404ADE91A97251EFB1AC45CBA3
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 84%
                                                                                                                                                                                                                                                        			E00BB2E50(void** __ecx) {
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void _t15;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void** _t23;
                                                                                                                                                                                                                                                        				long _t24;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t23 = __ecx;
                                                                                                                                                                                                                                                        				_t12 = RegisterEventSourceW(0, L"Firefox");
                                                                                                                                                                                                                                                        				if(_t12 != 0) {
                                                                                                                                                                                                                                                        					_v28 = _t12;
                                                                                                                                                                                                                                                        					_t13 = strlen( *_t23);
                                                                                                                                                                                                                                                        					_t2 = _t13 + 8; // 0x8
                                                                                                                                                                                                                                                        					_t24 = _t2;
                                                                                                                                                                                                                                                        					_v24 = _t13;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t24);
                                                                                                                                                                                                                                                        					_t21 = _t13;
                                                                                                                                                                                                                                                        					memset(_t13, 0, _t24);
                                                                                                                                                                                                                                                        					_t15 = _t23[2];
                                                                                                                                                                                                                                                        					 *_t21 = _t15;
                                                                                                                                                                                                                                                        					_v20 = _t15;
                                                                                                                                                                                                                                                        					 *(_t21 + 4) = _t23[1];
                                                                                                                                                                                                                                                        					_t8 = _t21 + 8; // 0x8
                                                                                                                                                                                                                                                        					memcpy(_t8,  *_t23, _v24);
                                                                                                                                                                                                                                                        					_t25 = _v28;
                                                                                                                                                                                                                                                        					ReportEventW(_t25, 1, 0, _v20, 0, 0, _t24, 0, _t21);
                                                                                                                                                                                                                                                        					free(_t21);
                                                                                                                                                                                                                                                        					return DeregisterEventSource(_t25);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t12;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bb2e59
                                                                                                                                                                                                                                                        0x00bb2e62
                                                                                                                                                                                                                                                        0x00bb2e6a
                                                                                                                                                                                                                                                        0x00bb2e6e
                                                                                                                                                                                                                                                        0x00bb2e71
                                                                                                                                                                                                                                                        0x00bb2e79
                                                                                                                                                                                                                                                        0x00bb2e79
                                                                                                                                                                                                                                                        0x00bb2e7c
                                                                                                                                                                                                                                                        0x00bb2e80
                                                                                                                                                                                                                                                        0x00bb2e89
                                                                                                                                                                                                                                                        0x00bb2e8f
                                                                                                                                                                                                                                                        0x00bb2e97
                                                                                                                                                                                                                                                        0x00bb2e9a
                                                                                                                                                                                                                                                        0x00bb2e9c
                                                                                                                                                                                                                                                        0x00bb2ea2
                                                                                                                                                                                                                                                        0x00bb2ea5
                                                                                                                                                                                                                                                        0x00bb2eae
                                                                                                                                                                                                                                                        0x00bb2ec5
                                                                                                                                                                                                                                                        0x00bb2ec9
                                                                                                                                                                                                                                                        0x00bb2ed0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2eda
                                                                                                                                                                                                                                                        0x00bb2ee7

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegisterEventSourceW.ADVAPI32(00000000,Firefox), ref: 00BB2E62
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB2E71
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000008), ref: 00BB2E80
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB2E8F
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000008,?,?), ref: 00BB2EAE
                                                                                                                                                                                                                                                        • ReportEventW.ADVAPI32(?,00000001,00000000,?,00000000,00000000,00000008,00000000,00000000), ref: 00BB2EC9
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB2ED0
                                                                                                                                                                                                                                                        • DeregisterEventSource.ADVAPI32(?), ref: 00BB2EDA
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Event$Source$DeregisterRegisterReportfreememcpymemsetmoz_xmallocstrlen
                                                                                                                                                                                                                                                        • String ID: Firefox
                                                                                                                                                                                                                                                        • API String ID: 495472538-3930541253
                                                                                                                                                                                                                                                        • Opcode ID: 1ed5ff506bd7cb72e87ea3a9b0653c2bd98fa0ae07e766c0142416c602a46119
                                                                                                                                                                                                                                                        • Instruction ID: 489107cc021bba1149633f1558dd49e966859cc04afc6b1fcb97edb9cb1f9ae6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1ed5ff506bd7cb72e87ea3a9b0653c2bd98fa0ae07e766c0142416c602a46119
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F117376900215BBDB109BA5EC4AFAB7BB8EF04710F144021FA08AB251EB71A914CBE5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BBE940(signed short** __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				signed short* _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				unsigned int _v54;
                                                                                                                                                                                                                                                        				short _v56;
                                                                                                                                                                                                                                                        				unsigned int _v58;
                                                                                                                                                                                                                                                        				short _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				void _v328;
                                                                                                                                                                                                                                                        				long _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t58;
                                                                                                                                                                                                                                                        				unsigned int _t67;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				long _t72;
                                                                                                                                                                                                                                                        				int _t75;
                                                                                                                                                                                                                                                        				intOrPtr _t80;
                                                                                                                                                                                                                                                        				signed short* _t81;
                                                                                                                                                                                                                                                        				signed short* _t86;
                                                                                                                                                                                                                                                        				unsigned int _t87;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				intOrPtr _t97;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v40 = _t97;
                                                                                                                                                                                                                                                        				_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        				_v24 = 0xbf9620;
                                                                                                                                                                                                                                                        				_v28 = 0xbef860;
                                                                                                                                                                                                                                                        				_t95 = __ecx;
                                                                                                                                                                                                                                                        				_v32 =  *[fs:0x0];
                                                                                                                                                                                                                                                        				_t7 = _t95 + 4; // 0xbfa7a0
                                                                                                                                                                                                                                                        				_t80 = _t7;
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &_v32;
                                                                                                                                                                                                                                                        				_v64 = _t80;
                                                                                                                                                                                                                                                        				__imp__AcquireSRWLockExclusive(_t80);
                                                                                                                                                                                                                                                        				_t81 =  *__ecx;
                                                                                                                                                                                                                                                        				if(_t81 != 0) {
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_v48 = _t81;
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						_t57 = WideCharToMultiByte(0xfde9, 0, _t81[2], ( *_t81 & 0x0000ffff) >> 1,  &_v328, 0x104, 0, 0);
                                                                                                                                                                                                                                                        						if(_t57 == 0 || WriteFile(_a4,  &_v328, _t57,  &_v44, 0) == 0) {
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if((_v48[4] & _v48[6]) == 0xffffffff) {
                                                                                                                                                                                                                                                        								L3:
                                                                                                                                                                                                                                                        								_v20 = 0;
                                                                                                                                                                                                                                                        								WriteFile(_a4, 0xbf361f, 1,  &_v44, 0);
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								WriteFile(_a4, 0xbf3c66, 1,  &_v44, 0);
                                                                                                                                                                                                                                                        								_t86 = _v48;
                                                                                                                                                                                                                                                        								_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        								_v52 = 0;
                                                                                                                                                                                                                                                        								_t67 =  *(_t86 + 8);
                                                                                                                                                                                                                                                        								_t87 =  *(_t86 + 0xc);
                                                                                                                                                                                                                                                        								_v60 = _t87 >> 0x10;
                                                                                                                                                                                                                                                        								_v58 = _t87;
                                                                                                                                                                                                                                                        								_v56 = _t67 >> 0x10;
                                                                                                                                                                                                                                                        								_v54 = _t67;
                                                                                                                                                                                                                                                        								E00BBEB70(_t67);
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									_t69 = _v52;
                                                                                                                                                                                                                                                        									if(_t69 >= 4) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_v20 = 0;
                                                                                                                                                                                                                                                        									__imp___ltoa( *(_t96 + _t69 * 2 - 0x38) & 0x0000ffff,  &_v328, 0xa);
                                                                                                                                                                                                                                                        									_t72 = strlen( &_v328);
                                                                                                                                                                                                                                                        									_t97 = _t97 + 0x10;
                                                                                                                                                                                                                                                        									_t75 = E00BBEB70(WriteFile(_a4,  &_v328, _t72,  &_v44, 0));
                                                                                                                                                                                                                                                        									if(_v52 != 3) {
                                                                                                                                                                                                                                                        										_t75 = WriteFile(_a4, 0xbf3c64, 1,  &_v44, 0);
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_v52 = _v52 + 1;
                                                                                                                                                                                                                                                        									E00BBEB70(_t75);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t81 = _v48[8];
                                                                                                                                                                                                                                                        					} while (_t81 != 0);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L13:
                                                                                                                                                                                                                                                        				_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        				__imp__ReleaseSRWLockExclusive(_v64);
                                                                                                                                                                                                                                                        				_t58 = _v32;
                                                                                                                                                                                                                                                        				 *[fs:0x0] = _t58;
                                                                                                                                                                                                                                                        				return _t58;
                                                                                                                                                                                                                                                        				goto L14;
                                                                                                                                                                                                                                                        			}





























                                                                                                                                                                                                                                                        0x00bbe94c
                                                                                                                                                                                                                                                        0x00bbe94f
                                                                                                                                                                                                                                                        0x00bbe956
                                                                                                                                                                                                                                                        0x00bbe95d
                                                                                                                                                                                                                                                        0x00bbe964
                                                                                                                                                                                                                                                        0x00bbe970
                                                                                                                                                                                                                                                        0x00bbe973
                                                                                                                                                                                                                                                        0x00bbe973
                                                                                                                                                                                                                                                        0x00bbe976
                                                                                                                                                                                                                                                        0x00bbe97c
                                                                                                                                                                                                                                                        0x00bbe980
                                                                                                                                                                                                                                                        0x00bbe986
                                                                                                                                                                                                                                                        0x00bbe98a
                                                                                                                                                                                                                                                        0x00bbe9d2
                                                                                                                                                                                                                                                        0x00bbe9d5
                                                                                                                                                                                                                                                        0x00bbe9db
                                                                                                                                                                                                                                                        0x00bbe9fd
                                                                                                                                                                                                                                                        0x00bbea05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea22
                                                                                                                                                                                                                                                        0x00bbea2e
                                                                                                                                                                                                                                                        0x00bbe9a7
                                                                                                                                                                                                                                                        0x00bbe9a7
                                                                                                                                                                                                                                                        0x00bbe9be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea34
                                                                                                                                                                                                                                                        0x00bbea44
                                                                                                                                                                                                                                                        0x00bbea4a
                                                                                                                                                                                                                                                        0x00bbea4d
                                                                                                                                                                                                                                                        0x00bbea54
                                                                                                                                                                                                                                                        0x00bbea5b
                                                                                                                                                                                                                                                        0x00bbea5e
                                                                                                                                                                                                                                                        0x00bbea66
                                                                                                                                                                                                                                                        0x00bbea6a
                                                                                                                                                                                                                                                        0x00bbea73
                                                                                                                                                                                                                                                        0x00bbea77
                                                                                                                                                                                                                                                        0x00bbea7b
                                                                                                                                                                                                                                                        0x00bbea98
                                                                                                                                                                                                                                                        0x00bbea98
                                                                                                                                                                                                                                                        0x00bbea9e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeaa9
                                                                                                                                                                                                                                                        0x00bbeaba
                                                                                                                                                                                                                                                        0x00bbeaca
                                                                                                                                                                                                                                                        0x00bbeacf
                                                                                                                                                                                                                                                        0x00bbeae9
                                                                                                                                                                                                                                                        0x00bbeaf2
                                                                                                                                                                                                                                                        0x00bbeb04
                                                                                                                                                                                                                                                        0x00bbeb04
                                                                                                                                                                                                                                                        0x00bbea90
                                                                                                                                                                                                                                                        0x00bbea93
                                                                                                                                                                                                                                                        0x00bbea93
                                                                                                                                                                                                                                                        0x00bbe9a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe9a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe9c4
                                                                                                                                                                                                                                                        0x00bbe9c7
                                                                                                                                                                                                                                                        0x00bbe9ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe98c
                                                                                                                                                                                                                                                        0x00bbeb12
                                                                                                                                                                                                                                                        0x00bbeb12
                                                                                                                                                                                                                                                        0x00bbeb1c
                                                                                                                                                                                                                                                        0x00bbeb22
                                                                                                                                                                                                                                                        0x00bbeb25
                                                                                                                                                                                                                                                        0x00bbeb35
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(00BFA7A0), ref: 00BBE980
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000104,00000104,00000000,00000000), ref: 00BBE9FD
                                                                                                                                                                                                                                                        • WriteFile.KERNEL32(?,00000000,00000000,?,00000000), ref: 00BBEA18
                                                                                                                                                                                                                                                        • WriteFile.KERNEL32(?,00BF3C66,00000001,?,00000000), ref: 00BBEA44
                                                                                                                                                                                                                                                        • _ltoa.API-MS-WIN-CRT-CONVERT-L1-1-0(?,?,0000000A), ref: 00BBEABA
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BBEACA
                                                                                                                                                                                                                                                        • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00BBEAE3
                                                                                                                                                                                                                                                        • WriteFile.KERNEL32(?,00BF3C64,00000001,?,00000000), ref: 00BBEB04
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BBEB1C
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FileWrite$ExclusiveLock$AcquireByteCharMultiReleaseWide_ltoastrlen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 270993337-0
                                                                                                                                                                                                                                                        • Opcode ID: 3bd5fe1b68cbd875a02f9f3cc7972ff2539f3ae1ad06e809f598355aa23c90ec
                                                                                                                                                                                                                                                        • Instruction ID: c2821459897491acd64c0d01e5d310dc8b9a34ec49c38ab608d524eeb926b19f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3bd5fe1b68cbd875a02f9f3cc7972ff2539f3ae1ad06e809f598355aa23c90ec
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 18517E70950209ABDB14DF94DC85BFEBBB8FF04710F104659F926AB2E0DBB19945CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 94%
                                                                                                                                                                                                                                                        			E00BE30E0(long __edx, void* __eflags, int _a4, intOrPtr _a8, intOrPtr* _a12, intOrPtr _a16, int _a20, intOrPtr _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v24;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v28;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v32;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v36;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v40;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v44;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v72;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v76;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v80;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v84;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				int _t60;
                                                                                                                                                                                                                                                        				long _t63;
                                                                                                                                                                                                                                                        				void* _t66;
                                                                                                                                                                                                                                                        				int _t68;
                                                                                                                                                                                                                                                        				int _t72;
                                                                                                                                                                                                                                                        				int _t75;
                                                                                                                                                                                                                                                        				int _t81;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				int _t86;
                                                                                                                                                                                                                                                        				long _t103;
                                                                                                                                                                                                                                                        				intOrPtr* _t104;
                                                                                                                                                                                                                                                        				signed int _t107;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t101 = __edx;
                                                                                                                                                                                                                                                        				_t53 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t53 ^ _t107;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtCreateLowBoxToken",  &_v24);
                                                                                                                                                                                                                                                        				_t57 = E00BCBDD0();
                                                                                                                                                                                                                                                        				_t103 = 0x78;
                                                                                                                                                                                                                                                        				if(_t57 < 5) {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t107, _t101);
                                                                                                                                                                                                                                                        					return _t103;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t83 = _a8;
                                                                                                                                                                                                                                                        				_t103 = 0x57;
                                                                                                                                                                                                                                                        				if(_t83 > 1) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t106 = _a24;
                                                                                                                                                                                                                                                        				if(_a24 != 0) {
                                                                                                                                                                                                                                                        					_t60 = _a4;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					__eflags = _t60;
                                                                                                                                                                                                                                                        					if(_t60 != 0) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t86 = _a20;
                                                                                                                                                                                                                                                        						_t104 = _a12;
                                                                                                                                                                                                                                                        						_v52 = 0x18;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v56 = 0;
                                                                                                                                                                                                                                                        						__eflags = _t86;
                                                                                                                                                                                                                                                        						_t101 =  ==  ? _t86 : _a16;
                                                                                                                                                                                                                                                        						__eflags = _v24( &_v56, _t60, 0xf01ff,  &_v52,  *_t104,  *((intOrPtr*)(_t104 + 8)),  *((intOrPtr*)(_t104 + 4)), _t86,  ==  ? _t86 : _a16);
                                                                                                                                                                                                                                                        						if(__eflags < 0) {
                                                                                                                                                                                                                                                        							_t63 = E00BEB570(_t101, __eflags, _t62);
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_t103 = _t63;
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							E00BC51B0(_t63,  &_v28);
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_t66 = E00BC5200(_v56,  &_v60, _v56);
                                                                                                                                                                                                                                                        						__eflags = _t83 - 1;
                                                                                                                                                                                                                                                        						if(_t83 != 1) {
                                                                                                                                                                                                                                                        							_v64 = 0;
                                                                                                                                                                                                                                                        							_t68 = DuplicateTokenEx(_v60, 0xf01ff, 0, 2, 2,  &_v64);
                                                                                                                                                                                                                                                        							__eflags = _t68;
                                                                                                                                                                                                                                                        							if(_t68 != 0) {
                                                                                                                                                                                                                                                        								_v68 = 0;
                                                                                                                                                                                                                                                        								E00BC5200(_v64,  &_v68, _v64);
                                                                                                                                                                                                                                                        								_v80 = 0;
                                                                                                                                                                                                                                                        								_v76 = 0;
                                                                                                                                                                                                                                                        								_v72 = 0;
                                                                                                                                                                                                                                                        								_v84 = 0;
                                                                                                                                                                                                                                                        								_t101 = 4;
                                                                                                                                                                                                                                                        								_t72 = E00BE2FE0(_v60, 4,  &_v80,  &_v84);
                                                                                                                                                                                                                                                        								_t103 = _t72;
                                                                                                                                                                                                                                                        								__eflags = _t72;
                                                                                                                                                                                                                                                        								if(_t72 == 0) {
                                                                                                                                                                                                                                                        									_t75 = SetKernelObjectSecurity(_v68, 4, _v84);
                                                                                                                                                                                                                                                        									__eflags = _t75;
                                                                                                                                                                                                                                                        									if(_t75 != 0) {
                                                                                                                                                                                                                                                        										E00BC5200(E00BC5260(_t75,  &_v68), _t106, _t76);
                                                                                                                                                                                                                                                        										_t103 = 0;
                                                                                                                                                                                                                                                        										__eflags = 0;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t103 = GetLastError();
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t74 = E00BC51B0(E00BC3010( &_v80),  &_v68);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t103 = GetLastError();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t74 = E00BC5200(E00BC5260(_t66,  &_v60), _t106, _t79);
                                                                                                                                                                                                                                                        							_t103 = 0;
                                                                                                                                                                                                                                                        							__eflags = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t63 = E00BC51B0(_t74,  &_v60);
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_t81 = OpenProcessToken(GetCurrentProcess(), 0xf01ff,  &_v52);
                                                                                                                                                                                                                                                        					__eflags = _t81;
                                                                                                                                                                                                                                                        					if(_t81 != 0) {
                                                                                                                                                                                                                                                        						E00BC5200(_t81,  &_v28, _v52);
                                                                                                                                                                                                                                                        						_t60 = _v52;
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t63 = GetLastError();
                                                                                                                                                                                                                                                        						goto L13;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L3;
                                                                                                                                                                                                                                                        			}


































                                                                                                                                                                                                                                                        0x00be30e0
                                                                                                                                                                                                                                                        0x00be30e9
                                                                                                                                                                                                                                                        0x00be30f0
                                                                                                                                                                                                                                                        0x00be30f6
                                                                                                                                                                                                                                                        0x00be3103
                                                                                                                                                                                                                                                        0x00be310b
                                                                                                                                                                                                                                                        0x00be3110
                                                                                                                                                                                                                                                        0x00be3118
                                                                                                                                                                                                                                                        0x00be312e
                                                                                                                                                                                                                                                        0x00be3133
                                                                                                                                                                                                                                                        0x00be3141
                                                                                                                                                                                                                                                        0x00be3141
                                                                                                                                                                                                                                                        0x00be311a
                                                                                                                                                                                                                                                        0x00be311d
                                                                                                                                                                                                                                                        0x00be3125
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3127
                                                                                                                                                                                                                                                        0x00be312c
                                                                                                                                                                                                                                                        0x00be3142
                                                                                                                                                                                                                                                        0x00be3145
                                                                                                                                                                                                                                                        0x00be314c
                                                                                                                                                                                                                                                        0x00be314e
                                                                                                                                                                                                                                                        0x00be318a
                                                                                                                                                                                                                                                        0x00be318a
                                                                                                                                                                                                                                                        0x00be3190
                                                                                                                                                                                                                                                        0x00be3193
                                                                                                                                                                                                                                                        0x00be319a
                                                                                                                                                                                                                                                        0x00be31a1
                                                                                                                                                                                                                                                        0x00be31a8
                                                                                                                                                                                                                                                        0x00be31af
                                                                                                                                                                                                                                                        0x00be31b6
                                                                                                                                                                                                                                                        0x00be31bd
                                                                                                                                                                                                                                                        0x00be31c4
                                                                                                                                                                                                                                                        0x00be31c6
                                                                                                                                                                                                                                                        0x00be31e4
                                                                                                                                                                                                                                                        0x00be31e6
                                                                                                                                                                                                                                                        0x00be321d
                                                                                                                                                                                                                                                        0x00be3225
                                                                                                                                                                                                                                                        0x00be3225
                                                                                                                                                                                                                                                        0x00be3227
                                                                                                                                                                                                                                                        0x00be322a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be322a
                                                                                                                                                                                                                                                        0x00be31eb
                                                                                                                                                                                                                                                        0x00be31f6
                                                                                                                                                                                                                                                        0x00be31fb
                                                                                                                                                                                                                                                        0x00be31fe
                                                                                                                                                                                                                                                        0x00be3237
                                                                                                                                                                                                                                                        0x00be324d
                                                                                                                                                                                                                                                        0x00be3253
                                                                                                                                                                                                                                                        0x00be3255
                                                                                                                                                                                                                                                        0x00be3264
                                                                                                                                                                                                                                                        0x00be326f
                                                                                                                                                                                                                                                        0x00be327d
                                                                                                                                                                                                                                                        0x00be3284
                                                                                                                                                                                                                                                        0x00be328b
                                                                                                                                                                                                                                                        0x00be3292
                                                                                                                                                                                                                                                        0x00be3299
                                                                                                                                                                                                                                                        0x00be32a0
                                                                                                                                                                                                                                                        0x00be32a8
                                                                                                                                                                                                                                                        0x00be32aa
                                                                                                                                                                                                                                                        0x00be32ac
                                                                                                                                                                                                                                                        0x00be32b6
                                                                                                                                                                                                                                                        0x00be32bc
                                                                                                                                                                                                                                                        0x00be32be
                                                                                                                                                                                                                                                        0x00be32d5
                                                                                                                                                                                                                                                        0x00be32da
                                                                                                                                                                                                                                                        0x00be32da
                                                                                                                                                                                                                                                        0x00be32c0
                                                                                                                                                                                                                                                        0x00be32c6
                                                                                                                                                                                                                                                        0x00be32c6
                                                                                                                                                                                                                                                        0x00be32be
                                                                                                                                                                                                                                                        0x00be32e7
                                                                                                                                                                                                                                                        0x00be3257
                                                                                                                                                                                                                                                        0x00be325d
                                                                                                                                                                                                                                                        0x00be325d
                                                                                                                                                                                                                                                        0x00be3200
                                                                                                                                                                                                                                                        0x00be320b
                                                                                                                                                                                                                                                        0x00be3210
                                                                                                                                                                                                                                                        0x00be3210
                                                                                                                                                                                                                                                        0x00be3210
                                                                                                                                                                                                                                                        0x00be3215
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3215
                                                                                                                                                                                                                                                        0x00be3150
                                                                                                                                                                                                                                                        0x00be3167
                                                                                                                                                                                                                                                        0x00be316d
                                                                                                                                                                                                                                                        0x00be316f
                                                                                                                                                                                                                                                        0x00be3182
                                                                                                                                                                                                                                                        0x00be3187
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3171
                                                                                                                                                                                                                                                        0x00be3171
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3171
                                                                                                                                                                                                                                                        0x00be316f
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?), ref: 00BE3157
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,000F01FF,00000000,?,?,?,?,?,?,?), ref: 00BE3167
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?), ref: 00BE3171
                                                                                                                                                                                                                                                        • DuplicateTokenEx.ADVAPI32(00000000,000F01FF,00000000,00000002,00000002,?,00000000), ref: 00BE324D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE3257
                                                                                                                                                                                                                                                        • SetKernelObjectSecurity.ADVAPI32(00000000,00000004,00000000), ref: 00BE32B6
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE32C0
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$ProcessToken$AddressCurrentDuplicateKernelObjectOpenProcSecurity
                                                                                                                                                                                                                                                        • String ID: NtCreateLowBoxToken
                                                                                                                                                                                                                                                        • API String ID: 3861797965-4243535219
                                                                                                                                                                                                                                                        • Opcode ID: cb4a53c2cb16a176b76c31670f749cacf615eecaa3b122e362c6d39e110f1fdb
                                                                                                                                                                                                                                                        • Instruction ID: 11369472c026d5f26ea5373ab7e81ada88301a8be0bd6742211b63e339e794e1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cb4a53c2cb16a176b76c31670f749cacf615eecaa3b122e362c6d39e110f1fdb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4C515EB1A00209ABEF10DFA1DC99BEEBBF9FF44704F504058F905A7280DB74A905CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BC52B0(intOrPtr __edx, char _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				intOrPtr _t50;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				char* _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t72;
                                                                                                                                                                                                                                                        				intOrPtr* _t73;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				intOrPtr _t80;
                                                                                                                                                                                                                                                        				intOrPtr* _t93;
                                                                                                                                                                                                                                                        				intOrPtr* _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				intOrPtr* _t100;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t92 = __edx;
                                                                                                                                                                                                                                                        				_t100 = (_t98 & 0xfffffff0) - 0xd0;
                                                                                                                                                                                                                                                        				_t96 = _t100;
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				 *(_t96 + 0xc8) = _t41 ^ _t97;
                                                                                                                                                                                                                                                        				_t72 = _a8;
                                                                                                                                                                                                                                                        				_t93 = _a4;
                                                                                                                                                                                                                                                        				if(_t72 + 1 > 1) {
                                                                                                                                                                                                                                                        					__eflags =  *( &_a4 + 0xc);
                                                                                                                                                                                                                                                        					if(__eflags == 0 || __eflags < 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t79 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        						_t92 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        						_t50 =  *0xbfa85c; // 0x0
                                                                                                                                                                                                                                                        						_t80 =  *((intOrPtr*)( *[fs:0x2c] + _t79 * 4));
                                                                                                                                                                                                                                                        						__eflags = _t50 -  *((intOrPtr*)(_t80 + 4));
                                                                                                                                                                                                                                                        						if(_t50 >  *((intOrPtr*)(_t80 + 4))) {
                                                                                                                                                                                                                                                        							E00BEE547(_t50, 0xbfa85c);
                                                                                                                                                                                                                                                        							_t100 = _t100 + 4;
                                                                                                                                                                                                                                                        							__eflags =  *0xbfa85c - 0xffffffff;
                                                                                                                                                                                                                                                        							if( *0xbfa85c == 0xffffffff) {
                                                                                                                                                                                                                                                        								 *0xbfa858 = GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "NtQuerySection");
                                                                                                                                                                                                                                                        								E00BEE599(0xbfa85c);
                                                                                                                                                                                                                                                        								_t100 = _t100 + 4;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esi+0x10], xmm0");
                                                                                                                                                                                                                                                        						_t53 =  *0xbfa858(_t72, 0, _t96 + 0x10, 0x10, 0);
                                                                                                                                                                                                                                                        						__eflags = _t53;
                                                                                                                                                                                                                                                        						if(_t53 != 0) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__eflags =  *(_t96 + 0x14) & 0x01000000;
                                                                                                                                                                                                                                                        							if(( *(_t96 + 0x14) & 0x01000000) != 0) {
                                                                                                                                                                                                                                                        								goto L1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t92 =  *((intOrPtr*)( &_a4 + 8));
                                                                                                                                                                                                                                                        							_t55 = E00BC5460( *((intOrPtr*)( &_a4 + 4)),  *((intOrPtr*)( &_a4 + 8)));
                                                                                                                                                                                                                                                        							__eflags = _t55;
                                                                                                                                                                                                                                                        							if(_t55 == 0) {
                                                                                                                                                                                                                                                        								_push("CheckPlatformHandlePermissionsCorrespondToMode(handle.Get(), mode, size)");
                                                                                                                                                                                                                                                        								E00BC1FF0(_t96 + 0x10, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/memory/platform_shared_memory_region_win.cc", 0x90);
                                                                                                                                                                                                                                                        								E00BC20C0();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t96 + 0xc)) = _t100;
                                                                                                                                                                                                                                                        							_t56 =  &_a4;
                                                                                                                                                                                                                                                        							_t73 = _t100 - 0x10;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t96 + 8)) =  *((intOrPtr*)(_t56 + 0x10));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t96 + 4)) =  *((intOrPtr*)(_t56 + 8));
                                                                                                                                                                                                                                                        							 *_t73 = 0;
                                                                                                                                                                                                                                                        							 *_t96 =  *((intOrPtr*)(_t56 + 0xc));
                                                                                                                                                                                                                                                        							E00BC5200(E00BC5260(_t56, _t56 + 4), _t73, _t57);
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t73 + 4)) =  *((intOrPtr*)(_t96 + 4));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t73 + 8)) =  *_t96;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t73 + 0xc)) =  *((intOrPtr*)(_t96 + 8));
                                                                                                                                                                                                                                                        							 *_t93 = 0;
                                                                                                                                                                                                                                                        							E00BC5200(E00BC5260( *((intOrPtr*)(_t96 + 8)), _t73), _t93, _t62);
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t93 + 4)) =  *((intOrPtr*)(_t73 + 4));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t93 + 8)) =  *((intOrPtr*)(_t73 + 8));
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x18], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x10], xmm0");
                                                                                                                                                                                                                                                        							E00BC51B0( *((intOrPtr*)(_t73 + 0xc)), _t73);
                                                                                                                                                                                                                                                        							L2:
                                                                                                                                                                                                                                                        							_t46 =  &_a4;
                                                                                                                                                                                                                                                        							E00BC51B0(_t46, _t46 + 4);
                                                                                                                                                                                                                                                        							E00BEECB0( *(_t96 + 0xc8) ^ _t97, _t92);
                                                                                                                                                                                                                                                        							return  *_t46;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BC50C0(_t93);
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bc52b0
                                                                                                                                                                                                                                                        0x00bc52b9
                                                                                                                                                                                                                                                        0x00bc52bf
                                                                                                                                                                                                                                                        0x00bc52c1
                                                                                                                                                                                                                                                        0x00bc52c8
                                                                                                                                                                                                                                                        0x00bc52ce
                                                                                                                                                                                                                                                        0x00bc52d1
                                                                                                                                                                                                                                                        0x00bc52da
                                                                                                                                                                                                                                                        0x00bc530c
                                                                                                                                                                                                                                                        0x00bc5310
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5314
                                                                                                                                                                                                                                                        0x00bc5314
                                                                                                                                                                                                                                                        0x00bc531a
                                                                                                                                                                                                                                                        0x00bc5321
                                                                                                                                                                                                                                                        0x00bc5326
                                                                                                                                                                                                                                                        0x00bc5329
                                                                                                                                                                                                                                                        0x00bc532f
                                                                                                                                                                                                                                                        0x00bc541a
                                                                                                                                                                                                                                                        0x00bc541f
                                                                                                                                                                                                                                                        0x00bc5422
                                                                                                                                                                                                                                                        0x00bc5429
                                                                                                                                                                                                                                                        0x00bc5446
                                                                                                                                                                                                                                                        0x00bc5450
                                                                                                                                                                                                                                                        0x00bc5455
                                                                                                                                                                                                                                                        0x00bc5455
                                                                                                                                                                                                                                                        0x00bc5429
                                                                                                                                                                                                                                                        0x00bc5335
                                                                                                                                                                                                                                                        0x00bc533b
                                                                                                                                                                                                                                                        0x00bc5347
                                                                                                                                                                                                                                                        0x00bc534d
                                                                                                                                                                                                                                                        0x00bc534f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5351
                                                                                                                                                                                                                                                        0x00bc5351
                                                                                                                                                                                                                                                        0x00bc5358
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5360
                                                                                                                                                                                                                                                        0x00bc5363
                                                                                                                                                                                                                                                        0x00bc5368
                                                                                                                                                                                                                                                        0x00bc536a
                                                                                                                                                                                                                                                        0x00bc5371
                                                                                                                                                                                                                                                        0x00bc5380
                                                                                                                                                                                                                                                        0x00bc5387
                                                                                                                                                                                                                                                        0x00bc5387
                                                                                                                                                                                                                                                        0x00bc538c
                                                                                                                                                                                                                                                        0x00bc5392
                                                                                                                                                                                                                                                        0x00bc5395
                                                                                                                                                                                                                                                        0x00bc539a
                                                                                                                                                                                                                                                        0x00bc53a0
                                                                                                                                                                                                                                                        0x00bc53a6
                                                                                                                                                                                                                                                        0x00bc53ac
                                                                                                                                                                                                                                                        0x00bc53b9
                                                                                                                                                                                                                                                        0x00bc53c3
                                                                                                                                                                                                                                                        0x00bc53c8
                                                                                                                                                                                                                                                        0x00bc53ce
                                                                                                                                                                                                                                                        0x00bc53d1
                                                                                                                                                                                                                                                        0x00bc53df
                                                                                                                                                                                                                                                        0x00bc53e9
                                                                                                                                                                                                                                                        0x00bc53ef
                                                                                                                                                                                                                                                        0x00bc53f5
                                                                                                                                                                                                                                                        0x00bc53f9
                                                                                                                                                                                                                                                        0x00bc53fe
                                                                                                                                                                                                                                                        0x00bc5403
                                                                                                                                                                                                                                                        0x00bc5408
                                                                                                                                                                                                                                                        0x00bc52e3
                                                                                                                                                                                                                                                        0x00bc52e3
                                                                                                                                                                                                                                                        0x00bc52eb
                                                                                                                                                                                                                                                        0x00bc52fa
                                                                                                                                                                                                                                                        0x00bc5308
                                                                                                                                                                                                                                                        0x00bc5308
                                                                                                                                                                                                                                                        0x00bc534f
                                                                                                                                                                                                                                                        0x00bc5310
                                                                                                                                                                                                                                                        0x00bc52dc
                                                                                                                                                                                                                                                        0x00bc52de
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BC541A
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE552
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: LeaveCriticalSection.KERNEL32(00BFA18C,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE58F
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll), ref: 00BC5434
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NtQuerySection), ref: 00BC5440
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BC5450
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • ntdll.dll, xrefs: 00BC542F
                                                                                                                                                                                                                                                        • NtQuerySection, xrefs: 00BC543A
                                                                                                                                                                                                                                                        • CheckPlatformHandlePermissionsCorrespondToMode(handle.Get(), mode, size), xrefs: 00BC5371
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/memory/platform_shared_memory_region_win.cc, xrefs: 00BC537B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$AddressEnterHandleInit_thread_footerInit_thread_headerLeaveModuleProc
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/memory/platform_shared_memory_region_win.cc$CheckPlatformHandlePermissionsCorrespondToMode(handle.Get(), mode, size)$NtQuerySection$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 598948434-2418523825
                                                                                                                                                                                                                                                        • Opcode ID: f55532439a5de7a5065f1aa13bc40332df0c1b209cb943f2e6194578a9789367
                                                                                                                                                                                                                                                        • Instruction ID: b90bc6f4246a00e655ad49c8ad2a8bf075dd0bef6ec36883ad562ab578f0886e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f55532439a5de7a5065f1aa13bc40332df0c1b209cb943f2e6194578a9789367
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A05180B0600B049FC724DF24C885F66B7E5EF48350F1485ADE85A8B352EB70F989CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                                                                                                                        			E00BB7610(char** __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				char _v96;
                                                                                                                                                                                                                                                        				signed int _t17;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				char* _t20;
                                                                                                                                                                                                                                                        				signed short _t23;
                                                                                                                                                                                                                                                        				char* _t25;
                                                                                                                                                                                                                                                        				char* _t29;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				char* _t37;
                                                                                                                                                                                                                                                        				char** _t38;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t17 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t38 = __ecx;
                                                                                                                                                                                                                                                        				_t37 =  &_v92;
                                                                                                                                                                                                                                                        				_t25 =  &_v88;
                                                                                                                                                                                                                                                        				_t18 = _t17 ^ _t39;
                                                                                                                                                                                                                                                        				_v20 = _t18;
                                                                                                                                                                                                                                                        				_v92 = 0x44;
                                                                                                                                                                                                                                                        				__imp__CreateWellKnownSid(0x1a, 0, _t25, _t37);
                                                                                                                                                                                                                                                        				if(_t18 == 0) {
                                                                                                                                                                                                                                                        					_t29 =  <=  ? GetLastError() : _t19 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					_t20 = 0x14;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t23 =  &_v96;
                                                                                                                                                                                                                                                        					__imp__CheckTokenMembership(0, _t25, _t23);
                                                                                                                                                                                                                                                        					if(_t23 == 0) {
                                                                                                                                                                                                                                                        						_t29 =  <=  ? GetLastError() : _t24 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t20 = 0x19;
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						_t38[3] = 1;
                                                                                                                                                                                                                                                        						 *_t38 = "/builds/worker/checkouts/gecko/toolkit/xre/WinTokenUtils.cpp";
                                                                                                                                                                                                                                                        						_t38[1] = _t20;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_v96 == 0) {
                                                                                                                                                                                                                                                        							__ecx[3] = 0;
                                                                                                                                                                                                                                                        							 *__ecx = 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_v88 = 4;
                                                                                                                                                                                                                                                        							__imp__RegGetValueW(0x80000002, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", L"EnableLUA", 0x18, 0, _t37, _t25);
                                                                                                                                                                                                                                                        							if(_t23 == 0) {
                                                                                                                                                                                                                                                        								__ecx[3] = 0;
                                                                                                                                                                                                                                                        								 *__ecx = _v92 == 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__ecx[3] = 1;
                                                                                                                                                                                                                                                        								 *__ecx = "/builds/worker/checkouts/gecko/toolkit/xre/WinTokenUtils.cpp";
                                                                                                                                                                                                                                                        								__ecx[1] = 0x26;
                                                                                                                                                                                                                                                        								_t29 =  <=  ? _t23 : _t23 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t38[2] = _t29;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t39, _t36);
                                                                                                                                                                                                                                                        				return _t38;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bb7619
                                                                                                                                                                                                                                                        0x00bb761e
                                                                                                                                                                                                                                                        0x00bb7620
                                                                                                                                                                                                                                                        0x00bb7623
                                                                                                                                                                                                                                                        0x00bb7626
                                                                                                                                                                                                                                                        0x00bb7628
                                                                                                                                                                                                                                                        0x00bb762b
                                                                                                                                                                                                                                                        0x00bb7638
                                                                                                                                                                                                                                                        0x00bb7640
                                                                                                                                                                                                                                                        0x00bb76bd
                                                                                                                                                                                                                                                        0x00bb76c0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7642
                                                                                                                                                                                                                                                        0x00bb7642
                                                                                                                                                                                                                                                        0x00bb7649
                                                                                                                                                                                                                                                        0x00bb7651
                                                                                                                                                                                                                                                        0x00bb76fa
                                                                                                                                                                                                                                                        0x00bb76fd
                                                                                                                                                                                                                                                        0x00bb76c5
                                                                                                                                                                                                                                                        0x00bb76c5
                                                                                                                                                                                                                                                        0x00bb76c9
                                                                                                                                                                                                                                                        0x00bb76cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7657
                                                                                                                                                                                                                                                        0x00bb765b
                                                                                                                                                                                                                                                        0x00bb7704
                                                                                                                                                                                                                                                        0x00bb7708
                                                                                                                                                                                                                                                        0x00bb7661
                                                                                                                                                                                                                                                        0x00bb7661
                                                                                                                                                                                                                                                        0x00bb767d
                                                                                                                                                                                                                                                        0x00bb7685
                                                                                                                                                                                                                                                        0x00bb7711
                                                                                                                                                                                                                                                        0x00bb7715
                                                                                                                                                                                                                                                        0x00bb768b
                                                                                                                                                                                                                                                        0x00bb768e
                                                                                                                                                                                                                                                        0x00bb7692
                                                                                                                                                                                                                                                        0x00bb7698
                                                                                                                                                                                                                                                        0x00bb76a7
                                                                                                                                                                                                                                                        0x00bb76d2
                                                                                                                                                                                                                                                        0x00bb76d2
                                                                                                                                                                                                                                                        0x00bb76d2
                                                                                                                                                                                                                                                        0x00bb7685
                                                                                                                                                                                                                                                        0x00bb765b
                                                                                                                                                                                                                                                        0x00bb7651
                                                                                                                                                                                                                                                        0x00bb76da
                                                                                                                                                                                                                                                        0x00bb76e8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(0000001A,00000000,?,?), ref: 00BB7638
                                                                                                                                                                                                                                                        • CheckTokenMembership.ADVAPI32(00000000,?,?), ref: 00BB7649
                                                                                                                                                                                                                                                        • RegGetValueW.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System,EnableLUA,00000018,00000000,?,?), ref: 00BB767D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB76AC
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB76E9
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$CheckCreateKnownMembershipTokenValueWell
                                                                                                                                                                                                                                                        • String ID: D$EnableLUA$SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
                                                                                                                                                                                                                                                        • API String ID: 1024955626-3817370942
                                                                                                                                                                                                                                                        • Opcode ID: 45bdc48971da33319a54c0636c416d813a16e8317dd187ff2def1a2bd82d0fd1
                                                                                                                                                                                                                                                        • Instruction ID: 8d9bd2456b75fee7451fa7923cc7195279cf4881eb1dae710a94e1f435accf1b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 45bdc48971da33319a54c0636c416d813a16e8317dd187ff2def1a2bd82d0fd1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6621A5716447889FE7208B69CC58BBA7BE4EF44704F10845DE59B9B2D0DFB89804CB61
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 17%
                                                                                                                                                                                                                                                        			E00BB5DD0(void* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA _v172;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				intOrPtr _t14;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				longlong _t23;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				intOrPtr* _t34;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t33 = __edx;
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t35 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t12 ^ _t36;
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa798; // 0x3839
                                                                                                                                                                                                                                                        				if(_t14 > 0x3838) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					 *(_t35 + 7) =  *(_t35 + 7) | 0x00000010;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t16 =  *0xbfa03c; // 0xffffffff
                                                                                                                                                                                                                                                        					if(_t16 >= 0x383a) {
                                                                                                                                                                                                                                                        						memset( &(_v172.dwMinorVersion), 0, 0x94);
                                                                                                                                                                                                                                                        						_t34 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        						_v172.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        						_v172.dwMajorVersion = 0xa;
                                                                                                                                                                                                                                                        						_v172.dwBuildNumber = 0x3839;
                                                                                                                                                                                                                                                        						_t19 =  *_t34(0, 0, 2, 3);
                                                                                                                                                                                                                                                        						_t20 =  *_t34(_t19, _t33, 1, 3);
                                                                                                                                                                                                                                                        						_t21 =  *_t34(_t20, _t33, 4, 3);
                                                                                                                                                                                                                                                        						_t22 =  *_t34(_t21, _t33, 0x20, 3);
                                                                                                                                                                                                                                                        						_t23 =  *_t34(_t22, _t33, 0x10, 3);
                                                                                                                                                                                                                                                        						_push(_t33);
                                                                                                                                                                                                                                                        						if(VerifyVersionInfoA( &_v172, 0x37, _t23) == 0) {
                                                                                                                                                                                                                                                        							 *0xbfa03c = 0x3839;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *0xbfa798 = 0x3839;
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v16 ^ _t36, _t33);
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bb5dd0
                                                                                                                                                                                                                                                        0x00bb5ddb
                                                                                                                                                                                                                                                        0x00bb5de0
                                                                                                                                                                                                                                                        0x00bb5de4
                                                                                                                                                                                                                                                        0x00bb5de7
                                                                                                                                                                                                                                                        0x00bb5df1
                                                                                                                                                                                                                                                        0x00bb5e9b
                                                                                                                                                                                                                                                        0x00bb5e9b
                                                                                                                                                                                                                                                        0x00bb5df7
                                                                                                                                                                                                                                                        0x00bb5df7
                                                                                                                                                                                                                                                        0x00bb5e01
                                                                                                                                                                                                                                                        0x00bb5e25
                                                                                                                                                                                                                                                        0x00bb5e2d
                                                                                                                                                                                                                                                        0x00bb5e33
                                                                                                                                                                                                                                                        0x00bb5e3d
                                                                                                                                                                                                                                                        0x00bb5e47
                                                                                                                                                                                                                                                        0x00bb5e59
                                                                                                                                                                                                                                                        0x00bb5e61
                                                                                                                                                                                                                                                        0x00bb5e69
                                                                                                                                                                                                                                                        0x00bb5e71
                                                                                                                                                                                                                                                        0x00bb5e79
                                                                                                                                                                                                                                                        0x00bb5e81
                                                                                                                                                                                                                                                        0x00bb5e8e
                                                                                                                                                                                                                                                        0x00bb5ea9
                                                                                                                                                                                                                                                        0x00bb5e90
                                                                                                                                                                                                                                                        0x00bb5e95
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5e95
                                                                                                                                                                                                                                                        0x00bb5e8e
                                                                                                                                                                                                                                                        0x00bb5e01
                                                                                                                                                                                                                                                        0x00bb5e16

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB5E25
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BB5E59
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BB5E61
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000004,00000003), ref: 00BB5E69
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BB5E71
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BB5E79
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000037,00000000), ref: 00BB5E86
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ConditionMask$InfoVerifyVersionmemset
                                                                                                                                                                                                                                                        • String ID: 98
                                                                                                                                                                                                                                                        • API String ID: 375572348-1734289371
                                                                                                                                                                                                                                                        • Opcode ID: f4b709c03c05cc305700abe5acf3167969175279107776ad63787121c859fc27
                                                                                                                                                                                                                                                        • Instruction ID: dff881ee454c36794248d3b547eaa0bc917ec278d121c5368903d19503b9ddd6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f4b709c03c05cc305700abe5acf3167969175279107776ad63787121c859fc27
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 652136B1B403447BE735AB65EC46FB676ACDB84B00F008499F249AB1C1DEF49B44CB66
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BCC4E0(void* __ecx, intOrPtr _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				int _t17;
                                                                                                                                                                                                                                                        				int _t23;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t37 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t14 ^ _t39;
                                                                                                                                                                                                                                                        				_t29 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t36 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t16 =  *0xbfb4f0;
                                                                                                                                                                                                                                                        				if( *0xbfb4f0 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t29 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					_t16 = E00BEE547(_t16, 0xbfb4f0);
                                                                                                                                                                                                                                                        					__eflags =  *0xbfb4f0 - 0xffffffff;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *0xbfb4ec = GetProcAddress(GetModuleHandleW(L"userenv"), "GetAppContainerRegistryLocation");
                                                                                                                                                                                                                                                        					_t16 = E00BEE599(0xbfb4f0);
                                                                                                                                                                                                                                                        					__eflags =  *0xbfb4ec;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t27 = 0;
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						E00BEECB0(_v16 ^ _t39, _t36);
                                                                                                                                                                                                                                                        						return _t27;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t36 =  &_v20;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_t17 = E00BCC5E0(_t16, _t37,  &_v20, __eflags);
                                                                                                                                                                                                                                                        					__eflags = _t17;
                                                                                                                                                                                                                                                        					if(_t17 == 0) {
                                                                                                                                                                                                                                                        						_t27 = 0;
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						E00BC51B0(_t17,  &_v20);
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					ImpersonateLoggedOnUser(_v20);
                                                                                                                                                                                                                                                        					_t23 =  *0xbfb4ec(_a4,  &_v24);
                                                                                                                                                                                                                                                        					__eflags = _t23;
                                                                                                                                                                                                                                                        					if(_t23 >= 0) {
                                                                                                                                                                                                                                                        						E00BC5200(_t23, _a8, _v24);
                                                                                                                                                                                                                                                        						_t27 = 1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t27 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t17 = RevertToSelf();
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				if( *0xbfb4ec != 0) {
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bcc4e8
                                                                                                                                                                                                                                                        0x00bcc4ed
                                                                                                                                                                                                                                                        0x00bcc4f1
                                                                                                                                                                                                                                                        0x00bcc4f4
                                                                                                                                                                                                                                                        0x00bcc4fa
                                                                                                                                                                                                                                                        0x00bcc501
                                                                                                                                                                                                                                                        0x00bcc50f
                                                                                                                                                                                                                                                        0x00bcc536
                                                                                                                                                                                                                                                        0x00bcc53e
                                                                                                                                                                                                                                                        0x00bcc545
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc55e
                                                                                                                                                                                                                                                        0x00bcc568
                                                                                                                                                                                                                                                        0x00bcc570
                                                                                                                                                                                                                                                        0x00bcc577
                                                                                                                                                                                                                                                        0x00bcc51a
                                                                                                                                                                                                                                                        0x00bcc51a
                                                                                                                                                                                                                                                        0x00bcc51c
                                                                                                                                                                                                                                                        0x00bcc521
                                                                                                                                                                                                                                                        0x00bcc52e
                                                                                                                                                                                                                                                        0x00bcc52e
                                                                                                                                                                                                                                                        0x00bcc579
                                                                                                                                                                                                                                                        0x00bcc579
                                                                                                                                                                                                                                                        0x00bcc57e
                                                                                                                                                                                                                                                        0x00bcc585
                                                                                                                                                                                                                                                        0x00bcc58a
                                                                                                                                                                                                                                                        0x00bcc58c
                                                                                                                                                                                                                                                        0x00bcc5ad
                                                                                                                                                                                                                                                        0x00bcc5c4
                                                                                                                                                                                                                                                        0x00bcc5c7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc5c7
                                                                                                                                                                                                                                                        0x00bcc594
                                                                                                                                                                                                                                                        0x00bcc59f
                                                                                                                                                                                                                                                        0x00bcc5a5
                                                                                                                                                                                                                                                        0x00bcc5a7
                                                                                                                                                                                                                                                        0x00bcc5b7
                                                                                                                                                                                                                                                        0x00bcc5bc
                                                                                                                                                                                                                                                        0x00bcc5a9
                                                                                                                                                                                                                                                        0x00bcc5a9
                                                                                                                                                                                                                                                        0x00bcc5a9
                                                                                                                                                                                                                                                        0x00bcc5be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc5be
                                                                                                                                                                                                                                                        0x00bcc511
                                                                                                                                                                                                                                                        0x00bcc518
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCC536
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(userenv), ref: 00BCC54C
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetAppContainerRegistryLocation), ref: 00BCC558
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCC568
                                                                                                                                                                                                                                                        • ImpersonateLoggedOnUser.ADVAPI32(00000000), ref: 00BCC594
                                                                                                                                                                                                                                                        • RevertToSelf.ADVAPI32(?), ref: 00BCC5BE
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorHandleLast$AddressImpersonateInit_thread_footerInit_thread_headerLoggedModuleProcRevertSelfUserVerifier
                                                                                                                                                                                                                                                        • String ID: GetAppContainerRegistryLocation$userenv
                                                                                                                                                                                                                                                        • API String ID: 451835585-1384793904
                                                                                                                                                                                                                                                        • Opcode ID: cb3581132f95b27b37f8b5965df9f35a813b268b44a0f424aa8ebe662229d723
                                                                                                                                                                                                                                                        • Instruction ID: 50fd6bfdcc202cccd7b746ad15eeda454ef4ee279f2bc557df119d6e401f37e9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cb3581132f95b27b37f8b5965df9f35a813b268b44a0f424aa8ebe662229d723
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 79217F71A002099FCB10EFA5ED96FBA7BE5FB64314F0040A9E919973A2DF706948CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                                                                                                                        			E00BEBE20() {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				short _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				char* _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				short _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t25;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				WCHAR* _t31;
                                                                                                                                                                                                                                                        				char* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t23 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t23 ^ _t33;
                                                                                                                                                                                                                                                        				_t25 = getenv("MOZ_ENABLE_HANDLE_VERIFIER");
                                                                                                                                                                                                                                                        				if(_t25 != 0) {
                                                                                                                                                                                                                                                        					asm("movaps xmm0, [0xbf1e50]");
                                                                                                                                                                                                                                                        					asm("movups [ebp-0x28], xmm0");
                                                                                                                                                                                                                                                        					_v28 = 0x64002e;
                                                                                                                                                                                                                                                        					_v24 = 0x6c006c;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					if( *0xbfb710 == 0) {
                                                                                                                                                                                                                                                        						_t25 = LoadLibraryW( &_v44);
                                                                                                                                                                                                                                                        						 *0xbfb710 = _t25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t32 =  &_v48;
                                                                                                                                                                                                                                                        					_t31 =  &_v44;
                                                                                                                                                                                                                                                        					_v44 = 0xbfb75c;
                                                                                                                                                                                                                                                        					_v40 = 0xbfb6dc;
                                                                                                                                                                                                                                                        					_v36 = "CloseHandle";
                                                                                                                                                                                                                                                        					_v32 = E00BEBF40;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					__imp__InitOnceExecuteOnce(0xbfb760, E00BEBFA0, _t31, _t32);
                                                                                                                                                                                                                                                        					if(_t25 != 0 && _v48 != 0) {
                                                                                                                                                                                                                                                        						_v44 = 0xbfb764;
                                                                                                                                                                                                                                                        						_v40 = 0xbfb6dc;
                                                                                                                                                                                                                                                        						_v36 = "DuplicateHandle";
                                                                                                                                                                                                                                                        						_v32 = E00BEBF60;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						__imp__InitOnceExecuteOnce(0xbfb768, E00BEBFA0, _t31, _t32);
                                                                                                                                                                                                                                                        						if(_t25 == 0) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v48 != 0) {
                                                                                                                                                                                                                                                        							L2:
                                                                                                                                                                                                                                                        							return E00BEECB0(_v16 ^ _t33, _t30);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BCAB40();
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00bebe28
                                                                                                                                                                                                                                                        0x00bebe2f
                                                                                                                                                                                                                                                        0x00bebe37
                                                                                                                                                                                                                                                        0x00bebe42
                                                                                                                                                                                                                                                        0x00bebe5a
                                                                                                                                                                                                                                                        0x00bebe68
                                                                                                                                                                                                                                                        0x00bebe6c
                                                                                                                                                                                                                                                        0x00bebe73
                                                                                                                                                                                                                                                        0x00bebe7a
                                                                                                                                                                                                                                                        0x00bebe80
                                                                                                                                                                                                                                                        0x00bebe86
                                                                                                                                                                                                                                                        0x00bebe8c
                                                                                                                                                                                                                                                        0x00bebe8c
                                                                                                                                                                                                                                                        0x00bebe91
                                                                                                                                                                                                                                                        0x00bebe94
                                                                                                                                                                                                                                                        0x00bebe97
                                                                                                                                                                                                                                                        0x00bebe9e
                                                                                                                                                                                                                                                        0x00bebea5
                                                                                                                                                                                                                                                        0x00bebeac
                                                                                                                                                                                                                                                        0x00bebeb3
                                                                                                                                                                                                                                                        0x00bebeba
                                                                                                                                                                                                                                                        0x00bebeca
                                                                                                                                                                                                                                                        0x00bebed2
                                                                                                                                                                                                                                                        0x00bebee2
                                                                                                                                                                                                                                                        0x00bebee9
                                                                                                                                                                                                                                                        0x00bebef0
                                                                                                                                                                                                                                                        0x00bebef7
                                                                                                                                                                                                                                                        0x00bebefe
                                                                                                                                                                                                                                                        0x00bebf05
                                                                                                                                                                                                                                                        0x00bebf15
                                                                                                                                                                                                                                                        0x00bebf1d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bebf27
                                                                                                                                                                                                                                                        0x00bebe49
                                                                                                                                                                                                                                                        0x00bebe59
                                                                                                                                                                                                                                                        0x00bebe59
                                                                                                                                                                                                                                                        0x00bebf2d
                                                                                                                                                                                                                                                        0x00bebed2
                                                                                                                                                                                                                                                        0x00bebe44
                                                                                                                                                                                                                                                        0x00bebe44
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_ENABLE_HANDLE_VERIFIER,?,?,?,?,?,00000000,?,?,00BEBDB7,?,00BEBD7B,00BB1412), ref: 00BEBE37
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(?), ref: 00BEBE86
                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(00BFB760,00BEBFA0,?,?), ref: 00BEBECA
                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(00BFB768,00BEBFA0,?,?), ref: 00BEBF15
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Once$ExecuteInit$LibraryLoadgetenv
                                                                                                                                                                                                                                                        • String ID: .$DuplicateHandle$MOZ_ENABLE_HANDLE_VERIFIER$l
                                                                                                                                                                                                                                                        • API String ID: 3097556743-1064258692
                                                                                                                                                                                                                                                        • Opcode ID: 79b7be14cfd7f1d409a21e5e3decb8f1ecec4dcdd1bdbe1144b04d054f48fb6e
                                                                                                                                                                                                                                                        • Instruction ID: 9fb84546bf79cb526e9396962f5eff2a239ec72ab6e5434b2b44df0fab296bdd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 79b7be14cfd7f1d409a21e5e3decb8f1ecec4dcdd1bdbe1144b04d054f48fb6e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 44214871D0038D9ADB109FA6D849FEFBBF5EB48718F045498D61077260DBB05A88CFA9
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 62%
                                                                                                                                                                                                                                                        			E00BBE460(char _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v17;
                                                                                                                                                                                                                                                        				char _v2064;
                                                                                                                                                                                                                                                        				intOrPtr _v2068;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				int _t13;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t14;
                                                                                                                                                                                                                                                        				intOrPtr* _t15;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				CHAR* _t23;
                                                                                                                                                                                                                                                        				char* _t24;
                                                                                                                                                                                                                                                        				char* _t25;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t26;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t11 ^ _t27;
                                                                                                                                                                                                                                                        				_t13 = IsDebuggerPresent();
                                                                                                                                                                                                                                                        				if(_t13 != 0) {
                                                                                                                                                                                                                                                        					_t25 =  &_a8;
                                                                                                                                                                                                                                                        					_v2068 = _t25;
                                                                                                                                                                                                                                                        					_t13 = E00BB18B0();
                                                                                                                                                                                                                                                        					_t23 =  &_v2064;
                                                                                                                                                                                                                                                        					__imp____stdio_common_vsprintf( *_t13 | 0x00000002,  *((intOrPtr*)(_t13 + 4)), _t23, 0x800, "\n\nBROWSERBROWSERBROWSERBROWSER\n  debug me @ %lu\n\n", 0, _t25);
                                                                                                                                                                                                                                                        					_t28 = _t28 + 0x1c;
                                                                                                                                                                                                                                                        					_v17 = 0;
                                                                                                                                                                                                                                                        					OutputDebugStringA(_t23);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp___dup(2);
                                                                                                                                                                                                                                                        				_t14 = _fdopen(_t13, 0xbf344c);
                                                                                                                                                                                                                                                        				if(_t14 != 0) {
                                                                                                                                                                                                                                                        					_t24 =  &_a8;
                                                                                                                                                                                                                                                        					_t26 = _t14;
                                                                                                                                                                                                                                                        					_v2064 = _t24;
                                                                                                                                                                                                                                                        					_t15 = E00BB18B0();
                                                                                                                                                                                                                                                        					__imp____stdio_common_vfprintf( *_t15,  *((intOrPtr*)(_t15 + 4)), _t26, "\n\nBROWSERBROWSERBROWSERBROWSER\n  debug me @ %lu\n\n", 0, _t24);
                                                                                                                                                                                                                                                        					fclose(_t26);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v16 ^ _t27, _t22);
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00bbe46b
                                                                                                                                                                                                                                                        0x00bbe472
                                                                                                                                                                                                                                                        0x00bbe475
                                                                                                                                                                                                                                                        0x00bbe47d
                                                                                                                                                                                                                                                        0x00bbe4b1
                                                                                                                                                                                                                                                        0x00bbe4b4
                                                                                                                                                                                                                                                        0x00bbe4ba
                                                                                                                                                                                                                                                        0x00bbe4c1
                                                                                                                                                                                                                                                        0x00bbe4dc
                                                                                                                                                                                                                                                        0x00bbe4e2
                                                                                                                                                                                                                                                        0x00bbe4e5
                                                                                                                                                                                                                                                        0x00bbe4ea
                                                                                                                                                                                                                                                        0x00bbe4ea
                                                                                                                                                                                                                                                        0x00bbe481
                                                                                                                                                                                                                                                        0x00bbe490
                                                                                                                                                                                                                                                        0x00bbe49b
                                                                                                                                                                                                                                                        0x00bbe4f2
                                                                                                                                                                                                                                                        0x00bbe4f5
                                                                                                                                                                                                                                                        0x00bbe4f7
                                                                                                                                                                                                                                                        0x00bbe4fd
                                                                                                                                                                                                                                                        0x00bbe510
                                                                                                                                                                                                                                                        0x00bbe51a
                                                                                                                                                                                                                                                        0x00bbe520
                                                                                                                                                                                                                                                        0x00bbe4b0

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • IsDebuggerPresent.KERNEL32 ref: 00BBE475
                                                                                                                                                                                                                                                        • _dup.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 00BBE481
                                                                                                                                                                                                                                                        • _fdopen.API-MS-WIN-CRT-MATH-L1-1-0(00000000,00BF344C), ref: 00BBE490
                                                                                                                                                                                                                                                        • __stdio_common_vsprintf.API-MS-WIN-CRT-STDIO-L1-1-0(?,?,?,00000800,BROWSERBROWSERBROWSERBROWSER debug me @ %lu,00000000,00000001), ref: 00BBE4DC
                                                                                                                                                                                                                                                        • OutputDebugStringA.KERNEL32(?), ref: 00BBE4EA
                                                                                                                                                                                                                                                        • __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,BROWSERBROWSERBROWSERBROWSER debug me @ %lu,00000000,00000001), ref: 00BBE510
                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 00BBE51A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: DebugDebuggerOutputPresentString__stdio_common_vfprintf__stdio_common_vsprintf_dup_fdopenfclose
                                                                                                                                                                                                                                                        • String ID: BROWSERBROWSERBROWSERBROWSER debug me @ %lu
                                                                                                                                                                                                                                                        • API String ID: 3054222236-2161972429
                                                                                                                                                                                                                                                        • Opcode ID: fc733cb118d8bddc2672167858710b9bbd09a266c2b166f47e1f91348f3ec64f
                                                                                                                                                                                                                                                        • Instruction ID: 8a9a21afabe2b4b37fbd8a988b96e4e2c103e8a3621ab4a3dfcbf8cd02b0ba2b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fc733cb118d8bddc2672167858710b9bbd09a266c2b166f47e1f91348f3ec64f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45117F30940114ABDB205B299C0AFBE7BB4FF41700F44C4E8F959672A1DF759618CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BB16A0(intOrPtr _a4, char _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v2068;
                                                                                                                                                                                                                                                        				char _v6164;
                                                                                                                                                                                                                                                        				intOrPtr _v6168;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				intOrPtr* _t12;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t14;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t16;
                                                                                                                                                                                                                                                        				char* _t19;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				char* _t23;
                                                                                                                                                                                                                                                        				short* _t24;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t26;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				E00BEF1D0();
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t23 =  &_a8;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t27;
                                                                                                                                                                                                                                                        				_v6168 = _t23;
                                                                                                                                                                                                                                                        				_t12 = E00BB18B0();
                                                                                                                                                                                                                                                        				_t19 =  &_v2068;
                                                                                                                                                                                                                                                        				__imp____stdio_common_vsnprintf_s( *_t12,  *((intOrPtr*)(_t12 + 4)), _t19, 0x800, 0xffffffff, _a4, 0, _t23);
                                                                                                                                                                                                                                                        				_t24 =  &_v6164;
                                                                                                                                                                                                                                                        				MultiByteToWideChar(0xfde9, 0, _t19, 0xffffffff, _t24, 0x800);
                                                                                                                                                                                                                                                        				_t14 = LoadLibraryW(L"user32.dll");
                                                                                                                                                                                                                                                        				if(_t14 != 0) {
                                                                                                                                                                                                                                                        					_t26 = _t14;
                                                                                                                                                                                                                                                        					_t16 = GetProcAddress(_t14, "MessageBoxW");
                                                                                                                                                                                                                                                        					if(_t16 != 0) {
                                                                                                                                                                                                                                                        						 *_t16(0, _t24, L"Firefox", 0x10010);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					FreeLibrary(_t26);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v20 ^ _t27, _t22);
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bb16ab
                                                                                                                                                                                                                                                        0x00bb16b0
                                                                                                                                                                                                                                                        0x00bb16b8
                                                                                                                                                                                                                                                        0x00bb16bd
                                                                                                                                                                                                                                                        0x00bb16c0
                                                                                                                                                                                                                                                        0x00bb16c6
                                                                                                                                                                                                                                                        0x00bb16cb
                                                                                                                                                                                                                                                        0x00bb16e2
                                                                                                                                                                                                                                                        0x00bb16eb
                                                                                                                                                                                                                                                        0x00bb1701
                                                                                                                                                                                                                                                        0x00bb170c
                                                                                                                                                                                                                                                        0x00bb1714
                                                                                                                                                                                                                                                        0x00bb1716
                                                                                                                                                                                                                                                        0x00bb171e
                                                                                                                                                                                                                                                        0x00bb1726
                                                                                                                                                                                                                                                        0x00bb1735
                                                                                                                                                                                                                                                        0x00bb1735
                                                                                                                                                                                                                                                        0x00bb1738
                                                                                                                                                                                                                                                        0x00bb1738
                                                                                                                                                                                                                                                        0x00bb1752

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __stdio_common_vsnprintf_s.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,00000800,000000FF,00BB1810,00000000,?,00000000,00000001,?,?,00BB1810,Couldn't find the application directory.), ref: 00BB16E2
                                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,000000FF,?,00000800), ref: 00BB1701
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(user32.dll), ref: 00BB170C
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,MessageBoxW), ref: 00BB171E
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(00000000), ref: 00BB1738
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressByteCharFreeLoadMultiProcWide__stdio_common_vsnprintf_s
                                                                                                                                                                                                                                                        • String ID: Firefox$MessageBoxW$user32.dll
                                                                                                                                                                                                                                                        • API String ID: 2908012181-4128141035
                                                                                                                                                                                                                                                        • Opcode ID: a40b507407866bb88fc7d22a7aca74ad38b68c1701cc15cdca9bd265e099c9eb
                                                                                                                                                                                                                                                        • Instruction ID: 6ebf71106d4943606de4b973e3f46da3b8fb88674e5aa82a912518aaa9aa5982
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a40b507407866bb88fc7d22a7aca74ad38b68c1701cc15cdca9bd265e099c9eb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1611C631640218BBD7205B659C49FBB37BCFF45750F1085A4F514AB2D0CFB05A49CB61
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 87%
                                                                                                                                                                                                                                                        			E00BC0F90(void** __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				void** _v44;
                                                                                                                                                                                                                                                        				signed int _t151;
                                                                                                                                                                                                                                                        				void* _t155;
                                                                                                                                                                                                                                                        				signed int _t156;
                                                                                                                                                                                                                                                        				void* _t157;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				signed int _t163;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				void* _t166;
                                                                                                                                                                                                                                                        				void** _t170;
                                                                                                                                                                                                                                                        				signed int _t171;
                                                                                                                                                                                                                                                        				signed int _t172;
                                                                                                                                                                                                                                                        				signed int _t173;
                                                                                                                                                                                                                                                        				signed int _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				signed int _t185;
                                                                                                                                                                                                                                                        				signed int _t188;
                                                                                                                                                                                                                                                        				signed int _t190;
                                                                                                                                                                                                                                                        				signed int _t192;
                                                                                                                                                                                                                                                        				signed int _t194;
                                                                                                                                                                                                                                                        				signed int _t204;
                                                                                                                                                                                                                                                        				signed int _t205;
                                                                                                                                                                                                                                                        				signed int _t208;
                                                                                                                                                                                                                                                        				signed int _t209;
                                                                                                                                                                                                                                                        				signed int _t213;
                                                                                                                                                                                                                                                        				signed int _t214;
                                                                                                                                                                                                                                                        				signed int _t216;
                                                                                                                                                                                                                                                        				signed int _t220;
                                                                                                                                                                                                                                                        				void* _t222;
                                                                                                                                                                                                                                                        				signed int _t230;
                                                                                                                                                                                                                                                        				signed int _t231;
                                                                                                                                                                                                                                                        				signed int _t233;
                                                                                                                                                                                                                                                        				void* _t236;
                                                                                                                                                                                                                                                        				void* _t238;
                                                                                                                                                                                                                                                        				void* _t239;
                                                                                                                                                                                                                                                        				signed int _t240;
                                                                                                                                                                                                                                                        				void* _t241;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t242;
                                                                                                                                                                                                                                                        				void* _t244;
                                                                                                                                                                                                                                                        				void* _t247;
                                                                                                                                                                                                                                                        				void* _t249;
                                                                                                                                                                                                                                                        				signed int _t250;
                                                                                                                                                                                                                                                        				void* _t258;
                                                                                                                                                                                                                                                        				signed int _t259;
                                                                                                                                                                                                                                                        				signed int _t263;
                                                                                                                                                                                                                                                        				signed int _t264;
                                                                                                                                                                                                                                                        				signed int _t266;
                                                                                                                                                                                                                                                        				signed int _t267;
                                                                                                                                                                                                                                                        				void* _t268;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t269;
                                                                                                                                                                                                                                                        				signed int _t271;
                                                                                                                                                                                                                                                        				signed int _t273;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t170 = __ecx;
                                                                                                                                                                                                                                                        				_v44 = __ecx;
                                                                                                                                                                                                                                                        				if( *__ecx == 0x38) {
                                                                                                                                                                                                                                                        					_t151 = RtlAllocateHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, 0x38);
                                                                                                                                                                                                                                                        					__eflags = _t151;
                                                                                                                                                                                                                                                        					_v28 = _t151;
                                                                                                                                                                                                                                                        					if(_t151 == 0) {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						return 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t178 = _t170[1];
                                                                                                                                                                                                                                                        					__eflags = _t178;
                                                                                                                                                                                                                                                        					if(_t178 <= 0) {
                                                                                                                                                                                                                                                        						L60:
                                                                                                                                                                                                                                                        						 *_t170 = _v28;
                                                                                                                                                                                                                                                        						_t170[2] = 1;
                                                                                                                                                                                                                                                        						L65:
                                                                                                                                                                                                                                                        						return 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t155 =  *_t170;
                                                                                                                                                                                                                                                        					_t171 = _v28;
                                                                                                                                                                                                                                                        					_v40 = _t155 + _t178 * 0x38;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t171 + 0x10)) =  *((intOrPtr*)(_t155 + 0x10));
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        						asm("movsd [ebx+0x8], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [ebx], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax+0x14]");
                                                                                                                                                                                                                                                        						asm("movsd [ebx+0x14], xmm0");
                                                                                                                                                                                                                                                        						 *(_t155 + 0x18) = 0;
                                                                                                                                                                                                                                                        						 *(_t155 + 0x14) = 0;
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax+0x1c]");
                                                                                                                                                                                                                                                        						asm("movsd [ebx+0x1c], xmm0");
                                                                                                                                                                                                                                                        						 *(_t155 + 0x20) = 0;
                                                                                                                                                                                                                                                        						 *(_t155 + 0x1c) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t171 + 0x24)) =  *((intOrPtr*)(_t155 + 0x24));
                                                                                                                                                                                                                                                        						 *(_t171 + 0x2c) =  *(_t155 + 0x2c);
                                                                                                                                                                                                                                                        						 *(_t171 + 0x30) =  *(_t155 + 0x30);
                                                                                                                                                                                                                                                        						_t185 =  *(_t155 + 0x28);
                                                                                                                                                                                                                                                        						__eflags = _t185 - 4;
                                                                                                                                                                                                                                                        						if(_t185 != 4) {
                                                                                                                                                                                                                                                        							 *(_t171 + 0x28) = _t185;
                                                                                                                                                                                                                                                        							 *(_t155 + 0x28) = 4;
                                                                                                                                                                                                                                                        							 *(_t155 + 0x30) = 0;
                                                                                                                                                                                                                                                        							 *(_t155 + 0x2c) = 0;
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *(_t171 + 0x28) = 4;
                                                                                                                                                                                                                                                        						_t188 =  *(_t155 + 0x2c);
                                                                                                                                                                                                                                                        						__eflags = _t188;
                                                                                                                                                                                                                                                        						if(_t188 <= 0) {
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t230 =  *(_t155 + 0x28);
                                                                                                                                                                                                                                                        						_t244 = _t230 + _t188 * 4;
                                                                                                                                                                                                                                                        						_t259 = _t230 + 4;
                                                                                                                                                                                                                                                        						_v20 = _t230;
                                                                                                                                                                                                                                                        						__eflags = _t244 - _t259;
                                                                                                                                                                                                                                                        						_v24 = _t259;
                                                                                                                                                                                                                                                        						_t190 =  !_t230;
                                                                                                                                                                                                                                                        						_t260 =  >  ? _t244 : _t259;
                                                                                                                                                                                                                                                        						_t261 = ( >  ? _t244 : _t259) + _t190;
                                                                                                                                                                                                                                                        						_t262 = ( >  ? _t244 : _t259) + _t190 >> 2;
                                                                                                                                                                                                                                                        						_t263 = (( >  ? _t244 : _t259) + _t190 >> 2) + 1;
                                                                                                                                                                                                                                                        						_v36 = _t263;
                                                                                                                                                                                                                                                        						__eflags = _t263 - 8;
                                                                                                                                                                                                                                                        						_t264 = 4;
                                                                                                                                                                                                                                                        						if(_t263 >= 8) {
                                                                                                                                                                                                                                                        							_t231 = _v24;
                                                                                                                                                                                                                                                        							__eflags = _t244 - _t231;
                                                                                                                                                                                                                                                        							_t232 =  >  ? _t244 : _t231;
                                                                                                                                                                                                                                                        							_t191 = _t190 + ( >  ? _t244 : _t231);
                                                                                                                                                                                                                                                        							_t233 = _v20;
                                                                                                                                                                                                                                                        							_t192 = _t190 + ( >  ? _t244 : _t231) & 0xfffffffc;
                                                                                                                                                                                                                                                        							__eflags = _t233 + _t192 + 4 - 5;
                                                                                                                                                                                                                                                        							if(_t233 + _t192 + 4 < 5) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_v32 = _t244;
                                                                                                                                                                                                                                                        								_t266 = _v36 & 0xfffffff8;
                                                                                                                                                                                                                                                        								_t194 = _v20 + _t266 * 4;
                                                                                                                                                                                                                                                        								_v24 = _t266;
                                                                                                                                                                                                                                                        								_t57 = _t266 * 4; // 0x4
                                                                                                                                                                                                                                                        								_t264 = 0x14 + _t57 - 0x10;
                                                                                                                                                                                                                                                        								_t236 = 0;
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									asm("movups xmm0, [edi+edx*4]");
                                                                                                                                                                                                                                                        									asm("movups xmm1, [edi+edx*4+0x10]");
                                                                                                                                                                                                                                                        									asm("movups [edi+edx*4-0x10], xmm0");
                                                                                                                                                                                                                                                        									asm("movups [edi+edx*4], xmm1");
                                                                                                                                                                                                                                                        									_t236 = _t236 + 8;
                                                                                                                                                                                                                                                        									__eflags = _v24 - _t236;
                                                                                                                                                                                                                                                        								} while (_v24 != _t236);
                                                                                                                                                                                                                                                        								_t244 = _v32;
                                                                                                                                                                                                                                                        								__eflags = _v36 - _v24;
                                                                                                                                                                                                                                                        								if(_v36 == _v24) {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									L21:
                                                                                                                                                                                                                                                        									_t238 =  *_t194;
                                                                                                                                                                                                                                                        									_t194 = _t194 + 4;
                                                                                                                                                                                                                                                        									 *_t264 = _t238;
                                                                                                                                                                                                                                                        									_t264 = _t264 + 4;
                                                                                                                                                                                                                                                        									__eflags = _t194 - _t244;
                                                                                                                                                                                                                                                        								} while (_t194 < _t244);
                                                                                                                                                                                                                                                        								goto L9;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t47 = _t192 - 0xc; // 0x8
                                                                                                                                                                                                                                                        							__eflags = _v20 - 0x14 + _t47;
                                                                                                                                                                                                                                                        							if(_v20 >= 0x14 + _t47) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t194 = _v20;
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t194 = _v20;
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t155 = _t155 + 0x38;
                                                                                                                                                                                                                                                        						_t171 = _t171 + 0x38;
                                                                                                                                                                                                                                                        						__eflags = _t155 - _v40;
                                                                                                                                                                                                                                                        					} while (_t155 < _v40);
                                                                                                                                                                                                                                                        					_t170 = _v44;
                                                                                                                                                                                                                                                        					_t156 = _t170[1];
                                                                                                                                                                                                                                                        					__eflags = _t156;
                                                                                                                                                                                                                                                        					if(_t156 <= 0) {
                                                                                                                                                                                                                                                        						goto L60;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t241 =  *_t170;
                                                                                                                                                                                                                                                        					_t258 = _t241 + _t156 * 0x38;
                                                                                                                                                                                                                                                        					_t242 = _t241 + 0x14;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t157 =  *(_t242 + 0x14);
                                                                                                                                                                                                                                                        						__eflags = _t157 - 4;
                                                                                                                                                                                                                                                        						if(_t157 != 4) {
                                                                                                                                                                                                                                                        							RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t157);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags =  *(_t242 + 0xc);
                                                                                                                                                                                                                                                        						if( *(_t242 + 0xc) != 0) {
                                                                                                                                                                                                                                                        							_t137 = _t242 + 8; // -12
                                                                                                                                                                                                                                                        							RtlFreeUnicodeString(_t137);
                                                                                                                                                                                                                                                        							 *(_t242 + 0xc) = 0;
                                                                                                                                                                                                                                                        							 *(_t242 + 8) = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags =  *(_t242 + 4);
                                                                                                                                                                                                                                                        						if( *(_t242 + 4) != 0) {
                                                                                                                                                                                                                                                        							RtlFreeUnicodeString(_t242);
                                                                                                                                                                                                                                                        							 *(_t242 + 4) = 0;
                                                                                                                                                                                                                                                        							 *_t242 = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t132 = _t242 + 0x38; // 0x5c
                                                                                                                                                                                                                                                        						__eflags = _t242 + 0x24 - _t258;
                                                                                                                                                                                                                                                        						_t242 = _t132;
                                                                                                                                                                                                                                                        					} while (__eflags < 0);
                                                                                                                                                                                                                                                        					goto L60;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t161 = __ecx[1];
                                                                                                                                                                                                                                                        				if(_t161 == 0) {
                                                                                                                                                                                                                                                        					_t267 = 1;
                                                                                                                                                                                                                                                        					L24:
                                                                                                                                                                                                                                                        					_t163 = RtlAllocateHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t267 * 0x38);
                                                                                                                                                                                                                                                        					__eflags = _t163;
                                                                                                                                                                                                                                                        					if(_t163 == 0) {
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t247 = _t163;
                                                                                                                                                                                                                                                        					_t164 =  *_t170;
                                                                                                                                                                                                                                                        					__eflags = _t170[1];
                                                                                                                                                                                                                                                        					if(_t170[1] <= 0) {
                                                                                                                                                                                                                                                        						L64:
                                                                                                                                                                                                                                                        						RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t164);
                                                                                                                                                                                                                                                        						 *_t170 = _t247;
                                                                                                                                                                                                                                                        						_t170[2] = _t267;
                                                                                                                                                                                                                                                        						goto L65;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t239 = _t247;
                                                                                                                                                                                                                                                        					_v28 = _t267;
                                                                                                                                                                                                                                                        					_v32 = _t247;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t239 + 0x10)) =  *((intOrPtr*)(_t164 + 0x10));
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        						asm("movsd [edx+0x8], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [edx], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax+0x14]");
                                                                                                                                                                                                                                                        						asm("movsd [edx+0x14], xmm0");
                                                                                                                                                                                                                                                        						 *(_t164 + 0x18) = 0;
                                                                                                                                                                                                                                                        						 *(_t164 + 0x14) = 0;
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax+0x1c]");
                                                                                                                                                                                                                                                        						asm("movsd [edx+0x1c], xmm0");
                                                                                                                                                                                                                                                        						 *(_t164 + 0x20) = 0;
                                                                                                                                                                                                                                                        						 *(_t164 + 0x1c) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t239 + 0x24)) =  *((intOrPtr*)(_t164 + 0x24));
                                                                                                                                                                                                                                                        						 *(_t239 + 0x2c) =  *(_t164 + 0x2c);
                                                                                                                                                                                                                                                        						 *(_t239 + 0x30) =  *(_t164 + 0x30);
                                                                                                                                                                                                                                                        						_t204 =  *(_t164 + 0x28);
                                                                                                                                                                                                                                                        						__eflags = _t204 - 4;
                                                                                                                                                                                                                                                        						if(_t204 != 4) {
                                                                                                                                                                                                                                                        							 *(_t239 + 0x28) = _t204;
                                                                                                                                                                                                                                                        							 *(_t164 + 0x28) = 4;
                                                                                                                                                                                                                                                        							 *(_t164 + 0x30) = 0;
                                                                                                                                                                                                                                                        							 *(_t164 + 0x2c) = 0;
                                                                                                                                                                                                                                                        							goto L28;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *(_t239 + 0x28) = 4;
                                                                                                                                                                                                                                                        						_t208 =  *(_t164 + 0x2c);
                                                                                                                                                                                                                                                        						__eflags = _t208;
                                                                                                                                                                                                                                                        						if(_t208 <= 0) {
                                                                                                                                                                                                                                                        							goto L28;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t172 =  *(_t164 + 0x28);
                                                                                                                                                                                                                                                        						_t271 = 4;
                                                                                                                                                                                                                                                        						_t250 = _t172 + _t208 * 4;
                                                                                                                                                                                                                                                        						_t209 = _t172 + 4;
                                                                                                                                                                                                                                                        						_v20 = _t172;
                                                                                                                                                                                                                                                        						_t173 =  !_t172;
                                                                                                                                                                                                                                                        						__eflags = _t250 - _t209;
                                                                                                                                                                                                                                                        						_v24 = _t209;
                                                                                                                                                                                                                                                        						_t210 =  >  ? _t250 : _t209;
                                                                                                                                                                                                                                                        						_t211 = ( >  ? _t250 : _t209) + _t173;
                                                                                                                                                                                                                                                        						_t212 = ( >  ? _t250 : _t209) + _t173 >> 2;
                                                                                                                                                                                                                                                        						_t213 = (( >  ? _t250 : _t209) + _t173 >> 2) + 1;
                                                                                                                                                                                                                                                        						__eflags = _t213 - 8;
                                                                                                                                                                                                                                                        						if(_t213 >= 8) {
                                                                                                                                                                                                                                                        							_v40 = _t213;
                                                                                                                                                                                                                                                        							_t214 = _v24;
                                                                                                                                                                                                                                                        							__eflags = _t250 - _t214;
                                                                                                                                                                                                                                                        							_t215 =  >  ? _t250 : _t214;
                                                                                                                                                                                                                                                        							_t174 = _t173 + ( >  ? _t250 : _t214);
                                                                                                                                                                                                                                                        							_t216 = _v20;
                                                                                                                                                                                                                                                        							_t175 = _t173 + ( >  ? _t250 : _t214) & 0xfffffffc;
                                                                                                                                                                                                                                                        							__eflags = _t216 + _t175 + 4 - 5;
                                                                                                                                                                                                                                                        							if(_t216 + _t175 + 4 < 5) {
                                                                                                                                                                                                                                                        								L36:
                                                                                                                                                                                                                                                        								_v36 = _t250;
                                                                                                                                                                                                                                                        								_t273 = _v40 & 0xfffffff8;
                                                                                                                                                                                                                                                        								_t176 = _v20 + _t273 * 4;
                                                                                                                                                                                                                                                        								_v24 = _t273;
                                                                                                                                                                                                                                                        								_t113 = _t273 * 4; // 0x4
                                                                                                                                                                                                                                                        								_t271 = 0x14 + _t113 - 0x10;
                                                                                                                                                                                                                                                        								_t220 = 0;
                                                                                                                                                                                                                                                        								__eflags = 0;
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									asm("movups xmm0, [edi+ecx*4]");
                                                                                                                                                                                                                                                        									asm("movups xmm1, [edi+ecx*4+0x10]");
                                                                                                                                                                                                                                                        									asm("movups [edi+ecx*4-0x10], xmm0");
                                                                                                                                                                                                                                                        									asm("movups [edi+ecx*4], xmm1");
                                                                                                                                                                                                                                                        									_t220 = _t220 + 8;
                                                                                                                                                                                                                                                        									__eflags = _v24 - _t220;
                                                                                                                                                                                                                                                        								} while (_v24 != _t220);
                                                                                                                                                                                                                                                        								_t250 = _v36;
                                                                                                                                                                                                                                                        								__eflags = _v40 - _v24;
                                                                                                                                                                                                                                                        								if(_v40 == _v24) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									L40:
                                                                                                                                                                                                                                                        									_t222 =  *_t176;
                                                                                                                                                                                                                                                        									_t176 = _t176 + 4;
                                                                                                                                                                                                                                                        									 *_t271 = _t222;
                                                                                                                                                                                                                                                        									_t271 = _t271 + 4;
                                                                                                                                                                                                                                                        									__eflags = _t176 - _t250;
                                                                                                                                                                                                                                                        								} while (_t176 < _t250);
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _v20 - 0x14 + _t175 - 0xc;
                                                                                                                                                                                                                                                        							if(_v20 >= 0x14 + _t175 - 0xc) {
                                                                                                                                                                                                                                                        								goto L36;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t176 = _v20;
                                                                                                                                                                                                                                                        							goto L40;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t176 = _v20;
                                                                                                                                                                                                                                                        						goto L40;
                                                                                                                                                                                                                                                        						L28:
                                                                                                                                                                                                                                                        						_t170 = _v44;
                                                                                                                                                                                                                                                        						_t164 = _t164 + 0x38;
                                                                                                                                                                                                                                                        						_t239 = _t239 + 0x38;
                                                                                                                                                                                                                                                        						_t205 = _t170[1];
                                                                                                                                                                                                                                                        						_t268 =  *_t170;
                                                                                                                                                                                                                                                        						_t249 = _t268 + _t205 * 0x38;
                                                                                                                                                                                                                                                        						__eflags = _t164 - _t249;
                                                                                                                                                                                                                                                        					} while (_t164 < _t249);
                                                                                                                                                                                                                                                        					__eflags = _t205;
                                                                                                                                                                                                                                                        					if(_t205 <= 0) {
                                                                                                                                                                                                                                                        						_t164 = _t268;
                                                                                                                                                                                                                                                        						L63:
                                                                                                                                                                                                                                                        						_t267 = _v28;
                                                                                                                                                                                                                                                        						_t247 = _v32;
                                                                                                                                                                                                                                                        						goto L64;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t269 = _t268 + 0x14;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t166 =  *(_t269 + 0x14);
                                                                                                                                                                                                                                                        						__eflags = _t166 - 4;
                                                                                                                                                                                                                                                        						if(_t166 != 4) {
                                                                                                                                                                                                                                                        							RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t166);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags =  *(_t269 + 0xc);
                                                                                                                                                                                                                                                        						if( *(_t269 + 0xc) != 0) {
                                                                                                                                                                                                                                                        							_t125 = _t269 + 8; // -11
                                                                                                                                                                                                                                                        							RtlFreeUnicodeString(_t125);
                                                                                                                                                                                                                                                        							 *(_t269 + 0xc) = 0;
                                                                                                                                                                                                                                                        							 *(_t269 + 8) = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags =  *(_t269 + 4);
                                                                                                                                                                                                                                                        						if( *(_t269 + 4) != 0) {
                                                                                                                                                                                                                                                        							RtlFreeUnicodeString(_t269);
                                                                                                                                                                                                                                                        							 *(_t269 + 4) = 0;
                                                                                                                                                                                                                                                        							 *_t269 = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t120 = _t269 + 0x38; // 0x5d
                                                                                                                                                                                                                                                        						__eflags = _t269 + 0x24 - _t249;
                                                                                                                                                                                                                                                        						_t269 = _t120;
                                                                                                                                                                                                                                                        					} while (__eflags < 0);
                                                                                                                                                                                                                                                        					_t164 =  *_t170;
                                                                                                                                                                                                                                                        					goto L63;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t161 > 0xffffff) {
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t240 = _t161 * 0x70;
                                                                                                                                                                                                                                                        				asm("bsr ecx, ecx");
                                                                                                                                                                                                                                                        				_t255 =  <  ? 1 : 1 <<  ~(_t240 - 0x00000001 ^ 0x0000001f);
                                                                                                                                                                                                                                                        				_t256 = ( <  ? 1 : 1 <<  ~(_t240 - 0x00000001 ^ 0x0000001f)) - _t240;
                                                                                                                                                                                                                                                        				_t279 = ( <  ? 1 : 1 <<  ~(_t240 - 0x00000001 ^ 0x0000001f)) - _t240 - 0x37;
                                                                                                                                                                                                                                                        				_t229 = 0 | ( <  ? 1 : 1 <<  ~(_t240 - 0x00000001 ^ 0x0000001f)) - _t240 - 0x00000037 > 0x00000000;
                                                                                                                                                                                                                                                        				_t267 = (( <  ? 1 : 1 <<  ~(_t240 - 0x00000001 ^ 0x0000001f)) - _t240 - 0x37 > 0) + _t161 * 2;
                                                                                                                                                                                                                                                        				if(_t267 <= 0x3ffffff) {
                                                                                                                                                                                                                                                        					goto L24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L4;
                                                                                                                                                                                                                                                        			}






























































                                                                                                                                                                                                                                                        0x00bc0f9c
                                                                                                                                                                                                                                                        0x00bc0f9e
                                                                                                                                                                                                                                                        0x00bc0fa1
                                                                                                                                                                                                                                                        0x00bc1005
                                                                                                                                                                                                                                                        0x00bc100a
                                                                                                                                                                                                                                                        0x00bc100c
                                                                                                                                                                                                                                                        0x00bc100f
                                                                                                                                                                                                                                                        0x00bc0fee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0fee
                                                                                                                                                                                                                                                        0x00bc1011
                                                                                                                                                                                                                                                        0x00bc1014
                                                                                                                                                                                                                                                        0x00bc1016
                                                                                                                                                                                                                                                        0x00bc1451
                                                                                                                                                                                                                                                        0x00bc1454
                                                                                                                                                                                                                                                        0x00bc1456
                                                                                                                                                                                                                                                        0x00bc1485
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1485
                                                                                                                                                                                                                                                        0x00bc101c
                                                                                                                                                                                                                                                        0x00bc101e
                                                                                                                                                                                                                                                        0x00bc1026
                                                                                                                                                                                                                                                        0x00bc1057
                                                                                                                                                                                                                                                        0x00bc105a
                                                                                                                                                                                                                                                        0x00bc105d
                                                                                                                                                                                                                                                        0x00bc1061
                                                                                                                                                                                                                                                        0x00bc1066
                                                                                                                                                                                                                                                        0x00bc106b
                                                                                                                                                                                                                                                        0x00bc106f
                                                                                                                                                                                                                                                        0x00bc1074
                                                                                                                                                                                                                                                        0x00bc1079
                                                                                                                                                                                                                                                        0x00bc1080
                                                                                                                                                                                                                                                        0x00bc1087
                                                                                                                                                                                                                                                        0x00bc108c
                                                                                                                                                                                                                                                        0x00bc1091
                                                                                                                                                                                                                                                        0x00bc1098
                                                                                                                                                                                                                                                        0x00bc10a2
                                                                                                                                                                                                                                                        0x00bc10a8
                                                                                                                                                                                                                                                        0x00bc10ae
                                                                                                                                                                                                                                                        0x00bc10b1
                                                                                                                                                                                                                                                        0x00bc10b4
                                                                                                                                                                                                                                                        0x00bc10b7
                                                                                                                                                                                                                                                        0x00bc1030
                                                                                                                                                                                                                                                        0x00bc1033
                                                                                                                                                                                                                                                        0x00bc103a
                                                                                                                                                                                                                                                        0x00bc1041
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1041
                                                                                                                                                                                                                                                        0x00bc10bd
                                                                                                                                                                                                                                                        0x00bc10c4
                                                                                                                                                                                                                                                        0x00bc10c7
                                                                                                                                                                                                                                                        0x00bc10c9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc10cf
                                                                                                                                                                                                                                                        0x00bc10d2
                                                                                                                                                                                                                                                        0x00bc10d5
                                                                                                                                                                                                                                                        0x00bc10da
                                                                                                                                                                                                                                                        0x00bc10dd
                                                                                                                                                                                                                                                        0x00bc10df
                                                                                                                                                                                                                                                        0x00bc10e2
                                                                                                                                                                                                                                                        0x00bc10e4
                                                                                                                                                                                                                                                        0x00bc10e7
                                                                                                                                                                                                                                                        0x00bc10e9
                                                                                                                                                                                                                                                        0x00bc10ec
                                                                                                                                                                                                                                                        0x00bc10ed
                                                                                                                                                                                                                                                        0x00bc10f0
                                                                                                                                                                                                                                                        0x00bc10f3
                                                                                                                                                                                                                                                        0x00bc10f8
                                                                                                                                                                                                                                                        0x00bc1102
                                                                                                                                                                                                                                                        0x00bc1105
                                                                                                                                                                                                                                                        0x00bc1107
                                                                                                                                                                                                                                                        0x00bc110a
                                                                                                                                                                                                                                                        0x00bc110c
                                                                                                                                                                                                                                                        0x00bc110f
                                                                                                                                                                                                                                                        0x00bc1116
                                                                                                                                                                                                                                                        0x00bc111e
                                                                                                                                                                                                                                                        0x00bc112e
                                                                                                                                                                                                                                                        0x00bc1134
                                                                                                                                                                                                                                                        0x00bc1137
                                                                                                                                                                                                                                                        0x00bc113a
                                                                                                                                                                                                                                                        0x00bc113d
                                                                                                                                                                                                                                                        0x00bc1140
                                                                                                                                                                                                                                                        0x00bc1140
                                                                                                                                                                                                                                                        0x00bc1144
                                                                                                                                                                                                                                                        0x00bc1146
                                                                                                                                                                                                                                                        0x00bc1150
                                                                                                                                                                                                                                                        0x00bc1153
                                                                                                                                                                                                                                                        0x00bc1157
                                                                                                                                                                                                                                                        0x00bc1161
                                                                                                                                                                                                                                                        0x00bc1166
                                                                                                                                                                                                                                                        0x00bc116a
                                                                                                                                                                                                                                                        0x00bc116d
                                                                                                                                                                                                                                                        0x00bc116d
                                                                                                                                                                                                                                                        0x00bc1175
                                                                                                                                                                                                                                                        0x00bc1178
                                                                                                                                                                                                                                                        0x00bc117b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1181
                                                                                                                                                                                                                                                        0x00bc1190
                                                                                                                                                                                                                                                        0x00bc1190
                                                                                                                                                                                                                                                        0x00bc1190
                                                                                                                                                                                                                                                        0x00bc1192
                                                                                                                                                                                                                                                        0x00bc1195
                                                                                                                                                                                                                                                        0x00bc1197
                                                                                                                                                                                                                                                        0x00bc119a
                                                                                                                                                                                                                                                        0x00bc119a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc119e
                                                                                                                                                                                                                                                        0x00bc1120
                                                                                                                                                                                                                                                        0x00bc1124
                                                                                                                                                                                                                                                        0x00bc1127
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1129
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1129
                                                                                                                                                                                                                                                        0x00bc10fa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1048
                                                                                                                                                                                                                                                        0x00bc1048
                                                                                                                                                                                                                                                        0x00bc104b
                                                                                                                                                                                                                                                        0x00bc104e
                                                                                                                                                                                                                                                        0x00bc104e
                                                                                                                                                                                                                                                        0x00bc13d5
                                                                                                                                                                                                                                                        0x00bc13d8
                                                                                                                                                                                                                                                        0x00bc13db
                                                                                                                                                                                                                                                        0x00bc13dd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc13df
                                                                                                                                                                                                                                                        0x00bc13e4
                                                                                                                                                                                                                                                        0x00bc13e6
                                                                                                                                                                                                                                                        0x00bc13fc
                                                                                                                                                                                                                                                        0x00bc13fc
                                                                                                                                                                                                                                                        0x00bc13ff
                                                                                                                                                                                                                                                        0x00bc1402
                                                                                                                                                                                                                                                        0x00bc1414
                                                                                                                                                                                                                                                        0x00bc1414
                                                                                                                                                                                                                                                        0x00bc1419
                                                                                                                                                                                                                                                        0x00bc141d
                                                                                                                                                                                                                                                        0x00bc141f
                                                                                                                                                                                                                                                        0x00bc1423
                                                                                                                                                                                                                                                        0x00bc1428
                                                                                                                                                                                                                                                        0x00bc142f
                                                                                                                                                                                                                                                        0x00bc142f
                                                                                                                                                                                                                                                        0x00bc1436
                                                                                                                                                                                                                                                        0x00bc143a
                                                                                                                                                                                                                                                        0x00bc143d
                                                                                                                                                                                                                                                        0x00bc1442
                                                                                                                                                                                                                                                        0x00bc1449
                                                                                                                                                                                                                                                        0x00bc1449
                                                                                                                                                                                                                                                        0x00bc13f0
                                                                                                                                                                                                                                                        0x00bc13f6
                                                                                                                                                                                                                                                        0x00bc13f8
                                                                                                                                                                                                                                                        0x00bc13f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc13fc
                                                                                                                                                                                                                                                        0x00bc0fa3
                                                                                                                                                                                                                                                        0x00bc0fa8
                                                                                                                                                                                                                                                        0x00bc11a3
                                                                                                                                                                                                                                                        0x00bc11a8
                                                                                                                                                                                                                                                        0x00bc11bb
                                                                                                                                                                                                                                                        0x00bc11c0
                                                                                                                                                                                                                                                        0x00bc11c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc11c8
                                                                                                                                                                                                                                                        0x00bc11ca
                                                                                                                                                                                                                                                        0x00bc11cc
                                                                                                                                                                                                                                                        0x00bc11d0
                                                                                                                                                                                                                                                        0x00bc146b
                                                                                                                                                                                                                                                        0x00bc147b
                                                                                                                                                                                                                                                        0x00bc1480
                                                                                                                                                                                                                                                        0x00bc1482
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1482
                                                                                                                                                                                                                                                        0x00bc11d6
                                                                                                                                                                                                                                                        0x00bc11d8
                                                                                                                                                                                                                                                        0x00bc11db
                                                                                                                                                                                                                                                        0x00bc1213
                                                                                                                                                                                                                                                        0x00bc1216
                                                                                                                                                                                                                                                        0x00bc1219
                                                                                                                                                                                                                                                        0x00bc121d
                                                                                                                                                                                                                                                        0x00bc1222
                                                                                                                                                                                                                                                        0x00bc1227
                                                                                                                                                                                                                                                        0x00bc122b
                                                                                                                                                                                                                                                        0x00bc1230
                                                                                                                                                                                                                                                        0x00bc1235
                                                                                                                                                                                                                                                        0x00bc123c
                                                                                                                                                                                                                                                        0x00bc1243
                                                                                                                                                                                                                                                        0x00bc1248
                                                                                                                                                                                                                                                        0x00bc124d
                                                                                                                                                                                                                                                        0x00bc1254
                                                                                                                                                                                                                                                        0x00bc125e
                                                                                                                                                                                                                                                        0x00bc1264
                                                                                                                                                                                                                                                        0x00bc126a
                                                                                                                                                                                                                                                        0x00bc126d
                                                                                                                                                                                                                                                        0x00bc1270
                                                                                                                                                                                                                                                        0x00bc1273
                                                                                                                                                                                                                                                        0x00bc11e0
                                                                                                                                                                                                                                                        0x00bc11e3
                                                                                                                                                                                                                                                        0x00bc11ea
                                                                                                                                                                                                                                                        0x00bc11f1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc11f1
                                                                                                                                                                                                                                                        0x00bc1279
                                                                                                                                                                                                                                                        0x00bc1280
                                                                                                                                                                                                                                                        0x00bc1283
                                                                                                                                                                                                                                                        0x00bc1285
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc128b
                                                                                                                                                                                                                                                        0x00bc128e
                                                                                                                                                                                                                                                        0x00bc1293
                                                                                                                                                                                                                                                        0x00bc1296
                                                                                                                                                                                                                                                        0x00bc1299
                                                                                                                                                                                                                                                        0x00bc129c
                                                                                                                                                                                                                                                        0x00bc129e
                                                                                                                                                                                                                                                        0x00bc12a0
                                                                                                                                                                                                                                                        0x00bc12a3
                                                                                                                                                                                                                                                        0x00bc12a6
                                                                                                                                                                                                                                                        0x00bc12a8
                                                                                                                                                                                                                                                        0x00bc12ab
                                                                                                                                                                                                                                                        0x00bc12ac
                                                                                                                                                                                                                                                        0x00bc12af
                                                                                                                                                                                                                                                        0x00bc12b9
                                                                                                                                                                                                                                                        0x00bc12bc
                                                                                                                                                                                                                                                        0x00bc12bf
                                                                                                                                                                                                                                                        0x00bc12c1
                                                                                                                                                                                                                                                        0x00bc12c4
                                                                                                                                                                                                                                                        0x00bc12c6
                                                                                                                                                                                                                                                        0x00bc12c9
                                                                                                                                                                                                                                                        0x00bc12d0
                                                                                                                                                                                                                                                        0x00bc12d3
                                                                                                                                                                                                                                                        0x00bc12e8
                                                                                                                                                                                                                                                        0x00bc12ee
                                                                                                                                                                                                                                                        0x00bc12f1
                                                                                                                                                                                                                                                        0x00bc12f4
                                                                                                                                                                                                                                                        0x00bc12fc
                                                                                                                                                                                                                                                        0x00bc12ff
                                                                                                                                                                                                                                                        0x00bc12ff
                                                                                                                                                                                                                                                        0x00bc1303
                                                                                                                                                                                                                                                        0x00bc1303
                                                                                                                                                                                                                                                        0x00bc1305
                                                                                                                                                                                                                                                        0x00bc1310
                                                                                                                                                                                                                                                        0x00bc1313
                                                                                                                                                                                                                                                        0x00bc1317
                                                                                                                                                                                                                                                        0x00bc1321
                                                                                                                                                                                                                                                        0x00bc1326
                                                                                                                                                                                                                                                        0x00bc132a
                                                                                                                                                                                                                                                        0x00bc132d
                                                                                                                                                                                                                                                        0x00bc132d
                                                                                                                                                                                                                                                        0x00bc1335
                                                                                                                                                                                                                                                        0x00bc1338
                                                                                                                                                                                                                                                        0x00bc133b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1341
                                                                                                                                                                                                                                                        0x00bc1350
                                                                                                                                                                                                                                                        0x00bc1350
                                                                                                                                                                                                                                                        0x00bc1350
                                                                                                                                                                                                                                                        0x00bc1352
                                                                                                                                                                                                                                                        0x00bc1355
                                                                                                                                                                                                                                                        0x00bc1357
                                                                                                                                                                                                                                                        0x00bc135a
                                                                                                                                                                                                                                                        0x00bc135a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc135e
                                                                                                                                                                                                                                                        0x00bc12de
                                                                                                                                                                                                                                                        0x00bc12e1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc12e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc12e3
                                                                                                                                                                                                                                                        0x00bc12b1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc11f8
                                                                                                                                                                                                                                                        0x00bc11f8
                                                                                                                                                                                                                                                        0x00bc11fb
                                                                                                                                                                                                                                                        0x00bc11fe
                                                                                                                                                                                                                                                        0x00bc1201
                                                                                                                                                                                                                                                        0x00bc1204
                                                                                                                                                                                                                                                        0x00bc1209
                                                                                                                                                                                                                                                        0x00bc120b
                                                                                                                                                                                                                                                        0x00bc120b
                                                                                                                                                                                                                                                        0x00bc1363
                                                                                                                                                                                                                                                        0x00bc1365
                                                                                                                                                                                                                                                        0x00bc1463
                                                                                                                                                                                                                                                        0x00bc1465
                                                                                                                                                                                                                                                        0x00bc1465
                                                                                                                                                                                                                                                        0x00bc1468
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1468
                                                                                                                                                                                                                                                        0x00bc136b
                                                                                                                                                                                                                                                        0x00bc1380
                                                                                                                                                                                                                                                        0x00bc1380
                                                                                                                                                                                                                                                        0x00bc1383
                                                                                                                                                                                                                                                        0x00bc1386
                                                                                                                                                                                                                                                        0x00bc1398
                                                                                                                                                                                                                                                        0x00bc1398
                                                                                                                                                                                                                                                        0x00bc139d
                                                                                                                                                                                                                                                        0x00bc13a1
                                                                                                                                                                                                                                                        0x00bc13a3
                                                                                                                                                                                                                                                        0x00bc13a7
                                                                                                                                                                                                                                                        0x00bc13ac
                                                                                                                                                                                                                                                        0x00bc13b3
                                                                                                                                                                                                                                                        0x00bc13b3
                                                                                                                                                                                                                                                        0x00bc13ba
                                                                                                                                                                                                                                                        0x00bc13be
                                                                                                                                                                                                                                                        0x00bc13c1
                                                                                                                                                                                                                                                        0x00bc13c6
                                                                                                                                                                                                                                                        0x00bc13cd
                                                                                                                                                                                                                                                        0x00bc13cd
                                                                                                                                                                                                                                                        0x00bc1370
                                                                                                                                                                                                                                                        0x00bc1376
                                                                                                                                                                                                                                                        0x00bc1378
                                                                                                                                                                                                                                                        0x00bc1378
                                                                                                                                                                                                                                                        0x00bc145f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc145f
                                                                                                                                                                                                                                                        0x00bc0fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0fb5
                                                                                                                                                                                                                                                        0x00bc0fc5
                                                                                                                                                                                                                                                        0x00bc0fd2
                                                                                                                                                                                                                                                        0x00bc0fd7
                                                                                                                                                                                                                                                        0x00bc0fd9
                                                                                                                                                                                                                                                        0x00bc0fdc
                                                                                                                                                                                                                                                        0x00bc0fdf
                                                                                                                                                                                                                                                        0x00bc0fe8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL ref: 00BC1005
                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL ref: 00BC11BB
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(00000000,00000000,?), ref: 00BC1398
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(0000002D,?,?,?,?,?,?,?,?,?), ref: 00BC13A7
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(00000025,0000002D,?,?,?,?,?,?,?,?,?), ref: 00BC13C1
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(00000000,00000000,?), ref: 00BC1414
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(0000002C,?,?,?,?,?,?,?,?,?), ref: 00BC1423
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(00000024,0000002C,?,?,?,?,?,?,?,?,?), ref: 00BC143D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Free$HeapStringUnicode$Allocate
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1204523571-0
                                                                                                                                                                                                                                                        • Opcode ID: 67d2669a814a0beb45ccb5eec7b6a738fd98f4a220eae4fe80573e233c3104a0
                                                                                                                                                                                                                                                        • Instruction ID: c3263c3efdfd259e375aec21f7c44aae65c05effcf0d0660b5ea2eb8c0f9ef9e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 67d2669a814a0beb45ccb5eec7b6a738fd98f4a220eae4fe80573e233c3104a0
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 73F19CB1A00615CFDB18CF18C490B69B7B1FF8A314F5586ADC91A6F392C735E981CB94
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 81%
                                                                                                                                                                                                                                                        			E00BB3190(void** __ecx, intOrPtr __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				int _v20;
                                                                                                                                                                                                                                                        				wchar_t* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				void** _v32;
                                                                                                                                                                                                                                                        				signed short* _v36;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				wchar_t* _t54;
                                                                                                                                                                                                                                                        				short* _t55;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				wchar_t* _t64;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				wchar_t* _t66;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				short* _t70;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				signed int* _t77;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				wchar_t* _t80;
                                                                                                                                                                                                                                                        				wchar_t* _t81;
                                                                                                                                                                                                                                                        				wchar_t* _t83;
                                                                                                                                                                                                                                                        				int _t85;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v32 = __ecx;
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				if(__edx > 0) {
                                                                                                                                                                                                                                                        					_t67 = 0;
                                                                                                                                                                                                                                                        					_t87 = 0;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t83 =  *(_a4 + _t67 * 4);
                                                                                                                                                                                                                                                        						_v20 = wcslen(_t83);
                                                                                                                                                                                                                                                        						_v24 = wcschr(_t83, 0x22);
                                                                                                                                                                                                                                                        						_v36 = _t83;
                                                                                                                                                                                                                                                        						_t64 = wcspbrk(_t83, 0xbf03c4);
                                                                                                                                                                                                                                                        						_t88 = _t88 + 0x14;
                                                                                                                                                                                                                                                        						if(_t64 != 0) {
                                                                                                                                                                                                                                                        							_v20 =  &(_v20[0]);
                                                                                                                                                                                                                                                        							if(_v24 == 0) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L40;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(_v24 != 0) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t65 = 0;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									_t73 =  *_v36 & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t73 == 0x22) {
                                                                                                                                                                                                                                                        										goto L23;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L21:
                                                                                                                                                                                                                                                        									if(_t73 == 0x5c) {
                                                                                                                                                                                                                                                        										_v36 =  &(_v36[1]);
                                                                                                                                                                                                                                                        										_t65 = _t65 + 1;
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											_t73 =  *_v36 & 0x0000ffff;
                                                                                                                                                                                                                                                        											if(_t73 == 0x22) {
                                                                                                                                                                                                                                                        												goto L23;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L21;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L23;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									if(_t73 == 0) {
                                                                                                                                                                                                                                                        										goto L4;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L19:
                                                                                                                                                                                                                                                        										_v36 =  &(_v36[0]);
                                                                                                                                                                                                                                                        										_t65 = 0;
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L40:
                                                                                                                                                                                                                                                        									L23:
                                                                                                                                                                                                                                                        									_t38 =  &(_v20[0]); // 0x1
                                                                                                                                                                                                                                                        									_v20 = _t65 + _t38;
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t67 = _t67 + 1;
                                                                                                                                                                                                                                                        						_t48 = _v20;
                                                                                                                                                                                                                                                        						_t87 = _t87 + _t48 + 1;
                                                                                                                                                                                                                                                        					} while (_t67 != _v28);
                                                                                                                                                                                                                                                        					if(_t87 == 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t85 = 2;
                                                                                                                                                                                                                                                        				if(2 < 0) {
                                                                                                                                                                                                                                                        					_t85 = 0xffffffff;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__moz_xmalloc(_t85);
                                                                                                                                                                                                                                                        				_t79 = _t48;
                                                                                                                                                                                                                                                        				memset(_t48, 0, _t85);
                                                                                                                                                                                                                                                        				_t90 = _t88 + 0x10;
                                                                                                                                                                                                                                                        				 *_v32 = _t79;
                                                                                                                                                                                                                                                        				if(_v28 > 0) {
                                                                                                                                                                                                                                                        					_t86 = 0;
                                                                                                                                                                                                                                                        					_v20 = _t79;
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t66 =  *(_a4 + _t86 * 4);
                                                                                                                                                                                                                                                        						_t80 = wcschr(_t66, 0x22);
                                                                                                                                                                                                                                                        						_t54 = wcspbrk(_t66, 0xbf03c4);
                                                                                                                                                                                                                                                        						_t90 = _t90 + 0x10;
                                                                                                                                                                                                                                                        						_v24 = _t54;
                                                                                                                                                                                                                                                        						if(_t54 != 0) {
                                                                                                                                                                                                                                                        							goto L24;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t80 != 0) {
                                                                                                                                                                                                                                                        							L25:
                                                                                                                                                                                                                                                        							_t59 = 0;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t69 =  *_t66 & 0x0000ffff;
                                                                                                                                                                                                                                                        								if(_t69 == 0x22) {
                                                                                                                                                                                                                                                        									goto L32;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L30:
                                                                                                                                                                                                                                                        								if(_t69 != 0x5c) {
                                                                                                                                                                                                                                                        									if(_t69 != 0) {
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_t59 = 0;
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t79 = _v20;
                                                                                                                                                                                                                                                        									if(_v24 == 0) {
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t59 = _t59 + 1;
                                                                                                                                                                                                                                                        									_t69 = 0x5c;
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									_t77 = _v20;
                                                                                                                                                                                                                                                        									_t66 =  &(_t66[0]);
                                                                                                                                                                                                                                                        									 *_t77 = _t69;
                                                                                                                                                                                                                                                        									_v20 =  &(_t77[0]);
                                                                                                                                                                                                                                                        									_t69 =  *_t66 & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t69 == 0x22) {
                                                                                                                                                                                                                                                        										goto L32;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L30;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L40;
                                                                                                                                                                                                                                                        								L32:
                                                                                                                                                                                                                                                        								if(_t59 < 0) {
                                                                                                                                                                                                                                                        									_t69 = 0x22;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t60 = _t59 + 1;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t70 = _v20;
                                                                                                                                                                                                                                                        										 *_t70 = 0x5c;
                                                                                                                                                                                                                                                        										_t60 = _t60 - 1;
                                                                                                                                                                                                                                                        										_v20 = _t70 + 2;
                                                                                                                                                                                                                                                        									} while (_t60 != 0);
                                                                                                                                                                                                                                                        									_t69 =  *_t66 & 0x0000ffff;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L27;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_t81 = _v20;
                                                                                                                                                                                                                                                        							wcscpy(_t81, _t66);
                                                                                                                                                                                                                                                        							_t58 = wcslen(_t66);
                                                                                                                                                                                                                                                        							_t90 = _t90 + 0xc;
                                                                                                                                                                                                                                                        							_t79 = _t81 + _t58 * 2;
                                                                                                                                                                                                                                                        							if(_v24 != 0) {
                                                                                                                                                                                                                                                        								L38:
                                                                                                                                                                                                                                                        								 *_t79 = 0x22;
                                                                                                                                                                                                                                                        								_t79 = _t79 + 2;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_t86 = _t86 + 1;
                                                                                                                                                                                                                                                        						if(_t86 != _v28) {
                                                                                                                                                                                                                                                        							 *_t79 = 0x20;
                                                                                                                                                                                                                                                        							_v20 = _t79 + 2;
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        						L24:
                                                                                                                                                                                                                                                        						_t55 = _v20;
                                                                                                                                                                                                                                                        						 *_t55 = 0x22;
                                                                                                                                                                                                                                                        						_v20 = _t55 + 2;
                                                                                                                                                                                                                                                        						if(_t80 == 0) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L25;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L40;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L15:
                                                                                                                                                                                                                                                        				 *_t79 = 0;
                                                                                                                                                                                                                                                        				return _v32;
                                                                                                                                                                                                                                                        				goto L40;
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bb319b
                                                                                                                                                                                                                                                        0x00bb319e
                                                                                                                                                                                                                                                        0x00bb31a1
                                                                                                                                                                                                                                                        0x00bb31a3
                                                                                                                                                                                                                                                        0x00bb31a5
                                                                                                                                                                                                                                                        0x00bb31a7
                                                                                                                                                                                                                                                        0x00bb31aa
                                                                                                                                                                                                                                                        0x00bb31b6
                                                                                                                                                                                                                                                        0x00bb31c4
                                                                                                                                                                                                                                                        0x00bb31cc
                                                                                                                                                                                                                                                        0x00bb31d0
                                                                                                                                                                                                                                                        0x00bb31d6
                                                                                                                                                                                                                                                        0x00bb31db
                                                                                                                                                                                                                                                        0x00bb32ad
                                                                                                                                                                                                                                                        0x00bb32b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb31e1
                                                                                                                                                                                                                                                        0x00bb31e5
                                                                                                                                                                                                                                                        0x00bb32bb
                                                                                                                                                                                                                                                        0x00bb32bb
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32d1
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32da
                                                                                                                                                                                                                                                        0x00bb32de
                                                                                                                                                                                                                                                        0x00bb32e0
                                                                                                                                                                                                                                                        0x00bb32e4
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32d1
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32e7
                                                                                                                                                                                                                                                        0x00bb32ea
                                                                                                                                                                                                                                                        0x00bb32ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32ee
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb31e5
                                                                                                                                                                                                                                                        0x00bb31eb
                                                                                                                                                                                                                                                        0x00bb31eb
                                                                                                                                                                                                                                                        0x00bb31ec
                                                                                                                                                                                                                                                        0x00bb31f2
                                                                                                                                                                                                                                                        0x00bb31f2
                                                                                                                                                                                                                                                        0x00bb31fa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb31fa
                                                                                                                                                                                                                                                        0x00bb3201
                                                                                                                                                                                                                                                        0x00bb3203
                                                                                                                                                                                                                                                        0x00bb3374
                                                                                                                                                                                                                                                        0x00bb3374
                                                                                                                                                                                                                                                        0x00bb320a
                                                                                                                                                                                                                                                        0x00bb3213
                                                                                                                                                                                                                                                        0x00bb3219
                                                                                                                                                                                                                                                        0x00bb321e
                                                                                                                                                                                                                                                        0x00bb3228
                                                                                                                                                                                                                                                        0x00bb322a
                                                                                                                                                                                                                                                        0x00bb322c
                                                                                                                                                                                                                                                        0x00bb322e
                                                                                                                                                                                                                                                        0x00bb3231
                                                                                                                                                                                                                                                        0x00bb3234
                                                                                                                                                                                                                                                        0x00bb3242
                                                                                                                                                                                                                                                        0x00bb324a
                                                                                                                                                                                                                                                        0x00bb3250
                                                                                                                                                                                                                                                        0x00bb3255
                                                                                                                                                                                                                                                        0x00bb3258
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3260
                                                                                                                                                                                                                                                        0x00bb3309
                                                                                                                                                                                                                                                        0x00bb3309
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb332c
                                                                                                                                                                                                                                                        0x00bb3330
                                                                                                                                                                                                                                                        0x00bb3310
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb335a
                                                                                                                                                                                                                                                        0x00bb3361
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3332
                                                                                                                                                                                                                                                        0x00bb3332
                                                                                                                                                                                                                                                        0x00bb3333
                                                                                                                                                                                                                                                        0x00bb3314
                                                                                                                                                                                                                                                        0x00bb3314
                                                                                                                                                                                                                                                        0x00bb3317
                                                                                                                                                                                                                                                        0x00bb331a
                                                                                                                                                                                                                                                        0x00bb3320
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3339
                                                                                                                                                                                                                                                        0x00bb333b
                                                                                                                                                                                                                                                        0x00bb3354
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333e
                                                                                                                                                                                                                                                        0x00bb333e
                                                                                                                                                                                                                                                        0x00bb3341
                                                                                                                                                                                                                                                        0x00bb3349
                                                                                                                                                                                                                                                        0x00bb334a
                                                                                                                                                                                                                                                        0x00bb334a
                                                                                                                                                                                                                                                        0x00bb334f
                                                                                                                                                                                                                                                        0x00bb334f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb333b
                                                                                                                                                                                                                                                        0x00bb3266
                                                                                                                                                                                                                                                        0x00bb3266
                                                                                                                                                                                                                                                        0x00bb3267
                                                                                                                                                                                                                                                        0x00bb326b
                                                                                                                                                                                                                                                        0x00bb3275
                                                                                                                                                                                                                                                        0x00bb327a
                                                                                                                                                                                                                                                        0x00bb327d
                                                                                                                                                                                                                                                        0x00bb3284
                                                                                                                                                                                                                                                        0x00bb3367
                                                                                                                                                                                                                                                        0x00bb3367
                                                                                                                                                                                                                                                        0x00bb336c
                                                                                                                                                                                                                                                        0x00bb336c
                                                                                                                                                                                                                                                        0x00bb3284
                                                                                                                                                                                                                                                        0x00bb328a
                                                                                                                                                                                                                                                        0x00bb328a
                                                                                                                                                                                                                                                        0x00bb328e
                                                                                                                                                                                                                                                        0x00bb3290
                                                                                                                                                                                                                                                        0x00bb3298
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3298
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32f3
                                                                                                                                                                                                                                                        0x00bb32f3
                                                                                                                                                                                                                                                        0x00bb32f6
                                                                                                                                                                                                                                                        0x00bb32fe
                                                                                                                                                                                                                                                        0x00bb3303
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3303
                                                                                                                                                                                                                                                        0x00bb3231
                                                                                                                                                                                                                                                        0x00bb329d
                                                                                                                                                                                                                                                        0x00bb32a0
                                                                                                                                                                                                                                                        0x00bb32ac
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000001), ref: 00BB31AE
                                                                                                                                                                                                                                                        • wcschr.VCRUNTIME140(00000001,00000022), ref: 00BB31BC
                                                                                                                                                                                                                                                        • wcspbrk.API-MS-WIN-CRT-STRING-L1-1-0(00000001,00BF03C4), ref: 00BB31D0
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001), ref: 00BB320A
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB3219
                                                                                                                                                                                                                                                        • wcschr.VCRUNTIME140(?,00000022), ref: 00BB323A
                                                                                                                                                                                                                                                        • wcspbrk.API-MS-WIN-CRT-STRING-L1-1-0(?,00BF03C4), ref: 00BB324A
                                                                                                                                                                                                                                                        • wcscpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 00BB326B
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3275
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcschrwcslenwcspbrk$memsetmoz_xmallocwcscpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4023855588-0
                                                                                                                                                                                                                                                        • Opcode ID: add59867cda1ed89d3ecf232953cbe50a809c43dcee1804db9248dd443e6fe2d
                                                                                                                                                                                                                                                        • Instruction ID: 6424eec06c914d9d5ce1fab7d98bb96522c8293c740f45f4db2aedf08ac90806
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: add59867cda1ed89d3ecf232953cbe50a809c43dcee1804db9248dd443e6fe2d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E151DEB1D0022ADBCB209F98CC816FFB7F4FF44B04F5441A8D816A7251E7B49A05CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 70%
                                                                                                                                                                                                                                                        			E00BDF040(intOrPtr* _a4, char _a8, char _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, char _a36, intOrPtr _a40, intOrPtr _a44) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v544;
                                                                                                                                                                                                                                                        				intOrPtr _v560;
                                                                                                                                                                                                                                                        				long _v600;
                                                                                                                                                                                                                                                        				char _v608;
                                                                                                                                                                                                                                                        				char _v612;
                                                                                                                                                                                                                                                        				char _v616;
                                                                                                                                                                                                                                                        				char _v620;
                                                                                                                                                                                                                                                        				char _v624;
                                                                                                                                                                                                                                                        				intOrPtr _v628;
                                                                                                                                                                                                                                                        				char _v632;
                                                                                                                                                                                                                                                        				intOrPtr _v636;
                                                                                                                                                                                                                                                        				char _v640;
                                                                                                                                                                                                                                                        				long _v644;
                                                                                                                                                                                                                                                        				intOrPtr _v648;
                                                                                                                                                                                                                                                        				intOrPtr _v652;
                                                                                                                                                                                                                                                        				char _v656;
                                                                                                                                                                                                                                                        				char _v660;
                                                                                                                                                                                                                                                        				char _v664;
                                                                                                                                                                                                                                                        				char _v668;
                                                                                                                                                                                                                                                        				char _v672;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				intOrPtr* _t79;
                                                                                                                                                                                                                                                        				intOrPtr* _t81;
                                                                                                                                                                                                                                                        				intOrPtr* _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t83;
                                                                                                                                                                                                                                                        				char _t85;
                                                                                                                                                                                                                                                        				char _t86;
                                                                                                                                                                                                                                                        				char _t89;
                                                                                                                                                                                                                                                        				char _t90;
                                                                                                                                                                                                                                                        				char _t91;
                                                                                                                                                                                                                                                        				char _t92;
                                                                                                                                                                                                                                                        				long _t93;
                                                                                                                                                                                                                                                        				char _t95;
                                                                                                                                                                                                                                                        				char _t97;
                                                                                                                                                                                                                                                        				intOrPtr* _t102;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				char _t106;
                                                                                                                                                                                                                                                        				char _t109;
                                                                                                                                                                                                                                                        				char _t111;
                                                                                                                                                                                                                                                        				char _t114;
                                                                                                                                                                                                                                                        				char _t116;
                                                                                                                                                                                                                                                        				char _t118;
                                                                                                                                                                                                                                                        				char _t125;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				char _t129;
                                                                                                                                                                                                                                                        				char _t131;
                                                                                                                                                                                                                                                        				char _t132;
                                                                                                                                                                                                                                                        				char _t137;
                                                                                                                                                                                                                                                        				char _t138;
                                                                                                                                                                                                                                                        				char _t154;
                                                                                                                                                                                                                                                        				char _t155;
                                                                                                                                                                                                                                                        				WCHAR* _t156;
                                                                                                                                                                                                                                                        				char _t157;
                                                                                                                                                                                                                                                        				char _t160;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				signed int _t162;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				void* _t165;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t164 = (_t162 & 0xfffffff0) - 0x290;
                                                                                                                                                                                                                                                        				_t77 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t129 = _a36;
                                                                                                                                                                                                                                                        				_t154 = _a12;
                                                                                                                                                                                                                                                        				_v24 = _t77 ^ _t161;
                                                                                                                                                                                                                                                        				_t79 = E00BE9C20();
                                                                                                                                                                                                                                                        				_t153 =  *_t79;
                                                                                                                                                                                                                                                        				if( *((char*)( *((intOrPtr*)( *_t79 + 8))() + 4)) == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					_t81 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t81 != 0) {
                                                                                                                                                                                                                                                        						 *_t81("BLOCKED", "CreateProcessA", _a8, 1, 2);
                                                                                                                                                                                                                                                        						_t164 = _t164 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t82 = E00BE9C20();
                                                                                                                                                                                                                                                        					_t153 =  *_t82;
                                                                                                                                                                                                                                                        					_t83 =  *((intOrPtr*)( *_t82 + 8))();
                                                                                                                                                                                                                                                        					_t160 = 0;
                                                                                                                                                                                                                                                        					if( *_t83 > 0) {
                                                                                                                                                                                                                                                        						_v644 = GetLastError();
                                                                                                                                                                                                                                                        						_t85 = E00BE3900(_a44, 0x10, 1);
                                                                                                                                                                                                                                                        						_t165 = _t164 + 0xc;
                                                                                                                                                                                                                                                        						__eflags = _t85;
                                                                                                                                                                                                                                                        						if(_t85 != 0) {
                                                                                                                                                                                                                                                        							_t86 = E00BE3790();
                                                                                                                                                                                                                                                        							__eflags = _t86;
                                                                                                                                                                                                                                                        							if(_t86 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t89 =  *0xbfb68c;
                                                                                                                                                                                                                                                        							__eflags = _t89;
                                                                                                                                                                                                                                                        							_v672 = _t89;
                                                                                                                                                                                                                                                        							if(_t89 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _t154;
                                                                                                                                                                                                                                                        							_t90 = 0;
                                                                                                                                                                                                                                                        							if(_t154 == 0) {
                                                                                                                                                                                                                                                        								L12:
                                                                                                                                                                                                                                                        								_v668 = _t90;
                                                                                                                                                                                                                                                        								_t91 = _a8;
                                                                                                                                                                                                                                                        								_t155 = 0;
                                                                                                                                                                                                                                                        								__eflags = _t91;
                                                                                                                                                                                                                                                        								if(_t91 == 0) {
                                                                                                                                                                                                                                                        									L14:
                                                                                                                                                                                                                                                        									__eflags = _t129;
                                                                                                                                                                                                                                                        									_t92 = 0;
                                                                                                                                                                                                                                                        									_v664 = 0;
                                                                                                                                                                                                                                                        									if(_t129 == 0) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_t137 = _v668;
                                                                                                                                                                                                                                                        										__eflags = _t137;
                                                                                                                                                                                                                                                        										if(_t137 != 0) {
                                                                                                                                                                                                                                                        											_v664 =  *((intOrPtr*)(_t137 + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t138 = 0;
                                                                                                                                                                                                                                                        										__eflags = _t155;
                                                                                                                                                                                                                                                        										_t153 = 0;
                                                                                                                                                                                                                                                        										if(_t155 != 0) {
                                                                                                                                                                                                                                                        											_t153 =  *((intOrPtr*)(_t155 + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t92;
                                                                                                                                                                                                                                                        										_v656 = _t153;
                                                                                                                                                                                                                                                        										_v648 = _t155;
                                                                                                                                                                                                                                                        										if(_t92 != 0) {
                                                                                                                                                                                                                                                        											_t138 =  *((intOrPtr*)(_t92 + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t156 =  &_v544;
                                                                                                                                                                                                                                                        										_v660 = _t138;
                                                                                                                                                                                                                                                        										_v652 = _t92;
                                                                                                                                                                                                                                                        										_t93 = GetCurrentDirectoryW(0x104, _t156);
                                                                                                                                                                                                                                                        										asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        										__eflags = _t93 - 1 - 0x103;
                                                                                                                                                                                                                                                        										_t95 = _v672;
                                                                                                                                                                                                                                                        										_t131 =  <  ? _t156 : 0;
                                                                                                                                                                                                                                                        										_v640 = _t95;
                                                                                                                                                                                                                                                        										asm("movaps [esp+0x60], xmm0");
                                                                                                                                                                                                                                                        										asm("movaps [esp+0x50], xmm0");
                                                                                                                                                                                                                                                        										asm("movaps [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        										_v560 = 0;
                                                                                                                                                                                                                                                        										_v636 = _t95 +  *((intOrPtr*)(_t95 + 8));
                                                                                                                                                                                                                                                        										_t97 = E00BE6680( &_v640, _t93 - 1 - 0x103);
                                                                                                                                                                                                                                                        										__eflags = _t97;
                                                                                                                                                                                                                                                        										if(_t97 == 0) {
                                                                                                                                                                                                                                                        											_t157 = 4;
                                                                                                                                                                                                                                                        											goto L33;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											 *_t97 = 0xd;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t97 + 4)) = 0;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t97 + 0x3c)) = 5;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t97 + 0x44)) = 0x88;
                                                                                                                                                                                                                                                        											_v612 = _v656;
                                                                                                                                                                                                                                                        											_t105 = E00BD1910( &_v612);
                                                                                                                                                                                                                                                        											_v672 = _t97;
                                                                                                                                                                                                                                                        											_t106 = E00BD19D0(_t97, 0, _v612, _t105, 0, 1);
                                                                                                                                                                                                                                                        											_t157 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t106;
                                                                                                                                                                                                                                                        											if(_t106 == 0) {
                                                                                                                                                                                                                                                        												L33:
                                                                                                                                                                                                                                                        												E00BE4060(_v668, 0);
                                                                                                                                                                                                                                                        												E00BE4060(_v648, 0);
                                                                                                                                                                                                                                                        												E00BE4060(_v652, 0);
                                                                                                                                                                                                                                                        												__eflags = _t157;
                                                                                                                                                                                                                                                        												if(_t157 != 0) {
                                                                                                                                                                                                                                                        													goto L7;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												SetLastError(_v600);
                                                                                                                                                                                                                                                        												_t160 = 0;
                                                                                                                                                                                                                                                        												__eflags = _v600;
                                                                                                                                                                                                                                                        												if(_v600 == 0) {
                                                                                                                                                                                                                                                        													_t102 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        													_t160 = 1;
                                                                                                                                                                                                                                                        													__eflags = _t102;
                                                                                                                                                                                                                                                        													if(_t102 != 0) {
                                                                                                                                                                                                                                                        														 *_t102("Broker ALLOWED", "CreateProcessA", _a8, 0, 0);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L5;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v616 = _v664;
                                                                                                                                                                                                                                                        											_t109 = E00BD19D0(_v672, 1, _v616, E00BD1910( &_v616), 0, 1);
                                                                                                                                                                                                                                                        											_t157 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t109;
                                                                                                                                                                                                                                                        											if(_t109 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v620 = _t131;
                                                                                                                                                                                                                                                        											_t111 = E00BD19D0(_v672, 2, _v620, E00BD1910( &_v620), 0, 1);
                                                                                                                                                                                                                                                        											_t157 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t111;
                                                                                                                                                                                                                                                        											if(_t111 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v624 = _v660;
                                                                                                                                                                                                                                                        											_t114 = E00BD19D0(_v672, 3, _v624, E00BD1910( &_v624), 0, 1);
                                                                                                                                                                                                                                                        											_t157 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t114;
                                                                                                                                                                                                                                                        											if(_t114 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v632 = 0x10;
                                                                                                                                                                                                                                                        											_v628 = _a44;
                                                                                                                                                                                                                                                        											_t116 = E00BD19D0(_v672, 4, _a44, 0x10, 1, 6);
                                                                                                                                                                                                                                                        											_t157 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t116;
                                                                                                                                                                                                                                                        											if(_t116 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t118 = E00BE67F0( &_v640, _v672,  &_v608);
                                                                                                                                                                                                                                                        											_t132 = _t118;
                                                                                                                                                                                                                                                        											__eflags = _t118 - 0xa;
                                                                                                                                                                                                                                                        											if(_t118 == 0xa) {
                                                                                                                                                                                                                                                        												L30:
                                                                                                                                                                                                                                                        												_t157 = _t132;
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v668 = E00BD1BB0( &_v632,  *((intOrPtr*)(_v672 + 0x74)) + _v672);
                                                                                                                                                                                                                                                        											E00BE67B0( &_v644, _v672);
                                                                                                                                                                                                                                                        											__eflags = _v672;
                                                                                                                                                                                                                                                        											_t157 = 2;
                                                                                                                                                                                                                                                        											if(_v672 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L30;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t92 = E00BE3FC0(_t153, _t129);
                                                                                                                                                                                                                                                        									_t165 = _t165 + 4;
                                                                                                                                                                                                                                                        									__eflags = 0;
                                                                                                                                                                                                                                                        									if(0 == 0) {
                                                                                                                                                                                                                                                        										E00BE4060(_v668, 0);
                                                                                                                                                                                                                                                        										_push(0);
                                                                                                                                                                                                                                                        										_push(_t155);
                                                                                                                                                                                                                                                        										L38:
                                                                                                                                                                                                                                                        										E00BE4060();
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t125 = E00BE3FC0(_t153, _t91);
                                                                                                                                                                                                                                                        								_t155 = _t125;
                                                                                                                                                                                                                                                        								__eflags = _t125;
                                                                                                                                                                                                                                                        								if(_t125 == 0) {
                                                                                                                                                                                                                                                        									_push(0);
                                                                                                                                                                                                                                                        									_push(_v668);
                                                                                                                                                                                                                                                        									goto L38;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t90 = E00BE3FC0(_t153, _t154);
                                                                                                                                                                                                                                                        							_t165 = _t165 + 4;
                                                                                                                                                                                                                                                        							__eflags = 0;
                                                                                                                                                                                                                                                        							if(0 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						SetLastError(_v644);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t161, _t153);
                                                                                                                                                                                                                                                        					return _t160;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t128 =  *_a4(_a8, _t154, _a16, _a20, _a24, _a28, _a32, _t129, _a40, _a44);
                                                                                                                                                                                                                                                        				_t160 = 1;
                                                                                                                                                                                                                                                        				if(_t128 != 0) {
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}































































                                                                                                                                                                                                                                                        0x00bdf049
                                                                                                                                                                                                                                                        0x00bdf04f
                                                                                                                                                                                                                                                        0x00bdf054
                                                                                                                                                                                                                                                        0x00bdf057
                                                                                                                                                                                                                                                        0x00bdf05c
                                                                                                                                                                                                                                                        0x00bdf063
                                                                                                                                                                                                                                                        0x00bdf068
                                                                                                                                                                                                                                                        0x00bdf073
                                                                                                                                                                                                                                                        0x00bdf09d
                                                                                                                                                                                                                                                        0x00bdf09d
                                                                                                                                                                                                                                                        0x00bdf0a4
                                                                                                                                                                                                                                                        0x00bdf0b7
                                                                                                                                                                                                                                                        0x00bdf0b9
                                                                                                                                                                                                                                                        0x00bdf0b9
                                                                                                                                                                                                                                                        0x00bdf0bc
                                                                                                                                                                                                                                                        0x00bdf0c1
                                                                                                                                                                                                                                                        0x00bdf0c5
                                                                                                                                                                                                                                                        0x00bdf0c8
                                                                                                                                                                                                                                                        0x00bdf0cd
                                                                                                                                                                                                                                                        0x00bdf0ef
                                                                                                                                                                                                                                                        0x00bdf0fa
                                                                                                                                                                                                                                                        0x00bdf0ff
                                                                                                                                                                                                                                                        0x00bdf102
                                                                                                                                                                                                                                                        0x00bdf104
                                                                                                                                                                                                                                                        0x00bdf112
                                                                                                                                                                                                                                                        0x00bdf117
                                                                                                                                                                                                                                                        0x00bdf119
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf11b
                                                                                                                                                                                                                                                        0x00bdf120
                                                                                                                                                                                                                                                        0x00bdf122
                                                                                                                                                                                                                                                        0x00bdf125
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf127
                                                                                                                                                                                                                                                        0x00bdf129
                                                                                                                                                                                                                                                        0x00bdf12e
                                                                                                                                                                                                                                                        0x00bdf13d
                                                                                                                                                                                                                                                        0x00bdf13d
                                                                                                                                                                                                                                                        0x00bdf141
                                                                                                                                                                                                                                                        0x00bdf144
                                                                                                                                                                                                                                                        0x00bdf149
                                                                                                                                                                                                                                                        0x00bdf14b
                                                                                                                                                                                                                                                        0x00bdf160
                                                                                                                                                                                                                                                        0x00bdf160
                                                                                                                                                                                                                                                        0x00bdf162
                                                                                                                                                                                                                                                        0x00bdf167
                                                                                                                                                                                                                                                        0x00bdf16f
                                                                                                                                                                                                                                                        0x00bdf182
                                                                                                                                                                                                                                                        0x00bdf182
                                                                                                                                                                                                                                                        0x00bdf186
                                                                                                                                                                                                                                                        0x00bdf188
                                                                                                                                                                                                                                                        0x00bdf18d
                                                                                                                                                                                                                                                        0x00bdf18d
                                                                                                                                                                                                                                                        0x00bdf191
                                                                                                                                                                                                                                                        0x00bdf193
                                                                                                                                                                                                                                                        0x00bdf195
                                                                                                                                                                                                                                                        0x00bdf19a
                                                                                                                                                                                                                                                        0x00bdf19c
                                                                                                                                                                                                                                                        0x00bdf19c
                                                                                                                                                                                                                                                        0x00bdf19f
                                                                                                                                                                                                                                                        0x00bdf1a1
                                                                                                                                                                                                                                                        0x00bdf1a5
                                                                                                                                                                                                                                                        0x00bdf1a9
                                                                                                                                                                                                                                                        0x00bdf1ab
                                                                                                                                                                                                                                                        0x00bdf1ab
                                                                                                                                                                                                                                                        0x00bdf1ae
                                                                                                                                                                                                                                                        0x00bdf1b5
                                                                                                                                                                                                                                                        0x00bdf1b9
                                                                                                                                                                                                                                                        0x00bdf1c3
                                                                                                                                                                                                                                                        0x00bdf1d0
                                                                                                                                                                                                                                                        0x00bdf1d3
                                                                                                                                                                                                                                                        0x00bdf1d8
                                                                                                                                                                                                                                                        0x00bdf1db
                                                                                                                                                                                                                                                        0x00bdf1de
                                                                                                                                                                                                                                                        0x00bdf1e5
                                                                                                                                                                                                                                                        0x00bdf1ea
                                                                                                                                                                                                                                                        0x00bdf1ef
                                                                                                                                                                                                                                                        0x00bdf1f4
                                                                                                                                                                                                                                                        0x00bdf1fc
                                                                                                                                                                                                                                                        0x00bdf200
                                                                                                                                                                                                                                                        0x00bdf205
                                                                                                                                                                                                                                                        0x00bdf207
                                                                                                                                                                                                                                                        0x00bdf369
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf20d
                                                                                                                                                                                                                                                        0x00bdf20d
                                                                                                                                                                                                                                                        0x00bdf213
                                                                                                                                                                                                                                                        0x00bdf21a
                                                                                                                                                                                                                                                        0x00bdf223
                                                                                                                                                                                                                                                        0x00bdf232
                                                                                                                                                                                                                                                        0x00bdf236
                                                                                                                                                                                                                                                        0x00bdf23b
                                                                                                                                                                                                                                                        0x00bdf24b
                                                                                                                                                                                                                                                        0x00bdf250
                                                                                                                                                                                                                                                        0x00bdf255
                                                                                                                                                                                                                                                        0x00bdf257
                                                                                                                                                                                                                                                        0x00bdf36e
                                                                                                                                                                                                                                                        0x00bdf375
                                                                                                                                                                                                                                                        0x00bdf383
                                                                                                                                                                                                                                                        0x00bdf391
                                                                                                                                                                                                                                                        0x00bdf399
                                                                                                                                                                                                                                                        0x00bdf39b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf3a5
                                                                                                                                                                                                                                                        0x00bdf3ab
                                                                                                                                                                                                                                                        0x00bdf3ad
                                                                                                                                                                                                                                                        0x00bdf3b2
                                                                                                                                                                                                                                                        0x00bdf3b8
                                                                                                                                                                                                                                                        0x00bdf3bd
                                                                                                                                                                                                                                                        0x00bdf3c2
                                                                                                                                                                                                                                                        0x00bdf3c4
                                                                                                                                                                                                                                                        0x00bdf3db
                                                                                                                                                                                                                                                        0x00bdf3dd
                                                                                                                                                                                                                                                        0x00bdf3c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf3b2
                                                                                                                                                                                                                                                        0x00bdf265
                                                                                                                                                                                                                                                        0x00bdf27c
                                                                                                                                                                                                                                                        0x00bdf281
                                                                                                                                                                                                                                                        0x00bdf286
                                                                                                                                                                                                                                                        0x00bdf288
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf292
                                                                                                                                                                                                                                                        0x00bdf2a9
                                                                                                                                                                                                                                                        0x00bdf2ae
                                                                                                                                                                                                                                                        0x00bdf2b3
                                                                                                                                                                                                                                                        0x00bdf2b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf2c3
                                                                                                                                                                                                                                                        0x00bdf2da
                                                                                                                                                                                                                                                        0x00bdf2df
                                                                                                                                                                                                                                                        0x00bdf2e4
                                                                                                                                                                                                                                                        0x00bdf2e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf2f2
                                                                                                                                                                                                                                                        0x00bdf2fa
                                                                                                                                                                                                                                                        0x00bdf307
                                                                                                                                                                                                                                                        0x00bdf30c
                                                                                                                                                                                                                                                        0x00bdf311
                                                                                                                                                                                                                                                        0x00bdf313
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf322
                                                                                                                                                                                                                                                        0x00bdf327
                                                                                                                                                                                                                                                        0x00bdf329
                                                                                                                                                                                                                                                        0x00bdf32c
                                                                                                                                                                                                                                                        0x00bdf35a
                                                                                                                                                                                                                                                        0x00bdf35a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf35a
                                                                                                                                                                                                                                                        0x00bdf340
                                                                                                                                                                                                                                                        0x00bdf349
                                                                                                                                                                                                                                                        0x00bdf34e
                                                                                                                                                                                                                                                        0x00bdf353
                                                                                                                                                                                                                                                        0x00bdf358
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf358
                                                                                                                                                                                                                                                        0x00bdf207
                                                                                                                                                                                                                                                        0x00bdf172
                                                                                                                                                                                                                                                        0x00bdf177
                                                                                                                                                                                                                                                        0x00bdf17a
                                                                                                                                                                                                                                                        0x00bdf17c
                                                                                                                                                                                                                                                        0x00bdf3eb
                                                                                                                                                                                                                                                        0x00bdf3f3
                                                                                                                                                                                                                                                        0x00bdf3f5
                                                                                                                                                                                                                                                        0x00bdf3f6
                                                                                                                                                                                                                                                        0x00bdf3f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf3fb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf17c
                                                                                                                                                                                                                                                        0x00bdf14e
                                                                                                                                                                                                                                                        0x00bdf156
                                                                                                                                                                                                                                                        0x00bdf158
                                                                                                                                                                                                                                                        0x00bdf15a
                                                                                                                                                                                                                                                        0x00bdf35e
                                                                                                                                                                                                                                                        0x00bdf360
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf360
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf15a
                                                                                                                                                                                                                                                        0x00bdf131
                                                                                                                                                                                                                                                        0x00bdf136
                                                                                                                                                                                                                                                        0x00bdf139
                                                                                                                                                                                                                                                        0x00bdf13b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf13b
                                                                                                                                                                                                                                                        0x00bdf106
                                                                                                                                                                                                                                                        0x00bdf10a
                                                                                                                                                                                                                                                        0x00bdf10a
                                                                                                                                                                                                                                                        0x00bdf0cf
                                                                                                                                                                                                                                                        0x00bdf0d8
                                                                                                                                                                                                                                                        0x00bdf0e6
                                                                                                                                                                                                                                                        0x00bdf0e6
                                                                                                                                                                                                                                                        0x00bdf092
                                                                                                                                                                                                                                                        0x00bdf094
                                                                                                                                                                                                                                                        0x00bdf09b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDF0E9
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?), ref: 00BDF10A
                                                                                                                                                                                                                                                        • GetCurrentDirectoryW.KERNEL32(00000104,?), ref: 00BDF1C3
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?), ref: 00BDF3A5
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$CurrentDirectory
                                                                                                                                                                                                                                                        • String ID: BLOCKED$Broker ALLOWED$CreateProcessA
                                                                                                                                                                                                                                                        • API String ID: 3993060814-2756017072
                                                                                                                                                                                                                                                        • Opcode ID: 35551c91ef60e12c2d4cf22631b31929a1870fa3c8b31f2edb671be679cefafe
                                                                                                                                                                                                                                                        • Instruction ID: 0380d79d835be8309635a0aa9200c3b96868561578a4e1f491c6305aeb226e79
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 35551c91ef60e12c2d4cf22631b31929a1870fa3c8b31f2edb671be679cefafe
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E6B1E570608341AFEB109F64CC42B6AF7E1EF84754F0448ADF9859B3A2EB75D945CB42
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BEA920(signed int __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v568;
                                                                                                                                                                                                                                                        				signed int _v572;
                                                                                                                                                                                                                                                        				signed int _v588;
                                                                                                                                                                                                                                                        				intOrPtr _v592;
                                                                                                                                                                                                                                                        				signed int _v596;
                                                                                                                                                                                                                                                        				char _v612;
                                                                                                                                                                                                                                                        				intOrPtr _v616;
                                                                                                                                                                                                                                                        				signed int _v620;
                                                                                                                                                                                                                                                        				char _v636;
                                                                                                                                                                                                                                                        				signed int _v640;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				int _t101;
                                                                                                                                                                                                                                                        				signed int _t104;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				signed int _t107;
                                                                                                                                                                                                                                                        				signed int _t111;
                                                                                                                                                                                                                                                        				signed int* _t113;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				signed int _t117;
                                                                                                                                                                                                                                                        				intOrPtr _t125;
                                                                                                                                                                                                                                                        				signed int* _t130;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				void* _t137;
                                                                                                                                                                                                                                                        				signed int _t143;
                                                                                                                                                                                                                                                        				void* _t146;
                                                                                                                                                                                                                                                        				signed int _t147;
                                                                                                                                                                                                                                                        				signed int _t150;
                                                                                                                                                                                                                                                        				wchar_t* _t151;
                                                                                                                                                                                                                                                        				char* _t152;
                                                                                                                                                                                                                                                        				signed int _t153;
                                                                                                                                                                                                                                                        				signed int _t154;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t142 = __edx;
                                                                                                                                                                                                                                                        				_t86 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t144 = _a8;
                                                                                                                                                                                                                                                        				_t151 =  &_v588;
                                                                                                                                                                                                                                                        				_v20 = _t86 ^ _t154;
                                                                                                                                                                                                                                                        				_v568 = 7;
                                                                                                                                                                                                                                                        				_v572 = 0;
                                                                                                                                                                                                                                                        				_v588 = 0;
                                                                                                                                                                                                                                                        				E00BBA740(_t151, _a8);
                                                                                                                                                                                                                                                        				_t89 = E00BEA2A0(_t151);
                                                                                                                                                                                                                                                        				E00BBDF30(_t89, _t151, _t142);
                                                                                                                                                                                                                                                        				_t111 = 1;
                                                                                                                                                                                                                                                        				if(_t89 == 0) {
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_t92 = E00BEA450(_t142, __eflags, _a4,  &_v44);
                                                                                                                                                                                                                                                        					__eflags = _t92;
                                                                                                                                                                                                                                                        					if(_t92 == 0) {
                                                                                                                                                                                                                                                        						_t111 = 0;
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						E00BBDF30(_t92,  &_v44, _t142);
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v48 = 7;
                                                                                                                                                                                                                                                        					_t113 =  &_v68;
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_v68 = 0;
                                                                                                                                                                                                                                                        					E00BBA740(_t113, _t144);
                                                                                                                                                                                                                                                        					_t125 = _v48;
                                                                                                                                                                                                                                                        					_t97 = _v68;
                                                                                                                                                                                                                                                        					_t143 = _v52;
                                                                                                                                                                                                                                                        					__eflags = _t125 - 7;
                                                                                                                                                                                                                                                        					_t146 =  >  ? _t97 : _t113;
                                                                                                                                                                                                                                                        					__eflags =  *((short*)(_t146 + _t143 * 2 - 2)) - 0x5c;
                                                                                                                                                                                                                                                        					if( *((short*)(_t146 + _t143 * 2 - 2)) == 0x5c) {
                                                                                                                                                                                                                                                        						_t23 = _t143 - 1; // -1
                                                                                                                                                                                                                                                        						_v52 = _t23;
                                                                                                                                                                                                                                                        						 *((short*)(_t146 + _t143 * 2 - 2)) = 0;
                                                                                                                                                                                                                                                        						_t97 = _v68;
                                                                                                                                                                                                                                                        						_t125 = _v48;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t125 - 7;
                                                                                                                                                                                                                                                        					_t114 =  >  ? _t97 : _t113;
                                                                                                                                                                                                                                                        					__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        					_t98 =  &_v44;
                                                                                                                                                                                                                                                        					if(_v24 > 7) {
                                                                                                                                                                                                                                                        						_t98 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp___wcsicmp(_t98, _t114);
                                                                                                                                                                                                                                                        					_t111 = 1;
                                                                                                                                                                                                                                                        					__eflags = _t98;
                                                                                                                                                                                                                                                        					if(_t98 != 0) {
                                                                                                                                                                                                                                                        						_t147 =  &_v68;
                                                                                                                                                                                                                                                        						_t142 = _t147;
                                                                                                                                                                                                                                                        						E00BEA740(_t147, _t147);
                                                                                                                                                                                                                                                        						_t100 = E00BEA810(_t147);
                                                                                                                                                                                                                                                        						__eflags = _t100;
                                                                                                                                                                                                                                                        						if(_t100 != 0) {
                                                                                                                                                                                                                                                        							L21:
                                                                                                                                                                                                                                                        							__eflags = _v48 - 7;
                                                                                                                                                                                                                                                        							if(_v48 > 7) {
                                                                                                                                                                                                                                                        								_t147 = _v68;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__imp__GetVolumePathNameW(_t147, _t151, 0x104);
                                                                                                                                                                                                                                                        							__eflags = _t100;
                                                                                                                                                                                                                                                        							if(_t100 != 0) {
                                                                                                                                                                                                                                                        								_t101 = wcslen(_t151);
                                                                                                                                                                                                                                                        								_v592 = 7;
                                                                                                                                                                                                                                                        								_v616 = 7;
                                                                                                                                                                                                                                                        								_v596 = 0;
                                                                                                                                                                                                                                                        								_v620 = 0;
                                                                                                                                                                                                                                                        								_v640 = _t101;
                                                                                                                                                                                                                                                        								_v612 = 0;
                                                                                                                                                                                                                                                        								_v636 = 0;
                                                                                                                                                                                                                                                        								E00BBA740( &_v636, _t151);
                                                                                                                                                                                                                                                        								_t152 =  &_v612;
                                                                                                                                                                                                                                                        								_t116 = E00BEAC30( &_v636, _t152);
                                                                                                                                                                                                                                                        								_t104 = E00BBDF30(_t103,  &_v636, _t142);
                                                                                                                                                                                                                                                        								__eflags = _t116;
                                                                                                                                                                                                                                                        								if(_t116 == 0) {
                                                                                                                                                                                                                                                        									L36:
                                                                                                                                                                                                                                                        									_t111 = 0;
                                                                                                                                                                                                                                                        									__eflags = 0;
                                                                                                                                                                                                                                                        									L37:
                                                                                                                                                                                                                                                        									_t130 =  &_v612;
                                                                                                                                                                                                                                                        									L38:
                                                                                                                                                                                                                                                        									_t100 = E00BBDF30(_t104, _t130, _t142);
                                                                                                                                                                                                                                                        									goto L8;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t104 = _v596;
                                                                                                                                                                                                                                                        								_t150 = _v640;
                                                                                                                                                                                                                                                        								__eflags = _t104 - _t150 + _v52 - _v28;
                                                                                                                                                                                                                                                        								if(_t104 - _t150 + _v52 != _v28) {
                                                                                                                                                                                                                                                        									goto L36;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v592 - 7;
                                                                                                                                                                                                                                                        								if(_v592 > 7) {
                                                                                                                                                                                                                                                        									_t152 = _v612;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        								if(_v24 <= 7) {
                                                                                                                                                                                                                                                        									_t135 =  &_v44;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t135 = _v44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__imp___wcsnicmp(_t135, _t152, _t104);
                                                                                                                                                                                                                                                        								__eflags = _t104;
                                                                                                                                                                                                                                                        								if(_t104 != 0) {
                                                                                                                                                                                                                                                        									goto L36;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t105 = _v596;
                                                                                                                                                                                                                                                        									__eflags = _v48 - 7;
                                                                                                                                                                                                                                                        									if(_v48 <= 7) {
                                                                                                                                                                                                                                                        										_t136 =  &_v68;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t136 = _v68;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        									_t137 = _t136 + _t150 * 2;
                                                                                                                                                                                                                                                        									if(_v24 <= 7) {
                                                                                                                                                                                                                                                        										_t142 =  &_v44;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t142 = _v44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t104 = _t142 + _t105 * 2;
                                                                                                                                                                                                                                                        									__imp___wcsicmp(_t104, _t137);
                                                                                                                                                                                                                                                        									__eflags = _t104;
                                                                                                                                                                                                                                                        									_t111 = _t116 & 0xffffff00 | _t104 == 0x00000000;
                                                                                                                                                                                                                                                        									goto L37;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t111 = 0;
                                                                                                                                                                                                                                                        								goto L8;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = 1;
                                                                                                                                                                                                                                                        						if(1 == 0) {
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t117 =  &_v68;
                                                                                                                                                                                                                                                        						_v572 = 0;
                                                                                                                                                                                                                                                        						_t142 = _t117;
                                                                                                                                                                                                                                                        						_v568 = 7;
                                                                                                                                                                                                                                                        						_v588 = 0;
                                                                                                                                                                                                                                                        						_t107 = E00BEA850(_t117, _t117);
                                                                                                                                                                                                                                                        						__eflags = _t107;
                                                                                                                                                                                                                                                        						if(_t107 == 0) {
                                                                                                                                                                                                                                                        							_push(4);
                                                                                                                                                                                                                                                        							_t100 = E00BBDF30(E00BD26E0(_t117,  &_v68, _t147, 0, L"\\\\.\\"),  &_v588, _t142);
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t153 =  &_v588;
                                                                                                                                                                                                                                                        						_t142 = _t153;
                                                                                                                                                                                                                                                        						_t104 = E00BEA850( &_v44, _t153);
                                                                                                                                                                                                                                                        						__eflags = _t104;
                                                                                                                                                                                                                                                        						if(_t104 == 0) {
                                                                                                                                                                                                                                                        							_t111 = 0;
                                                                                                                                                                                                                                                        							_t130 =  &_v588;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__eflags = _v48 - 7;
                                                                                                                                                                                                                                                        							if(_v48 > 7) {
                                                                                                                                                                                                                                                        								_t117 = _v68;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        							if(_v568 > 7) {
                                                                                                                                                                                                                                                        								_t153 = _v588;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__imp___wcsicmp(_t153, _t117);
                                                                                                                                                                                                                                                        							__eflags = _t104;
                                                                                                                                                                                                                                                        							_t130 =  &_v588;
                                                                                                                                                                                                                                                        							_t111 = _t117 & 0xffffff00 | _t104 == 0x00000000;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L38;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t92 = E00BBDF30(_t100,  &_v68, _t142);
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t154, _t142);
                                                                                                                                                                                                                                                        				return _t111;
                                                                                                                                                                                                                                                        			}


















































                                                                                                                                                                                                                                                        0x00bea920
                                                                                                                                                                                                                                                        0x00bea92c
                                                                                                                                                                                                                                                        0x00bea931
                                                                                                                                                                                                                                                        0x00bea934
                                                                                                                                                                                                                                                        0x00bea93e
                                                                                                                                                                                                                                                        0x00bea941
                                                                                                                                                                                                                                                        0x00bea94b
                                                                                                                                                                                                                                                        0x00bea955
                                                                                                                                                                                                                                                        0x00bea95f
                                                                                                                                                                                                                                                        0x00bea965
                                                                                                                                                                                                                                                        0x00bea971
                                                                                                                                                                                                                                                        0x00bea978
                                                                                                                                                                                                                                                        0x00bea97a
                                                                                                                                                                                                                                                        0x00bea99e
                                                                                                                                                                                                                                                        0x00bea9a5
                                                                                                                                                                                                                                                        0x00bea9a8
                                                                                                                                                                                                                                                        0x00bea9b0
                                                                                                                                                                                                                                                        0x00bea9b8
                                                                                                                                                                                                                                                        0x00bea9ba
                                                                                                                                                                                                                                                        0x00beaa30
                                                                                                                                                                                                                                                        0x00beaa30
                                                                                                                                                                                                                                                        0x00beaa32
                                                                                                                                                                                                                                                        0x00beaa35
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa35
                                                                                                                                                                                                                                                        0x00bea9bc
                                                                                                                                                                                                                                                        0x00bea9bf
                                                                                                                                                                                                                                                        0x00bea9c2
                                                                                                                                                                                                                                                        0x00bea9c9
                                                                                                                                                                                                                                                        0x00bea9d2
                                                                                                                                                                                                                                                        0x00bea9d7
                                                                                                                                                                                                                                                        0x00bea9da
                                                                                                                                                                                                                                                        0x00bea9dd
                                                                                                                                                                                                                                                        0x00bea9e2
                                                                                                                                                                                                                                                        0x00bea9e5
                                                                                                                                                                                                                                                        0x00bea9e8
                                                                                                                                                                                                                                                        0x00bea9ee
                                                                                                                                                                                                                                                        0x00bea9f0
                                                                                                                                                                                                                                                        0x00bea9f3
                                                                                                                                                                                                                                                        0x00bea9f6
                                                                                                                                                                                                                                                        0x00bea9fd
                                                                                                                                                                                                                                                        0x00beaa00
                                                                                                                                                                                                                                                        0x00beaa00
                                                                                                                                                                                                                                                        0x00beaa03
                                                                                                                                                                                                                                                        0x00beaa06
                                                                                                                                                                                                                                                        0x00beaa09
                                                                                                                                                                                                                                                        0x00beaa0d
                                                                                                                                                                                                                                                        0x00beaa10
                                                                                                                                                                                                                                                        0x00beaa12
                                                                                                                                                                                                                                                        0x00beaa12
                                                                                                                                                                                                                                                        0x00beaa17
                                                                                                                                                                                                                                                        0x00beaa20
                                                                                                                                                                                                                                                        0x00beaa22
                                                                                                                                                                                                                                                        0x00beaa24
                                                                                                                                                                                                                                                        0x00beaa3f
                                                                                                                                                                                                                                                        0x00beaa44
                                                                                                                                                                                                                                                        0x00beaa46
                                                                                                                                                                                                                                                        0x00beaa4f
                                                                                                                                                                                                                                                        0x00beaa54
                                                                                                                                                                                                                                                        0x00beaa56
                                                                                                                                                                                                                                                        0x00beaaf9
                                                                                                                                                                                                                                                        0x00beaaf9
                                                                                                                                                                                                                                                        0x00beaafd
                                                                                                                                                                                                                                                        0x00beaaff
                                                                                                                                                                                                                                                        0x00beaaff
                                                                                                                                                                                                                                                        0x00beab09
                                                                                                                                                                                                                                                        0x00beab0f
                                                                                                                                                                                                                                                        0x00beab16
                                                                                                                                                                                                                                                        0x00beab20
                                                                                                                                                                                                                                                        0x00beab28
                                                                                                                                                                                                                                                        0x00beab2e
                                                                                                                                                                                                                                                        0x00beab3a
                                                                                                                                                                                                                                                        0x00beab44
                                                                                                                                                                                                                                                        0x00beab4e
                                                                                                                                                                                                                                                        0x00beab54
                                                                                                                                                                                                                                                        0x00beab5d
                                                                                                                                                                                                                                                        0x00beab69
                                                                                                                                                                                                                                                        0x00beab6e
                                                                                                                                                                                                                                                        0x00beab80
                                                                                                                                                                                                                                                        0x00beab82
                                                                                                                                                                                                                                                        0x00beab87
                                                                                                                                                                                                                                                        0x00beab89
                                                                                                                                                                                                                                                        0x00beabeb
                                                                                                                                                                                                                                                        0x00beabeb
                                                                                                                                                                                                                                                        0x00beabeb
                                                                                                                                                                                                                                                        0x00beabed
                                                                                                                                                                                                                                                        0x00beabed
                                                                                                                                                                                                                                                        0x00beabf3
                                                                                                                                                                                                                                                        0x00beabf3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beabf3
                                                                                                                                                                                                                                                        0x00beab8b
                                                                                                                                                                                                                                                        0x00beab91
                                                                                                                                                                                                                                                        0x00beab9e
                                                                                                                                                                                                                                                        0x00beaba1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaba3
                                                                                                                                                                                                                                                        0x00beabaa
                                                                                                                                                                                                                                                        0x00beabac
                                                                                                                                                                                                                                                        0x00beabac
                                                                                                                                                                                                                                                        0x00beabb2
                                                                                                                                                                                                                                                        0x00beabb6
                                                                                                                                                                                                                                                        0x00beabc7
                                                                                                                                                                                                                                                        0x00beabb8
                                                                                                                                                                                                                                                        0x00beabb8
                                                                                                                                                                                                                                                        0x00beabb8
                                                                                                                                                                                                                                                        0x00beabcd
                                                                                                                                                                                                                                                        0x00beabd6
                                                                                                                                                                                                                                                        0x00beabd8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beabda
                                                                                                                                                                                                                                                        0x00beabda
                                                                                                                                                                                                                                                        0x00beabe0
                                                                                                                                                                                                                                                        0x00beabe4
                                                                                                                                                                                                                                                        0x00beabfd
                                                                                                                                                                                                                                                        0x00beabe6
                                                                                                                                                                                                                                                        0x00beabe6
                                                                                                                                                                                                                                                        0x00beabe6
                                                                                                                                                                                                                                                        0x00beac00
                                                                                                                                                                                                                                                        0x00beac04
                                                                                                                                                                                                                                                        0x00beac07
                                                                                                                                                                                                                                                        0x00beac0e
                                                                                                                                                                                                                                                        0x00beac09
                                                                                                                                                                                                                                                        0x00beac09
                                                                                                                                                                                                                                                        0x00beac09
                                                                                                                                                                                                                                                        0x00beac11
                                                                                                                                                                                                                                                        0x00beac16
                                                                                                                                                                                                                                                        0x00beac1f
                                                                                                                                                                                                                                                        0x00beac21
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beac21
                                                                                                                                                                                                                                                        0x00beab18
                                                                                                                                                                                                                                                        0x00beab18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beab18
                                                                                                                                                                                                                                                        0x00beab16
                                                                                                                                                                                                                                                        0x00beaa5c
                                                                                                                                                                                                                                                        0x00beaa5e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa64
                                                                                                                                                                                                                                                        0x00beaa6c
                                                                                                                                                                                                                                                        0x00beaa78
                                                                                                                                                                                                                                                        0x00beaa7a
                                                                                                                                                                                                                                                        0x00beaa80
                                                                                                                                                                                                                                                        0x00beaa89
                                                                                                                                                                                                                                                        0x00beaa8e
                                                                                                                                                                                                                                                        0x00beaa90
                                                                                                                                                                                                                                                        0x00beaae0
                                                                                                                                                                                                                                                        0x00beaaf4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaaf4
                                                                                                                                                                                                                                                        0x00beaa92
                                                                                                                                                                                                                                                        0x00beaa9b
                                                                                                                                                                                                                                                        0x00beaa9d
                                                                                                                                                                                                                                                        0x00beaaa2
                                                                                                                                                                                                                                                        0x00beaaa4
                                                                                                                                                                                                                                                        0x00beabbd
                                                                                                                                                                                                                                                        0x00beabbf
                                                                                                                                                                                                                                                        0x00beaaaa
                                                                                                                                                                                                                                                        0x00beaaaa
                                                                                                                                                                                                                                                        0x00beaaae
                                                                                                                                                                                                                                                        0x00beaab0
                                                                                                                                                                                                                                                        0x00beaab0
                                                                                                                                                                                                                                                        0x00beaab3
                                                                                                                                                                                                                                                        0x00beaaba
                                                                                                                                                                                                                                                        0x00beaabc
                                                                                                                                                                                                                                                        0x00beaabc
                                                                                                                                                                                                                                                        0x00beaac4
                                                                                                                                                                                                                                                        0x00beaacd
                                                                                                                                                                                                                                                        0x00beaacf
                                                                                                                                                                                                                                                        0x00beaad5
                                                                                                                                                                                                                                                        0x00beaad5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa26
                                                                                                                                                                                                                                                        0x00beaa26
                                                                                                                                                                                                                                                        0x00beaa29
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa29
                                                                                                                                                                                                                                                        0x00beaa24
                                                                                                                                                                                                                                                        0x00bea97c
                                                                                                                                                                                                                                                        0x00bea981
                                                                                                                                                                                                                                                        0x00bea992

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BEA2A0: _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00BEACA1,\??\,00000004,00000001,?,00BEACA1,00BCFF01), ref: 00BEA2C7
                                                                                                                                                                                                                                                        • _wcsicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00BD22FC,?,?,00BD22FC), ref: 00BEAA17
                                                                                                                                                                                                                                                        • _wcsicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000,?,?,?,?,00BD22FC), ref: 00BEAAC4
                                                                                                                                                                                                                                                        • GetVolumePathNameW.KERNEL32(00000000,?,00000104,?,?,?,?,00BD22FC), ref: 00BEAB09
                                                                                                                                                                                                                                                          • Part of subcall function 00BBDF30: free.MOZGLUE(00000000,?,?,00BC309D,?,00000000,3F800000,?,?,00BC2FDE,?,?,00BC37F9,00000000,?,00BC3B5C), ref: 00BBDF60
                                                                                                                                                                                                                                                          • Part of subcall function 00BBDF30: _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00BC309D,?,00000000,3F800000,?,?,00BC2FDE,?,?,00BC37F9,00000000,?,00BC3B5C,?), ref: 00BBDF7A
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BD22FC), ref: 00BEAB20
                                                                                                                                                                                                                                                          • Part of subcall function 00BEAC30: CreateFileW.KERNEL32(00000000,00000000,00000007,00000000,00000003,02000000,00000000,00000000,00000000,?,00BEAB7B,?,00000000,?), ref: 00BEAC50
                                                                                                                                                                                                                                                          • Part of subcall function 00BEAC30: CloseHandle.KERNEL32(00000000,00000000,?), ref: 00BEAC6C
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000,00000000,?,?), ref: 00BEABCD
                                                                                                                                                                                                                                                        • _wcsicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000), ref: 00BEAC16
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _wcsicmp$_wcsnicmpwcslen$CloseCreateFileHandleNamePathVolume_invalid_parameter_noinfo_noreturnfreememmove
                                                                                                                                                                                                                                                        • String ID: \\.\
                                                                                                                                                                                                                                                        • API String ID: 1320591374-2900601889
                                                                                                                                                                                                                                                        • Opcode ID: 4748a2eefa80bb18ad7c4682c7b1ebd56db28a5b167fc236be3a31b75f9f46fd
                                                                                                                                                                                                                                                        • Instruction ID: 6eaba1eec68ffd1671f5d2dc02de9b324c0db471dc4deffbcc3ca64a79146720
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4748a2eefa80bb18ad7c4682c7b1ebd56db28a5b167fc236be3a31b75f9f46fd
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F812B70E142589BCB14DF65CC99AEEB7F9EF44314F1400E9E40A77240EB756E89CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BD6FB0(intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t50;
                                                                                                                                                                                                                                                        				signed int _t51;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t62;
                                                                                                                                                                                                                                                        				intOrPtr _t63;
                                                                                                                                                                                                                                                        				intOrPtr _t64;
                                                                                                                                                                                                                                                        				intOrPtr _t66;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __edx;
                                                                                                                                                                                                                                                        				_t42 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t57 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t42 ^ _t67;
                                                                                                                                                                                                                                                        				_t44 =  *((intOrPtr*)(_a4 + 0x3c));
                                                                                                                                                                                                                                                        				if(_t44 <= 9) {
                                                                                                                                                                                                                                                        					_t55 = 1;
                                                                                                                                                                                                                                                        					if(_t44 != 0) {
                                                                                                                                                                                                                                                        						_t63 = _a12;
                                                                                                                                                                                                                                                        						_t64 = _a8;
                                                                                                                                                                                                                                                        						_t56 = 0;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t66 = _t63;
                                                                                                                                                                                                                                                        							_t49 = E00BCF8C0(_t57, _t56,  &_v24,  &_v28);
                                                                                                                                                                                                                                                        							_t62 = _t66;
                                                                                                                                                                                                                                                        							 *(_t66 + _t56 * 4) = _t49;
                                                                                                                                                                                                                                                        							if(_t49 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t50 = _v28;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t64 + 4 + _t56 * 4)) = _t50;
                                                                                                                                                                                                                                                        								_t51 = _t50 - 1;
                                                                                                                                                                                                                                                        								if(_t51 > 5) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									switch( *((intOrPtr*)(_t51 * 4 +  &M00BF15A8))) {
                                                                                                                                                                                                                                                        										case 0:
                                                                                                                                                                                                                                                        											_push(0x18);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        											_t65 = _t51;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t51 + 0x14)) = 7;
                                                                                                                                                                                                                                                        											 *(_t51 + 0x10) = 0;
                                                                                                                                                                                                                                                        											 *_t51 = 0;
                                                                                                                                                                                                                                                        											if(E00BCF970(_a4, _t56, _t51) == 0) {
                                                                                                                                                                                                                                                        												 *(_t66 + _t56 * 4) = 0;
                                                                                                                                                                                                                                                        												E00BBDF30(E00BD6F20(_a8, _t66), _t65, _t62);
                                                                                                                                                                                                                                                        												_push(_t65);
                                                                                                                                                                                                                                                        												L00BEF6C0();
                                                                                                                                                                                                                                                        												goto L1;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t62 = _t66;
                                                                                                                                                                                                                                                        												 *(_t66 + _t56 * 4) = _t65;
                                                                                                                                                                                                                                                        												goto L17;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L2;
                                                                                                                                                                                                                                                        										case 1:
                                                                                                                                                                                                                                                        											__ecx = _a4;
                                                                                                                                                                                                                                                        											 &_v32 = E00BCF8F0(__ecx, __ebx,  &_v32);
                                                                                                                                                                                                                                                        											if(__al != 0) {
                                                                                                                                                                                                                                                        												goto L6;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L19;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L2;
                                                                                                                                                                                                                                                        										case 2:
                                                                                                                                                                                                                                                        											goto L7;
                                                                                                                                                                                                                                                        										case 3:
                                                                                                                                                                                                                                                        											__ecx = _a4;
                                                                                                                                                                                                                                                        											 &_v32 = E00BCF930(__ecx, __ebx,  &_v32);
                                                                                                                                                                                                                                                        											if(__al == 0) {
                                                                                                                                                                                                                                                        												L19:
                                                                                                                                                                                                                                                        												_push(__esi);
                                                                                                                                                                                                                                                        												_push(__edi);
                                                                                                                                                                                                                                                        												goto L20;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L6:
                                                                                                                                                                                                                                                        												__eax = _v32;
                                                                                                                                                                                                                                                        												__edx = __esi;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(__esi + __ebx * 4)) = _v32;
                                                                                                                                                                                                                                                        												goto L7;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L2;
                                                                                                                                                                                                                                                        										case 4:
                                                                                                                                                                                                                                                        											__edi =  *((intOrPtr*)(__edx + __ebx * 4));
                                                                                                                                                                                                                                                        											if(__edi == 0) {
                                                                                                                                                                                                                                                        												_push(__edx);
                                                                                                                                                                                                                                                        												_push(_a8);
                                                                                                                                                                                                                                                        												L20:
                                                                                                                                                                                                                                                        												__eax = E00BD6F20();
                                                                                                                                                                                                                                                        												__esp = __esp + 8;
                                                                                                                                                                                                                                                        												goto L1;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_push(8);
                                                                                                                                                                                                                                                        												L00BEF6BA();
                                                                                                                                                                                                                                                        												__esp = __esp + 4;
                                                                                                                                                                                                                                                        												__ecx = _v24;
                                                                                                                                                                                                                                                        												__edx = __esi;
                                                                                                                                                                                                                                                        												 *__eax = __ecx;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(__eax + 4)) = __edi;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(__esi + __ebx * 4)) = __eax;
                                                                                                                                                                                                                                                        												L17:
                                                                                                                                                                                                                                                        												_t64 = _a8;
                                                                                                                                                                                                                                                        												goto L7;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L2;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_t57 = _a4;
                                                                                                                                                                                                                                                        							_t56 = _t56 + 1;
                                                                                                                                                                                                                                                        						} while (_t56 <  *((intOrPtr*)(_a4 + 0x3c)));
                                                                                                                                                                                                                                                        						_t55 = 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t55 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L2:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t67, _t62);
                                                                                                                                                                                                                                                        				return _t55;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bd6fb0
                                                                                                                                                                                                                                                        0x00bd6fb9
                                                                                                                                                                                                                                                        0x00bd6fbe
                                                                                                                                                                                                                                                        0x00bd6fc3
                                                                                                                                                                                                                                                        0x00bd6fc6
                                                                                                                                                                                                                                                        0x00bd6fcc
                                                                                                                                                                                                                                                        0x00bd6fe4
                                                                                                                                                                                                                                                        0x00bd6fe8
                                                                                                                                                                                                                                                        0x00bd6fea
                                                                                                                                                                                                                                                        0x00bd6fed
                                                                                                                                                                                                                                                        0x00bd6ff0
                                                                                                                                                                                                                                                        0x00bd701e
                                                                                                                                                                                                                                                        0x00bd701e
                                                                                                                                                                                                                                                        0x00bd7029
                                                                                                                                                                                                                                                        0x00bd702e
                                                                                                                                                                                                                                                        0x00bd7032
                                                                                                                                                                                                                                                        0x00bd7035
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7037
                                                                                                                                                                                                                                                        0x00bd7037
                                                                                                                                                                                                                                                        0x00bd703a
                                                                                                                                                                                                                                                        0x00bd703e
                                                                                                                                                                                                                                                        0x00bd7042
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7044
                                                                                                                                                                                                                                                        0x00bd7044
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd704b
                                                                                                                                                                                                                                                        0x00bd704d
                                                                                                                                                                                                                                                        0x00bd7052
                                                                                                                                                                                                                                                        0x00bd7058
                                                                                                                                                                                                                                                        0x00bd705a
                                                                                                                                                                                                                                                        0x00bd7061
                                                                                                                                                                                                                                                        0x00bd7068
                                                                                                                                                                                                                                                        0x00bd7076
                                                                                                                                                                                                                                                        0x00bd70d2
                                                                                                                                                                                                                                                        0x00bd70e7
                                                                                                                                                                                                                                                        0x00bd70ec
                                                                                                                                                                                                                                                        0x00bd70ed
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7078
                                                                                                                                                                                                                                                        0x00bd7078
                                                                                                                                                                                                                                                        0x00bd707a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd707a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd707f
                                                                                                                                                                                                                                                        0x00bd7087
                                                                                                                                                                                                                                                        0x00bd708e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7094
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7094
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6ff4
                                                                                                                                                                                                                                                        0x00bd6ffc
                                                                                                                                                                                                                                                        0x00bd7003
                                                                                                                                                                                                                                                        0x00bd70c3
                                                                                                                                                                                                                                                        0x00bd70c3
                                                                                                                                                                                                                                                        0x00bd70c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7009
                                                                                                                                                                                                                                                        0x00bd7009
                                                                                                                                                                                                                                                        0x00bd7009
                                                                                                                                                                                                                                                        0x00bd700c
                                                                                                                                                                                                                                                        0x00bd700e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd700e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7096
                                                                                                                                                                                                                                                        0x00bd709b
                                                                                                                                                                                                                                                        0x00bd70fa
                                                                                                                                                                                                                                                        0x00bd70fb
                                                                                                                                                                                                                                                        0x00bd70c5
                                                                                                                                                                                                                                                        0x00bd70c5
                                                                                                                                                                                                                                                        0x00bd70ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd709d
                                                                                                                                                                                                                                                        0x00bd709d
                                                                                                                                                                                                                                                        0x00bd709f
                                                                                                                                                                                                                                                        0x00bd70a4
                                                                                                                                                                                                                                                        0x00bd70a7
                                                                                                                                                                                                                                                        0x00bd70aa
                                                                                                                                                                                                                                                        0x00bd70ac
                                                                                                                                                                                                                                                        0x00bd70ae
                                                                                                                                                                                                                                                        0x00bd70b1
                                                                                                                                                                                                                                                        0x00bd70b4
                                                                                                                                                                                                                                                        0x00bd70b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd70b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7044
                                                                                                                                                                                                                                                        0x00bd7042
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7011
                                                                                                                                                                                                                                                        0x00bd7011
                                                                                                                                                                                                                                                        0x00bd7014
                                                                                                                                                                                                                                                        0x00bd7015
                                                                                                                                                                                                                                                        0x00bd70bc
                                                                                                                                                                                                                                                        0x00bd70bc
                                                                                                                                                                                                                                                        0x00bd6fce
                                                                                                                                                                                                                                                        0x00bd6fce
                                                                                                                                                                                                                                                        0x00bd6fce
                                                                                                                                                                                                                                                        0x00bd6fce
                                                                                                                                                                                                                                                        0x00bd6fd0
                                                                                                                                                                                                                                                        0x00bd6fd5
                                                                                                                                                                                                                                                        0x00bd6fe3

                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID: '
                                                                                                                                                                                                                                                        • API String ID: 0-1997036262
                                                                                                                                                                                                                                                        • Opcode ID: 37671784acd3f4471ed4e917bdb7d0ba2a030b7b337119ca248f72984c0022f7
                                                                                                                                                                                                                                                        • Instruction ID: 76dd7a2c7e0bd8fe39799eb8f5efdb392b9635e137460565f080493aa07e9c5f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 37671784acd3f4471ed4e917bdb7d0ba2a030b7b337119ca248f72984c0022f7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3151B2B0A08205AFD714CF14C884BBBBBE5EF85304F1088AAF9499B391FB75D905CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 32%
                                                                                                                                                                                                                                                        			E00BB2F60(char** __ecx, void* __edx, void** _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				wchar_t* _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed short* _v40;
                                                                                                                                                                                                                                                        				void* _v44;
                                                                                                                                                                                                                                                        				int _v48;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				short _v76;
                                                                                                                                                                                                                                                        				int _v80;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				short _v96;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				char _v112;
                                                                                                                                                                                                                                                        				char _v116;
                                                                                                                                                                                                                                                        				char _v120;
                                                                                                                                                                                                                                                        				void* _v124;
                                                                                                                                                                                                                                                        				char* _v128;
                                                                                                                                                                                                                                                        				short _v136;
                                                                                                                                                                                                                                                        				void* _v164;
                                                                                                                                                                                                                                                        				intOrPtr _v168;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				wchar_t* _t112;
                                                                                                                                                                                                                                                        				short* _t113;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        				wchar_t* _t122;
                                                                                                                                                                                                                                                        				void* _t123;
                                                                                                                                                                                                                                                        				void* _t124;
                                                                                                                                                                                                                                                        				void* _t137;
                                                                                                                                                                                                                                                        				void* _t138;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				void** _t141;
                                                                                                                                                                                                                                                        				void* _t142;
                                                                                                                                                                                                                                                        				wchar_t* _t143;
                                                                                                                                                                                                                                                        				signed int _t144;
                                                                                                                                                                                                                                                        				intOrPtr* _t146;
                                                                                                                                                                                                                                                        				int* _t151;
                                                                                                                                                                                                                                                        				signed int _t152;
                                                                                                                                                                                                                                                        				short* _t153;
                                                                                                                                                                                                                                                        				signed int _t156;
                                                                                                                                                                                                                                                        				signed int* _t161;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				void* _t163;
                                                                                                                                                                                                                                                        				void* _t165;
                                                                                                                                                                                                                                                        				void* _t166;
                                                                                                                                                                                                                                                        				void* _t167;
                                                                                                                                                                                                                                                        				wchar_t* _t168;
                                                                                                                                                                                                                                                        				wchar_t* _t170;
                                                                                                                                                                                                                                                        				char* _t171;
                                                                                                                                                                                                                                                        				void* _t172;
                                                                                                                                                                                                                                                        				char** _t173;
                                                                                                                                                                                                                                                        				int _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				void* _t177;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				signed int _t180;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				void** _t185;
                                                                                                                                                                                                                                                        				void* _t186;
                                                                                                                                                                                                                                                        				void* _t188;
                                                                                                                                                                                                                                                        				void** _t194;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t160 = __edx;
                                                                                                                                                                                                                                                        				_t182 = (_t180 & 0xfffffff8) - 0x68;
                                                                                                                                                                                                                                                        				_t94 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t163 = __edx;
                                                                                                                                                                                                                                                        				_t173 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t94 ^ _t178;
                                                                                                                                                                                                                                                        				_v36 = 0x800401f0;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_t96 =  *0xbfa138(0, 2);
                                                                                                                                                                                                                                                        				_v36 = _t96;
                                                                                                                                                                                                                                                        				if(_t96 == 0) {
                                                                                                                                                                                                                                                        					E00BB61E0( &_v44);
                                                                                                                                                                                                                                                        					_t96 = _v44;
                                                                                                                                                                                                                                                        					__eflags = _t96;
                                                                                                                                                                                                                                                        					if(_t96 < 0) {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v44 = _t96;
                                                                                                                                                                                                                                                        					if(_t96 >= 0) {
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						_t141 = _a4;
                                                                                                                                                                                                                                                        						_t151 =  &_v48;
                                                                                                                                                                                                                                                        						_t160 = _t163 - 1;
                                                                                                                                                                                                                                                        						_push( &(_t141[1]));
                                                                                                                                                                                                                                                        						L24();
                                                                                                                                                                                                                                                        						_t184 = _t182 + 4;
                                                                                                                                                                                                                                                        						_t102 = _v48;
                                                                                                                                                                                                                                                        						__eflags = _t102;
                                                                                                                                                                                                                                                        						if(_t102 == 0) {
                                                                                                                                                                                                                                                        							_t173[3] = 1;
                                                                                                                                                                                                                                                        							 *_t173 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        							_t173[1] = 0x89;
                                                                                                                                                                                                                                                        							_t173[2] = 0x80070507;
                                                                                                                                                                                                                                                        							_v48 = 0;
                                                                                                                                                                                                                                                        							__eflags = _v36;
                                                                                                                                                                                                                                                        							if(_v36 >= 0) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t165 =  *_t141;
                                                                                                                                                                                                                                                        							_v124 = _t102;
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(0xc);
                                                                                                                                                                                                                                                        							_t185 = _t184 + 4;
                                                                                                                                                                                                                                                        							 *(_t102 + 4) = 0;
                                                                                                                                                                                                                                                        							_t142 = _t102;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t102 + 8)) = 1;
                                                                                                                                                                                                                                                        							_t103 =  *0xbfa114(_t165);
                                                                                                                                                                                                                                                        							__eflags = _t165;
                                                                                                                                                                                                                                                        							 *_t185 = _t142;
                                                                                                                                                                                                                                                        							 *_t142 = _t103;
                                                                                                                                                                                                                                                        							if(_t165 == 0) {
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								_v76 = 8;
                                                                                                                                                                                                                                                        								_v56 =  *_t185;
                                                                                                                                                                                                                                                        								_t105 =  *0xbfa114(_v128);
                                                                                                                                                                                                                                                        								__eflags = _t105;
                                                                                                                                                                                                                                                        								_v72 = _t105;
                                                                                                                                                                                                                                                        								if(_t105 == 0) {
                                                                                                                                                                                                                                                        									goto L23;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v96 = 8;
                                                                                                                                                                                                                                                        									_t124 =  *0xbfa114(L"open");
                                                                                                                                                                                                                                                        									__eflags = _t124;
                                                                                                                                                                                                                                                        									_v92 = _t124;
                                                                                                                                                                                                                                                        									if(_t124 == 0) {
                                                                                                                                                                                                                                                        										goto L23;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										 *0xbfa124( &_v116);
                                                                                                                                                                                                                                                        										_t171 =  &_v136;
                                                                                                                                                                                                                                                        										_v136 = 0x16;
                                                                                                                                                                                                                                                        										_v128 = 1;
                                                                                                                                                                                                                                                        										_t160 =  &_v68;
                                                                                                                                                                                                                                                        										E00BB3380(_t173,  &_v68,  &_v88,  &_v104,  &_v120, _t171);
                                                                                                                                                                                                                                                        										_t194 =  &(_t185[4]);
                                                                                                                                                                                                                                                        										_t146 =  *0xbfa120; // 0xbef9de
                                                                                                                                                                                                                                                        										 *_t146(_t171);
                                                                                                                                                                                                                                                        										 *_t146( &_v124);
                                                                                                                                                                                                                                                        										 *_t146( &_v112);
                                                                                                                                                                                                                                                        										 *_t146( &_v100);
                                                                                                                                                                                                                                                        										_t172 =  *_t194;
                                                                                                                                                                                                                                                        										asm("lock dec dword [edi+0x8]");
                                                                                                                                                                                                                                                        										if(__eflags == 0) {
                                                                                                                                                                                                                                                        											_t138 =  *_t172;
                                                                                                                                                                                                                                                        											__eflags = _t138;
                                                                                                                                                                                                                                                        											if(_t138 != 0) {
                                                                                                                                                                                                                                                        												 *0xbfa118(_t138);
                                                                                                                                                                                                                                                        												 *_t172 = 0;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t139 =  *(_t172 + 4);
                                                                                                                                                                                                                                                        											__eflags = _t139;
                                                                                                                                                                                                                                                        											if(_t139 != 0) {
                                                                                                                                                                                                                                                        												free(_t139);
                                                                                                                                                                                                                                                        												_t194 =  &(_t194[1]);
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											free(_t172);
                                                                                                                                                                                                                                                        											_t194 =  &(_t194[1]);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t137 = _v80;
                                                                                                                                                                                                                                                        										_v80 = 0;
                                                                                                                                                                                                                                                        										__eflags = _t137;
                                                                                                                                                                                                                                                        										if(_t137 == 0) {
                                                                                                                                                                                                                                                        											goto L3;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											free(_t137);
                                                                                                                                                                                                                                                        											__eflags = _v68;
                                                                                                                                                                                                                                                        											if(_v68 >= 0) {
                                                                                                                                                                                                                                                        												goto L4;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L5;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eflags = _t103;
                                                                                                                                                                                                                                                        								if(_t103 == 0) {
                                                                                                                                                                                                                                                        									L23:
                                                                                                                                                                                                                                                        									_t106 = E00BEEAC0(0x8007000e);
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t178);
                                                                                                                                                                                                                                                        									_push(_t142);
                                                                                                                                                                                                                                                        									_push(_t165);
                                                                                                                                                                                                                                                        									_push(_t173);
                                                                                                                                                                                                                                                        									_t186 = _t185 - 0x14;
                                                                                                                                                                                                                                                        									__eflags = _t160;
                                                                                                                                                                                                                                                        									_v168 = _t151;
                                                                                                                                                                                                                                                        									_v164 = _t160;
                                                                                                                                                                                                                                                        									if(_t160 > 0) {
                                                                                                                                                                                                                                                        										_t144 = 0;
                                                                                                                                                                                                                                                        										_t177 = 0;
                                                                                                                                                                                                                                                        										__eflags = 0;
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											_t170 =  *(_v0 + _t144 * 4);
                                                                                                                                                                                                                                                        											_v24 = wcslen(_t170);
                                                                                                                                                                                                                                                        											_v28 = wcschr(_t170, 0x22);
                                                                                                                                                                                                                                                        											_v40 = _t170;
                                                                                                                                                                                                                                                        											_t122 = wcspbrk(_t170, 0xbf03c4);
                                                                                                                                                                                                                                                        											_t186 = _t186 + 0x14;
                                                                                                                                                                                                                                                        											__eflags = _t122;
                                                                                                                                                                                                                                                        											if(_t122 != 0) {
                                                                                                                                                                                                                                                        												_v24 =  &(_v24[0]);
                                                                                                                                                                                                                                                        												__eflags = _v28;
                                                                                                                                                                                                                                                        												if(_v28 == 0) {
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L41;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags = _v28;
                                                                                                                                                                                                                                                        												if(_v28 != 0) {
                                                                                                                                                                                                                                                        													L41:
                                                                                                                                                                                                                                                        													_t123 = 0;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														_t156 =  *_v40 & 0x0000ffff;
                                                                                                                                                                                                                                                        														__eflags = _t156 - 0x22;
                                                                                                                                                                                                                                                        														if(_t156 == 0x22) {
                                                                                                                                                                                                                                                        															goto L47;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														L45:
                                                                                                                                                                                                                                                        														__eflags = _t156 - 0x5c;
                                                                                                                                                                                                                                                        														if(_t156 == 0x5c) {
                                                                                                                                                                                                                                                        															_v40 =  &(_v40[1]);
                                                                                                                                                                                                                                                        															_t123 = _t123 + 1;
                                                                                                                                                                                                                                                        															while(1) {
                                                                                                                                                                                                                                                        																_t156 =  *_v40 & 0x0000ffff;
                                                                                                                                                                                                                                                        																__eflags = _t156 - 0x22;
                                                                                                                                                                                                                                                        																if(_t156 == 0x22) {
                                                                                                                                                                                                                                                        																	goto L47;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L45;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L47;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _t156;
                                                                                                                                                                                                                                                        														if(_t156 == 0) {
                                                                                                                                                                                                                                                        															goto L28;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L43:
                                                                                                                                                                                                                                                        															_v40 =  &(_v40[0]);
                                                                                                                                                                                                                                                        															_t123 = 0;
                                                                                                                                                                                                                                                        															__eflags = 0;
                                                                                                                                                                                                                                                        															continue;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														L39:
                                                                                                                                                                                                                                                        														 *_t166 = 0;
                                                                                                                                                                                                                                                        														return _v36;
                                                                                                                                                                                                                                                        														goto L64;
                                                                                                                                                                                                                                                        														L47:
                                                                                                                                                                                                                                                        														_t84 =  &(_v24[0]); // 0x1
                                                                                                                                                                                                                                                        														_v24 = _t123 + _t84;
                                                                                                                                                                                                                                                        														goto L43;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L28:
                                                                                                                                                                                                                                                        											_t144 = _t144 + 1;
                                                                                                                                                                                                                                                        											_t106 = _v24;
                                                                                                                                                                                                                                                        											__eflags = _t144 - _v32;
                                                                                                                                                                                                                                                        											_t177 = _t177 + _t106 + 1;
                                                                                                                                                                                                                                                        										} while (_t144 != _v32);
                                                                                                                                                                                                                                                        										__eflags = _t177;
                                                                                                                                                                                                                                                        										if(_t177 == 0) {
                                                                                                                                                                                                                                                        											goto L30;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t175 = 2;
                                                                                                                                                                                                                                                        									__eflags = 2;
                                                                                                                                                                                                                                                        									if(2 < 0) {
                                                                                                                                                                                                                                                        										_t175 = 0xffffffff;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__imp__moz_xmalloc(_t175);
                                                                                                                                                                                                                                                        									_t166 = _t106;
                                                                                                                                                                                                                                                        									memset(_t106, 0, _t175);
                                                                                                                                                                                                                                                        									_t188 = _t186 + 0x10;
                                                                                                                                                                                                                                                        									__eflags = _v32;
                                                                                                                                                                                                                                                        									 *_v36 = _t166;
                                                                                                                                                                                                                                                        									if(_v32 > 0) {
                                                                                                                                                                                                                                                        										_t176 = 0;
                                                                                                                                                                                                                                                        										__eflags = 0;
                                                                                                                                                                                                                                                        										_v24 = _t166;
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											_t143 =  *(_v0 + _t176 * 4);
                                                                                                                                                                                                                                                        											_t167 = wcschr(_t143, 0x22);
                                                                                                                                                                                                                                                        											_t112 = wcspbrk(_t143, 0xbf03c4);
                                                                                                                                                                                                                                                        											_t188 = _t188 + 0x10;
                                                                                                                                                                                                                                                        											__eflags = _t112;
                                                                                                                                                                                                                                                        											_v28 = _t112;
                                                                                                                                                                                                                                                        											if(_t112 != 0) {
                                                                                                                                                                                                                                                        												goto L48;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = _t167;
                                                                                                                                                                                                                                                        											if(_t167 != 0) {
                                                                                                                                                                                                                                                        												L49:
                                                                                                                                                                                                                                                        												_t117 = 0;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													_t152 =  *_t143 & 0x0000ffff;
                                                                                                                                                                                                                                                        													__eflags = _t152 - 0x22;
                                                                                                                                                                                                                                                        													if(_t152 == 0x22) {
                                                                                                                                                                                                                                                        														goto L56;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L54:
                                                                                                                                                                                                                                                        													__eflags = _t152 - 0x5c;
                                                                                                                                                                                                                                                        													if(_t152 != 0x5c) {
                                                                                                                                                                                                                                                        														__eflags = _t152;
                                                                                                                                                                                                                                                        														if(_t152 != 0) {
                                                                                                                                                                                                                                                        															L51:
                                                                                                                                                                                                                                                        															_t117 = 0;
                                                                                                                                                                                                                                                        															__eflags = 0;
                                                                                                                                                                                                                                                        															goto L52;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t166 = _v24;
                                                                                                                                                                                                                                                        														__eflags = _v28;
                                                                                                                                                                                                                                                        														if(_v28 == 0) {
                                                                                                                                                                                                                                                        															goto L37;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															goto L62;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t117 = _t117 + 1;
                                                                                                                                                                                                                                                        														_t152 = 0x5c;
                                                                                                                                                                                                                                                        														L52:
                                                                                                                                                                                                                                                        														_t161 = _v24;
                                                                                                                                                                                                                                                        														_t143 =  &(_t143[0]);
                                                                                                                                                                                                                                                        														 *_t161 = _t152;
                                                                                                                                                                                                                                                        														_t162 =  &(_t161[0]);
                                                                                                                                                                                                                                                        														__eflags = _t162;
                                                                                                                                                                                                                                                        														_v24 = _t162;
                                                                                                                                                                                                                                                        														_t152 =  *_t143 & 0x0000ffff;
                                                                                                                                                                                                                                                        														__eflags = _t152 - 0x22;
                                                                                                                                                                                                                                                        														if(_t152 == 0x22) {
                                                                                                                                                                                                                                                        															goto L56;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L54;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L64;
                                                                                                                                                                                                                                                        													L56:
                                                                                                                                                                                                                                                        													__eflags = _t117;
                                                                                                                                                                                                                                                        													if(_t117 < 0) {
                                                                                                                                                                                                                                                        														_t152 = 0x22;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t118 = _t117 + 1;
                                                                                                                                                                                                                                                        														__eflags = _t118;
                                                                                                                                                                                                                                                        														do {
                                                                                                                                                                                                                                                        															_t153 = _v24;
                                                                                                                                                                                                                                                        															 *_t153 = 0x5c;
                                                                                                                                                                                                                                                        															_t118 = _t118 - 1;
                                                                                                                                                                                                                                                        															__eflags = _t118;
                                                                                                                                                                                                                                                        															_v24 = _t153 + 2;
                                                                                                                                                                                                                                                        														} while (_t118 != 0);
                                                                                                                                                                                                                                                        														_t152 =  *_t143 & 0x0000ffff;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L51;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L36:
                                                                                                                                                                                                                                                        												_t168 = _v24;
                                                                                                                                                                                                                                                        												wcscpy(_t168, _t143);
                                                                                                                                                                                                                                                        												_t116 = wcslen(_t143);
                                                                                                                                                                                                                                                        												_t188 = _t188 + 0xc;
                                                                                                                                                                                                                                                        												_t166 = _t168 + _t116 * 2;
                                                                                                                                                                                                                                                        												__eflags = _v28;
                                                                                                                                                                                                                                                        												if(_v28 != 0) {
                                                                                                                                                                                                                                                        													L62:
                                                                                                                                                                                                                                                        													 *_t166 = 0x22;
                                                                                                                                                                                                                                                        													_t166 = _t166 + 2;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L37:
                                                                                                                                                                                                                                                        											_t176 = _t176 + 1;
                                                                                                                                                                                                                                                        											__eflags = _t176 - _v32;
                                                                                                                                                                                                                                                        											if(_t176 != _v32) {
                                                                                                                                                                                                                                                        												 *_t166 = 0x20;
                                                                                                                                                                                                                                                        												_v24 = _t166 + 2;
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L39;
                                                                                                                                                                                                                                                        											L48:
                                                                                                                                                                                                                                                        											_t113 = _v24;
                                                                                                                                                                                                                                                        											 *_t113 = 0x22;
                                                                                                                                                                                                                                                        											_v24 = _t113 + 2;
                                                                                                                                                                                                                                                        											__eflags = _t167;
                                                                                                                                                                                                                                                        											if(_t167 == 0) {
                                                                                                                                                                                                                                                        												goto L36;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L49;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L64;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L39;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L10;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t173[3] = 1;
                                                                                                                                                                                                                                                        						 *_t173 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        						_t173[1] = 0x83;
                                                                                                                                                                                                                                                        						_t173[2] = _t96;
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						if(_v36 >= 0) {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							 *0xbfa140();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						E00BEECB0(_v32 ^ _t178, _t160);
                                                                                                                                                                                                                                                        						return _t173;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L64:
                                                                                                                                                                                                                                                        			}














































































                                                                                                                                                                                                                                                        0x00bb2f60
                                                                                                                                                                                                                                                        0x00bb2f69
                                                                                                                                                                                                                                                        0x00bb2f6c
                                                                                                                                                                                                                                                        0x00bb2f71
                                                                                                                                                                                                                                                        0x00bb2f73
                                                                                                                                                                                                                                                        0x00bb2f77
                                                                                                                                                                                                                                                        0x00bb2f7b
                                                                                                                                                                                                                                                        0x00bb2f83
                                                                                                                                                                                                                                                        0x00bb2f8f
                                                                                                                                                                                                                                                        0x00bb2f97
                                                                                                                                                                                                                                                        0x00bb2f9b
                                                                                                                                                                                                                                                        0x00bb2fdf
                                                                                                                                                                                                                                                        0x00bb2fe4
                                                                                                                                                                                                                                                        0x00bb2fe8
                                                                                                                                                                                                                                                        0x00bb2fea
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2f9d
                                                                                                                                                                                                                                                        0x00bb2f9d
                                                                                                                                                                                                                                                        0x00bb2fa3
                                                                                                                                                                                                                                                        0x00bb2fec
                                                                                                                                                                                                                                                        0x00bb2fec
                                                                                                                                                                                                                                                        0x00bb2ff0
                                                                                                                                                                                                                                                        0x00bb2ff4
                                                                                                                                                                                                                                                        0x00bb2ff9
                                                                                                                                                                                                                                                        0x00bb2ffa
                                                                                                                                                                                                                                                        0x00bb2fff
                                                                                                                                                                                                                                                        0x00bb3002
                                                                                                                                                                                                                                                        0x00bb3006
                                                                                                                                                                                                                                                        0x00bb3008
                                                                                                                                                                                                                                                        0x00bb3148
                                                                                                                                                                                                                                                        0x00bb314c
                                                                                                                                                                                                                                                        0x00bb3152
                                                                                                                                                                                                                                                        0x00bb3159
                                                                                                                                                                                                                                                        0x00bb3160
                                                                                                                                                                                                                                                        0x00bb3168
                                                                                                                                                                                                                                                        0x00bb316d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3173
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb300e
                                                                                                                                                                                                                                                        0x00bb300e
                                                                                                                                                                                                                                                        0x00bb3010
                                                                                                                                                                                                                                                        0x00bb3016
                                                                                                                                                                                                                                                        0x00bb301c
                                                                                                                                                                                                                                                        0x00bb301f
                                                                                                                                                                                                                                                        0x00bb3026
                                                                                                                                                                                                                                                        0x00bb3028
                                                                                                                                                                                                                                                        0x00bb3030
                                                                                                                                                                                                                                                        0x00bb3036
                                                                                                                                                                                                                                                        0x00bb3038
                                                                                                                                                                                                                                                        0x00bb303b
                                                                                                                                                                                                                                                        0x00bb303d
                                                                                                                                                                                                                                                        0x00bb3047
                                                                                                                                                                                                                                                        0x00bb304a
                                                                                                                                                                                                                                                        0x00bb3051
                                                                                                                                                                                                                                                        0x00bb3059
                                                                                                                                                                                                                                                        0x00bb305f
                                                                                                                                                                                                                                                        0x00bb3061
                                                                                                                                                                                                                                                        0x00bb3065
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb306b
                                                                                                                                                                                                                                                        0x00bb306b
                                                                                                                                                                                                                                                        0x00bb3077
                                                                                                                                                                                                                                                        0x00bb307d
                                                                                                                                                                                                                                                        0x00bb307f
                                                                                                                                                                                                                                                        0x00bb3083
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3089
                                                                                                                                                                                                                                                        0x00bb308e
                                                                                                                                                                                                                                                        0x00bb3094
                                                                                                                                                                                                                                                        0x00bb3098
                                                                                                                                                                                                                                                        0x00bb309f
                                                                                                                                                                                                                                                        0x00bb30ab
                                                                                                                                                                                                                                                        0x00bb30bd
                                                                                                                                                                                                                                                        0x00bb30c2
                                                                                                                                                                                                                                                        0x00bb30c5
                                                                                                                                                                                                                                                        0x00bb30cc
                                                                                                                                                                                                                                                        0x00bb30d3
                                                                                                                                                                                                                                                        0x00bb30da
                                                                                                                                                                                                                                                        0x00bb30e1
                                                                                                                                                                                                                                                        0x00bb30e3
                                                                                                                                                                                                                                                        0x00bb30e6
                                                                                                                                                                                                                                                        0x00bb30ea
                                                                                                                                                                                                                                                        0x00bb30ec
                                                                                                                                                                                                                                                        0x00bb30ee
                                                                                                                                                                                                                                                        0x00bb30f0
                                                                                                                                                                                                                                                        0x00bb30f3
                                                                                                                                                                                                                                                        0x00bb30f9
                                                                                                                                                                                                                                                        0x00bb30f9
                                                                                                                                                                                                                                                        0x00bb30ff
                                                                                                                                                                                                                                                        0x00bb3102
                                                                                                                                                                                                                                                        0x00bb3104
                                                                                                                                                                                                                                                        0x00bb3107
                                                                                                                                                                                                                                                        0x00bb310d
                                                                                                                                                                                                                                                        0x00bb310d
                                                                                                                                                                                                                                                        0x00bb3111
                                                                                                                                                                                                                                                        0x00bb3117
                                                                                                                                                                                                                                                        0x00bb3117
                                                                                                                                                                                                                                                        0x00bb311a
                                                                                                                                                                                                                                                        0x00bb311e
                                                                                                                                                                                                                                                        0x00bb3126
                                                                                                                                                                                                                                                        0x00bb3128
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb312e
                                                                                                                                                                                                                                                        0x00bb312f
                                                                                                                                                                                                                                                        0x00bb3138
                                                                                                                                                                                                                                                        0x00bb313d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3143
                                                                                                                                                                                                                                                        0x00bb313d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3128
                                                                                                                                                                                                                                                        0x00bb3083
                                                                                                                                                                                                                                                        0x00bb303f
                                                                                                                                                                                                                                                        0x00bb303f
                                                                                                                                                                                                                                                        0x00bb3041
                                                                                                                                                                                                                                                        0x00bb3178
                                                                                                                                                                                                                                                        0x00bb317d
                                                                                                                                                                                                                                                        0x00bb3182
                                                                                                                                                                                                                                                        0x00bb3183
                                                                                                                                                                                                                                                        0x00bb3184
                                                                                                                                                                                                                                                        0x00bb3185
                                                                                                                                                                                                                                                        0x00bb3186
                                                                                                                                                                                                                                                        0x00bb3187
                                                                                                                                                                                                                                                        0x00bb3188
                                                                                                                                                                                                                                                        0x00bb3189
                                                                                                                                                                                                                                                        0x00bb318a
                                                                                                                                                                                                                                                        0x00bb318b
                                                                                                                                                                                                                                                        0x00bb318c
                                                                                                                                                                                                                                                        0x00bb318d
                                                                                                                                                                                                                                                        0x00bb318e
                                                                                                                                                                                                                                                        0x00bb318f
                                                                                                                                                                                                                                                        0x00bb3190
                                                                                                                                                                                                                                                        0x00bb3193
                                                                                                                                                                                                                                                        0x00bb3194
                                                                                                                                                                                                                                                        0x00bb3195
                                                                                                                                                                                                                                                        0x00bb3196
                                                                                                                                                                                                                                                        0x00bb3199
                                                                                                                                                                                                                                                        0x00bb319b
                                                                                                                                                                                                                                                        0x00bb319e
                                                                                                                                                                                                                                                        0x00bb31a1
                                                                                                                                                                                                                                                        0x00bb31a3
                                                                                                                                                                                                                                                        0x00bb31a5
                                                                                                                                                                                                                                                        0x00bb31a5
                                                                                                                                                                                                                                                        0x00bb31a7
                                                                                                                                                                                                                                                        0x00bb31aa
                                                                                                                                                                                                                                                        0x00bb31b6
                                                                                                                                                                                                                                                        0x00bb31c4
                                                                                                                                                                                                                                                        0x00bb31cc
                                                                                                                                                                                                                                                        0x00bb31d0
                                                                                                                                                                                                                                                        0x00bb31d6
                                                                                                                                                                                                                                                        0x00bb31d9
                                                                                                                                                                                                                                                        0x00bb31db
                                                                                                                                                                                                                                                        0x00bb32ad
                                                                                                                                                                                                                                                        0x00bb32b1
                                                                                                                                                                                                                                                        0x00bb32b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb31e1
                                                                                                                                                                                                                                                        0x00bb31e1
                                                                                                                                                                                                                                                        0x00bb31e5
                                                                                                                                                                                                                                                        0x00bb32bb
                                                                                                                                                                                                                                                        0x00bb32bb
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32d1
                                                                                                                                                                                                                                                        0x00bb32d4
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32da
                                                                                                                                                                                                                                                        0x00bb32da
                                                                                                                                                                                                                                                        0x00bb32de
                                                                                                                                                                                                                                                        0x00bb32e0
                                                                                                                                                                                                                                                        0x00bb32e4
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32d1
                                                                                                                                                                                                                                                        0x00bb32d4
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32bf
                                                                                                                                                                                                                                                        0x00bb32c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00bb329d
                                                                                                                                                                                                                                                        0x00bb32a0
                                                                                                                                                                                                                                                        0x00bb32ac
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32e7
                                                                                                                                                                                                                                                        0x00bb32ea
                                                                                                                                                                                                                                                        0x00bb32ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32ee
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb31e5
                                                                                                                                                                                                                                                        0x00bb31eb
                                                                                                                                                                                                                                                        0x00bb31eb
                                                                                                                                                                                                                                                        0x00bb31ec
                                                                                                                                                                                                                                                        0x00bb31ef
                                                                                                                                                                                                                                                        0x00bb31f2
                                                                                                                                                                                                                                                        0x00bb31f2
                                                                                                                                                                                                                                                        0x00bb31f8
                                                                                                                                                                                                                                                        0x00bb31fa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb31fa
                                                                                                                                                                                                                                                        0x00bb3201
                                                                                                                                                                                                                                                        0x00bb3201
                                                                                                                                                                                                                                                        0x00bb3203
                                                                                                                                                                                                                                                        0x00bb3374
                                                                                                                                                                                                                                                        0x00bb3374
                                                                                                                                                                                                                                                        0x00bb320a
                                                                                                                                                                                                                                                        0x00bb3213
                                                                                                                                                                                                                                                        0x00bb3219
                                                                                                                                                                                                                                                        0x00bb321e
                                                                                                                                                                                                                                                        0x00bb3221
                                                                                                                                                                                                                                                        0x00bb3228
                                                                                                                                                                                                                                                        0x00bb322a
                                                                                                                                                                                                                                                        0x00bb322c
                                                                                                                                                                                                                                                        0x00bb322c
                                                                                                                                                                                                                                                        0x00bb322e
                                                                                                                                                                                                                                                        0x00bb3231
                                                                                                                                                                                                                                                        0x00bb3234
                                                                                                                                                                                                                                                        0x00bb3242
                                                                                                                                                                                                                                                        0x00bb324a
                                                                                                                                                                                                                                                        0x00bb3250
                                                                                                                                                                                                                                                        0x00bb3253
                                                                                                                                                                                                                                                        0x00bb3255
                                                                                                                                                                                                                                                        0x00bb3258
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb325e
                                                                                                                                                                                                                                                        0x00bb3260
                                                                                                                                                                                                                                                        0x00bb3309
                                                                                                                                                                                                                                                        0x00bb3309
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb3326
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb332c
                                                                                                                                                                                                                                                        0x00bb332c
                                                                                                                                                                                                                                                        0x00bb3330
                                                                                                                                                                                                                                                        0x00bb330d
                                                                                                                                                                                                                                                        0x00bb3310
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb335a
                                                                                                                                                                                                                                                        0x00bb335d
                                                                                                                                                                                                                                                        0x00bb3361
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3332
                                                                                                                                                                                                                                                        0x00bb3332
                                                                                                                                                                                                                                                        0x00bb3333
                                                                                                                                                                                                                                                        0x00bb3314
                                                                                                                                                                                                                                                        0x00bb3314
                                                                                                                                                                                                                                                        0x00bb3317
                                                                                                                                                                                                                                                        0x00bb331a
                                                                                                                                                                                                                                                        0x00bb331d
                                                                                                                                                                                                                                                        0x00bb331d
                                                                                                                                                                                                                                                        0x00bb3320
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb3326
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3339
                                                                                                                                                                                                                                                        0x00bb3339
                                                                                                                                                                                                                                                        0x00bb333b
                                                                                                                                                                                                                                                        0x00bb3354
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333e
                                                                                                                                                                                                                                                        0x00bb333e
                                                                                                                                                                                                                                                        0x00bb3341
                                                                                                                                                                                                                                                        0x00bb3349
                                                                                                                                                                                                                                                        0x00bb3349
                                                                                                                                                                                                                                                        0x00bb334a
                                                                                                                                                                                                                                                        0x00bb334a
                                                                                                                                                                                                                                                        0x00bb334f
                                                                                                                                                                                                                                                        0x00bb334f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb333b
                                                                                                                                                                                                                                                        0x00bb3266
                                                                                                                                                                                                                                                        0x00bb3266
                                                                                                                                                                                                                                                        0x00bb3267
                                                                                                                                                                                                                                                        0x00bb326b
                                                                                                                                                                                                                                                        0x00bb3275
                                                                                                                                                                                                                                                        0x00bb327a
                                                                                                                                                                                                                                                        0x00bb327d
                                                                                                                                                                                                                                                        0x00bb3280
                                                                                                                                                                                                                                                        0x00bb3284
                                                                                                                                                                                                                                                        0x00bb3367
                                                                                                                                                                                                                                                        0x00bb3367
                                                                                                                                                                                                                                                        0x00bb336c
                                                                                                                                                                                                                                                        0x00bb336c
                                                                                                                                                                                                                                                        0x00bb3284
                                                                                                                                                                                                                                                        0x00bb328a
                                                                                                                                                                                                                                                        0x00bb328a
                                                                                                                                                                                                                                                        0x00bb328b
                                                                                                                                                                                                                                                        0x00bb328e
                                                                                                                                                                                                                                                        0x00bb3290
                                                                                                                                                                                                                                                        0x00bb3298
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3298
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32f3
                                                                                                                                                                                                                                                        0x00bb32f3
                                                                                                                                                                                                                                                        0x00bb32f6
                                                                                                                                                                                                                                                        0x00bb32fe
                                                                                                                                                                                                                                                        0x00bb3301
                                                                                                                                                                                                                                                        0x00bb3303
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3303
                                                                                                                                                                                                                                                        0x00bb3231
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3041
                                                                                                                                                                                                                                                        0x00bb303d
                                                                                                                                                                                                                                                        0x00bb2fa5
                                                                                                                                                                                                                                                        0x00bb2fa5
                                                                                                                                                                                                                                                        0x00bb2fa5
                                                                                                                                                                                                                                                        0x00bb2fa9
                                                                                                                                                                                                                                                        0x00bb2faf
                                                                                                                                                                                                                                                        0x00bb2fb6
                                                                                                                                                                                                                                                        0x00bb2fb9
                                                                                                                                                                                                                                                        0x00bb2fbe
                                                                                                                                                                                                                                                        0x00bb2fc0
                                                                                                                                                                                                                                                        0x00bb2fc0
                                                                                                                                                                                                                                                        0x00bb2fc0
                                                                                                                                                                                                                                                        0x00bb2fc6
                                                                                                                                                                                                                                                        0x00bb2fcc
                                                                                                                                                                                                                                                        0x00bb2fda
                                                                                                                                                                                                                                                        0x00bb2fda
                                                                                                                                                                                                                                                        0x00bb2fa3
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp, xrefs: 00BB2FA9, 00BB314C
                                                                                                                                                                                                                                                        • open, xrefs: 00BB3072
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$_com_issue_errormoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp$open
                                                                                                                                                                                                                                                        • API String ID: 3534299740-3667221198
                                                                                                                                                                                                                                                        • Opcode ID: b392b41bfc8a80cbe2bec2fd62f10e730e0b605b52aac395c896a2cd91290ce4
                                                                                                                                                                                                                                                        • Instruction ID: cb4bc2b5528e3ceaeaef2242cde9906002a1d0807b3545ea8a2f485f4fc581f1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b392b41bfc8a80cbe2bec2fd62f10e730e0b605b52aac395c896a2cd91290ce4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C05169B15043419FD710DF69D888BAABBF8FF84704F04882DF98997250EBB5E508CB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 34%
                                                                                                                                                                                                                                                        			E00BECCD0(void* __eax, signed int __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				void* _t76;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				void* _t81;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				intOrPtr _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				void* _t93;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				void* _t100;
                                                                                                                                                                                                                                                        				signed int _t101;
                                                                                                                                                                                                                                                        				signed int _t102;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				signed int _t107;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				void* _t129;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				void** _t134;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				void* _t138;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				void* _t140;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t101 = __ecx;
                                                                                                                                                                                                                                                        				_t76 = __eax;
                                                                                                                                                                                                                                                        				_t139 = _t138 - 8;
                                                                                                                                                                                                                                                        				_t134 = __ecx;
                                                                                                                                                                                                                                                        				if( *__ecx != 0xc) {
                                                                                                                                                                                                                                                        					_t77 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					if(_t77 == 0) {
                                                                                                                                                                                                                                                        						_v24 = 1;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t77 >= 0x4000000) {
                                                                                                                                                                                                                                                        							L28:
                                                                                                                                                                                                                                                        							__imp__mozalloc_abort("alloc overflow");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							_push(_t92);
                                                                                                                                                                                                                                                        							_push(1);
                                                                                                                                                                                                                                                        							_push(_t134);
                                                                                                                                                                                                                                                        							_push(_t77);
                                                                                                                                                                                                                                                        							if(_t119 == 0) {
                                                                                                                                                                                                                                                        								_t83 = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t135 = _t101;
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t101 + 4)) != 0) {
                                                                                                                                                                                                                                                        									L33:
                                                                                                                                                                                                                                                        									_t83 =  *(_t135 + 8);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t94 = _t119;
                                                                                                                                                                                                                                                        									_v24 = 1 + _t135;
                                                                                                                                                                                                                                                        									_t107 = E00BB94B0();
                                                                                                                                                                                                                                                        									_t131 = 0;
                                                                                                                                                                                                                                                        									_t125 = _t94 % _t107;
                                                                                                                                                                                                                                                        									if(_t125 != 0) {
                                                                                                                                                                                                                                                        										_t131 = _t107 - _t125;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *(_t135 + 8) = _t131 + _t94;
                                                                                                                                                                                                                                                        									_t87 = GetCurrentProcess();
                                                                                                                                                                                                                                                        									_push(_v0);
                                                                                                                                                                                                                                                        									_t88 = E00BECF00(_t94, _v24, _t87, _t131 + _t94, _t135, _t131 + _t94);
                                                                                                                                                                                                                                                        									_t139 = _t139 + 8;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t135 + 4)) = _t88;
                                                                                                                                                                                                                                                        									_t83 = 0;
                                                                                                                                                                                                                                                        									if(_t88 != 0) {
                                                                                                                                                                                                                                                        										goto L33;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							return _t83;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t119 = _t77 * 8 + _t77 * 8 * 2;
                                                                                                                                                                                                                                                        							asm("bsr ecx, ecx");
                                                                                                                                                                                                                                                        							_t97 =  <  ? 1 : 1 <<  ~(_t119 - 0x00000001 ^ 0x0000001f);
                                                                                                                                                                                                                                                        							_t92 = ( <  ? 1 : 1 <<  ~(_t119 - 0x00000001 ^ 0x0000001f)) - _t119;
                                                                                                                                                                                                                                                        							_t101 = 0xbadbad + _t77 * 2;
                                                                                                                                                                                                                                                        							_t77 = _t101;
                                                                                                                                                                                                                                                        							_v24 = _t101;
                                                                                                                                                                                                                                                        							if(_t101 > 0xfffffff) {
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t80 = _v24 * 4 + _v24 * 4 * 2;
                                                                                                                                                                                                                                                        								__imp__moz_xmalloc(_t80);
                                                                                                                                                                                                                                                        								_t140 = _t139 + 4;
                                                                                                                                                                                                                                                        								_t102 = _t134[1];
                                                                                                                                                                                                                                                        								_v20 = _t80;
                                                                                                                                                                                                                                                        								_t81 =  *_t134;
                                                                                                                                                                                                                                                        								if(_t102 <= 0) {
                                                                                                                                                                                                                                                        									_t93 = _t81;
                                                                                                                                                                                                                                                        									_t129 = _t81 + (_t102 + _t102 * 2) * 4;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t105 = 0;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										asm("movsd xmm0, [eax+ecx]");
                                                                                                                                                                                                                                                        										asm("movsd [edi+ecx], xmm0");
                                                                                                                                                                                                                                                        										 *(_t81 + _t105 + 8) = 0;
                                                                                                                                                                                                                                                        										 *(_v20 + _t105 + 8) =  *(_t81 + _t105 + 8);
                                                                                                                                                                                                                                                        										_t93 =  *_t134;
                                                                                                                                                                                                                                                        										_t129 = _t93 + (_t134[1] + _t134[1] * 2) * 4;
                                                                                                                                                                                                                                                        										_t32 = _t105 + 0xc; // 0xc
                                                                                                                                                                                                                                                        										_t105 = _t105 + 0xc;
                                                                                                                                                                                                                                                        									} while (_t81 + _t32 < _t129);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(_t93 < _t129) {
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t82 =  *(_t93 + 8);
                                                                                                                                                                                                                                                        										 *(_t93 + 8) = 0;
                                                                                                                                                                                                                                                        										if(_t82 != 0) {
                                                                                                                                                                                                                                                        											free(_t82);
                                                                                                                                                                                                                                                        											_t140 = _t140 + 4;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t93 = _t93 + 0xc;
                                                                                                                                                                                                                                                        									} while (_t93 < _t129);
                                                                                                                                                                                                                                                        									_t93 =  *_t134;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								free(_t93);
                                                                                                                                                                                                                                                        								_t141 = _t140 + 4;
                                                                                                                                                                                                                                                        								_t76 = _v20;
                                                                                                                                                                                                                                                        								 *_t134 = _t76;
                                                                                                                                                                                                                                                        								_t134[2] = _v24;
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0xc);
                                                                                                                                                                                                                                                        					_t141 = _t139 + 4;
                                                                                                                                                                                                                                                        					_t116 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					_t133 = __eax;
                                                                                                                                                                                                                                                        					if(_t116 > 0) {
                                                                                                                                                                                                                                                        						_t89 =  *__ecx;
                                                                                                                                                                                                                                                        						_t127 = 0;
                                                                                                                                                                                                                                                        						_t118 = _t89 + (_t116 + _t116 * 2) * 4;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax+edx]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+edx], xmm0");
                                                                                                                                                                                                                                                        							 *(_t89 + _t127 + 8) = 0;
                                                                                                                                                                                                                                                        							 *(__eax + _t127 + 8) =  *(_t89 + _t127 + 8);
                                                                                                                                                                                                                                                        							_t44 = _t127 + 0xc; // 0xc
                                                                                                                                                                                                                                                        							_t127 = _t127 + 0xc;
                                                                                                                                                                                                                                                        						} while (_t89 + _t44 < _t118);
                                                                                                                                                                                                                                                        						_t76 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        						if(_t76 > 0) {
                                                                                                                                                                                                                                                        							_t100 =  *__ecx;
                                                                                                                                                                                                                                                        							_v20 = _t100 + (_t76 + _t76 * 2) * 4;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t76 =  *(_t100 + 8);
                                                                                                                                                                                                                                                        								 *(_t100 + 8) = 0;
                                                                                                                                                                                                                                                        								if(_t76 != 0) {
                                                                                                                                                                                                                                                        									free(_t76);
                                                                                                                                                                                                                                                        									_t141 = _t141 + 4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t100 = _t100 + 0xc;
                                                                                                                                                                                                                                                        								if(_t100 >= _v20) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					 *_t134 = _t133;
                                                                                                                                                                                                                                                        					_t134[2] = 1;
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					return _t76;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}








































                                                                                                                                                                                                                                                        0x00beccd0
                                                                                                                                                                                                                                                        0x00beccd0
                                                                                                                                                                                                                                                        0x00beccd6
                                                                                                                                                                                                                                                        0x00beccdc
                                                                                                                                                                                                                                                        0x00beccde
                                                                                                                                                                                                                                                        0x00becd09
                                                                                                                                                                                                                                                        0x00becd0e
                                                                                                                                                                                                                                                        0x00bece2d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becd14
                                                                                                                                                                                                                                                        0x00becd19
                                                                                                                                                                                                                                                        0x00bece84
                                                                                                                                                                                                                                                        0x00bece89
                                                                                                                                                                                                                                                        0x00bece8f
                                                                                                                                                                                                                                                        0x00bece93
                                                                                                                                                                                                                                                        0x00bece94
                                                                                                                                                                                                                                                        0x00bece95
                                                                                                                                                                                                                                                        0x00bece96
                                                                                                                                                                                                                                                        0x00bece99
                                                                                                                                                                                                                                                        0x00becef4
                                                                                                                                                                                                                                                        0x00bece9b
                                                                                                                                                                                                                                                        0x00bece9f
                                                                                                                                                                                                                                                        0x00becea1
                                                                                                                                                                                                                                                        0x00becee9
                                                                                                                                                                                                                                                        0x00becee9
                                                                                                                                                                                                                                                        0x00becea3
                                                                                                                                                                                                                                                        0x00becea6
                                                                                                                                                                                                                                                        0x00becea8
                                                                                                                                                                                                                                                        0x00beceb0
                                                                                                                                                                                                                                                        0x00beceb6
                                                                                                                                                                                                                                                        0x00becebb
                                                                                                                                                                                                                                                        0x00becebf
                                                                                                                                                                                                                                                        0x00becefa
                                                                                                                                                                                                                                                        0x00becefa
                                                                                                                                                                                                                                                        0x00becec3
                                                                                                                                                                                                                                                        0x00becec6
                                                                                                                                                                                                                                                        0x00beced1
                                                                                                                                                                                                                                                        0x00beced5
                                                                                                                                                                                                                                                        0x00beceda
                                                                                                                                                                                                                                                        0x00becedd
                                                                                                                                                                                                                                                        0x00becee2
                                                                                                                                                                                                                                                        0x00becee7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becee7
                                                                                                                                                                                                                                                        0x00becea1
                                                                                                                                                                                                                                                        0x00becef3
                                                                                                                                                                                                                                                        0x00becd1f
                                                                                                                                                                                                                                                        0x00becd30
                                                                                                                                                                                                                                                        0x00becd36
                                                                                                                                                                                                                                                        0x00becd43
                                                                                                                                                                                                                                                        0x00becd48
                                                                                                                                                                                                                                                        0x00becd50
                                                                                                                                                                                                                                                        0x00becd59
                                                                                                                                                                                                                                                        0x00becd5b
                                                                                                                                                                                                                                                        0x00becd5e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becd64
                                                                                                                                                                                                                                                        0x00becd64
                                                                                                                                                                                                                                                        0x00becd6e
                                                                                                                                                                                                                                                        0x00becd72
                                                                                                                                                                                                                                                        0x00becd78
                                                                                                                                                                                                                                                        0x00becd7b
                                                                                                                                                                                                                                                        0x00becd7e
                                                                                                                                                                                                                                                        0x00becd81
                                                                                                                                                                                                                                                        0x00becd85
                                                                                                                                                                                                                                                        0x00bece3c
                                                                                                                                                                                                                                                        0x00bece3e
                                                                                                                                                                                                                                                        0x00becd8b
                                                                                                                                                                                                                                                        0x00becd8b
                                                                                                                                                                                                                                                        0x00becd8d
                                                                                                                                                                                                                                                        0x00becd8d
                                                                                                                                                                                                                                                        0x00becd95
                                                                                                                                                                                                                                                        0x00becd9e
                                                                                                                                                                                                                                                        0x00becda6
                                                                                                                                                                                                                                                        0x00becdad
                                                                                                                                                                                                                                                        0x00becdb2
                                                                                                                                                                                                                                                        0x00becdb5
                                                                                                                                                                                                                                                        0x00becdb9
                                                                                                                                                                                                                                                        0x00becdbc
                                                                                                                                                                                                                                                        0x00becdc0
                                                                                                                                                                                                                                                        0x00bece43
                                                                                                                                                                                                                                                        0x00bece4e
                                                                                                                                                                                                                                                        0x00bece4e
                                                                                                                                                                                                                                                        0x00bece51
                                                                                                                                                                                                                                                        0x00bece5a
                                                                                                                                                                                                                                                        0x00bece5d
                                                                                                                                                                                                                                                        0x00bece63
                                                                                                                                                                                                                                                        0x00bece63
                                                                                                                                                                                                                                                        0x00bece47
                                                                                                                                                                                                                                                        0x00bece4a
                                                                                                                                                                                                                                                        0x00bece68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bece45
                                                                                                                                                                                                                                                        0x00bece6b
                                                                                                                                                                                                                                                        0x00bece71
                                                                                                                                                                                                                                                        0x00bece74
                                                                                                                                                                                                                                                        0x00bece7a
                                                                                                                                                                                                                                                        0x00bece7c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bece7c
                                                                                                                                                                                                                                                        0x00becd5e
                                                                                                                                                                                                                                                        0x00becd19
                                                                                                                                                                                                                                                        0x00becce0
                                                                                                                                                                                                                                                        0x00becce2
                                                                                                                                                                                                                                                        0x00becce8
                                                                                                                                                                                                                                                        0x00becceb
                                                                                                                                                                                                                                                        0x00beccee
                                                                                                                                                                                                                                                        0x00beccf2
                                                                                                                                                                                                                                                        0x00becdc2
                                                                                                                                                                                                                                                        0x00becdc7
                                                                                                                                                                                                                                                        0x00becdc9
                                                                                                                                                                                                                                                        0x00becdcc
                                                                                                                                                                                                                                                        0x00becdcc
                                                                                                                                                                                                                                                        0x00becdd1
                                                                                                                                                                                                                                                        0x00becdda
                                                                                                                                                                                                                                                        0x00becde2
                                                                                                                                                                                                                                                        0x00becde6
                                                                                                                                                                                                                                                        0x00becdea
                                                                                                                                                                                                                                                        0x00becded
                                                                                                                                                                                                                                                        0x00becdf1
                                                                                                                                                                                                                                                        0x00becdf6
                                                                                                                                                                                                                                                        0x00becdfc
                                                                                                                                                                                                                                                        0x00bece04
                                                                                                                                                                                                                                                        0x00bece07
                                                                                                                                                                                                                                                        0x00bece07
                                                                                                                                                                                                                                                        0x00bece0a
                                                                                                                                                                                                                                                        0x00bece13
                                                                                                                                                                                                                                                        0x00bece16
                                                                                                                                                                                                                                                        0x00bece1c
                                                                                                                                                                                                                                                        0x00bece1c
                                                                                                                                                                                                                                                        0x00bece1f
                                                                                                                                                                                                                                                        0x00bece25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bece2b
                                                                                                                                                                                                                                                        0x00bece07
                                                                                                                                                                                                                                                        0x00becdf6
                                                                                                                                                                                                                                                        0x00beccf8
                                                                                                                                                                                                                                                        0x00beccf8
                                                                                                                                                                                                                                                        0x00beccfa
                                                                                                                                                                                                                                                        0x00becd01
                                                                                                                                                                                                                                                        0x00becd08
                                                                                                                                                                                                                                                        0x00becd08

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(0000000C,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECCE2
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BECD72
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE16
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE5D
                                                                                                                                                                                                                                                        • free.MOZGLUE(-0000000C,?,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE6B
                                                                                                                                                                                                                                                        • mozalloc_abort.MOZGLUE(alloc overflow,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE89
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$moz_xmalloc$mozalloc_abort
                                                                                                                                                                                                                                                        • String ID: alloc overflow
                                                                                                                                                                                                                                                        • API String ID: 232320567-749304246
                                                                                                                                                                                                                                                        • Opcode ID: a1f8458dec327dafafb88dfe1bb7c04e44359be6cd6e3bb91024482008eacab4
                                                                                                                                                                                                                                                        • Instruction ID: f544931dc1ae64a19a5cb750a6724ead6379e9eb4fc3085677e1753be6adc9f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a1f8458dec327dafafb88dfe1bb7c04e44359be6cd6e3bb91024482008eacab4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0551B5756003468FDB24CF19C8C0A6ABBF5FF44308F1485ADD8469B252EB72B956CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE3300(void* __edx, intOrPtr _a4, signed int _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        				long _t24;
                                                                                                                                                                                                                                                        				intOrPtr _t28;
                                                                                                                                                                                                                                                        				char* _t42;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				long _t52;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t50 = __edx;
                                                                                                                                                                                                                                                        				_t22 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t22 ^ _t54;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_t24 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        				__imp__ProcessIdToSessionId(_t24,  &_v48);
                                                                                                                                                                                                                                                        				if(_t24 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					_t52 = GetLastError();
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t54, _t50);
                                                                                                                                                                                                                                                        					return _t52;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t28 = _a4;
                                                                                                                                                                                                                                                        				_v52 = 0;
                                                                                                                                                                                                                                                        				_push( &_v52);
                                                                                                                                                                                                                                                        				_push(_t28);
                                                                                                                                                                                                                                                        				L00BEF6D8();
                                                                                                                                                                                                                                                        				if(_t28 != 0) {
                                                                                                                                                                                                                                                        					_t51 = _v52;
                                                                                                                                                                                                                                                        					E00BC7590(__eflags,  &_v44, L"\\Sessions\\%d\\AppContainerNamedObjects\\%ls", _v48);
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					E00BEB3D0("NtCreateDirectoryObject",  &_v56);
                                                                                                                                                                                                                                                        					_t42 =  &_v80;
                                                                                                                                                                                                                                                        					E00BE5CE0( &_v44, (_a8 & 0x000000ff) << 0x00000007 | 0x00000040, 0, _t42,  &_v88, 0);
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					__eflags = _v56( &_v92, 0xf, _t42, _t51);
                                                                                                                                                                                                                                                        					if(__eflags < 0) {
                                                                                                                                                                                                                                                        						_t52 = E00BEB570(_t50, __eflags, _t37);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t38 = E00BC5200(_t37, _a12, _v92);
                                                                                                                                                                                                                                                        						_t52 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BBDF30(_t38,  &_v44, _t50);
                                                                                                                                                                                                                                                        					__eflags = _t51;
                                                                                                                                                                                                                                                        					if(_t51 != 0) {
                                                                                                                                                                                                                                                        						LocalFree(_t51);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00be3300
                                                                                                                                                                                                                                                        0x00be3309
                                                                                                                                                                                                                                                        0x00be3310
                                                                                                                                                                                                                                                        0x00be3313
                                                                                                                                                                                                                                                        0x00be331a
                                                                                                                                                                                                                                                        0x00be3325
                                                                                                                                                                                                                                                        0x00be332d
                                                                                                                                                                                                                                                        0x00be3347
                                                                                                                                                                                                                                                        0x00be334d
                                                                                                                                                                                                                                                        0x00be334f
                                                                                                                                                                                                                                                        0x00be3354
                                                                                                                                                                                                                                                        0x00be3362
                                                                                                                                                                                                                                                        0x00be3362
                                                                                                                                                                                                                                                        0x00be332f
                                                                                                                                                                                                                                                        0x00be3335
                                                                                                                                                                                                                                                        0x00be333c
                                                                                                                                                                                                                                                        0x00be333d
                                                                                                                                                                                                                                                        0x00be333e
                                                                                                                                                                                                                                                        0x00be3345
                                                                                                                                                                                                                                                        0x00be3363
                                                                                                                                                                                                                                                        0x00be3376
                                                                                                                                                                                                                                                        0x00be3381
                                                                                                                                                                                                                                                        0x00be338e
                                                                                                                                                                                                                                                        0x00be339c
                                                                                                                                                                                                                                                        0x00be33ad
                                                                                                                                                                                                                                                        0x00be33b8
                                                                                                                                                                                                                                                        0x00be33c6
                                                                                                                                                                                                                                                        0x00be33c8
                                                                                                                                                                                                                                                        0x00be33e2
                                                                                                                                                                                                                                                        0x00be33ca
                                                                                                                                                                                                                                                        0x00be33d0
                                                                                                                                                                                                                                                        0x00be33d5
                                                                                                                                                                                                                                                        0x00be33d5
                                                                                                                                                                                                                                                        0x00be33e7
                                                                                                                                                                                                                                                        0x00be33ec
                                                                                                                                                                                                                                                        0x00be33ee
                                                                                                                                                                                                                                                        0x00be33f5
                                                                                                                                                                                                                                                        0x00be33f5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be33ee
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32 ref: 00BE331A
                                                                                                                                                                                                                                                        • ProcessIdToSessionId.KERNEL32(00000000,00000000), ref: 00BE3325
                                                                                                                                                                                                                                                        • ConvertSidToStringSidW.ADVAPI32(00000001,?), ref: 00BE333E
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE3347
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BE33F5
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • \Sessions\%d\AppContainerNamedObjects\%ls, xrefs: 00BE3370
                                                                                                                                                                                                                                                        • NtCreateDirectoryObject, xrefs: 00BE3389
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$ConvertCurrentErrorFreeLastLocalSessionString
                                                                                                                                                                                                                                                        • String ID: NtCreateDirectoryObject$\Sessions\%d\AppContainerNamedObjects\%ls
                                                                                                                                                                                                                                                        • API String ID: 2750361503-2316199652
                                                                                                                                                                                                                                                        • Opcode ID: eeb1917e284d0aed403234178d56aeb21503bc781f37f8b02917e096b80fbf14
                                                                                                                                                                                                                                                        • Instruction ID: 457524b9a21945cec0d97b41b978607a6004558d89780b639273f36da8e3d44c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eeb1917e284d0aed403234178d56aeb21503bc781f37f8b02917e096b80fbf14
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 33215EB1D00259ABEB109FA5DC49FEEBBF8EF04B54F040458F915A7241EF70AA09C764
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BDDA20(intOrPtr _a8, void* _a12, void* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v4076;
                                                                                                                                                                                                                                                        				intOrPtr _v4080;
                                                                                                                                                                                                                                                        				char _v4132;
                                                                                                                                                                                                                                                        				char _v8228;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void* _t15;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t20;
                                                                                                                                                                                                                                                        				intOrPtr _t21;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t25;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				intOrPtr _t30;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				E00BEF1D0();
                                                                                                                                                                                                                                                        				_t23 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t29 =  &_v4132;
                                                                                                                                                                                                                                                        				_v20 = _t23 ^ _t32;
                                                                                                                                                                                                                                                        				_t13 = memcpy(_t29, _a12, 0x1010);
                                                                                                                                                                                                                                                        				_t34 = _t33 + 0xc;
                                                                                                                                                                                                                                                        				asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        				asm("pcmpeqb xmm0, [0xbf18c0]");
                                                                                                                                                                                                                                                        				asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        				if(_t13 == 0xffff) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					if(_v4080 == 0) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t30 = _a8;
                                                                                                                                                                                                                                                        						_t22 =  &_v8228;
                                                                                                                                                                                                                                                        						memset(_t22, 0, 0x1000);
                                                                                                                                                                                                                                                        						_t34 = _t34 + 0xc;
                                                                                                                                                                                                                                                        						_t25 =  *0xbfb610;
                                                                                                                                                                                                                                                        						if(_t25 == 0) {
                                                                                                                                                                                                                                                        							_t20 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetOPMInformation");
                                                                                                                                                                                                                                                        							_t25 = _t20;
                                                                                                                                                                                                                                                        							 *0xbfb610 = _t20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t15 =  *_t25(_t30, _t29, _t22);
                                                                                                                                                                                                                                                        						_t31 = _t15;
                                                                                                                                                                                                                                                        						if(_t15 == 0) {
                                                                                                                                                                                                                                                        							memcpy(_a16, _t22, 0x1000);
                                                                                                                                                                                                                                                        							_t34 = _t34 + 0xc;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t32, _t28);
                                                                                                                                                                                                                                                        						return _t31;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        					asm("pcmpeqb xmm0, [0xbf18e0]");
                                                                                                                                                                                                                                                        					asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        					if(_t13 == 0xffff) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t31 = 0xc000000d;
                                                                                                                                                                                                                                                        						if(_v4080 != 4) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t21 = _v4076;
                                                                                                                                                                                                                                                        						if(_t21 == 0x10 || _t21 == 8) {
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        					_t31 = 0xc000000d;
                                                                                                                                                                                                                                                        					asm("pcmpeqb xmm0, [0xbf18f0]");
                                                                                                                                                                                                                                                        					asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        					if(_t13 != 0xffff) {
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        				asm("pcmpeqb xmm0, [0xbf18d0]");
                                                                                                                                                                                                                                                        				asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        				if(_t13 != 0xffff) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bdda2b
                                                                                                                                                                                                                                                        0x00bdda30
                                                                                                                                                                                                                                                        0x00bdda39
                                                                                                                                                                                                                                                        0x00bdda41
                                                                                                                                                                                                                                                        0x00bdda4b
                                                                                                                                                                                                                                                        0x00bdda50
                                                                                                                                                                                                                                                        0x00bdda53
                                                                                                                                                                                                                                                        0x00bdda5b
                                                                                                                                                                                                                                                        0x00bdda63
                                                                                                                                                                                                                                                        0x00bdda6c
                                                                                                                                                                                                                                                        0x00bdda89
                                                                                                                                                                                                                                                        0x00bdda90
                                                                                                                                                                                                                                                        0x00bddaeb
                                                                                                                                                                                                                                                        0x00bddaeb
                                                                                                                                                                                                                                                        0x00bddaee
                                                                                                                                                                                                                                                        0x00bddafc
                                                                                                                                                                                                                                                        0x00bddb01
                                                                                                                                                                                                                                                        0x00bddb04
                                                                                                                                                                                                                                                        0x00bddb0c
                                                                                                                                                                                                                                                        0x00bddb1f
                                                                                                                                                                                                                                                        0x00bddb25
                                                                                                                                                                                                                                                        0x00bddb27
                                                                                                                                                                                                                                                        0x00bddb27
                                                                                                                                                                                                                                                        0x00bddb2f
                                                                                                                                                                                                                                                        0x00bddb31
                                                                                                                                                                                                                                                        0x00bddb35
                                                                                                                                                                                                                                                        0x00bddb40
                                                                                                                                                                                                                                                        0x00bddb45
                                                                                                                                                                                                                                                        0x00bddb45
                                                                                                                                                                                                                                                        0x00bddb48
                                                                                                                                                                                                                                                        0x00bddb4d
                                                                                                                                                                                                                                                        0x00bddb5e
                                                                                                                                                                                                                                                        0x00bddb5e
                                                                                                                                                                                                                                                        0x00bdda92
                                                                                                                                                                                                                                                        0x00bdda92
                                                                                                                                                                                                                                                        0x00bdda9a
                                                                                                                                                                                                                                                        0x00bddaa2
                                                                                                                                                                                                                                                        0x00bddaab
                                                                                                                                                                                                                                                        0x00bddacd
                                                                                                                                                                                                                                                        0x00bddad4
                                                                                                                                                                                                                                                        0x00bddad9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bddadb
                                                                                                                                                                                                                                                        0x00bddae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bddae4
                                                                                                                                                                                                                                                        0x00bddaad
                                                                                                                                                                                                                                                        0x00bddab5
                                                                                                                                                                                                                                                        0x00bddaba
                                                                                                                                                                                                                                                        0x00bddac2
                                                                                                                                                                                                                                                        0x00bddacb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bddacb
                                                                                                                                                                                                                                                        0x00bdda6e
                                                                                                                                                                                                                                                        0x00bdda76
                                                                                                                                                                                                                                                        0x00bdda7e
                                                                                                                                                                                                                                                        0x00bdda87
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00001010,?,?,?,?,00BDAE7D,?,?,?,?), ref: 00BDDA4B
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BDDAFC
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,?,?,?), ref: 00BDDB13
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetOPMInformation), ref: 00BDDB1F
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00001000,?,?,?,?,?,?), ref: 00BDDB40
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$AddressHandleModuleProcmemset
                                                                                                                                                                                                                                                        • String ID: GetOPMInformation$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 3130643468-2496369802
                                                                                                                                                                                                                                                        • Opcode ID: 9521655a6a5700c6eed67b0acb4e802ab8284872800a750056680dbeb5bc6840
                                                                                                                                                                                                                                                        • Instruction ID: a2a902c70977448d3d2c35ca559d87e5bfc5344f586efd150cae575642f1d222
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9521655a6a5700c6eed67b0acb4e802ab8284872800a750056680dbeb5bc6840
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8F31B63090025A96DB319B2DDC45FBAB3A4EB45345F0446BAF684B7290FF708DC4C751
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BE5BD0(intOrPtr* __ecx, intOrPtr __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				char _v176;
                                                                                                                                                                                                                                                        				intOrPtr _v180;
                                                                                                                                                                                                                                                        				char _v188;
                                                                                                                                                                                                                                                        				intOrPtr* _v192;
                                                                                                                                                                                                                                                        				intOrPtr _v196;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				intOrPtr* _t37;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __eflags;
                                                                                                                                                                                                                                                        				_t50 = __edx;
                                                                                                                                                                                                                                                        				_v180 = __edx;
                                                                                                                                                                                                                                                        				_t51 =  &_v176;
                                                                                                                                                                                                                                                        				_t37 = __ecx;
                                                                                                                                                                                                                                                        				_t19 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t19 ^ _t55;
                                                                                                                                                                                                                                                        				E00BBC880( &_v176, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t65, E00BBC940(_t65,  &_v176, "handle != ((HANDLE)(LONG_PTR)-1)"), " (");
                                                                                                                                                                                                                                                        				_t53 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z;
                                                                                                                                                                                                                                                        				 *_t53( *_t37);
                                                                                                                                                                                                                                                        				E00BBC940(_t65,  &_v176, " vs. ");
                                                                                                                                                                                                                                                        				 *_t53( *_v192);
                                                                                                                                                                                                                                                        				_t28 = E00BBC940(_t65, _t51, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t63 = (_t56 & 0xfffffff8) - 0xa8 + 0x24;
                                                                                                                                                                                                                                                        				_t54 = _t28;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v188, _t28);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t63 +  *((intOrPtr*)(_v196 + 4)) + 8)) = 0xbf0324;
                                                                                                                                                                                                                                                        				_t12 = _v196 + 4; // 0xbbd0b0
                                                                                                                                                                                                                                                        				_t13 =  *_t12 - 0x50; // 0xbbd060
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t63 +  *_t12 + 4)) = _t13;
                                                                                                                                                                                                                                                        				_v192 = 0xbf0330;
                                                                                                                                                                                                                                                        				E00BBD690( &_v188, _t54, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_v44 ^ _t55, _t50);
                                                                                                                                                                                                                                                        				return _t54;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00be5bd0
                                                                                                                                                                                                                                                        0x00be5bd0
                                                                                                                                                                                                                                                        0x00be5bdf
                                                                                                                                                                                                                                                        0x00be5be3
                                                                                                                                                                                                                                                        0x00be5be7
                                                                                                                                                                                                                                                        0x00be5be9
                                                                                                                                                                                                                                                        0x00be5bf2
                                                                                                                                                                                                                                                        0x00be5bfd
                                                                                                                                                                                                                                                        0x00be5c16
                                                                                                                                                                                                                                                        0x00be5c1e
                                                                                                                                                                                                                                                        0x00be5c28
                                                                                                                                                                                                                                                        0x00be5c30
                                                                                                                                                                                                                                                        0x00be5c40
                                                                                                                                                                                                                                                        0x00be5c48
                                                                                                                                                                                                                                                        0x00be5c52
                                                                                                                                                                                                                                                        0x00be5c57
                                                                                                                                                                                                                                                        0x00be5c5e
                                                                                                                                                                                                                                                        0x00be5c63
                                                                                                                                                                                                                                                        0x00be5c73
                                                                                                                                                                                                                                                        0x00be5c7f
                                                                                                                                                                                                                                                        0x00be5c82
                                                                                                                                                                                                                                                        0x00be5c85
                                                                                                                                                                                                                                                        0x00be5c8b
                                                                                                                                                                                                                                                        0x00be5c93
                                                                                                                                                                                                                                                        0x00be5c9a
                                                                                                                                                                                                                                                        0x00be5ca2
                                                                                                                                                                                                                                                        0x00be5cb1
                                                                                                                                                                                                                                                        0x00be5cbf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,00000002,00000001), ref: 00BE5C28
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BE5C40
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BE5C52
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BE5C9A
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BE5CA2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs. $handle != ((HANDLE)(LONG_PTR)-1)
                                                                                                                                                                                                                                                        • API String ID: 4214169141-1330305732
                                                                                                                                                                                                                                                        • Opcode ID: dc3d1ee597d18ea1d95cb86b4cc7fc19032beb6d2079015721a6f330584eb8cf
                                                                                                                                                                                                                                                        • Instruction ID: ae816fe5890ea3d6ecdbc7a635f529079c07787fcadcd35e5e6cff7c19c5d315
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dc3d1ee597d18ea1d95cb86b4cc7fc19032beb6d2079015721a6f330584eb8cf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 63218375B04304ABD714EB29EC46D7FBBE5EBC5714F04446CF889973A2DA709908CB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BE2D90(void* _a4, signed int _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				void* _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				long _t22;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				long _t33;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t39 = (_t37 & 0xfffffff8) - 0x18;
                                                                                                                                                                                                                                                        				_t25 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t13 = _a8;
                                                                                                                                                                                                                                                        				_t33 = 0;
                                                                                                                                                                                                                                                        				_v24 = _t25 ^ _t36;
                                                                                                                                                                                                                                                        				if(_t13 <= 6) {
                                                                                                                                                                                                                                                        					_t16 =  *((intOrPtr*)(0xbf1af0 + _t13 * 4));
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_push( &_v28);
                                                                                                                                                                                                                                                        					_push(_t16);
                                                                                                                                                                                                                                                        					L00BEF6E4();
                                                                                                                                                                                                                                                        					if(_t16 == 0) {
                                                                                                                                                                                                                                                        						_t33 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t18 = _v36;
                                                                                                                                                                                                                                                        						_v44 = 0x20;
                                                                                                                                                                                                                                                        						 *_t39 = _t18;
                                                                                                                                                                                                                                                        						SetTokenInformation(_a4, 0x19, _t39, GetLengthSid(_t18) + 8);
                                                                                                                                                                                                                                                        						_t22 = GetLastError();
                                                                                                                                                                                                                                                        						LocalFree(_v40);
                                                                                                                                                                                                                                                        						_t33 =  ==  ? _t22 : 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t36, _t31);
                                                                                                                                                                                                                                                        				return _t33;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00be2d99
                                                                                                                                                                                                                                                        0x00be2d9c
                                                                                                                                                                                                                                                        0x00be2da2
                                                                                                                                                                                                                                                        0x00be2da5
                                                                                                                                                                                                                                                        0x00be2dac
                                                                                                                                                                                                                                                        0x00be2db0
                                                                                                                                                                                                                                                        0x00be2db2
                                                                                                                                                                                                                                                        0x00be2dbd
                                                                                                                                                                                                                                                        0x00be2dc5
                                                                                                                                                                                                                                                        0x00be2dc6
                                                                                                                                                                                                                                                        0x00be2dc7
                                                                                                                                                                                                                                                        0x00be2dce
                                                                                                                                                                                                                                                        0x00be2e2f
                                                                                                                                                                                                                                                        0x00be2dd0
                                                                                                                                                                                                                                                        0x00be2dd3
                                                                                                                                                                                                                                                        0x00be2dd7
                                                                                                                                                                                                                                                        0x00be2ddf
                                                                                                                                                                                                                                                        0x00be2df3
                                                                                                                                                                                                                                                        0x00be2dfb
                                                                                                                                                                                                                                                        0x00be2e07
                                                                                                                                                                                                                                                        0x00be2e11
                                                                                                                                                                                                                                                        0x00be2e11
                                                                                                                                                                                                                                                        0x00be2dce
                                                                                                                                                                                                                                                        0x00be2e1a
                                                                                                                                                                                                                                                        0x00be2e28

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ConvertStringSidToSidW.ADVAPI32(00BE164E,?), ref: 00BE2DC7
                                                                                                                                                                                                                                                        • GetLengthSid.ADVAPI32(00000000,00BE164E,?), ref: 00BE2DE3
                                                                                                                                                                                                                                                        • SetTokenInformation.ADVAPI32(00000000,00000019,?,-00000008), ref: 00BE2DF3
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,-00000008), ref: 00BE2DFB
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000,?,-00000008), ref: 00BE2E07
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00BE164E,?), ref: 00BE2E29
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$ConvertFreeInformationLengthLocalStringToken
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3236480201-3916222277
                                                                                                                                                                                                                                                        • Opcode ID: 7e721bd228cafb2571237b31029e82cafaaaa0fcdd26a23decf739362e5d12bd
                                                                                                                                                                                                                                                        • Instruction ID: 190bdc25f51428b9df5aaf435a43b9bf377cf5e95c7a8f4021ab54a52c79c2ec
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7e721bd228cafb2571237b31029e82cafaaaa0fcdd26a23decf739362e5d12bd
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 34119A76604310AFCB049F25EC49A7ABBA8EF88360F004969FC6687381DF309D04CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 83%
                                                                                                                                                                                                                                                        			E00BC0700(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				void** _v72;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				signed int _v84;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				void* _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        				void* _t119;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				intOrPtr _t122;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				intOrPtr _t134;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				void* _t143;
                                                                                                                                                                                                                                                        				intOrPtr _t148;
                                                                                                                                                                                                                                                        				void* _t149;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				intOrPtr* _t156;
                                                                                                                                                                                                                                                        				intOrPtr _t159;
                                                                                                                                                                                                                                                        				void** _t166;
                                                                                                                                                                                                                                                        				signed int _t168;
                                                                                                                                                                                                                                                        				void* _t171;
                                                                                                                                                                                                                                                        				signed int _t175;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				signed int _t184;
                                                                                                                                                                                                                                                        				void* _t187;
                                                                                                                                                                                                                                                        				intOrPtr _t189;
                                                                                                                                                                                                                                                        				signed int _t190;
                                                                                                                                                                                                                                                        				signed int _t191;
                                                                                                                                                                                                                                                        				signed int _t192;
                                                                                                                                                                                                                                                        				signed int _t193;
                                                                                                                                                                                                                                                        				intOrPtr* _t194;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				signed int _t197;
                                                                                                                                                                                                                                                        				intOrPtr _t198;
                                                                                                                                                                                                                                                        				signed int _t199;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				signed int _t203;
                                                                                                                                                                                                                                                        				signed int _t204;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t206 = (_t204 & 0xfffffff8) - 0x28;
                                                                                                                                                                                                                                                        				_t106 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t189 = _a12;
                                                                                                                                                                                                                                                        				_t148 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t106 ^ _t203;
                                                                                                                                                                                                                                                        				_push( &_v32);
                                                                                                                                                                                                                                                        				L00BEF74A();
                                                                                                                                                                                                                                                        				_t155 =  *(_t189 + 8);
                                                                                                                                                                                                                                                        				_t179 = _t155 |  *(_t189 + 0xc);
                                                                                                                                                                                                                                                        				if((_t155 |  *(_t189 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        					_t179 = _v36 - _t155;
                                                                                                                                                                                                                                                        					asm("sbb esi, eax");
                                                                                                                                                                                                                                                        					 *(_t189 + 8) = _v36 - _t155;
                                                                                                                                                                                                                                                        					 *(_t189 + 0xc) = _v32;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t148 >= 0) {
                                                                                                                                                                                                                                                        					_t198 = _a12;
                                                                                                                                                                                                                                                        					_t190 = 0x200;
                                                                                                                                                                                                                                                        					_v56 = _t198 + 0x28;
                                                                                                                                                                                                                                                        					_t114 =  *(_t198 + 0x2c);
                                                                                                                                                                                                                                                        					if(_t114 > 0x1ff) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						 *(_t198 + 0x2c) = _t190;
                                                                                                                                                                                                                                                        						__imp__RtlCaptureStackBackTrace(2, 0x200,  *(_t198 + 0x28), 0);
                                                                                                                                                                                                                                                        						_t159 = _a12;
                                                                                                                                                                                                                                                        						_t191 = _t114 & 0x0000ffff;
                                                                                                                                                                                                                                                        						_t199 =  *(_t159 + 0x2c);
                                                                                                                                                                                                                                                        						if(_t199 >= _t191) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t200 = _t191;
                                                                                                                                                                                                                                                        							 *(_t159 + 0x2c) = _t191;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t195 = _t191 - _t199;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t159 + 0x30)) - _t199 >= _t195) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								if(_t195 > 0) {
                                                                                                                                                                                                                                                        									_t138 =  *_v72;
                                                                                                                                                                                                                                                        									_t171 = _t138 + _t199 * 4;
                                                                                                                                                                                                                                                        									_t149 = _t138 + 4 + _t199 * 4;
                                                                                                                                                                                                                                                        									_t179 = _t171 + _t195 * 4;
                                                                                                                                                                                                                                                        									_t150 =  >  ? _t179 : _t149;
                                                                                                                                                                                                                                                        									_t151 = ( >  ? _t179 : _t149) - (_t199 << 2);
                                                                                                                                                                                                                                                        									_t148 = _a8;
                                                                                                                                                                                                                                                        									_t141 = ( >  ? _t179 : _t149) - (_t199 << 0x00000002) +  !_t138 + 0x00000004 & 0xfffffffc;
                                                                                                                                                                                                                                                        									memset(_t171, 0, ( >  ? _t179 : _t149) - (_t199 << 0x00000002) +  !_t138 + 0x00000004 & 0xfffffffc);
                                                                                                                                                                                                                                                        									_t159 = _a12;
                                                                                                                                                                                                                                                        									_t199 =  *(_t159 + 0x2c);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t191 = _t195 + _t199;
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t179 = _t195;
                                                                                                                                                                                                                                                        								_t143 = E00BC0D40(_v72, _t195);
                                                                                                                                                                                                                                                        								_t159 = _a12;
                                                                                                                                                                                                                                                        								_t200 =  *(_t159 + 0x2c);
                                                                                                                                                                                                                                                        								if(_t143 != 0) {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t116 =  *_v72;
                                                                                                                                                                                                                                                        						if(_t116 != 4 && _t200 !=  *((intOrPtr*)(_a12 + 0x30))) {
                                                                                                                                                                                                                                                        							if(_t200 == 0) {
                                                                                                                                                                                                                                                        								RtlFreeHeap( *( *( *[fs:0x18] + 0x30) + 0x18), 0, _t116);
                                                                                                                                                                                                                                                        								_t118 = _a12;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t118 + 0x28)) = 4;
                                                                                                                                                                                                                                                        								 *(_t118 + 0x30) = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_t200 <= 0x3fffffff) {
                                                                                                                                                                                                                                                        									_t179 =  *( *[fs:0x18] + 0x30);
                                                                                                                                                                                                                                                        									_t119 = RtlReAllocateHeap( *( *( *[fs:0x18] + 0x30) + 0x18), 0, _t116, _t200 * 4);
                                                                                                                                                                                                                                                        									_v68 = _t119;
                                                                                                                                                                                                                                                        									if(_t119 == 4) {
                                                                                                                                                                                                                                                        										_t121 =  *(_a12 + 0x2c);
                                                                                                                                                                                                                                                        										if(_t121 > 0) {
                                                                                                                                                                                                                                                        											_t192 =  *(_a12 + 0x28);
                                                                                                                                                                                                                                                        											_t166 = _t192 + _t121 * 4;
                                                                                                                                                                                                                                                        											_t181 = _t192 + 4;
                                                                                                                                                                                                                                                        											_v84 = _t192;
                                                                                                                                                                                                                                                        											_t193 =  !_t192;
                                                                                                                                                                                                                                                        											_v80 = _t193;
                                                                                                                                                                                                                                                        											_t124 =  >  ? _t166 : _t181;
                                                                                                                                                                                                                                                        											_t125 = ( >  ? _t166 : _t181) + _t193;
                                                                                                                                                                                                                                                        											_t194 = 4;
                                                                                                                                                                                                                                                        											_t126 = ( >  ? _t166 : _t181) + _t193 >> 2;
                                                                                                                                                                                                                                                        											_t127 = (( >  ? _t166 : _t181) + _t193 >> 2) + 1;
                                                                                                                                                                                                                                                        											if(_t127 >= 8) {
                                                                                                                                                                                                                                                        												_v76 = _t127;
                                                                                                                                                                                                                                                        												_t182 =  >  ? _t166 : _t181;
                                                                                                                                                                                                                                                        												_t183 = ( >  ? _t166 : _t181) + _v80;
                                                                                                                                                                                                                                                        												_t184 = ( >  ? _t166 : _t181) + _v80 & 0xfffffffc;
                                                                                                                                                                                                                                                        												if(_v84 + _t184 + 4 < 5 || _v84 >= _t184 + 8) {
                                                                                                                                                                                                                                                        													_v72 = _t166;
                                                                                                                                                                                                                                                        													_t168 = _v76 & 0xfffffff8;
                                                                                                                                                                                                                                                        													_t179 = _v84 + _t168 * 4;
                                                                                                                                                                                                                                                        													_v80 = _t168;
                                                                                                                                                                                                                                                        													_t194 = 4 + _t168 * 4;
                                                                                                                                                                                                                                                        													_t132 = 0;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														asm("movups xmm0, [ecx+eax*4]");
                                                                                                                                                                                                                                                        														asm("movups xmm1, [ecx+eax*4+0x10]");
                                                                                                                                                                                                                                                        														asm("movups [ecx+eax*4], xmm0");
                                                                                                                                                                                                                                                        														asm("movups [ecx+eax*4+0x10], xmm1");
                                                                                                                                                                                                                                                        														_t132 = _t132 + 8;
                                                                                                                                                                                                                                                        													} while (_v80 != _t132);
                                                                                                                                                                                                                                                        													_t166 = _v72;
                                                                                                                                                                                                                                                        													if(_v76 != _v80) {
                                                                                                                                                                                                                                                        														goto L32;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t179 = _v84;
                                                                                                                                                                                                                                                        													_t194 = 4;
                                                                                                                                                                                                                                                        													goto L32;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t179 = _v84;
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													L32:
                                                                                                                                                                                                                                                        													_t134 =  *_t179;
                                                                                                                                                                                                                                                        													_t179 = _t179 + 4;
                                                                                                                                                                                                                                                        													 *_t194 = _t134;
                                                                                                                                                                                                                                                        													_t194 = _t194 + 4;
                                                                                                                                                                                                                                                        												} while (_t179 < _t166);
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L33;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										if(_t119 != 0) {
                                                                                                                                                                                                                                                        											L33:
                                                                                                                                                                                                                                                        											_t122 = _a12;
                                                                                                                                                                                                                                                        											 *(_t122 + 0x28) = _v68;
                                                                                                                                                                                                                                                        											 *(_t122 + 0x30) = _t200;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t197 = 0x200 - _t114;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t198 + 0x30)) - _t114 >= 0x200) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_t175 =  *(_t198 + 0x28);
                                                                                                                                                                                                                                                        							_t187 = _t175 + _t114 * 4;
                                                                                                                                                                                                                                                        							_t152 = _t175 + 4 + _t114 * 4;
                                                                                                                                                                                                                                                        							_v52 = _t187;
                                                                                                                                                                                                                                                        							_t179 = _t187 + _t197 * 4;
                                                                                                                                                                                                                                                        							_t153 =  >  ? _t179 : _t152;
                                                                                                                                                                                                                                                        							_t154 = ( >  ? _t179 : _t152) - (_t114 << 2);
                                                                                                                                                                                                                                                        							_t148 = _a8;
                                                                                                                                                                                                                                                        							_t114 = memset(_v52, 0, ( >  ? _t179 : _t152) - (_t114 << 0x00000002) +  !_t175 + 0x00000004 & 0xfffffffc);
                                                                                                                                                                                                                                                        							_t206 = _t206 + 0xc;
                                                                                                                                                                                                                                                        							_t190 = _t197 +  *(_t198 + 0x2c);
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t179 = 0x200;
                                                                                                                                                                                                                                                        							if(E00BC0D40(_v56, 0x200) != 0) {
                                                                                                                                                                                                                                                        								_t198 = _a12;
                                                                                                                                                                                                                                                        								_t114 =  *(_t198 + 0x2c);
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L00BEF70E();
                                                                                                                                                                                                                                                        				_t156 =  *0xbfa040; // 0xbfa048
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t156 + 8))(_a4, _t148, _a12, 0xbfa7c8);
                                                                                                                                                                                                                                                        				_push(0xbfa7c8);
                                                                                                                                                                                                                                                        				L00BEF75C();
                                                                                                                                                                                                                                                        				return E00BEECB0(_v48 ^ _t203, _t179);
                                                                                                                                                                                                                                                        			}






















































                                                                                                                                                                                                                                                        0x00bc0709
                                                                                                                                                                                                                                                        0x00bc070c
                                                                                                                                                                                                                                                        0x00bc0711
                                                                                                                                                                                                                                                        0x00bc0714
                                                                                                                                                                                                                                                        0x00bc0719
                                                                                                                                                                                                                                                        0x00bc0721
                                                                                                                                                                                                                                                        0x00bc0722
                                                                                                                                                                                                                                                        0x00bc0727
                                                                                                                                                                                                                                                        0x00bc072f
                                                                                                                                                                                                                                                        0x00bc0731
                                                                                                                                                                                                                                                        0x00bc073b
                                                                                                                                                                                                                                                        0x00bc073d
                                                                                                                                                                                                                                                        0x00bc073f
                                                                                                                                                                                                                                                        0x00bc0742
                                                                                                                                                                                                                                                        0x00bc0742
                                                                                                                                                                                                                                                        0x00bc0747
                                                                                                                                                                                                                                                        0x00bc074d
                                                                                                                                                                                                                                                        0x00bc0750
                                                                                                                                                                                                                                                        0x00bc0758
                                                                                                                                                                                                                                                        0x00bc075c
                                                                                                                                                                                                                                                        0x00bc0764
                                                                                                                                                                                                                                                        0x00bc07c8
                                                                                                                                                                                                                                                        0x00bc07c8
                                                                                                                                                                                                                                                        0x00bc07d7
                                                                                                                                                                                                                                                        0x00bc07dd
                                                                                                                                                                                                                                                        0x00bc07e0
                                                                                                                                                                                                                                                        0x00bc07e3
                                                                                                                                                                                                                                                        0x00bc07e8
                                                                                                                                                                                                                                                        0x00bc0848
                                                                                                                                                                                                                                                        0x00bc0848
                                                                                                                                                                                                                                                        0x00bc084a
                                                                                                                                                                                                                                                        0x00bc07ea
                                                                                                                                                                                                                                                        0x00bc07ed
                                                                                                                                                                                                                                                        0x00bc07f3
                                                                                                                                                                                                                                                        0x00bc080a
                                                                                                                                                                                                                                                        0x00bc080c
                                                                                                                                                                                                                                                        0x00bc0812
                                                                                                                                                                                                                                                        0x00bc0814
                                                                                                                                                                                                                                                        0x00bc0817
                                                                                                                                                                                                                                                        0x00bc081d
                                                                                                                                                                                                                                                        0x00bc0822
                                                                                                                                                                                                                                                        0x00bc0828
                                                                                                                                                                                                                                                        0x00bc082e
                                                                                                                                                                                                                                                        0x00bc0831
                                                                                                                                                                                                                                                        0x00bc0838
                                                                                                                                                                                                                                                        0x00bc083d
                                                                                                                                                                                                                                                        0x00bc0843
                                                                                                                                                                                                                                                        0x00bc0843
                                                                                                                                                                                                                                                        0x00bc0846
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc07f5
                                                                                                                                                                                                                                                        0x00bc07f9
                                                                                                                                                                                                                                                        0x00bc07fb
                                                                                                                                                                                                                                                        0x00bc0800
                                                                                                                                                                                                                                                        0x00bc0805
                                                                                                                                                                                                                                                        0x00bc0808
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0808
                                                                                                                                                                                                                                                        0x00bc07f3
                                                                                                                                                                                                                                                        0x00bc0851
                                                                                                                                                                                                                                                        0x00bc0856
                                                                                                                                                                                                                                                        0x00bc086a
                                                                                                                                                                                                                                                        0x00bc08bb
                                                                                                                                                                                                                                                        0x00bc08c0
                                                                                                                                                                                                                                                        0x00bc08c3
                                                                                                                                                                                                                                                        0x00bc08ca
                                                                                                                                                                                                                                                        0x00bc086c
                                                                                                                                                                                                                                                        0x00bc0872
                                                                                                                                                                                                                                                        0x00bc0886
                                                                                                                                                                                                                                                        0x00bc0890
                                                                                                                                                                                                                                                        0x00bc0898
                                                                                                                                                                                                                                                        0x00bc089c
                                                                                                                                                                                                                                                        0x00bc08d9
                                                                                                                                                                                                                                                        0x00bc08de
                                                                                                                                                                                                                                                        0x00bc08e7
                                                                                                                                                                                                                                                        0x00bc08ea
                                                                                                                                                                                                                                                        0x00bc08ed
                                                                                                                                                                                                                                                        0x00bc08f0
                                                                                                                                                                                                                                                        0x00bc08f4
                                                                                                                                                                                                                                                        0x00bc08fa
                                                                                                                                                                                                                                                        0x00bc08fe
                                                                                                                                                                                                                                                        0x00bc0901
                                                                                                                                                                                                                                                        0x00bc0903
                                                                                                                                                                                                                                                        0x00bc0908
                                                                                                                                                                                                                                                        0x00bc090b
                                                                                                                                                                                                                                                        0x00bc090f
                                                                                                                                                                                                                                                        0x00bc091c
                                                                                                                                                                                                                                                        0x00bc0924
                                                                                                                                                                                                                                                        0x00bc0927
                                                                                                                                                                                                                                                        0x00bc092b
                                                                                                                                                                                                                                                        0x00bc0935
                                                                                                                                                                                                                                                        0x00bc094e
                                                                                                                                                                                                                                                        0x00bc095a
                                                                                                                                                                                                                                                        0x00bc095d
                                                                                                                                                                                                                                                        0x00bc0965
                                                                                                                                                                                                                                                        0x00bc0969
                                                                                                                                                                                                                                                        0x00bc096c
                                                                                                                                                                                                                                                        0x00bc096e
                                                                                                                                                                                                                                                        0x00bc0972
                                                                                                                                                                                                                                                        0x00bc0976
                                                                                                                                                                                                                                                        0x00bc0980
                                                                                                                                                                                                                                                        0x00bc0984
                                                                                                                                                                                                                                                        0x00bc0989
                                                                                                                                                                                                                                                        0x00bc098c
                                                                                                                                                                                                                                                        0x00bc0996
                                                                                                                                                                                                                                                        0x00bc099e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0943
                                                                                                                                                                                                                                                        0x00bc0943
                                                                                                                                                                                                                                                        0x00bc0947
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0947
                                                                                                                                                                                                                                                        0x00bc0911
                                                                                                                                                                                                                                                        0x00bc0911
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc09a2
                                                                                                                                                                                                                                                        0x00bc09a5
                                                                                                                                                                                                                                                        0x00bc09a7
                                                                                                                                                                                                                                                        0x00bc09aa
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc090f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc089e
                                                                                                                                                                                                                                                        0x00bc08a0
                                                                                                                                                                                                                                                        0x00bc09ae
                                                                                                                                                                                                                                                        0x00bc09ae
                                                                                                                                                                                                                                                        0x00bc09b5
                                                                                                                                                                                                                                                        0x00bc09b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc08a6
                                                                                                                                                                                                                                                        0x00bc08a0
                                                                                                                                                                                                                                                        0x00bc089c
                                                                                                                                                                                                                                                        0x00bc0872
                                                                                                                                                                                                                                                        0x00bc086a
                                                                                                                                                                                                                                                        0x00bc0766
                                                                                                                                                                                                                                                        0x00bc076e
                                                                                                                                                                                                                                                        0x00bc0774
                                                                                                                                                                                                                                                        0x00bc078f
                                                                                                                                                                                                                                                        0x00bc078f
                                                                                                                                                                                                                                                        0x00bc0792
                                                                                                                                                                                                                                                        0x00bc0795
                                                                                                                                                                                                                                                        0x00bc079e
                                                                                                                                                                                                                                                        0x00bc07a2
                                                                                                                                                                                                                                                        0x00bc07a7
                                                                                                                                                                                                                                                        0x00bc07aa
                                                                                                                                                                                                                                                        0x00bc07b0
                                                                                                                                                                                                                                                        0x00bc07bd
                                                                                                                                                                                                                                                        0x00bc07c2
                                                                                                                                                                                                                                                        0x00bc07c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0776
                                                                                                                                                                                                                                                        0x00bc077a
                                                                                                                                                                                                                                                        0x00bc0783
                                                                                                                                                                                                                                                        0x00bc0789
                                                                                                                                                                                                                                                        0x00bc078c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc078c
                                                                                                                                                                                                                                                        0x00bc0783
                                                                                                                                                                                                                                                        0x00bc0774
                                                                                                                                                                                                                                                        0x00bc0764
                                                                                                                                                                                                                                                        0x00bc09c0
                                                                                                                                                                                                                                                        0x00bc09c5
                                                                                                                                                                                                                                                        0x00bc09d4
                                                                                                                                                                                                                                                        0x00bc09d7
                                                                                                                                                                                                                                                        0x00bc09dc
                                                                                                                                                                                                                                                        0x00bc09f3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlQueryPerformanceCounter.NTDLL(?), ref: 00BC0722
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC07BD
                                                                                                                                                                                                                                                        • RtlCaptureStackBackTrace.NTDLL(00000002,00000200,?,00000000), ref: 00BC07D7
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC0838
                                                                                                                                                                                                                                                        • RtlReAllocateHeap.NTDLL ref: 00BC0890
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockShared.NTDLL(00BFA7C8), ref: 00BC09C0
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockShared.NTDLL(00BFA7C8), ref: 00BC09DC
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: LockSharedmemset$AcquireAllocateBackCaptureCounterHeapPerformanceQueryReleaseStackTrace
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 593168480-0
                                                                                                                                                                                                                                                        • Opcode ID: 13403a0239cb704399053246eb471fe8a6463a7cad1e6222cfb2f743ad7cd5f7
                                                                                                                                                                                                                                                        • Instruction ID: 861d42dbc14e224fc2f2f70eee3a3f750a23a3838f9970476e7a9e3d69ab186d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 13403a0239cb704399053246eb471fe8a6463a7cad1e6222cfb2f743ad7cd5f7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6EA14C71610701DFD714DF29C880F6AB7E2FB88314F148AADE8999B292D770EC56CB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 68%
                                                                                                                                                                                                                                                        			E00BC6E50(signed int __ecx, int _a4, void* _a8, signed int _a12, signed int _a16, void* _a20, signed int _a24) {
                                                                                                                                                                                                                                                        				signed int _v0;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				void* _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				signed int _v68;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				char _v84;
                                                                                                                                                                                                                                                        				signed int _v88;
                                                                                                                                                                                                                                                        				int _v92;
                                                                                                                                                                                                                                                        				signed int _v116;
                                                                                                                                                                                                                                                        				int _v124;
                                                                                                                                                                                                                                                        				int _v128;
                                                                                                                                                                                                                                                        				char _v132;
                                                                                                                                                                                                                                                        				signed int _t153;
                                                                                                                                                                                                                                                        				intOrPtr _t155;
                                                                                                                                                                                                                                                        				int _t160;
                                                                                                                                                                                                                                                        				signed int _t166;
                                                                                                                                                                                                                                                        				void* _t168;
                                                                                                                                                                                                                                                        				void* _t172;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				signed int _t189;
                                                                                                                                                                                                                                                        				signed int _t194;
                                                                                                                                                                                                                                                        				signed int _t199;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				signed int _t202;
                                                                                                                                                                                                                                                        				void* _t204;
                                                                                                                                                                                                                                                        				void* _t226;
                                                                                                                                                                                                                                                        				intOrPtr _t230;
                                                                                                                                                                                                                                                        				intOrPtr _t231;
                                                                                                                                                                                                                                                        				intOrPtr _t232;
                                                                                                                                                                                                                                                        				signed int _t233;
                                                                                                                                                                                                                                                        				void* _t234;
                                                                                                                                                                                                                                                        				void* _t235;
                                                                                                                                                                                                                                                        				int _t238;
                                                                                                                                                                                                                                                        				intOrPtr _t239;
                                                                                                                                                                                                                                                        				void* _t240;
                                                                                                                                                                                                                                                        				void* _t242;
                                                                                                                                                                                                                                                        				void* _t246;
                                                                                                                                                                                                                                                        				void* _t247;
                                                                                                                                                                                                                                                        				void* _t250;
                                                                                                                                                                                                                                                        				signed int _t253;
                                                                                                                                                                                                                                                        				intOrPtr _t255;
                                                                                                                                                                                                                                                        				int _t266;
                                                                                                                                                                                                                                                        				signed int _t271;
                                                                                                                                                                                                                                                        				void* _t272;
                                                                                                                                                                                                                                                        				void* _t275;
                                                                                                                                                                                                                                                        				void* _t277;
                                                                                                                                                                                                                                                        				void* _t288;
                                                                                                                                                                                                                                                        				signed int _t289;
                                                                                                                                                                                                                                                        				signed int _t302;
                                                                                                                                                                                                                                                        				signed int _t304;
                                                                                                                                                                                                                                                        				int _t307;
                                                                                                                                                                                                                                                        				signed int _t310;
                                                                                                                                                                                                                                                        				signed int _t311;
                                                                                                                                                                                                                                                        				unsigned int _t314;
                                                                                                                                                                                                                                                        				signed int _t317;
                                                                                                                                                                                                                                                        				void* _t320;
                                                                                                                                                                                                                                                        				signed int _t324;
                                                                                                                                                                                                                                                        				int _t331;
                                                                                                                                                                                                                                                        				void* _t333;
                                                                                                                                                                                                                                                        				intOrPtr _t334;
                                                                                                                                                                                                                                                        				unsigned int _t335;
                                                                                                                                                                                                                                                        				int _t336;
                                                                                                                                                                                                                                                        				int _t341;
                                                                                                                                                                                                                                                        				int _t342;
                                                                                                                                                                                                                                                        				signed int _t344;
                                                                                                                                                                                                                                                        				signed int _t346;
                                                                                                                                                                                                                                                        				unsigned int _t347;
                                                                                                                                                                                                                                                        				void* _t348;
                                                                                                                                                                                                                                                        				void _t349;
                                                                                                                                                                                                                                                        				void* _t350;
                                                                                                                                                                                                                                                        				void* _t352;
                                                                                                                                                                                                                                                        				signed int _t353;
                                                                                                                                                                                                                                                        				signed int _t354;
                                                                                                                                                                                                                                                        				void* _t357;
                                                                                                                                                                                                                                                        				void _t359;
                                                                                                                                                                                                                                                        				void* _t361;
                                                                                                                                                                                                                                                        				signed int _t362;
                                                                                                                                                                                                                                                        				signed int _t363;
                                                                                                                                                                                                                                                        				signed int _t366;
                                                                                                                                                                                                                                                        				void* _t367;
                                                                                                                                                                                                                                                        				unsigned int _t369;
                                                                                                                                                                                                                                                        				void* _t370;
                                                                                                                                                                                                                                                        				void* _t371;
                                                                                                                                                                                                                                                        				void* _t372;
                                                                                                                                                                                                                                                        				signed int _t374;
                                                                                                                                                                                                                                                        				void* _t375;
                                                                                                                                                                                                                                                        				signed int _t376;
                                                                                                                                                                                                                                                        				void* _t377;
                                                                                                                                                                                                                                                        				signed int _t378;
                                                                                                                                                                                                                                                        				void* _t379;
                                                                                                                                                                                                                                                        				signed int _t380;
                                                                                                                                                                                                                                                        				void* _t381;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t252 = __ecx;
                                                                                                                                                                                                                                                        				_t378 = _t377 - 0xc;
                                                                                                                                                                                                                                                        				_t302 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t331 = _a4;
                                                                                                                                                                                                                                                        				_t230 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t302 < _t331) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t346 = _t331 + _t302;
                                                                                                                                                                                                                                                        					_t369 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_v24 = _t302;
                                                                                                                                                                                                                                                        					_v28 = __ecx;
                                                                                                                                                                                                                                                        					_v20 = _t346;
                                                                                                                                                                                                                                                        					_t202 = _t346 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t202 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t250 = (_t369 >> 1) + _t369;
                                                                                                                                                                                                                                                        						_t251 =  >=  ? _t202 : _t250;
                                                                                                                                                                                                                                                        						_t230 =  >  ? 0x7ffffffe :  >=  ? _t202 : _t250;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t347 = _t369;
                                                                                                                                                                                                                                                        					_t370 = _v28;
                                                                                                                                                                                                                                                        					_t8 = _t230 + 1; // 0x11
                                                                                                                                                                                                                                                        					_t204 = E00BBA8A0(_t8);
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t370 + 0x10)) = _v20;
                                                                                                                                                                                                                                                        					_t288 = _t370;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t370 + 0x14)) = _t230;
                                                                                                                                                                                                                                                        					if(_t347 < 8) {
                                                                                                                                                                                                                                                        						_t371 = _t288;
                                                                                                                                                                                                                                                        						_t246 = _t204;
                                                                                                                                                                                                                                                        						memcpy(_t204, _t288, _a12 + _a12);
                                                                                                                                                                                                                                                        						_t348 = _t246 + _a12 * 2;
                                                                                                                                                                                                                                                        						memcpy(_t348, _a20, _a24 + _a24);
                                                                                                                                                                                                                                                        						_t289 = _a12;
                                                                                                                                                                                                                                                        						_t324 = _v24 - _a16 + _t289;
                                                                                                                                                                                                                                                        						__eflags = _t324;
                                                                                                                                                                                                                                                        						memcpy(_t348 + _a24 * 2, _t371 + _t289 * 2 + _a16 * 2, _t324 + _t324 + 2);
                                                                                                                                                                                                                                                        						_t349 = _t246;
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t247 =  *_t288;
                                                                                                                                                                                                                                                        						_t372 = _t204;
                                                                                                                                                                                                                                                        						_v20 = _t347;
                                                                                                                                                                                                                                                        						memcpy(_t204, _t247, _a12 + _a12);
                                                                                                                                                                                                                                                        						_t350 = _t372 + _a12 * 2;
                                                                                                                                                                                                                                                        						memcpy(_t350, _a20, _a24 + _a24);
                                                                                                                                                                                                                                                        						memcpy(_t350 + _a24 * 2, _t247 + _a12 * 2 + _a16 * 2, _v24 - _a16 + _a12 + _v24 - _a16 + _a12 + 2);
                                                                                                                                                                                                                                                        						_t378 = _t378 + 0x24;
                                                                                                                                                                                                                                                        						_t252 = _v20;
                                                                                                                                                                                                                                                        						_t349 = _t372;
                                                                                                                                                                                                                                                        						_t371 = _v28;
                                                                                                                                                                                                                                                        						_t35 = _t252 + 2; // 0x13
                                                                                                                                                                                                                                                        						_t226 = _t252 + _t35;
                                                                                                                                                                                                                                                        						if(_t226 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t226);
                                                                                                                                                                                                                                                        							_push(_t247);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t371 = _t349;
                                                                                                                                                                                                                                                        							return _t371;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t230 =  *((intOrPtr*)(_t247 - 4));
                                                                                                                                                                                                                                                        							if(_t247 + 0xfffffffc - _t230 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t374 = _t378;
                                                                                                                                                                                                                                                        								_push(_t230);
                                                                                                                                                                                                                                                        								_push(_t331);
                                                                                                                                                                                                                                                        								_t379 = _t378 - 0x18;
                                                                                                                                                                                                                                                        								_t153 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t303 = _v20;
                                                                                                                                                                                                                                                        								_v44 = _t153 ^ _t374;
                                                                                                                                                                                                                                                        								_t155 =  *((intOrPtr*)(_t252 + 0x10));
                                                                                                                                                                                                                                                        								_t333 = _t155 - _t303;
                                                                                                                                                                                                                                                        								__eflags = _t333;
                                                                                                                                                                                                                                                        								if(__eflags < 0) {
                                                                                                                                                                                                                                                        									E00BBDAC0(_t252, __eflags);
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t374);
                                                                                                                                                                                                                                                        									_t375 = _t379;
                                                                                                                                                                                                                                                        									_push(_t230);
                                                                                                                                                                                                                                                        									_push(_t333);
                                                                                                                                                                                                                                                        									_push(_t351);
                                                                                                                                                                                                                                                        									_t380 = _t379 - 0x14;
                                                                                                                                                                                                                                                        									_t304 =  *((intOrPtr*)(_t252 + 0x10));
                                                                                                                                                                                                                                                        									_t352 = _v60;
                                                                                                                                                                                                                                                        									_t231 = 0x7fffffff;
                                                                                                                                                                                                                                                        									__eflags = 0x7fffffff - _t304 - _t352;
                                                                                                                                                                                                                                                        									if(0x7fffffff - _t304 < _t352) {
                                                                                                                                                                                                                                                        										E00BBA890();
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t335 =  *(_t252 + 0x14);
                                                                                                                                                                                                                                                        										_t354 = _t352 + _t304;
                                                                                                                                                                                                                                                        										_v32 = _t304;
                                                                                                                                                                                                                                                        										_v40 = _t252;
                                                                                                                                                                                                                                                        										_v44 = _t354;
                                                                                                                                                                                                                                                        										_t166 = _t354 | 0x0000000f;
                                                                                                                                                                                                                                                        										__eflags = _t166;
                                                                                                                                                                                                                                                        										if(_t166 >= 0) {
                                                                                                                                                                                                                                                        											_t271 = _t335 >> 1;
                                                                                                                                                                                                                                                        											_t272 = _t271 + _t335;
                                                                                                                                                                                                                                                        											__eflags = _t166 - _t272;
                                                                                                                                                                                                                                                        											_t273 =  >=  ? _t166 : _t272;
                                                                                                                                                                                                                                                        											__eflags = _t335 - (_t271 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        											_t231 =  <=  ?  >=  ? _t166 : _t272 : 0x7fffffff;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v36 = _t335;
                                                                                                                                                                                                                                                        										_t336 = _a4;
                                                                                                                                                                                                                                                        										_t113 = _t231 + 1; // 0x80000000
                                                                                                                                                                                                                                                        										_t234 = _v40;
                                                                                                                                                                                                                                                        										_t168 = E00BBD730(_t113);
                                                                                                                                                                                                                                                        										__eflags = _v36 - 0x10;
                                                                                                                                                                                                                                                        										_v28 = _t168;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t234 + 0x10)) = _v44;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t234 + 0x14)) = _t231;
                                                                                                                                                                                                                                                        										if(_v36 < 0x10) {
                                                                                                                                                                                                                                                        											memcpy(_t168, _t234, _t336);
                                                                                                                                                                                                                                                        											_t357 = _v28 + _t336;
                                                                                                                                                                                                                                                        											memcpy(_t357, _a12, _a16);
                                                                                                                                                                                                                                                        											_t172 = _a8;
                                                                                                                                                                                                                                                        											_t266 = _v32 - _t172 + _t336 + 1;
                                                                                                                                                                                                                                                        											__eflags = _t266;
                                                                                                                                                                                                                                                        											_t359 = _v28;
                                                                                                                                                                                                                                                        											memcpy(_t357 + _a16, _t234 + _t336 + _t172, _t266);
                                                                                                                                                                                                                                                        											goto L42;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t235 =  *_t234;
                                                                                                                                                                                                                                                        											memcpy(_t168, _t235, _t336);
                                                                                                                                                                                                                                                        											_t361 = _t168 + _t336;
                                                                                                                                                                                                                                                        											memcpy(_t361, _a12, _a16);
                                                                                                                                                                                                                                                        											_t179 = _a8;
                                                                                                                                                                                                                                                        											_t352 = _t361 + _a16;
                                                                                                                                                                                                                                                        											_t333 = _t235 + _t336 + _t179;
                                                                                                                                                                                                                                                        											memcpy(_t352, _t333, _v32 - _t179 + _t336 + 1);
                                                                                                                                                                                                                                                        											_t380 = _t380 + 0x24;
                                                                                                                                                                                                                                                        											_t310 = _v36;
                                                                                                                                                                                                                                                        											_t126 = _t310 + 1; // 0x11
                                                                                                                                                                                                                                                        											_t252 = _t126;
                                                                                                                                                                                                                                                        											__eflags = _t252 - 0x1000;
                                                                                                                                                                                                                                                        											if(_t252 < 0x1000) {
                                                                                                                                                                                                                                                        												L40:
                                                                                                                                                                                                                                                        												_push(_t252);
                                                                                                                                                                                                                                                        												_push(_t235);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t359 = _v28;
                                                                                                                                                                                                                                                        												_t234 = _v40;
                                                                                                                                                                                                                                                        												L42:
                                                                                                                                                                                                                                                        												 *_t234 = _t359;
                                                                                                                                                                                                                                                        												return _t234;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t182 =  *(_t235 - 4);
                                                                                                                                                                                                                                                        												_t231 = _t235 + 0xfffffffc - _t182;
                                                                                                                                                                                                                                                        												__eflags = _t231 - 0x20;
                                                                                                                                                                                                                                                        												if(_t231 >= 0x20) {
                                                                                                                                                                                                                                                        													L44:
                                                                                                                                                                                                                                                        													__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													_push(_t375);
                                                                                                                                                                                                                                                        													_t376 = _t380;
                                                                                                                                                                                                                                                        													_push(_t231);
                                                                                                                                                                                                                                                        													_push(_t333);
                                                                                                                                                                                                                                                        													_push(_t352);
                                                                                                                                                                                                                                                        													_t381 = _t380 - 8;
                                                                                                                                                                                                                                                        													_t353 = _t252;
                                                                                                                                                                                                                                                        													_t253 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        													_t160 = _v92;
                                                                                                                                                                                                                                                        													_v116 = _t253 ^ _t376;
                                                                                                                                                                                                                                                        													_t232 =  *((intOrPtr*)(_t353 + 0x14));
                                                                                                                                                                                                                                                        													_t255 =  *((intOrPtr*)(_t353 + 0x10));
                                                                                                                                                                                                                                                        													__eflags = _t232 - _t255 - _t160;
                                                                                                                                                                                                                                                        													_t307 = _v88;
                                                                                                                                                                                                                                                        													if(_t232 - _t255 >= _t160) {
                                                                                                                                                                                                                                                        														_t334 = _t255 + _t160;
                                                                                                                                                                                                                                                        														__eflags = _t232 - 0x10;
                                                                                                                                                                                                                                                        														_t233 = _t353;
                                                                                                                                                                                                                                                        														 *((intOrPtr*)(_t353 + 0x10)) = _t334;
                                                                                                                                                                                                                                                        														if(_t232 >= 0x10) {
                                                                                                                                                                                                                                                        															_t233 =  *_t353;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														memset(_t255 + _t233, _t307, _t160);
                                                                                                                                                                                                                                                        														 *((char*)(_t233 + _t334)) = 0;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_v132 = _v36;
                                                                                                                                                                                                                                                        														_v128 = _t160;
                                                                                                                                                                                                                                                        														 *(_t381 - 0x10) = _t160;
                                                                                                                                                                                                                                                        														_v124 = _t307;
                                                                                                                                                                                                                                                        														_t353 = E00BC7330(_t353);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags = _v32 ^ _t376;
                                                                                                                                                                                                                                                        													E00BEECB0(_v32 ^ _t376, _t307);
                                                                                                                                                                                                                                                        													return _t353;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t311 = _t310 + 0x24;
                                                                                                                                                                                                                                                        													__eflags = _t311;
                                                                                                                                                                                                                                                        													_t235 = _t182;
                                                                                                                                                                                                                                                        													_t252 = _t311;
                                                                                                                                                                                                                                                        													goto L40;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t238 = _a4;
                                                                                                                                                                                                                                                        									_t362 = _a12;
                                                                                                                                                                                                                                                        									__eflags = _t333 - _t238;
                                                                                                                                                                                                                                                        									_t239 =  <  ? _t333 : _t238;
                                                                                                                                                                                                                                                        									__eflags = _t239 - _t362;
                                                                                                                                                                                                                                                        									if(_t239 != _t362) {
                                                                                                                                                                                                                                                        										_t341 = _t333 - _t239 + 1;
                                                                                                                                                                                                                                                        										_t363 = _t362 - _t239;
                                                                                                                                                                                                                                                        										__eflags = _t363;
                                                                                                                                                                                                                                                        										if(_t363 >= 0) {
                                                                                                                                                                                                                                                        											_t314 =  *(_t252 + 0x14);
                                                                                                                                                                                                                                                        											_v32 = _t314;
                                                                                                                                                                                                                                                        											_t315 = _t314 - _t155;
                                                                                                                                                                                                                                                        											__eflags = _t363 - _t314 - _t155;
                                                                                                                                                                                                                                                        											if(_t363 <= _t314 - _t155) {
                                                                                                                                                                                                                                                        												__eflags = _v32 - 0x10;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t252 + 0x10)) = _t363 + _t155;
                                                                                                                                                                                                                                                        												_t317 = _t252;
                                                                                                                                                                                                                                                        												if(_v32 >= 0x10) {
                                                                                                                                                                                                                                                        													_t317 =  *_t252;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v32 = _t252;
                                                                                                                                                                                                                                                        												_v44 = _t317;
                                                                                                                                                                                                                                                        												_t275 = _v0 + _t317;
                                                                                                                                                                                                                                                        												_v40 = _t275;
                                                                                                                                                                                                                                                        												_t240 = _t239 + _t275;
                                                                                                                                                                                                                                                        												_t277 = _a8;
                                                                                                                                                                                                                                                        												__eflags = _a8 + _a12 - _v40;
                                                                                                                                                                                                                                                        												_t303 = _a12;
                                                                                                                                                                                                                                                        												_v36 = _a12;
                                                                                                                                                                                                                                                        												if(_a8 + _a12 > _v40) {
                                                                                                                                                                                                                                                        													_t320 = _t277;
                                                                                                                                                                                                                                                        													__eflags = _v44 + _t155 - _t320;
                                                                                                                                                                                                                                                        													_t277 = _t320;
                                                                                                                                                                                                                                                        													_t303 = _a12;
                                                                                                                                                                                                                                                        													_v36 = _a12;
                                                                                                                                                                                                                                                        													if(_v44 + _t155 >= _t320) {
                                                                                                                                                                                                                                                        														_t303 = 0;
                                                                                                                                                                                                                                                        														_t344 = _t240 - _t277;
                                                                                                                                                                                                                                                        														__eflags = _t344;
                                                                                                                                                                                                                                                        														_t345 =  <=  ? 0 : _t344;
                                                                                                                                                                                                                                                        														_v36 =  <=  ? 0 : _t344;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t242 = _t277;
                                                                                                                                                                                                                                                        												memmove(_t240 + _t363, _t240, _t341);
                                                                                                                                                                                                                                                        												_t342 = _v36;
                                                                                                                                                                                                                                                        												memmove(_v40, _t242, _t342);
                                                                                                                                                                                                                                                        												_t379 = _t379 + 0x18;
                                                                                                                                                                                                                                                        												memcpy(_v40 + _t342, _t242 + _t363 + _t342, _a12 - _t342);
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_v84 = _v28;
                                                                                                                                                                                                                                                        												_v76 = _t239;
                                                                                                                                                                                                                                                        												_v88 = _t363;
                                                                                                                                                                                                                                                        												_v68 = _a12;
                                                                                                                                                                                                                                                        												_v72 = _a8;
                                                                                                                                                                                                                                                        												_t194 = _v0;
                                                                                                                                                                                                                                                        												_v80 = _t194;
                                                                                                                                                                                                                                                        												L33();
                                                                                                                                                                                                                                                        												E00BEECB0(_v24 ^ _t374, _t315);
                                                                                                                                                                                                                                                        												_t189 = _t194;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t252 + 0x10)) = _t363 + _t155;
                                                                                                                                                                                                                                                        											_t366 = _t252;
                                                                                                                                                                                                                                                        											__eflags =  *(_t252 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        											if( *(_t252 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        												_t366 =  *_t252;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v32 = _t252;
                                                                                                                                                                                                                                                        											_t367 = _t366 + _t303;
                                                                                                                                                                                                                                                        											memmove(_t367, _a8, _a12);
                                                                                                                                                                                                                                                        											_t379 = _t379 + 0xc;
                                                                                                                                                                                                                                                        											_push(_t341);
                                                                                                                                                                                                                                                        											_push(_t239 + _t367);
                                                                                                                                                                                                                                                        											_push(_t367 + _a12);
                                                                                                                                                                                                                                                        											goto L17;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__eflags =  *(_t252 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        										_t199 = _t252;
                                                                                                                                                                                                                                                        										if( *(_t252 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        											_t199 =  *_t252;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v32 = _t252;
                                                                                                                                                                                                                                                        										_t200 = _t199 + _t303;
                                                                                                                                                                                                                                                        										__eflags = _t200;
                                                                                                                                                                                                                                                        										_push(_t362);
                                                                                                                                                                                                                                                        										_push(_a8);
                                                                                                                                                                                                                                                        										_push(_t200);
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										memmove();
                                                                                                                                                                                                                                                        										L18:
                                                                                                                                                                                                                                                        										__eflags = _v24 ^ _t374;
                                                                                                                                                                                                                                                        										E00BEECB0(_v24 ^ _t374, _t303);
                                                                                                                                                                                                                                                        										_t189 = _v32;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									return _t189;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t226 = _t252 + _t252 + 0x25;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}








































































































                                                                                                                                                                                                                                                        0x00bc6e50
                                                                                                                                                                                                                                                        0x00bc6e56
                                                                                                                                                                                                                                                        0x00bc6e59
                                                                                                                                                                                                                                                        0x00bc6e5c
                                                                                                                                                                                                                                                        0x00bc6e64
                                                                                                                                                                                                                                                        0x00bc6e6d
                                                                                                                                                                                                                                                        0x00bc6fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e75
                                                                                                                                                                                                                                                        0x00bc6e78
                                                                                                                                                                                                                                                        0x00bc6e7b
                                                                                                                                                                                                                                                        0x00bc6e80
                                                                                                                                                                                                                                                        0x00bc6e83
                                                                                                                                                                                                                                                        0x00bc6e8b
                                                                                                                                                                                                                                                        0x00bc6e9d
                                                                                                                                                                                                                                                        0x00bc6ea1
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea9
                                                                                                                                                                                                                                                        0x00bc6eab
                                                                                                                                                                                                                                                        0x00bc6eae
                                                                                                                                                                                                                                                        0x00bc6eb4
                                                                                                                                                                                                                                                        0x00bc6ebf
                                                                                                                                                                                                                                                        0x00bc6ec2
                                                                                                                                                                                                                                                        0x00bc6ec4
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6f62
                                                                                                                                                                                                                                                        0x00bc6f66
                                                                                                                                                                                                                                                        0x00bc6f68
                                                                                                                                                                                                                                                        0x00bc6f73
                                                                                                                                                                                                                                                        0x00bc6f80
                                                                                                                                                                                                                                                        0x00bc6f8b
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6fab
                                                                                                                                                                                                                                                        0x00bc6fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ed7
                                                                                                                                                                                                                                                        0x00bc6ed9
                                                                                                                                                                                                                                                        0x00bc6edc
                                                                                                                                                                                                                                                        0x00bc6ee7
                                                                                                                                                                                                                                                        0x00bc6ef4
                                                                                                                                                                                                                                                        0x00bc6f1f
                                                                                                                                                                                                                                                        0x00bc6f24
                                                                                                                                                                                                                                                        0x00bc6f27
                                                                                                                                                                                                                                                        0x00bc6f2a
                                                                                                                                                                                                                                                        0x00bc6f2c
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f51
                                                                                                                                                                                                                                                        0x00bc6f52
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fc0
                                                                                                                                                                                                                                                        0x00bc6f3a
                                                                                                                                                                                                                                                        0x00bc6f3c
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fce
                                                                                                                                                                                                                                                        0x00bc6fcf
                                                                                                                                                                                                                                                        0x00bc6fd1
                                                                                                                                                                                                                                                        0x00bc6fd3
                                                                                                                                                                                                                                                        0x00bc6fd4
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7153
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7155
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ff9
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc6ffe
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7021
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc6f49
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6ec7

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,7FFFFFFE,7FFFFFFF,7FFFFFFF), ref: 00BC6EDC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000010,?,?,?,?,7FFFFFFF), ref: 00BC6EF4
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,?,?,?,?,?,7FFFFFFF), ref: 00BC6F1F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(7FFFFFFE,80000001,?,?,?,?,?,?,?,?,7FFFFFFF), ref: 00BC6F52
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,7FFFFFFF,7FFFFFFF), ref: 00BC6F68
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000010,?,?,?,?,7FFFFFFF), ref: 00BC6F80
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,?,?,?,?,?,7FFFFFFF), ref: 00BC6FAB
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC6FC8
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: 3d29384fbb9601b2972244b954e7551d15f4c349f6de89782dbe17a9c3c78961
                                                                                                                                                                                                                                                        • Instruction ID: b0527ace43d64825a6d86f245ba2e248b673c7edc2e58233ddebd5cf0eaf0b3c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3d29384fbb9601b2972244b954e7551d15f4c349f6de89782dbe17a9c3c78961
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F4519DB1A0020A9FCF14DF68DC81CBE77A9EBC8314B14466DF915D7391EB70AD258BA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BD27F0(void* __ebx, signed int __ecx, void* __edi, intOrPtr _a4, signed int _a12, void* _a16, signed int _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _t55;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				void* _t84;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t104;
                                                                                                                                                                                                                                                        				intOrPtr _t116;
                                                                                                                                                                                                                                                        				signed int _t117;
                                                                                                                                                                                                                                                        				unsigned int _t118;
                                                                                                                                                                                                                                                        				void* _t119;
                                                                                                                                                                                                                                                        				void _t120;
                                                                                                                                                                                                                                                        				void* _t122;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				unsigned int _t126;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t91 = __ecx;
                                                                                                                                                                                                                                                        				_t134 = _t133 - 0xc;
                                                                                                                                                                                                                                                        				_t104 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t116 = _a4;
                                                                                                                                                                                                                                                        				_t83 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t104 < _t116) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t117 = _t116 + _t104;
                                                                                                                                                                                                                                                        					_t126 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_v24 = _t104;
                                                                                                                                                                                                                                                        					_v28 = __ecx;
                                                                                                                                                                                                                                                        					_v20 = _t117;
                                                                                                                                                                                                                                                        					_t58 = _t117 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t58 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t89 = (_t126 >> 1) + _t126;
                                                                                                                                                                                                                                                        						_t90 =  >=  ? _t58 : _t89;
                                                                                                                                                                                                                                                        						_t83 =  >  ? 0x7ffffffe :  >=  ? _t58 : _t89;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t118 = _t126;
                                                                                                                                                                                                                                                        					_t127 = _v28;
                                                                                                                                                                                                                                                        					_t8 = _t83 + 1; // 0x7fffffff
                                                                                                                                                                                                                                                        					_t60 = E00BBA8A0(_t8);
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t127 + 0x10)) = _v20;
                                                                                                                                                                                                                                                        					_t94 = _t127;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t127 + 0x14)) = _t83;
                                                                                                                                                                                                                                                        					if(_t118 < 8) {
                                                                                                                                                                                                                                                        						_t128 = _t94;
                                                                                                                                                                                                                                                        						_t84 = _t60;
                                                                                                                                                                                                                                                        						memcpy(_t60, _t94, _a12 + _a12);
                                                                                                                                                                                                                                                        						_t119 = _t84 + _a12 * 2;
                                                                                                                                                                                                                                                        						memcpy(_t119, _a16, _a20 + _a20);
                                                                                                                                                                                                                                                        						memcpy(_t119 + _a20 * 2, _t128 + _a12 * 2, _v24 - _a12 + _v24 - _a12 + 2);
                                                                                                                                                                                                                                                        						_t120 = _t84;
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t86 =  *_t94;
                                                                                                                                                                                                                                                        						_t130 = _t60;
                                                                                                                                                                                                                                                        						_v20 = _t118;
                                                                                                                                                                                                                                                        						memcpy(_t60, _t86, _a12 + _a12);
                                                                                                                                                                                                                                                        						_t122 = _t130 + _a12 * 2;
                                                                                                                                                                                                                                                        						memcpy(_t122, _a16, _a20 + _a20);
                                                                                                                                                                                                                                                        						memcpy(_t122 + _a20 * 2, _t86 + _a12 * 2, _v24 - _a12 + _v24 - _a12 + 2);
                                                                                                                                                                                                                                                        						_t134 = _t134 + 0x24;
                                                                                                                                                                                                                                                        						_t91 = _v20;
                                                                                                                                                                                                                                                        						_t120 = _t130;
                                                                                                                                                                                                                                                        						_t128 = _v28;
                                                                                                                                                                                                                                                        						_t31 = _t91 + 2; // 0x80000001
                                                                                                                                                                                                                                                        						_t78 = _t91 + _t31;
                                                                                                                                                                                                                                                        						if(_t78 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t78);
                                                                                                                                                                                                                                                        							_push(_t86);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t128 = _t120;
                                                                                                                                                                                                                                                        							return _t128;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t79 = _t86;
                                                                                                                                                                                                                                                        							_t86 =  *(_t86 - 4);
                                                                                                                                                                                                                                                        							if(_t79 + 0xfffffffc - _t86 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t123);
                                                                                                                                                                                                                                                        								 *_t91 = 0;
                                                                                                                                                                                                                                                        								_t124 = _t91;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t91 + 4)) = 0;
                                                                                                                                                                                                                                                        								_t55 = E00BD38C0(1);
                                                                                                                                                                                                                                                        								 *_t55 = _t55;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t55 + 4)) = _t55;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t55 + 8)) = _t55;
                                                                                                                                                                                                                                                        								 *((short*)(_t55 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        								 *_t124 = _t55;
                                                                                                                                                                                                                                                        								return _t124;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t78 = _t91 + _t91 + 0x25;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bd27f0
                                                                                                                                                                                                                                                        0x00bd27f6
                                                                                                                                                                                                                                                        0x00bd27f9
                                                                                                                                                                                                                                                        0x00bd27fc
                                                                                                                                                                                                                                                        0x00bd2804
                                                                                                                                                                                                                                                        0x00bd280d
                                                                                                                                                                                                                                                        0x00bd294d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2813
                                                                                                                                                                                                                                                        0x00bd2813
                                                                                                                                                                                                                                                        0x00bd2815
                                                                                                                                                                                                                                                        0x00bd2818
                                                                                                                                                                                                                                                        0x00bd281b
                                                                                                                                                                                                                                                        0x00bd2820
                                                                                                                                                                                                                                                        0x00bd2823
                                                                                                                                                                                                                                                        0x00bd282b
                                                                                                                                                                                                                                                        0x00bd283d
                                                                                                                                                                                                                                                        0x00bd2841
                                                                                                                                                                                                                                                        0x00bd2846
                                                                                                                                                                                                                                                        0x00bd2846
                                                                                                                                                                                                                                                        0x00bd2849
                                                                                                                                                                                                                                                        0x00bd284b
                                                                                                                                                                                                                                                        0x00bd284e
                                                                                                                                                                                                                                                        0x00bd2854
                                                                                                                                                                                                                                                        0x00bd285f
                                                                                                                                                                                                                                                        0x00bd2862
                                                                                                                                                                                                                                                        0x00bd2864
                                                                                                                                                                                                                                                        0x00bd2867
                                                                                                                                                                                                                                                        0x00bd28f7
                                                                                                                                                                                                                                                        0x00bd28fb
                                                                                                                                                                                                                                                        0x00bd28fd
                                                                                                                                                                                                                                                        0x00bd2908
                                                                                                                                                                                                                                                        0x00bd2915
                                                                                                                                                                                                                                                        0x00bd2935
                                                                                                                                                                                                                                                        0x00bd293d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd286d
                                                                                                                                                                                                                                                        0x00bd286d
                                                                                                                                                                                                                                                        0x00bd2877
                                                                                                                                                                                                                                                        0x00bd2879
                                                                                                                                                                                                                                                        0x00bd287c
                                                                                                                                                                                                                                                        0x00bd2887
                                                                                                                                                                                                                                                        0x00bd2894
                                                                                                                                                                                                                                                        0x00bd28b4
                                                                                                                                                                                                                                                        0x00bd28b9
                                                                                                                                                                                                                                                        0x00bd28bc
                                                                                                                                                                                                                                                        0x00bd28bf
                                                                                                                                                                                                                                                        0x00bd28c1
                                                                                                                                                                                                                                                        0x00bd28c4
                                                                                                                                                                                                                                                        0x00bd28c4
                                                                                                                                                                                                                                                        0x00bd28cd
                                                                                                                                                                                                                                                        0x00bd28e5
                                                                                                                                                                                                                                                        0x00bd28e5
                                                                                                                                                                                                                                                        0x00bd28e6
                                                                                                                                                                                                                                                        0x00bd28e7
                                                                                                                                                                                                                                                        0x00bd293f
                                                                                                                                                                                                                                                        0x00bd293f
                                                                                                                                                                                                                                                        0x00bd294a
                                                                                                                                                                                                                                                        0x00bd28cf
                                                                                                                                                                                                                                                        0x00bd28cf
                                                                                                                                                                                                                                                        0x00bd28d1
                                                                                                                                                                                                                                                        0x00bd28dc
                                                                                                                                                                                                                                                        0x00bd2952
                                                                                                                                                                                                                                                        0x00bd2952
                                                                                                                                                                                                                                                        0x00bd2958
                                                                                                                                                                                                                                                        0x00bd2959
                                                                                                                                                                                                                                                        0x00bd295a
                                                                                                                                                                                                                                                        0x00bd295b
                                                                                                                                                                                                                                                        0x00bd295c
                                                                                                                                                                                                                                                        0x00bd295d
                                                                                                                                                                                                                                                        0x00bd295e
                                                                                                                                                                                                                                                        0x00bd295f
                                                                                                                                                                                                                                                        0x00bd2963
                                                                                                                                                                                                                                                        0x00bd2964
                                                                                                                                                                                                                                                        0x00bd296a
                                                                                                                                                                                                                                                        0x00bd296c
                                                                                                                                                                                                                                                        0x00bd2975
                                                                                                                                                                                                                                                        0x00bd297a
                                                                                                                                                                                                                                                        0x00bd297c
                                                                                                                                                                                                                                                        0x00bd297f
                                                                                                                                                                                                                                                        0x00bd2982
                                                                                                                                                                                                                                                        0x00bd2988
                                                                                                                                                                                                                                                        0x00bd298e
                                                                                                                                                                                                                                                        0x00bd28de
                                                                                                                                                                                                                                                        0x00bd28e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd28e3
                                                                                                                                                                                                                                                        0x00bd28dc
                                                                                                                                                                                                                                                        0x00bd28cd
                                                                                                                                                                                                                                                        0x00bd2867

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,7FFFFFFE,7FFFFFFF,7FFFFFFF,?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD287C
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,?,?,7FFFFFFF,?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD2894
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,7FFFFFFF,?,?,?,?,?,?,7FFFFFFF,?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD28B4
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(7FFFFFFE,80000001,?,?,?,?,?,?,?,?,7FFFFFFF,?,?,?,00BEA717,00000000), ref: 00BD28E7
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,7FFFFFFF,7FFFFFFF,?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD28FD
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,?,?,7FFFFFFF,?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD2915
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,7FFFFFFF,?,?,?,?,?,?,7FFFFFFF,?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD2935
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,00BEA717,00000000,\\.\,00000004), ref: 00BD2952
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: a7f70c515cfc47045ff1d635c684f5ff982d0f08628d29dd78ceedf41ce96405
                                                                                                                                                                                                                                                        • Instruction ID: 4210364849f0c1bbe00175d75c5e3129a97763cf698c2e5e0fc6a167288d00f0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a7f70c515cfc47045ff1d635c684f5ff982d0f08628d29dd78ceedf41ce96405
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8341BCB2A00206AFCB14DF68CC818BEB7E9EBC8310B244779F915D7355EA71AD5587A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BC7150(void* __ecx, void* _a4, int _a12, intOrPtr _a16, void* _a20, int _a24) {
                                                                                                                                                                                                                                                        				void _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				int _v60;
                                                                                                                                                                                                                                                        				int _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				int _t49;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t68;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				intOrPtr _t72;
                                                                                                                                                                                                                                                        				intOrPtr _t73;
                                                                                                                                                                                                                                                        				void _t74;
                                                                                                                                                                                                                                                        				void* _t75;
                                                                                                                                                                                                                                                        				void* _t76;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				intOrPtr _t82;
                                                                                                                                                                                                                                                        				void* _t99;
                                                                                                                                                                                                                                                        				signed int _t101;
                                                                                                                                                                                                                                                        				int _t104;
                                                                                                                                                                                                                                                        				int _t107;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				intOrPtr _t112;
                                                                                                                                                                                                                                                        				unsigned int _t113;
                                                                                                                                                                                                                                                        				int _t114;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        				void* _t119;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				void* _t123;
                                                                                                                                                                                                                                                        				void _t125;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t79 = __ecx;
                                                                                                                                                                                                                                                        				_t131 = _t130 - 0x14;
                                                                                                                                                                                                                                                        				_t101 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t118 = _a4;
                                                                                                                                                                                                                                                        				_t72 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t101 < _t118) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t113 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_t120 = _t118 + _t101;
                                                                                                                                                                                                                                                        					_v24 = _t101;
                                                                                                                                                                                                                                                        					_v32 = __ecx;
                                                                                                                                                                                                                                                        					_v36 = _t120;
                                                                                                                                                                                                                                                        					_t55 = _t120 | 0x0000000f;
                                                                                                                                                                                                                                                        					if(_t55 >= 0) {
                                                                                                                                                                                                                                                        						_t99 = (_t113 >> 1) + _t113;
                                                                                                                                                                                                                                                        						_t100 =  >=  ? _t55 : _t99;
                                                                                                                                                                                                                                                        						_t72 =  <=  ?  >=  ? _t55 : _t99 : 0x7fffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v28 = _t113;
                                                                                                                                                                                                                                                        					_t114 = _a12;
                                                                                                                                                                                                                                                        					_t9 = _t72 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t75 = _v32;
                                                                                                                                                                                                                                                        					_t57 = E00BBD730(_t9);
                                                                                                                                                                                                                                                        					_v20 = _t57;
                                                                                                                                                                                                                                                        					 *(_t75 + 0x10) = _v36;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t75 + 0x14)) = _t72;
                                                                                                                                                                                                                                                        					if(_v28 < 0x10) {
                                                                                                                                                                                                                                                        						memcpy(_t57, _t75, _t114);
                                                                                                                                                                                                                                                        						_t123 = _v20 + _t114;
                                                                                                                                                                                                                                                        						memcpy(_t123, _a20, _a24);
                                                                                                                                                                                                                                                        						_t125 = _v20;
                                                                                                                                                                                                                                                        						memcpy(_t123 + _a24, _t75 + _t114 + _a16, _v24 - _a16 + _t114 + 1);
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t76 =  *_t75;
                                                                                                                                                                                                                                                        						memcpy(_t57, _t76, _t114);
                                                                                                                                                                                                                                                        						_t127 = _t57 + _t114;
                                                                                                                                                                                                                                                        						memcpy(_t127, _a20, _a24);
                                                                                                                                                                                                                                                        						_t68 = _a16;
                                                                                                                                                                                                                                                        						_t118 = _t127 + _a24;
                                                                                                                                                                                                                                                        						_t111 = _t76 + _t114 + _t68;
                                                                                                                                                                                                                                                        						memcpy(_t118, _t111, _v24 - _t68 + _t114 + 1);
                                                                                                                                                                                                                                                        						_t131 = _t131 + 0x24;
                                                                                                                                                                                                                                                        						_t107 = _v28;
                                                                                                                                                                                                                                                        						_t22 = _t107 + 1; // 0x11
                                                                                                                                                                                                                                                        						_t79 = _t22;
                                                                                                                                                                                                                                                        						if(_t79 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t79);
                                                                                                                                                                                                                                                        							_push(_t76);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t125 = _v20;
                                                                                                                                                                                                                                                        							_t75 = _v32;
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t75 = _t125;
                                                                                                                                                                                                                                                        							return _t75;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t71 =  *(_t76 - 4);
                                                                                                                                                                                                                                                        							_t72 = _t76 + 0xfffffffc - _t71;
                                                                                                                                                                                                                                                        							if(_t72 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t129 = _t131;
                                                                                                                                                                                                                                                        								_push(_t72);
                                                                                                                                                                                                                                                        								_push(_t111);
                                                                                                                                                                                                                                                        								_push(_t118);
                                                                                                                                                                                                                                                        								_t132 = _t131 - 8;
                                                                                                                                                                                                                                                        								_t119 = _t79;
                                                                                                                                                                                                                                                        								_t80 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t49 = _v28;
                                                                                                                                                                                                                                                        								_v52 = _t80 ^ _t131;
                                                                                                                                                                                                                                                        								_t73 =  *((intOrPtr*)(_t119 + 0x14));
                                                                                                                                                                                                                                                        								_t82 =  *((intOrPtr*)(_t119 + 0x10));
                                                                                                                                                                                                                                                        								_t104 = _v24;
                                                                                                                                                                                                                                                        								if(_t73 - _t82 >= _t49) {
                                                                                                                                                                                                                                                        									_t112 = _t82 + _t49;
                                                                                                                                                                                                                                                        									_t74 = _t119;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t119 + 0x10)) = _t112;
                                                                                                                                                                                                                                                        									if(_t73 >= 0x10) {
                                                                                                                                                                                                                                                        										_t74 =  *_t119;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									memset(_t82 + _t74, _t104, _t49);
                                                                                                                                                                                                                                                        									 *((char*)(_t74 + _t112)) = 0;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v68 = _v28;
                                                                                                                                                                                                                                                        									_v64 = _t49;
                                                                                                                                                                                                                                                        									 *(_t132 - 0x10) = _t49;
                                                                                                                                                                                                                                                        									_v60 = _t104;
                                                                                                                                                                                                                                                        									_t119 = E00BC7330(_t119);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								E00BEECB0(_v24 ^ _t129, _t104);
                                                                                                                                                                                                                                                        								return _t119;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t76 = _t71;
                                                                                                                                                                                                                                                        								_t79 = _t107 + 0x24;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC71D4
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,00000010,?), ref: 00BC71E6
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BC7205
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,00000011), ref: 00BC7231
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC7244
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000010,?), ref: 00BC7259
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BC727B
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC7296
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: ab0922b8a1c7d5df229c6549c720d303fd6d47c16b0f24e732a97d0fe9d8c8ba
                                                                                                                                                                                                                                                        • Instruction ID: 5d525ca52f1c9c8434a59e5a29014d3d16304394c4822a78258b5874a07321c6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ab0922b8a1c7d5df229c6549c720d303fd6d47c16b0f24e732a97d0fe9d8c8ba
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D441D372E001199FCF08DF68DC858AF77E9EF85310B194278FC15AB381DA35AD518BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 94%
                                                                                                                                                                                                                                                        			E00BCE270(intOrPtr __ecx, void** __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v40;
                                                                                                                                                                                                                                                        				void** _v44;
                                                                                                                                                                                                                                                        				void** _v48;
                                                                                                                                                                                                                                                        				DWORD* _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v60;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				void* _t44;
                                                                                                                                                                                                                                                        				long _t47;
                                                                                                                                                                                                                                                        				void** _t48;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				long _t56;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        				void** _t63;
                                                                                                                                                                                                                                                        				void** _t78;
                                                                                                                                                                                                                                                        				long _t79;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED _t80;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t83;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				void* _t99;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t100;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t101;
                                                                                                                                                                                                                                                        				signed int _t102;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				intOrPtr _t104;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t91 = __edx;
                                                                                                                                                                                                                                                        				_v60 = __ecx;
                                                                                                                                                                                                                                                        				_t63 = __edx;
                                                                                                                                                                                                                                                        				_t42 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t42 ^ _t102;
                                                                                                                                                                                                                                                        				_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t44 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				_v44 = _t63;
                                                                                                                                                                                                                                                        				if(DuplicateHandle(GetCurrentProcess(),  *_t63, _t44,  &_v24, 0x100000, 0, 0) == 0) {
                                                                                                                                                                                                                                                        					_t47 = GetLastError();
                                                                                                                                                                                                                                                        					_t99 = 0x36;
                                                                                                                                                                                                                                                        					 *(_v44[3]) = _t47;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t53 = E00BC5200(_v24,  &_v28, _v24);
                                                                                                                                                                                                                                                        					_push(0x14);
                                                                                                                                                                                                                                                        					L00BEF6BA();
                                                                                                                                                                                                                                                        					_t104 = _t103 + 4;
                                                                                                                                                                                                                                                        					_v40 = _t53;
                                                                                                                                                                                                                                                        					_v56 = _t104;
                                                                                                                                                                                                                                                        					_t100 = _t104 - 0xc;
                                                                                                                                                                                                                                                        					_t100->Offset = 0;
                                                                                                                                                                                                                                                        					_t54 = E00BC5260(_t53,  &_v28);
                                                                                                                                                                                                                                                        					_v52 =  &(_t100->Offset);
                                                                                                                                                                                                                                                        					E00BC5200(_t54,  &(_t100->Offset), _t54);
                                                                                                                                                                                                                                                        					_t78 = _v44;
                                                                                                                                                                                                                                                        					_t56 =  *(_t78 + 4);
                                                                                                                                                                                                                                                        					_t79 =  *(_t78 + 8);
                                                                                                                                                                                                                                                        					_t100->Internal = _t79;
                                                                                                                                                                                                                                                        					if(_t79 != 0) {
                                                                                                                                                                                                                                                        						asm("lock inc dword [ecx+0x24]");
                                                                                                                                                                                                                                                        						_t80 = _t100->Internal;
                                                                                                                                                                                                                                                        						_t100->InternalHigh = _t56;
                                                                                                                                                                                                                                                        						_v40->Internal = _t80;
                                                                                                                                                                                                                                                        						if(_t80 != 0) {
                                                                                                                                                                                                                                                        							asm("lock inc dword [ecx+0x24]");
                                                                                                                                                                                                                                                        							_t56 = _t100->InternalHigh;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t100->InternalHigh = _t56;
                                                                                                                                                                                                                                                        						 *_v40 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t95 = _v52;
                                                                                                                                                                                                                                                        					_v48 =  &(_v44[1]);
                                                                                                                                                                                                                                                        					_t83 = _v40;
                                                                                                                                                                                                                                                        					 *(_t83 + 4) = _t56;
                                                                                                                                                                                                                                                        					 *(_t83 + 8) = 0;
                                                                                                                                                                                                                                                        					_t58 = E00BC5200(E00BC5260(_t56, _v52),  &(_t83->Offset), _t57);
                                                                                                                                                                                                                                                        					_t86 = _t100->Internal;
                                                                                                                                                                                                                                                        					if(_t100->Internal != 0) {
                                                                                                                                                                                                                                                        						_t58 = E00BE4A70(_t86);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BC51B0(_t58, _t95);
                                                                                                                                                                                                                                                        					_t96 = _v60;
                                                                                                                                                                                                                                                        					PostQueuedCompletionStatus( *(_t96 + 4), 0, 2, _v40);
                                                                                                                                                                                                                                                        					_t101 = _t96 + 0x1c;
                                                                                                                                                                                                                                                        					EnterCriticalSection(_t101);
                                                                                                                                                                                                                                                        					_t91 =  &_v36;
                                                                                                                                                                                                                                                        					_t61 = E00BCECF0(_t96 + 0x14,  &_v36, _v48);
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_t101);
                                                                                                                                                                                                                                                        					E00BC51B0(_t61,  &_v28);
                                                                                                                                                                                                                                                        					_t99 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t48 = _v44;
                                                                                                                                                                                                                                                        				_t72 = _t48[2];
                                                                                                                                                                                                                                                        				if(_t48[2] != 0) {
                                                                                                                                                                                                                                                        					E00BE4A70(_t72);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t102, _t91);
                                                                                                                                                                                                                                                        				return _t99;
                                                                                                                                                                                                                                                        			}



































                                                                                                                                                                                                                                                        0x00bce270
                                                                                                                                                                                                                                                        0x00bce279
                                                                                                                                                                                                                                                        0x00bce282
                                                                                                                                                                                                                                                        0x00bce284
                                                                                                                                                                                                                                                        0x00bce28b
                                                                                                                                                                                                                                                        0x00bce28e
                                                                                                                                                                                                                                                        0x00bce295
                                                                                                                                                                                                                                                        0x00bce297
                                                                                                                                                                                                                                                        0x00bce2b8
                                                                                                                                                                                                                                                        0x00bce3c3
                                                                                                                                                                                                                                                        0x00bce3cc
                                                                                                                                                                                                                                                        0x00bce3d4
                                                                                                                                                                                                                                                        0x00bce2be
                                                                                                                                                                                                                                                        0x00bce2c4
                                                                                                                                                                                                                                                        0x00bce2ce
                                                                                                                                                                                                                                                        0x00bce2d3
                                                                                                                                                                                                                                                        0x00bce2d5
                                                                                                                                                                                                                                                        0x00bce2da
                                                                                                                                                                                                                                                        0x00bce2dd
                                                                                                                                                                                                                                                        0x00bce2e0
                                                                                                                                                                                                                                                        0x00bce2e6
                                                                                                                                                                                                                                                        0x00bce2ed
                                                                                                                                                                                                                                                        0x00bce2f4
                                                                                                                                                                                                                                                        0x00bce2fb
                                                                                                                                                                                                                                                        0x00bce2ff
                                                                                                                                                                                                                                                        0x00bce304
                                                                                                                                                                                                                                                        0x00bce307
                                                                                                                                                                                                                                                        0x00bce30a
                                                                                                                                                                                                                                                        0x00bce30f
                                                                                                                                                                                                                                                        0x00bce311
                                                                                                                                                                                                                                                        0x00bce3df
                                                                                                                                                                                                                                                        0x00bce3e3
                                                                                                                                                                                                                                                        0x00bce3e8
                                                                                                                                                                                                                                                        0x00bce3ed
                                                                                                                                                                                                                                                        0x00bce3ef
                                                                                                                                                                                                                                                        0x00bce3f5
                                                                                                                                                                                                                                                        0x00bce3f9
                                                                                                                                                                                                                                                        0x00bce3f9
                                                                                                                                                                                                                                                        0x00bce317
                                                                                                                                                                                                                                                        0x00bce31a
                                                                                                                                                                                                                                                        0x00bce31d
                                                                                                                                                                                                                                                        0x00bce31d
                                                                                                                                                                                                                                                        0x00bce326
                                                                                                                                                                                                                                                        0x00bce32c
                                                                                                                                                                                                                                                        0x00bce32f
                                                                                                                                                                                                                                                        0x00bce334
                                                                                                                                                                                                                                                        0x00bce337
                                                                                                                                                                                                                                                        0x00bce34b
                                                                                                                                                                                                                                                        0x00bce350
                                                                                                                                                                                                                                                        0x00bce354
                                                                                                                                                                                                                                                        0x00bce401
                                                                                                                                                                                                                                                        0x00bce401
                                                                                                                                                                                                                                                        0x00bce35c
                                                                                                                                                                                                                                                        0x00bce36b
                                                                                                                                                                                                                                                        0x00bce371
                                                                                                                                                                                                                                                        0x00bce377
                                                                                                                                                                                                                                                        0x00bce37b
                                                                                                                                                                                                                                                        0x00bce384
                                                                                                                                                                                                                                                        0x00bce38c
                                                                                                                                                                                                                                                        0x00bce395
                                                                                                                                                                                                                                                        0x00bce39e
                                                                                                                                                                                                                                                        0x00bce3a3
                                                                                                                                                                                                                                                        0x00bce3a3
                                                                                                                                                                                                                                                        0x00bce3a5
                                                                                                                                                                                                                                                        0x00bce3a8
                                                                                                                                                                                                                                                        0x00bce3ad
                                                                                                                                                                                                                                                        0x00bce3d8
                                                                                                                                                                                                                                                        0x00bce3d8
                                                                                                                                                                                                                                                        0x00bce3b4
                                                                                                                                                                                                                                                        0x00bce3c2

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BCE295
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BCE29E
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000000,FFFFFFFF,00100000,00000000,00000000), ref: 00BCE2B0
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BCE3C3
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,FFFFFFFF), ref: 00BCE2D5
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5260: GetHandleVerifier.FLASHPLAYER(?,?,?,?,?,00BC5117), ref: 00BC5286
                                                                                                                                                                                                                                                        • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000002,?,00000000,00000000), ref: 00BCE371
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 00BCE37B
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 00BCE395
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorHandleLast$CriticalCurrentProcessSectionVerifier$??2@CompletionDuplicateEnterLeavePostQueuedStatus
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 624720175-0
                                                                                                                                                                                                                                                        • Opcode ID: c799c39d6363fd98a534e86272a39317e602bb313319c1a9fe9e282dd779d3f0
                                                                                                                                                                                                                                                        • Instruction ID: 0179d43394555e57433b0771bb35e1589386faf937dfbcbecdad150f5029125e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c799c39d6363fd98a534e86272a39317e602bb313319c1a9fe9e282dd779d3f0
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4C516F70A01209DFDB14DFA4D895BAEBBF5EF88314F1440ADE516AB381DB31AD41CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BB1D50(void* __ebx, signed char __edx, void* __edi, WCHAR* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				void* _v40;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				WCHAR* _t42;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				signed char _t45;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				WCHAR* _t52;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				_t62 = _t61 - 0x18;
                                                                                                                                                                                                                                                        				_t52 = _a4;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t16 ^ _t59;
                                                                                                                                                                                                                                                        				if(_t52 == 0) {
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t59, _t46);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(E00BB1F30() == 0) {
                                                                                                                                                                                                                                                        						_t20 = E00BEECB0(_v20 ^ _t59, __edx);
                                                                                                                                                                                                                                                        						_t42 = _t52;
                                                                                                                                                                                                                                                        						_t62 = _t62 + 0x18;
                                                                                                                                                                                                                                                        						_pop(_t54);
                                                                                                                                                                                                                                                        						_pop(_t59);
                                                                                                                                                                                                                                                        						L15:
                                                                                                                                                                                                                                                        						_push(_t59);
                                                                                                                                                                                                                                                        						_push(_t54);
                                                                                                                                                                                                                                                        						if(_t42 != 0) {
                                                                                                                                                                                                                                                        							_t20 = CreateFileW(_t42, 0x80000000, 1, 0, 3, 0x8000000, 0);
                                                                                                                                                                                                                                                        							if(_t20 != 0xffffffff) {
                                                                                                                                                                                                                                                        								E00BB1C70(_t20);
                                                                                                                                                                                                                                                        								_t20 = CloseHandle(_t20);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						return _t20;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t22 = CreateFileW(_t52, 0xa0000000, 1, 0, 3, 0x8000000, 0);
                                                                                                                                                                                                                                                        						_t57 = _t22;
                                                                                                                                                                                                                                                        						if(_t22 + 1 < 2) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t24 = CreateFileMappingA(_t57, 0, 0x1000020, 0, 0, 0);
                                                                                                                                                                                                                                                        							_t50 = _t24;
                                                                                                                                                                                                                                                        							if(_t24 + 1 < 2) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								CloseHandle(_t57);
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t27 = MapViewOfFile(_t50, 0x1000024, 0, 0, 0);
                                                                                                                                                                                                                                                        								if(_t27 == 0) {
                                                                                                                                                                                                                                                        									L10:
                                                                                                                                                                                                                                                        									CloseHandle(_t50);
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t37 = _t27;
                                                                                                                                                                                                                                                        									_t44 =  &_v36;
                                                                                                                                                                                                                                                        									E00BB1EA0(_t44, _t27);
                                                                                                                                                                                                                                                        									if(_v28 == 0) {
                                                                                                                                                                                                                                                        										L9:
                                                                                                                                                                                                                                                        										UnmapViewOfFile(_t37);
                                                                                                                                                                                                                                                        										goto L10;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v40 = _t57;
                                                                                                                                                                                                                                                        										_t58 = _v36;
                                                                                                                                                                                                                                                        										_t32 =  *(_v32 + 0x50);
                                                                                                                                                                                                                                                        										_t45 = _t44 & 0xffffff00 | _t58 != 0x00000000;
                                                                                                                                                                                                                                                        										_t46 = _t46 & 0xffffff00 | _t32 != 0xffffffff;
                                                                                                                                                                                                                                                        										_t54 = _t58 | _t32;
                                                                                                                                                                                                                                                        										if(_t54 == 0) {
                                                                                                                                                                                                                                                        											L8:
                                                                                                                                                                                                                                                        											E00BB1F70(_t37, _t32);
                                                                                                                                                                                                                                                        											_t62 = _t62 + 8;
                                                                                                                                                                                                                                                        											_t57 = _v40;
                                                                                                                                                                                                                                                        											goto L9;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t42 = _t45 & _t46;
                                                                                                                                                                                                                                                        											if(_t42 == 0) {
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_t20 = E00BB1F0E();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												goto L15;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L8;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bb1d50
                                                                                                                                                                                                                                                        0x00bb1d56
                                                                                                                                                                                                                                                        0x00bb1d59
                                                                                                                                                                                                                                                        0x00bb1d5c
                                                                                                                                                                                                                                                        0x00bb1d65
                                                                                                                                                                                                                                                        0x00bb1d68
                                                                                                                                                                                                                                                        0x00bb1e24
                                                                                                                                                                                                                                                        0x00bb1e35
                                                                                                                                                                                                                                                        0x00bb1d6e
                                                                                                                                                                                                                                                        0x00bb1d75
                                                                                                                                                                                                                                                        0x00bb1e3b
                                                                                                                                                                                                                                                        0x00bb1e40
                                                                                                                                                                                                                                                        0x00bb1e42
                                                                                                                                                                                                                                                        0x00bb1e45
                                                                                                                                                                                                                                                        0x00bb1e48
                                                                                                                                                                                                                                                        0x00bb1e60
                                                                                                                                                                                                                                                        0x00bb1e60
                                                                                                                                                                                                                                                        0x00bb1e63
                                                                                                                                                                                                                                                        0x00bb1e66
                                                                                                                                                                                                                                                        0x00bb1e7b
                                                                                                                                                                                                                                                        0x00bb1e84
                                                                                                                                                                                                                                                        0x00bb1e8a
                                                                                                                                                                                                                                                        0x00bb1e90
                                                                                                                                                                                                                                                        0x00bb1e90
                                                                                                                                                                                                                                                        0x00bb1e84
                                                                                                                                                                                                                                                        0x00bb1e98
                                                                                                                                                                                                                                                        0x00bb1d7b
                                                                                                                                                                                                                                                        0x00bb1d8e
                                                                                                                                                                                                                                                        0x00bb1d94
                                                                                                                                                                                                                                                        0x00bb1d9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1da0
                                                                                                                                                                                                                                                        0x00bb1dae
                                                                                                                                                                                                                                                        0x00bb1db4
                                                                                                                                                                                                                                                        0x00bb1dba
                                                                                                                                                                                                                                                        0x00bb1e1d
                                                                                                                                                                                                                                                        0x00bb1e1e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1dbc
                                                                                                                                                                                                                                                        0x00bb1dc8
                                                                                                                                                                                                                                                        0x00bb1dd0
                                                                                                                                                                                                                                                        0x00bb1e16
                                                                                                                                                                                                                                                        0x00bb1e17
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1dd2
                                                                                                                                                                                                                                                        0x00bb1dd2
                                                                                                                                                                                                                                                        0x00bb1dd4
                                                                                                                                                                                                                                                        0x00bb1dd8
                                                                                                                                                                                                                                                        0x00bb1de1
                                                                                                                                                                                                                                                        0x00bb1e0f
                                                                                                                                                                                                                                                        0x00bb1e10
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1de3
                                                                                                                                                                                                                                                        0x00bb1de6
                                                                                                                                                                                                                                                        0x00bb1de9
                                                                                                                                                                                                                                                        0x00bb1dec
                                                                                                                                                                                                                                                        0x00bb1df1
                                                                                                                                                                                                                                                        0x00bb1df7
                                                                                                                                                                                                                                                        0x00bb1dfa
                                                                                                                                                                                                                                                        0x00bb1dfc
                                                                                                                                                                                                                                                        0x00bb1e02
                                                                                                                                                                                                                                                        0x00bb1e04
                                                                                                                                                                                                                                                        0x00bb1e09
                                                                                                                                                                                                                                                        0x00bb1e0c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1dfe
                                                                                                                                                                                                                                                        0x00bb1dfe
                                                                                                                                                                                                                                                        0x00bb1e00
                                                                                                                                                                                                                                                        0x00bb1e4e
                                                                                                                                                                                                                                                        0x00bb1e4f
                                                                                                                                                                                                                                                        0x00bb1e54
                                                                                                                                                                                                                                                        0x00bb1e55
                                                                                                                                                                                                                                                        0x00bb1e56
                                                                                                                                                                                                                                                        0x00bb1e57
                                                                                                                                                                                                                                                        0x00bb1e58
                                                                                                                                                                                                                                                        0x00bb1e59
                                                                                                                                                                                                                                                        0x00bb1e5a
                                                                                                                                                                                                                                                        0x00bb1e5b
                                                                                                                                                                                                                                                        0x00bb1e5c
                                                                                                                                                                                                                                                        0x00bb1e5d
                                                                                                                                                                                                                                                        0x00bb1e5e
                                                                                                                                                                                                                                                        0x00bb1e5f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1e00
                                                                                                                                                                                                                                                        0x00bb1dfc
                                                                                                                                                                                                                                                        0x00bb1de1
                                                                                                                                                                                                                                                        0x00bb1dd0
                                                                                                                                                                                                                                                        0x00bb1dba
                                                                                                                                                                                                                                                        0x00bb1d9a
                                                                                                                                                                                                                                                        0x00bb1d75

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateFileW.KERNEL32(00BB2281,A0000000,00000001,00000000,00000003,08000000,00000000,?,00000000,?,?,00BB2281,?), ref: 00BB1D8E
                                                                                                                                                                                                                                                        • CreateFileMappingA.KERNEL32 ref: 00BB1DAE
                                                                                                                                                                                                                                                        • MapViewOfFile.KERNEL32(00000000,01000024,00000000,00000000,00000000,?,00BB2281,?), ref: 00BB1DC8
                                                                                                                                                                                                                                                        • UnmapViewOfFile.KERNEL32(00000000), ref: 00BB1E10
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,00BB2281,?), ref: 00BB1E17
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,00BB2281,?), ref: 00BB1E1E
                                                                                                                                                                                                                                                        • CreateFileW.KERNEL32(00BB2281,80000000,00000001,00000000,00000003,08000000,00000000), ref: 00BB1E7B
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00BB1E90
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: File$CloseCreateHandle$View$MappingUnmap
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 781922418-0
                                                                                                                                                                                                                                                        • Opcode ID: 99eb4c0c5da0ede175bac115b4c8b36219b282ee0fdc2e67a4f05df6b02408b8
                                                                                                                                                                                                                                                        • Instruction ID: f82fd6b8fc6a55808c8e7343a7701e563c3c65853ad9e9f8b6b3f377e882a48d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 99eb4c0c5da0ede175bac115b4c8b36219b282ee0fdc2e67a4f05df6b02408b8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8731CA31A402146BD6206B785C5AFFE36E9DF09761F500895FD05BB2C1DFA0E950C6E4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BC9DC0(signed int __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void _v2067;
                                                                                                                                                                                                                                                        				char _v2068;
                                                                                                                                                                                                                                                        				void _v5140;
                                                                                                                                                                                                                                                        				long _v5144;
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        				long _t24;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				signed char _t33;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				long _t41;
                                                                                                                                                                                                                                                        				void _t42;
                                                                                                                                                                                                                                                        				void* _t44;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t43 = __edx;
                                                                                                                                                                                                                                                        				E00BEF1D0();
                                                                                                                                                                                                                                                        				_t22 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t22 ^ _t47;
                                                                                                                                                                                                                                                        				_t24 =  *0xbfa054; // 0xffffffff
                                                                                                                                                                                                                                                        				if(_t24 == 0xffffffff) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t47, _t43);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t36 = TlsGetValue(_t24);
                                                                                                                                                                                                                                                        				if((_t36 & 0x00000003) != 0) {
                                                                                                                                                                                                                                                        					_t37 = _t36 & 0xfffffffc;
                                                                                                                                                                                                                                                        					_t44 =  &_v2068;
                                                                                                                                                                                                                                                        					memcpy(_t44, _t37, 0x800);
                                                                                                                                                                                                                                                        					_t50 = _t48 + 0xc;
                                                                                                                                                                                                                                                        					_t41 =  *0xbfa054; // 0xffffffff
                                                                                                                                                                                                                                                        					_v5144 = _t41;
                                                                                                                                                                                                                                                        					TlsSetValue(_t41,  &_v2067);
                                                                                                                                                                                                                                                        					__eflags = _t37;
                                                                                                                                                                                                                                                        					if(_t37 != 0) {
                                                                                                                                                                                                                                                        						_push(_t37);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t50 = _t50 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t30 = E00BCA290();
                                                                                                                                                                                                                                                        					__imp__AcquireSRWLockExclusive(_t30);
                                                                                                                                                                                                                                                        					memcpy( &_v5140, 0xbfa888, 0xc00);
                                                                                                                                                                                                                                                        					_t48 = _t50 + 0xc;
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive(_t30);
                                                                                                                                                                                                                                                        					_t46 = 0x100;
                                                                                                                                                                                                                                                        					_t33 = 1;
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						__eflags = _t33 & 0x00000001;
                                                                                                                                                                                                                                                        						if((_t33 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        							break;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t38 = 0xfffff400;
                                                                                                                                                                                                                                                        						_t33 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t42 =  *_t44;
                                                                                                                                                                                                                                                        							__eflags = _t42;
                                                                                                                                                                                                                                                        							if(_t42 != 0) {
                                                                                                                                                                                                                                                        								__eflags =  *(_t47 + _t38 - 0x810);
                                                                                                                                                                                                                                                        								if( *(_t47 + _t38 - 0x810) == 0) {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t43 =  *(_t44 + 4);
                                                                                                                                                                                                                                                        								__eflags =  *(_t44 + 4) -  *((intOrPtr*)(_t47 + _t38 - 0x808));
                                                                                                                                                                                                                                                        								if( *(_t44 + 4) !=  *((intOrPtr*)(_t47 + _t38 - 0x808))) {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t43 =  *(_t47 + _t38 - 0x80c);
                                                                                                                                                                                                                                                        								__eflags = _t43;
                                                                                                                                                                                                                                                        								if(_t43 == 0) {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								 *_t44 = 0;
                                                                                                                                                                                                                                                        								 *_t43(_t42);
                                                                                                                                                                                                                                                        								_t48 = _t48 + 4;
                                                                                                                                                                                                                                                        								_t33 = 1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							_t44 = _t44 + 8;
                                                                                                                                                                                                                                                        							_t38 = _t38 + 0xc;
                                                                                                                                                                                                                                                        							__eflags = _t38;
                                                                                                                                                                                                                                                        						} while (_t38 != 0);
                                                                                                                                                                                                                                                        						__eflags = _t46 - 2;
                                                                                                                                                                                                                                                        						_t46 = _t46 - 1;
                                                                                                                                                                                                                                                        						_t44 =  &_v2068;
                                                                                                                                                                                                                                                        						if(__eflags >= 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					TlsSetValue(_v5144, 2);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bc9dc0
                                                                                                                                                                                                                                                        0x00bc9dcb
                                                                                                                                                                                                                                                        0x00bc9dd0
                                                                                                                                                                                                                                                        0x00bc9dd7
                                                                                                                                                                                                                                                        0x00bc9dda
                                                                                                                                                                                                                                                        0x00bc9de2
                                                                                                                                                                                                                                                        0x00bc9df2
                                                                                                                                                                                                                                                        0x00bc9e06
                                                                                                                                                                                                                                                        0x00bc9e06
                                                                                                                                                                                                                                                        0x00bc9deb
                                                                                                                                                                                                                                                        0x00bc9df0
                                                                                                                                                                                                                                                        0x00bc9e07
                                                                                                                                                                                                                                                        0x00bc9e0a
                                                                                                                                                                                                                                                        0x00bc9e17
                                                                                                                                                                                                                                                        0x00bc9e1c
                                                                                                                                                                                                                                                        0x00bc9e1f
                                                                                                                                                                                                                                                        0x00bc9e2c
                                                                                                                                                                                                                                                        0x00bc9e33
                                                                                                                                                                                                                                                        0x00bc9e39
                                                                                                                                                                                                                                                        0x00bc9e3b
                                                                                                                                                                                                                                                        0x00bc9e3d
                                                                                                                                                                                                                                                        0x00bc9e3e
                                                                                                                                                                                                                                                        0x00bc9e43
                                                                                                                                                                                                                                                        0x00bc9e43
                                                                                                                                                                                                                                                        0x00bc9e46
                                                                                                                                                                                                                                                        0x00bc9e4e
                                                                                                                                                                                                                                                        0x00bc9e65
                                                                                                                                                                                                                                                        0x00bc9e6a
                                                                                                                                                                                                                                                        0x00bc9e6e
                                                                                                                                                                                                                                                        0x00bc9e74
                                                                                                                                                                                                                                                        0x00bc9e79
                                                                                                                                                                                                                                                        0x00bc9e7b
                                                                                                                                                                                                                                                        0x00bc9e7b
                                                                                                                                                                                                                                                        0x00bc9e7d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9e7f
                                                                                                                                                                                                                                                        0x00bc9e84
                                                                                                                                                                                                                                                        0x00bc9e86
                                                                                                                                                                                                                                                        0x00bc9e90
                                                                                                                                                                                                                                                        0x00bc9e90
                                                                                                                                                                                                                                                        0x00bc9e92
                                                                                                                                                                                                                                                        0x00bc9e94
                                                                                                                                                                                                                                                        0x00bc9ea0
                                                                                                                                                                                                                                                        0x00bc9ea8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9eaa
                                                                                                                                                                                                                                                        0x00bc9ead
                                                                                                                                                                                                                                                        0x00bc9eb4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9eb6
                                                                                                                                                                                                                                                        0x00bc9ebd
                                                                                                                                                                                                                                                        0x00bc9ebf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9ee4
                                                                                                                                                                                                                                                        0x00bc9eeb
                                                                                                                                                                                                                                                        0x00bc9eed
                                                                                                                                                                                                                                                        0x00bc9ef0
                                                                                                                                                                                                                                                        0x00bc9ef0
                                                                                                                                                                                                                                                        0x00bc9e96
                                                                                                                                                                                                                                                        0x00bc9e96
                                                                                                                                                                                                                                                        0x00bc9e99
                                                                                                                                                                                                                                                        0x00bc9e99
                                                                                                                                                                                                                                                        0x00bc9e99
                                                                                                                                                                                                                                                        0x00bc9ec3
                                                                                                                                                                                                                                                        0x00bc9ec6
                                                                                                                                                                                                                                                        0x00bc9ec9
                                                                                                                                                                                                                                                        0x00bc9ecf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9ecf
                                                                                                                                                                                                                                                        0x00bc9ed9
                                                                                                                                                                                                                                                        0x00bc9ed9
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • TlsGetValue.KERNEL32(FFFFFFFF), ref: 00BC9DE5
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,00000800), ref: 00BC9E17
                                                                                                                                                                                                                                                        • TlsSetValue.KERNEL32(FFFFFFFF,?), ref: 00BC9E33
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BC9E3E
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(00000000), ref: 00BC9E4E
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00BFA888,00000C00), ref: 00BC9E65
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BC9E6E
                                                                                                                                                                                                                                                        • TlsSetValue.KERNEL32(?,00000002), ref: 00BC9ED9
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Value$ExclusiveLockmemcpy$??3@AcquireRelease
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 800339985-0
                                                                                                                                                                                                                                                        • Opcode ID: e05a90e718fb017cfe89d8af6d41dccfd640b4b8613d3baaa2cd65a8e4c21164
                                                                                                                                                                                                                                                        • Instruction ID: da9879dfacf99fd678ca574410552f3809b0d4f3c1ab1160c5ac6211fd3771aa
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e05a90e718fb017cfe89d8af6d41dccfd640b4b8613d3baaa2cd65a8e4c21164
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A031F271A0010A9BEB249F24DC89FFA73E9FB20304F1045F9E919A3290DF719D49CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BE9CF0(intOrPtr* __ecx, void* __eflags, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _t52;
                                                                                                                                                                                                                                                        				intOrPtr _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t55;
                                                                                                                                                                                                                                                        				intOrPtr _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				intOrPtr _t63;
                                                                                                                                                                                                                                                        				intOrPtr _t65;
                                                                                                                                                                                                                                                        				intOrPtr* _t72;
                                                                                                                                                                                                                                                        				void* _t74;
                                                                                                                                                                                                                                                        				intOrPtr* _t76;
                                                                                                                                                                                                                                                        				intOrPtr* _t78;
                                                                                                                                                                                                                                                        				intOrPtr* _t80;
                                                                                                                                                                                                                                                        				intOrPtr* _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t86;
                                                                                                                                                                                                                                                        				intOrPtr* _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				intOrPtr _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t91;
                                                                                                                                                                                                                                                        				intOrPtr _t92;
                                                                                                                                                                                                                                                        				intOrPtr _t93;
                                                                                                                                                                                                                                                        				intOrPtr _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				intOrPtr* _t97;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t108 = __eflags;
                                                                                                                                                                                                                                                        				_t72 = __ecx;
                                                                                                                                                                                                                                                        				_t97 = __ecx;
                                                                                                                                                                                                                                                        				 *(__ecx + 4) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 8) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 0xc) = 0;
                                                                                                                                                                                                                                                        				 *__ecx = 0xbf1d1c;
                                                                                                                                                                                                                                                        				_t5 = _t72 + 0x14; // 0x14
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x10)) = _a4;
                                                                                                                                                                                                                                                        				_t52 = memset(_t5, 0, 0xb0);
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t89 = _t52;
                                                                                                                                                                                                                                                        				_t53 = E00BCFCD0(_t52, _t108, _a4);
                                                                                                                                                                                                                                                        				asm("movd xmm0, edi");
                                                                                                                                                                                                                                                        				 *(_t97 + 0x50) = _t89;
                                                                                                                                                                                                                                                        				asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0x40], xmm0");
                                                                                                                                                                                                                                                        				_t74 =  *(_t97 + 0x14);
                                                                                                                                                                                                                                                        				 *(_t97 + 0x14) = _t89;
                                                                                                                                                                                                                                                        				if(_t74 != 0) {
                                                                                                                                                                                                                                                        					_t53 =  *((intOrPtr*)( *_t74 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t90 = _t53;
                                                                                                                                                                                                                                                        				_t55 = E00BD72E0(_t53,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x54)) = _t90;
                                                                                                                                                                                                                                                        				_t76 =  *((intOrPtr*)(_t97 + 0x18));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x18)) = _t90;
                                                                                                                                                                                                                                                        				_t110 = _t76;
                                                                                                                                                                                                                                                        				if(_t76 != 0) {
                                                                                                                                                                                                                                                        					_t55 =  *((intOrPtr*)( *_t76 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t91 = _t55;
                                                                                                                                                                                                                                                        				_t57 = E00BDDD50(_t55, _t110,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				asm("movd xmm0, edi");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x68)) = _t91;
                                                                                                                                                                                                                                                        				asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0x58], xmm0");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x8c)) = _t91;
                                                                                                                                                                                                                                                        				_t78 =  *((intOrPtr*)(_t97 + 0x1c));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x1c)) = _t91;
                                                                                                                                                                                                                                                        				_t111 = _t78;
                                                                                                                                                                                                                                                        				if(_t78 != 0) {
                                                                                                                                                                                                                                                        					_t57 =  *((intOrPtr*)( *_t78 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t92 = _t57;
                                                                                                                                                                                                                                                        				_t59 = E00BE7E10(_t57, _t111,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x6c)) = _t92;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x70)) = _t92;
                                                                                                                                                                                                                                                        				_t80 =  *((intOrPtr*)(_t97 + 0x20));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x20)) = _t92;
                                                                                                                                                                                                                                                        				_t112 = _t80;
                                                                                                                                                                                                                                                        				if(_t80 != 0) {
                                                                                                                                                                                                                                                        					_t59 =  *((intOrPtr*)( *_t80 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t93 = _t59;
                                                                                                                                                                                                                                                        				_t61 = E00BDFCB0(_t59, _t112,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x74)) = _t93;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x78)) = _t93;
                                                                                                                                                                                                                                                        				_t82 =  *((intOrPtr*)(_t97 + 0x24));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x24)) = _t93;
                                                                                                                                                                                                                                                        				if(_t82 != 0) {
                                                                                                                                                                                                                                                        					_t61 =  *((intOrPtr*)( *_t82 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t94 = _t61;
                                                                                                                                                                                                                                                        				_t63 = E00BD5200(_t61,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x7c)) = _t94;
                                                                                                                                                                                                                                                        				_t84 =  *((intOrPtr*)(_t97 + 0x28));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x28)) = _t94;
                                                                                                                                                                                                                                                        				if(_t84 != 0) {
                                                                                                                                                                                                                                                        					_t63 =  *((intOrPtr*)( *_t84 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x20);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t95 = _t63;
                                                                                                                                                                                                                                                        				_t65 = E00BDA150(_t63,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				asm("movd xmm0, edi");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x80)) = _t95;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x84)) = _t95;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x88)) = _t95;
                                                                                                                                                                                                                                                        				asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0x90], xmm0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0xa0], xmm0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0xb0], xmm0");
                                                                                                                                                                                                                                                        				_t86 =  *((intOrPtr*)(_t97 + 0x2c));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x2c)) = _t95;
                                                                                                                                                                                                                                                        				if(_t86 != 0) {
                                                                                                                                                                                                                                                        					_t65 =  *((intOrPtr*)( *_t86 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t96 = _t65;
                                                                                                                                                                                                                                                        				E00BE7780(_t65,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0xc0)) = _t96;
                                                                                                                                                                                                                                                        				_t88 =  *((intOrPtr*)(_t97 + 0x30));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x30)) = _t96;
                                                                                                                                                                                                                                                        				if(_t88 != 0) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t88 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t97;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00be9cf0
                                                                                                                                                                                                                                                        0x00be9cf0
                                                                                                                                                                                                                                                        0x00be9cf9
                                                                                                                                                                                                                                                        0x00be9cfb
                                                                                                                                                                                                                                                        0x00be9d02
                                                                                                                                                                                                                                                        0x00be9d09
                                                                                                                                                                                                                                                        0x00be9d10
                                                                                                                                                                                                                                                        0x00be9d16
                                                                                                                                                                                                                                                        0x00be9d19
                                                                                                                                                                                                                                                        0x00be9d24
                                                                                                                                                                                                                                                        0x00be9d2c
                                                                                                                                                                                                                                                        0x00be9d2e
                                                                                                                                                                                                                                                        0x00be9d38
                                                                                                                                                                                                                                                        0x00be9d3b
                                                                                                                                                                                                                                                        0x00be9d40
                                                                                                                                                                                                                                                        0x00be9d44
                                                                                                                                                                                                                                                        0x00be9d47
                                                                                                                                                                                                                                                        0x00be9d4c
                                                                                                                                                                                                                                                        0x00be9d51
                                                                                                                                                                                                                                                        0x00be9d54
                                                                                                                                                                                                                                                        0x00be9d59
                                                                                                                                                                                                                                                        0x00be9ec2
                                                                                                                                                                                                                                                        0x00be9ec2
                                                                                                                                                                                                                                                        0x00be9d5f
                                                                                                                                                                                                                                                        0x00be9d61
                                                                                                                                                                                                                                                        0x00be9d6b
                                                                                                                                                                                                                                                        0x00be9d70
                                                                                                                                                                                                                                                        0x00be9d75
                                                                                                                                                                                                                                                        0x00be9d78
                                                                                                                                                                                                                                                        0x00be9d7b
                                                                                                                                                                                                                                                        0x00be9d7e
                                                                                                                                                                                                                                                        0x00be9d80
                                                                                                                                                                                                                                                        0x00be9ece
                                                                                                                                                                                                                                                        0x00be9ece
                                                                                                                                                                                                                                                        0x00be9d86
                                                                                                                                                                                                                                                        0x00be9d88
                                                                                                                                                                                                                                                        0x00be9d92
                                                                                                                                                                                                                                                        0x00be9d97
                                                                                                                                                                                                                                                        0x00be9d9c
                                                                                                                                                                                                                                                        0x00be9da0
                                                                                                                                                                                                                                                        0x00be9da3
                                                                                                                                                                                                                                                        0x00be9da8
                                                                                                                                                                                                                                                        0x00be9dad
                                                                                                                                                                                                                                                        0x00be9db3
                                                                                                                                                                                                                                                        0x00be9db6
                                                                                                                                                                                                                                                        0x00be9db9
                                                                                                                                                                                                                                                        0x00be9dbb
                                                                                                                                                                                                                                                        0x00be9eda
                                                                                                                                                                                                                                                        0x00be9eda
                                                                                                                                                                                                                                                        0x00be9dc1
                                                                                                                                                                                                                                                        0x00be9dc3
                                                                                                                                                                                                                                                        0x00be9dcd
                                                                                                                                                                                                                                                        0x00be9dd2
                                                                                                                                                                                                                                                        0x00be9dd7
                                                                                                                                                                                                                                                        0x00be9dda
                                                                                                                                                                                                                                                        0x00be9ddd
                                                                                                                                                                                                                                                        0x00be9de0
                                                                                                                                                                                                                                                        0x00be9de3
                                                                                                                                                                                                                                                        0x00be9de5
                                                                                                                                                                                                                                                        0x00be9ee6
                                                                                                                                                                                                                                                        0x00be9ee6
                                                                                                                                                                                                                                                        0x00be9deb
                                                                                                                                                                                                                                                        0x00be9ded
                                                                                                                                                                                                                                                        0x00be9df7
                                                                                                                                                                                                                                                        0x00be9dfc
                                                                                                                                                                                                                                                        0x00be9e01
                                                                                                                                                                                                                                                        0x00be9e04
                                                                                                                                                                                                                                                        0x00be9e07
                                                                                                                                                                                                                                                        0x00be9e0a
                                                                                                                                                                                                                                                        0x00be9e0f
                                                                                                                                                                                                                                                        0x00be9ef2
                                                                                                                                                                                                                                                        0x00be9ef2
                                                                                                                                                                                                                                                        0x00be9e15
                                                                                                                                                                                                                                                        0x00be9e17
                                                                                                                                                                                                                                                        0x00be9e21
                                                                                                                                                                                                                                                        0x00be9e26
                                                                                                                                                                                                                                                        0x00be9e2b
                                                                                                                                                                                                                                                        0x00be9e2e
                                                                                                                                                                                                                                                        0x00be9e31
                                                                                                                                                                                                                                                        0x00be9e36
                                                                                                                                                                                                                                                        0x00be9efe
                                                                                                                                                                                                                                                        0x00be9efe
                                                                                                                                                                                                                                                        0x00be9e3c
                                                                                                                                                                                                                                                        0x00be9e3e
                                                                                                                                                                                                                                                        0x00be9e48
                                                                                                                                                                                                                                                        0x00be9e4d
                                                                                                                                                                                                                                                        0x00be9e52
                                                                                                                                                                                                                                                        0x00be9e56
                                                                                                                                                                                                                                                        0x00be9e5c
                                                                                                                                                                                                                                                        0x00be9e62
                                                                                                                                                                                                                                                        0x00be9e68
                                                                                                                                                                                                                                                        0x00be9e6d
                                                                                                                                                                                                                                                        0x00be9e75
                                                                                                                                                                                                                                                        0x00be9e7d
                                                                                                                                                                                                                                                        0x00be9e85
                                                                                                                                                                                                                                                        0x00be9e88
                                                                                                                                                                                                                                                        0x00be9e8d
                                                                                                                                                                                                                                                        0x00be9f0a
                                                                                                                                                                                                                                                        0x00be9f0a
                                                                                                                                                                                                                                                        0x00be9e8f
                                                                                                                                                                                                                                                        0x00be9e91
                                                                                                                                                                                                                                                        0x00be9e9b
                                                                                                                                                                                                                                                        0x00be9ea0
                                                                                                                                                                                                                                                        0x00be9ea5
                                                                                                                                                                                                                                                        0x00be9eab
                                                                                                                                                                                                                                                        0x00be9eae
                                                                                                                                                                                                                                                        0x00be9eb3
                                                                                                                                                                                                                                                        0x00be9f13
                                                                                                                                                                                                                                                        0x00be9f13
                                                                                                                                                                                                                                                        0x00be9ebb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BE9D24
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,00BE48F5,00000000), ref: 00BE9D2E
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,00BE48F5,?,?,00BE48F5,00000000), ref: 00BE9D61
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,00BE48F5,?,?,00BE48F5,00000000), ref: 00BE9D88
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,00BE48F5,?,?,00BE48F5,00000000), ref: 00BE9DC3
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,00BE48F5,00000000), ref: 00BE9DED
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,?,?,?,?,00BE48F5,00000000), ref: 00BE9E17
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000020,?,?,?,?,?,?,?,00BE48F5,00000000), ref: 00BE9E3E
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,?,?,?,?,?,?,00BE48F5,00000000), ref: 00BE9E91
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$memset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1860491036-0
                                                                                                                                                                                                                                                        • Opcode ID: 5c62e0981a75846a71ae37345dc69c0e6c60ab57cd4c8d2afe4d5fc7698e1275
                                                                                                                                                                                                                                                        • Instruction ID: cf8b830b6424a58e8304a3c908b2ff72c5515c9537e1daf2b0da77166bf717a1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5c62e0981a75846a71ae37345dc69c0e6c60ab57cd4c8d2afe4d5fc7698e1275
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3051B0B2A007418FE724DF26C845B26F7F1BF94700F104A6DE58B8B7A1EBB1A845CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                                                                                                                        			E00BD5BD0(void* __ecx, void* __eflags, intOrPtr _a4, intOrPtr _a8, char _a12, intOrPtr _a16, intOrPtr _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				signed int _v72;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				char _v96;
                                                                                                                                                                                                                                                        				intOrPtr _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				signed int _v120;
                                                                                                                                                                                                                                                        				intOrPtr _v124;
                                                                                                                                                                                                                                                        				signed int _v128;
                                                                                                                                                                                                                                                        				signed int _v132;
                                                                                                                                                                                                                                                        				char _v148;
                                                                                                                                                                                                                                                        				signed int _v152;
                                                                                                                                                                                                                                                        				signed int _v156;
                                                                                                                                                                                                                                                        				char _v172;
                                                                                                                                                                                                                                                        				intOrPtr _v176;
                                                                                                                                                                                                                                                        				signed int _v180;
                                                                                                                                                                                                                                                        				char _v196;
                                                                                                                                                                                                                                                        				char _v204;
                                                                                                                                                                                                                                                        				signed int _v224;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				signed int _t104;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				intOrPtr _t109;
                                                                                                                                                                                                                                                        				intOrPtr _t114;
                                                                                                                                                                                                                                                        				signed int* _t119;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t133;
                                                                                                                                                                                                                                                        				void* _t135;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				signed int _t141;
                                                                                                                                                                                                                                                        				intOrPtr* _t143;
                                                                                                                                                                                                                                                        				signed int _t150;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				signed int _t163;
                                                                                                                                                                                                                                                        				signed int* _t168;
                                                                                                                                                                                                                                                        				char* _t169;
                                                                                                                                                                                                                                                        				signed int _t170;
                                                                                                                                                                                                                                                        				intOrPtr _t176;
                                                                                                                                                                                                                                                        				intOrPtr _t179;
                                                                                                                                                                                                                                                        				signed int _t184;
                                                                                                                                                                                                                                                        				signed int _t185;
                                                                                                                                                                                                                                                        				signed int _t186;
                                                                                                                                                                                                                                                        				void* _t187;
                                                                                                                                                                                                                                                        				signed int _t189;
                                                                                                                                                                                                                                                        				signed int _t191;
                                                                                                                                                                                                                                                        				void* _t192;
                                                                                                                                                                                                                                                        				void* _t194;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t125 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t168 =  &_v72;
                                                                                                                                                                                                                                                        				_t119 =  &_v48;
                                                                                                                                                                                                                                                        				_v20 = _t125 ^ _t184;
                                                                                                                                                                                                                                                        				_v76 = 7;
                                                                                                                                                                                                                                                        				_v80 = 0;
                                                                                                                                                                                                                                                        				_v96 = 0;
                                                                                                                                                                                                                                                        				_v52 = 0xf;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v72 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0xf;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v104 = _a12;
                                                                                                                                                                                                                                                        				_v100 = _a20;
                                                                                                                                                                                                                                                        				E00BBA740( &_v96, _a4);
                                                                                                                                                                                                                                                        				E00BBD9B0(_t168, _a8);
                                                                                                                                                                                                                                                        				E00BBD9B0(_t119, _a16);
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_push( &_v104);
                                                                                                                                                                                                                                                        				E00BD6AD0( &_v104, _t119, __ecx + 4,  *((intOrPtr*)(__ecx + 4)), _t168, __ecx);
                                                                                                                                                                                                                                                        				_t189 = _t187 - 0x58 + 4;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0xc)) = 1;
                                                                                                                                                                                                                                                        				_t90 = _v28;
                                                                                                                                                                                                                                                        				if(_t90 >= 0x10) {
                                                                                                                                                                                                                                                        					_t133 = _v48;
                                                                                                                                                                                                                                                        					_t37 = _t90 + 1; // 0x10
                                                                                                                                                                                                                                                        					_t176 = _t37;
                                                                                                                                                                                                                                                        					__eflags = _t176 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t176 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t161 =  *((intOrPtr*)(_t133 - 4));
                                                                                                                                                                                                                                                        						_t135 = _t133 + 0xfffffffc - _t161;
                                                                                                                                                                                                                                                        						__eflags = _t135 - 0x20;
                                                                                                                                                                                                                                                        						if(_t135 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t133 = _t161;
                                                                                                                                                                                                                                                        							_t176 = _t90 + 0x24;
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_push(_t176);
                                                                                                                                                                                                                                                        						_push(_t133);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t189 = _t189 + 8;
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v28 = 0xf;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_t114 = _v52;
                                                                                                                                                                                                                                                        					if(_t114 >= 0x10) {
                                                                                                                                                                                                                                                        						_t155 = _v72;
                                                                                                                                                                                                                                                        						_t39 = _t114 + 1; // 0x10
                                                                                                                                                                                                                                                        						_t176 = _t39;
                                                                                                                                                                                                                                                        						__eflags = _t176 - 0x1000;
                                                                                                                                                                                                                                                        						if(_t176 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t161 =  *((intOrPtr*)(_t155 - 4));
                                                                                                                                                                                                                                                        							_t135 = _t155 + 0xfffffffc - _t161;
                                                                                                                                                                                                                                                        							__eflags = _t135 - 0x20;
                                                                                                                                                                                                                                                        							if(_t135 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t184);
                                                                                                                                                                                                                                                        								_t185 = _t189;
                                                                                                                                                                                                                                                        								_push(_t168);
                                                                                                                                                                                                                                                        								_push(_t176);
                                                                                                                                                                                                                                                        								_t136 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t169 =  &_v172;
                                                                                                                                                                                                                                                        								_v120 = _t136 ^ _t185;
                                                                                                                                                                                                                                                        								_v176 = 7;
                                                                                                                                                                                                                                                        								_v180 = 0;
                                                                                                                                                                                                                                                        								_v196 = 0;
                                                                                                                                                                                                                                                        								_v152 = 0xf;
                                                                                                                                                                                                                                                        								_v156 = 0;
                                                                                                                                                                                                                                                        								_v172 = 0;
                                                                                                                                                                                                                                                        								_v128 = 0xf;
                                                                                                                                                                                                                                                        								_v132 = 0;
                                                                                                                                                                                                                                                        								_v148 = 0;
                                                                                                                                                                                                                                                        								_v204 = 5;
                                                                                                                                                                                                                                                        								E00BBA740( &_v196, _v100);
                                                                                                                                                                                                                                                        								E00BBD9B0(_t169, L"@ntdll.dll");
                                                                                                                                                                                                                                                        								_v124 = 1;
                                                                                                                                                                                                                                                        								_push( &_v204);
                                                                                                                                                                                                                                                        								E00BD6AD0( &_v204, _t119, _t135 + 4,  *((intOrPtr*)(_t135 + 4)), _t169, _t135 + 4);
                                                                                                                                                                                                                                                        								_t191 = _t189 - 0x58 + 4;
                                                                                                                                                                                                                                                        								_t96 = _v128;
                                                                                                                                                                                                                                                        								__eflags = _t96 - 0x10;
                                                                                                                                                                                                                                                        								if(_t96 >= 0x10) {
                                                                                                                                                                                                                                                        									_t141 = _v48;
                                                                                                                                                                                                                                                        									_t70 = _t96 + 1; // 0x10
                                                                                                                                                                                                                                                        									_t179 = _t70;
                                                                                                                                                                                                                                                        									__eflags = _t179 - 0x1000;
                                                                                                                                                                                                                                                        									if(_t179 >= 0x1000) {
                                                                                                                                                                                                                                                        										_t163 =  *(_t141 - 4);
                                                                                                                                                                                                                                                        										_t143 = _t141 + 0xfffffffc - _t163;
                                                                                                                                                                                                                                                        										__eflags = _t143 - 0x20;
                                                                                                                                                                                                                                                        										if(_t143 >= 0x20) {
                                                                                                                                                                                                                                                        											goto L23;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t141 = _t163;
                                                                                                                                                                                                                                                        											_t179 = _t96 + 0x24;
                                                                                                                                                                                                                                                        											goto L16;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_push(_t179);
                                                                                                                                                                                                                                                        										_push(_t141);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t191 = _t191 + 8;
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L13:
                                                                                                                                                                                                                                                        									_v32 = 0;
                                                                                                                                                                                                                                                        									_v28 = 0xf;
                                                                                                                                                                                                                                                        									_v48 = 0;
                                                                                                                                                                                                                                                        									_t109 = _v52;
                                                                                                                                                                                                                                                        									__eflags = _t109 - 0x10;
                                                                                                                                                                                                                                                        									if(_t109 >= 0x10) {
                                                                                                                                                                                                                                                        										_t150 = _v72;
                                                                                                                                                                                                                                                        										_t72 = _t109 + 1; // 0x10
                                                                                                                                                                                                                                                        										_t179 = _t72;
                                                                                                                                                                                                                                                        										__eflags = _t179 - 0x1000;
                                                                                                                                                                                                                                                        										if(_t179 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t163 =  *(_t150 - 4);
                                                                                                                                                                                                                                                        											_t143 = _t150 + 0xfffffffc - _t163;
                                                                                                                                                                                                                                                        											__eflags = _t143 - 0x20;
                                                                                                                                                                                                                                                        											if(_t143 >= 0x20) {
                                                                                                                                                                                                                                                        												L23:
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t185);
                                                                                                                                                                                                                                                        												_t186 = _t191;
                                                                                                                                                                                                                                                        												_push(_t119);
                                                                                                                                                                                                                                                        												_push(_t169);
                                                                                                                                                                                                                                                        												_push(_t179);
                                                                                                                                                                                                                                                        												_t192 = _t191 - 0xc;
                                                                                                                                                                                                                                                        												_t97 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        												_t120 = 0;
                                                                                                                                                                                                                                                        												_v224 = _t97 ^ _t186;
                                                                                                                                                                                                                                                        												__eflags =  *(_t143 + 8);
                                                                                                                                                                                                                                                        												if(__eflags != 0) {
                                                                                                                                                                                                                                                        													_t180 = _t143;
                                                                                                                                                                                                                                                        													_t99 = E00BD5F40(_t143, __eflags);
                                                                                                                                                                                                                                                        													_t170 = _t99;
                                                                                                                                                                                                                                                        													_push(_t99);
                                                                                                                                                                                                                                                        													L00BEF6CC();
                                                                                                                                                                                                                                                        													_t100 = E00BD6040(_t143, _t99, _t170);
                                                                                                                                                                                                                                                        													_t163 = _t99;
                                                                                                                                                                                                                                                        													_t194 = _t192 + 8;
                                                                                                                                                                                                                                                        													_t120 = 0x26;
                                                                                                                                                                                                                                                        													__eflags = _t100;
                                                                                                                                                                                                                                                        													if(_t100 != 0) {
                                                                                                                                                                                                                                                        														_t120 = 0x27;
                                                                                                                                                                                                                                                        														_v36 = _t163;
                                                                                                                                                                                                                                                        														_t104 = E00BEB4E0( *((intOrPtr*)( *_t180)), _t163, _t170,  &_v32);
                                                                                                                                                                                                                                                        														_t194 = _t194 + 0x10;
                                                                                                                                                                                                                                                        														__eflags = _t104;
                                                                                                                                                                                                                                                        														if(_t104 != 0) {
                                                                                                                                                                                                                                                        															__eflags = _t170;
                                                                                                                                                                                                                                                        															_t166 = 0 | _t170 != 0x00000000;
                                                                                                                                                                                                                                                        															_t105 = E00BD6270(_t180, _t170 != 0);
                                                                                                                                                                                                                                                        															_t120 = _t105;
                                                                                                                                                                                                                                                        															__eflags = _t105;
                                                                                                                                                                                                                                                        															if(__eflags == 0) {
                                                                                                                                                                                                                                                        																 *0xbfb5bc = _v32;
                                                                                                                                                                                                                                                        																_t120 = E00BE9630( *_t180, _t166, __eflags, "g_interceptions", "true", 4);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t163 = _v36;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_push(_t163);
                                                                                                                                                                                                                                                        													L00BEF6D2();
                                                                                                                                                                                                                                                        													_t192 = _t194 + 4;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _v28 ^ _t186;
                                                                                                                                                                                                                                                        												E00BEECB0(_v28 ^ _t186, _t163);
                                                                                                                                                                                                                                                        												return _t120;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t109 = _t109 + 0x24;
                                                                                                                                                                                                                                                        												_t150 = _t163;
                                                                                                                                                                                                                                                        												_t179 = _t109;
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											_push(_t179);
                                                                                                                                                                                                                                                        											_push(_t150);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t191 = _t191 + 8;
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L14:
                                                                                                                                                                                                                                                        										_v56 = 0;
                                                                                                                                                                                                                                                        										_v52 = 0xf;
                                                                                                                                                                                                                                                        										_v72 = 0;
                                                                                                                                                                                                                                                        										E00BBDF30(_t109,  &_v96, _t163);
                                                                                                                                                                                                                                                        										__eflags = _v20 ^ _t185;
                                                                                                                                                                                                                                                        										E00BEECB0(_v20 ^ _t185, _t163);
                                                                                                                                                                                                                                                        										return 1;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t114 = _t114 + 0x24;
                                                                                                                                                                                                                                                        								_t155 = _t161;
                                                                                                                                                                                                                                                        								_t176 = _t114;
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							_push(_t176);
                                                                                                                                                                                                                                                        							_push(_t155);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t189 = _t189 + 8;
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_v56 = 0;
                                                                                                                                                                                                                                                        						_v52 = 0xf;
                                                                                                                                                                                                                                                        						_v72 = 0;
                                                                                                                                                                                                                                                        						E00BBDF30(_t114,  &_v96, _t161);
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t184, _t161);
                                                                                                                                                                                                                                                        						return 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



































































                                                                                                                                                                                                                                                        0x00bd5bdb
                                                                                                                                                                                                                                                        0x00bd5be4
                                                                                                                                                                                                                                                        0x00bd5be7
                                                                                                                                                                                                                                                        0x00bd5bec
                                                                                                                                                                                                                                                        0x00bd5bf2
                                                                                                                                                                                                                                                        0x00bd5bf9
                                                                                                                                                                                                                                                        0x00bd5c00
                                                                                                                                                                                                                                                        0x00bd5c06
                                                                                                                                                                                                                                                        0x00bd5c0d
                                                                                                                                                                                                                                                        0x00bd5c14
                                                                                                                                                                                                                                                        0x00bd5c18
                                                                                                                                                                                                                                                        0x00bd5c1f
                                                                                                                                                                                                                                                        0x00bd5c26
                                                                                                                                                                                                                                                        0x00bd5c2a
                                                                                                                                                                                                                                                        0x00bd5c30
                                                                                                                                                                                                                                                        0x00bd5c37
                                                                                                                                                                                                                                                        0x00bd5c41
                                                                                                                                                                                                                                                        0x00bd5c4b
                                                                                                                                                                                                                                                        0x00bd5c50
                                                                                                                                                                                                                                                        0x00bd5c60
                                                                                                                                                                                                                                                        0x00bd5c61
                                                                                                                                                                                                                                                        0x00bd5c66
                                                                                                                                                                                                                                                        0x00bd5c69
                                                                                                                                                                                                                                                        0x00bd5c6d
                                                                                                                                                                                                                                                        0x00bd5c73
                                                                                                                                                                                                                                                        0x00bd5cbf
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc5
                                                                                                                                                                                                                                                        0x00bd5ccb
                                                                                                                                                                                                                                                        0x00bd5cf3
                                                                                                                                                                                                                                                        0x00bd5cf9
                                                                                                                                                                                                                                                        0x00bd5cfb
                                                                                                                                                                                                                                                        0x00bd5cfe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d00
                                                                                                                                                                                                                                                        0x00bd5d03
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5cce
                                                                                                                                                                                                                                                        0x00bd5ccf
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c7c
                                                                                                                                                                                                                                                        0x00bd5c83
                                                                                                                                                                                                                                                        0x00bd5c87
                                                                                                                                                                                                                                                        0x00bd5c8d
                                                                                                                                                                                                                                                        0x00bd5cd9
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdf
                                                                                                                                                                                                                                                        0x00bd5ce5
                                                                                                                                                                                                                                                        0x00bd5d09
                                                                                                                                                                                                                                                        0x00bd5d0f
                                                                                                                                                                                                                                                        0x00bd5d11
                                                                                                                                                                                                                                                        0x00bd5d14
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d25
                                                                                                                                                                                                                                                        0x00bd5d26
                                                                                                                                                                                                                                                        0x00bd5d27
                                                                                                                                                                                                                                                        0x00bd5d28
                                                                                                                                                                                                                                                        0x00bd5d29
                                                                                                                                                                                                                                                        0x00bd5d2a
                                                                                                                                                                                                                                                        0x00bd5d2b
                                                                                                                                                                                                                                                        0x00bd5d2c
                                                                                                                                                                                                                                                        0x00bd5d2d
                                                                                                                                                                                                                                                        0x00bd5d2e
                                                                                                                                                                                                                                                        0x00bd5d2f
                                                                                                                                                                                                                                                        0x00bd5d30
                                                                                                                                                                                                                                                        0x00bd5d31
                                                                                                                                                                                                                                                        0x00bd5d33
                                                                                                                                                                                                                                                        0x00bd5d34
                                                                                                                                                                                                                                                        0x00bd5d3a
                                                                                                                                                                                                                                                        0x00bd5d43
                                                                                                                                                                                                                                                        0x00bd5d48
                                                                                                                                                                                                                                                        0x00bd5d4e
                                                                                                                                                                                                                                                        0x00bd5d55
                                                                                                                                                                                                                                                        0x00bd5d5c
                                                                                                                                                                                                                                                        0x00bd5d62
                                                                                                                                                                                                                                                        0x00bd5d69
                                                                                                                                                                                                                                                        0x00bd5d70
                                                                                                                                                                                                                                                        0x00bd5d74
                                                                                                                                                                                                                                                        0x00bd5d7b
                                                                                                                                                                                                                                                        0x00bd5d82
                                                                                                                                                                                                                                                        0x00bd5d86
                                                                                                                                                                                                                                                        0x00bd5d8e
                                                                                                                                                                                                                                                        0x00bd5d9a
                                                                                                                                                                                                                                                        0x00bd5d9f
                                                                                                                                                                                                                                                        0x00bd5db1
                                                                                                                                                                                                                                                        0x00bd5db2
                                                                                                                                                                                                                                                        0x00bd5db7
                                                                                                                                                                                                                                                        0x00bd5dba
                                                                                                                                                                                                                                                        0x00bd5dbd
                                                                                                                                                                                                                                                        0x00bd5dc0
                                                                                                                                                                                                                                                        0x00bd5e0b
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e11
                                                                                                                                                                                                                                                        0x00bd5e17
                                                                                                                                                                                                                                                        0x00bd5e3f
                                                                                                                                                                                                                                                        0x00bd5e45
                                                                                                                                                                                                                                                        0x00bd5e47
                                                                                                                                                                                                                                                        0x00bd5e4a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e4c
                                                                                                                                                                                                                                                        0x00bd5e4f
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e1a
                                                                                                                                                                                                                                                        0x00bd5e1b
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc9
                                                                                                                                                                                                                                                        0x00bd5dd0
                                                                                                                                                                                                                                                        0x00bd5dd4
                                                                                                                                                                                                                                                        0x00bd5dd7
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5e25
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e2b
                                                                                                                                                                                                                                                        0x00bd5e31
                                                                                                                                                                                                                                                        0x00bd5e55
                                                                                                                                                                                                                                                        0x00bd5e5b
                                                                                                                                                                                                                                                        0x00bd5e5d
                                                                                                                                                                                                                                                        0x00bd5e60
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e71
                                                                                                                                                                                                                                                        0x00bd5e72
                                                                                                                                                                                                                                                        0x00bd5e73
                                                                                                                                                                                                                                                        0x00bd5e74
                                                                                                                                                                                                                                                        0x00bd5e75
                                                                                                                                                                                                                                                        0x00bd5e76
                                                                                                                                                                                                                                                        0x00bd5e77
                                                                                                                                                                                                                                                        0x00bd5e78
                                                                                                                                                                                                                                                        0x00bd5e79
                                                                                                                                                                                                                                                        0x00bd5e7a
                                                                                                                                                                                                                                                        0x00bd5e7b
                                                                                                                                                                                                                                                        0x00bd5e7c
                                                                                                                                                                                                                                                        0x00bd5e7d
                                                                                                                                                                                                                                                        0x00bd5e7e
                                                                                                                                                                                                                                                        0x00bd5e7f
                                                                                                                                                                                                                                                        0x00bd5e80
                                                                                                                                                                                                                                                        0x00bd5e81
                                                                                                                                                                                                                                                        0x00bd5e83
                                                                                                                                                                                                                                                        0x00bd5e84
                                                                                                                                                                                                                                                        0x00bd5e85
                                                                                                                                                                                                                                                        0x00bd5e86
                                                                                                                                                                                                                                                        0x00bd5e89
                                                                                                                                                                                                                                                        0x00bd5e8e
                                                                                                                                                                                                                                                        0x00bd5e92
                                                                                                                                                                                                                                                        0x00bd5e95
                                                                                                                                                                                                                                                        0x00bd5e99
                                                                                                                                                                                                                                                        0x00bd5eaf
                                                                                                                                                                                                                                                        0x00bd5eb1
                                                                                                                                                                                                                                                        0x00bd5eb6
                                                                                                                                                                                                                                                        0x00bd5eb8
                                                                                                                                                                                                                                                        0x00bd5eb9
                                                                                                                                                                                                                                                        0x00bd5ec8
                                                                                                                                                                                                                                                        0x00bd5ecd
                                                                                                                                                                                                                                                        0x00bd5ecf
                                                                                                                                                                                                                                                        0x00bd5ed2
                                                                                                                                                                                                                                                        0x00bd5ed7
                                                                                                                                                                                                                                                        0x00bd5ed9
                                                                                                                                                                                                                                                        0x00bd5ee0
                                                                                                                                                                                                                                                        0x00bd5ee7
                                                                                                                                                                                                                                                        0x00bd5eed
                                                                                                                                                                                                                                                        0x00bd5ef2
                                                                                                                                                                                                                                                        0x00bd5ef5
                                                                                                                                                                                                                                                        0x00bd5ef7
                                                                                                                                                                                                                                                        0x00bd5f09
                                                                                                                                                                                                                                                        0x00bd5f0d
                                                                                                                                                                                                                                                        0x00bd5f10
                                                                                                                                                                                                                                                        0x00bd5f15
                                                                                                                                                                                                                                                        0x00bd5f17
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5f1e
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5efc
                                                                                                                                                                                                                                                        0x00bd5efd
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5e9e
                                                                                                                                                                                                                                                        0x00bd5ea0
                                                                                                                                                                                                                                                        0x00bd5eae
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e65
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e34
                                                                                                                                                                                                                                                        0x00bd5e35
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddf
                                                                                                                                                                                                                                                        0x00bd5de6
                                                                                                                                                                                                                                                        0x00bd5ded
                                                                                                                                                                                                                                                        0x00bd5df1
                                                                                                                                                                                                                                                        0x00bd5df9
                                                                                                                                                                                                                                                        0x00bd5dfb
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d19
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce8
                                                                                                                                                                                                                                                        0x00bd5ce9
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c92
                                                                                                                                                                                                                                                        0x00bd5c99
                                                                                                                                                                                                                                                        0x00bd5ca0
                                                                                                                                                                                                                                                        0x00bd5ca4
                                                                                                                                                                                                                                                        0x00bd5cae
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5c8d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BBD9C9
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: memmove.NTDLL(?,?,00000000), ref: 00BBD9E9
                                                                                                                                                                                                                                                          • Part of subcall function 00BD6AD0: ??2@YAPAXI@Z.MOZGLUE(0000005C), ref: 00BD6AE3
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5CCF
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5CE9
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BD5D1F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@memmove$??2@_invalid_parameter_noinfo_noreturnstrlenwcslen
                                                                                                                                                                                                                                                        • String ID: @ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 3260599714-536421688
                                                                                                                                                                                                                                                        • Opcode ID: 95abb8b8433cc14a26c9066ae7073806ca4293c17857643426232310fea35948
                                                                                                                                                                                                                                                        • Instruction ID: 27dbafda6ab68aec9d6f12b573eb4e97183c6a17afa0276043b12063c1cf5bf6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 95abb8b8433cc14a26c9066ae7073806ca4293c17857643426232310fea35948
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C881D071D002489FDB24DFA4D898BEEFBB2EF44318F144569E40A6B381EB755948CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 69%
                                                                                                                                                                                                                                                        			E00BEA540(signed int __edx, void* __eflags, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				WCHAR* _v44;
                                                                                                                                                                                                                                                        				char _v564;
                                                                                                                                                                                                                                                        				intOrPtr _v568;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t43;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				WCHAR* _t53;
                                                                                                                                                                                                                                                        				long _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				wchar_t* _t75;
                                                                                                                                                                                                                                                        				WCHAR* _t76;
                                                                                                                                                                                                                                                        				signed int _t78;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t72 = __edx;
                                                                                                                                                                                                                                                        				_t43 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t74 = _a4;
                                                                                                                                                                                                                                                        				_t55 = 0x1126;
                                                                                                                                                                                                                                                        				_v20 = _t43 ^ _t85;
                                                                                                                                                                                                                                                        				if(E00BEA2A0(_a4) == 0) {
                                                                                                                                                                                                                                                        					_t81 =  &_v44;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					E00BEA740(_t74, _t81);
                                                                                                                                                                                                                                                        					_t47 = E00BEA810(_t81);
                                                                                                                                                                                                                                                        					_t72 = _t81;
                                                                                                                                                                                                                                                        					_t57 = _t47;
                                                                                                                                                                                                                                                        					_t48 = E00BEA850(_t81, _t81);
                                                                                                                                                                                                                                                        					__eflags = _t57;
                                                                                                                                                                                                                                                        					if(_t57 != 0) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						__eflags = _t57;
                                                                                                                                                                                                                                                        						_t58 = _t48;
                                                                                                                                                                                                                                                        						if(_t57 == 0) {
                                                                                                                                                                                                                                                        							_push(4);
                                                                                                                                                                                                                                                        							_t48 = E00BD26E0(_t58,  &_v44, _t74, 0, L"\\\\.\\");
                                                                                                                                                                                                                                                        							__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        							if(_v24 > 7) {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t81 = _v44;
                                                                                                                                                                                                                                                        								L8:
                                                                                                                                                                                                                                                        								_t75 =  &_v564;
                                                                                                                                                                                                                                                        								__imp__GetVolumePathNameW(_t81, _t75, 0x104);
                                                                                                                                                                                                                                                        								__eflags = _t48;
                                                                                                                                                                                                                                                        								if(_t48 == 0) {
                                                                                                                                                                                                                                                        									__eflags = _t58;
                                                                                                                                                                                                                                                        									_t48 = 0x1126;
                                                                                                                                                                                                                                                        									_t55 =  !=  ? 0x1126 : 0x7b;
                                                                                                                                                                                                                                                        									L35:
                                                                                                                                                                                                                                                        									E00BBDF30(_t48,  &_v44, _t72);
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t83 = wcslen(_t75) - 1;
                                                                                                                                                                                                                                                        								__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        								if(_v24 <= 7) {
                                                                                                                                                                                                                                                        									_t48 =  &_v44;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t48 = _v44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__imp___wcsnicmp(_t48, _t75, _t83);
                                                                                                                                                                                                                                                        								__eflags = _t48;
                                                                                                                                                                                                                                                        								if(_t48 != 0) {
                                                                                                                                                                                                                                                        									L37:
                                                                                                                                                                                                                                                        									_t55 = 0x7b;
                                                                                                                                                                                                                                                        									goto L35;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t76 =  &_v44;
                                                                                                                                                                                                                                                        									_v568 = _t83;
                                                                                                                                                                                                                                                        									goto L14;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											L14:
                                                                                                                                                                                                                                                        											__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        											_t53 = _t76;
                                                                                                                                                                                                                                                        											if(_v24 > 7) {
                                                                                                                                                                                                                                                        												_t53 = _v44;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t48 = GetFileAttributesW(_t53);
                                                                                                                                                                                                                                                        											__eflags = _t48 - 0xffffffff;
                                                                                                                                                                                                                                                        											if(_t48 == 0xffffffff) {
                                                                                                                                                                                                                                                        												_t54 = GetLastError();
                                                                                                                                                                                                                                                        												_t55 = _t54;
                                                                                                                                                                                                                                                        												_t48 = _t54 - 1;
                                                                                                                                                                                                                                                        												__eflags = _t54 - 1 - 3;
                                                                                                                                                                                                                                                        												if(_t54 - 1 < 3) {
                                                                                                                                                                                                                                                        													goto L18;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t55 - 0x7b;
                                                                                                                                                                                                                                                        												if(_t55 == 0x7b) {
                                                                                                                                                                                                                                                        													goto L18;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L35;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags = _t48 & 0x00000400;
                                                                                                                                                                                                                                                        												if((_t48 & 0x00000400) != 0) {
                                                                                                                                                                                                                                                        													_t55 = 0;
                                                                                                                                                                                                                                                        													goto L35;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L18:
                                                                                                                                                                                                                                                        												_t70 = _v28;
                                                                                                                                                                                                                                                        												__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        												_t48 = _t76;
                                                                                                                                                                                                                                                        												if(_v24 > 7) {
                                                                                                                                                                                                                                                        													_t48 = _v44;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t72 = 0xffffffff;
                                                                                                                                                                                                                                                        												__eflags = _t70;
                                                                                                                                                                                                                                                        												if(_t70 == 0) {
                                                                                                                                                                                                                                                        													L23:
                                                                                                                                                                                                                                                        													_t78 = _t72 - _t70;
                                                                                                                                                                                                                                                        													__eflags = _t78;
                                                                                                                                                                                                                                                        													if(_t78 > 0) {
                                                                                                                                                                                                                                                        														goto L33;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L24;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags =  *((short*)(_t48 + _t70 * 2 - 2)) - 0x5c;
                                                                                                                                                                                                                                                        												_t27 = _t70 * 2; // -2
                                                                                                                                                                                                                                                        												_t60 = _t48 + _t27 - 2;
                                                                                                                                                                                                                                                        												if( *((short*)(_t48 + _t70 * 2 - 2)) != 0x5c) {
                                                                                                                                                                                                                                                        													_t80 = 2 - _t70 + _t70;
                                                                                                                                                                                                                                                        													__eflags = 2;
                                                                                                                                                                                                                                                        													_t83 = _v568;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														__eflags = _t80;
                                                                                                                                                                                                                                                        														if(_t80 == 0) {
                                                                                                                                                                                                                                                        															goto L23;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t80 = _t80 + 2;
                                                                                                                                                                                                                                                        														__eflags =  *((short*)(_t60 - 2)) - 0x5c;
                                                                                                                                                                                                                                                        														_t60 = _t60 - 2;
                                                                                                                                                                                                                                                        														if(__eflags != 0) {
                                                                                                                                                                                                                                                        															continue;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L22;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L23;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L22:
                                                                                                                                                                                                                                                        												_t61 = _t60 - _t48;
                                                                                                                                                                                                                                                        												__eflags = _t61;
                                                                                                                                                                                                                                                        												_t72 = _t61 >> 1;
                                                                                                                                                                                                                                                        												goto L23;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L33:
                                                                                                                                                                                                                                                        											_t76 =  &_v44;
                                                                                                                                                                                                                                                        											_t48 = E00BC1BE0( &_v44, _t78, 0);
                                                                                                                                                                                                                                                        											__eflags = _v28 - _t83;
                                                                                                                                                                                                                                                        										} while (_v28 > _t83);
                                                                                                                                                                                                                                                        										L34:
                                                                                                                                                                                                                                                        										_t55 = 0x1126;
                                                                                                                                                                                                                                                        										goto L35;
                                                                                                                                                                                                                                                        										L24:
                                                                                                                                                                                                                                                        										_v28 = _t72;
                                                                                                                                                                                                                                                        										 *((short*)(_t48 + _t72 * 2)) = 0;
                                                                                                                                                                                                                                                        										_t76 =  &_v44;
                                                                                                                                                                                                                                                        										__eflags = _v28 - _t83;
                                                                                                                                                                                                                                                        									} while (_v28 > _t83);
                                                                                                                                                                                                                                                        									goto L34;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        						if(_v24 <= 7) {
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t57;
                                                                                                                                                                                                                                                        					if(_t57 != 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t48;
                                                                                                                                                                                                                                                        					if(_t48 == 0) {
                                                                                                                                                                                                                                                        						goto L37;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t85, _t72);
                                                                                                                                                                                                                                                        				return _t55;
                                                                                                                                                                                                                                                        			}




























                                                                                                                                                                                                                                                        0x00bea540
                                                                                                                                                                                                                                                        0x00bea54c
                                                                                                                                                                                                                                                        0x00bea551
                                                                                                                                                                                                                                                        0x00bea554
                                                                                                                                                                                                                                                        0x00bea55b
                                                                                                                                                                                                                                                        0x00bea569
                                                                                                                                                                                                                                                        0x00bea582
                                                                                                                                                                                                                                                        0x00bea587
                                                                                                                                                                                                                                                        0x00bea58e
                                                                                                                                                                                                                                                        0x00bea595
                                                                                                                                                                                                                                                        0x00bea59d
                                                                                                                                                                                                                                                        0x00bea5a6
                                                                                                                                                                                                                                                        0x00bea5ad
                                                                                                                                                                                                                                                        0x00bea5af
                                                                                                                                                                                                                                                        0x00bea5b1
                                                                                                                                                                                                                                                        0x00bea5b6
                                                                                                                                                                                                                                                        0x00bea5b8
                                                                                                                                                                                                                                                        0x00bea5c6
                                                                                                                                                                                                                                                        0x00bea5c6
                                                                                                                                                                                                                                                        0x00bea5c8
                                                                                                                                                                                                                                                        0x00bea5ca
                                                                                                                                                                                                                                                        0x00bea709
                                                                                                                                                                                                                                                        0x00bea712
                                                                                                                                                                                                                                                        0x00bea717
                                                                                                                                                                                                                                                        0x00bea71b
                                                                                                                                                                                                                                                        0x00bea5d6
                                                                                                                                                                                                                                                        0x00bea5d6
                                                                                                                                                                                                                                                        0x00bea5d9
                                                                                                                                                                                                                                                        0x00bea5d9
                                                                                                                                                                                                                                                        0x00bea5e6
                                                                                                                                                                                                                                                        0x00bea5ec
                                                                                                                                                                                                                                                        0x00bea5ee
                                                                                                                                                                                                                                                        0x00bea726
                                                                                                                                                                                                                                                        0x00bea728
                                                                                                                                                                                                                                                        0x00bea732
                                                                                                                                                                                                                                                        0x00bea6ee
                                                                                                                                                                                                                                                        0x00bea6f1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea6f1
                                                                                                                                                                                                                                                        0x00bea5ff
                                                                                                                                                                                                                                                        0x00bea600
                                                                                                                                                                                                                                                        0x00bea604
                                                                                                                                                                                                                                                        0x00bea60b
                                                                                                                                                                                                                                                        0x00bea606
                                                                                                                                                                                                                                                        0x00bea606
                                                                                                                                                                                                                                                        0x00bea606
                                                                                                                                                                                                                                                        0x00bea611
                                                                                                                                                                                                                                                        0x00bea61a
                                                                                                                                                                                                                                                        0x00bea61c
                                                                                                                                                                                                                                                        0x00bea6ff
                                                                                                                                                                                                                                                        0x00bea6ff
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea622
                                                                                                                                                                                                                                                        0x00bea622
                                                                                                                                                                                                                                                        0x00bea625
                                                                                                                                                                                                                                                        0x00bea625
                                                                                                                                                                                                                                                        0x00bea630
                                                                                                                                                                                                                                                        0x00bea630
                                                                                                                                                                                                                                                        0x00bea630
                                                                                                                                                                                                                                                        0x00bea630
                                                                                                                                                                                                                                                        0x00bea634
                                                                                                                                                                                                                                                        0x00bea636
                                                                                                                                                                                                                                                        0x00bea638
                                                                                                                                                                                                                                                        0x00bea638
                                                                                                                                                                                                                                                        0x00bea63c
                                                                                                                                                                                                                                                        0x00bea642
                                                                                                                                                                                                                                                        0x00bea645
                                                                                                                                                                                                                                                        0x00bea694
                                                                                                                                                                                                                                                        0x00bea69a
                                                                                                                                                                                                                                                        0x00bea69c
                                                                                                                                                                                                                                                        0x00bea69d
                                                                                                                                                                                                                                                        0x00bea6a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea6a2
                                                                                                                                                                                                                                                        0x00bea6a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea647
                                                                                                                                                                                                                                                        0x00bea647
                                                                                                                                                                                                                                                        0x00bea64c
                                                                                                                                                                                                                                                        0x00bea6fb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea6fb
                                                                                                                                                                                                                                                        0x00bea652
                                                                                                                                                                                                                                                        0x00bea652
                                                                                                                                                                                                                                                        0x00bea655
                                                                                                                                                                                                                                                        0x00bea659
                                                                                                                                                                                                                                                        0x00bea65b
                                                                                                                                                                                                                                                        0x00bea65d
                                                                                                                                                                                                                                                        0x00bea65d
                                                                                                                                                                                                                                                        0x00bea660
                                                                                                                                                                                                                                                        0x00bea665
                                                                                                                                                                                                                                                        0x00bea667
                                                                                                                                                                                                                                                        0x00bea67b
                                                                                                                                                                                                                                                        0x00bea67d
                                                                                                                                                                                                                                                        0x00bea67d
                                                                                                                                                                                                                                                        0x00bea67f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea67f
                                                                                                                                                                                                                                                        0x00bea669
                                                                                                                                                                                                                                                        0x00bea66f
                                                                                                                                                                                                                                                        0x00bea66f
                                                                                                                                                                                                                                                        0x00bea673
                                                                                                                                                                                                                                                        0x00bea6b1
                                                                                                                                                                                                                                                        0x00bea6b1
                                                                                                                                                                                                                                                        0x00bea6b3
                                                                                                                                                                                                                                                        0x00bea6c0
                                                                                                                                                                                                                                                        0x00bea6c0
                                                                                                                                                                                                                                                        0x00bea6c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea6c4
                                                                                                                                                                                                                                                        0x00bea6c7
                                                                                                                                                                                                                                                        0x00bea6cc
                                                                                                                                                                                                                                                        0x00bea6cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea6d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea6c0
                                                                                                                                                                                                                                                        0x00bea675
                                                                                                                                                                                                                                                        0x00bea675
                                                                                                                                                                                                                                                        0x00bea675
                                                                                                                                                                                                                                                        0x00bea679
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea679
                                                                                                                                                                                                                                                        0x00bea6d3
                                                                                                                                                                                                                                                        0x00bea6d9
                                                                                                                                                                                                                                                        0x00bea6db
                                                                                                                                                                                                                                                        0x00bea6e0
                                                                                                                                                                                                                                                        0x00bea6e0
                                                                                                                                                                                                                                                        0x00bea6e9
                                                                                                                                                                                                                                                        0x00bea6e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea681
                                                                                                                                                                                                                                                        0x00bea681
                                                                                                                                                                                                                                                        0x00bea684
                                                                                                                                                                                                                                                        0x00bea68a
                                                                                                                                                                                                                                                        0x00bea68d
                                                                                                                                                                                                                                                        0x00bea68d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea692
                                                                                                                                                                                                                                                        0x00bea61c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea721
                                                                                                                                                                                                                                                        0x00bea5d0
                                                                                                                                                                                                                                                        0x00bea5d4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea5d4
                                                                                                                                                                                                                                                        0x00bea5ba
                                                                                                                                                                                                                                                        0x00bea5bc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea5be
                                                                                                                                                                                                                                                        0x00bea5c0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea5c0
                                                                                                                                                                                                                                                        0x00bea56b
                                                                                                                                                                                                                                                        0x00bea570
                                                                                                                                                                                                                                                        0x00bea581

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEA2A0: _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00BEACA1,\??\,00000004,00000001,?,00BEACA1,00BCFF01), ref: 00BEA2C7
                                                                                                                                                                                                                                                        • GetVolumePathNameW.KERNEL32(00000000,00000004,00000104,00000000,\\.\,00000004), ref: 00BEA5E6
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000004), ref: 00BEA5F5
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000004,-00000001), ref: 00BEA611
                                                                                                                                                                                                                                                        • GetFileAttributesW.KERNEL32(00000000), ref: 00BEA63C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _wcsnicmp$AttributesFileNamePathVolumewcslen
                                                                                                                                                                                                                                                        • String ID: \\.\
                                                                                                                                                                                                                                                        • API String ID: 2319985943-2900601889
                                                                                                                                                                                                                                                        • Opcode ID: 1dcc5779e5f172610bffaef775c650729c417858d1ac0afdae6139627d755d28
                                                                                                                                                                                                                                                        • Instruction ID: 222960707f431fcadb5b28c1f29b3a2e33af0a4c3c52982172402cd1d884ef6d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1dcc5779e5f172610bffaef775c650729c417858d1ac0afdae6139627d755d28
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E951C331A002449FDB109BA6C888AFEB7F9EF56314F1900A9D901B7281DB74BE49C792
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BCC650(signed int __ecx, void** __edx, intOrPtr _a4, intOrPtr _a8, long _a12, DWORD* _a16, BOOL* _a20) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				void* _v112;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				struct _PRIVILEGE_SET _v128;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v148;
                                                                                                                                                                                                                                                        				struct _ACL* _v152;
                                                                                                                                                                                                                                                        				void* _v156;
                                                                                                                                                                                                                                                        				void* _v160;
                                                                                                                                                                                                                                                        				void* _v164;
                                                                                                                                                                                                                                                        				signed int _v168;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v172;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				char* _t51;
                                                                                                                                                                                                                                                        				short _t53;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				int _t61;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        				int _t63;
                                                                                                                                                                                                                                                        				int _t65;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				long _t68;
                                                                                                                                                                                                                                                        				struct _GENERIC_MAPPING* _t81;
                                                                                                                                                                                                                                                        				char* _t82;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				struct _GENERIC_MAPPING* _t84;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t80 = __edx;
                                                                                                                                                                                                                                                        				_t46 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t83 = _a8;
                                                                                                                                                                                                                                                        				_t66 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t46 ^ _t85;
                                                                                                                                                                                                                                                        				if(_t83 == 4 || _t83 == 1) {
                                                                                                                                                                                                                                                        					_t81 =  &_v112;
                                                                                                                                                                                                                                                        					asm("movd xmm0, eax");
                                                                                                                                                                                                                                                        					asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        					asm("pslld xmm0, 0x1f");
                                                                                                                                                                                                                                                        					asm("psrad xmm0, 0x1f");
                                                                                                                                                                                                                                                        					asm("movdqa xmm1, xmm0");
                                                                                                                                                                                                                                                        					asm("pand xmm0, [0xbf1200]");
                                                                                                                                                                                                                                                        					asm("pandn xmm1, [0xbf11f0]");
                                                                                                                                                                                                                                                        					asm("por xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("movdqa [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        					MapGenericMask( &_a12, _t81);
                                                                                                                                                                                                                                                        					_t51 =  &_v116;
                                                                                                                                                                                                                                                        					_v116 = 0;
                                                                                                                                                                                                                                                        					_v128.Privilege = 0;
                                                                                                                                                                                                                                                        					__imp__GetNamedSecurityInfoW(_a4, _t83, 0x17, 0, 0,  &(_v128.Privilege), 0, _t51);
                                                                                                                                                                                                                                                        					if(_t51 == 0) {
                                                                                                                                                                                                                                                        						_t52 = _v148;
                                                                                                                                                                                                                                                        						__eflags =  *((char*)(_t66 + 0x4c));
                                                                                                                                                                                                                                                        						_t84 = _t81;
                                                                                                                                                                                                                                                        						_v172 = _v148;
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							L15:
                                                                                                                                                                                                                                                        							asm("pxor xmm0, xmm0");
                                                                                                                                                                                                                                                        							_t80 =  &_v160;
                                                                                                                                                                                                                                                        							_v112 = 0;
                                                                                                                                                                                                                                                        							_v156 = 0x14;
                                                                                                                                                                                                                                                        							_v160 = 0;
                                                                                                                                                                                                                                                        							asm("movdqa [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        							_t53 = E00BCC5E0(_t52, _t66,  &_v160, __eflags);
                                                                                                                                                                                                                                                        							__eflags = _t53;
                                                                                                                                                                                                                                                        							if(_t53 == 0) {
                                                                                                                                                                                                                                                        								_t67 = 0;
                                                                                                                                                                                                                                                        								__eflags = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t53 = AccessCheck(_v148, _v160, _a12, _t84,  &_v128,  &_v156, _a16, _a20);
                                                                                                                                                                                                                                                        								__eflags = _t53;
                                                                                                                                                                                                                                                        								_t67 = _t66 & 0xffffff00 | _t53 != 0x00000000;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							E00BC51B0(_t53,  &_v160);
                                                                                                                                                                                                                                                        							L20:
                                                                                                                                                                                                                                                        							_t55 = _v172;
                                                                                                                                                                                                                                                        							__eflags = _t55;
                                                                                                                                                                                                                                                        							if(_t55 != 0) {
                                                                                                                                                                                                                                                        								LocalFree(_t55);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v168 = _t66;
                                                                                                                                                                                                                                                        						E00BE71D0( &_v128, 0x54);
                                                                                                                                                                                                                                                        						_t52 = _v156;
                                                                                                                                                                                                                                                        						__eflags = _t52->AceCount;
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t66 = _v168;
                                                                                                                                                                                                                                                        							goto L15;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t68 = 0;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t61 = GetAce(_t52, _t68,  &_v156);
                                                                                                                                                                                                                                                        								__eflags = _t61;
                                                                                                                                                                                                                                                        								if(_t61 == 0) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t82 = _v156;
                                                                                                                                                                                                                                                        								__eflags =  *_t82 - 1;
                                                                                                                                                                                                                                                        								if( *_t82 <= 1) {
                                                                                                                                                                                                                                                        									_t62 = _t82 + 8;
                                                                                                                                                                                                                                                        									_v164 = _t62;
                                                                                                                                                                                                                                                        									_t63 = IsValidSid(_t62);
                                                                                                                                                                                                                                                        									__eflags = _t63;
                                                                                                                                                                                                                                                        									if(_t63 != 0) {
                                                                                                                                                                                                                                                        										_t65 = EqualSid(_v164, E00BE7750( &_v128));
                                                                                                                                                                                                                                                        										__eflags = _t65;
                                                                                                                                                                                                                                                        										if(_t65 != 0) {
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t82 + 4)) = 0;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t52 = _v152;
                                                                                                                                                                                                                                                        								_t68 = _t68 + 1;
                                                                                                                                                                                                                                                        								__eflags = _t68 - (_t52->AceCount & 0x0000ffff);
                                                                                                                                                                                                                                                        								if(__eflags >= 0) {
                                                                                                                                                                                                                                                        									goto L14;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t67 = 0;
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t67 = 0;
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					E00BEECB0(_v56 ^ _t85, _t80);
                                                                                                                                                                                                                                                        					return _t67;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
































                                                                                                                                                                                                                                                        0x00bcc650
                                                                                                                                                                                                                                                        0x00bcc65f
                                                                                                                                                                                                                                                        0x00bcc664
                                                                                                                                                                                                                                                        0x00bcc667
                                                                                                                                                                                                                                                        0x00bcc66e
                                                                                                                                                                                                                                                        0x00bcc672
                                                                                                                                                                                                                                                        0x00bcc67e
                                                                                                                                                                                                                                                        0x00bcc685
                                                                                                                                                                                                                                                        0x00bcc68c
                                                                                                                                                                                                                                                        0x00bcc691
                                                                                                                                                                                                                                                        0x00bcc696
                                                                                                                                                                                                                                                        0x00bcc69b
                                                                                                                                                                                                                                                        0x00bcc69f
                                                                                                                                                                                                                                                        0x00bcc6a7
                                                                                                                                                                                                                                                        0x00bcc6af
                                                                                                                                                                                                                                                        0x00bcc6b3
                                                                                                                                                                                                                                                        0x00bcc6bb
                                                                                                                                                                                                                                                        0x00bcc6c1
                                                                                                                                                                                                                                                        0x00bcc6c5
                                                                                                                                                                                                                                                        0x00bcc6cd
                                                                                                                                                                                                                                                        0x00bcc6e7
                                                                                                                                                                                                                                                        0x00bcc6ef
                                                                                                                                                                                                                                                        0x00bcc70a
                                                                                                                                                                                                                                                        0x00bcc70e
                                                                                                                                                                                                                                                        0x00bcc712
                                                                                                                                                                                                                                                        0x00bcc714
                                                                                                                                                                                                                                                        0x00bcc718
                                                                                                                                                                                                                                                        0x00bcc7a2
                                                                                                                                                                                                                                                        0x00bcc7a2
                                                                                                                                                                                                                                                        0x00bcc7a6
                                                                                                                                                                                                                                                        0x00bcc7ac
                                                                                                                                                                                                                                                        0x00bcc7b4
                                                                                                                                                                                                                                                        0x00bcc7bc
                                                                                                                                                                                                                                                        0x00bcc7c4
                                                                                                                                                                                                                                                        0x00bcc7ca
                                                                                                                                                                                                                                                        0x00bcc7cf
                                                                                                                                                                                                                                                        0x00bcc7d1
                                                                                                                                                                                                                                                        0x00bcc800
                                                                                                                                                                                                                                                        0x00bcc800
                                                                                                                                                                                                                                                        0x00bcc7d3
                                                                                                                                                                                                                                                        0x00bcc7ef
                                                                                                                                                                                                                                                        0x00bcc7f5
                                                                                                                                                                                                                                                        0x00bcc7f7
                                                                                                                                                                                                                                                        0x00bcc7f7
                                                                                                                                                                                                                                                        0x00bcc806
                                                                                                                                                                                                                                                        0x00bcc80b
                                                                                                                                                                                                                                                        0x00bcc80b
                                                                                                                                                                                                                                                        0x00bcc80f
                                                                                                                                                                                                                                                        0x00bcc811
                                                                                                                                                                                                                                                        0x00bcc818
                                                                                                                                                                                                                                                        0x00bcc818
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc811
                                                                                                                                                                                                                                                        0x00bcc71e
                                                                                                                                                                                                                                                        0x00bcc728
                                                                                                                                                                                                                                                        0x00bcc72d
                                                                                                                                                                                                                                                        0x00bcc731
                                                                                                                                                                                                                                                        0x00bcc736
                                                                                                                                                                                                                                                        0x00bcc79e
                                                                                                                                                                                                                                                        0x00bcc79e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc738
                                                                                                                                                                                                                                                        0x00bcc738
                                                                                                                                                                                                                                                        0x00bcc74d
                                                                                                                                                                                                                                                        0x00bcc754
                                                                                                                                                                                                                                                        0x00bcc75a
                                                                                                                                                                                                                                                        0x00bcc75c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc762
                                                                                                                                                                                                                                                        0x00bcc766
                                                                                                                                                                                                                                                        0x00bcc769
                                                                                                                                                                                                                                                        0x00bcc76b
                                                                                                                                                                                                                                                        0x00bcc76e
                                                                                                                                                                                                                                                        0x00bcc773
                                                                                                                                                                                                                                                        0x00bcc779
                                                                                                                                                                                                                                                        0x00bcc77b
                                                                                                                                                                                                                                                        0x00bcc78b
                                                                                                                                                                                                                                                        0x00bcc791
                                                                                                                                                                                                                                                        0x00bcc793
                                                                                                                                                                                                                                                        0x00bcc795
                                                                                                                                                                                                                                                        0x00bcc795
                                                                                                                                                                                                                                                        0x00bcc793
                                                                                                                                                                                                                                                        0x00bcc77b
                                                                                                                                                                                                                                                        0x00bcc740
                                                                                                                                                                                                                                                        0x00bcc744
                                                                                                                                                                                                                                                        0x00bcc749
                                                                                                                                                                                                                                                        0x00bcc74b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc74b
                                                                                                                                                                                                                                                        0x00bcc7fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc7fc
                                                                                                                                                                                                                                                        0x00bcc736
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc6f1
                                                                                                                                                                                                                                                        0x00bcc6f1
                                                                                                                                                                                                                                                        0x00bcc6f1
                                                                                                                                                                                                                                                        0x00bcc6f3
                                                                                                                                                                                                                                                        0x00bcc6f9
                                                                                                                                                                                                                                                        0x00bcc707
                                                                                                                                                                                                                                                        0x00bcc707

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • MapGenericMask.ADVAPI32(?,?), ref: 00BCC6BB
                                                                                                                                                                                                                                                        • GetNamedSecurityInfoW.ADVAPI32(?,?,00000017,00000000,00000000,00000000,00000000,?), ref: 00BCC6E7
                                                                                                                                                                                                                                                        • GetAce.ADVAPI32(00000000,00000000,?,00000054), ref: 00BCC754
                                                                                                                                                                                                                                                        • IsValidSid.ADVAPI32(?), ref: 00BCC773
                                                                                                                                                                                                                                                        • EqualSid.ADVAPI32(?,00000000), ref: 00BCC78B
                                                                                                                                                                                                                                                        • AccessCheck.ADVAPI32(?,?,?,?,?,00000014,?,?), ref: 00BCC7EF
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?), ref: 00BCC818
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AccessCheckEqualFreeGenericInfoLocalMaskNamedSecurityValid
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2630810479-0
                                                                                                                                                                                                                                                        • Opcode ID: f90ab4115893093b48d756256297df7730a9a6c008851865a52a8eae5e2f620a
                                                                                                                                                                                                                                                        • Instruction ID: 954e0f09bb90d01c439a291dadf78f1a965a993bf0de5bd7b7da1d6b039e8d29
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f90ab4115893093b48d756256297df7730a9a6c008851865a52a8eae5e2f620a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2F514971514342ABD710DF24C885FABBBE8FF94340F04896DF999A7190EB70D948DB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                                                                                                                        			E00BD4210(intOrPtr __ecx, void* __edx, char* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v188;
                                                                                                                                                                                                                                                        				long _v192;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v220;
                                                                                                                                                                                                                                                        				char _v224;
                                                                                                                                                                                                                                                        				intOrPtr* _v228;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				int _t42;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				char _t64;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				char* _t84;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				signed int _t88;
                                                                                                                                                                                                                                                        				intOrPtr* _t90;
                                                                                                                                                                                                                                                        				intOrPtr* _t91;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t90 = (_t88 & 0xfffffff8) - 0xd8;
                                                                                                                                                                                                                                                        				 *_t90 = __ecx;
                                                                                                                                                                                                                                                        				_t84 = _a4;
                                                                                                                                                                                                                                                        				_t38 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t38 ^ _t87;
                                                                                                                                                                                                                                                        				if( *0xbfb504 == 0) {
                                                                                                                                                                                                                                                        					_push("g_handles_to_close");
                                                                                                                                                                                                                                                        					E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc", 0x81);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t84 = 1;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfb504;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t40 + 4)) != 0) {
                                                                                                                                                                                                                                                        					_t64 = 0;
                                                                                                                                                                                                                                                        					_t60 = _t40 + 8;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t85 = _t60 + 0xc;
                                                                                                                                                                                                                                                        						_v224 = _t64;
                                                                                                                                                                                                                                                        						_t42 = wcscmp(_t60 + 0xc, L"ALPC Port");
                                                                                                                                                                                                                                                        						_t91 = _t90 + 8;
                                                                                                                                                                                                                                                        						if(_t42 == 0) {
                                                                                                                                                                                                                                                        							 *_a4 = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t80 =  &_v208;
                                                                                                                                                                                                                                                        						_v192 = 0;
                                                                                                                                                                                                                                                        						_v188 = 7;
                                                                                                                                                                                                                                                        						_v208 = 0;
                                                                                                                                                                                                                                                        						E00BBA740( &_v208, _t85);
                                                                                                                                                                                                                                                        						_t79 =  &_v220;
                                                                                                                                                                                                                                                        						E00BD4930( *_t91,  &_v220,  &_v208);
                                                                                                                                                                                                                                                        						_t90 = _t91 + 4;
                                                                                                                                                                                                                                                        						_v224 = _v220;
                                                                                                                                                                                                                                                        						E00BBDF30(_v220, _t80,  &_v220);
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t60 + 8)) != 0) {
                                                                                                                                                                                                                                                        							_t86 = 0;
                                                                                                                                                                                                                                                        							_v228 = _t60;
                                                                                                                                                                                                                                                        							_t82 =  *((intOrPtr*)(_t60 + 4)) + _t60;
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								_t61 =  &_v208;
                                                                                                                                                                                                                                                        								_v192 = 0;
                                                                                                                                                                                                                                                        								_v188 = 7;
                                                                                                                                                                                                                                                        								_v208 = 0;
                                                                                                                                                                                                                                                        								E00BBA740( &_v208, _t82);
                                                                                                                                                                                                                                                        								_t79 =  &_v220;
                                                                                                                                                                                                                                                        								_t51 = E00BD4EB0(_v224 + 0x28,  &_v220,  &_v208);
                                                                                                                                                                                                                                                        								_t90 = _t90 + 4;
                                                                                                                                                                                                                                                        								E00BBDF30(_t51, _t61,  &_v220);
                                                                                                                                                                                                                                                        								if(_v216 == 0) {
                                                                                                                                                                                                                                                        									_push("name.second");
                                                                                                                                                                                                                                                        									E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc", 0x95);
                                                                                                                                                                                                                                                        									E00BC20C0();
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t60 = _v228;
                                                                                                                                                                                                                                                        								_t86 = _t86 + 1;
                                                                                                                                                                                                                                                        								_t82 = _t82 + 2 +  *(_v216 + 0x20) * 2;
                                                                                                                                                                                                                                                        							} while (_t86 <  *((intOrPtr*)(_t60 + 8)));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t40 =  *0xbfb504;
                                                                                                                                                                                                                                                        						_t60 = _t60 +  *_t60;
                                                                                                                                                                                                                                                        						_t64 = _v224 + 1;
                                                                                                                                                                                                                                                        					} while (_t64 <  *((intOrPtr*)(_t40 + 4)));
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					VirtualFree(_t40, 0, 0x8000);
                                                                                                                                                                                                                                                        					 *0xbfb504 = 0;
                                                                                                                                                                                                                                                        					return E00BEECB0(_v24 ^ _t87, _t79);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00bd4219
                                                                                                                                                                                                                                                        0x00bd421f
                                                                                                                                                                                                                                                        0x00bd4222
                                                                                                                                                                                                                                                        0x00bd4225
                                                                                                                                                                                                                                                        0x00bd422c
                                                                                                                                                                                                                                                        0x00bd423a
                                                                                                                                                                                                                                                        0x00bd4242
                                                                                                                                                                                                                                                        0x00bd4251
                                                                                                                                                                                                                                                        0x00bd4258
                                                                                                                                                                                                                                                        0x00bd4258
                                                                                                                                                                                                                                                        0x00bd425d
                                                                                                                                                                                                                                                        0x00bd4260
                                                                                                                                                                                                                                                        0x00bd4269
                                                                                                                                                                                                                                                        0x00bd429e
                                                                                                                                                                                                                                                        0x00bd42a0
                                                                                                                                                                                                                                                        0x00bd430e
                                                                                                                                                                                                                                                        0x00bd430e
                                                                                                                                                                                                                                                        0x00bd4311
                                                                                                                                                                                                                                                        0x00bd431b
                                                                                                                                                                                                                                                        0x00bd4321
                                                                                                                                                                                                                                                        0x00bd4326
                                                                                                                                                                                                                                                        0x00bd432b
                                                                                                                                                                                                                                                        0x00bd432b
                                                                                                                                                                                                                                                        0x00bd42b5
                                                                                                                                                                                                                                                        0x00bd42b9
                                                                                                                                                                                                                                                        0x00bd42c1
                                                                                                                                                                                                                                                        0x00bd42c5
                                                                                                                                                                                                                                                        0x00bd42cf
                                                                                                                                                                                                                                                        0x00bd42d7
                                                                                                                                                                                                                                                        0x00bd42dc
                                                                                                                                                                                                                                                        0x00bd42e1
                                                                                                                                                                                                                                                        0x00bd42ea
                                                                                                                                                                                                                                                        0x00bd42ee
                                                                                                                                                                                                                                                        0x00bd42f7
                                                                                                                                                                                                                                                        0x00bd4333
                                                                                                                                                                                                                                                        0x00bd4335
                                                                                                                                                                                                                                                        0x00bd4339
                                                                                                                                                                                                                                                        0x00bd4355
                                                                                                                                                                                                                                                        0x00bd435a
                                                                                                                                                                                                                                                        0x00bd435e
                                                                                                                                                                                                                                                        0x00bd4366
                                                                                                                                                                                                                                                        0x00bd436a
                                                                                                                                                                                                                                                        0x00bd4374
                                                                                                                                                                                                                                                        0x00bd437d
                                                                                                                                                                                                                                                        0x00bd4385
                                                                                                                                                                                                                                                        0x00bd438a
                                                                                                                                                                                                                                                        0x00bd438f
                                                                                                                                                                                                                                                        0x00bd4399
                                                                                                                                                                                                                                                        0x00bd43a1
                                                                                                                                                                                                                                                        0x00bd43b0
                                                                                                                                                                                                                                                        0x00bd43b7
                                                                                                                                                                                                                                                        0x00bd43b7
                                                                                                                                                                                                                                                        0x00bd4344
                                                                                                                                                                                                                                                        0x00bd4348
                                                                                                                                                                                                                                                        0x00bd434f
                                                                                                                                                                                                                                                        0x00bd434f
                                                                                                                                                                                                                                                        0x00bd4355
                                                                                                                                                                                                                                                        0x00bd42fd
                                                                                                                                                                                                                                                        0x00bd4302
                                                                                                                                                                                                                                                        0x00bd4304
                                                                                                                                                                                                                                                        0x00bd4305
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd426b
                                                                                                                                                                                                                                                        0x00bd426b
                                                                                                                                                                                                                                                        0x00bd4273
                                                                                                                                                                                                                                                        0x00bd4279
                                                                                                                                                                                                                                                        0x00bd4298
                                                                                                                                                                                                                                                        0x00bd4298

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcscmp.API-MS-WIN-CRT-STRING-L1-1-0(?,ALPC Port), ref: 00BD431B
                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(?,00000000,00008000), ref: 00BD4273
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • g_handles_to_close, xrefs: 00BD4242
                                                                                                                                                                                                                                                        • name.second, xrefs: 00BD43A1
                                                                                                                                                                                                                                                        • ALPC Port, xrefs: 00BD4315
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc, xrefs: 00BD424C, 00BD43AB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??1?$basic_streambuf@D@std@@@std@@FreeU?$char_traits@Virtualwcscmp
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc$ALPC Port$g_handles_to_close$name.second
                                                                                                                                                                                                                                                        • API String ID: 4239719893-1431499672
                                                                                                                                                                                                                                                        • Opcode ID: 62f34d414f3148ed0491c14e2cd333da740c49f1a1344654487d9199b954b126
                                                                                                                                                                                                                                                        • Instruction ID: 90a01e3102e89c4a0739f40c902785f6173becee77a89a9a1a8dd4128b85020f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 62f34d414f3148ed0491c14e2cd333da740c49f1a1344654487d9199b954b126
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E641B3706083019FCB10DF14D895B6EBBE5EF94314F0048AEF4855B392EB74A948CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BC8D00(void* __ebx, void* __ecx, void* __edi, void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				void* _v44;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char* _v56;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				char* _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr _t51;
                                                                                                                                                                                                                                                        				intOrPtr _t53;
                                                                                                                                                                                                                                                        				char* _t68;
                                                                                                                                                                                                                                                        				intOrPtr _t76;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				intOrPtr _t81;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t42 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t80 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t42 ^ _t84;
                                                                                                                                                                                                                                                        				E00BC8110(__ecx);
                                                                                                                                                                                                                                                        				_t45 = __ecx + 4;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 4)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 8)) = 0;
                                                                                                                                                                                                                                                        				_v56 = _t45;
                                                                                                                                                                                                                                                        				_push(0x2c);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				 *_t45 = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 4)) = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 8)) = _t45;
                                                                                                                                                                                                                                                        				 *((short*)(_t45 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 4)) = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0xc)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x10)) = 0;
                                                                                                                                                                                                                                                        				_push(0x18);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				 *_t45 = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 4)) = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 8)) = _t45;
                                                                                                                                                                                                                                                        				 *((short*)(_t45 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0xc)) = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x14)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x18)) = 0;
                                                                                                                                                                                                                                                        				_push(0x18);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				 *_t45 = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 4)) = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 8)) = _t45;
                                                                                                                                                                                                                                                        				 *((short*)(_t45 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x14)) = _t45;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x2c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x24)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x28)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x20)) = 0;
                                                                                                                                                                                                                                                        				_push(0x18);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 0x14)) = 0xf;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *_t45 = 0;
                                                                                                                                                                                                                                                        				_t46 = E00BBD9B0(_t45, 0xbf0fb0);
                                                                                                                                                                                                                                                        				 *0xbfa870 = _t45;
                                                                                                                                                                                                                                                        				E00BC8120(_t46, __ecx);
                                                                                                                                                                                                                                                        				_t76 =  *0xbfa870; // 0x0
                                                                                                                                                                                                                                                        				_t61 =  &_v44;
                                                                                                                                                                                                                                                        				_v24 = 0xf;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				E00BBD9B0( &_v44, 0xbf0fb0);
                                                                                                                                                                                                                                                        				_t74 =  &_v52;
                                                                                                                                                                                                                                                        				E00BC9270(_v56,  &_v52,  &_v44);
                                                                                                                                                                                                                                                        				_t92 = _t86 - 0x28 + 0x14;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_v52 + 0x28)) = _t76;
                                                                                                                                                                                                                                                        				_t51 = _v24;
                                                                                                                                                                                                                                                        				if(_t51 >= 0x10) {
                                                                                                                                                                                                                                                        					_t68 = _v44;
                                                                                                                                                                                                                                                        					_t40 = _t51 + 1; // 0x10
                                                                                                                                                                                                                                                        					_t77 = _t40;
                                                                                                                                                                                                                                                        					__eflags = _t77 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t77 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t74 =  *((intOrPtr*)(_t68 - 4));
                                                                                                                                                                                                                                                        						__eflags = _t68 + 0xfffffffc - _t74 - 0x20;
                                                                                                                                                                                                                                                        						if(_t68 + 0xfffffffc - _t74 >= 0x20) {
                                                                                                                                                                                                                                                        							__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							_push(_t84);
                                                                                                                                                                                                                                                        							_push(_t80);
                                                                                                                                                                                                                                                        							_t81 =  *0xbfa880; // 0x0
                                                                                                                                                                                                                                                        							__eflags = _t81 - 1;
                                                                                                                                                                                                                                                        							if(_t81 <= 1) {
                                                                                                                                                                                                                                                        								_t53 = E00BC4FD0(_t74, 0xbfa880);
                                                                                                                                                                                                                                                        								__eflags = _t53;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									_t81 =  *0xbfa880; // 0x0
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_push(0x30);
                                                                                                                                                                                                                                                        									L00BEF6BA();
                                                                                                                                                                                                                                                        									_t81 = _t53;
                                                                                                                                                                                                                                                        									E00BC8D00(_t61, _t53, _t77, __eflags);
                                                                                                                                                                                                                                                        									E00BC5080(0xbfa880, _t81, 0, 0);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							return _t81;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t68 = _t74;
                                                                                                                                                                                                                                                        							_t77 = _t51 + 0x24;
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						_push(_t77);
                                                                                                                                                                                                                                                        						_push(_t68);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t92 = _t92 + 8;
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive(_t80);
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t84, _t74);
                                                                                                                                                                                                                                                        					return _t80;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bc8d09
                                                                                                                                                                                                                                                        0x00bc8d0e
                                                                                                                                                                                                                                                        0x00bc8d12
                                                                                                                                                                                                                                                        0x00bc8d15
                                                                                                                                                                                                                                                        0x00bc8d1a
                                                                                                                                                                                                                                                        0x00bc8d1d
                                                                                                                                                                                                                                                        0x00bc8d24
                                                                                                                                                                                                                                                        0x00bc8d2b
                                                                                                                                                                                                                                                        0x00bc8d2e
                                                                                                                                                                                                                                                        0x00bc8d30
                                                                                                                                                                                                                                                        0x00bc8d38
                                                                                                                                                                                                                                                        0x00bc8d3a
                                                                                                                                                                                                                                                        0x00bc8d3d
                                                                                                                                                                                                                                                        0x00bc8d40
                                                                                                                                                                                                                                                        0x00bc8d46
                                                                                                                                                                                                                                                        0x00bc8d49
                                                                                                                                                                                                                                                        0x00bc8d50
                                                                                                                                                                                                                                                        0x00bc8d57
                                                                                                                                                                                                                                                        0x00bc8d59
                                                                                                                                                                                                                                                        0x00bc8d61
                                                                                                                                                                                                                                                        0x00bc8d63
                                                                                                                                                                                                                                                        0x00bc8d66
                                                                                                                                                                                                                                                        0x00bc8d69
                                                                                                                                                                                                                                                        0x00bc8d6f
                                                                                                                                                                                                                                                        0x00bc8d72
                                                                                                                                                                                                                                                        0x00bc8d79
                                                                                                                                                                                                                                                        0x00bc8d80
                                                                                                                                                                                                                                                        0x00bc8d82
                                                                                                                                                                                                                                                        0x00bc8d8a
                                                                                                                                                                                                                                                        0x00bc8d8c
                                                                                                                                                                                                                                                        0x00bc8d8f
                                                                                                                                                                                                                                                        0x00bc8d92
                                                                                                                                                                                                                                                        0x00bc8d98
                                                                                                                                                                                                                                                        0x00bc8d9b
                                                                                                                                                                                                                                                        0x00bc8da2
                                                                                                                                                                                                                                                        0x00bc8da9
                                                                                                                                                                                                                                                        0x00bc8db0
                                                                                                                                                                                                                                                        0x00bc8db7
                                                                                                                                                                                                                                                        0x00bc8dbe
                                                                                                                                                                                                                                                        0x00bc8dc0
                                                                                                                                                                                                                                                        0x00bc8dca
                                                                                                                                                                                                                                                        0x00bc8dd1
                                                                                                                                                                                                                                                        0x00bc8dd8
                                                                                                                                                                                                                                                        0x00bc8de2
                                                                                                                                                                                                                                                        0x00bc8de9
                                                                                                                                                                                                                                                        0x00bc8def
                                                                                                                                                                                                                                                        0x00bc8df4
                                                                                                                                                                                                                                                        0x00bc8dfa
                                                                                                                                                                                                                                                        0x00bc8dfd
                                                                                                                                                                                                                                                        0x00bc8e04
                                                                                                                                                                                                                                                        0x00bc8e0b
                                                                                                                                                                                                                                                        0x00bc8e16
                                                                                                                                                                                                                                                        0x00bc8e1e
                                                                                                                                                                                                                                                        0x00bc8e22
                                                                                                                                                                                                                                                        0x00bc8e27
                                                                                                                                                                                                                                                        0x00bc8e2d
                                                                                                                                                                                                                                                        0x00bc8e30
                                                                                                                                                                                                                                                        0x00bc8e36
                                                                                                                                                                                                                                                        0x00bc8e53
                                                                                                                                                                                                                                                        0x00bc8e56
                                                                                                                                                                                                                                                        0x00bc8e56
                                                                                                                                                                                                                                                        0x00bc8e59
                                                                                                                                                                                                                                                        0x00bc8e5f
                                                                                                                                                                                                                                                        0x00bc8e6d
                                                                                                                                                                                                                                                        0x00bc8e75
                                                                                                                                                                                                                                                        0x00bc8e78
                                                                                                                                                                                                                                                        0x00bc8e83
                                                                                                                                                                                                                                                        0x00bc8e89
                                                                                                                                                                                                                                                        0x00bc8e8a
                                                                                                                                                                                                                                                        0x00bc8e8b
                                                                                                                                                                                                                                                        0x00bc8e8c
                                                                                                                                                                                                                                                        0x00bc8e8d
                                                                                                                                                                                                                                                        0x00bc8e8e
                                                                                                                                                                                                                                                        0x00bc8e8f
                                                                                                                                                                                                                                                        0x00bc8ea0
                                                                                                                                                                                                                                                        0x00bc8ea3
                                                                                                                                                                                                                                                        0x00bc8ea4
                                                                                                                                                                                                                                                        0x00bc8eaa
                                                                                                                                                                                                                                                        0x00bc8ead
                                                                                                                                                                                                                                                        0x00bc8eb4
                                                                                                                                                                                                                                                        0x00bc8ebc
                                                                                                                                                                                                                                                        0x00bc8ebe
                                                                                                                                                                                                                                                        0x00bc8eea
                                                                                                                                                                                                                                                        0x00bc8ec0
                                                                                                                                                                                                                                                        0x00bc8ec0
                                                                                                                                                                                                                                                        0x00bc8ec2
                                                                                                                                                                                                                                                        0x00bc8ecc
                                                                                                                                                                                                                                                        0x00bc8ece
                                                                                                                                                                                                                                                        0x00bc8edd
                                                                                                                                                                                                                                                        0x00bc8ee2
                                                                                                                                                                                                                                                        0x00bc8ebe
                                                                                                                                                                                                                                                        0x00bc8ee9
                                                                                                                                                                                                                                                        0x00bc8e7a
                                                                                                                                                                                                                                                        0x00bc8e7d
                                                                                                                                                                                                                                                        0x00bc8e7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc8e7f
                                                                                                                                                                                                                                                        0x00bc8e61
                                                                                                                                                                                                                                                        0x00bc8e61
                                                                                                                                                                                                                                                        0x00bc8e61
                                                                                                                                                                                                                                                        0x00bc8e62
                                                                                                                                                                                                                                                        0x00bc8e63
                                                                                                                                                                                                                                                        0x00bc8e68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc8e68
                                                                                                                                                                                                                                                        0x00bc8e38
                                                                                                                                                                                                                                                        0x00bc8e38
                                                                                                                                                                                                                                                        0x00bc8e39
                                                                                                                                                                                                                                                        0x00bc8e44
                                                                                                                                                                                                                                                        0x00bc8e52
                                                                                                                                                                                                                                                        0x00bc8e52

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000002C), ref: 00BC8D30
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018), ref: 00BC8D59
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018), ref: 00BC8D82
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018), ref: 00BC8DC0
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BBD9C9
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: memmove.NTDLL(?,?,00000000), ref: 00BBD9E9
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8120: RtlAcquireSRWLockExclusive.NTDLL(00000000), ref: 00BC8124
                                                                                                                                                                                                                                                          • Part of subcall function 00BC9270: ??2@YAPAXI@Z.MOZGLUE(0000002C,00BF0FB0,00BF0FB0,00BF0FB0), ref: 00BC9291
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BC8E39
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015,00BF0FB0), ref: 00BC8E63
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(00BF0FB0), ref: 00BC8E83
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$ExclusiveLock$??3@AcquireRelease_invalid_parameter_noinfo_noreturnmemmovestrlen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 934833795-0
                                                                                                                                                                                                                                                        • Opcode ID: 3a83d2317317758429d2ff45010f6f2c003aea4e44a19121ec061bd78ef58b4d
                                                                                                                                                                                                                                                        • Instruction ID: 86ba85b5c5dd886201cd7f1f52f1a19bef742ae7465d4e41036e72436f93ac20
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3a83d2317317758429d2ff45010f6f2c003aea4e44a19121ec061bd78ef58b4d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8B41A1B19003058FD714DF65D849B6ABBF1FF48314F1489ACE44A9B3A1EBB5A908CF91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateJobObjectW.KERNEL32 ref: 00BD716B
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00000000), ref: 00BD7183
                                                                                                                                                                                                                                                        • SetInformationJobObject.KERNEL32 ref: 00BD725D
                                                                                                                                                                                                                                                        • SetInformationJobObject.KERNEL32 ref: 00BD727D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD728D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Object$ErrorInformationLast$Create
                                                                                                                                                                                                                                                        • String ID: '
                                                                                                                                                                                                                                                        • API String ID: 920667998-1997036262
                                                                                                                                                                                                                                                        • Opcode ID: 2b8eaf724f99f6d9378b0696fe3c67e31c528a94437dea749a5e558d3056b959
                                                                                                                                                                                                                                                        • Instruction ID: 8f91813182a084e5d69647a3dd031108aab8f00ed65ce9e90e197f130425ab31
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2b8eaf724f99f6d9378b0696fe3c67e31c528a94437dea749a5e558d3056b959
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5241B070A483809BE7248F29D845BAAB7E5FFC4314F10862EE99997380EF758945CB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BE4920(intOrPtr* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				intOrPtr* _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				intOrPtr* _t31;
                                                                                                                                                                                                                                                        				intOrPtr* _t37;
                                                                                                                                                                                                                                                        				intOrPtr* _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				intOrPtr _t48;
                                                                                                                                                                                                                                                        				intOrPtr* _t50;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				intOrPtr* _t56;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t45 = __edx;
                                                                                                                                                                                                                                                        				 *__ecx = 0xbf1b30;
                                                                                                                                                                                                                                                        				_t53 = __ecx;
                                                                                                                                                                                                                                                        				_t17 =  *((intOrPtr*)(__ecx + 0x1c));
                                                                                                                                                                                                                                                        				_t31 =  *_t17;
                                                                                                                                                                                                                                                        				if(_t17 != _t31) {
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t47 =  *((intOrPtr*)(_t31 + 8));
                                                                                                                                                                                                                                                        						__eflags = _t47;
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							E00BE9180(_t47, __eflags);
                                                                                                                                                                                                                                                        							_push(_t47);
                                                                                                                                                                                                                                                        							L00BEF6C0();
                                                                                                                                                                                                                                                        							_t60 = _t60 + 4;
                                                                                                                                                                                                                                                        							_t17 =  *((intOrPtr*)(_t53 + 0x1c));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t31 =  *_t31;
                                                                                                                                                                                                                                                        						__eflags = _t17 - _t31;
                                                                                                                                                                                                                                                        						if(_t17 == _t31) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L21:
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				_t48 =  *((intOrPtr*)(_t53 + 0x6c));
                                                                                                                                                                                                                                                        				if(_t48 != 0) {
                                                                                                                                                                                                                                                        					E00BD8480(_t48);
                                                                                                                                                                                                                                                        					_push(_t48);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t60 = _t60 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t19 =  *((intOrPtr*)(_t53 + 0x70));
                                                                                                                                                                                                                                                        				if(_t19 != 0) {
                                                                                                                                                                                                                                                        					_push(_t19);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t60 = _t60 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t20 =  *(_t53 + 0x88);
                                                                                                                                                                                                                                                        				if(_t20 != 0) {
                                                                                                                                                                                                                                                        					LocalFree(_t20);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t22 = _t53 + 4;
                                                                                                                                                                                                                                                        				DeleteCriticalSection(_t53 + 4);
                                                                                                                                                                                                                                                        				_t35 =  *((intOrPtr*)(_t53 + 0xa8));
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t53 + 0xa8)) != 0) {
                                                                                                                                                                                                                                                        					_t22 = E00BCC4A0(_t35);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t23 = E00BCF1B0(_t22, _t53 + 0x98);
                                                                                                                                                                                                                                                        				_t37 =  *((intOrPtr*)(_t53 + 0x90));
                                                                                                                                                                                                                                                        				_t67 = _t37;
                                                                                                                                                                                                                                                        				if(_t37 != 0) {
                                                                                                                                                                                                                                                        					_t23 =  *((intOrPtr*)( *_t37 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC51B0(_t23, _t53 + 0x8c);
                                                                                                                                                                                                                                                        				E00BC7510(E00BD2990(_t53 + 0x80, _t67), _t31, _t53 + 0x74, _t45, _t48);
                                                                                                                                                                                                                                                        				_t41 = _t53 + 0x1c;
                                                                                                                                                                                                                                                        				_pop(_t55);
                                                                                                                                                                                                                                                        				_pop(_t49);
                                                                                                                                                                                                                                                        				_pop(_t58);
                                                                                                                                                                                                                                                        				_t56 = _t41;
                                                                                                                                                                                                                                                        				_t42 =  *_t41;
                                                                                                                                                                                                                                                        				_t27 =  *_t42;
                                                                                                                                                                                                                                                        				 *_t42 = _t42;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t56 + 4)) =  *_t56;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t56 + 4)) = 0;
                                                                                                                                                                                                                                                        				if(_t27 !=  *_t56) {
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t50 =  *_t27;
                                                                                                                                                                                                                                                        						_push(0xc);
                                                                                                                                                                                                                                                        						_push(_t27);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t60 = _t60 + 8;
                                                                                                                                                                                                                                                        						__eflags = _t50 -  *_t56;
                                                                                                                                                                                                                                                        						_t27 = _t50;
                                                                                                                                                                                                                                                        						if(_t50 ==  *_t56) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t50 = _t27;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L18:
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				_push(_t50);
                                                                                                                                                                                                                                                        				L00BEF6C6();
                                                                                                                                                                                                                                                        				return _t27;
                                                                                                                                                                                                                                                        				goto L21;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00be4920
                                                                                                                                                                                                                                                        0x00be4926
                                                                                                                                                                                                                                                        0x00be492c
                                                                                                                                                                                                                                                        0x00be492e
                                                                                                                                                                                                                                                        0x00be4931
                                                                                                                                                                                                                                                        0x00be4935
                                                                                                                                                                                                                                                        0x00be49e2
                                                                                                                                                                                                                                                        0x00be49e2
                                                                                                                                                                                                                                                        0x00be49e5
                                                                                                                                                                                                                                                        0x00be49e7
                                                                                                                                                                                                                                                        0x00be49eb
                                                                                                                                                                                                                                                        0x00be49f0
                                                                                                                                                                                                                                                        0x00be49f1
                                                                                                                                                                                                                                                        0x00be49f6
                                                                                                                                                                                                                                                        0x00be49f9
                                                                                                                                                                                                                                                        0x00be49f9
                                                                                                                                                                                                                                                        0x00be49fc
                                                                                                                                                                                                                                                        0x00be49fe
                                                                                                                                                                                                                                                        0x00be4a00
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a06
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a06
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a00
                                                                                                                                                                                                                                                        0x00be49e2
                                                                                                                                                                                                                                                        0x00be493b
                                                                                                                                                                                                                                                        0x00be493b
                                                                                                                                                                                                                                                        0x00be4940
                                                                                                                                                                                                                                                        0x00be49b1
                                                                                                                                                                                                                                                        0x00be49b6
                                                                                                                                                                                                                                                        0x00be49b7
                                                                                                                                                                                                                                                        0x00be49bc
                                                                                                                                                                                                                                                        0x00be49bc
                                                                                                                                                                                                                                                        0x00be4942
                                                                                                                                                                                                                                                        0x00be4947
                                                                                                                                                                                                                                                        0x00be49c1
                                                                                                                                                                                                                                                        0x00be49c2
                                                                                                                                                                                                                                                        0x00be49c7
                                                                                                                                                                                                                                                        0x00be49c7
                                                                                                                                                                                                                                                        0x00be4949
                                                                                                                                                                                                                                                        0x00be4951
                                                                                                                                                                                                                                                        0x00be49d0
                                                                                                                                                                                                                                                        0x00be49d0
                                                                                                                                                                                                                                                        0x00be4953
                                                                                                                                                                                                                                                        0x00be4957
                                                                                                                                                                                                                                                        0x00be495d
                                                                                                                                                                                                                                                        0x00be4965
                                                                                                                                                                                                                                                        0x00be49db
                                                                                                                                                                                                                                                        0x00be49db
                                                                                                                                                                                                                                                        0x00be496d
                                                                                                                                                                                                                                                        0x00be4972
                                                                                                                                                                                                                                                        0x00be4978
                                                                                                                                                                                                                                                        0x00be497a
                                                                                                                                                                                                                                                        0x00be4980
                                                                                                                                                                                                                                                        0x00be4980
                                                                                                                                                                                                                                                        0x00be4989
                                                                                                                                                                                                                                                        0x00be499c
                                                                                                                                                                                                                                                        0x00be49a4
                                                                                                                                                                                                                                                        0x00be49a6
                                                                                                                                                                                                                                                        0x00be49a7
                                                                                                                                                                                                                                                        0x00be49a9
                                                                                                                                                                                                                                                        0x00be4a15
                                                                                                                                                                                                                                                        0x00be4a17
                                                                                                                                                                                                                                                        0x00be4a19
                                                                                                                                                                                                                                                        0x00be4a1b
                                                                                                                                                                                                                                                        0x00be4a1f
                                                                                                                                                                                                                                                        0x00be4a22
                                                                                                                                                                                                                                                        0x00be4a2b
                                                                                                                                                                                                                                                        0x00be4a3e
                                                                                                                                                                                                                                                        0x00be4a3e
                                                                                                                                                                                                                                                        0x00be4a40
                                                                                                                                                                                                                                                        0x00be4a42
                                                                                                                                                                                                                                                        0x00be4a43
                                                                                                                                                                                                                                                        0x00be4a48
                                                                                                                                                                                                                                                        0x00be4a4b
                                                                                                                                                                                                                                                        0x00be4a4d
                                                                                                                                                                                                                                                        0x00be4a4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a51
                                                                                                                                                                                                                                                        0x00be4a2d
                                                                                                                                                                                                                                                        0x00be4a2d
                                                                                                                                                                                                                                                        0x00be4a2d
                                                                                                                                                                                                                                                        0x00be4a2f
                                                                                                                                                                                                                                                        0x00be4a2f
                                                                                                                                                                                                                                                        0x00be4a31
                                                                                                                                                                                                                                                        0x00be4a32
                                                                                                                                                                                                                                                        0x00be4a3d
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • DeleteCriticalSection.KERNEL32(?,?,00BCCFC5), ref: 00BE4957
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?,?,?,?,00BE4A8E,?,?,00BCF089,00000000,?,?,00BCCFC5), ref: 00BE49B7
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,00BCCFC5), ref: 00BE49C2
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?,?,00BCCFC5), ref: 00BE49D0
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC4A0: ??3@YAXPAX@Z.MOZGLUE ref: 00BCC4D0
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,?,00BE4A8E,?,?,00BCF089,00000000,?,?,00BCCFC5), ref: 00BE49F1
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00BCCFC5,0000000C,?,?,?,?,00BCCFC5), ref: 00BE4A32
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$CriticalDeleteFreeLocalSection
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2906964862-0
                                                                                                                                                                                                                                                        • Opcode ID: e7876d5e31db09a34f813255d094bcdf65d6cb155d69b336b30d164dfbef1e19
                                                                                                                                                                                                                                                        • Instruction ID: cd053da15958decf93609e31dab00fb9b12ed27fc59743806668203fb81a3b3b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e7876d5e31db09a34f813255d094bcdf65d6cb155d69b336b30d164dfbef1e19
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F731C07A2042409FC624AF26D885F3B73E9EF91714B6444EDE58AA7312EB31AC05D791
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BC9F00(signed int* __ecx, intOrPtr __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				signed int _v220;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				long _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				signed char _t36;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				intOrPtr _t63;
                                                                                                                                                                                                                                                        				signed int* _t65;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				signed int _t68;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t61 = __edx;
                                                                                                                                                                                                                                                        				_t70 = (_t68 & 0xfffffff8) - 0xc8;
                                                                                                                                                                                                                                                        				_t30 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t63 = __edx;
                                                                                                                                                                                                                                                        				_t65 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t30 ^ _t67;
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa054; // 0xffffffff
                                                                                                                                                                                                                                                        				if(_t32 == 0xffffffff || (TlsGetValue(_t32) & 0x00000003) == 0) {
                                                                                                                                                                                                                                                        					E00BCA060(_t61);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t34 = E00BCA290();
                                                                                                                                                                                                                                                        				_t50 = _t34;
                                                                                                                                                                                                                                                        				__imp__AcquireSRWLockExclusive(_t34);
                                                                                                                                                                                                                                                        				_t35 =  *0xbfa884; // 0x0
                                                                                                                                                                                                                                                        				_v220 = 0x100;
                                                                                                                                                                                                                                                        				_t36 = _t35 + 1;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t62 = _t36 & 0x000000ff;
                                                                                                                                                                                                                                                        					_t52 = _t62 + _t62 * 2;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(0xbfa888 + _t52 * 4)) == 0) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t36 = _t36 + 1;
                                                                                                                                                                                                                                                        					_v220 = _v220 - 1;
                                                                                                                                                                                                                                                        					__eflags = _v220;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						continue;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive(_t50);
                                                                                                                                                                                                                                                        					_t37 =  *_t65;
                                                                                                                                                                                                                                                        					_v216 = 0xffffffff;
                                                                                                                                                                                                                                                        					_v220 = _t37;
                                                                                                                                                                                                                                                        					if(_t37 == 0xffffffff) {
                                                                                                                                                                                                                                                        						_t39 = E00BC2290(_t62, __eflags,  &_v220,  &_v216, "slot_ != kInvalidSlotValue");
                                                                                                                                                                                                                                                        						_t70 = _t70 + 0xc;
                                                                                                                                                                                                                                                        						__eflags = _t39;
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							E00BC2030( &_v216, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0x196, _t39);
                                                                                                                                                                                                                                                        							E00BC20C0();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t40 =  *_t65;
                                                                                                                                                                                                                                                        					_v216 = 0x100;
                                                                                                                                                                                                                                                        					_v220 = _t40;
                                                                                                                                                                                                                                                        					if(_t40 > 0xff) {
                                                                                                                                                                                                                                                        						__eflags = E00BC2290(_t62, __eflags,  &_v220,  &_v216, "slot_ < kThreadLocalStorageSize");
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							E00BC2030( &_v216, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0x197, _t42);
                                                                                                                                                                                                                                                        							E00BC20C0();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return E00BEECB0(_v32 ^ _t67, _t62);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *0xbfa884 = _t62;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(0xbfa888 + _t52 * 4)) = 1;
                                                                                                                                                                                                                                                        				_t47 = _t62 * 4;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t47 + 0xbfa88c + _t47 * 2)) = _t63;
                                                                                                                                                                                                                                                        				 *_t65 = _t62;
                                                                                                                                                                                                                                                        				_t15 = _t47 * 2; // 0x0
                                                                                                                                                                                                                                                        				_t65[1] =  *(_t47 + _t15 + 0xbfa890);
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00bc9f00
                                                                                                                                                                                                                                                        0x00bc9f09
                                                                                                                                                                                                                                                        0x00bc9f0f
                                                                                                                                                                                                                                                        0x00bc9f14
                                                                                                                                                                                                                                                        0x00bc9f16
                                                                                                                                                                                                                                                        0x00bc9f1a
                                                                                                                                                                                                                                                        0x00bc9f21
                                                                                                                                                                                                                                                        0x00bc9f29
                                                                                                                                                                                                                                                        0x00bc9f36
                                                                                                                                                                                                                                                        0x00bc9f36
                                                                                                                                                                                                                                                        0x00bc9f3b
                                                                                                                                                                                                                                                        0x00bc9f40
                                                                                                                                                                                                                                                        0x00bc9f43
                                                                                                                                                                                                                                                        0x00bc9f49
                                                                                                                                                                                                                                                        0x00bc9f4e
                                                                                                                                                                                                                                                        0x00bc9f55
                                                                                                                                                                                                                                                        0x00bc9f56
                                                                                                                                                                                                                                                        0x00bc9f56
                                                                                                                                                                                                                                                        0x00bc9f59
                                                                                                                                                                                                                                                        0x00bc9f64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9fd8
                                                                                                                                                                                                                                                        0x00bc9fd9
                                                                                                                                                                                                                                                        0x00bc9fd9
                                                                                                                                                                                                                                                        0x00bc9fdc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9f93
                                                                                                                                                                                                                                                        0x00bc9f94
                                                                                                                                                                                                                                                        0x00bc9f9a
                                                                                                                                                                                                                                                        0x00bc9f9c
                                                                                                                                                                                                                                                        0x00bc9fa7
                                                                                                                                                                                                                                                        0x00bc9fab
                                                                                                                                                                                                                                                        0x00bc9ff3
                                                                                                                                                                                                                                                        0x00bc9ff8
                                                                                                                                                                                                                                                        0x00bc9ffb
                                                                                                                                                                                                                                                        0x00bc9ffd
                                                                                                                                                                                                                                                        0x00bca010
                                                                                                                                                                                                                                                        0x00bca017
                                                                                                                                                                                                                                                        0x00bca017
                                                                                                                                                                                                                                                        0x00bc9ffd
                                                                                                                                                                                                                                                        0x00bc9fad
                                                                                                                                                                                                                                                        0x00bc9faf
                                                                                                                                                                                                                                                        0x00bc9fbc
                                                                                                                                                                                                                                                        0x00bc9fc0
                                                                                                                                                                                                                                                        0x00bca035
                                                                                                                                                                                                                                                        0x00bca037
                                                                                                                                                                                                                                                        0x00bca04a
                                                                                                                                                                                                                                                        0x00bca051
                                                                                                                                                                                                                                                        0x00bca051
                                                                                                                                                                                                                                                        0x00bca037
                                                                                                                                                                                                                                                        0x00bc9fd7
                                                                                                                                                                                                                                                        0x00bc9fd7
                                                                                                                                                                                                                                                        0x00bc9f6d
                                                                                                                                                                                                                                                        0x00bc9f73
                                                                                                                                                                                                                                                        0x00bc9f79
                                                                                                                                                                                                                                                        0x00bc9f80
                                                                                                                                                                                                                                                        0x00bc9f87
                                                                                                                                                                                                                                                        0x00bc9f89
                                                                                                                                                                                                                                                        0x00bc9f90
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • TlsGetValue.KERNEL32(FFFFFFFF), ref: 00BC9F2C
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(00000000), ref: 00BC9F43
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BC9F94
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc, xrefs: 00BCA00B, 00BCA045
                                                                                                                                                                                                                                                        • slot_ != kInvalidSlotValue, xrefs: 00BC9FEC
                                                                                                                                                                                                                                                        • slot_ < kThreadLocalStorageSize, xrefs: 00BCA026
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireReleaseValue
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc$slot_ != kInvalidSlotValue$slot_ < kThreadLocalStorageSize
                                                                                                                                                                                                                                                        • API String ID: 421378090-1005275948
                                                                                                                                                                                                                                                        • Opcode ID: 39cd2e8b9b8d2017013df94c64386e69375064d3418aac1a2d8ab497e5719334
                                                                                                                                                                                                                                                        • Instruction ID: 0d7becc27149e671cd99ad124510f970afe8117fee7590e4e006e4f9eae10f69
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 39cd2e8b9b8d2017013df94c64386e69375064d3418aac1a2d8ab497e5719334
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5531E1B06042059FE728EF24D845FBAB7E4EB44790F00499EF5A8C32E1DF75A905CB62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 67%
                                                                                                                                                                                                                                                        			E00BCD58B(void*** __esi, void* __eflags, struct _CRITICAL_SECTION* _a4, struct _CRITICAL_SECTION* _a8, intOrPtr _a12, intOrPtr _a16, struct _CRITICAL_SECTION* _a20, intOrPtr _a24, struct _CRITICAL_SECTION _a28) {
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v4;
                                                                                                                                                                                                                                                        				intOrPtr _v8;
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v28;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v32;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				void* _t232;
                                                                                                                                                                                                                                                        				signed int _t235;
                                                                                                                                                                                                                                                        				void** _t262;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t278;
                                                                                                                                                                                                                                                        				long _t279;
                                                                                                                                                                                                                                                        				signed int _t282;
                                                                                                                                                                                                                                                        				void*** _t285;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				L0:
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					L0:
                                                                                                                                                                                                                                                        					_t285 = __esi;
                                                                                                                                                                                                                                                        					_t278 = __esi[0xa];
                                                                                                                                                                                                                                                        					EnterCriticalSection(_t278);
                                                                                                                                                                                                                                                        					__esi[0x10] = __esi[0xb];
                                                                                                                                                                                                                                                        					E00BCD800(_a8 + 0x14,  &(__esi[0x10]));
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_t278);
                                                                                                                                                                                                                                                        					__esi[0x10] = __esi[0xb];
                                                                                                                                                                                                                                                        					E00BCD800( &(__esi[0xe]),  &(__esi[0x10]));
                                                                                                                                                                                                                                                        					_t9 =  &(__esi[4]);
                                                                                                                                                                                                                                                        					 *_t9 = __esi[4] - 1;
                                                                                                                                                                                                                                                        					if( *_t9 == 0) {
                                                                                                                                                                                                                                                        						SetEvent( *(__esi + 0x24));
                                                                                                                                                                                                                                                        						 *(__esi + 0x10) = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_t285[0xd] = 0;
                                                                                                                                                                                                                                                        						_t285[0xc] = 0;
                                                                                                                                                                                                                                                        						_t285[0xb] = 0;
                                                                                                                                                                                                                                                        						if(GetQueuedCompletionStatus(_t285[7],  &(_t285[0xd]),  &(_t285[0xc]),  &(_t285[0xb]), 0xffffffff) == 0) {
                                                                                                                                                                                                                                                        							break;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t279 = _t285[0xc];
                                                                                                                                                                                                                                                        						if(_t279 >= 7) {
                                                                                                                                                                                                                                                        							L49:
                                                                                                                                                                                                                                                        							_t262 = _t285[1];
                                                                                                                                                                                                                                                        							_t232 =  *_t262;
                                                                                                                                                                                                                                                        							if(_t232 == _t262) {
                                                                                                                                                                                                                                                        								L52:
                                                                                                                                                                                                                                                        								_push("false");
                                                                                                                                                                                                                                                        								E00BC1FF0( &(_t285[0x10]), "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc", 0x102);
                                                                                                                                                                                                                                                        								E00BC20C0();
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L50:
                                                                                                                                                                                                                                                        								while( *((intOrPtr*)(_t232 + 8)) != _t279) {
                                                                                                                                                                                                                                                        									_t232 =  *_t232;
                                                                                                                                                                                                                                                        									if(_t232 != _t285[1]) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L52;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L53;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L53:
                                                                                                                                                                                                                                                        							_t235 = _t285[0xd] + 0xfffffffd;
                                                                                                                                                                                                                                                        							if(_t235 > 6) {
                                                                                                                                                                                                                                                        								continue;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L54:
                                                                                                                                                                                                                                                        								switch( *((intOrPtr*)(_t235 * 4 +  &M00BF1294))) {
                                                                                                                                                                                                                                                        									case 0:
                                                                                                                                                                                                                                                        										L55:
                                                                                                                                                                                                                                                        										_t285[4] =  &(_t285[4][0]);
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 1:
                                                                                                                                                                                                                                                        										L78:
                                                                                                                                                                                                                                                        										__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        										__ebx =  *__eax;
                                                                                                                                                                                                                                                        										if(__ebx == __eax) {
                                                                                                                                                                                                                                                        											L84:
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        											 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        											if( *(__esi + 0xc) == __ebx) {
                                                                                                                                                                                                                                                        												goto L102;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L85;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L79:
                                                                                                                                                                                                                                                        											__eax =  *__edi;
                                                                                                                                                                                                                                                        											__edi = __ebx;
                                                                                                                                                                                                                                                        											 *(__esi + 8) = __ebx;
                                                                                                                                                                                                                                                        											 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												L80:
                                                                                                                                                                                                                                                        												__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        												__ecx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        												__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        												__edi =  *__ecx;
                                                                                                                                                                                                                                                        												if( *__eax ==  *(__esi + 0xc)) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L81:
                                                                                                                                                                                                                                                        												 *(__esi + 8) = __edi;
                                                                                                                                                                                                                                                        												if(__edi !=  *(__esi + 4)) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L82:
                                                                                                                                                                                                                                                        													 *(__esi + 0xc) = __ebx;
                                                                                                                                                                                                                                                        													__ebx = __edi;
                                                                                                                                                                                                                                                        													if( *(__esi + 0xc) != __ebx) {
                                                                                                                                                                                                                                                        														L85:
                                                                                                                                                                                                                                                        														if(__ebx !=  *(__esi + 4)) {
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																L88:
                                                                                                                                                                                                                                                        																__edi =  *__ebx;
                                                                                                                                                                                                                                                        																__eax =  *(__ebx + 4);
                                                                                                                                                                                                                                                        																 *( *(__ebx + 4)) = __edi;
                                                                                                                                                                                                                                                        																__eax =  *__ebx;
                                                                                                                                                                                                                                                        																__ecx =  *(__ebx + 4);
                                                                                                                                                                                                                                                        																 *(__eax + 4) =  *(__ebx + 4);
                                                                                                                                                                                                                                                        																__ecx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        																if(__ecx != 0) {
                                                                                                                                                                                                                                                        																	__eax = E00BCEC80(__ecx);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																 *(__esi + 0x18) =  *(__esi + 0x18) - 1;
                                                                                                                                                                                                                                                        																_push(0xc);
                                                                                                                                                                                                                                                        																_push(__ebx);
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																__esp = __esp + 8;
                                                                                                                                                                                                                                                        																__ebx = __edi;
                                                                                                                                                                                                                                                        															} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L83:
                                                                                                                                                                                                                                                        														L102:
                                                                                                                                                                                                                                                        														__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        														 *(__esi + 0x18) = 0;
                                                                                                                                                                                                                                                        														 *__eax = __eax;
                                                                                                                                                                                                                                                        														 *(__eax + 4) = __eax;
                                                                                                                                                                                                                                                        														if( *(__esi + 0xc) != __eax) {
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																L105:
                                                                                                                                                                                                                                                        																__eax =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        																__ecx =  *(__eax + 8);
                                                                                                                                                                                                                                                        																__edi =  *__eax;
                                                                                                                                                                                                                                                        																if(__ecx != 0) {
                                                                                                                                                                                                                                                        																	__eax = E00BCEC80(__ecx);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_push(0xc);
                                                                                                                                                                                                                                                        																_push( *(__esi + 0xc));
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																__esp = __esp + 8;
                                                                                                                                                                                                                                                        																 *(__esi + 0xc) = __edi;
                                                                                                                                                                                                                                                        															} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L13;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L92:
                                                                                                                                                                                                                                                        											if(__edi !=  *(__esi + 4)) {
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													L96:
                                                                                                                                                                                                                                                        													__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        													__ecx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        													if( *__eax != __ecx) {
                                                                                                                                                                                                                                                        														if(__edi !=  *(__esi + 8)) {
                                                                                                                                                                                                                                                        															__edx =  *(__esi + 8);
                                                                                                                                                                                                                                                        															 *(__edi + 8) = 0;
                                                                                                                                                                                                                                                        															__ecx =  *(__edx + 8);
                                                                                                                                                                                                                                                        															 *(__edx + 8) = __eax;
                                                                                                                                                                                                                                                        															if(__ecx != 0) {
                                                                                                                                                                                                                                                        																__eax = E00BCEC80(__ecx);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														 *(__esi + 8) =  *( *(__esi + 8));
                                                                                                                                                                                                                                                        														 *(__esi + 8) =  *( *(__esi + 8));
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__edi =  *__edi;
                                                                                                                                                                                                                                                        												} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        												__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        												__eax =  *( *(__esi + 4));
                                                                                                                                                                                                                                                        												 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L93:
                                                                                                                                                                                                                                                        												 *(__esi + 0xc) = __ebx;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L101:
                                                                                                                                                                                                                                                        											__ebx =  *(__esi + 8);
                                                                                                                                                                                                                                                        											if( *(__esi + 0xc) != __ebx) {
                                                                                                                                                                                                                                                        												goto L85;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L102;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 2:
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 3:
                                                                                                                                                                                                                                                        										L108:
                                                                                                                                                                                                                                                        										__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        										__ecx = __esi + 0x38;
                                                                                                                                                                                                                                                        										__edx = __esi + 0x40;
                                                                                                                                                                                                                                                        										 *(__esi + 0x40) =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        										__eax = E00BCD780(__ecx, __edx);
                                                                                                                                                                                                                                                        										if( *(__esi + 0x10) == 0) {
                                                                                                                                                                                                                                                        											__eax = ResetEvent( *(__esi + 0x24));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L55;
                                                                                                                                                                                                                                                        									case 4:
                                                                                                                                                                                                                                                        										goto L0;
                                                                                                                                                                                                                                                        									case 5:
                                                                                                                                                                                                                                                        										L77:
                                                                                                                                                                                                                                                        										_push(0x1b64);
                                                                                                                                                                                                                                                        										_push( *__edi);
                                                                                                                                                                                                                                                        										__imp__TerminateJobObject();
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 6:
                                                                                                                                                                                                                                                        										L118:
                                                                                                                                                                                                                                                        										_push(__ebp);
                                                                                                                                                                                                                                                        										__ebp = __esp;
                                                                                                                                                                                                                                                        										_push(__ebx);
                                                                                                                                                                                                                                                        										_push(__edi);
                                                                                                                                                                                                                                                        										_push(__esi);
                                                                                                                                                                                                                                                        										_push(__eax);
                                                                                                                                                                                                                                                        										__edi =  *(__ecx + 4);
                                                                                                                                                                                                                                                        										__ebx =  *(__ecx + 8);
                                                                                                                                                                                                                                                        										if(__edi == __ebx) {
                                                                                                                                                                                                                                                        											L122:
                                                                                                                                                                                                                                                        											__eax = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L119:
                                                                                                                                                                                                                                                        											__esi = _a4;
                                                                                                                                                                                                                                                        											_v20 = __ecx;
                                                                                                                                                                                                                                                        											asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												L120:
                                                                                                                                                                                                                                                        												_push(0x28);
                                                                                                                                                                                                                                                        												_push(__esi);
                                                                                                                                                                                                                                                        												_push(__edi);
                                                                                                                                                                                                                                                        												L00BEF76E();
                                                                                                                                                                                                                                                        												__esp = __esp + 0xc;
                                                                                                                                                                                                                                                        												if(__eax == 0) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L121:
                                                                                                                                                                                                                                                        												__edi = __edi + 0x2c;
                                                                                                                                                                                                                                                        												if(__ebx != __edi) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L122;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L123;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L124:
                                                                                                                                                                                                                                                        											__eax =  *(__edi + 0x28);
                                                                                                                                                                                                                                                        											__ecx = _a8;
                                                                                                                                                                                                                                                        											 *_a8 =  *(__edi + 0x28);
                                                                                                                                                                                                                                                        											__eax = _v20;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L123:
                                                                                                                                                                                                                                                        										__esp = __esp + 4;
                                                                                                                                                                                                                                                        										_pop(__esi);
                                                                                                                                                                                                                                                        										_pop(__edi);
                                                                                                                                                                                                                                                        										_pop(__ebx);
                                                                                                                                                                                                                                                        										_pop(__ebp);
                                                                                                                                                                                                                                                        										return __eax;
                                                                                                                                                                                                                                                        									case 7:
                                                                                                                                                                                                                                                        										L142:
                                                                                                                                                                                                                                                        										return __imp___purecall();
                                                                                                                                                                                                                                                        									case 8:
                                                                                                                                                                                                                                                        										L125:
                                                                                                                                                                                                                                                        										asm("ud2");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(__ebp);
                                                                                                                                                                                                                                                        										__ebp = __esp;
                                                                                                                                                                                                                                                        										_push(__esi);
                                                                                                                                                                                                                                                        										__esi = __ecx;
                                                                                                                                                                                                                                                        										__ecx =  *__ecx;
                                                                                                                                                                                                                                                        										if(__ecx == 0) {
                                                                                                                                                                                                                                                        											L129:
                                                                                                                                                                                                                                                        											_pop(__esi);
                                                                                                                                                                                                                                                        											_pop(__ebp);
                                                                                                                                                                                                                                                        											return __eax;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L127:
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 8);
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 8) - __ecx;
                                                                                                                                                                                                                                                        											if(__eax >= 0x1000) {
                                                                                                                                                                                                                                                        												L130:
                                                                                                                                                                                                                                                        												__edx =  *(__ecx - 4);
                                                                                                                                                                                                                                                        												__ecx = __ecx - __edx;
                                                                                                                                                                                                                                                        												__ecx = __ecx + 0xfffffffc;
                                                                                                                                                                                                                                                        												if(__ecx >= 0x20) {
                                                                                                                                                                                                                                                        													L132:
                                                                                                                                                                                                                                                        													__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													_push(__ebp);
                                                                                                                                                                                                                                                        													__ebp = __esp;
                                                                                                                                                                                                                                                        													_push(__ebx);
                                                                                                                                                                                                                                                        													_push(__edi);
                                                                                                                                                                                                                                                        													_push(__esi);
                                                                                                                                                                                                                                                        													__esp = __esp - 0x14;
                                                                                                                                                                                                                                                        													__eax =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        													__edx = _v0;
                                                                                                                                                                                                                                                        													__edi = _a4;
                                                                                                                                                                                                                                                        													__esi = __ecx;
                                                                                                                                                                                                                                                        													_v32 = __eax;
                                                                                                                                                                                                                                                        													__eax = _a8;
                                                                                                                                                                                                                                                        													__ebx =  *__ecx;
                                                                                                                                                                                                                                                        													_push(_a16);
                                                                                                                                                                                                                                                        													_push(_a12);
                                                                                                                                                                                                                                                        													_push(_a8);
                                                                                                                                                                                                                                                        													_push(_a4);
                                                                                                                                                                                                                                                        													_push(__edx);
                                                                                                                                                                                                                                                        													_push(_v4);
                                                                                                                                                                                                                                                        													_push(_v8);
                                                                                                                                                                                                                                                        													__eax =  *((intOrPtr*)( *__ecx + 0x14))();
                                                                                                                                                                                                                                                        													if(__eax < 0) {
                                                                                                                                                                                                                                                        														__edi = __eax;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														if( *(__esi + 0xc) == 0) {
                                                                                                                                                                                                                                                        															__edi = 0xc000000d;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															__ecx = __esi;
                                                                                                                                                                                                                                                        															__ebx = _a20;
                                                                                                                                                                                                                                                        															__eax = E00BE11C0(__ebx, _a24,  *(__esi + 4),  *(__esi + 8));
                                                                                                                                                                                                                                                        															__edi = 0xc0000023;
                                                                                                                                                                                                                                                        															if(__al != 0) {
                                                                                                                                                                                                                                                        																_v40 = 0;
                                                                                                                                                                                                                                                        																_v36 = 0;
                                                                                                                                                                                                                                                        																_v32 = 0;
                                                                                                                                                                                                                                                        																_v28 = 0;
                                                                                                                                                                                                                                                        																__ecx =  &_v40;
                                                                                                                                                                                                                                                        																__eax = E00BE44A0( &_v40,  *(__esi + 0xc), 4, 4);
                                                                                                                                                                                                                                                        																__edi = __eax;
                                                                                                                                                                                                                                                        																if(__eax >= 0) {
                                                                                                                                                                                                                                                        																	__ecx = _a28;
                                                                                                                                                                                                                                                        																	__ebx = __ebx - _v0;
                                                                                                                                                                                                                                                        																	__eax =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        																	 *( *(__esi + 0xc)) = __ebx;
                                                                                                                                                                                                                                                        																	if(__ecx != 0) {
                                                                                                                                                                                                                                                        																		__eax =  *__esi;
                                                                                                                                                                                                                                                        																		__ebx = __ecx;
                                                                                                                                                                                                                                                        																		__ecx = __esi;
                                                                                                                                                                                                                                                        																		__eax =  *((intOrPtr*)( *__esi + 0x10))();
                                                                                                                                                                                                                                                        																		 *__ebx =  *__esi;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																__ecx =  &_v40;
                                                                                                                                                                                                                                                        																__eax = E00BE4500( &_v40);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__ecx = _v24;
                                                                                                                                                                                                                                                        													__ecx = _v24 ^ __ebp;
                                                                                                                                                                                                                                                        													E00BEECB0(_v24 ^ __ebp, __edx) = __edi;
                                                                                                                                                                                                                                                        													__esp = __esp + 0x14;
                                                                                                                                                                                                                                                        													_pop(__esi);
                                                                                                                                                                                                                                                        													_pop(__edi);
                                                                                                                                                                                                                                                        													_pop(__ebx);
                                                                                                                                                                                                                                                        													_pop(__ebp);
                                                                                                                                                                                                                                                        													return __edi;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L131:
                                                                                                                                                                                                                                                        													__eax = __eax + 0x23;
                                                                                                                                                                                                                                                        													__ecx = __edx;
                                                                                                                                                                                                                                                        													goto L128;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L128:
                                                                                                                                                                                                                                                        												_push(__eax);
                                                                                                                                                                                                                                                        												_push(__ecx);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												__esp = __esp + 8;
                                                                                                                                                                                                                                                        												 *__esi = 0;
                                                                                                                                                                                                                                                        												 *(__esi + 4) = 0;
                                                                                                                                                                                                                                                        												 *(__esi + 8) = 0;
                                                                                                                                                                                                                                                        												goto L129;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L143;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							_t282 = _t279 - 1;
                                                                                                                                                                                                                                                        							if(_t282 > 4) {
                                                                                                                                                                                                                                                        								continue;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								switch( *((intOrPtr*)(_t282 * 4 +  &M00BF1280))) {
                                                                                                                                                                                                                                                        									case 0:
                                                                                                                                                                                                                                                        										L57:
                                                                                                                                                                                                                                                        										__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        										__ecx = __esi + 0x38;
                                                                                                                                                                                                                                                        										__edx = __esi + 0x40;
                                                                                                                                                                                                                                                        										 *(__esi + 8) = __eax;
                                                                                                                                                                                                                                                        										__eax = __eax + 8;
                                                                                                                                                                                                                                                        										__eax = E00BCECF0(__esi + 0x38, __edx, __eax);
                                                                                                                                                                                                                                                        										__ebx =  *(__esi + 4);
                                                                                                                                                                                                                                                        										__edi =  *(__ebx + 4);
                                                                                                                                                                                                                                                        										_push(0xc);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										__esp = __esp + 4;
                                                                                                                                                                                                                                                        										__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        										 *__eax = __ebx;
                                                                                                                                                                                                                                                        										 *(__eax + 4) = __edi;
                                                                                                                                                                                                                                                        										 *(__eax + 8) = __ecx;
                                                                                                                                                                                                                                                        										if( *(__esi + 0x18) == 0x15555554) {
                                                                                                                                                                                                                                                        											goto L71;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L58:
                                                                                                                                                                                                                                                        											__ecx =  *(__esi + 4);
                                                                                                                                                                                                                                                        											 *(__esi + 0x18) =  &( *(__esi + 0x18)->Internal);
                                                                                                                                                                                                                                                        											 *(__ecx + 4) = __eax;
                                                                                                                                                                                                                                                        											 *__edi = __eax;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 1:
                                                                                                                                                                                                                                                        										L8:
                                                                                                                                                                                                                                                        										_t283 = _t285[0xb];
                                                                                                                                                                                                                                                        										if(_t285[0xf] == 0) {
                                                                                                                                                                                                                                                        											SetEvent( *(_a8 + 8));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L10:
                                                                                                                                                                                                                                                        										_t236 = _t285[7];
                                                                                                                                                                                                                                                        										_t257 =  &(_t283->OffsetHigh);
                                                                                                                                                                                                                                                        										_t283->hEvent = _t236;
                                                                                                                                                                                                                                                        										_push(8);
                                                                                                                                                                                                                                                        										_push(0xffffffff);
                                                                                                                                                                                                                                                        										_push(_t283);
                                                                                                                                                                                                                                                        										_push(E00BCD880);
                                                                                                                                                                                                                                                        										_push(_t283->Offset);
                                                                                                                                                                                                                                                        										_push(_t257);
                                                                                                                                                                                                                                                        										__imp__RegisterWaitForSingleObject();
                                                                                                                                                                                                                                                        										_t285[2] = _t283;
                                                                                                                                                                                                                                                        										if(_t236 == 0) {
                                                                                                                                                                                                                                                        											L72:
                                                                                                                                                                                                                                                        											 *_t257 = 0xffffffff;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L11:
                                                                                                                                                                                                                                                        										_t284 =  *_t285;
                                                                                                                                                                                                                                                        										_t257 =  *(_t284 + 4);
                                                                                                                                                                                                                                                        										_push(0xc);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										_t289 = _t289 + 4;
                                                                                                                                                                                                                                                        										 *_t236 = _t284;
                                                                                                                                                                                                                                                        										 *(_t236 + 4) = _t257;
                                                                                                                                                                                                                                                        										 *(_t236 + 8) = _t285[2];
                                                                                                                                                                                                                                                        										_t271 = _t285[5];
                                                                                                                                                                                                                                                        										if(_t271 == 0x15555554) {
                                                                                                                                                                                                                                                        											L71:
                                                                                                                                                                                                                                                        											_push("list<T> too long");
                                                                                                                                                                                                                                                        											L00BEF798();
                                                                                                                                                                                                                                                        											goto L72;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											 *(_t284 + 4) = _t236;
                                                                                                                                                                                                                                                        											 *_t257 = _t236;
                                                                                                                                                                                                                                                        											_t285[5] =  &(_t271[0]);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 2:
                                                                                                                                                                                                                                                        										L15:
                                                                                                                                                                                                                                                        										__ebx =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        										__edi =  *(__esi + 0x28);
                                                                                                                                                                                                                                                        										EnterCriticalSection(__edi);
                                                                                                                                                                                                                                                        										__eax = _a8;
                                                                                                                                                                                                                                                        										__edx = __ebx + 4;
                                                                                                                                                                                                                                                        										_t47 = __eax + 0x14; // 0x14
                                                                                                                                                                                                                                                        										__ecx = _t47;
                                                                                                                                                                                                                                                        										__eax = E00BCD800(__ecx, __ebx + 4);
                                                                                                                                                                                                                                                        										LeaveCriticalSection(__edi);
                                                                                                                                                                                                                                                        										_push( *(__ebx + 0xc));
                                                                                                                                                                                                                                                        										__imp__UnregisterWait();
                                                                                                                                                                                                                                                        										__eax =  *__esi;
                                                                                                                                                                                                                                                        										 *(__ebx + 0xc) = 0xffffffff;
                                                                                                                                                                                                                                                        										__edx =  *__eax;
                                                                                                                                                                                                                                                        										if(__edx == __eax) {
                                                                                                                                                                                                                                                        											L73:
                                                                                                                                                                                                                                                        											__ebx =  *__esi;
                                                                                                                                                                                                                                                        											if(__ebx != __edx) {
                                                                                                                                                                                                                                                        												goto L23;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L74:
                                                                                                                                                                                                                                                        												goto L35;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L16:
                                                                                                                                                                                                                                                        											__eax =  *(__ebx + 4);
                                                                                                                                                                                                                                                        											 *(__esi + 8) = __ebx;
                                                                                                                                                                                                                                                        											__ebx = __edx;
                                                                                                                                                                                                                                                        											__edi = __edx;
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												L17:
                                                                                                                                                                                                                                                        												__ecx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        												__ebx =  *__edi;
                                                                                                                                                                                                                                                        												if( *(__ecx + 4) == __eax) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L18:
                                                                                                                                                                                                                                                        												__edi = __ebx;
                                                                                                                                                                                                                                                        												if(__ebx !=  *__esi) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L19:
                                                                                                                                                                                                                                                        													__eax = __edx;
                                                                                                                                                                                                                                                        													__edx = __ebx;
                                                                                                                                                                                                                                                        													__ebx = __eax;
                                                                                                                                                                                                                                                        													if(__ebx != __edx) {
                                                                                                                                                                                                                                                        														L23:
                                                                                                                                                                                                                                                        														if(__edx !=  *__esi) {
                                                                                                                                                                                                                                                        															L24:
                                                                                                                                                                                                                                                        															__edi =  *__edx;
                                                                                                                                                                                                                                                        															__eax =  *(__edx + 4);
                                                                                                                                                                                                                                                        															 *( *(__edx + 4)) = __edi;
                                                                                                                                                                                                                                                        															__eax =  *__edx;
                                                                                                                                                                                                                                                        															__ecx =  *(__edx + 4);
                                                                                                                                                                                                                                                        															 *(__eax + 4) =  *(__edx + 4);
                                                                                                                                                                                                                                                        															__ecx =  *(__edx + 8);
                                                                                                                                                                                                                                                        															if(__ecx != 0) {
                                                                                                                                                                                                                                                        																__ebx = __edx;
                                                                                                                                                                                                                                                        																__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        																__edx = __ebx;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															 *(__esi + 0x14) =  *(__esi + 0x14) - 1;
                                                                                                                                                                                                                                                        															_push(0xc);
                                                                                                                                                                                                                                                        															_push(__edx);
                                                                                                                                                                                                                                                        															L00BEF6C6();
                                                                                                                                                                                                                                                        															__esp = __esp + 8;
                                                                                                                                                                                                                                                        															if(__edi !=  *__esi) {
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	L1:
                                                                                                                                                                                                                                                        																	_t258 =  *_t278;
                                                                                                                                                                                                                                                        																	 *( *(_t278 + 4)) = _t258;
                                                                                                                                                                                                                                                        																	 *( *_t278 + 4) =  *(_t278 + 4);
                                                                                                                                                                                                                                                        																	_t274 =  *((intOrPtr*)(_t278 + 8));
                                                                                                                                                                                                                                                        																	if( *((intOrPtr*)(_t278 + 8)) != 0) {
                                                                                                                                                                                                                                                        																		E00BCF040(_t274);
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	L2:
                                                                                                                                                                                                                                                        																	_t285[5] = _t285[5] - 1;
                                                                                                                                                                                                                                                        																	_push(0xc);
                                                                                                                                                                                                                                                        																	_push(_t278);
                                                                                                                                                                                                                                                        																	L00BEF6C6();
                                                                                                                                                                                                                                                        																	_t289 = _t289 + 8;
                                                                                                                                                                                                                                                        																	_t278 = _t258;
                                                                                                                                                                                                                                                        																} while (_t258 !=  *_t285);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L76:
                                                                                                                                                                                                                                                        														L35:
                                                                                                                                                                                                                                                        														__eax =  *__esi;
                                                                                                                                                                                                                                                        														 *(__esi + 0x14) = 0;
                                                                                                                                                                                                                                                        														 *__eax = __eax;
                                                                                                                                                                                                                                                        														 *(__eax + 4) = __eax;
                                                                                                                                                                                                                                                        														if(__ebx != __eax) {
                                                                                                                                                                                                                                                        															L36:
                                                                                                                                                                                                                                                        															__ecx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        															__edi =  *__ebx;
                                                                                                                                                                                                                                                        															if(__ecx != 0) {
                                                                                                                                                                                                                                                        																__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_push(0xc);
                                                                                                                                                                                                                                                        															_push(__ebx);
                                                                                                                                                                                                                                                        															L00BEF6C6();
                                                                                                                                                                                                                                                        															__esp = __esp + 8;
                                                                                                                                                                                                                                                        															if(__edi !=  *__esi) {
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	L39:
                                                                                                                                                                                                                                                        																	__ecx =  *(__edi + 8);
                                                                                                                                                                                                                                                        																	__ebx =  *__edi;
                                                                                                                                                                                                                                                        																	if(__ecx != 0) {
                                                                                                                                                                                                                                                        																		__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_push(0xc);
                                                                                                                                                                                                                                                        																	_push(__edi);
                                                                                                                                                                                                                                                        																	L00BEF6C6();
                                                                                                                                                                                                                                                        																	__esp = __esp + 8;
                                                                                                                                                                                                                                                        																	__edi = __ebx;
                                                                                                                                                                                                                                                        																} while (__ebx !=  *__esi);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L13;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L20:
                                                                                                                                                                                                                                                        											if(__ebx !=  *__esi) {
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L28:
                                                                                                                                                                                                                                                        													__edx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        													if( *(__edx + 4) != __eax) {
                                                                                                                                                                                                                                                        														if(__ebx != __edi) {
                                                                                                                                                                                                                                                        															 *(__ebx + 8) = 0;
                                                                                                                                                                                                                                                        															__ecx =  *(__edi + 8);
                                                                                                                                                                                                                                                        															 *(__edi + 8) = __edx;
                                                                                                                                                                                                                                                        															if(__ecx != 0) {
                                                                                                                                                                                                                                                        																__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__edi =  *__edi;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__ebx =  *__ebx;
                                                                                                                                                                                                                                                        													__eax =  *__esi;
                                                                                                                                                                                                                                                        													if(__ebx == __eax) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L27:
                                                                                                                                                                                                                                                        													__eax =  *(__esi + 8);
                                                                                                                                                                                                                                                        													__eax =  *( *(__esi + 8) + 4);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L34:
                                                                                                                                                                                                                                                        												__ebx =  *__eax;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L21:
                                                                                                                                                                                                                                                        												__ebx = __edx;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L22:
                                                                                                                                                                                                                                                        											__edx = __edi;
                                                                                                                                                                                                                                                        											if(__ebx == __edx) {
                                                                                                                                                                                                                                                        												goto L35;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L23;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 3:
                                                                                                                                                                                                                                                        										L59:
                                                                                                                                                                                                                                                        										__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        										 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        										_push(0x10);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										__esp = __esp + 4;
                                                                                                                                                                                                                                                        										__ecx =  *__esi;
                                                                                                                                                                                                                                                        										 *__eax = 0xbf1268;
                                                                                                                                                                                                                                                        										 *(__eax + 4) = 0;
                                                                                                                                                                                                                                                        										 *(__eax + 8) = 0;
                                                                                                                                                                                                                                                        										 *(__esi + 8) = __eax;
                                                                                                                                                                                                                                                        										 *(__eax + 0xc) = 0;
                                                                                                                                                                                                                                                        										__edi =  *__ecx;
                                                                                                                                                                                                                                                        										if(__edi != __ecx) {
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												L62:
                                                                                                                                                                                                                                                        												__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        												if( *__eax != 0) {
                                                                                                                                                                                                                                                        													 *(__esi + 0x20) = __esp;
                                                                                                                                                                                                                                                        													_push(__eax);
                                                                                                                                                                                                                                                        													__ebx = __esp;
                                                                                                                                                                                                                                                        													_push(4);
                                                                                                                                                                                                                                                        													L00BEF6BA();
                                                                                                                                                                                                                                                        													__esp = __esp + 4;
                                                                                                                                                                                                                                                        													__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        													__edx = __ebx;
                                                                                                                                                                                                                                                        													 *__eax = 0xbf1278;
                                                                                                                                                                                                                                                        													 *__ebx = __eax;
                                                                                                                                                                                                                                                        													__eax = E00BCD8A0( *(__esi + 8), __edx);
                                                                                                                                                                                                                                                        													__esp =  *(__esi + 0x20);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__edi =  *__edi;
                                                                                                                                                                                                                                                        											} while (__edi !=  *__esi);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L64:
                                                                                                                                                                                                                                                        										__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        										__edi =  *__eax;
                                                                                                                                                                                                                                                        										if(__edi != __eax) {
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												L67:
                                                                                                                                                                                                                                                        												__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        												if( *(__eax + 4) != 0) {
                                                                                                                                                                                                                                                        													 *(__esi + 0x20) = __esp;
                                                                                                                                                                                                                                                        													_push(__eax);
                                                                                                                                                                                                                                                        													__ebx = __esp;
                                                                                                                                                                                                                                                        													_push(4);
                                                                                                                                                                                                                                                        													L00BEF6BA();
                                                                                                                                                                                                                                                        													__esp = __esp + 4;
                                                                                                                                                                                                                                                        													__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        													__edx = __ebx;
                                                                                                                                                                                                                                                        													 *__eax = 0xbf1278;
                                                                                                                                                                                                                                                        													 *__ebx = __eax;
                                                                                                                                                                                                                                                        													__eax = E00BCD8A0( *(__esi + 8), __edx);
                                                                                                                                                                                                                                                        													__esp =  *(__esi + 0x20);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__edi =  *__edi;
                                                                                                                                                                                                                                                        											} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L69:
                                                                                                                                                                                                                                                        										__edi = __esp;
                                                                                                                                                                                                                                                        										_push(__eax);
                                                                                                                                                                                                                                                        										__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        										__ebx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        										__eax = __esp;
                                                                                                                                                                                                                                                        										 *__esp =  *(__esi + 8);
                                                                                                                                                                                                                                                        										__ecx = __ebx;
                                                                                                                                                                                                                                                        										__eax =  *__ebx;
                                                                                                                                                                                                                                                        										__eax =  *( *__ebx)();
                                                                                                                                                                                                                                                        										__esp = __edi;
                                                                                                                                                                                                                                                        										if(__ebx != 0) {
                                                                                                                                                                                                                                                        											__ecx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        											__eax =  *__ecx;
                                                                                                                                                                                                                                                        											_push(1);
                                                                                                                                                                                                                                                        											__eax =  *((intOrPtr*)( *__ecx + 8))();
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									case 4:
                                                                                                                                                                                                                                                        										L44:
                                                                                                                                                                                                                                                        										__eax =  *__esi;
                                                                                                                                                                                                                                                        										__edi = 0;
                                                                                                                                                                                                                                                        										__ebx =  *__eax;
                                                                                                                                                                                                                                                        										if(__ebx != __eax) {
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												L90:
                                                                                                                                                                                                                                                        												__eax =  *(__ebx + 8);
                                                                                                                                                                                                                                                        												_push( *( *(__ebx + 8) + 0xc));
                                                                                                                                                                                                                                                        												__imp__UnregisterWait();
                                                                                                                                                                                                                                                        												__eax =  *(__ebx + 8);
                                                                                                                                                                                                                                                        												 *( *(__ebx + 8) + 0xc) = 0xffffffff;
                                                                                                                                                                                                                                                        												__ebx =  *__ebx;
                                                                                                                                                                                                                                                        												if(__ebx ==  *__esi) {
                                                                                                                                                                                                                                                        													goto L45;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L91:
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L45:
                                                                                                                                                                                                                                                        										_t239 =  *_t285;
                                                                                                                                                                                                                                                        										_t254 =  *_t239;
                                                                                                                                                                                                                                                        										 *_t239 = _t239;
                                                                                                                                                                                                                                                        										_t239[1] = _t239;
                                                                                                                                                                                                                                                        										if(_t254 != _t239) {
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												L110:
                                                                                                                                                                                                                                                        												_t265 =  *((intOrPtr*)(_t254 + 8));
                                                                                                                                                                                                                                                        												_t285[7] =  *_t254;
                                                                                                                                                                                                                                                        												if( *((intOrPtr*)(_t254 + 8)) != 0) {
                                                                                                                                                                                                                                                        													E00BCF040(_t265);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_push(0xc);
                                                                                                                                                                                                                                                        												_push(_t254);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t289 = _t289 + 8;
                                                                                                                                                                                                                                                        												_t239 =  *_t285;
                                                                                                                                                                                                                                                        												_t254 = _t285[7];
                                                                                                                                                                                                                                                        												if(_t254 == _t239) {
                                                                                                                                                                                                                                                        													goto L46;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L112:
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L46:
                                                                                                                                                                                                                                                        										_push(0xc);
                                                                                                                                                                                                                                                        										_push(_t239);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t290 = _t289 + 8;
                                                                                                                                                                                                                                                        										_t242 = _t285[1];
                                                                                                                                                                                                                                                        										_t255 =  *_t242;
                                                                                                                                                                                                                                                        										 *_t242 = _t242;
                                                                                                                                                                                                                                                        										_t242[1] = _t242;
                                                                                                                                                                                                                                                        										if(_t255 != _t242) {
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												L114:
                                                                                                                                                                                                                                                        												_t266 = _t255[2];
                                                                                                                                                                                                                                                        												 *_t285 =  *_t255;
                                                                                                                                                                                                                                                        												if(_t255[2] != 0) {
                                                                                                                                                                                                                                                        													E00BCEC80(_t266);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_push(0xc);
                                                                                                                                                                                                                                                        												_push(_t255);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t290 = _t290 + 8;
                                                                                                                                                                                                                                                        												_t242 = _t285[1];
                                                                                                                                                                                                                                                        												_t255 =  *_t285;
                                                                                                                                                                                                                                                        												if(_t255 == _t242) {
                                                                                                                                                                                                                                                        													goto L47;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L116:
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L47:
                                                                                                                                                                                                                                                        										_push(0xc);
                                                                                                                                                                                                                                                        										_push(_t242);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t277 =  &(_t285[0x10]);
                                                                                                                                                                                                                                                        										E00BCE590( &(_t285[0xe]),  &(_t285[0x10]),  *(_t285[0xe]), _t285[0xe]);
                                                                                                                                                                                                                                                        										_push(0x14);
                                                                                                                                                                                                                                                        										_push(_t285[0xe]);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										E00BEECB0(_t285[0x3e] ^ _t287, _t277);
                                                                                                                                                                                                                                                        										return 1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L143:
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L14:
                                                                                                                                                                                                                                                        					goto L45;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58f
                                                                                                                                                                                                                                                        0x00bcd5a3
                                                                                                                                                                                                                                                        0x00bcd5a6
                                                                                                                                                                                                                                                        0x00bcd5ac
                                                                                                                                                                                                                                                        0x00bcd5ba
                                                                                                                                                                                                                                                        0x00bcd5bd
                                                                                                                                                                                                                                                        0x00bcd5c2
                                                                                                                                                                                                                                                        0x00bcd5c2
                                                                                                                                                                                                                                                        0x00bcd5c5
                                                                                                                                                                                                                                                        0x00bcd5ce
                                                                                                                                                                                                                                                        0x00bcd5d4
                                                                                                                                                                                                                                                        0x00bcd5d4
                                                                                                                                                                                                                                                        0x00bcd058
                                                                                                                                                                                                                                                        0x00bcd058
                                                                                                                                                                                                                                                        0x00bcd058
                                                                                                                                                                                                                                                        0x00bcd05f
                                                                                                                                                                                                                                                        0x00bcd066
                                                                                                                                                                                                                                                        0x00bcd086
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfd0
                                                                                                                                                                                                                                                        0x00bccfd0
                                                                                                                                                                                                                                                        0x00bccfd6
                                                                                                                                                                                                                                                        0x00bcd270
                                                                                                                                                                                                                                                        0x00bcd270
                                                                                                                                                                                                                                                        0x00bcd273
                                                                                                                                                                                                                                                        0x00bcd277
                                                                                                                                                                                                                                                        0x00bcd285
                                                                                                                                                                                                                                                        0x00bcd28a
                                                                                                                                                                                                                                                        0x00bcd299
                                                                                                                                                                                                                                                        0x00bcd2a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd279
                                                                                                                                                                                                                                                        0x00bcd27e
                                                                                                                                                                                                                                                        0x00bcd283
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd283
                                                                                                                                                                                                                                                        0x00bcd279
                                                                                                                                                                                                                                                        0x00bcd2a5
                                                                                                                                                                                                                                                        0x00bcd2a8
                                                                                                                                                                                                                                                        0x00bcd2ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd441
                                                                                                                                                                                                                                                        0x00bcd441
                                                                                                                                                                                                                                                        0x00bcd444
                                                                                                                                                                                                                                                        0x00bcd448
                                                                                                                                                                                                                                                        0x00bcd47e
                                                                                                                                                                                                                                                        0x00bcd47e
                                                                                                                                                                                                                                                        0x00bcd481
                                                                                                                                                                                                                                                        0x00bcd487
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd44a
                                                                                                                                                                                                                                                        0x00bcd44a
                                                                                                                                                                                                                                                        0x00bcd44a
                                                                                                                                                                                                                                                        0x00bcd44c
                                                                                                                                                                                                                                                        0x00bcd44e
                                                                                                                                                                                                                                                        0x00bcd451
                                                                                                                                                                                                                                                        0x00bcd454
                                                                                                                                                                                                                                                        0x00bcd454
                                                                                                                                                                                                                                                        0x00bcd454
                                                                                                                                                                                                                                                        0x00bcd457
                                                                                                                                                                                                                                                        0x00bcd45c
                                                                                                                                                                                                                                                        0x00bcd45f
                                                                                                                                                                                                                                                        0x00bcd461
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd467
                                                                                                                                                                                                                                                        0x00bcd46a
                                                                                                                                                                                                                                                        0x00bcd46d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd46f
                                                                                                                                                                                                                                                        0x00bcd46f
                                                                                                                                                                                                                                                        0x00bcd46f
                                                                                                                                                                                                                                                        0x00bcd472
                                                                                                                                                                                                                                                        0x00bcd477
                                                                                                                                                                                                                                                        0x00bcd48d
                                                                                                                                                                                                                                                        0x00bcd490
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd4b2
                                                                                                                                                                                                                                                        0x00bcd4b5
                                                                                                                                                                                                                                                        0x00bcd4b7
                                                                                                                                                                                                                                                        0x00bcd4b9
                                                                                                                                                                                                                                                        0x00bcd4bc
                                                                                                                                                                                                                                                        0x00bcd4bf
                                                                                                                                                                                                                                                        0x00bcd4c4
                                                                                                                                                                                                                                                        0x00bcd4c6
                                                                                                                                                                                                                                                        0x00bcd4c6
                                                                                                                                                                                                                                                        0x00bcd497
                                                                                                                                                                                                                                                        0x00bcd49a
                                                                                                                                                                                                                                                        0x00bcd49c
                                                                                                                                                                                                                                                        0x00bcd49d
                                                                                                                                                                                                                                                        0x00bcd4a2
                                                                                                                                                                                                                                                        0x00bcd4a8
                                                                                                                                                                                                                                                        0x00bcd4a8
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd479
                                                                                                                                                                                                                                                        0x00bcd479
                                                                                                                                                                                                                                                        0x00bcd546
                                                                                                                                                                                                                                                        0x00bcd546
                                                                                                                                                                                                                                                        0x00bcd549
                                                                                                                                                                                                                                                        0x00bcd553
                                                                                                                                                                                                                                                        0x00bcd555
                                                                                                                                                                                                                                                        0x00bcd558
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd57b
                                                                                                                                                                                                                                                        0x00bcd57e
                                                                                                                                                                                                                                                        0x00bcd582
                                                                                                                                                                                                                                                        0x00bcd584
                                                                                                                                                                                                                                                        0x00bcd584
                                                                                                                                                                                                                                                        0x00bcd55f
                                                                                                                                                                                                                                                        0x00bcd561
                                                                                                                                                                                                                                                        0x00bcd564
                                                                                                                                                                                                                                                        0x00bcd569
                                                                                                                                                                                                                                                        0x00bcd56f
                                                                                                                                                                                                                                                        0x00bcd56f
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd558
                                                                                                                                                                                                                                                        0x00bcd477
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd46d
                                                                                                                                                                                                                                                        0x00bcd4ef
                                                                                                                                                                                                                                                        0x00bcd4f2
                                                                                                                                                                                                                                                        0x00bcd508
                                                                                                                                                                                                                                                        0x00bcd508
                                                                                                                                                                                                                                                        0x00bcd508
                                                                                                                                                                                                                                                        0x00bcd50b
                                                                                                                                                                                                                                                        0x00bcd510
                                                                                                                                                                                                                                                        0x00bcd515
                                                                                                                                                                                                                                                        0x00bcd517
                                                                                                                                                                                                                                                        0x00bcd51a
                                                                                                                                                                                                                                                        0x00bcd521
                                                                                                                                                                                                                                                        0x00bcd524
                                                                                                                                                                                                                                                        0x00bcd529
                                                                                                                                                                                                                                                        0x00bcd52b
                                                                                                                                                                                                                                                        0x00bcd52b
                                                                                                                                                                                                                                                        0x00bcd529
                                                                                                                                                                                                                                                        0x00bcd4fc
                                                                                                                                                                                                                                                        0x00bcd4fe
                                                                                                                                                                                                                                                        0x00bcd4fe
                                                                                                                                                                                                                                                        0x00bcd501
                                                                                                                                                                                                                                                        0x00bcd503
                                                                                                                                                                                                                                                        0x00bcd532
                                                                                                                                                                                                                                                        0x00bcd535
                                                                                                                                                                                                                                                        0x00bcd537
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd53a
                                                                                                                                                                                                                                                        0x00bcd53a
                                                                                                                                                                                                                                                        0x00bcd540
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd540
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd5e0
                                                                                                                                                                                                                                                        0x00bcd5e0
                                                                                                                                                                                                                                                        0x00bcd5e3
                                                                                                                                                                                                                                                        0x00bcd5e6
                                                                                                                                                                                                                                                        0x00bcd5e9
                                                                                                                                                                                                                                                        0x00bcd5ec
                                                                                                                                                                                                                                                        0x00bcd5f5
                                                                                                                                                                                                                                                        0x00bcd5fe
                                                                                                                                                                                                                                                        0x00bcd5fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd42f
                                                                                                                                                                                                                                                        0x00bcd42f
                                                                                                                                                                                                                                                        0x00bcd434
                                                                                                                                                                                                                                                        0x00bcd436
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfab0
                                                                                                                                                                                                                                                        0x00bcfab0
                                                                                                                                                                                                                                                        0x00bcfab1
                                                                                                                                                                                                                                                        0x00bcfab3
                                                                                                                                                                                                                                                        0x00bcfab4
                                                                                                                                                                                                                                                        0x00bcfab5
                                                                                                                                                                                                                                                        0x00bcfab6
                                                                                                                                                                                                                                                        0x00bcfab7
                                                                                                                                                                                                                                                        0x00bcfaba
                                                                                                                                                                                                                                                        0x00bcfabf
                                                                                                                                                                                                                                                        0x00bcfae7
                                                                                                                                                                                                                                                        0x00bcfae7
                                                                                                                                                                                                                                                        0x00bcfac1
                                                                                                                                                                                                                                                        0x00bcfac1
                                                                                                                                                                                                                                                        0x00bcfac1
                                                                                                                                                                                                                                                        0x00bcfac4
                                                                                                                                                                                                                                                        0x00bcfac7
                                                                                                                                                                                                                                                        0x00bcfad0
                                                                                                                                                                                                                                                        0x00bcfad0
                                                                                                                                                                                                                                                        0x00bcfad0
                                                                                                                                                                                                                                                        0x00bcfad2
                                                                                                                                                                                                                                                        0x00bcfad3
                                                                                                                                                                                                                                                        0x00bcfad4
                                                                                                                                                                                                                                                        0x00bcfad9
                                                                                                                                                                                                                                                        0x00bcfade
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfae0
                                                                                                                                                                                                                                                        0x00bcfae0
                                                                                                                                                                                                                                                        0x00bcfae5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfae5
                                                                                                                                                                                                                                                        0x00bcfaf3
                                                                                                                                                                                                                                                        0x00bcfaf3
                                                                                                                                                                                                                                                        0x00bcfaf6
                                                                                                                                                                                                                                                        0x00bcfaf9
                                                                                                                                                                                                                                                        0x00bcfafb
                                                                                                                                                                                                                                                        0x00bcfafb
                                                                                                                                                                                                                                                        0x00bcfae9
                                                                                                                                                                                                                                                        0x00bcfae9
                                                                                                                                                                                                                                                        0x00bcfaec
                                                                                                                                                                                                                                                        0x00bcfaed
                                                                                                                                                                                                                                                        0x00bcfaee
                                                                                                                                                                                                                                                        0x00bcfaef
                                                                                                                                                                                                                                                        0x00bcfaf0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bef870
                                                                                                                                                                                                                                                        0x00bef870
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfb00
                                                                                                                                                                                                                                                        0x00bcfb00
                                                                                                                                                                                                                                                        0x00bcfb02
                                                                                                                                                                                                                                                        0x00bcfb03
                                                                                                                                                                                                                                                        0x00bcfb04
                                                                                                                                                                                                                                                        0x00bcfb05
                                                                                                                                                                                                                                                        0x00bcfb06
                                                                                                                                                                                                                                                        0x00bcfb07
                                                                                                                                                                                                                                                        0x00bcfb08
                                                                                                                                                                                                                                                        0x00bcfb09
                                                                                                                                                                                                                                                        0x00bcfb0a
                                                                                                                                                                                                                                                        0x00bcfb0b
                                                                                                                                                                                                                                                        0x00bcfb0c
                                                                                                                                                                                                                                                        0x00bcfb0d
                                                                                                                                                                                                                                                        0x00bcfb0e
                                                                                                                                                                                                                                                        0x00bcfb0f
                                                                                                                                                                                                                                                        0x00bcfb10
                                                                                                                                                                                                                                                        0x00bcfb11
                                                                                                                                                                                                                                                        0x00bcfb13
                                                                                                                                                                                                                                                        0x00bcfb14
                                                                                                                                                                                                                                                        0x00bcfb16
                                                                                                                                                                                                                                                        0x00bcfb1a
                                                                                                                                                                                                                                                        0x00bcfb46
                                                                                                                                                                                                                                                        0x00bcfb46
                                                                                                                                                                                                                                                        0x00bcfb47
                                                                                                                                                                                                                                                        0x00bcfb48
                                                                                                                                                                                                                                                        0x00bcfb1c
                                                                                                                                                                                                                                                        0x00bcfb1c
                                                                                                                                                                                                                                                        0x00bcfb1c
                                                                                                                                                                                                                                                        0x00bcfb1f
                                                                                                                                                                                                                                                        0x00bcfb26
                                                                                                                                                                                                                                                        0x00bcfb49
                                                                                                                                                                                                                                                        0x00bcfb49
                                                                                                                                                                                                                                                        0x00bcfb4c
                                                                                                                                                                                                                                                        0x00bcfb4e
                                                                                                                                                                                                                                                        0x00bcfb54
                                                                                                                                                                                                                                                        0x00bcfb5d
                                                                                                                                                                                                                                                        0x00bcfb5d
                                                                                                                                                                                                                                                        0x00bcfb63
                                                                                                                                                                                                                                                        0x00bcfb64
                                                                                                                                                                                                                                                        0x00bcfb65
                                                                                                                                                                                                                                                        0x00bcfb66
                                                                                                                                                                                                                                                        0x00bcfb67
                                                                                                                                                                                                                                                        0x00bcfb68
                                                                                                                                                                                                                                                        0x00bcfb69
                                                                                                                                                                                                                                                        0x00bcfb6a
                                                                                                                                                                                                                                                        0x00bcfb6b
                                                                                                                                                                                                                                                        0x00bcfb6c
                                                                                                                                                                                                                                                        0x00bcfb6d
                                                                                                                                                                                                                                                        0x00bcfb6e
                                                                                                                                                                                                                                                        0x00bcfb6f
                                                                                                                                                                                                                                                        0x00bcfb70
                                                                                                                                                                                                                                                        0x00bcfb71
                                                                                                                                                                                                                                                        0x00bcfb73
                                                                                                                                                                                                                                                        0x00bcfb74
                                                                                                                                                                                                                                                        0x00bcfb75
                                                                                                                                                                                                                                                        0x00bcfb76
                                                                                                                                                                                                                                                        0x00bcfb79
                                                                                                                                                                                                                                                        0x00bcfb7e
                                                                                                                                                                                                                                                        0x00bcfb81
                                                                                                                                                                                                                                                        0x00bcfb84
                                                                                                                                                                                                                                                        0x00bcfb88
                                                                                                                                                                                                                                                        0x00bcfb8b
                                                                                                                                                                                                                                                        0x00bcfb8e
                                                                                                                                                                                                                                                        0x00bcfb90
                                                                                                                                                                                                                                                        0x00bcfb93
                                                                                                                                                                                                                                                        0x00bcfb96
                                                                                                                                                                                                                                                        0x00bcfb97
                                                                                                                                                                                                                                                        0x00bcfb98
                                                                                                                                                                                                                                                        0x00bcfb99
                                                                                                                                                                                                                                                        0x00bcfb9c
                                                                                                                                                                                                                                                        0x00bcfb9f
                                                                                                                                                                                                                                                        0x00bcfba4
                                                                                                                                                                                                                                                        0x00bcfc1f
                                                                                                                                                                                                                                                        0x00bcfba6
                                                                                                                                                                                                                                                        0x00bcfbaa
                                                                                                                                                                                                                                                        0x00bcfc37
                                                                                                                                                                                                                                                        0x00bcfbb0
                                                                                                                                                                                                                                                        0x00bcfbb0
                                                                                                                                                                                                                                                        0x00bcfbbb
                                                                                                                                                                                                                                                        0x00bcfbbf
                                                                                                                                                                                                                                                        0x00bcfbc4
                                                                                                                                                                                                                                                        0x00bcfbcb
                                                                                                                                                                                                                                                        0x00bcfbcd
                                                                                                                                                                                                                                                        0x00bcfbd1
                                                                                                                                                                                                                                                        0x00bcfbd8
                                                                                                                                                                                                                                                        0x00bcfbdf
                                                                                                                                                                                                                                                        0x00bcfbe6
                                                                                                                                                                                                                                                        0x00bcfbf0
                                                                                                                                                                                                                                                        0x00bcfbf5
                                                                                                                                                                                                                                                        0x00bcfbf9
                                                                                                                                                                                                                                                        0x00bcfbfb
                                                                                                                                                                                                                                                        0x00bcfbfe
                                                                                                                                                                                                                                                        0x00bcfc01
                                                                                                                                                                                                                                                        0x00bcfc06
                                                                                                                                                                                                                                                        0x00bcfc08
                                                                                                                                                                                                                                                        0x00bcfc0a
                                                                                                                                                                                                                                                        0x00bcfc0c
                                                                                                                                                                                                                                                        0x00bcfc0e
                                                                                                                                                                                                                                                        0x00bcfc10
                                                                                                                                                                                                                                                        0x00bcfc13
                                                                                                                                                                                                                                                        0x00bcfc13
                                                                                                                                                                                                                                                        0x00bcfc08
                                                                                                                                                                                                                                                        0x00bcfc15
                                                                                                                                                                                                                                                        0x00bcfc18
                                                                                                                                                                                                                                                        0x00bcfc18
                                                                                                                                                                                                                                                        0x00bcfbcb
                                                                                                                                                                                                                                                        0x00bcfbaa
                                                                                                                                                                                                                                                        0x00bcfc21
                                                                                                                                                                                                                                                        0x00bcfc24
                                                                                                                                                                                                                                                        0x00bcfc2b
                                                                                                                                                                                                                                                        0x00bcfc2d
                                                                                                                                                                                                                                                        0x00bcfc30
                                                                                                                                                                                                                                                        0x00bcfc31
                                                                                                                                                                                                                                                        0x00bcfc32
                                                                                                                                                                                                                                                        0x00bcfc33
                                                                                                                                                                                                                                                        0x00bcfc34
                                                                                                                                                                                                                                                        0x00bcfb56
                                                                                                                                                                                                                                                        0x00bcfb56
                                                                                                                                                                                                                                                        0x00bcfb56
                                                                                                                                                                                                                                                        0x00bcfb59
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfb59
                                                                                                                                                                                                                                                        0x00bcfb28
                                                                                                                                                                                                                                                        0x00bcfb28
                                                                                                                                                                                                                                                        0x00bcfb28
                                                                                                                                                                                                                                                        0x00bcfb29
                                                                                                                                                                                                                                                        0x00bcfb2a
                                                                                                                                                                                                                                                        0x00bcfb2f
                                                                                                                                                                                                                                                        0x00bcfb32
                                                                                                                                                                                                                                                        0x00bcfb38
                                                                                                                                                                                                                                                        0x00bcfb3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfb3f
                                                                                                                                                                                                                                                        0x00bcfb26
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00bccfdc
                                                                                                                                                                                                                                                        0x00bccfdc
                                                                                                                                                                                                                                                        0x00bccfdc
                                                                                                                                                                                                                                                        0x00bccfe0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2cd
                                                                                                                                                                                                                                                        0x00bcd2cd
                                                                                                                                                                                                                                                        0x00bcd2d0
                                                                                                                                                                                                                                                        0x00bcd2d3
                                                                                                                                                                                                                                                        0x00bcd2d6
                                                                                                                                                                                                                                                        0x00bcd2d9
                                                                                                                                                                                                                                                        0x00bcd2dd
                                                                                                                                                                                                                                                        0x00bcd2e5
                                                                                                                                                                                                                                                        0x00bcd2e8
                                                                                                                                                                                                                                                        0x00bcd2eb
                                                                                                                                                                                                                                                        0x00bcd2ed
                                                                                                                                                                                                                                                        0x00bcd2f2
                                                                                                                                                                                                                                                        0x00bcd2fc
                                                                                                                                                                                                                                                        0x00bcd2ff
                                                                                                                                                                                                                                                        0x00bcd301
                                                                                                                                                                                                                                                        0x00bcd304
                                                                                                                                                                                                                                                        0x00bcd307
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd30d
                                                                                                                                                                                                                                                        0x00bcd30d
                                                                                                                                                                                                                                                        0x00bcd30d
                                                                                                                                                                                                                                                        0x00bcd310
                                                                                                                                                                                                                                                        0x00bcd313
                                                                                                                                                                                                                                                        0x00bcd316
                                                                                                                                                                                                                                                        0x00bcd316
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfe9
                                                                                                                                                                                                                                                        0x00bccfe9
                                                                                                                                                                                                                                                        0x00bccff0
                                                                                                                                                                                                                                                        0x00bccff8
                                                                                                                                                                                                                                                        0x00bccff8
                                                                                                                                                                                                                                                        0x00bccffe
                                                                                                                                                                                                                                                        0x00bccffe
                                                                                                                                                                                                                                                        0x00bcd001
                                                                                                                                                                                                                                                        0x00bcd004
                                                                                                                                                                                                                                                        0x00bcd007
                                                                                                                                                                                                                                                        0x00bcd009
                                                                                                                                                                                                                                                        0x00bcd00b
                                                                                                                                                                                                                                                        0x00bcd00c
                                                                                                                                                                                                                                                        0x00bcd011
                                                                                                                                                                                                                                                        0x00bcd014
                                                                                                                                                                                                                                                        0x00bcd015
                                                                                                                                                                                                                                                        0x00bcd01d
                                                                                                                                                                                                                                                        0x00bcd020
                                                                                                                                                                                                                                                        0x00bcd402
                                                                                                                                                                                                                                                        0x00bcd402
                                                                                                                                                                                                                                                        0x00bcd402
                                                                                                                                                                                                                                                        0x00bcd026
                                                                                                                                                                                                                                                        0x00bcd026
                                                                                                                                                                                                                                                        0x00bcd028
                                                                                                                                                                                                                                                        0x00bcd02b
                                                                                                                                                                                                                                                        0x00bcd02d
                                                                                                                                                                                                                                                        0x00bcd032
                                                                                                                                                                                                                                                        0x00bcd038
                                                                                                                                                                                                                                                        0x00bcd03a
                                                                                                                                                                                                                                                        0x00bcd03d
                                                                                                                                                                                                                                                        0x00bcd040
                                                                                                                                                                                                                                                        0x00bcd049
                                                                                                                                                                                                                                                        0x00bcd3f8
                                                                                                                                                                                                                                                        0x00bcd3f8
                                                                                                                                                                                                                                                        0x00bcd3fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd04f
                                                                                                                                                                                                                                                        0x00bcd050
                                                                                                                                                                                                                                                        0x00bcd053
                                                                                                                                                                                                                                                        0x00bcd055
                                                                                                                                                                                                                                                        0x00bcd055
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0a0
                                                                                                                                                                                                                                                        0x00bcd0a0
                                                                                                                                                                                                                                                        0x00bcd0a3
                                                                                                                                                                                                                                                        0x00bcd0a7
                                                                                                                                                                                                                                                        0x00bcd0ad
                                                                                                                                                                                                                                                        0x00bcd0b0
                                                                                                                                                                                                                                                        0x00bcd0b3
                                                                                                                                                                                                                                                        0x00bcd0b3
                                                                                                                                                                                                                                                        0x00bcd0b6
                                                                                                                                                                                                                                                        0x00bcd0bc
                                                                                                                                                                                                                                                        0x00bcd0c2
                                                                                                                                                                                                                                                        0x00bcd0c5
                                                                                                                                                                                                                                                        0x00bcd0cb
                                                                                                                                                                                                                                                        0x00bcd0cd
                                                                                                                                                                                                                                                        0x00bcd0d4
                                                                                                                                                                                                                                                        0x00bcd0d8
                                                                                                                                                                                                                                                        0x00bcd40d
                                                                                                                                                                                                                                                        0x00bcd40d
                                                                                                                                                                                                                                                        0x00bcd411
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd417
                                                                                                                                                                                                                                                        0x00bcd417
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd417
                                                                                                                                                                                                                                                        0x00bcd0de
                                                                                                                                                                                                                                                        0x00bcd0de
                                                                                                                                                                                                                                                        0x00bcd0de
                                                                                                                                                                                                                                                        0x00bcd0e1
                                                                                                                                                                                                                                                        0x00bcd0e4
                                                                                                                                                                                                                                                        0x00bcd0e6
                                                                                                                                                                                                                                                        0x00bcd0e8
                                                                                                                                                                                                                                                        0x00bcd0e8
                                                                                                                                                                                                                                                        0x00bcd0e8
                                                                                                                                                                                                                                                        0x00bcd0eb
                                                                                                                                                                                                                                                        0x00bcd0f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0f2
                                                                                                                                                                                                                                                        0x00bcd0f4
                                                                                                                                                                                                                                                        0x00bcd0f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0f8
                                                                                                                                                                                                                                                        0x00bcd0f8
                                                                                                                                                                                                                                                        0x00bcd41c
                                                                                                                                                                                                                                                        0x00bcd41e
                                                                                                                                                                                                                                                        0x00bcd420
                                                                                                                                                                                                                                                        0x00bcd424
                                                                                                                                                                                                                                                        0x00bcd10c
                                                                                                                                                                                                                                                        0x00bcd10e
                                                                                                                                                                                                                                                        0x00bcd114
                                                                                                                                                                                                                                                        0x00bcd114
                                                                                                                                                                                                                                                        0x00bcd116
                                                                                                                                                                                                                                                        0x00bcd119
                                                                                                                                                                                                                                                        0x00bcd11b
                                                                                                                                                                                                                                                        0x00bcd11d
                                                                                                                                                                                                                                                        0x00bcd120
                                                                                                                                                                                                                                                        0x00bcd123
                                                                                                                                                                                                                                                        0x00bcd128
                                                                                                                                                                                                                                                        0x00bcd1e1
                                                                                                                                                                                                                                                        0x00bcd1e3
                                                                                                                                                                                                                                                        0x00bcd1e8
                                                                                                                                                                                                                                                        0x00bcd1e8
                                                                                                                                                                                                                                                        0x00bcd12e
                                                                                                                                                                                                                                                        0x00bcd131
                                                                                                                                                                                                                                                        0x00bcd133
                                                                                                                                                                                                                                                        0x00bcd134
                                                                                                                                                                                                                                                        0x00bcd139
                                                                                                                                                                                                                                                        0x00bcd13e
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bccf95
                                                                                                                                                                                                                                                        0x00bccf9c
                                                                                                                                                                                                                                                        0x00bccf9f
                                                                                                                                                                                                                                                        0x00bccfa4
                                                                                                                                                                                                                                                        0x00bccfc0
                                                                                                                                                                                                                                                        0x00bccfc0
                                                                                                                                                                                                                                                        0x00bccfa6
                                                                                                                                                                                                                                                        0x00bccfa6
                                                                                                                                                                                                                                                        0x00bccfa9
                                                                                                                                                                                                                                                        0x00bccfab
                                                                                                                                                                                                                                                        0x00bccfac
                                                                                                                                                                                                                                                        0x00bccfb1
                                                                                                                                                                                                                                                        0x00bccfb6
                                                                                                                                                                                                                                                        0x00bccfb6
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bcd13e
                                                                                                                                                                                                                                                        0x00bcd42a
                                                                                                                                                                                                                                                        0x00bcd42a
                                                                                                                                                                                                                                                        0x00bcd186
                                                                                                                                                                                                                                                        0x00bcd186
                                                                                                                                                                                                                                                        0x00bcd188
                                                                                                                                                                                                                                                        0x00bcd191
                                                                                                                                                                                                                                                        0x00bcd193
                                                                                                                                                                                                                                                        0x00bcd196
                                                                                                                                                                                                                                                        0x00bcd19c
                                                                                                                                                                                                                                                        0x00bcd19c
                                                                                                                                                                                                                                                        0x00bcd19f
                                                                                                                                                                                                                                                        0x00bcd1a3
                                                                                                                                                                                                                                                        0x00bcd1a5
                                                                                                                                                                                                                                                        0x00bcd1a5
                                                                                                                                                                                                                                                        0x00bcd1aa
                                                                                                                                                                                                                                                        0x00bcd1ac
                                                                                                                                                                                                                                                        0x00bcd1ad
                                                                                                                                                                                                                                                        0x00bcd1b2
                                                                                                                                                                                                                                                        0x00bcd1b7
                                                                                                                                                                                                                                                        0x00bcd1bd
                                                                                                                                                                                                                                                        0x00bcd1bd
                                                                                                                                                                                                                                                        0x00bcd1bd
                                                                                                                                                                                                                                                        0x00bcd1c0
                                                                                                                                                                                                                                                        0x00bcd1c4
                                                                                                                                                                                                                                                        0x00bcd1c6
                                                                                                                                                                                                                                                        0x00bcd1c6
                                                                                                                                                                                                                                                        0x00bcd1cb
                                                                                                                                                                                                                                                        0x00bcd1cd
                                                                                                                                                                                                                                                        0x00bcd1ce
                                                                                                                                                                                                                                                        0x00bcd1d3
                                                                                                                                                                                                                                                        0x00bcd1d8
                                                                                                                                                                                                                                                        0x00bcd1d8
                                                                                                                                                                                                                                                        0x00bcd1dc
                                                                                                                                                                                                                                                        0x00bcd1b7
                                                                                                                                                                                                                                                        0x00bcd196
                                                                                                                                                                                                                                                        0x00bcd424
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0f6
                                                                                                                                                                                                                                                        0x00bcd100
                                                                                                                                                                                                                                                        0x00bcd102
                                                                                                                                                                                                                                                        0x00bcd156
                                                                                                                                                                                                                                                        0x00bcd156
                                                                                                                                                                                                                                                        0x00bcd156
                                                                                                                                                                                                                                                        0x00bcd15c
                                                                                                                                                                                                                                                        0x00bcd160
                                                                                                                                                                                                                                                        0x00bcd162
                                                                                                                                                                                                                                                        0x00bcd169
                                                                                                                                                                                                                                                        0x00bcd16c
                                                                                                                                                                                                                                                        0x00bcd171
                                                                                                                                                                                                                                                        0x00bcd173
                                                                                                                                                                                                                                                        0x00bcd173
                                                                                                                                                                                                                                                        0x00bcd171
                                                                                                                                                                                                                                                        0x00bcd178
                                                                                                                                                                                                                                                        0x00bcd178
                                                                                                                                                                                                                                                        0x00bcd17a
                                                                                                                                                                                                                                                        0x00bcd17c
                                                                                                                                                                                                                                                        0x00bcd180
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd150
                                                                                                                                                                                                                                                        0x00bcd150
                                                                                                                                                                                                                                                        0x00bcd153
                                                                                                                                                                                                                                                        0x00bcd153
                                                                                                                                                                                                                                                        0x00bcd182
                                                                                                                                                                                                                                                        0x00bcd182
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd106
                                                                                                                                                                                                                                                        0x00bcd106
                                                                                                                                                                                                                                                        0x00bcd10a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd10a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd31d
                                                                                                                                                                                                                                                        0x00bcd31d
                                                                                                                                                                                                                                                        0x00bcd320
                                                                                                                                                                                                                                                        0x00bcd323
                                                                                                                                                                                                                                                        0x00bcd325
                                                                                                                                                                                                                                                        0x00bcd32a
                                                                                                                                                                                                                                                        0x00bcd32d
                                                                                                                                                                                                                                                        0x00bcd32f
                                                                                                                                                                                                                                                        0x00bcd335
                                                                                                                                                                                                                                                        0x00bcd33c
                                                                                                                                                                                                                                                        0x00bcd343
                                                                                                                                                                                                                                                        0x00bcd346
                                                                                                                                                                                                                                                        0x00bcd34d
                                                                                                                                                                                                                                                        0x00bcd351
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd361
                                                                                                                                                                                                                                                        0x00bcd363
                                                                                                                                                                                                                                                        0x00bcd366
                                                                                                                                                                                                                                                        0x00bcd367
                                                                                                                                                                                                                                                        0x00bcd369
                                                                                                                                                                                                                                                        0x00bcd36b
                                                                                                                                                                                                                                                        0x00bcd370
                                                                                                                                                                                                                                                        0x00bcd373
                                                                                                                                                                                                                                                        0x00bcd376
                                                                                                                                                                                                                                                        0x00bcd378
                                                                                                                                                                                                                                                        0x00bcd37e
                                                                                                                                                                                                                                                        0x00bcd380
                                                                                                                                                                                                                                                        0x00bcd385
                                                                                                                                                                                                                                                        0x00bcd385
                                                                                                                                                                                                                                                        0x00bcd355
                                                                                                                                                                                                                                                        0x00bcd357
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd38a
                                                                                                                                                                                                                                                        0x00bcd38a
                                                                                                                                                                                                                                                        0x00bcd38d
                                                                                                                                                                                                                                                        0x00bcd391
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd3a3
                                                                                                                                                                                                                                                        0x00bcd3a5
                                                                                                                                                                                                                                                        0x00bcd3a8
                                                                                                                                                                                                                                                        0x00bcd3a9
                                                                                                                                                                                                                                                        0x00bcd3ab
                                                                                                                                                                                                                                                        0x00bcd3ad
                                                                                                                                                                                                                                                        0x00bcd3b2
                                                                                                                                                                                                                                                        0x00bcd3b5
                                                                                                                                                                                                                                                        0x00bcd3b8
                                                                                                                                                                                                                                                        0x00bcd3ba
                                                                                                                                                                                                                                                        0x00bcd3c0
                                                                                                                                                                                                                                                        0x00bcd3c2
                                                                                                                                                                                                                                                        0x00bcd3c7
                                                                                                                                                                                                                                                        0x00bcd3c7
                                                                                                                                                                                                                                                        0x00bcd395
                                                                                                                                                                                                                                                        0x00bcd397
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd3cc
                                                                                                                                                                                                                                                        0x00bcd3cc
                                                                                                                                                                                                                                                        0x00bcd3ce
                                                                                                                                                                                                                                                        0x00bcd3cf
                                                                                                                                                                                                                                                        0x00bcd3d2
                                                                                                                                                                                                                                                        0x00bcd3d5
                                                                                                                                                                                                                                                        0x00bcd3d7
                                                                                                                                                                                                                                                        0x00bcd3d9
                                                                                                                                                                                                                                                        0x00bcd3db
                                                                                                                                                                                                                                                        0x00bcd3dd
                                                                                                                                                                                                                                                        0x00bcd3df
                                                                                                                                                                                                                                                        0x00bcd3e3
                                                                                                                                                                                                                                                        0x00bcd3e9
                                                                                                                                                                                                                                                        0x00bcd3ec
                                                                                                                                                                                                                                                        0x00bcd3ee
                                                                                                                                                                                                                                                        0x00bcd3f0
                                                                                                                                                                                                                                                        0x00bcd3f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd1ef
                                                                                                                                                                                                                                                        0x00bcd1ef
                                                                                                                                                                                                                                                        0x00bcd1f1
                                                                                                                                                                                                                                                        0x00bcd1f3
                                                                                                                                                                                                                                                        0x00bcd1f7
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd4d0
                                                                                                                                                                                                                                                        0x00bcd4d3
                                                                                                                                                                                                                                                        0x00bcd4d9
                                                                                                                                                                                                                                                        0x00bcd4dc
                                                                                                                                                                                                                                                        0x00bcd4e3
                                                                                                                                                                                                                                                        0x00bcd4e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd4ed
                                                                                                                                                                                                                                                        0x00bcd4ed
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd1fd
                                                                                                                                                                                                                                                        0x00bcd1fd
                                                                                                                                                                                                                                                        0x00bcd1ff
                                                                                                                                                                                                                                                        0x00bcd201
                                                                                                                                                                                                                                                        0x00bcd203
                                                                                                                                                                                                                                                        0x00bcd208
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd610
                                                                                                                                                                                                                                                        0x00bcd613
                                                                                                                                                                                                                                                        0x00bcd62f
                                                                                                                                                                                                                                                        0x00bcd62f
                                                                                                                                                                                                                                                        0x00bcd615
                                                                                                                                                                                                                                                        0x00bcd617
                                                                                                                                                                                                                                                        0x00bcd618
                                                                                                                                                                                                                                                        0x00bcd61d
                                                                                                                                                                                                                                                        0x00bcd620
                                                                                                                                                                                                                                                        0x00bcd622
                                                                                                                                                                                                                                                        0x00bcd627
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd62d
                                                                                                                                                                                                                                                        0x00bcd62d
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd20e
                                                                                                                                                                                                                                                        0x00bcd20e
                                                                                                                                                                                                                                                        0x00bcd210
                                                                                                                                                                                                                                                        0x00bcd211
                                                                                                                                                                                                                                                        0x00bcd216
                                                                                                                                                                                                                                                        0x00bcd219
                                                                                                                                                                                                                                                        0x00bcd21c
                                                                                                                                                                                                                                                        0x00bcd21e
                                                                                                                                                                                                                                                        0x00bcd220
                                                                                                                                                                                                                                                        0x00bcd225
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd63d
                                                                                                                                                                                                                                                        0x00bcd63f
                                                                                                                                                                                                                                                        0x00bcd65b
                                                                                                                                                                                                                                                        0x00bcd65b
                                                                                                                                                                                                                                                        0x00bcd641
                                                                                                                                                                                                                                                        0x00bcd643
                                                                                                                                                                                                                                                        0x00bcd644
                                                                                                                                                                                                                                                        0x00bcd649
                                                                                                                                                                                                                                                        0x00bcd64c
                                                                                                                                                                                                                                                        0x00bcd64f
                                                                                                                                                                                                                                                        0x00bcd653
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd659
                                                                                                                                                                                                                                                        0x00bcd659
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd22b
                                                                                                                                                                                                                                                        0x00bcd22b
                                                                                                                                                                                                                                                        0x00bcd22d
                                                                                                                                                                                                                                                        0x00bcd22e
                                                                                                                                                                                                                                                        0x00bcd23c
                                                                                                                                                                                                                                                        0x00bcd242
                                                                                                                                                                                                                                                        0x00bcd24a
                                                                                                                                                                                                                                                        0x00bcd24c
                                                                                                                                                                                                                                                        0x00bcd24f
                                                                                                                                                                                                                                                        0x00bcd25f
                                                                                                                                                                                                                                                        0x00bcd26d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00bccfe0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfd6
                                                                                                                                                                                                                                                        0x00bcd08c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2c3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetQueuedCompletionStatus.KERNEL32(?,00000000,00000000,00000000,000000FF), ref: 00BCD07E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,0000000C), ref: 00BCD211
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,0000000C), ref: 00BCD22E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000014,00000014), ref: 00BCD24F
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 00BCD58F
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 00BCD5AC
                                                                                                                                                                                                                                                        • SetEvent.KERNEL32(?), ref: 00BCD5CE
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$CriticalSection$CompletionEnterEventLeaveQueuedStatus
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1248405278-0
                                                                                                                                                                                                                                                        • Opcode ID: c25815eb085f6f8aeb6dc08a75c3a3e36a179178e9e779464c73e009ec890ee4
                                                                                                                                                                                                                                                        • Instruction ID: 36d0d8572c6bd4b2cf82018ff65b1e4fad2c605acbc8d14c32db50d17af2d06a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c25815eb085f6f8aeb6dc08a75c3a3e36a179178e9e779464c73e009ec890ee4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 653105756007019FC7209F24D985F66BBF4FB18310F504AADE98B97A61EB35F909CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BC04D0(void* __ecx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t46;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 = _a4;
                                                                                                                                                                                                                                                        				if(_t44 != 0) {
                                                                                                                                                                                                                                                        					_t35 = __ecx + 4;
                                                                                                                                                                                                                                                        					_push(_t35);
                                                                                                                                                                                                                                                        					L00BEF708();
                                                                                                                                                                                                                                                        					_t21 =  *(__ecx + 8);
                                                                                                                                                                                                                                                        					 *(__ecx + 8) = 0;
                                                                                                                                                                                                                                                        					_push(_t35);
                                                                                                                                                                                                                                                        					_t36 = _t21;
                                                                                                                                                                                                                                                        					L00BEF756();
                                                                                                                                                                                                                                                        					if(_t36 != 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t44 + 0x10))(_t36);
                                                                                                                                                                                                                                                        						_t24 =  *(_t36 + 4);
                                                                                                                                                                                                                                                        						_t45 =  *_t36;
                                                                                                                                                                                                                                                        						if(_t24 <= 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							if(_t45 != 0x38) {
                                                                                                                                                                                                                                                        								RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t45);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							return RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t36);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t43 = _t45 + _t24 * 0x38;
                                                                                                                                                                                                                                                        						_t46 = _t45 + 0x14;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t31 =  *(_t46 + 0x14);
                                                                                                                                                                                                                                                        							if(_t31 != 4) {
                                                                                                                                                                                                                                                        								RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t31);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if( *(_t46 + 0xc) != 0) {
                                                                                                                                                                                                                                                        								RtlFreeUnicodeString(_t46 + 8);
                                                                                                                                                                                                                                                        								 *(_t46 + 0xc) = 0;
                                                                                                                                                                                                                                                        								 *(_t46 + 8) = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if( *(_t46 + 4) != 0) {
                                                                                                                                                                                                                                                        								RtlFreeUnicodeString(_t46);
                                                                                                                                                                                                                                                        								 *(_t46 + 4) = 0;
                                                                                                                                                                                                                                                        								 *_t46 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t54 = _t46 + 0x24 - _t43;
                                                                                                                                                                                                                                                        							_t46 = _t46 + 0x38;
                                                                                                                                                                                                                                                        						} while (_t54 < 0);
                                                                                                                                                                                                                                                        						_t45 =  *_t36;
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t21;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bc04d6
                                                                                                                                                                                                                                                        0x00bc04db
                                                                                                                                                                                                                                                        0x00bc04e1
                                                                                                                                                                                                                                                        0x00bc04e6
                                                                                                                                                                                                                                                        0x00bc04e7
                                                                                                                                                                                                                                                        0x00bc04ec
                                                                                                                                                                                                                                                        0x00bc04ef
                                                                                                                                                                                                                                                        0x00bc04f6
                                                                                                                                                                                                                                                        0x00bc04f7
                                                                                                                                                                                                                                                        0x00bc04f9
                                                                                                                                                                                                                                                        0x00bc0500
                                                                                                                                                                                                                                                        0x00bc050b
                                                                                                                                                                                                                                                        0x00bc050e
                                                                                                                                                                                                                                                        0x00bc0511
                                                                                                                                                                                                                                                        0x00bc0515
                                                                                                                                                                                                                                                        0x00bc0593
                                                                                                                                                                                                                                                        0x00bc0596
                                                                                                                                                                                                                                                        0x00bc05a7
                                                                                                                                                                                                                                                        0x00bc05a7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc05bb
                                                                                                                                                                                                                                                        0x00bc051a
                                                                                                                                                                                                                                                        0x00bc051c
                                                                                                                                                                                                                                                        0x00bc053c
                                                                                                                                                                                                                                                        0x00bc053c
                                                                                                                                                                                                                                                        0x00bc0542
                                                                                                                                                                                                                                                        0x00bc0554
                                                                                                                                                                                                                                                        0x00bc0554
                                                                                                                                                                                                                                                        0x00bc055d
                                                                                                                                                                                                                                                        0x00bc0563
                                                                                                                                                                                                                                                        0x00bc0568
                                                                                                                                                                                                                                                        0x00bc056f
                                                                                                                                                                                                                                                        0x00bc056f
                                                                                                                                                                                                                                                        0x00bc057a
                                                                                                                                                                                                                                                        0x00bc057d
                                                                                                                                                                                                                                                        0x00bc0582
                                                                                                                                                                                                                                                        0x00bc0589
                                                                                                                                                                                                                                                        0x00bc0589
                                                                                                                                                                                                                                                        0x00bc0536
                                                                                                                                                                                                                                                        0x00bc0538
                                                                                                                                                                                                                                                        0x00bc0538
                                                                                                                                                                                                                                                        0x00bc0591
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0591
                                                                                                                                                                                                                                                        0x00bc0500
                                                                                                                                                                                                                                                        0x00bc05c4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(?), ref: 00BC04E7
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BC04F9
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,?), ref: 00BC0554
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(00000000), ref: 00BC0563
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?), ref: 00BC057D
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,?), ref: 00BC05A7
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,?), ref: 00BC05BB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Free$Heap$ExclusiveLockStringUnicode$AcquireRelease
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1699237932-0
                                                                                                                                                                                                                                                        • Opcode ID: 265b35d8e6bda7ee8d5c3aacc7550c17df9e173ac5edb2d5134c92326827c5a9
                                                                                                                                                                                                                                                        • Instruction ID: c1984095fa38b76b689ca7682918fd61d51f00329418a8bd005f8aad6befcbf2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 265b35d8e6bda7ee8d5c3aacc7550c17df9e173ac5edb2d5134c92326827c5a9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6121AC72610651DFD720AF1AC8C4F66B7E8EF24710F1584ADE8469B661D774EC41CF90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BC8BE0(void* __edx, void* __eflags, intOrPtr* _a4, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				void* _v124;
                                                                                                                                                                                                                                                        				char _v196;
                                                                                                                                                                                                                                                        				intOrPtr _v200;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				intOrPtr* _t25;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				intOrPtr* _t36;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				intOrPtr* _t50;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				intOrPtr* _t62;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t64 = __eflags;
                                                                                                                                                                                                                                                        				_t48 = __edx;
                                                                                                                                                                                                                                                        				_t57 = (_t55 & 0xfffffff8) - 0xa0;
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t36 = _a4;
                                                                                                                                                                                                                                                        				_t52 = _t57;
                                                                                                                                                                                                                                                        				_v24 = _t18 ^ _t54;
                                                                                                                                                                                                                                                        				E00BBC880(_t57, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t64, E00BBC940(_t64, _t57, _a12), " (");
                                                                                                                                                                                                                                                        				_t50 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z;
                                                                                                                                                                                                                                                        				 *_t50( *_t36,  *((intOrPtr*)(_t36 + 4)));
                                                                                                                                                                                                                                                        				E00BBC940(_t64, _t57, " vs. ");
                                                                                                                                                                                                                                                        				_t25 = _a8;
                                                                                                                                                                                                                                                        				 *_t50( *_t25,  *((intOrPtr*)(_t25 + 4)));
                                                                                                                                                                                                                                                        				_t27 = E00BBC940(_t64, _t52, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t62 = _t57 + 0x24;
                                                                                                                                                                                                                                                        				_t53 = _t27;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v196, _t27);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t62 +  *((intOrPtr*)( *_t62 + 4)))) = 0xbf0324;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t62 +  *((intOrPtr*)( *_t62 + 4)) - 4)) =  *((intOrPtr*)( *_t62 + 4)) - 0x50;
                                                                                                                                                                                                                                                        				_v200 = 0xbf0330;
                                                                                                                                                                                                                                                        				E00BBD690( &_v196, _t53, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_v52 ^ _t54, _t48);
                                                                                                                                                                                                                                                        				return _t53;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bc8be0
                                                                                                                                                                                                                                                        0x00bc8be0
                                                                                                                                                                                                                                                        0x00bc8be9
                                                                                                                                                                                                                                                        0x00bc8bef
                                                                                                                                                                                                                                                        0x00bc8bf4
                                                                                                                                                                                                                                                        0x00bc8bfa
                                                                                                                                                                                                                                                        0x00bc8c00
                                                                                                                                                                                                                                                        0x00bc8c0b
                                                                                                                                                                                                                                                        0x00bc8c20
                                                                                                                                                                                                                                                        0x00bc8c28
                                                                                                                                                                                                                                                        0x00bc8c35
                                                                                                                                                                                                                                                        0x00bc8c3d
                                                                                                                                                                                                                                                        0x00bc8c45
                                                                                                                                                                                                                                                        0x00bc8c4f
                                                                                                                                                                                                                                                        0x00bc8c57
                                                                                                                                                                                                                                                        0x00bc8c61
                                                                                                                                                                                                                                                        0x00bc8c66
                                                                                                                                                                                                                                                        0x00bc8c6d
                                                                                                                                                                                                                                                        0x00bc8c72
                                                                                                                                                                                                                                                        0x00bc8c81
                                                                                                                                                                                                                                                        0x00bc8c91
                                                                                                                                                                                                                                                        0x00bc8c97
                                                                                                                                                                                                                                                        0x00bc8c9f
                                                                                                                                                                                                                                                        0x00bc8ca6
                                                                                                                                                                                                                                                        0x00bc8cae
                                                                                                                                                                                                                                                        0x00bc8cbd
                                                                                                                                                                                                                                                        0x00bc8ccb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z.MSVCP140(FFFFFFFF,?,?,?,00000002,00000001), ref: 00BC8C35
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z.MSVCP140(7FFFFFFF,?,?,?,?,?,00000002,00000001), ref: 00BC8C4F
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BC8C61
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BC8CA6
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BC8CAE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@_$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs.
                                                                                                                                                                                                                                                        • API String ID: 759890191-795465908
                                                                                                                                                                                                                                                        • Opcode ID: f5a60a1395614e144680e7b420a283ca62a00d7f5345e52953ba6201e67f841a
                                                                                                                                                                                                                                                        • Instruction ID: 6af0c54151590111a1d05062e610c09894da884ff401eabcfbe1b46898a2a2cf
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f5a60a1395614e144680e7b420a283ca62a00d7f5345e52953ba6201e67f841a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FE21B675700204ABCB10FF28EC46DBEBBE5EF85710F044468FD4947392DA71A918C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BC4A90(void* __edx, void* __eflags, intOrPtr* _a4, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				char _v188;
                                                                                                                                                                                                                                                        				intOrPtr _v192;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t48;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __eflags;
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				_t55 = (_t53 & 0xfffffff8) - 0xa0;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t50 = _t55;
                                                                                                                                                                                                                                                        				_v24 = _t16 ^ _t52;
                                                                                                                                                                                                                                                        				E00BBC880(_t55, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, E00BBC940(_t62, _t55, _a12), " (");
                                                                                                                                                                                                                                                        				_t48 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z;
                                                                                                                                                                                                                                                        				 *_t48( *_a4);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, _t55, " vs. ");
                                                                                                                                                                                                                                                        				 *_t48( *_a8);
                                                                                                                                                                                                                                                        				_t25 = E00BBC940(_t62, _t50, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t60 = _t55 + 0x24;
                                                                                                                                                                                                                                                        				_t51 = _t25;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v188, _t25);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)))) = 0xbf0324;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)) - 4)) =  *((intOrPtr*)( *_t60 + 4)) - 0x50;
                                                                                                                                                                                                                                                        				_v192 = 0xbf0330;
                                                                                                                                                                                                                                                        				E00BBD690( &_v188, _t51, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_v44 ^ _t52, _t46);
                                                                                                                                                                                                                                                        				return _t51;
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bc4a90
                                                                                                                                                                                                                                                        0x00bc4a90
                                                                                                                                                                                                                                                        0x00bc4a99
                                                                                                                                                                                                                                                        0x00bc4a9f
                                                                                                                                                                                                                                                        0x00bc4aaa
                                                                                                                                                                                                                                                        0x00bc4ab0
                                                                                                                                                                                                                                                        0x00bc4abb
                                                                                                                                                                                                                                                        0x00bc4ad0
                                                                                                                                                                                                                                                        0x00bc4ad8
                                                                                                                                                                                                                                                        0x00bc4ae2
                                                                                                                                                                                                                                                        0x00bc4aea
                                                                                                                                                                                                                                                        0x00bc4af9
                                                                                                                                                                                                                                                        0x00bc4b01
                                                                                                                                                                                                                                                        0x00bc4b0b
                                                                                                                                                                                                                                                        0x00bc4b10
                                                                                                                                                                                                                                                        0x00bc4b17
                                                                                                                                                                                                                                                        0x00bc4b1c
                                                                                                                                                                                                                                                        0x00bc4b2b
                                                                                                                                                                                                                                                        0x00bc4b3b
                                                                                                                                                                                                                                                        0x00bc4b41
                                                                                                                                                                                                                                                        0x00bc4b49
                                                                                                                                                                                                                                                        0x00bc4b50
                                                                                                                                                                                                                                                        0x00bc4b58
                                                                                                                                                                                                                                                        0x00bc4b67
                                                                                                                                                                                                                                                        0x00bc4b75

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z.MSVCP140(?,?,?,00000002,00000001), ref: 00BC4AE2
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BC4AF9
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BC4B0B
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BC4B50
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BC4B58
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs.
                                                                                                                                                                                                                                                        • API String ID: 4214169141-795465908
                                                                                                                                                                                                                                                        • Opcode ID: 113fc12c45aacdfb35c2ed640a6ced32ae7a8c4644e8e6fead1c21170783fea6
                                                                                                                                                                                                                                                        • Instruction ID: df8dae6274bd07ba9721a59aa473621a4a15a5cfb0a449fdcdb9be4a720e6745
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 113fc12c45aacdfb35c2ed640a6ced32ae7a8c4644e8e6fead1c21170783fea6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4A219275700244ABD720FB28EC46DBEBBE5EF85710F004468F84997392DE71A908C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BC2290(void* __edx, void* __eflags, intOrPtr* _a4, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				char _v188;
                                                                                                                                                                                                                                                        				intOrPtr _v192;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t48;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __eflags;
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				_t55 = (_t53 & 0xfffffff8) - 0xa0;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t50 = _t55;
                                                                                                                                                                                                                                                        				_v24 = _t16 ^ _t52;
                                                                                                                                                                                                                                                        				E00BBC880(_t55, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, E00BBC940(_t62, _t55, _a12), " (");
                                                                                                                                                                                                                                                        				_t48 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z;
                                                                                                                                                                                                                                                        				 *_t48( *_a4);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, _t55, " vs. ");
                                                                                                                                                                                                                                                        				 *_t48( *_a8);
                                                                                                                                                                                                                                                        				_t25 = E00BBC940(_t62, _t50, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t60 = _t55 + 0x24;
                                                                                                                                                                                                                                                        				_t51 = _t25;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v188, _t25);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)))) = 0xbf0324;
                                                                                                                                                                                                                                                        				_t10 =  *((intOrPtr*)( *_t60 + 4)) - 0x50; // -80
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)) - 4)) = _t10;
                                                                                                                                                                                                                                                        				_v192 = 0xbf0330;
                                                                                                                                                                                                                                                        				E00BBD690( &_v188, _t51, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_v44 ^ _t52, _t46);
                                                                                                                                                                                                                                                        				return _t51;
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bc2290
                                                                                                                                                                                                                                                        0x00bc2290
                                                                                                                                                                                                                                                        0x00bc2299
                                                                                                                                                                                                                                                        0x00bc229f
                                                                                                                                                                                                                                                        0x00bc22aa
                                                                                                                                                                                                                                                        0x00bc22b0
                                                                                                                                                                                                                                                        0x00bc22bb
                                                                                                                                                                                                                                                        0x00bc22d0
                                                                                                                                                                                                                                                        0x00bc22d8
                                                                                                                                                                                                                                                        0x00bc22e2
                                                                                                                                                                                                                                                        0x00bc22ea
                                                                                                                                                                                                                                                        0x00bc22f9
                                                                                                                                                                                                                                                        0x00bc2301
                                                                                                                                                                                                                                                        0x00bc230b
                                                                                                                                                                                                                                                        0x00bc2310
                                                                                                                                                                                                                                                        0x00bc2317
                                                                                                                                                                                                                                                        0x00bc231c
                                                                                                                                                                                                                                                        0x00bc232b
                                                                                                                                                                                                                                                        0x00bc2338
                                                                                                                                                                                                                                                        0x00bc233b
                                                                                                                                                                                                                                                        0x00bc2341
                                                                                                                                                                                                                                                        0x00bc2349
                                                                                                                                                                                                                                                        0x00bc2350
                                                                                                                                                                                                                                                        0x00bc2358
                                                                                                                                                                                                                                                        0x00bc2367
                                                                                                                                                                                                                                                        0x00bc2375

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(FFFFFFFF,?,?,00000002,00000001), ref: 00BC22E2
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BC22F9
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BC230B
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BC2350
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BC2358
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs.
                                                                                                                                                                                                                                                        • API String ID: 4214169141-795465908
                                                                                                                                                                                                                                                        • Opcode ID: 3788ea9c73d499a40e06079d539f2ce10a5f0b636d2389c941a27ce011778a7b
                                                                                                                                                                                                                                                        • Instruction ID: f7b901912750b57afe633320434b5151624141c5f2b9f34581ed39488df43114
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3788ea9c73d499a40e06079d539f2ce10a5f0b636d2389c941a27ce011778a7b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 46219275700244ABD720FB28EC46DBEBBE5EF85710F004468FC4997392DEB1A908C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 91%
                                                                                                                                                                                                                                                        			E00BE1950(void* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				long _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 = __edx;
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t13 = _t12 ^ _t35;
                                                                                                                                                                                                                                                        				_v20 = _t13;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t31 = 0x3f0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t32 = __ecx;
                                                                                                                                                                                                                                                        					_v92 = 0x4c;
                                                                                                                                                                                                                                                        					_push(0x4c);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t37 = _t36 + 4;
                                                                                                                                                                                                                                                        					_t34 = _t13;
                                                                                                                                                                                                                                                        					if(GetTokenInformation( *(__ecx + 0x30), 1, _t34, 0x4c,  &_v92) == 0) {
                                                                                                                                                                                                                                                        						_t31 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t23 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t23,  *_t34);
                                                                                                                                                                                                                                                        						_t28 =  *(_t32 + 0x1c);
                                                                                                                                                                                                                                                        						_t20 =  *((intOrPtr*)(_t32 + 0x20));
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t32 + 0x20)) == _t28) {
                                                                                                                                                                                                                                                        							E00BCCB00(_t32 + 0x18, _t20, _t23);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							memcpy(_t28, _t23, 0x44);
                                                                                                                                                                                                                                                        							_t37 = _t37 + 0xc;
                                                                                                                                                                                                                                                        							 *(_t32 + 0x1c) =  *(_t32 + 0x1c) + 0x44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t31 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t34);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t35, _t30);
                                                                                                                                                                                                                                                        				return _t31;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00be1950
                                                                                                                                                                                                                                                        0x00be1959
                                                                                                                                                                                                                                                        0x00be195e
                                                                                                                                                                                                                                                        0x00be1960
                                                                                                                                                                                                                                                        0x00be1967
                                                                                                                                                                                                                                                        0x00be19d9
                                                                                                                                                                                                                                                        0x00be1969
                                                                                                                                                                                                                                                        0x00be1969
                                                                                                                                                                                                                                                        0x00be196b
                                                                                                                                                                                                                                                        0x00be1972
                                                                                                                                                                                                                                                        0x00be1974
                                                                                                                                                                                                                                                        0x00be1979
                                                                                                                                                                                                                                                        0x00be197c
                                                                                                                                                                                                                                                        0x00be1992
                                                                                                                                                                                                                                                        0x00be19e6
                                                                                                                                                                                                                                                        0x00be1994
                                                                                                                                                                                                                                                        0x00be1994
                                                                                                                                                                                                                                                        0x00be199b
                                                                                                                                                                                                                                                        0x00be19a0
                                                                                                                                                                                                                                                        0x00be19a3
                                                                                                                                                                                                                                                        0x00be19a8
                                                                                                                                                                                                                                                        0x00be19f1
                                                                                                                                                                                                                                                        0x00be19aa
                                                                                                                                                                                                                                                        0x00be19ae
                                                                                                                                                                                                                                                        0x00be19b3
                                                                                                                                                                                                                                                        0x00be19b6
                                                                                                                                                                                                                                                        0x00be19b6
                                                                                                                                                                                                                                                        0x00be19ba
                                                                                                                                                                                                                                                        0x00be19ba
                                                                                                                                                                                                                                                        0x00be19bc
                                                                                                                                                                                                                                                        0x00be19bd
                                                                                                                                                                                                                                                        0x00be19c2
                                                                                                                                                                                                                                                        0x00be19ca
                                                                                                                                                                                                                                                        0x00be19d8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000004C,?,?,?,?,?,?,?,?,?,?,?,?,?,?,000000A0), ref: 00BE1974
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000001(TokenIntegrityLevel),00000000,0000004C,?), ref: 00BE198A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00000044,00000000), ref: 00BE19AE
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BE19BD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE19E0
                                                                                                                                                                                                                                                          • Part of subcall function 00BE7140: CopySid.ADVAPI32(00000044,?,00BCBFFF,00000000,?,00BCBFFF,?), ref: 00BE71C3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@CopyErrorInformationLastTokenmemcpy
                                                                                                                                                                                                                                                        • String ID: L
                                                                                                                                                                                                                                                        • API String ID: 1725515051-2909332022
                                                                                                                                                                                                                                                        • Opcode ID: 12bf227d76da8a9978fc9a32360cfa2b76abbd539c8b228bace3cf17a96b6ff1
                                                                                                                                                                                                                                                        • Instruction ID: d1da06709ebf5c09761159556978e0d9160e0bfbe2e65f4fb9dad3b1c22301c3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 12bf227d76da8a9978fc9a32360cfa2b76abbd539c8b228bace3cf17a96b6ff1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 491104F1A00284ABE710AB66DC9AE6E7BE9FF40340F240469F50A8B292DF359C05C695
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BE1CA0(void* __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				long _t30;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t13 = _t12 ^ _t33;
                                                                                                                                                                                                                                                        				_v20 = _t13;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t30 = 0x3f0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t31 = __ecx;
                                                                                                                                                                                                                                                        					_v92 = 0x4c;
                                                                                                                                                                                                                                                        					_push(0x4c);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t35 = _t34 + 4;
                                                                                                                                                                                                                                                        					_t32 = _t13;
                                                                                                                                                                                                                                                        					if(GetTokenInformation( *(__ecx + 0x30), 1, _t32, 0x4c,  &_v92) == 0) {
                                                                                                                                                                                                                                                        						_t30 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t23 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t23,  *_t32);
                                                                                                                                                                                                                                                        						_t20 =  *(_t31 + 4);
                                                                                                                                                                                                                                                        						_t29 =  *((intOrPtr*)(_t31 + 8));
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t31 + 8)) == _t20) {
                                                                                                                                                                                                                                                        							E00BCCB00(_t31, _t29, _t23);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							memcpy(_t20, _t23, 0x44);
                                                                                                                                                                                                                                                        							_t35 = _t35 + 0xc;
                                                                                                                                                                                                                                                        							 *(_t31 + 4) =  *(_t31 + 4) + 0x44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t30 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t32);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t33, _t29);
                                                                                                                                                                                                                                                        				return _t30;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00be1ca9
                                                                                                                                                                                                                                                        0x00be1cae
                                                                                                                                                                                                                                                        0x00be1cb0
                                                                                                                                                                                                                                                        0x00be1cb7
                                                                                                                                                                                                                                                        0x00be1d29
                                                                                                                                                                                                                                                        0x00be1cb9
                                                                                                                                                                                                                                                        0x00be1cb9
                                                                                                                                                                                                                                                        0x00be1cbb
                                                                                                                                                                                                                                                        0x00be1cc2
                                                                                                                                                                                                                                                        0x00be1cc4
                                                                                                                                                                                                                                                        0x00be1cc9
                                                                                                                                                                                                                                                        0x00be1ccc
                                                                                                                                                                                                                                                        0x00be1ce2
                                                                                                                                                                                                                                                        0x00be1d36
                                                                                                                                                                                                                                                        0x00be1ce4
                                                                                                                                                                                                                                                        0x00be1ce4
                                                                                                                                                                                                                                                        0x00be1ceb
                                                                                                                                                                                                                                                        0x00be1cf0
                                                                                                                                                                                                                                                        0x00be1cf3
                                                                                                                                                                                                                                                        0x00be1cf8
                                                                                                                                                                                                                                                        0x00be1d3e
                                                                                                                                                                                                                                                        0x00be1cfa
                                                                                                                                                                                                                                                        0x00be1cfe
                                                                                                                                                                                                                                                        0x00be1d03
                                                                                                                                                                                                                                                        0x00be1d06
                                                                                                                                                                                                                                                        0x00be1d06
                                                                                                                                                                                                                                                        0x00be1d0a
                                                                                                                                                                                                                                                        0x00be1d0a
                                                                                                                                                                                                                                                        0x00be1d0c
                                                                                                                                                                                                                                                        0x00be1d0d
                                                                                                                                                                                                                                                        0x00be1d12
                                                                                                                                                                                                                                                        0x00be1d1a
                                                                                                                                                                                                                                                        0x00be1d28

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000004C), ref: 00BE1CC4
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000001(TokenIntegrityLevel),00000000,0000004C,?,?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 00BE1CDA
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00000044,00000000,?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 00BE1CFE
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,?,?,?,?,?,00000000,?,00000000,?,00BE2B03,00000000,00000012), ref: 00BE1D0D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00000000,?,00000000,?,00BE2B03,00000000,00000012,00000000), ref: 00BE1D30
                                                                                                                                                                                                                                                          • Part of subcall function 00BE7140: CopySid.ADVAPI32(00000044,?,00BCBFFF,00000000,?,00BCBFFF,?), ref: 00BE71C3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@CopyErrorInformationLastTokenmemcpy
                                                                                                                                                                                                                                                        • String ID: L
                                                                                                                                                                                                                                                        • API String ID: 1725515051-2909332022
                                                                                                                                                                                                                                                        • Opcode ID: be4f82d8e2f967151e6f502a21f50f28d73ededefbecfdee84fcf357ea7c533f
                                                                                                                                                                                                                                                        • Instruction ID: 617f6d7b323eaed4782fe2786e8aa5ef0f65f482b5019779beb141ba20c36aa4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: be4f82d8e2f967151e6f502a21f50f28d73ededefbecfdee84fcf357ea7c533f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A011E7F1B00189ABE710AB66DC86EAF7BE9FF80344F2448B5F50A47280DF359C14C291
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 85%
                                                                                                                                                                                                                                                        			E00BEB6C0(void* _a4, union _TOKEN_INFORMATION_CLASS _a8, void** _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				long _t21;
                                                                                                                                                                                                                                                        				void** _t24;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				DWORD* _t27;
                                                                                                                                                                                                                                                        				long _t28;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t27 =  &_v24;
                                                                                                                                                                                                                                                        				_v20 = _t11 ^ _t29;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_t13 = GetTokenInformation(_a4, _a8, 0, 0, _t27);
                                                                                                                                                                                                                                                        				_t21 = _v24;
                                                                                                                                                                                                                                                        				if(_t21 == 0) {
                                                                                                                                                                                                                                                        					_t28 = GetLastError();
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_push(_t21);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t26 = _t13;
                                                                                                                                                                                                                                                        					memset(_t13, 0, _t21);
                                                                                                                                                                                                                                                        					if(GetTokenInformation(_a4, _a8, _t26, _t21, _t27) == 0) {
                                                                                                                                                                                                                                                        						_t28 = GetLastError();
                                                                                                                                                                                                                                                        						_push(_t26);
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t24 = _a12;
                                                                                                                                                                                                                                                        						_t28 = 0;
                                                                                                                                                                                                                                                        						_t20 =  *_t24;
                                                                                                                                                                                                                                                        						 *_t24 = _t26;
                                                                                                                                                                                                                                                        						if(_t20 != 0) {
                                                                                                                                                                                                                                                        							_push(_t20);
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							L00BEF6D2();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t29, _t25);
                                                                                                                                                                                                                                                        				return _t28;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00beb6c9
                                                                                                                                                                                                                                                        0x00beb6ce
                                                                                                                                                                                                                                                        0x00beb6d3
                                                                                                                                                                                                                                                        0x00beb6d6
                                                                                                                                                                                                                                                        0x00beb6e8
                                                                                                                                                                                                                                                        0x00beb6ee
                                                                                                                                                                                                                                                        0x00beb6f3
                                                                                                                                                                                                                                                        0x00beb735
                                                                                                                                                                                                                                                        0x00beb6f5
                                                                                                                                                                                                                                                        0x00beb6f5
                                                                                                                                                                                                                                                        0x00beb6f6
                                                                                                                                                                                                                                                        0x00beb6fe
                                                                                                                                                                                                                                                        0x00beb704
                                                                                                                                                                                                                                                        0x00beb71d
                                                                                                                                                                                                                                                        0x00beb73f
                                                                                                                                                                                                                                                        0x00beb741
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb71f
                                                                                                                                                                                                                                                        0x00beb71f
                                                                                                                                                                                                                                                        0x00beb722
                                                                                                                                                                                                                                                        0x00beb724
                                                                                                                                                                                                                                                        0x00beb726
                                                                                                                                                                                                                                                        0x00beb72a
                                                                                                                                                                                                                                                        0x00beb72c
                                                                                                                                                                                                                                                        0x00beb742
                                                                                                                                                                                                                                                        0x00beb742
                                                                                                                                                                                                                                                        0x00beb747
                                                                                                                                                                                                                                                        0x00beb72a
                                                                                                                                                                                                                                                        0x00beb71d
                                                                                                                                                                                                                                                        0x00beb74f
                                                                                                                                                                                                                                                        0x00beb75d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,?,00000000,00000000,?), ref: 00BEB6E8
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000000), ref: 00BEB6F6
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BEB704
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,?,00000000,00000000,?), ref: 00BEB715
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BEB72F
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BEB739
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BEB742
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorInformationLastToken$??2@??3@memset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3153755995-0
                                                                                                                                                                                                                                                        • Opcode ID: 08c1d5aa1596c77b4519c05c1e84dc4608023d3ae6c2e89506a0c658843f34c8
                                                                                                                                                                                                                                                        • Instruction ID: 1b0d00c5f69880e70f9f92554a375e0626b869f129f3d615ae33d9f8c8a414ac
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 08c1d5aa1596c77b4519c05c1e84dc4608023d3ae6c2e89506a0c658843f34c8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CC115EB2A00259AFDB109F66DC89F7B3BA8EF44795F100065F905AB250EB32AD14C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCBF70(void* __edx, void* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t25 = __edx;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t20 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t28;
                                                                                                                                                                                                                                                        				_v92 = 0x50;
                                                                                                                                                                                                                                                        				_t12 = malloc(0x50);
                                                                                                                                                                                                                                                        				_t30 = _t29 + 4;
                                                                                                                                                                                                                                                        				_t27 = _t12;
                                                                                                                                                                                                                                                        				if(GetTokenInformation(_t20, 0x1c, _t27, 0x50,  &_v92) == 0) {
                                                                                                                                                                                                                                                        					_t21 = _t20 & 0xffffff00 | GetLastError() == 0x00000490;
                                                                                                                                                                                                                                                        					if(_t27 != 0) {
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						free(_t27);
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t28, _t25);
                                                                                                                                                                                                                                                        						return _t21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *_t27 != 0) {
                                                                                                                                                                                                                                                        					E00BE7140( &_v88,  *((intOrPtr*)(_t27 + 4)));
                                                                                                                                                                                                                                                        					_t19 = E00BCBE80(_t25, _t20,  &_v88, 4, 0);
                                                                                                                                                                                                                                                        					_t30 = _t30 + 0x10;
                                                                                                                                                                                                                                                        					_t21 = _t19;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					SetLastError(0x13b);
                                                                                                                                                                                                                                                        					_t21 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L3;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bcbf70
                                                                                                                                                                                                                                                        0x00bcbf79
                                                                                                                                                                                                                                                        0x00bcbf7e
                                                                                                                                                                                                                                                        0x00bcbf83
                                                                                                                                                                                                                                                        0x00bcbf86
                                                                                                                                                                                                                                                        0x00bcbf8f
                                                                                                                                                                                                                                                        0x00bcbf95
                                                                                                                                                                                                                                                        0x00bcbf98
                                                                                                                                                                                                                                                        0x00bcbfac
                                                                                                                                                                                                                                                        0x00bcbfe9
                                                                                                                                                                                                                                                        0x00bcbfee
                                                                                                                                                                                                                                                        0x00bcbfc0
                                                                                                                                                                                                                                                        0x00bcbfc1
                                                                                                                                                                                                                                                        0x00bcbfca
                                                                                                                                                                                                                                                        0x00bcbfcf
                                                                                                                                                                                                                                                        0x00bcbfdd
                                                                                                                                                                                                                                                        0x00bcbfdd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbff0
                                                                                                                                                                                                                                                        0x00bcbfb1
                                                                                                                                                                                                                                                        0x00bcbffa
                                                                                                                                                                                                                                                        0x00bcc005
                                                                                                                                                                                                                                                        0x00bcc00a
                                                                                                                                                                                                                                                        0x00bcc00d
                                                                                                                                                                                                                                                        0x00bcbfb3
                                                                                                                                                                                                                                                        0x00bcbfb8
                                                                                                                                                                                                                                                        0x00bcbfbe
                                                                                                                                                                                                                                                        0x00bcbfbe
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000050), ref: 00BCBF8F
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,0000001C(TokenIntegrityLevel),00000000,00000050,?), ref: 00BCBFA4
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(0000013B), ref: 00BCBFB8
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BCBFC1
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BCBFDE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$InformationTokenfreemalloc
                                                                                                                                                                                                                                                        • String ID: P
                                                                                                                                                                                                                                                        • API String ID: 24325352-3110715001
                                                                                                                                                                                                                                                        • Opcode ID: b71da686735301225477952d07552dd0c5ff5e23f4ae47054cf8c4580dbafbb6
                                                                                                                                                                                                                                                        • Instruction ID: 1648010d0b68acc222baa062cad1d142f923215d325b225c03b2a7326361d24d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b71da686735301225477952d07552dd0c5ff5e23f4ae47054cf8c4580dbafbb6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3911A971640208ABD7205B75DC4AFAF7BA8EF44755F00046DFA06AB2C1DF719944CAA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BB7720(char* __ecx, char* __edx, struct _IO_FILE* _a4, long _a8) {
                                                                                                                                                                                                                                                        				void* _t3;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t6;
                                                                                                                                                                                                                                                        				char* _t9;
                                                                                                                                                                                                                                                        				long _t10;
                                                                                                                                                                                                                                                        				char* _t11;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t6 = _a4;
                                                                                                                                                                                                                                                        				_t9 = __edx;
                                                                                                                                                                                                                                                        				_t11 = __ecx;
                                                                                                                                                                                                                                                        				_t3 = _fileno(_t6);
                                                                                                                                                                                                                                                        				if(_t3 == 0xfffffffe) {
                                                                                                                                                                                                                                                        					return freopen(_t11, _t9, _t6);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t3 >= 0) {
                                                                                                                                                                                                                                                        					__imp___get_osfhandle(_t3);
                                                                                                                                                                                                                                                        					if(_t3 != 0xffffffff) {
                                                                                                                                                                                                                                                        						_t10 = _a8;
                                                                                                                                                                                                                                                        						_t12 = _t3;
                                                                                                                                                                                                                                                        						_t3 = GetStdHandle(_t10);
                                                                                                                                                                                                                                                        						if(_t3 != _t12) {
                                                                                                                                                                                                                                                        							return SetStdHandle(_t10, _t12);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t3;
                                                                                                                                                                                                                                                        			}









                                                                                                                                                                                                                                                        0x00bb7726
                                                                                                                                                                                                                                                        0x00bb7729
                                                                                                                                                                                                                                                        0x00bb772b
                                                                                                                                                                                                                                                        0x00bb772e
                                                                                                                                                                                                                                                        0x00bb773a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb776d
                                                                                                                                                                                                                                                        0x00bb773e
                                                                                                                                                                                                                                                        0x00bb7741
                                                                                                                                                                                                                                                        0x00bb774d
                                                                                                                                                                                                                                                        0x00bb774f
                                                                                                                                                                                                                                                        0x00bb7752
                                                                                                                                                                                                                                                        0x00bb7755
                                                                                                                                                                                                                                                        0x00bb775d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7774
                                                                                                                                                                                                                                                        0x00bb775d
                                                                                                                                                                                                                                                        0x00bb774d
                                                                                                                                                                                                                                                        0x00bb7763

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _fileno.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,7633F9B0,00000001,?,?,00BB5B62,00000000,000000F5,00BB466E), ref: 00BB772E
                                                                                                                                                                                                                                                        • _get_osfhandle.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,000000F5,00BB466E), ref: 00BB7741
                                                                                                                                                                                                                                                        • GetStdHandle.KERNEL32(?), ref: 00BB7755
                                                                                                                                                                                                                                                        • freopen.API-MS-WIN-CRT-STDIO-L1-1-0(CONOUT$,00BF218A,00000000,000000F5,00BB466E), ref: 00BB7767
                                                                                                                                                                                                                                                        • SetStdHandle.KERNEL32(?,00000000), ref: 00BB7774
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Handle$_fileno_get_osfhandlefreopen
                                                                                                                                                                                                                                                        • String ID: CONOUT$
                                                                                                                                                                                                                                                        • API String ID: 1505834550-3130406586
                                                                                                                                                                                                                                                        • Opcode ID: f1c127d0a52cd1ecc67453c3bcd986d93859b0e8759708cf474f4baceb718864
                                                                                                                                                                                                                                                        • Instruction ID: 0485705ee52f14cc8879b43d6ede9d4cf3d5169d1903f36fe7d101837d97ebf5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f1c127d0a52cd1ecc67453c3bcd986d93859b0e8759708cf474f4baceb718864
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8FF054311881146B97101B2EAC8CCBB3B6DDDC277972442E1FD2AC3262DF71DD5586E6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BEC220(void* __ecx, void* __edx, void** _a4, void* _a8, void** _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v72;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed char _v104;
                                                                                                                                                                                                                                                        				char _v105;
                                                                                                                                                                                                                                                        				int _v112;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t159;
                                                                                                                                                                                                                                                        				signed int _t160;
                                                                                                                                                                                                                                                        				intOrPtr _t162;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				void* _t165;
                                                                                                                                                                                                                                                        				void** _t167;
                                                                                                                                                                                                                                                        				void* _t173;
                                                                                                                                                                                                                                                        				void* _t174;
                                                                                                                                                                                                                                                        				void* _t177;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				signed int _t183;
                                                                                                                                                                                                                                                        				void** _t184;
                                                                                                                                                                                                                                                        				void* _t187;
                                                                                                                                                                                                                                                        				signed char _t188;
                                                                                                                                                                                                                                                        				void* _t190;
                                                                                                                                                                                                                                                        				void** _t191;
                                                                                                                                                                                                                                                        				void* _t192;
                                                                                                                                                                                                                                                        				void* _t194;
                                                                                                                                                                                                                                                        				void** _t195;
                                                                                                                                                                                                                                                        				int _t197;
                                                                                                                                                                                                                                                        				void* _t198;
                                                                                                                                                                                                                                                        				int _t199;
                                                                                                                                                                                                                                                        				void* _t200;
                                                                                                                                                                                                                                                        				void* _t201;
                                                                                                                                                                                                                                                        				void* _t202;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        				void* _t236;
                                                                                                                                                                                                                                                        				void* _t237;
                                                                                                                                                                                                                                                        				int _t238;
                                                                                                                                                                                                                                                        				void** _t242;
                                                                                                                                                                                                                                                        				void** _t245;
                                                                                                                                                                                                                                                        				void* _t246;
                                                                                                                                                                                                                                                        				void** _t247;
                                                                                                                                                                                                                                                        				int _t248;
                                                                                                                                                                                                                                                        				void** _t249;
                                                                                                                                                                                                                                                        				void* _t251;
                                                                                                                                                                                                                                                        				void* _t253;
                                                                                                                                                                                                                                                        				void** _t254;
                                                                                                                                                                                                                                                        				signed int _t257;
                                                                                                                                                                                                                                                        				void* _t258;
                                                                                                                                                                                                                                                        				void* _t259;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t200 = __ecx;
                                                                                                                                                                                                                                                        				_t159 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t253 = __edx;
                                                                                                                                                                                                                                                        				_t245 = _a4;
                                                                                                                                                                                                                                                        				_t160 = _t159 ^ _t257;
                                                                                                                                                                                                                                                        				_v20 = _t160;
                                                                                                                                                                                                                                                        				 *_a12 = 0;
                                                                                                                                                                                                                                                        				if( *_t245 == 0 || _t245[2] != 0 && _t245[3] != 0 && _t245[1] != 0 && _t245[7] != 0) {
                                                                                                                                                                                                                                                        					__imp__EncodePointer(_t200);
                                                                                                                                                                                                                                                        					_t201 = _t245[4];
                                                                                                                                                                                                                                                        					_t9 = _t201 + 4; // 0x4
                                                                                                                                                                                                                                                        					_t236 = _t9;
                                                                                                                                                                                                                                                        					if( *_t245 == 0) {
                                                                                                                                                                                                                                                        						_t245[4] = _t236;
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t162 =  *(_t253 + 4) +  *(_t253 + 8);
                                                                                                                                                                                                                                                        						__imp__EncodePointer(_t162);
                                                                                                                                                                                                                                                        						_t202 =  *_t245;
                                                                                                                                                                                                                                                        						_t191 = _t245;
                                                                                                                                                                                                                                                        						_t246 = _t245[4];
                                                                                                                                                                                                                                                        						_t22 = _t246 + 4; // 0x8
                                                                                                                                                                                                                                                        						_t237 = _t22;
                                                                                                                                                                                                                                                        						if(_t202 == 0) {
                                                                                                                                                                                                                                                        							_t191[4] = _t237;
                                                                                                                                                                                                                                                        							_t202 = 0;
                                                                                                                                                                                                                                                        							_t247 = _t191;
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							_t247[5] = _t237;
                                                                                                                                                                                                                                                        							_t248 =  *(_t253 + 8);
                                                                                                                                                                                                                                                        							if(_t248 > 4) {
                                                                                                                                                                                                                                                        								_v112 = 0xffffffff;
                                                                                                                                                                                                                                                        								_v116 =  *(_t253 + 4);
                                                                                                                                                                                                                                                        								goto L42;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v112 = 0xffffffff;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									_t241 =  &_v104;
                                                                                                                                                                                                                                                        									_t182 = E00BED280(_t253,  &_v104);
                                                                                                                                                                                                                                                        									if(_t182 < 0 || (_v104 & 0x0000000c) != 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t197 = _t182 +  *(_t253 + 8);
                                                                                                                                                                                                                                                        									 *(_t253 + 8) = _t197;
                                                                                                                                                                                                                                                        									_t241 =  *(_t253 + 4);
                                                                                                                                                                                                                                                        									_t183 =  *(_t241 + _t197) & 0x000000ff;
                                                                                                                                                                                                                                                        									_v116 = _t241;
                                                                                                                                                                                                                                                        									if((_t183 & 0x000000fc) != 0x88) {
                                                                                                                                                                                                                                                        										__eflags = _t183 - 0xe;
                                                                                                                                                                                                                                                        										if(_t183 > 0xe) {
                                                                                                                                                                                                                                                        											__eflags = _t183 - 0x33;
                                                                                                                                                                                                                                                        											if(_t183 == 0x33) {
                                                                                                                                                                                                                                                        												__eflags =  *(_t241 + _t197 + 1) - 0xc0;
                                                                                                                                                                                                                                                        												if( *(_t241 + _t197 + 1) < 0xc0) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L102:
                                                                                                                                                                                                                                                        												_t198 = _t197 + 2;
                                                                                                                                                                                                                                                        												L40:
                                                                                                                                                                                                                                                        												_t248 = _t198;
                                                                                                                                                                                                                                                        												goto L27;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = _t183 - 0xf;
                                                                                                                                                                                                                                                        											if(_t183 == 0xf) {
                                                                                                                                                                                                                                                        												__eflags = ( *(_t241 + _t197 + 1) & 0xfe) - 0x10;
                                                                                                                                                                                                                                                        												if(( *(_t241 + _t197 + 1) & 0xfe) == 0x10) {
                                                                                                                                                                                                                                                        													_t199 = _t197 + 2;
                                                                                                                                                                                                                                                        													goto L25;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												break;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L35:
                                                                                                                                                                                                                                                        											__eflags = (_t183 & 0x000000f8) - 0x40;
                                                                                                                                                                                                                                                        											if((_t183 & 0x000000f8) == 0x40) {
                                                                                                                                                                                                                                                        												L39:
                                                                                                                                                                                                                                                        												_t198 = _t197 + 1;
                                                                                                                                                                                                                                                        												__eflags = _t198;
                                                                                                                                                                                                                                                        												goto L40;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = _t183 - 0x68;
                                                                                                                                                                                                                                                        											if(_t183 == 0x68) {
                                                                                                                                                                                                                                                        												L69:
                                                                                                                                                                                                                                                        												_t198 = _t197 + 5;
                                                                                                                                                                                                                                                        												goto L40;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = _t183 - 0x83;
                                                                                                                                                                                                                                                        											if(_t183 == 0x83) {
                                                                                                                                                                                                                                                        												_t188 =  *(_t241 + _t197 + 1) & 0x000000ff;
                                                                                                                                                                                                                                                        												__eflags = _t188 - 0xc0;
                                                                                                                                                                                                                                                        												if(_t188 < 0xc0) {
                                                                                                                                                                                                                                                        													__eflags = (_t188 & 0x000000c0) - 0x40;
                                                                                                                                                                                                                                                        													if((_t188 & 0x000000c0) != 0x40) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags = (_t188 & 0x00000007) - 4;
                                                                                                                                                                                                                                                        													if((_t188 & 0x00000007) == 4) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t198 = _t197 + 4;
                                                                                                                                                                                                                                                        													goto L40;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t198 = _t197 + 3;
                                                                                                                                                                                                                                                        												goto L40;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = (_t183 & 0x000000f0) - 0x50;
                                                                                                                                                                                                                                                        											if((_t183 & 0x000000f0) != 0x50) {
                                                                                                                                                                                                                                                        												__eflags = _t183 - 0xe9;
                                                                                                                                                                                                                                                        												if(_t183 == 0xe9) {
                                                                                                                                                                                                                                                        													_t248 = _t197 + 5;
                                                                                                                                                                                                                                                        													_v112 = _t197;
                                                                                                                                                                                                                                                        													goto L27;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t183 - 0xff;
                                                                                                                                                                                                                                                        												if(_t183 == 0xff) {
                                                                                                                                                                                                                                                        													_t190 = _v116;
                                                                                                                                                                                                                                                        													__eflags =  *((char*)(_t190 + _t197 + 1)) - 0x25;
                                                                                                                                                                                                                                                        													if( *((char*)(_t190 + _t197 + 1)) != 0x25) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t198 = _t197 + 6;
                                                                                                                                                                                                                                                        													goto L40;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t183 - 0x6a;
                                                                                                                                                                                                                                                        												if(_t183 == 0x6a) {
                                                                                                                                                                                                                                                        													goto L102;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												break;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L39;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t183 - 0xa1;
                                                                                                                                                                                                                                                        										if(_t183 == 0xa1) {
                                                                                                                                                                                                                                                        											goto L69;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t183 - 0xb8;
                                                                                                                                                                                                                                                        										if(_t183 != 0xb8) {
                                                                                                                                                                                                                                                        											goto L35;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L69;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t199 = _t197 + 1;
                                                                                                                                                                                                                                                        										L25:
                                                                                                                                                                                                                                                        										 *(_t253 + 8) = _t199;
                                                                                                                                                                                                                                                        										_t187 = E00BED310(_t253);
                                                                                                                                                                                                                                                        										if(_t187 < 0) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t248 = _t187 + _t199;
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											 *(_t253 + 8) = _t248;
                                                                                                                                                                                                                                                        											if(_t248 < 5) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t184 = _a4;
                                                                                                                                                                                                                                                        												_t202 =  *_t184;
                                                                                                                                                                                                                                                        												_t237 = _t184[4];
                                                                                                                                                                                                                                                        												L42:
                                                                                                                                                                                                                                                        												_t164 = _t237 + _t248;
                                                                                                                                                                                                                                                        												if(_t202 == 0) {
                                                                                                                                                                                                                                                        													_t249 = _a4;
                                                                                                                                                                                                                                                        													_t202 = 0;
                                                                                                                                                                                                                                                        													_t192 = 1;
                                                                                                                                                                                                                                                        													_t249[4] = _t164;
                                                                                                                                                                                                                                                        													__eflags =  *(_t253 + 8) - 0x64;
                                                                                                                                                                                                                                                        													if( *(_t253 + 8) <= 0x64) {
                                                                                                                                                                                                                                                        														L51:
                                                                                                                                                                                                                                                        														_t238 = _v112;
                                                                                                                                                                                                                                                        														if(_t238 >= 0) {
                                                                                                                                                                                                                                                        															_t165 = _t249[5];
                                                                                                                                                                                                                                                        															_t114 = _t165 + 5; // 0x100000004
                                                                                                                                                                                                                                                        															__eflags = _t238 + _t114 - _t249[6];
                                                                                                                                                                                                                                                        															if(_t238 + _t114 <= _t249[6]) {
                                                                                                                                                                                                                                                        																_t249 = _a4;
                                                                                                                                                                                                                                                        																_t241 =  *(_t253 + 4) - _t165 - _t249[3];
                                                                                                                                                                                                                                                        																 *((intOrPtr*)(_t249[2] + _v112 + _t165 + 1)) =  *((intOrPtr*)(_t249[2] + _v112 + _t165 + 1)) +  *(_t253 + 4) - _t165 - _t249[3];
                                                                                                                                                                                                                                                        																__eflags = _t249[7];
                                                                                                                                                                                                                                                        																if(_t249[7] != 0) {
                                                                                                                                                                                                                                                        																	L58:
                                                                                                                                                                                                                                                        																	if( *_t249 != 0) {
                                                                                                                                                                                                                                                        																		_t194 = _t249[5] + _t249[3];
                                                                                                                                                                                                                                                        																		if(_t194 != 0) {
                                                                                                                                                                                                                                                        																			_t241 =  &_v104;
                                                                                                                                                                                                                                                        																			E00BED380(_t253,  &_v104, _t249, 0, 0);
                                                                                                                                                                                                                                                        																			_t259 = _t258 + 8;
                                                                                                                                                                                                                                                        																			if(_v44 != 0 && _v56 != 0) {
                                                                                                                                                                                                                                                        																				_v105 = 0xe9;
                                                                                                                                                                                                                                                        																				E00BBA2C0( &_v104,  &_v105);
                                                                                                                                                                                                                                                        																				_t241 = _a8;
                                                                                                                                                                                                                                                        																				E00BBA300( &_v104, _a8);
                                                                                                                                                                                                                                                        																				_t177 = E00BED4C0( &_v104);
                                                                                                                                                                                                                                                        																				_t307 = _t177;
                                                                                                                                                                                                                                                        																				if(_t177 != 0) {
                                                                                                                                                                                                                                                        																					 *_a12 = _t194;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			E00BED640( &_v52, _t307);
                                                                                                                                                                                                                                                        																			_t173 = _v48;
                                                                                                                                                                                                                                                        																			_t249 = _a4;
                                                                                                                                                                                                                                                        																			if(_t173 !=  &_v36) {
                                                                                                                                                                                                                                                        																				free(_t173);
                                                                                                                                                                                                                                                        																				_t259 = _t259 + 4;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t174 = _v84;
                                                                                                                                                                                                                                                        																			if(_t174 !=  &_v72) {
                                                                                                                                                                                                                                                        																				free(_t174);
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	L66:
                                                                                                                                                                                                                                                        																	_t167 = _a12;
                                                                                                                                                                                                                                                        																	if( *_t167 == 0) {
                                                                                                                                                                                                                                                        																		_t249[4] = 0;
                                                                                                                                                                                                                                                        																		__imp__EncodePointer(0);
                                                                                                                                                                                                                                                        																		_t206 = _t249[4];
                                                                                                                                                                                                                                                        																		__eflags =  *_t249;
                                                                                                                                                                                                                                                        																		_t127 = _t206 + 4; // 0x4
                                                                                                                                                                                                                                                        																		_t241 = _t127;
                                                                                                                                                                                                                                                        																		if( *_t249 == 0) {
                                                                                                                                                                                                                                                        																			_a4[4] = _t241;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t254 = _a4;
                                                                                                                                                                                                                                                        																			__eflags = _t241 -  *((intOrPtr*)(_t254 + 0x18));
                                                                                                                                                                                                                                                        																			if(_t241 <=  *((intOrPtr*)(_t254 + 0x18))) {
                                                                                                                                                                                                                                                        																				_t242 = _a4;
                                                                                                                                                                                                                                                        																				_t241 =  *(_t242 + 8);
                                                                                                                                                                                                                                                        																				 *( *(_t242 + 8) + _t206) = _t167;
                                                                                                                                                                                                                                                        																				 *((intOrPtr*)(_t242 + 0x10)) =  *((intOrPtr*)(_t242 + 0x10)) + 4;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_a4[7] = 0;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L67;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L66;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t249 = _a4;
                                                                                                                                                                                                                                                        															L90:
                                                                                                                                                                                                                                                        															_t249[7] = 0;
                                                                                                                                                                                                                                                        															__eflags = _t249[7];
                                                                                                                                                                                                                                                        															if(_t249[7] != 0) {
                                                                                                                                                                                                                                                        																goto L58;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L66;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														if(_t192 != 0) {
                                                                                                                                                                                                                                                        															_t179 = _t164 + 5;
                                                                                                                                                                                                                                                        															__eflags = _t179;
                                                                                                                                                                                                                                                        															_t249[4] = _t164 + 1;
                                                                                                                                                                                                                                                        															_t241 = _t179;
                                                                                                                                                                                                                                                        															L93:
                                                                                                                                                                                                                                                        															_t249 = _a4;
                                                                                                                                                                                                                                                        															_t249[4] = _t241;
                                                                                                                                                                                                                                                        															__eflags = _t249[7];
                                                                                                                                                                                                                                                        															if(_t249[7] != 0) {
                                                                                                                                                                                                                                                        																goto L58;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L66;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														if(_t164 >= _t249[6]) {
                                                                                                                                                                                                                                                        															_t249[7] = 0;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															 *((char*)(_t249[2] + _t164)) = 0xe9;
                                                                                                                                                                                                                                                        															_t202 =  *_t249;
                                                                                                                                                                                                                                                        															_t164 = _t249[4] + 1;
                                                                                                                                                                                                                                                        															_t249[4] = _t164;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t67 = _t164 + 4; // 0x5
                                                                                                                                                                                                                                                        														_t241 = _t67;
                                                                                                                                                                                                                                                        														if(_t202 == 0) {
                                                                                                                                                                                                                                                        															goto L93;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															if(_t241 > _t249[6]) {
                                                                                                                                                                                                                                                        																goto L90;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t241 = _t249[2];
                                                                                                                                                                                                                                                        															 *((intOrPtr*)(_t249[2] + _t164)) =  *(_t253 + 4) - _t164 +  *(_t253 + 8) - _t249[3] + 0xfffffffc;
                                                                                                                                                                                                                                                        															_t249[4] = _t249[4] + 4;
                                                                                                                                                                                                                                                        															if(_t249[7] == 0) {
                                                                                                                                                                                                                                                        																goto L66;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L58;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L66;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t195 = _a4;
                                                                                                                                                                                                                                                        												if(_t164 > _t195[6]) {
                                                                                                                                                                                                                                                        													_t195[7] = 0;
                                                                                                                                                                                                                                                        													L46:
                                                                                                                                                                                                                                                        													_t249 = _a4;
                                                                                                                                                                                                                                                        													if(_t249[2] == 0 || _t249[3] == 0 || _t249[1] == 0 || _t249[7] == 0) {
                                                                                                                                                                                                                                                        														goto L66;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t192 = 0;
                                                                                                                                                                                                                                                        														_t164 = _t237;
                                                                                                                                                                                                                                                        														if( *(_t253 + 8) > 0x64) {
                                                                                                                                                                                                                                                        															goto L66;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L51;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t241 = _t237 + _t195[2];
                                                                                                                                                                                                                                                        												memcpy(_t237 + _t195[2], _v116, _t248);
                                                                                                                                                                                                                                                        												_t258 = _t258 + 0xc;
                                                                                                                                                                                                                                                        												_t251 = _t195[4] + _t248;
                                                                                                                                                                                                                                                        												_t195[4] = _t251;
                                                                                                                                                                                                                                                        												_t202 =  *_t195;
                                                                                                                                                                                                                                                        												if(_t202 == 0) {
                                                                                                                                                                                                                                                        													_t164 = _t251;
                                                                                                                                                                                                                                                        													_t249 = _a4;
                                                                                                                                                                                                                                                        													_t202 = 0;
                                                                                                                                                                                                                                                        													_t192 = 1;
                                                                                                                                                                                                                                                        													__eflags =  *(_t253 + 8) - 0x64;
                                                                                                                                                                                                                                                        													if( *(_t253 + 8) <= 0x64) {
                                                                                                                                                                                                                                                        														goto L51;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L66;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t241 = _t251;
                                                                                                                                                                                                                                                        												goto L46;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t249 = _a4;
                                                                                                                                                                                                                                                        								goto L66;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t237 > _t191[6]) {
                                                                                                                                                                                                                                                        							_t241 = _t246;
                                                                                                                                                                                                                                                        							_t249 = _t191;
                                                                                                                                                                                                                                                        							_t191[7] = 0;
                                                                                                                                                                                                                                                        							__eflags = _t249[2];
                                                                                                                                                                                                                                                        							if(_t249[2] != 0) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								if(_t249[3] == 0 || _t249[1] == 0 || _t249[7] == 0) {
                                                                                                                                                                                                                                                        									goto L66;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L66;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t191[2] + _t246)) = _t162;
                                                                                                                                                                                                                                                        						_t247 = _t191;
                                                                                                                                                                                                                                                        						_t202 =  *_t191;
                                                                                                                                                                                                                                                        						_t237 = _t191[4] + 4;
                                                                                                                                                                                                                                                        						_t191[4] = _t237;
                                                                                                                                                                                                                                                        						if(_t202 == 0) {
                                                                                                                                                                                                                                                        							_t202 = 0;
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t247[2] == 0) {
                                                                                                                                                                                                                                                        							goto L66;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t236 > _t245[6]) {
                                                                                                                                                                                                                                                        						_t245[7] = 0;
                                                                                                                                                                                                                                                        						__eflags = _t245[2];
                                                                                                                                                                                                                                                        						if(_t245[2] != 0) {
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							if(_t245[3] == 0 || _t245[1] == 0 || _t245[7] == 0) {
                                                                                                                                                                                                                                                        								goto L67;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L67;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t241 = _t245[2];
                                                                                                                                                                                                                                                        					 *(_t245[2] + _t201) = _t160;
                                                                                                                                                                                                                                                        					_t245[4] = _t245[4] + 4;
                                                                                                                                                                                                                                                        					if( *_t245 == 0) {
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t245[2] == 0) {
                                                                                                                                                                                                                                                        						goto L67;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L67:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t257, _t241);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


























































                                                                                                                                                                                                                                                        0x00bec220
                                                                                                                                                                                                                                                        0x00bec229
                                                                                                                                                                                                                                                        0x00bec22e
                                                                                                                                                                                                                                                        0x00bec233
                                                                                                                                                                                                                                                        0x00bec236
                                                                                                                                                                                                                                                        0x00bec238
                                                                                                                                                                                                                                                        0x00bec23b
                                                                                                                                                                                                                                                        0x00bec244
                                                                                                                                                                                                                                                        0x00bec26f
                                                                                                                                                                                                                                                        0x00bec275
                                                                                                                                                                                                                                                        0x00bec27b
                                                                                                                                                                                                                                                        0x00bec27b
                                                                                                                                                                                                                                                        0x00bec27e
                                                                                                                                                                                                                                                        0x00bec580
                                                                                                                                                                                                                                                        0x00bec2c4
                                                                                                                                                                                                                                                        0x00bec2c7
                                                                                                                                                                                                                                                        0x00bec2cb
                                                                                                                                                                                                                                                        0x00bec2d1
                                                                                                                                                                                                                                                        0x00bec2d3
                                                                                                                                                                                                                                                        0x00bec2d5
                                                                                                                                                                                                                                                        0x00bec2d8
                                                                                                                                                                                                                                                        0x00bec2d8
                                                                                                                                                                                                                                                        0x00bec2dd
                                                                                                                                                                                                                                                        0x00bec598
                                                                                                                                                                                                                                                        0x00bec59b
                                                                                                                                                                                                                                                        0x00bec59d
                                                                                                                                                                                                                                                        0x00bec32f
                                                                                                                                                                                                                                                        0x00bec32f
                                                                                                                                                                                                                                                        0x00bec332
                                                                                                                                                                                                                                                        0x00bec338
                                                                                                                                                                                                                                                        0x00bec569
                                                                                                                                                                                                                                                        0x00bec570
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec33e
                                                                                                                                                                                                                                                        0x00bec33e
                                                                                                                                                                                                                                                        0x00bec345
                                                                                                                                                                                                                                                        0x00bec347
                                                                                                                                                                                                                                                        0x00bec34a
                                                                                                                                                                                                                                                        0x00bec351
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec363
                                                                                                                                                                                                                                                        0x00bec366
                                                                                                                                                                                                                                                        0x00bec369
                                                                                                                                                                                                                                                        0x00bec36c
                                                                                                                                                                                                                                                        0x00bec370
                                                                                                                                                                                                                                                        0x00bec37b
                                                                                                                                                                                                                                                        0x00bec3a0
                                                                                                                                                                                                                                                        0x00bec3a2
                                                                                                                                                                                                                                                        0x00bec3b5
                                                                                                                                                                                                                                                        0x00bec3b7
                                                                                                                                                                                                                                                        0x00bec6ca
                                                                                                                                                                                                                                                        0x00bec6cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec6d1
                                                                                                                                                                                                                                                        0x00bec6d1
                                                                                                                                                                                                                                                        0x00bec3ee
                                                                                                                                                                                                                                                        0x00bec3ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec3ee
                                                                                                                                                                                                                                                        0x00bec3bd
                                                                                                                                                                                                                                                        0x00bec3bf
                                                                                                                                                                                                                                                        0x00bec6e0
                                                                                                                                                                                                                                                        0x00bec6e2
                                                                                                                                                                                                                                                        0x00bec76b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec76b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec6e2
                                                                                                                                                                                                                                                        0x00bec3c5
                                                                                                                                                                                                                                                        0x00bec3ca
                                                                                                                                                                                                                                                        0x00bec3cd
                                                                                                                                                                                                                                                        0x00bec3ed
                                                                                                                                                                                                                                                        0x00bec3ed
                                                                                                                                                                                                                                                        0x00bec3ed
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec3ed
                                                                                                                                                                                                                                                        0x00bec3cf
                                                                                                                                                                                                                                                        0x00bec3d1
                                                                                                                                                                                                                                                        0x00bec578
                                                                                                                                                                                                                                                        0x00bec578
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec578
                                                                                                                                                                                                                                                        0x00bec3d7
                                                                                                                                                                                                                                                        0x00bec3d9
                                                                                                                                                                                                                                                        0x00bec5bf
                                                                                                                                                                                                                                                        0x00bec5c4
                                                                                                                                                                                                                                                        0x00bec5c6
                                                                                                                                                                                                                                                        0x00bec6f5
                                                                                                                                                                                                                                                        0x00bec6f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec6fc
                                                                                                                                                                                                                                                        0x00bec6fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec700
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec700
                                                                                                                                                                                                                                                        0x00bec5cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec5cc
                                                                                                                                                                                                                                                        0x00bec3e4
                                                                                                                                                                                                                                                        0x00bec3e7
                                                                                                                                                                                                                                                        0x00bec5d4
                                                                                                                                                                                                                                                        0x00bec5d6
                                                                                                                                                                                                                                                        0x00bec73a
                                                                                                                                                                                                                                                        0x00bec73d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec73d
                                                                                                                                                                                                                                                        0x00bec5dc
                                                                                                                                                                                                                                                        0x00bec5de
                                                                                                                                                                                                                                                        0x00bec745
                                                                                                                                                                                                                                                        0x00bec748
                                                                                                                                                                                                                                                        0x00bec74d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec74f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec74f
                                                                                                                                                                                                                                                        0x00bec5e4
                                                                                                                                                                                                                                                        0x00bec5e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec5ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec3e7
                                                                                                                                                                                                                                                        0x00bec3a4
                                                                                                                                                                                                                                                        0x00bec3a6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec3ac
                                                                                                                                                                                                                                                        0x00bec3ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec3b0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec3b0
                                                                                                                                                                                                                                                        0x00bec37d
                                                                                                                                                                                                                                                        0x00bec37d
                                                                                                                                                                                                                                                        0x00bec37e
                                                                                                                                                                                                                                                        0x00bec380
                                                                                                                                                                                                                                                        0x00bec383
                                                                                                                                                                                                                                                        0x00bec38a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec390
                                                                                                                                                                                                                                                        0x00bec392
                                                                                                                                                                                                                                                        0x00bec394
                                                                                                                                                                                                                                                        0x00bec397
                                                                                                                                                                                                                                                        0x00bec39a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec39c
                                                                                                                                                                                                                                                        0x00bec3f2
                                                                                                                                                                                                                                                        0x00bec3f5
                                                                                                                                                                                                                                                        0x00bec3f7
                                                                                                                                                                                                                                                        0x00bec3fa
                                                                                                                                                                                                                                                        0x00bec3fa
                                                                                                                                                                                                                                                        0x00bec3ff
                                                                                                                                                                                                                                                        0x00bec5f1
                                                                                                                                                                                                                                                        0x00bec5f4
                                                                                                                                                                                                                                                        0x00bec5f6
                                                                                                                                                                                                                                                        0x00bec5f8
                                                                                                                                                                                                                                                        0x00bec5fb
                                                                                                                                                                                                                                                        0x00bec5ff
                                                                                                                                                                                                                                                        0x00bec46c
                                                                                                                                                                                                                                                        0x00bec46c
                                                                                                                                                                                                                                                        0x00bec471
                                                                                                                                                                                                                                                        0x00bec62b
                                                                                                                                                                                                                                                        0x00bec62e
                                                                                                                                                                                                                                                        0x00bec632
                                                                                                                                                                                                                                                        0x00bec635
                                                                                                                                                                                                                                                        0x00bec70e
                                                                                                                                                                                                                                                        0x00bec71a
                                                                                                                                                                                                                                                        0x00bec71d
                                                                                                                                                                                                                                                        0x00bec720
                                                                                                                                                                                                                                                        0x00bec724
                                                                                                                                                                                                                                                        0x00bec4ca
                                                                                                                                                                                                                                                        0x00bec4cd
                                                                                                                                                                                                                                                        0x00bec4d2
                                                                                                                                                                                                                                                        0x00bec4d5
                                                                                                                                                                                                                                                        0x00bec4d7
                                                                                                                                                                                                                                                        0x00bec4e0
                                                                                                                                                                                                                                                        0x00bec4e5
                                                                                                                                                                                                                                                        0x00bec4ec
                                                                                                                                                                                                                                                        0x00bec4fd
                                                                                                                                                                                                                                                        0x00bec503
                                                                                                                                                                                                                                                        0x00bec50a
                                                                                                                                                                                                                                                        0x00bec50c
                                                                                                                                                                                                                                                        0x00bec513
                                                                                                                                                                                                                                                        0x00bec518
                                                                                                                                                                                                                                                        0x00bec51a
                                                                                                                                                                                                                                                        0x00bec51f
                                                                                                                                                                                                                                                        0x00bec51f
                                                                                                                                                                                                                                                        0x00bec51a
                                                                                                                                                                                                                                                        0x00bec524
                                                                                                                                                                                                                                                        0x00bec529
                                                                                                                                                                                                                                                        0x00bec52c
                                                                                                                                                                                                                                                        0x00bec534
                                                                                                                                                                                                                                                        0x00bec67b
                                                                                                                                                                                                                                                        0x00bec681
                                                                                                                                                                                                                                                        0x00bec681
                                                                                                                                                                                                                                                        0x00bec53a
                                                                                                                                                                                                                                                        0x00bec542
                                                                                                                                                                                                                                                        0x00bec68a
                                                                                                                                                                                                                                                        0x00bec690
                                                                                                                                                                                                                                                        0x00bec542
                                                                                                                                                                                                                                                        0x00bec4d5
                                                                                                                                                                                                                                                        0x00bec548
                                                                                                                                                                                                                                                        0x00bec548
                                                                                                                                                                                                                                                        0x00bec54e
                                                                                                                                                                                                                                                        0x00bec698
                                                                                                                                                                                                                                                        0x00bec6a1
                                                                                                                                                                                                                                                        0x00bec6a7
                                                                                                                                                                                                                                                        0x00bec6aa
                                                                                                                                                                                                                                                        0x00bec6ad
                                                                                                                                                                                                                                                        0x00bec6ad
                                                                                                                                                                                                                                                        0x00bec6b0
                                                                                                                                                                                                                                                        0x00bec732
                                                                                                                                                                                                                                                        0x00bec6b2
                                                                                                                                                                                                                                                        0x00bec6b2
                                                                                                                                                                                                                                                        0x00bec6b5
                                                                                                                                                                                                                                                        0x00bec6b8
                                                                                                                                                                                                                                                        0x00bec757
                                                                                                                                                                                                                                                        0x00bec75c
                                                                                                                                                                                                                                                        0x00bec75f
                                                                                                                                                                                                                                                        0x00bec762
                                                                                                                                                                                                                                                        0x00bec6be
                                                                                                                                                                                                                                                        0x00bec6c1
                                                                                                                                                                                                                                                        0x00bec6c1
                                                                                                                                                                                                                                                        0x00bec6b8
                                                                                                                                                                                                                                                        0x00bec6b0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec54e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec72a
                                                                                                                                                                                                                                                        0x00bec63b
                                                                                                                                                                                                                                                        0x00bec63e
                                                                                                                                                                                                                                                        0x00bec63e
                                                                                                                                                                                                                                                        0x00bec642
                                                                                                                                                                                                                                                        0x00bec646
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec64c
                                                                                                                                                                                                                                                        0x00bec479
                                                                                                                                                                                                                                                        0x00bec654
                                                                                                                                                                                                                                                        0x00bec654
                                                                                                                                                                                                                                                        0x00bec657
                                                                                                                                                                                                                                                        0x00bec65a
                                                                                                                                                                                                                                                        0x00bec65c
                                                                                                                                                                                                                                                        0x00bec65c
                                                                                                                                                                                                                                                        0x00bec65f
                                                                                                                                                                                                                                                        0x00bec662
                                                                                                                                                                                                                                                        0x00bec666
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec66c
                                                                                                                                                                                                                                                        0x00bec482
                                                                                                                                                                                                                                                        0x00bec671
                                                                                                                                                                                                                                                        0x00bec488
                                                                                                                                                                                                                                                        0x00bec48b
                                                                                                                                                                                                                                                        0x00bec492
                                                                                                                                                                                                                                                        0x00bec494
                                                                                                                                                                                                                                                        0x00bec495
                                                                                                                                                                                                                                                        0x00bec495
                                                                                                                                                                                                                                                        0x00bec498
                                                                                                                                                                                                                                                        0x00bec498
                                                                                                                                                                                                                                                        0x00bec49d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec4a3
                                                                                                                                                                                                                                                        0x00bec4a6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec4af
                                                                                                                                                                                                                                                        0x00bec4bd
                                                                                                                                                                                                                                                        0x00bec4c0
                                                                                                                                                                                                                                                        0x00bec4c8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec4c8
                                                                                                                                                                                                                                                        0x00bec49d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec605
                                                                                                                                                                                                                                                        0x00bec405
                                                                                                                                                                                                                                                        0x00bec40b
                                                                                                                                                                                                                                                        0x00bec60a
                                                                                                                                                                                                                                                        0x00bec433
                                                                                                                                                                                                                                                        0x00bec433
                                                                                                                                                                                                                                                        0x00bec43a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec45e
                                                                                                                                                                                                                                                        0x00bec45e
                                                                                                                                                                                                                                                        0x00bec460
                                                                                                                                                                                                                                                        0x00bec466
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec466
                                                                                                                                                                                                                                                        0x00bec43a
                                                                                                                                                                                                                                                        0x00bec411
                                                                                                                                                                                                                                                        0x00bec419
                                                                                                                                                                                                                                                        0x00bec41e
                                                                                                                                                                                                                                                        0x00bec421
                                                                                                                                                                                                                                                        0x00bec424
                                                                                                                                                                                                                                                        0x00bec427
                                                                                                                                                                                                                                                        0x00bec42b
                                                                                                                                                                                                                                                        0x00bec613
                                                                                                                                                                                                                                                        0x00bec615
                                                                                                                                                                                                                                                        0x00bec618
                                                                                                                                                                                                                                                        0x00bec61a
                                                                                                                                                                                                                                                        0x00bec61c
                                                                                                                                                                                                                                                        0x00bec620
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec626
                                                                                                                                                                                                                                                        0x00bec431
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec431
                                                                                                                                                                                                                                                        0x00bec39a
                                                                                                                                                                                                                                                        0x00bec38a
                                                                                                                                                                                                                                                        0x00bec37b
                                                                                                                                                                                                                                                        0x00bec6e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec6e8
                                                                                                                                                                                                                                                        0x00bec338
                                                                                                                                                                                                                                                        0x00bec2e6
                                                                                                                                                                                                                                                        0x00bec5a4
                                                                                                                                                                                                                                                        0x00bec5a6
                                                                                                                                                                                                                                                        0x00bec5a8
                                                                                                                                                                                                                                                        0x00bec5ac
                                                                                                                                                                                                                                                        0x00bec5b0
                                                                                                                                                                                                                                                        0x00bec311
                                                                                                                                                                                                                                                        0x00bec315
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec315
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec5b6
                                                                                                                                                                                                                                                        0x00bec2ef
                                                                                                                                                                                                                                                        0x00bec2f2
                                                                                                                                                                                                                                                        0x00bec2f7
                                                                                                                                                                                                                                                        0x00bec2f9
                                                                                                                                                                                                                                                        0x00bec2fe
                                                                                                                                                                                                                                                        0x00bec301
                                                                                                                                                                                                                                                        0x00bec5b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec5b8
                                                                                                                                                                                                                                                        0x00bec30b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec30b
                                                                                                                                                                                                                                                        0x00bec287
                                                                                                                                                                                                                                                        0x00bec588
                                                                                                                                                                                                                                                        0x00bec58c
                                                                                                                                                                                                                                                        0x00bec590
                                                                                                                                                                                                                                                        0x00bec2a6
                                                                                                                                                                                                                                                        0x00bec2aa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec2aa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec596
                                                                                                                                                                                                                                                        0x00bec28d
                                                                                                                                                                                                                                                        0x00bec290
                                                                                                                                                                                                                                                        0x00bec293
                                                                                                                                                                                                                                                        0x00bec29a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec2a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec554
                                                                                                                                                                                                                                                        0x00bec554
                                                                                                                                                                                                                                                        0x00bec565
                                                                                                                                                                                                                                                        0x00bec565

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(?), ref: 00BEC26F
                                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(?), ref: 00BEC2CB
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BEC419
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: EncodePointer$memcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 792094693-0
                                                                                                                                                                                                                                                        • Opcode ID: eb3620068da7d31e6f670259c8d4f8ed267958e7461786a90d5b1e1e42cd923b
                                                                                                                                                                                                                                                        • Instruction ID: 59d1c765e66bcb0e495836672e2805b2eb873eef5eb43acc0b9b6b8f45f3bc18
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eb3620068da7d31e6f670259c8d4f8ed267958e7461786a90d5b1e1e42cd923b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D5F19E705007869FDB28CF2AC485769BBF2FF55314F18869AD81A8B291C770F997CB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                                                                                                                        			E00BCB9F0(void* __ebx, signed int* __ecx, void* __edx, void* __edi, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				signed int _v96;
                                                                                                                                                                                                                                                        				signed int _v100;
                                                                                                                                                                                                                                                        				intOrPtr _v104;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				signed int _t104;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				signed int* _t114;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t119;
                                                                                                                                                                                                                                                        				intOrPtr _t120;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				intOrPtr _t126;
                                                                                                                                                                                                                                                        				intOrPtr* _t129;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				signed int _t139;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        				intOrPtr _t142;
                                                                                                                                                                                                                                                        				signed int _t145;
                                                                                                                                                                                                                                                        				signed int _t148;
                                                                                                                                                                                                                                                        				signed int _t150;
                                                                                                                                                                                                                                                        				signed int _t153;
                                                                                                                                                                                                                                                        				void* _t156;
                                                                                                                                                                                                                                                        				signed int _t157;
                                                                                                                                                                                                                                                        				signed int _t158;
                                                                                                                                                                                                                                                        				void* _t161;
                                                                                                                                                                                                                                                        				intOrPtr _t162;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				void* _t166;
                                                                                                                                                                                                                                                        				intOrPtr* _t167;
                                                                                                                                                                                                                                                        				void* _t169;
                                                                                                                                                                                                                                                        				void* _t176;
                                                                                                                                                                                                                                                        				signed int _t179;
                                                                                                                                                                                                                                                        				void* _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				void* _t183;
                                                                                                                                                                                                                                                        				short _t191;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t155 = __edx;
                                                                                                                                                                                                                                                        				_t177 = _t179;
                                                                                                                                                                                                                                                        				_t180 = _t179 - 0x54;
                                                                                                                                                                                                                                                        				_t89 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t164 = __edx;
                                                                                                                                                                                                                                                        				_t167 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t89 ^ _t179;
                                                                                                                                                                                                                                                        				 *__ecx = 0;
                                                                                                                                                                                                                                                        				__ecx[0xd] = 0xf;
                                                                                                                                                                                                                                                        				__ecx[0xc] = 0;
                                                                                                                                                                                                                                                        				__ecx[8] = 0;
                                                                                                                                                                                                                                                        				__ecx[0x13] = 0xf;
                                                                                                                                                                                                                                                        				__ecx[0x12] = 0;
                                                                                                                                                                                                                                                        				__ecx[0xe] = 0;
                                                                                                                                                                                                                                                        				_t91 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				_v96 = 0;
                                                                                                                                                                                                                                                        				__imp__IsWow64Process(_t91,  &_v96, _t166, __edi, __ebx, _t176);
                                                                                                                                                                                                                                                        				_t136 = 2;
                                                                                                                                                                                                                                                        				if(_t91 != 0) {
                                                                                                                                                                                                                                                        					_t136 = 0 | _v96 != 0x00000000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *(_t167 + 0x58) = _t136;
                                                                                                                                                                                                                                                        				 *(_t167 + 0x6c) = 0;
                                                                                                                                                                                                                                                        				_t15 = _t167 + 0x20; // 0x20
                                                                                                                                                                                                                                                        				_t129 = _t15;
                                                                                                                                                                                                                                                        				 *(_t167 + 0x70) = 0xf;
                                                                                                                                                                                                                                                        				 *((char*)(_t167 + 0x5c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t167 + 4)) =  *((intOrPtr*)(_t164 + 4));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t167 + 8)) =  *((intOrPtr*)(_t164 + 8));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t167 + 0xc)) =  *((intOrPtr*)(_t164 + 0xc));
                                                                                                                                                                                                                                                        				_v24 = 7;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_t97 = E00BC7CE0( &_v68,  &_v44, 0);
                                                                                                                                                                                                                                                        				_t181 = _t180 + 0xc;
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [ebp-0x38]");
                                                                                                                                                                                                                                                        				_v96 = 0;
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ebp-0x40]");
                                                                                                                                                                                                                                                        				asm("movsd [ebp-0x50], xmm1");
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [ebp-0x30]");
                                                                                                                                                                                                                                                        				asm("movsd [ebp-0x58], xmm0");
                                                                                                                                                                                                                                                        				asm("movsd [ebp-0x48], xmm1");
                                                                                                                                                                                                                                                        				E00BBDF30(_t97,  &_v44, _t155);
                                                                                                                                                                                                                                                        				 *(_t167 + 0x10) = 0;
                                                                                                                                                                                                                                                        				_t99 =  *((intOrPtr*)(_t167 + 0x34));
                                                                                                                                                                                                                                                        				if(_t99 >= 0x10) {
                                                                                                                                                                                                                                                        					_t139 =  *_t129;
                                                                                                                                                                                                                                                        					_t156 = _t99 + 1;
                                                                                                                                                                                                                                                        					__eflags = _t156 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t156 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t157 =  *(_t139 - 4);
                                                                                                                                                                                                                                                        						_t141 = _t139 + 0xfffffffc - _t157;
                                                                                                                                                                                                                                                        						_v100 = _t157;
                                                                                                                                                                                                                                                        						__eflags = _t141 - 0x20;
                                                                                                                                                                                                                                                        						if(_t141 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L41;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t139 = _v100;
                                                                                                                                                                                                                                                        							_t156 = _t99 + 0x24;
                                                                                                                                                                                                                                                        							goto L27;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L27:
                                                                                                                                                                                                                                                        						_push(_t156);
                                                                                                                                                                                                                                                        						_push(_t139);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t181 = _t181 + 8;
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t33 = _t167 + 0x38; // 0x38
                                                                                                                                                                                                                                                        					_v100 = _t33;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [eax+0x10]");
                                                                                                                                                                                                                                                        					asm("movsd [ebx+0x10], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        					asm("movsd [ebx+0x8], xmm1");
                                                                                                                                                                                                                                                        					asm("movsd [ebx], xmm0");
                                                                                                                                                                                                                                                        					_t162 =  *((intOrPtr*)(_t167 + 8));
                                                                                                                                                                                                                                                        					_push( *((intOrPtr*)(_t167 + 0xc)));
                                                                                                                                                                                                                                                        					L42();
                                                                                                                                                                                                                                                        					_t182 = _t181 + 4;
                                                                                                                                                                                                                                                        					 *_t167 =  &_v92;
                                                                                                                                                                                                                                                        					 *(_t167 + 0x18) =  *(_t164 + 0x114) & 0x0000ffff;
                                                                                                                                                                                                                                                        					 *(_t167 + 0x1c) =  *(_t164 + 0x116) & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t113 = _t164 + 0x14;
                                                                                                                                                                                                                                                        					if( *((short*)(_t164 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t153 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t191 =  *((short*)(_t164 + 0x16 + _t153 * 2));
                                                                                                                                                                                                                                                        							_t153 = _t153 + 1;
                                                                                                                                                                                                                                                        						} while (_t191 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t114 =  &_v96;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t114, _t113, 0);
                                                                                                                                                                                                                                                        					_t183 = _t182 + 0xc;
                                                                                                                                                                                                                                                        					_t145 = _v100;
                                                                                                                                                                                                                                                        					if(_t114 == _t145) {
                                                                                                                                                                                                                                                        						_t116 = _v76;
                                                                                                                                                                                                                                                        						__eflags = _t116 - 0x10;
                                                                                                                                                                                                                                                        						if(_t116 < 0x10) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t148 = _v96;
                                                                                                                                                                                                                                                        							_t132 = _t116 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t132 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t132 >= 0x1000) {
                                                                                                                                                                                                                                                        								_t157 =  *(_t148 - 4);
                                                                                                                                                                                                                                                        								_t141 = _t148 + 0xfffffffc - _t157;
                                                                                                                                                                                                                                                        								__eflags = _t141 - 0x20;
                                                                                                                                                                                                                                                        								if(_t141 >= 0x20) {
                                                                                                                                                                                                                                                        									goto L41;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t148 = _t157;
                                                                                                                                                                                                                                                        									_t132 = _t116 + 0x24;
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L19:
                                                                                                                                                                                                                                                        								_push(_t132);
                                                                                                                                                                                                                                                        								_push(_t148);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t183 = _t183 + 8;
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t126 =  *((intOrPtr*)(_t167 + 0x4c));
                                                                                                                                                                                                                                                        						if(_t126 >= 0x10) {
                                                                                                                                                                                                                                                        							_t150 =  *_t145;
                                                                                                                                                                                                                                                        							_t133 = _t126 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t133 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t133 >= 0x1000) {
                                                                                                                                                                                                                                                        								_t157 =  *(_t150 - 4);
                                                                                                                                                                                                                                                        								_t141 = _t150 + 0xfffffffc - _t157;
                                                                                                                                                                                                                                                        								__eflags = _t141 - 0x20;
                                                                                                                                                                                                                                                        								if(_t141 >= 0x20) {
                                                                                                                                                                                                                                                        									L41:
                                                                                                                                                                                                                                                        									__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t167);
                                                                                                                                                                                                                                                        									__eflags = _t141 - 0xa;
                                                                                                                                                                                                                                                        									if(_t141 != 0xa) {
                                                                                                                                                                                                                                                        										_t100 = 0xf;
                                                                                                                                                                                                                                                        										__eflags = _t141 - 6;
                                                                                                                                                                                                                                                        										if(__eflags <= 0) {
                                                                                                                                                                                                                                                        											if(__eflags != 0) {
                                                                                                                                                                                                                                                        												__eflags = _t157 - 1;
                                                                                                                                                                                                                                                        												_t169 = 2 - (0 | _t157 == 0x00000001);
                                                                                                                                                                                                                                                        												__eflags = _t157;
                                                                                                                                                                                                                                                        												_t170 =  ==  ? _t157 : _t169;
                                                                                                                                                                                                                                                        												__eflags = _t141 - 5;
                                                                                                                                                                                                                                                        												_t104 =  ==  ?  ==  ? _t157 : _t169 : 0;
                                                                                                                                                                                                                                                        												__eflags = _t104;
                                                                                                                                                                                                                                                        												return _t104;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t100 = 6;
                                                                                                                                                                                                                                                        												__eflags = _t157 - 3;
                                                                                                                                                                                                                                                        												if(_t157 >= 3) {
                                                                                                                                                                                                                                                        													goto L50;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t158 = _t157 + 3;
                                                                                                                                                                                                                                                        													__eflags = _t158;
                                                                                                                                                                                                                                                        													return _t158;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L50;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t142 = _v104;
                                                                                                                                                                                                                                                        										_t100 = 0xe;
                                                                                                                                                                                                                                                        										__eflags = _t142 - 0x47b9;
                                                                                                                                                                                                                                                        										if(_t142 > 0x47b9) {
                                                                                                                                                                                                                                                        											L50:
                                                                                                                                                                                                                                                        											return _t100;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t100 = 0xd;
                                                                                                                                                                                                                                                        											__eflags = _t142 - 0x4562;
                                                                                                                                                                                                                                                        											if(_t142 > 0x4562) {
                                                                                                                                                                                                                                                        												goto L50;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t100 = 0xc;
                                                                                                                                                                                                                                                        												__eflags = _t142 - 0x42ed;
                                                                                                                                                                                                                                                        												if(_t142 > 0x42ed) {
                                                                                                                                                                                                                                                        													goto L50;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t100 = 0xb;
                                                                                                                                                                                                                                                        													__eflags = _t142 - 0x3faa;
                                                                                                                                                                                                                                                        													if(_t142 > 0x3faa) {
                                                                                                                                                                                                                                                        														goto L50;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t100 = 0xa;
                                                                                                                                                                                                                                                        														__eflags = _t142 - 0x3ad6;
                                                                                                                                                                                                                                                        														if(_t142 > 0x3ad6) {
                                                                                                                                                                                                                                                        															goto L50;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															__eflags = _t142 - 0x2959;
                                                                                                                                                                                                                                                        															_t161 = (0 | _t142 - 0x00002959 > 0x00000000) + 7;
                                                                                                                                                                                                                                                        															__eflags = _t142 - 0x3838;
                                                                                                                                                                                                                                                        															_t107 =  <=  ? _t161 : 9;
                                                                                                                                                                                                                                                        															__eflags = 9;
                                                                                                                                                                                                                                                        															return  <=  ? _t161 : 9;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t150 = _t157;
                                                                                                                                                                                                                                                        									_t133 = _t126 + 0x24;
                                                                                                                                                                                                                                                        									goto L33;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L33:
                                                                                                                                                                                                                                                        								_push(_t133);
                                                                                                                                                                                                                                                        								_push(_t150);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t183 = _t183 + 8;
                                                                                                                                                                                                                                                        								goto L10;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L10:
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x4c]");
                                                                                                                                                                                                                                                        							asm("movsd [ecx+0x10], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x5c]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x54]");
                                                                                                                                                                                                                                                        							asm("movsd [ecx+0x8], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [ecx], xmm0");
                                                                                                                                                                                                                                                        							_v80 = 0;
                                                                                                                                                                                                                                                        							_v76 = 0xf;
                                                                                                                                                                                                                                                        							_v96 = 0;
                                                                                                                                                                                                                                                        							L11:
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t167 + 0x50)) =  *0xbfb4c8;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t167 + 0x54)) =  *0xbfb4d0;
                                                                                                                                                                                                                                                        							_t119 =  *((intOrPtr*)(_t164 + 4));
                                                                                                                                                                                                                                                        							if(_t119 == 5) {
                                                                                                                                                                                                                                                        								_t120 =  *((intOrPtr*)(_t164 + 8));
                                                                                                                                                                                                                                                        								__eflags = _t120 - 1;
                                                                                                                                                                                                                                                        								if(_t120 == 1) {
                                                                                                                                                                                                                                                        									__eflags =  *(_t164 + 0x119) & 0x00000002;
                                                                                                                                                                                                                                                        									if(( *(_t164 + 0x119) & 0x00000002) != 0) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L29;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__eflags = _t120 - 2;
                                                                                                                                                                                                                                                        									if(_t120 != 2) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t164 + 0x11a)) - 1;
                                                                                                                                                                                                                                                        										if( *((char*)(_t164 + 0x11a)) != 1) {
                                                                                                                                                                                                                                                        											L24:
                                                                                                                                                                                                                                                        											__eflags =  *((short*)(_t164 + 0x118));
                                                                                                                                                                                                                                                        											if( *((short*)(_t164 + 0x118)) < 0) {
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L25;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											__eflags =  *0xbfb4b4 - 9;
                                                                                                                                                                                                                                                        											if( *0xbfb4b4 == 9) {
                                                                                                                                                                                                                                                        												goto L29;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L24;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_t119 == 0xa || _t119 == 6) {
                                                                                                                                                                                                                                                        									_t124 = _a4 - 1;
                                                                                                                                                                                                                                                        									if(_t124 > 0x81) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										switch( *((intOrPtr*)(_t124 * 4 +  &M00BF0FE8))) {
                                                                                                                                                                                                                                                        											case 0:
                                                                                                                                                                                                                                                        												L29:
                                                                                                                                                                                                                                                        												 *(_t167 + 0x14) = 1;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											case 1:
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											case 2:
                                                                                                                                                                                                                                                        												 *(_t167 + 0x14) = 3;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											case 3:
                                                                                                                                                                                                                                                        												L25:
                                                                                                                                                                                                                                                        												 *(_t167 + 0x14) = 2;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											case 4:
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(__esi + 0x14)) = 4;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L30:
                                                                                                                                                                                                                                                        									 *(_t167 + 0x14) = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L31:
                                                                                                                                                                                                                                                        							E00BEECB0(_v20 ^ _t177, _t162);
                                                                                                                                                                                                                                                        							return _t167;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






















































                                                                                                                                                                                                                                                        0x00bcb9f0
                                                                                                                                                                                                                                                        0x00bcb9f1
                                                                                                                                                                                                                                                        0x00bcb9f6
                                                                                                                                                                                                                                                        0x00bcb9f9
                                                                                                                                                                                                                                                        0x00bcb9fe
                                                                                                                                                                                                                                                        0x00bcba00
                                                                                                                                                                                                                                                        0x00bcba04
                                                                                                                                                                                                                                                        0x00bcba07
                                                                                                                                                                                                                                                        0x00bcba0d
                                                                                                                                                                                                                                                        0x00bcba14
                                                                                                                                                                                                                                                        0x00bcba1b
                                                                                                                                                                                                                                                        0x00bcba1f
                                                                                                                                                                                                                                                        0x00bcba26
                                                                                                                                                                                                                                                        0x00bcba2d
                                                                                                                                                                                                                                                        0x00bcba31
                                                                                                                                                                                                                                                        0x00bcba3a
                                                                                                                                                                                                                                                        0x00bcba43
                                                                                                                                                                                                                                                        0x00bcba49
                                                                                                                                                                                                                                                        0x00bcba50
                                                                                                                                                                                                                                                        0x00bcba58
                                                                                                                                                                                                                                                        0x00bcba58
                                                                                                                                                                                                                                                        0x00bcba60
                                                                                                                                                                                                                                                        0x00bcba63
                                                                                                                                                                                                                                                        0x00bcba6a
                                                                                                                                                                                                                                                        0x00bcba6a
                                                                                                                                                                                                                                                        0x00bcba70
                                                                                                                                                                                                                                                        0x00bcba73
                                                                                                                                                                                                                                                        0x00bcba7a
                                                                                                                                                                                                                                                        0x00bcba80
                                                                                                                                                                                                                                                        0x00bcba86
                                                                                                                                                                                                                                                        0x00bcba8c
                                                                                                                                                                                                                                                        0x00bcba93
                                                                                                                                                                                                                                                        0x00bcba9a
                                                                                                                                                                                                                                                        0x00bcbaa4
                                                                                                                                                                                                                                                        0x00bcbaa9
                                                                                                                                                                                                                                                        0x00bcbaac
                                                                                                                                                                                                                                                        0x00bcbab1
                                                                                                                                                                                                                                                        0x00bcbab8
                                                                                                                                                                                                                                                        0x00bcbac0
                                                                                                                                                                                                                                                        0x00bcbac5
                                                                                                                                                                                                                                                        0x00bcbaca
                                                                                                                                                                                                                                                        0x00bcbacf
                                                                                                                                                                                                                                                        0x00bcbad4
                                                                                                                                                                                                                                                        0x00bcbad9
                                                                                                                                                                                                                                                        0x00bcbae0
                                                                                                                                                                                                                                                        0x00bcbae6
                                                                                                                                                                                                                                                        0x00bcbc56
                                                                                                                                                                                                                                                        0x00bcbc58
                                                                                                                                                                                                                                                        0x00bcbc5b
                                                                                                                                                                                                                                                        0x00bcbc61
                                                                                                                                                                                                                                                        0x00bcbce0
                                                                                                                                                                                                                                                        0x00bcbce6
                                                                                                                                                                                                                                                        0x00bcbce8
                                                                                                                                                                                                                                                        0x00bcbceb
                                                                                                                                                                                                                                                        0x00bcbcee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcf0
                                                                                                                                                                                                                                                        0x00bcbcf0
                                                                                                                                                                                                                                                        0x00bcbcf6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcf6
                                                                                                                                                                                                                                                        0x00bcbc63
                                                                                                                                                                                                                                                        0x00bcbc63
                                                                                                                                                                                                                                                        0x00bcbc63
                                                                                                                                                                                                                                                        0x00bcbc64
                                                                                                                                                                                                                                                        0x00bcbc65
                                                                                                                                                                                                                                                        0x00bcbc6a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc6a
                                                                                                                                                                                                                                                        0x00bcbaec
                                                                                                                                                                                                                                                        0x00bcbaec
                                                                                                                                                                                                                                                        0x00bcbaec
                                                                                                                                                                                                                                                        0x00bcbaef
                                                                                                                                                                                                                                                        0x00bcbaf5
                                                                                                                                                                                                                                                        0x00bcbafa
                                                                                                                                                                                                                                                        0x00bcbaff
                                                                                                                                                                                                                                                        0x00bcbb03
                                                                                                                                                                                                                                                        0x00bcbb08
                                                                                                                                                                                                                                                        0x00bcbb0d
                                                                                                                                                                                                                                                        0x00bcbb14
                                                                                                                                                                                                                                                        0x00bcbb17
                                                                                                                                                                                                                                                        0x00bcbb1a
                                                                                                                                                                                                                                                        0x00bcbb1f
                                                                                                                                                                                                                                                        0x00bcbb22
                                                                                                                                                                                                                                                        0x00bcbb2b
                                                                                                                                                                                                                                                        0x00bcbb35
                                                                                                                                                                                                                                                        0x00bcbb38
                                                                                                                                                                                                                                                        0x00bcbb40
                                                                                                                                                                                                                                                        0x00bcbb5d
                                                                                                                                                                                                                                                        0x00bcbb42
                                                                                                                                                                                                                                                        0x00bcbb42
                                                                                                                                                                                                                                                        0x00bcbb44
                                                                                                                                                                                                                                                        0x00bcbb50
                                                                                                                                                                                                                                                        0x00bcbb50
                                                                                                                                                                                                                                                        0x00bcbb56
                                                                                                                                                                                                                                                        0x00bcbb56
                                                                                                                                                                                                                                                        0x00bcbb5b
                                                                                                                                                                                                                                                        0x00bcbb61
                                                                                                                                                                                                                                                        0x00bcbb67
                                                                                                                                                                                                                                                        0x00bcbb6c
                                                                                                                                                                                                                                                        0x00bcbb6f
                                                                                                                                                                                                                                                        0x00bcbb74
                                                                                                                                                                                                                                                        0x00bcbbfd
                                                                                                                                                                                                                                                        0x00bcbc00
                                                                                                                                                                                                                                                        0x00bcbc03
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc05
                                                                                                                                                                                                                                                        0x00bcbc05
                                                                                                                                                                                                                                                        0x00bcbc08
                                                                                                                                                                                                                                                        0x00bcbc0b
                                                                                                                                                                                                                                                        0x00bcbc11
                                                                                                                                                                                                                                                        0x00bcbcc7
                                                                                                                                                                                                                                                        0x00bcbccd
                                                                                                                                                                                                                                                        0x00bcbccf
                                                                                                                                                                                                                                                        0x00bcbcd2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcd4
                                                                                                                                                                                                                                                        0x00bcbcd7
                                                                                                                                                                                                                                                        0x00bcbcd9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcd9
                                                                                                                                                                                                                                                        0x00bcbc17
                                                                                                                                                                                                                                                        0x00bcbc17
                                                                                                                                                                                                                                                        0x00bcbc17
                                                                                                                                                                                                                                                        0x00bcbc18
                                                                                                                                                                                                                                                        0x00bcbc19
                                                                                                                                                                                                                                                        0x00bcbc1e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc1e
                                                                                                                                                                                                                                                        0x00bcbc11
                                                                                                                                                                                                                                                        0x00bcbb7a
                                                                                                                                                                                                                                                        0x00bcbb7a
                                                                                                                                                                                                                                                        0x00bcbb80
                                                                                                                                                                                                                                                        0x00bcbc9f
                                                                                                                                                                                                                                                        0x00bcbca1
                                                                                                                                                                                                                                                        0x00bcbca4
                                                                                                                                                                                                                                                        0x00bcbcaa
                                                                                                                                                                                                                                                        0x00bcbcfd
                                                                                                                                                                                                                                                        0x00bcbd03
                                                                                                                                                                                                                                                        0x00bcbd05
                                                                                                                                                                                                                                                        0x00bcbd08
                                                                                                                                                                                                                                                        0x00bcbd13
                                                                                                                                                                                                                                                        0x00bcbd13
                                                                                                                                                                                                                                                        0x00bcbd19
                                                                                                                                                                                                                                                        0x00bcbd1a
                                                                                                                                                                                                                                                        0x00bcbd1b
                                                                                                                                                                                                                                                        0x00bcbd1c
                                                                                                                                                                                                                                                        0x00bcbd1d
                                                                                                                                                                                                                                                        0x00bcbd1e
                                                                                                                                                                                                                                                        0x00bcbd1f
                                                                                                                                                                                                                                                        0x00bcbd20
                                                                                                                                                                                                                                                        0x00bcbd21
                                                                                                                                                                                                                                                        0x00bcbd24
                                                                                                                                                                                                                                                        0x00bcbd89
                                                                                                                                                                                                                                                        0x00bcbd8e
                                                                                                                                                                                                                                                        0x00bcbd91
                                                                                                                                                                                                                                                        0x00bcbd95
                                                                                                                                                                                                                                                        0x00bcbdaa
                                                                                                                                                                                                                                                        0x00bcbdb5
                                                                                                                                                                                                                                                        0x00bcbdb7
                                                                                                                                                                                                                                                        0x00bcbdb9
                                                                                                                                                                                                                                                        0x00bcbdbe
                                                                                                                                                                                                                                                        0x00bcbdc1
                                                                                                                                                                                                                                                        0x00bcbdc1
                                                                                                                                                                                                                                                        0x00bcbdc5
                                                                                                                                                                                                                                                        0x00bcbd97
                                                                                                                                                                                                                                                        0x00bcbd97
                                                                                                                                                                                                                                                        0x00bcbd9c
                                                                                                                                                                                                                                                        0x00bcbd9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbda1
                                                                                                                                                                                                                                                        0x00bcbda1
                                                                                                                                                                                                                                                        0x00bcbda1
                                                                                                                                                                                                                                                        0x00bcbda7
                                                                                                                                                                                                                                                        0x00bcbda7
                                                                                                                                                                                                                                                        0x00bcbd9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd26
                                                                                                                                                                                                                                                        0x00bcbd26
                                                                                                                                                                                                                                                        0x00bcbd2a
                                                                                                                                                                                                                                                        0x00bcbd2f
                                                                                                                                                                                                                                                        0x00bcbd35
                                                                                                                                                                                                                                                        0x00bcbd93
                                                                                                                                                                                                                                                        0x00bcbd94
                                                                                                                                                                                                                                                        0x00bcbd37
                                                                                                                                                                                                                                                        0x00bcbd37
                                                                                                                                                                                                                                                        0x00bcbd3c
                                                                                                                                                                                                                                                        0x00bcbd42
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd44
                                                                                                                                                                                                                                                        0x00bcbd44
                                                                                                                                                                                                                                                        0x00bcbd49
                                                                                                                                                                                                                                                        0x00bcbd4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd51
                                                                                                                                                                                                                                                        0x00bcbd51
                                                                                                                                                                                                                                                        0x00bcbd56
                                                                                                                                                                                                                                                        0x00bcbd5c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd5e
                                                                                                                                                                                                                                                        0x00bcbd5e
                                                                                                                                                                                                                                                        0x00bcbd63
                                                                                                                                                                                                                                                        0x00bcbd69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd6b
                                                                                                                                                                                                                                                        0x00bcbd6d
                                                                                                                                                                                                                                                        0x00bcbd7b
                                                                                                                                                                                                                                                        0x00bcbd7e
                                                                                                                                                                                                                                                        0x00bcbd84
                                                                                                                                                                                                                                                        0x00bcbd84
                                                                                                                                                                                                                                                        0x00bcbd88
                                                                                                                                                                                                                                                        0x00bcbd88
                                                                                                                                                                                                                                                        0x00bcbd69
                                                                                                                                                                                                                                                        0x00bcbd5c
                                                                                                                                                                                                                                                        0x00bcbd4f
                                                                                                                                                                                                                                                        0x00bcbd42
                                                                                                                                                                                                                                                        0x00bcbd35
                                                                                                                                                                                                                                                        0x00bcbd0a
                                                                                                                                                                                                                                                        0x00bcbd0d
                                                                                                                                                                                                                                                        0x00bcbd0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd0f
                                                                                                                                                                                                                                                        0x00bcbcac
                                                                                                                                                                                                                                                        0x00bcbcac
                                                                                                                                                                                                                                                        0x00bcbcac
                                                                                                                                                                                                                                                        0x00bcbcad
                                                                                                                                                                                                                                                        0x00bcbcae
                                                                                                                                                                                                                                                        0x00bcbcb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcb6
                                                                                                                                                                                                                                                        0x00bcbb86
                                                                                                                                                                                                                                                        0x00bcbb86
                                                                                                                                                                                                                                                        0x00bcbb86
                                                                                                                                                                                                                                                        0x00bcbb8b
                                                                                                                                                                                                                                                        0x00bcbb90
                                                                                                                                                                                                                                                        0x00bcbb95
                                                                                                                                                                                                                                                        0x00bcbb9a
                                                                                                                                                                                                                                                        0x00bcbb9f
                                                                                                                                                                                                                                                        0x00bcbba3
                                                                                                                                                                                                                                                        0x00bcbbaa
                                                                                                                                                                                                                                                        0x00bcbbb1
                                                                                                                                                                                                                                                        0x00bcbbb5
                                                                                                                                                                                                                                                        0x00bcbbba
                                                                                                                                                                                                                                                        0x00bcbbc2
                                                                                                                                                                                                                                                        0x00bcbbc5
                                                                                                                                                                                                                                                        0x00bcbbcb
                                                                                                                                                                                                                                                        0x00bcbc23
                                                                                                                                                                                                                                                        0x00bcbc26
                                                                                                                                                                                                                                                        0x00bcbc29
                                                                                                                                                                                                                                                        0x00bcbc72
                                                                                                                                                                                                                                                        0x00bcbc79
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc2b
                                                                                                                                                                                                                                                        0x00bcbc2b
                                                                                                                                                                                                                                                        0x00bcbc2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc30
                                                                                                                                                                                                                                                        0x00bcbc30
                                                                                                                                                                                                                                                        0x00bcbc37
                                                                                                                                                                                                                                                        0x00bcbc43
                                                                                                                                                                                                                                                        0x00bcbc43
                                                                                                                                                                                                                                                        0x00bcbc4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc39
                                                                                                                                                                                                                                                        0x00bcbc39
                                                                                                                                                                                                                                                        0x00bcbc41
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc41
                                                                                                                                                                                                                                                        0x00bcbc37
                                                                                                                                                                                                                                                        0x00bcbc2e
                                                                                                                                                                                                                                                        0x00bcbbcd
                                                                                                                                                                                                                                                        0x00bcbbd0
                                                                                                                                                                                                                                                        0x00bcbbde
                                                                                                                                                                                                                                                        0x00bcbbe4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbbea
                                                                                                                                                                                                                                                        0x00bcbbea
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc7b
                                                                                                                                                                                                                                                        0x00bcbc7b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbbf1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc4d
                                                                                                                                                                                                                                                        0x00bcbc4d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbbea
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbbd0
                                                                                                                                                                                                                                                        0x00bcbc8b
                                                                                                                                                                                                                                                        0x00bcbc90
                                                                                                                                                                                                                                                        0x00bcbc9e
                                                                                                                                                                                                                                                        0x00bcbc9e
                                                                                                                                                                                                                                                        0x00bcbb80
                                                                                                                                                                                                                                                        0x00bcbb74

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BCBA31
                                                                                                                                                                                                                                                        • IsWow64Process.KERNEL32(00000000,?), ref: 00BCBA43
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCBC19
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCBC65
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCBCAE
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BCBD13
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$Process$CurrentWow64_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2416501996-0
                                                                                                                                                                                                                                                        • Opcode ID: 95df797b0ca72035cb7dc4bf02be566790a78d5de1561751111f17a7e69545f1
                                                                                                                                                                                                                                                        • Instruction ID: edfe83811c439464690d1e29e2e258a7629148e6bd0cf4a859919287a44b026c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 95df797b0ca72035cb7dc4bf02be566790a78d5de1561751111f17a7e69545f1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A91B070900B489FDB24CF64C485FAEB7F1FF05304F10869DD4469B281DB75A985CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 53%
                                                                                                                                                                                                                                                        			E00BC7DB0(void* __eax, void* __ecx, signed int _a4) {
                                                                                                                                                                                                                                                        				void* _v0;
                                                                                                                                                                                                                                                        				signed int _v4;
                                                                                                                                                                                                                                                        				signed int _v8;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				int _v16;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				void* _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				signed int _v64;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _v112;
                                                                                                                                                                                                                                                        				void* _v128;
                                                                                                                                                                                                                                                        				signed int _v136;
                                                                                                                                                                                                                                                        				signed int _v140;
                                                                                                                                                                                                                                                        				intOrPtr _v144;
                                                                                                                                                                                                                                                        				void* _v148;
                                                                                                                                                                                                                                                        				char _v152;
                                                                                                                                                                                                                                                        				void* _v156;
                                                                                                                                                                                                                                                        				int _v160;
                                                                                                                                                                                                                                                        				signed int _v184;
                                                                                                                                                                                                                                                        				int _v192;
                                                                                                                                                                                                                                                        				int _v196;
                                                                                                                                                                                                                                                        				char _v200;
                                                                                                                                                                                                                                                        				unsigned int __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				intOrPtr _t301;
                                                                                                                                                                                                                                                        				intOrPtr _t305;
                                                                                                                                                                                                                                                        				signed int _t306;
                                                                                                                                                                                                                                                        				signed int _t308;
                                                                                                                                                                                                                                                        				signed int _t313;
                                                                                                                                                                                                                                                        				signed int _t315;
                                                                                                                                                                                                                                                        				int _t320;
                                                                                                                                                                                                                                                        				void* _t326;
                                                                                                                                                                                                                                                        				void* _t328;
                                                                                                                                                                                                                                                        				signed int _t332;
                                                                                                                                                                                                                                                        				signed int _t339;
                                                                                                                                                                                                                                                        				void* _t342;
                                                                                                                                                                                                                                                        				void* _t349;
                                                                                                                                                                                                                                                        				void* _t354;
                                                                                                                                                                                                                                                        				void _t359;
                                                                                                                                                                                                                                                        				void* _t360;
                                                                                                                                                                                                                                                        				signed int _t362;
                                                                                                                                                                                                                                                        				void* _t364;
                                                                                                                                                                                                                                                        				void* _t386;
                                                                                                                                                                                                                                                        				void* _t400;
                                                                                                                                                                                                                                                        				signed int _t401;
                                                                                                                                                                                                                                                        				void* _t405;
                                                                                                                                                                                                                                                        				void _t407;
                                                                                                                                                                                                                                                        				void _t413;
                                                                                                                                                                                                                                                        				void* _t418;
                                                                                                                                                                                                                                                        				unsigned int _t419;
                                                                                                                                                                                                                                                        				unsigned int _t420;
                                                                                                                                                                                                                                                        				intOrPtr _t421;
                                                                                                                                                                                                                                                        				void _t422;
                                                                                                                                                                                                                                                        				void* _t424;
                                                                                                                                                                                                                                                        				void* _t426;
                                                                                                                                                                                                                                                        				int _t429;
                                                                                                                                                                                                                                                        				intOrPtr _t430;
                                                                                                                                                                                                                                                        				void* _t431;
                                                                                                                                                                                                                                                        				void* _t433;
                                                                                                                                                                                                                                                        				void* _t438;
                                                                                                                                                                                                                                                        				void* _t440;
                                                                                                                                                                                                                                                        				unsigned int _t442;
                                                                                                                                                                                                                                                        				void* _t443;
                                                                                                                                                                                                                                                        				void* _t446;
                                                                                                                                                                                                                                                        				void* _t448;
                                                                                                                                                                                                                                                        				void* _t451;
                                                                                                                                                                                                                                                        				void* _t452;
                                                                                                                                                                                                                                                        				signed int _t453;
                                                                                                                                                                                                                                                        				intOrPtr _t455;
                                                                                                                                                                                                                                                        				int _t466;
                                                                                                                                                                                                                                                        				signed int _t471;
                                                                                                                                                                                                                                                        				void* _t472;
                                                                                                                                                                                                                                                        				void* _t475;
                                                                                                                                                                                                                                                        				void* _t477;
                                                                                                                                                                                                                                                        				void* _t488;
                                                                                                                                                                                                                                                        				signed int _t489;
                                                                                                                                                                                                                                                        				void* _t500;
                                                                                                                                                                                                                                                        				void* _t509;
                                                                                                                                                                                                                                                        				intOrPtr _t520;
                                                                                                                                                                                                                                                        				signed int _t521;
                                                                                                                                                                                                                                                        				signed int _t523;
                                                                                                                                                                                                                                                        				int _t526;
                                                                                                                                                                                                                                                        				signed int _t529;
                                                                                                                                                                                                                                                        				void* _t530;
                                                                                                                                                                                                                                                        				unsigned int _t533;
                                                                                                                                                                                                                                                        				void _t536;
                                                                                                                                                                                                                                                        				void* _t539;
                                                                                                                                                                                                                                                        				void* _t543;
                                                                                                                                                                                                                                                        				void* _t550;
                                                                                                                                                                                                                                                        				unsigned int _t551;
                                                                                                                                                                                                                                                        				void _t554;
                                                                                                                                                                                                                                                        				void* _t555;
                                                                                                                                                                                                                                                        				void* _t558;
                                                                                                                                                                                                                                                        				void* _t561;
                                                                                                                                                                                                                                                        				signed int _t562;
                                                                                                                                                                                                                                                        				void* _t564;
                                                                                                                                                                                                                                                        				intOrPtr _t565;
                                                                                                                                                                                                                                                        				unsigned int _t567;
                                                                                                                                                                                                                                                        				int _t568;
                                                                                                                                                                                                                                                        				int _t574;
                                                                                                                                                                                                                                                        				int _t575;
                                                                                                                                                                                                                                                        				void* _t578;
                                                                                                                                                                                                                                                        				signed int _t580;
                                                                                                                                                                                                                                                        				unsigned int _t581;
                                                                                                                                                                                                                                                        				void* _t582;
                                                                                                                                                                                                                                                        				void _t583;
                                                                                                                                                                                                                                                        				void* _t585;
                                                                                                                                                                                                                                                        				void* _t586;
                                                                                                                                                                                                                                                        				void* _t587;
                                                                                                                                                                                                                                                        				signed int _t588;
                                                                                                                                                                                                                                                        				void* _t593;
                                                                                                                                                                                                                                                        				void* _t594;
                                                                                                                                                                                                                                                        				void* _t597;
                                                                                                                                                                                                                                                        				void* _t599;
                                                                                                                                                                                                                                                        				void* _t600;
                                                                                                                                                                                                                                                        				signed int _t602;
                                                                                                                                                                                                                                                        				void* _t605;
                                                                                                                                                                                                                                                        				void _t607;
                                                                                                                                                                                                                                                        				void* _t610;
                                                                                                                                                                                                                                                        				signed int _t611;
                                                                                                                                                                                                                                                        				void* _t612;
                                                                                                                                                                                                                                                        				void _t616;
                                                                                                                                                                                                                                                        				void* _t617;
                                                                                                                                                                                                                                                        				unsigned int _t619;
                                                                                                                                                                                                                                                        				void* _t620;
                                                                                                                                                                                                                                                        				void* _t621;
                                                                                                                                                                                                                                                        				void* _t623;
                                                                                                                                                                                                                                                        				int _t624;
                                                                                                                                                                                                                                                        				signed int _t625;
                                                                                                                                                                                                                                                        				signed int _t626;
                                                                                                                                                                                                                                                        				signed int _t628;
                                                                                                                                                                                                                                                        				void* _t633;
                                                                                                                                                                                                                                                        				void* _t635;
                                                                                                                                                                                                                                                        				signed int _t637;
                                                                                                                                                                                                                                                        				void* _t638;
                                                                                                                                                                                                                                                        				signed int _t639;
                                                                                                                                                                                                                                                        				void* _t640;
                                                                                                                                                                                                                                                        				signed int _t641;
                                                                                                                                                                                                                                                        				void* _t647;
                                                                                                                                                                                                                                                        				signed int _t649;
                                                                                                                                                                                                                                                        				void* _t651;
                                                                                                                                                                                                                                                        				signed int _t652;
                                                                                                                                                                                                                                                        				void* _t653;
                                                                                                                                                                                                                                                        				signed int _t654;
                                                                                                                                                                                                                                                        				void* _t655;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t451 = __ecx;
                                                                                                                                                                                                                                                        				_t633 = _t647;
                                                                                                                                                                                                                                                        				_push(__eax);
                                                                                                                                                                                                                                                        				_t301 =  *((intOrPtr*)(__ecx + 0x14));
                                                                                                                                                                                                                                                        				if(_t301 < 8) {
                                                                                                                                                                                                                                                        					L81:
                                                                                                                                                                                                                                                        					return _t301;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					__esi = __ecx;
                                                                                                                                                                                                                                                        					__ecx =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        					__eflags = __ecx - 7;
                                                                                                                                                                                                                                                        					if(__ecx > 7) {
                                                                                                                                                                                                                                                        						__ecx = __ecx | 0x00000007;
                                                                                                                                                                                                                                                        						__ebx = 0x7ffffffe;
                                                                                                                                                                                                                                                        						__eflags = __ecx - 0x7ffffffe;
                                                                                                                                                                                                                                                        						__ebx =  <  ? __ecx : 0x7ffffffe;
                                                                                                                                                                                                                                                        						__eflags = 0x7ffffffe - __eax;
                                                                                                                                                                                                                                                        						if(0x7ffffffe < __eax) {
                                                                                                                                                                                                                                                        							_t232 = __ebx + 1; // 0x7fffffff
                                                                                                                                                                                                                                                        							__eax = _t232;
                                                                                                                                                                                                                                                        							__ecx = __esi;
                                                                                                                                                                                                                                                        							__edi = E00BBA8A0(_t232);
                                                                                                                                                                                                                                                        							 *(__esi + 0x10) =  *(__esi + 0x10) +  *(__esi + 0x10) + 2;
                                                                                                                                                                                                                                                        							__eax = memcpy(__edi,  *__esi,  *(__esi + 0x10) +  *(__esi + 0x10) + 2);
                                                                                                                                                                                                                                                        							__eax =  *(__esi + 0x14);
                                                                                                                                                                                                                                                        							__ecx =  *__esi;
                                                                                                                                                                                                                                                        							_t238 = __eax + 2; // 0xa
                                                                                                                                                                                                                                                        							__edx = __eax + _t238;
                                                                                                                                                                                                                                                        							__eflags = __edx - 0x1000;
                                                                                                                                                                                                                                                        							if(__edx < 0x1000) {
                                                                                                                                                                                                                                                        								L85:
                                                                                                                                                                                                                                                        								_push(__edx);
                                                                                                                                                                                                                                                        								_push(__ecx);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								__esp = __esp + 8;
                                                                                                                                                                                                                                                        								 *__esi = __edi;
                                                                                                                                                                                                                                                        								 *(__esi + 0x14) = __ebx;
                                                                                                                                                                                                                                                        								goto L81;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__edx =  *(__ecx - 4);
                                                                                                                                                                                                                                                        								__ecx = __ecx + 0xfffffffc;
                                                                                                                                                                                                                                                        								__ecx = __ecx - __edx;
                                                                                                                                                                                                                                                        								_v20 = __edx;
                                                                                                                                                                                                                                                        								__eflags = __ecx - 0x20;
                                                                                                                                                                                                                                                        								if(__ecx >= 0x20) {
                                                                                                                                                                                                                                                        									__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(__ebp);
                                                                                                                                                                                                                                                        									__ebp = __esp;
                                                                                                                                                                                                                                                        									_push(__ebx);
                                                                                                                                                                                                                                                        									_push(__edi);
                                                                                                                                                                                                                                                        									_push(__esi);
                                                                                                                                                                                                                                                        									__esp = __esp - 0x1c;
                                                                                                                                                                                                                                                        									__eax =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        									__ebx = _v16;
                                                                                                                                                                                                                                                        									__esi = __edx;
                                                                                                                                                                                                                                                        									__edx = _v12;
                                                                                                                                                                                                                                                        									__edi = __ecx;
                                                                                                                                                                                                                                                        									__ecx =  &_v64;
                                                                                                                                                                                                                                                        									_v40 = __eax;
                                                                                                                                                                                                                                                        									_v8 = E00BC7D10( &_v64, _v12, _v8);
                                                                                                                                                                                                                                                        									__ebx = _v16 - __esi;
                                                                                                                                                                                                                                                        									__eflags =  *((intOrPtr*)(__edi + 0x14)) - 8;
                                                                                                                                                                                                                                                        									__eax = __edi;
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(__edi + 0x14)) >= 8) {
                                                                                                                                                                                                                                                        										__eax =  *__edi;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__esi = __esi - __eax;
                                                                                                                                                                                                                                                        									__ebx = __ebx >> 1;
                                                                                                                                                                                                                                                        									__eax = _v32;
                                                                                                                                                                                                                                                        									__edx =  &_v48;
                                                                                                                                                                                                                                                        									__esi = __esi >> 1;
                                                                                                                                                                                                                                                        									__eflags = _v28 - 7;
                                                                                                                                                                                                                                                        									if(_v28 > 7) {
                                                                                                                                                                                                                                                        										__edx = _v48;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__ecx = __edi;
                                                                                                                                                                                                                                                        									L6();
                                                                                                                                                                                                                                                        									__ecx =  &_v48;
                                                                                                                                                                                                                                                        									__eax = E00BBDF30(__eax,  &_v48, __edx);
                                                                                                                                                                                                                                                        									__ecx = _v24;
                                                                                                                                                                                                                                                        									__ecx = _v24 ^ __ebp;
                                                                                                                                                                                                                                                        									__eflags = __ecx;
                                                                                                                                                                                                                                                        									__eax = E00BEECB0(__ecx, __edx);
                                                                                                                                                                                                                                                        									__esp = __esp + 0x1c;
                                                                                                                                                                                                                                                        									__esi = __esi;
                                                                                                                                                                                                                                                        									__edi = __ebx;
                                                                                                                                                                                                                                                        									__ebx = __edx;
                                                                                                                                                                                                                                                        									__ebp = __eax;
                                                                                                                                                                                                                                                        									return __eax;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__ecx = _v20;
                                                                                                                                                                                                                                                        									__eax = __eax + __eax;
                                                                                                                                                                                                                                                        									__eax = __eax + 0x25;
                                                                                                                                                                                                                                                        									__eflags = __eax;
                                                                                                                                                                                                                                                        									__edx = __eax;
                                                                                                                                                                                                                                                        									goto L85;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L81;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__ecx = __esi;
                                                                                                                                                                                                                                                        						__esp = __esp + 4;
                                                                                                                                                                                                                                                        						_pop(__esi);
                                                                                                                                                                                                                                                        						_pop(__edi);
                                                                                                                                                                                                                                                        						_pop(__ebx);
                                                                                                                                                                                                                                                        						_pop(__ebp);
                                                                                                                                                                                                                                                        						_push(__ebp);
                                                                                                                                                                                                                                                        						__ebp = __esp;
                                                                                                                                                                                                                                                        						_push(__edi);
                                                                                                                                                                                                                                                        						_push(__esi);
                                                                                                                                                                                                                                                        						__eax =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        						__edi =  *__ecx;
                                                                                                                                                                                                                                                        						__esi = __ecx;
                                                                                                                                                                                                                                                        						 *(__ecx + 0x10) +  *(__ecx + 0x10) + 2 = memcpy(__ecx, __edi,  *(__ecx + 0x10) +  *(__ecx + 0x10) + 2);
                                                                                                                                                                                                                                                        						__eax =  *(__esi + 0x14);
                                                                                                                                                                                                                                                        						_t260 = __eax + 2; // 0xa
                                                                                                                                                                                                                                                        						__ecx = __eax + _t260;
                                                                                                                                                                                                                                                        						__eflags = __ecx - 0x1000;
                                                                                                                                                                                                                                                        						if(__ecx < 0x1000) {
                                                                                                                                                                                                                                                        							L95:
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							__esp = __esp + 8;
                                                                                                                                                                                                                                                        							 *(__esi + 0x14) = 7;
                                                                                                                                                                                                                                                        							__esi = __edi;
                                                                                                                                                                                                                                                        							__edi = __ecx;
                                                                                                                                                                                                                                                        							_pop(__ebp);
                                                                                                                                                                                                                                                        							return __eax;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__ecx = __edi;
                                                                                                                                                                                                                                                        							__edi =  *(__edi - 4);
                                                                                                                                                                                                                                                        							__ecx = __ecx + 0xfffffffc;
                                                                                                                                                                                                                                                        							__ecx = __ecx - __edi;
                                                                                                                                                                                                                                                        							__eflags = __ecx - 0x20;
                                                                                                                                                                                                                                                        							if(__ecx >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(__ebp);
                                                                                                                                                                                                                                                        								__ebp = __esp;
                                                                                                                                                                                                                                                        								_push(__ebx);
                                                                                                                                                                                                                                                        								_push(__edi);
                                                                                                                                                                                                                                                        								_push(__esi);
                                                                                                                                                                                                                                                        								_push(__eax);
                                                                                                                                                                                                                                                        								__eax =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        								__eflags = __eax - 0x10;
                                                                                                                                                                                                                                                        								if(__eax < 0x10) {
                                                                                                                                                                                                                                                        									L101:
                                                                                                                                                                                                                                                        									__esp = __esp + 4;
                                                                                                                                                                                                                                                        									_pop(__esi);
                                                                                                                                                                                                                                                        									_pop(__edi);
                                                                                                                                                                                                                                                        									_pop(__ebx);
                                                                                                                                                                                                                                                        									_pop(__ebp);
                                                                                                                                                                                                                                                        									return __eax;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__esi = __ecx;
                                                                                                                                                                                                                                                        									__ecx =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        									__eflags = __ecx - 0xf;
                                                                                                                                                                                                                                                        									if(__ecx > 0xf) {
                                                                                                                                                                                                                                                        										__ecx = __ecx | 0x0000000f;
                                                                                                                                                                                                                                                        										__ebx = 0x7fffffff;
                                                                                                                                                                                                                                                        										__eflags = __ecx - 0x7fffffff;
                                                                                                                                                                                                                                                        										__ebx =  <  ? __ecx : 0x7fffffff;
                                                                                                                                                                                                                                                        										__eflags = 0x7fffffff - __eax;
                                                                                                                                                                                                                                                        										if(0x7fffffff < __eax) {
                                                                                                                                                                                                                                                        											_t265 = __ebx + 1; // 0x80000000
                                                                                                                                                                                                                                                        											__eax = _t265;
                                                                                                                                                                                                                                                        											__ecx = __esi;
                                                                                                                                                                                                                                                        											__edi = E00BBD730(_t265);
                                                                                                                                                                                                                                                        											 *(__esi + 0x10) =  *(__esi + 0x10) + 1;
                                                                                                                                                                                                                                                        											__eax = memcpy(__edi,  *__esi,  *(__esi + 0x10) + 1);
                                                                                                                                                                                                                                                        											__ecx =  *(__esi + 0x14);
                                                                                                                                                                                                                                                        											__eax =  *__esi;
                                                                                                                                                                                                                                                        											__edx = __ecx + 1;
                                                                                                                                                                                                                                                        											__eflags = __edx - 0x1000;
                                                                                                                                                                                                                                                        											if(__edx < 0x1000) {
                                                                                                                                                                                                                                                        												L105:
                                                                                                                                                                                                                                                        												_push(__edx);
                                                                                                                                                                                                                                                        												_push(__eax);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												__esp = __esp + 8;
                                                                                                                                                                                                                                                        												 *__esi = __edi;
                                                                                                                                                                                                                                                        												 *(__esi + 0x14) = __ebx;
                                                                                                                                                                                                                                                        												goto L101;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__edx =  *(__eax - 4);
                                                                                                                                                                                                                                                        												__eax = __eax + 0xfffffffc;
                                                                                                                                                                                                                                                        												__eax = __eax - __edx;
                                                                                                                                                                                                                                                        												_v28 = __edx;
                                                                                                                                                                                                                                                        												__eflags = __eax - 0x20;
                                                                                                                                                                                                                                                        												if(__eflags >= 0) {
                                                                                                                                                                                                                                                        													__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        													_push(__ebp);
                                                                                                                                                                                                                                                        													__ebp = __esp;
                                                                                                                                                                                                                                                        													_push(__ebx);
                                                                                                                                                                                                                                                        													_push(__edi);
                                                                                                                                                                                                                                                        													_push(__esi);
                                                                                                                                                                                                                                                        													__esp = __esp - 0x20;
                                                                                                                                                                                                                                                        													__eax = _v28;
                                                                                                                                                                                                                                                        													__esi = __edx;
                                                                                                                                                                                                                                                        													__edx = _v24;
                                                                                                                                                                                                                                                        													__edi = __ecx;
                                                                                                                                                                                                                                                        													__ebx =  &_v76;
                                                                                                                                                                                                                                                        													__ecx = __ebx;
                                                                                                                                                                                                                                                        													_v80 = _v28;
                                                                                                                                                                                                                                                        													__eax =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        													_v52 = __eax;
                                                                                                                                                                                                                                                        													_v20 = E00BC7D60(__ebx, __edx, __eflags, _v20);
                                                                                                                                                                                                                                                        													__eflags =  *((intOrPtr*)(__edi + 0x14)) - 0x10;
                                                                                                                                                                                                                                                        													__eax = __edi;
                                                                                                                                                                                                                                                        													if( *((intOrPtr*)(__edi + 0x14)) >= 0x10) {
                                                                                                                                                                                                                                                        														__eax =  *__edi;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v60 = _v60 - __esi;
                                                                                                                                                                                                                                                        													__esi = __esi - __eax;
                                                                                                                                                                                                                                                        													__eax = _v40;
                                                                                                                                                                                                                                                        													__eflags = _v36 - 0xf;
                                                                                                                                                                                                                                                        													if(_v36 > 0xf) {
                                                                                                                                                                                                                                                        														__ebx = _v56;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__ecx = __edi;
                                                                                                                                                                                                                                                        													_push(__eax);
                                                                                                                                                                                                                                                        													_push(__ebx);
                                                                                                                                                                                                                                                        													_push(_v60);
                                                                                                                                                                                                                                                        													_push(__esi);
                                                                                                                                                                                                                                                        													L39();
                                                                                                                                                                                                                                                        													__eax = _v36;
                                                                                                                                                                                                                                                        													__eflags = __eax - 0x10;
                                                                                                                                                                                                                                                        													if(__eax >= 0x10) {
                                                                                                                                                                                                                                                        														__ecx = _v56;
                                                                                                                                                                                                                                                        														_t289 = __eax + 1; // 0x10
                                                                                                                                                                                                                                                        														__esi = _t289;
                                                                                                                                                                                                                                                        														__eflags = __esi - 0x1000;
                                                                                                                                                                                                                                                        														if(__esi >= 0x1000) {
                                                                                                                                                                                                                                                        															__edx =  *(__ecx - 4);
                                                                                                                                                                                                                                                        															__ecx = __ecx + 0xfffffffc;
                                                                                                                                                                                                                                                        															__ecx = __ecx - __edx;
                                                                                                                                                                                                                                                        															__eflags = __ecx - 0x20;
                                                                                                                                                                                                                                                        															if(__ecx >= 0x20) {
                                                                                                                                                                                                                                                        																__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																_push(__ebx);
                                                                                                                                                                                                                                                        																_push(__edi);
                                                                                                                                                                                                                                                        																_push(__esi);
                                                                                                                                                                                                                                                        																__eax = _v92;
                                                                                                                                                                                                                                                        																__eflags = __eax - 0x7f;
                                                                                                                                                                                                                                                        																if(__eax > 0x7f) {
                                                                                                                                                                                                                                                        																	__ebx = __eax;
                                                                                                                                                                                                                                                        																	__eflags = __eax - 0x7ff;
                                                                                                                                                                                                                                                        																	if(__eax > 0x7ff) {
                                                                                                                                                                                                                                                        																		__eflags = __eax - 0xffff;
                                                                                                                                                                                                                                                        																		if(__eax > 0xffff) {
                                                                                                                                                                                                                                                        																			__esi =  *__edx;
                                                                                                                                                                                                                                                        																			__ebx = __ebx >> 0x12;
                                                                                                                                                                                                                                                        																			__bl = __bl | 0x000000f0;
                                                                                                                                                                                                                                                        																			_t292 = __esi + 1; // 0x1
                                                                                                                                                                                                                                                        																			__edi = _t292;
                                                                                                                                                                                                                                                        																			 *__edx = _t292;
                                                                                                                                                                                                                                                        																			 *(__ecx +  *__edx) = __bl;
                                                                                                                                                                                                                                                        																			__eax = __eax >> 0xc;
                                                                                                                                                                                                                                                        																			__bl = __bl & 0x0000003f;
                                                                                                                                                                                                                                                        																			__bl = __bl | 0x00000080;
                                                                                                                                                                                                                                                        																			__eflags = __bl;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			__ebx = __ebx >> 0xc;
                                                                                                                                                                                                                                                        																			__bl = __bl | 0x000000e0;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t294 =  *__edx + 1; // 0x1
                                                                                                                                                                                                                                                        																		__edi = _t294;
                                                                                                                                                                                                                                                        																		 *__edx = _t294;
                                                                                                                                                                                                                                                        																		 *(__ecx +  *__edx) = __bl;
                                                                                                                                                                                                                                                        																		__eax = __eax >> 6;
                                                                                                                                                                                                                                                        																		__bl = __bl & 0x0000003f;
                                                                                                                                                                                                                                                        																		__bl = __bl | 0x00000080;
                                                                                                                                                                                                                                                        																		__eflags = __bl;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		__ebx = __ebx >> 6;
                                                                                                                                                                                                                                                        																		__bl = __bl | 0x000000c0;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__esi =  *__edx;
                                                                                                                                                                                                                                                        																	__al = __al & 0x0000003f;
                                                                                                                                                                                                                                                        																	__al = __al | 0x00000080;
                                                                                                                                                                                                                                                        																	__eflags = __al;
                                                                                                                                                                                                                                                        																	_t296 = __esi + 1; // 0x1
                                                                                                                                                                                                                                                        																	__edi = _t296;
                                                                                                                                                                                                                                                        																	 *__edx = _t296;
                                                                                                                                                                                                                                                        																	 *(__ecx +  *__edx) = __bl;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t298 =  *__edx + 1; // 0x1
                                                                                                                                                                                                                                                        																__edi = _t298;
                                                                                                                                                                                                                                                        																 *__edx = _t298;
                                                                                                                                                                                                                                                        																 *(__ecx +  *__edx) = __al;
                                                                                                                                                                                                                                                        																_pop(__esi);
                                                                                                                                                                                                                                                        																_pop(__edi);
                                                                                                                                                                                                                                                        																_pop(__ebx);
                                                                                                                                                                                                                                                        																return __eax;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																__eax = __eax + 0x24;
                                                                                                                                                                                                                                                        																__ecx = __edx;
                                                                                                                                                                                                                                                        																__esi = __eax;
                                                                                                                                                                                                                                                        																goto L114;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L114:
                                                                                                                                                                                                                                                        															_push(__esi);
                                                                                                                                                                                                                                                        															_push(__ecx);
                                                                                                                                                                                                                                                        															L00BEF6C6();
                                                                                                                                                                                                                                                        															__esp = __esp + 8;
                                                                                                                                                                                                                                                        															goto L112;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L112:
                                                                                                                                                                                                                                                        														__ecx = _v32;
                                                                                                                                                                                                                                                        														__ecx = _v32 ^ __ebp;
                                                                                                                                                                                                                                                        														__eflags = __ecx;
                                                                                                                                                                                                                                                        														__eax = E00BEECB0(__ecx, __edx);
                                                                                                                                                                                                                                                        														__esp = __esp + 0x20;
                                                                                                                                                                                                                                                        														_pop(__esi);
                                                                                                                                                                                                                                                        														_pop(__edi);
                                                                                                                                                                                                                                                        														_pop(__ebx);
                                                                                                                                                                                                                                                        														_pop(__ebp);
                                                                                                                                                                                                                                                        														return __eax;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													__eax = _v28;
                                                                                                                                                                                                                                                        													__ecx = __ecx + 0x24;
                                                                                                                                                                                                                                                        													__eflags = __ecx;
                                                                                                                                                                                                                                                        													__edx = __ecx;
                                                                                                                                                                                                                                                        													goto L105;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__ecx = __esi;
                                                                                                                                                                                                                                                        										__esp = __esp + 4;
                                                                                                                                                                                                                                                        										_pop(__esi);
                                                                                                                                                                                                                                                        										_pop(__edi);
                                                                                                                                                                                                                                                        										_pop(__ebx);
                                                                                                                                                                                                                                                        										_pop(__ebp);
                                                                                                                                                                                                                                                        										_push(_t633);
                                                                                                                                                                                                                                                        										_t635 = _t647;
                                                                                                                                                                                                                                                        										_push(_t556);
                                                                                                                                                                                                                                                        										_push(_t595);
                                                                                                                                                                                                                                                        										_t558 =  *_t451;
                                                                                                                                                                                                                                                        										_t597 = _t451;
                                                                                                                                                                                                                                                        										memcpy(_t451, _t558,  *((intOrPtr*)(_t451 + 0x10)) + 1);
                                                                                                                                                                                                                                                        										_t649 = _t647 + 0xc;
                                                                                                                                                                                                                                                        										_t305 =  *((intOrPtr*)(_t597 + 0x14));
                                                                                                                                                                                                                                                        										_t4 = _t305 + 1; // 0x11
                                                                                                                                                                                                                                                        										_t520 = _t4;
                                                                                                                                                                                                                                                        										if(_t520 < 0x1000) {
                                                                                                                                                                                                                                                        											L4:
                                                                                                                                                                                                                                                        											_push(_t520);
                                                                                                                                                                                                                                                        											_push(_t558);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t597 + 0x14)) = 0xf;
                                                                                                                                                                                                                                                        											return _t305;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t452 =  *(_t558 - 4);
                                                                                                                                                                                                                                                        											_t561 = _t558 + 0xfffffffc - _t452;
                                                                                                                                                                                                                                                        											if(_t561 >= 0x20) {
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t635);
                                                                                                                                                                                                                                                        												_t637 = _t649;
                                                                                                                                                                                                                                                        												_push(_t415);
                                                                                                                                                                                                                                                        												_push(_t561);
                                                                                                                                                                                                                                                        												_push(_t597);
                                                                                                                                                                                                                                                        												_t651 = _t649 - 0x1c;
                                                                                                                                                                                                                                                        												_t306 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        												_v44 = _t306 ^ _t637;
                                                                                                                                                                                                                                                        												_t308 =  *(_t452 + 0x10);
                                                                                                                                                                                                                                                        												_t418 = _t308 - _v20;
                                                                                                                                                                                                                                                        												__eflags = _t418;
                                                                                                                                                                                                                                                        												if(__eflags < 0) {
                                                                                                                                                                                                                                                        													E00BBDAC0(_t452, __eflags);
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													asm("int3");
                                                                                                                                                                                                                                                        													_push(_t637);
                                                                                                                                                                                                                                                        													_t638 = _t651;
                                                                                                                                                                                                                                                        													_push(_t418);
                                                                                                                                                                                                                                                        													_push(_t561);
                                                                                                                                                                                                                                                        													_push(_t597);
                                                                                                                                                                                                                                                        													_t652 = _t651 - 0xc;
                                                                                                                                                                                                                                                        													_t521 =  *(_t452 + 0x10);
                                                                                                                                                                                                                                                        													_t562 = _v64;
                                                                                                                                                                                                                                                        													_t419 = 0x7ffffffe;
                                                                                                                                                                                                                                                        													__eflags = 0x7ffffffe - _t521 - _t562;
                                                                                                                                                                                                                                                        													if(0x7ffffffe - _t521 < _t562) {
                                                                                                                                                                                                                                                        														E00BBA890();
                                                                                                                                                                                                                                                        														goto L38;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t580 = _t562 + _t521;
                                                                                                                                                                                                                                                        														_t619 =  *(_t452 + 0x14);
                                                                                                                                                                                                                                                        														_v44 = _t521;
                                                                                                                                                                                                                                                        														_v48 = _t452;
                                                                                                                                                                                                                                                        														_v40 = _t580;
                                                                                                                                                                                                                                                        														_t362 = _t580 | 0x00000007;
                                                                                                                                                                                                                                                        														__eflags = _t362 - 0x7ffffffe;
                                                                                                                                                                                                                                                        														if(_t362 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        															_t442 = _t619 >> 1;
                                                                                                                                                                                                                                                        															_t443 = _t442 + _t619;
                                                                                                                                                                                                                                                        															__eflags = _t362 - _t443;
                                                                                                                                                                                                                                                        															_t444 =  >=  ? _t362 : _t443;
                                                                                                                                                                                                                                                        															__eflags = _t619 - 0x7ffffffe - _t442;
                                                                                                                                                                                                                                                        															_t419 =  >  ? 0x7ffffffe :  >=  ? _t362 : _t443;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t581 = _t619;
                                                                                                                                                                                                                                                        														_t620 = _v48;
                                                                                                                                                                                                                                                        														_t89 = _t419 + 1; // 0x11
                                                                                                                                                                                                                                                        														_t364 = E00BBA8A0(_t89);
                                                                                                                                                                                                                                                        														__eflags = _t581 - 8;
                                                                                                                                                                                                                                                        														 *((intOrPtr*)(_t620 + 0x10)) = _v40;
                                                                                                                                                                                                                                                        														_t488 = _t620;
                                                                                                                                                                                                                                                        														 *(_t620 + 0x14) = _t419;
                                                                                                                                                                                                                                                        														if(_t581 < 8) {
                                                                                                                                                                                                                                                        															_t621 = _t488;
                                                                                                                                                                                                                                                        															_t438 = _t364;
                                                                                                                                                                                                                                                        															memcpy(_t364, _t488, _v8 + _v8);
                                                                                                                                                                                                                                                        															_t582 = _t438 + _v8 * 2;
                                                                                                                                                                                                                                                        															memcpy(_t582, _v0, _a4 + _a4);
                                                                                                                                                                                                                                                        															_t489 = _v8;
                                                                                                                                                                                                                                                        															_t543 = _v44 - _v4 + _t489;
                                                                                                                                                                                                                                                        															__eflags = _t543;
                                                                                                                                                                                                                                                        															memcpy(_t582 + _a4 * 2, _t621 + _t489 * 2 + _v4 * 2, _t543 + _t543 + 2);
                                                                                                                                                                                                                                                        															_t583 = _t438;
                                                                                                                                                                                                                                                        															goto L36;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t440 =  *_t488;
                                                                                                                                                                                                                                                        															_t623 = _t364;
                                                                                                                                                                                                                                                        															_v40 = _t581;
                                                                                                                                                                                                                                                        															memcpy(_t364, _t440, _v8 + _v8);
                                                                                                                                                                                                                                                        															_t585 = _t623 + _v8 * 2;
                                                                                                                                                                                                                                                        															memcpy(_t585, _v0, _a4 + _a4);
                                                                                                                                                                                                                                                        															memcpy(_t585 + _a4 * 2, _t440 + _v8 * 2 + _v4 * 2, _v44 - _v4 + _v8 + _v44 - _v4 + _v8 + 2);
                                                                                                                                                                                                                                                        															_t652 = _t652 + 0x24;
                                                                                                                                                                                                                                                        															_t452 = _v40;
                                                                                                                                                                                                                                                        															_t583 = _t623;
                                                                                                                                                                                                                                                        															_t621 = _v48;
                                                                                                                                                                                                                                                        															_t116 = _t452 + 2; // 0x13
                                                                                                                                                                                                                                                        															_t386 = _t452 + _t116;
                                                                                                                                                                                                                                                        															__eflags = _t386 - 0x1000;
                                                                                                                                                                                                                                                        															if(_t386 < 0x1000) {
                                                                                                                                                                                                                                                        																L34:
                                                                                                                                                                                                                                                        																_push(_t386);
                                                                                                                                                                                                                                                        																_push(_t440);
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																L36:
                                                                                                                                                                                                                                                        																 *_t621 = _t583;
                                                                                                                                                                                                                                                        																return _t621;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t419 =  *(_t440 - 4);
                                                                                                                                                                                                                                                        																__eflags = _t440 + 0xfffffffc - _t419 - 0x20;
                                                                                                                                                                                                                                                        																if(_t440 + 0xfffffffc - _t419 >= 0x20) {
                                                                                                                                                                                                                                                        																	L38:
                                                                                                                                                                                                                                                        																	__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																	asm("int3");
                                                                                                                                                                                                                                                        																	asm("int3");
                                                                                                                                                                                                                                                        																	_push(_t638);
                                                                                                                                                                                                                                                        																	_t639 = _t652;
                                                                                                                                                                                                                                                        																	_push(_t419);
                                                                                                                                                                                                                                                        																	_push(_t562);
                                                                                                                                                                                                                                                        																	_push(_t597);
                                                                                                                                                                                                                                                        																	_t653 = _t652 - 0x18;
                                                                                                                                                                                                                                                        																	_t313 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        																	_t522 = _v88;
                                                                                                                                                                                                                                                        																	_v112 = _t313 ^ _t639;
                                                                                                                                                                                                                                                        																	_t315 =  *(_t452 + 0x10);
                                                                                                                                                                                                                                                        																	_t564 = _t315 - _t522;
                                                                                                                                                                                                                                                        																	__eflags = _t564;
                                                                                                                                                                                                                                                        																	if(__eflags < 0) {
                                                                                                                                                                                                                                                        																		E00BBDAC0(_t452, __eflags);
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		_push(_t639);
                                                                                                                                                                                                                                                        																		_t640 = _t653;
                                                                                                                                                                                                                                                        																		_push(_t419);
                                                                                                                                                                                                                                                        																		_push(_t564);
                                                                                                                                                                                                                                                        																		_push(_t597);
                                                                                                                                                                                                                                                        																		_t654 = _t653 - 0x14;
                                                                                                                                                                                                                                                        																		_t523 =  *(_t452 + 0x10);
                                                                                                                                                                                                                                                        																		_t599 = _v128;
                                                                                                                                                                                                                                                        																		_t420 = 0x7fffffff;
                                                                                                                                                                                                                                                        																		__eflags = 0x7fffffff - _t523 - _t599;
                                                                                                                                                                                                                                                        																		if(0x7fffffff - _t523 < _t599) {
                                                                                                                                                                                                                                                        																			E00BBA890();
                                                                                                                                                                                                                                                        																			goto L71;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t567 =  *(_t452 + 0x14);
                                                                                                                                                                                                                                                        																			_t602 = _t599 + _t523;
                                                                                                                                                                                                                                                        																			_v52 = _t523;
                                                                                                                                                                                                                                                        																			_v60 = _t452;
                                                                                                                                                                                                                                                        																			_v64 = _t602;
                                                                                                                                                                                                                                                        																			_t326 = _t602 | 0x0000000f;
                                                                                                                                                                                                                                                        																			__eflags = _t326;
                                                                                                                                                                                                                                                        																			if(_t326 >= 0) {
                                                                                                                                                                                                                                                        																				_t471 = _t567 >> 1;
                                                                                                                                                                                                                                                        																				_t472 = _t471 + _t567;
                                                                                                                                                                                                                                                        																				__eflags = _t326 - _t472;
                                                                                                                                                                                                                                                        																				_t473 =  >=  ? _t326 : _t472;
                                                                                                                                                                                                                                                        																				__eflags = _t567 - (_t471 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        																				_t420 =  <=  ?  >=  ? _t326 : _t472 : 0x7fffffff;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_v56 = _t567;
                                                                                                                                                                                                                                                        																			_t568 = _v16;
                                                                                                                                                                                                                                                        																			_t194 = _t420 + 1; // 0x80000000
                                                                                                                                                                                                                                                        																			_t424 = _v60;
                                                                                                                                                                                                                                                        																			_t328 = E00BBD730(_t194);
                                                                                                                                                                                                                                                        																			__eflags = _v56 - 0x10;
                                                                                                                                                                                                                                                        																			_v48 = _t328;
                                                                                                                                                                                                                                                        																			 *((intOrPtr*)(_t424 + 0x10)) = _v64;
                                                                                                                                                                                                                                                        																			 *(_t424 + 0x14) = _t420;
                                                                                                                                                                                                                                                        																			if(_v56 < 0x10) {
                                                                                                                                                                                                                                                        																				memcpy(_t328, _t424, _t568);
                                                                                                                                                                                                                                                        																				_t605 = _v48 + _t568;
                                                                                                                                                                                                                                                        																				memcpy(_t605, _v8, _v4);
                                                                                                                                                                                                                                                        																				_t332 = _v12;
                                                                                                                                                                                                                                                        																				_t466 = _v52 - _t332 + _t568 + 1;
                                                                                                                                                                                                                                                        																				__eflags = _t466;
                                                                                                                                                                                                                                                        																				_t607 = _v48;
                                                                                                                                                                                                                                                        																				memcpy(_t605 + _v4, _t424 + _t568 + _t332, _t466);
                                                                                                                                                                                                                                                        																				goto L69;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t426 =  *_t424;
                                                                                                                                                                                                                                                        																				memcpy(_t328, _t426, _t568);
                                                                                                                                                                                                                                                        																				_t610 = _t328 + _t568;
                                                                                                                                                                                                                                                        																				memcpy(_t610, _v8, _v4);
                                                                                                                                                                                                                                                        																				_t339 = _v12;
                                                                                                                                                                                                                                                        																				_t599 = _t610 + _v4;
                                                                                                                                                                                                                                                        																				_t564 = _t426 + _t568 + _t339;
                                                                                                                                                                                                                                                        																				memcpy(_t599, _t564, _v52 - _t339 + _t568 + 1);
                                                                                                                                                                                                                                                        																				_t654 = _t654 + 0x24;
                                                                                                                                                                                                                                                        																				_t529 = _v56;
                                                                                                                                                                                                                                                        																				_t207 = _t529 + 1; // 0x11
                                                                                                                                                                                                                                                        																				_t452 = _t207;
                                                                                                                                                                                                                                                        																				__eflags = _t452 - 0x1000;
                                                                                                                                                                                                                                                        																				if(_t452 < 0x1000) {
                                                                                                                                                                                                                                                        																					L67:
                                                                                                                                                                                                                                                        																					_push(_t452);
                                                                                                                                                                                                                                                        																					_push(_t426);
                                                                                                                                                                                                                                                        																					L00BEF6C6();
                                                                                                                                                                                                                                                        																					_t607 = _v48;
                                                                                                                                                                                                                                                        																					_t424 = _v60;
                                                                                                                                                                                                                                                        																					L69:
                                                                                                                                                                                                                                                        																					 *_t424 = _t607;
                                                                                                                                                                                                                                                        																					return _t424;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t342 =  *(_t426 - 4);
                                                                                                                                                                                                                                                        																					_t420 = _t426 + 0xfffffffc - _t342;
                                                                                                                                                                                                                                                        																					__eflags = _t420 - 0x20;
                                                                                                                                                                                                                                                        																					if(_t420 >= 0x20) {
                                                                                                                                                                                                                                                        																						L71:
                                                                                                                                                                                                                                                        																						__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																						asm("int3");
                                                                                                                                                                                                                                                        																						asm("int3");
                                                                                                                                                                                                                                                        																						asm("int3");
                                                                                                                                                                                                                                                        																						asm("int3");
                                                                                                                                                                                                                                                        																						_push(_t640);
                                                                                                                                                                                                                                                        																						_t641 = _t654;
                                                                                                                                                                                                                                                        																						_push(_t420);
                                                                                                                                                                                                                                                        																						_push(_t564);
                                                                                                                                                                                                                                                        																						_push(_t599);
                                                                                                                                                                                                                                                        																						_t655 = _t654 - 8;
                                                                                                                                                                                                                                                        																						_t600 = _t452;
                                                                                                                                                                                                                                                        																						_t453 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        																						_t320 = _v160;
                                                                                                                                                                                                                                                        																						_v184 = _t453 ^ _t641;
                                                                                                                                                                                                                                                        																						_t421 =  *((intOrPtr*)(_t600 + 0x14));
                                                                                                                                                                                                                                                        																						_t455 =  *((intOrPtr*)(_t600 + 0x10));
                                                                                                                                                                                                                                                        																						__eflags = _t421 - _t455 - _t320;
                                                                                                                                                                                                                                                        																						_t526 = _v156;
                                                                                                                                                                                                                                                        																						if(_t421 - _t455 >= _t320) {
                                                                                                                                                                                                                                                        																							_t565 = _t455 + _t320;
                                                                                                                                                                                                                                                        																							__eflags = _t421 - 0x10;
                                                                                                                                                                                                                                                        																							_t422 = _t600;
                                                                                                                                                                                                                                                        																							 *((intOrPtr*)(_t600 + 0x10)) = _t565;
                                                                                                                                                                                                                                                        																							if(_t421 >= 0x10) {
                                                                                                                                                                                                                                                        																								_t422 =  *_t600;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							memset(_t455 + _t422, _t526, _t320);
                                                                                                                                                                                                                                                        																							 *((char*)(_t422 + _t565)) = 0;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							_v200 = _v56;
                                                                                                                                                                                                                                                        																							_v196 = _t320;
                                                                                                                                                                                                                                                        																							 *(_t655 - 0x10) = _t320;
                                                                                                                                                                                                                                                        																							_v192 = _t526;
                                                                                                                                                                                                                                                        																							_t600 = E00BC7330(_t600);
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						__eflags = _v52 ^ _t641;
                                                                                                                                                                                                                                                        																						E00BEECB0(_v52 ^ _t641, _t526);
                                                                                                                                                                                                                                                        																						return _t600;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t530 = _t529 + 0x24;
                                                                                                                                                                                                                                                        																						__eflags = _t530;
                                                                                                                                                                                                                                                        																						_t426 = _t342;
                                                                                                                                                                                                                                                        																						_t452 = _t530;
                                                                                                                                                                                                                                                        																						goto L67;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t429 = _v16;
                                                                                                                                                                                                                                                        																		_t611 = _v8;
                                                                                                                                                                                                                                                        																		__eflags = _t564 - _t429;
                                                                                                                                                                                                                                                        																		_t430 =  <  ? _t564 : _t429;
                                                                                                                                                                                                                                                        																		__eflags = _t430 - _t611;
                                                                                                                                                                                                                                                        																		if(_t430 != _t611) {
                                                                                                                                                                                                                                                        																			_t574 = _t564 - _t430 + 1;
                                                                                                                                                                                                                                                        																			_t612 = _t611 - _t430;
                                                                                                                                                                                                                                                        																			__eflags = _t612;
                                                                                                                                                                                                                                                        																			if(_t612 >= 0) {
                                                                                                                                                                                                                                                        																				_t533 =  *(_t452 + 0x14);
                                                                                                                                                                                                                                                        																				_v52 = _t533;
                                                                                                                                                                                                                                                        																				_t534 = _t533 - _t315;
                                                                                                                                                                                                                                                        																				__eflags = _t612 - _t533 - _t315;
                                                                                                                                                                                                                                                        																				if(_t612 <= _t533 - _t315) {
                                                                                                                                                                                                                                                        																					__eflags = _v52 - 0x10;
                                                                                                                                                                                                                                                        																					 *(_t452 + 0x10) = _t612 + _t315;
                                                                                                                                                                                                                                                        																					_t536 = _t452;
                                                                                                                                                                                                                                                        																					if(_v52 >= 0x10) {
                                                                                                                                                                                                                                                        																						_t536 =  *_t452;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_v52 = _t452;
                                                                                                                                                                                                                                                        																					_v64 = _t536;
                                                                                                                                                                                                                                                        																					_t475 = _v20 + _t536;
                                                                                                                                                                                                                                                        																					_v60 = _t475;
                                                                                                                                                                                                                                                        																					_t431 = _t430 + _t475;
                                                                                                                                                                                                                                                        																					_t477 = _v12;
                                                                                                                                                                                                                                                        																					__eflags = _v8 + _v12 - _v60;
                                                                                                                                                                                                                                                        																					_t522 = _v8;
                                                                                                                                                                                                                                                        																					_v56 = _v8;
                                                                                                                                                                                                                                                        																					if(_v8 + _v12 > _v60) {
                                                                                                                                                                                                                                                        																						_t539 = _t477;
                                                                                                                                                                                                                                                        																						__eflags = _v64 + _t315 - _t539;
                                                                                                                                                                                                                                                        																						_t477 = _t539;
                                                                                                                                                                                                                                                        																						_t522 = _v8;
                                                                                                                                                                                                                                                        																						_v56 = _v8;
                                                                                                                                                                                                                                                        																						if(_v64 + _t315 >= _t539) {
                                                                                                                                                                                                                                                        																							_t522 = 0;
                                                                                                                                                                                                                                                        																							_t578 = _t431 - _t477;
                                                                                                                                                                                                                                                        																							__eflags = _t578;
                                                                                                                                                                                                                                                        																							_t579 =  <=  ? 0 : _t578;
                                                                                                                                                                                                                                                        																							_v56 =  <=  ? 0 : _t578;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t433 = _t477;
                                                                                                                                                                                                                                                        																					memmove(_t431 + _t612, _t431, _t574);
                                                                                                                                                                                                                                                        																					_t575 = _v56;
                                                                                                                                                                                                                                                        																					memmove(_v60, _t433, _t575);
                                                                                                                                                                                                                                                        																					_t653 = _t653 + 0x18;
                                                                                                                                                                                                                                                        																					memcpy(_v60 + _t575, _t433 + _t612 + _t575, _v8 - _t575);
                                                                                                                                                                                                                                                        																					goto L45;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_v152 = _v48;
                                                                                                                                                                                                                                                        																					_v144 = _t430;
                                                                                                                                                                                                                                                        																					_v156 = _t612;
                                                                                                                                                                                                                                                        																					_v136 = _v8;
                                                                                                                                                                                                                                                        																					_v140 = _v12;
                                                                                                                                                                                                                                                        																					_t354 = _v20;
                                                                                                                                                                                                                                                        																					_v148 = _t354;
                                                                                                                                                                                                                                                        																					L60();
                                                                                                                                                                                                                                                        																					E00BEECB0(_v44 ^ _t639, _t534);
                                                                                                                                                                                                                                                        																					_t349 = _t354;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				 *(_t452 + 0x10) = _t612 + _t315;
                                                                                                                                                                                                                                                        																				_t616 = _t452;
                                                                                                                                                                                                                                                        																				__eflags =  *(_t452 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        																				if( *(_t452 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        																					_t616 =  *_t452;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_v52 = _t452;
                                                                                                                                                                                                                                                        																				_t617 = _t616 + _t522;
                                                                                                                                                                                                                                                        																				memmove(_t617, _v12, _v8);
                                                                                                                                                                                                                                                        																				_t653 = _t653 + 0xc;
                                                                                                                                                                                                                                                        																				_push(_t574);
                                                                                                                                                                                                                                                        																				_push(_t430 + _t617);
                                                                                                                                                                                                                                                        																				_push(_t617 + _v8);
                                                                                                                                                                                                                                                        																				goto L44;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			__eflags =  *(_t452 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        																			_t359 = _t452;
                                                                                                                                                                                                                                                        																			if( *(_t452 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        																				_t359 =  *_t452;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_v52 = _t452;
                                                                                                                                                                                                                                                        																			_t360 = _t359 + _t522;
                                                                                                                                                                                                                                                        																			__eflags = _t360;
                                                                                                                                                                                                                                                        																			_push(_t611);
                                                                                                                                                                                                                                                        																			_push(_v12);
                                                                                                                                                                                                                                                        																			_push(_t360);
                                                                                                                                                                                                                                                        																			L44:
                                                                                                                                                                                                                                                        																			memmove();
                                                                                                                                                                                                                                                        																			L45:
                                                                                                                                                                                                                                                        																			__eflags = _v44 ^ _t639;
                                                                                                                                                                                                                                                        																			E00BEECB0(_v44 ^ _t639, _t522);
                                                                                                                                                                                                                                                        																			_t349 = _v52;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		return _t349;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t500 = _t452 + _t452 + 0x25;
                                                                                                                                                                                                                                                        																	__eflags = _t500;
                                                                                                                                                                                                                                                        																	_t386 = _t500;
                                                                                                                                                                                                                                                        																	goto L34;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t624 = _v8;
                                                                                                                                                                                                                                                        													_t586 = _v0;
                                                                                                                                                                                                                                                        													_t550 = _v4;
                                                                                                                                                                                                                                                        													__eflags = _t418 - _t624;
                                                                                                                                                                                                                                                        													_t625 =  <  ? _t418 : _t624;
                                                                                                                                                                                                                                                        													__eflags = _t625 - _t586;
                                                                                                                                                                                                                                                        													if(_t625 != _t586) {
                                                                                                                                                                                                                                                        														_t446 = _t418 - _t625 + 1;
                                                                                                                                                                                                                                                        														_t587 = _t586 - _t625;
                                                                                                                                                                                                                                                        														__eflags = _t587;
                                                                                                                                                                                                                                                        														if(_t587 >= 0) {
                                                                                                                                                                                                                                                        															_t551 =  *(_t452 + 0x14);
                                                                                                                                                                                                                                                        															_v44 = _t551;
                                                                                                                                                                                                                                                        															_t552 = _t551 - _t308;
                                                                                                                                                                                                                                                        															__eflags = _t587 - _t551 - _t308;
                                                                                                                                                                                                                                                        															if(_t587 <= _t551 - _t308) {
                                                                                                                                                                                                                                                        																__eflags = _v44 - 8;
                                                                                                                                                                                                                                                        																_v48 = _t587;
                                                                                                                                                                                                                                                        																 *(_t452 + 0x10) = _t587 + _t308;
                                                                                                                                                                                                                                                        																_t554 = _t452;
                                                                                                                                                                                                                                                        																if(_v44 >= 8) {
                                                                                                                                                                                                                                                        																	_t554 =  *_t452;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_v44 = _t452;
                                                                                                                                                                                                                                                        																_v52 = _t554;
                                                                                                                                                                                                                                                        																_t588 = _v0;
                                                                                                                                                                                                                                                        																_t555 = _t554 + _v12 * 2;
                                                                                                                                                                                                                                                        																_t626 = _v4;
                                                                                                                                                                                                                                                        																_v60 = _t555;
                                                                                                                                                                                                                                                        																_v56 = _t555 + _t625 * 2;
                                                                                                                                                                                                                                                        																__eflags = _t626 + _t588 * 2 - _t555;
                                                                                                                                                                                                                                                        																_t550 = _v56;
                                                                                                                                                                                                                                                        																_t628 = _t588;
                                                                                                                                                                                                                                                        																if(_t626 + _t588 * 2 > _t555) {
                                                                                                                                                                                                                                                        																	_t509 = _v52;
                                                                                                                                                                                                                                                        																	_t628 = _t588;
                                                                                                                                                                                                                                                        																	__eflags = _t509 + _t308 * 2 - _v4;
                                                                                                                                                                                                                                                        																	if(_t509 + _t308 * 2 >= _v4) {
                                                                                                                                                                                                                                                        																		_t401 = _v4;
                                                                                                                                                                                                                                                        																		__eflags = _t550 - _t401;
                                                                                                                                                                                                                                                        																		_t628 =  >  ? _t550 - _t401 >> 1 : 0;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																memmove(_t550 + _v48 * 2, _t550, _t446 + _t446);
                                                                                                                                                                                                                                                        																_t448 = _v60;
                                                                                                                                                                                                                                                        																memmove(_t448, _v4, _t628 + _t628);
                                                                                                                                                                                                                                                        																_t651 = _t651 + 0x18;
                                                                                                                                                                                                                                                        																memcpy(_t448 + _t628 * 2, _v4 + _v48 * 2 + _t628 * 2, _t588 - _t628 + _t588 - _t628);
                                                                                                                                                                                                                                                        																goto L12;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_v88 = _v40;
                                                                                                                                                                                                                                                        																_v80 = _t625;
                                                                                                                                                                                                                                                        																_v92 = _t587;
                                                                                                                                                                                                                                                        																_v72 = _v0;
                                                                                                                                                                                                                                                        																_v76 = _v4;
                                                                                                                                                                                                                                                        																_t405 = _v12;
                                                                                                                                                                                                                                                        																_v84 = _t405;
                                                                                                                                                                                                                                                        																L27();
                                                                                                                                                                                                                                                        																E00BEECB0(_v36 ^ _t637, _t552);
                                                                                                                                                                                                                                                        																_t400 = _t405;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t407 = _t452;
                                                                                                                                                                                                                                                        															 *(_t452 + 0x10) = _t587 + _t308;
                                                                                                                                                                                                                                                        															__eflags =  *(_t452 + 0x14) - 8;
                                                                                                                                                                                                                                                        															if( *(_t452 + 0x14) >= 8) {
                                                                                                                                                                                                                                                        																_t407 =  *_t452;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_v44 = _t452;
                                                                                                                                                                                                                                                        															_t593 = _t407 + _v12 * 2;
                                                                                                                                                                                                                                                        															memmove(_t593, _t550, _v0 + _v0);
                                                                                                                                                                                                                                                        															_t651 = _t651 + 0xc;
                                                                                                                                                                                                                                                        															_push(_t446 + _t446);
                                                                                                                                                                                                                                                        															_push(_t593 + _t625 * 2);
                                                                                                                                                                                                                                                        															_push(_t593 + _v0 * 2);
                                                                                                                                                                                                                                                        															goto L11;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														__eflags =  *(_t452 + 0x14) - 8;
                                                                                                                                                                                                                                                        														_t413 = _t452;
                                                                                                                                                                                                                                                        														if( *(_t452 + 0x14) >= 8) {
                                                                                                                                                                                                                                                        															_t413 =  *_t452;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_v44 = _t452;
                                                                                                                                                                                                                                                        														_t594 = _t586 + _t586;
                                                                                                                                                                                                                                                        														__eflags = _t594;
                                                                                                                                                                                                                                                        														_push(_t594);
                                                                                                                                                                                                                                                        														_push(_t550);
                                                                                                                                                                                                                                                        														_push(_t413 + _v12 * 2);
                                                                                                                                                                                                                                                        														L11:
                                                                                                                                                                                                                                                        														memmove();
                                                                                                                                                                                                                                                        														L12:
                                                                                                                                                                                                                                                        														__eflags = _v36 ^ _t637;
                                                                                                                                                                                                                                                        														E00BEECB0(_v36 ^ _t637, _t550);
                                                                                                                                                                                                                                                        														_t400 = _v44;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													return _t400;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t305 = _t305 + 0x24;
                                                                                                                                                                                                                                                        												_t558 = _t452;
                                                                                                                                                                                                                                                        												_t520 = _t305;
                                                                                                                                                                                                                                                        												goto L4;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eax = __eax + __eax;
                                                                                                                                                                                                                                                        								__eax = __eax + 0x25;
                                                                                                                                                                                                                                                        								__eflags = __eax;
                                                                                                                                                                                                                                                        								__ecx = __eax;
                                                                                                                                                                                                                                                        								goto L95;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



































































































































































                                                                                                                                                                                                                                                        0x00bc7db0
                                                                                                                                                                                                                                                        0x00bc7db1
                                                                                                                                                                                                                                                        0x00bc7db6
                                                                                                                                                                                                                                                        0x00bc7db7
                                                                                                                                                                                                                                                        0x00bc7dbd
                                                                                                                                                                                                                                                        0x00bc7dec
                                                                                                                                                                                                                                                        0x00bc7df3
                                                                                                                                                                                                                                                        0x00bc7dbf
                                                                                                                                                                                                                                                        0x00bc7dbf
                                                                                                                                                                                                                                                        0x00bc7dc1
                                                                                                                                                                                                                                                        0x00bc7dc4
                                                                                                                                                                                                                                                        0x00bc7dc7
                                                                                                                                                                                                                                                        0x00bc7dd7
                                                                                                                                                                                                                                                        0x00bc7dda
                                                                                                                                                                                                                                                        0x00bc7ddf
                                                                                                                                                                                                                                                        0x00bc7de5
                                                                                                                                                                                                                                                        0x00bc7de8
                                                                                                                                                                                                                                                        0x00bc7dea
                                                                                                                                                                                                                                                        0x00bc7df4
                                                                                                                                                                                                                                                        0x00bc7df4
                                                                                                                                                                                                                                                        0x00bc7df7
                                                                                                                                                                                                                                                        0x00bc7dff
                                                                                                                                                                                                                                                        0x00bc7e04
                                                                                                                                                                                                                                                        0x00bc7e0c
                                                                                                                                                                                                                                                        0x00bc7e14
                                                                                                                                                                                                                                                        0x00bc7e17
                                                                                                                                                                                                                                                        0x00bc7e19
                                                                                                                                                                                                                                                        0x00bc7e19
                                                                                                                                                                                                                                                        0x00bc7e1d
                                                                                                                                                                                                                                                        0x00bc7e23
                                                                                                                                                                                                                                                        0x00bc7e3f
                                                                                                                                                                                                                                                        0x00bc7e3f
                                                                                                                                                                                                                                                        0x00bc7e40
                                                                                                                                                                                                                                                        0x00bc7e41
                                                                                                                                                                                                                                                        0x00bc7e46
                                                                                                                                                                                                                                                        0x00bc7e49
                                                                                                                                                                                                                                                        0x00bc7e4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7e25
                                                                                                                                                                                                                                                        0x00bc7e25
                                                                                                                                                                                                                                                        0x00bc7e28
                                                                                                                                                                                                                                                        0x00bc7e2b
                                                                                                                                                                                                                                                        0x00bc7e2d
                                                                                                                                                                                                                                                        0x00bc7e30
                                                                                                                                                                                                                                                        0x00bc7e33
                                                                                                                                                                                                                                                        0x00bc7e50
                                                                                                                                                                                                                                                        0x00bc7e56
                                                                                                                                                                                                                                                        0x00bc7e57
                                                                                                                                                                                                                                                        0x00bc7e58
                                                                                                                                                                                                                                                        0x00bc7e59
                                                                                                                                                                                                                                                        0x00bc7e5a
                                                                                                                                                                                                                                                        0x00bc7e5b
                                                                                                                                                                                                                                                        0x00bc7e5c
                                                                                                                                                                                                                                                        0x00bc7e5d
                                                                                                                                                                                                                                                        0x00bc7e5e
                                                                                                                                                                                                                                                        0x00bc7e5f
                                                                                                                                                                                                                                                        0x00bc7e60
                                                                                                                                                                                                                                                        0x00bc7e61
                                                                                                                                                                                                                                                        0x00bc7e63
                                                                                                                                                                                                                                                        0x00bc7e64
                                                                                                                                                                                                                                                        0x00bc7e65
                                                                                                                                                                                                                                                        0x00bc7e66
                                                                                                                                                                                                                                                        0x00bc7e69
                                                                                                                                                                                                                                                        0x00bc7e6e
                                                                                                                                                                                                                                                        0x00bc7e71
                                                                                                                                                                                                                                                        0x00bc7e73
                                                                                                                                                                                                                                                        0x00bc7e76
                                                                                                                                                                                                                                                        0x00bc7e78
                                                                                                                                                                                                                                                        0x00bc7e7d
                                                                                                                                                                                                                                                        0x00bc7e84
                                                                                                                                                                                                                                                        0x00bc7e8c
                                                                                                                                                                                                                                                        0x00bc7e8e
                                                                                                                                                                                                                                                        0x00bc7e92
                                                                                                                                                                                                                                                        0x00bc7e94
                                                                                                                                                                                                                                                        0x00bc7e96
                                                                                                                                                                                                                                                        0x00bc7e96
                                                                                                                                                                                                                                                        0x00bc7e98
                                                                                                                                                                                                                                                        0x00bc7e9a
                                                                                                                                                                                                                                                        0x00bc7e9c
                                                                                                                                                                                                                                                        0x00bc7e9f
                                                                                                                                                                                                                                                        0x00bc7ea2
                                                                                                                                                                                                                                                        0x00bc7ea4
                                                                                                                                                                                                                                                        0x00bc7ea8
                                                                                                                                                                                                                                                        0x00bc7eaa
                                                                                                                                                                                                                                                        0x00bc7eaa
                                                                                                                                                                                                                                                        0x00bc7ead
                                                                                                                                                                                                                                                        0x00bc7eb3
                                                                                                                                                                                                                                                        0x00bc7eb8
                                                                                                                                                                                                                                                        0x00bc7ebb
                                                                                                                                                                                                                                                        0x00bc7ec0
                                                                                                                                                                                                                                                        0x00bc7ec3
                                                                                                                                                                                                                                                        0x00bc7ec3
                                                                                                                                                                                                                                                        0x00bc7ec5
                                                                                                                                                                                                                                                        0x00bc7eca
                                                                                                                                                                                                                                                        0x00bc7ecd
                                                                                                                                                                                                                                                        0x00bc7ece
                                                                                                                                                                                                                                                        0x00bc7ecf
                                                                                                                                                                                                                                                        0x00bc7ed0
                                                                                                                                                                                                                                                        0x00bc7ed1
                                                                                                                                                                                                                                                        0x00bc7e35
                                                                                                                                                                                                                                                        0x00bc7e35
                                                                                                                                                                                                                                                        0x00bc7e38
                                                                                                                                                                                                                                                        0x00bc7e3a
                                                                                                                                                                                                                                                        0x00bc7e3a
                                                                                                                                                                                                                                                        0x00bc7e3d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7e3d
                                                                                                                                                                                                                                                        0x00bc7e33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7dc9
                                                                                                                                                                                                                                                        0x00bc7dc9
                                                                                                                                                                                                                                                        0x00bc7dcb
                                                                                                                                                                                                                                                        0x00bc7dce
                                                                                                                                                                                                                                                        0x00bc7dcf
                                                                                                                                                                                                                                                        0x00bc7dd0
                                                                                                                                                                                                                                                        0x00bc7dd1
                                                                                                                                                                                                                                                        0x00bc7ee0
                                                                                                                                                                                                                                                        0x00bc7ee1
                                                                                                                                                                                                                                                        0x00bc7ee3
                                                                                                                                                                                                                                                        0x00bc7ee4
                                                                                                                                                                                                                                                        0x00bc7ee5
                                                                                                                                                                                                                                                        0x00bc7ee8
                                                                                                                                                                                                                                                        0x00bc7eea
                                                                                                                                                                                                                                                        0x00bc7ef3
                                                                                                                                                                                                                                                        0x00bc7efb
                                                                                                                                                                                                                                                        0x00bc7efe
                                                                                                                                                                                                                                                        0x00bc7efe
                                                                                                                                                                                                                                                        0x00bc7f02
                                                                                                                                                                                                                                                        0x00bc7f08
                                                                                                                                                                                                                                                        0x00bc7f20
                                                                                                                                                                                                                                                        0x00bc7f22
                                                                                                                                                                                                                                                        0x00bc7f27
                                                                                                                                                                                                                                                        0x00bc7f2a
                                                                                                                                                                                                                                                        0x00bc7f31
                                                                                                                                                                                                                                                        0x00bc7f32
                                                                                                                                                                                                                                                        0x00bc7f33
                                                                                                                                                                                                                                                        0x00bc7f34
                                                                                                                                                                                                                                                        0x00bc7f0a
                                                                                                                                                                                                                                                        0x00bc7f0a
                                                                                                                                                                                                                                                        0x00bc7f0c
                                                                                                                                                                                                                                                        0x00bc7f0f
                                                                                                                                                                                                                                                        0x00bc7f12
                                                                                                                                                                                                                                                        0x00bc7f14
                                                                                                                                                                                                                                                        0x00bc7f17
                                                                                                                                                                                                                                                        0x00bc7f35
                                                                                                                                                                                                                                                        0x00bc7f3b
                                                                                                                                                                                                                                                        0x00bc7f3c
                                                                                                                                                                                                                                                        0x00bc7f3d
                                                                                                                                                                                                                                                        0x00bc7f3e
                                                                                                                                                                                                                                                        0x00bc7f3f
                                                                                                                                                                                                                                                        0x00bc7f40
                                                                                                                                                                                                                                                        0x00bc7f41
                                                                                                                                                                                                                                                        0x00bc7f43
                                                                                                                                                                                                                                                        0x00bc7f44
                                                                                                                                                                                                                                                        0x00bc7f45
                                                                                                                                                                                                                                                        0x00bc7f46
                                                                                                                                                                                                                                                        0x00bc7f47
                                                                                                                                                                                                                                                        0x00bc7f4a
                                                                                                                                                                                                                                                        0x00bc7f4d
                                                                                                                                                                                                                                                        0x00bc7f7c
                                                                                                                                                                                                                                                        0x00bc7f7c
                                                                                                                                                                                                                                                        0x00bc7f7f
                                                                                                                                                                                                                                                        0x00bc7f80
                                                                                                                                                                                                                                                        0x00bc7f81
                                                                                                                                                                                                                                                        0x00bc7f82
                                                                                                                                                                                                                                                        0x00bc7f83
                                                                                                                                                                                                                                                        0x00bc7f4f
                                                                                                                                                                                                                                                        0x00bc7f4f
                                                                                                                                                                                                                                                        0x00bc7f51
                                                                                                                                                                                                                                                        0x00bc7f54
                                                                                                                                                                                                                                                        0x00bc7f57
                                                                                                                                                                                                                                                        0x00bc7f67
                                                                                                                                                                                                                                                        0x00bc7f6a
                                                                                                                                                                                                                                                        0x00bc7f6f
                                                                                                                                                                                                                                                        0x00bc7f75
                                                                                                                                                                                                                                                        0x00bc7f78
                                                                                                                                                                                                                                                        0x00bc7f7a
                                                                                                                                                                                                                                                        0x00bc7f84
                                                                                                                                                                                                                                                        0x00bc7f84
                                                                                                                                                                                                                                                        0x00bc7f87
                                                                                                                                                                                                                                                        0x00bc7f8f
                                                                                                                                                                                                                                                        0x00bc7f94
                                                                                                                                                                                                                                                        0x00bc7f99
                                                                                                                                                                                                                                                        0x00bc7fa1
                                                                                                                                                                                                                                                        0x00bc7fa4
                                                                                                                                                                                                                                                        0x00bc7fa6
                                                                                                                                                                                                                                                        0x00bc7fa9
                                                                                                                                                                                                                                                        0x00bc7faf
                                                                                                                                                                                                                                                        0x00bc7fc9
                                                                                                                                                                                                                                                        0x00bc7fc9
                                                                                                                                                                                                                                                        0x00bc7fca
                                                                                                                                                                                                                                                        0x00bc7fcb
                                                                                                                                                                                                                                                        0x00bc7fd0
                                                                                                                                                                                                                                                        0x00bc7fd3
                                                                                                                                                                                                                                                        0x00bc7fd5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7fb1
                                                                                                                                                                                                                                                        0x00bc7fb1
                                                                                                                                                                                                                                                        0x00bc7fb4
                                                                                                                                                                                                                                                        0x00bc7fb7
                                                                                                                                                                                                                                                        0x00bc7fb9
                                                                                                                                                                                                                                                        0x00bc7fbc
                                                                                                                                                                                                                                                        0x00bc7fbf
                                                                                                                                                                                                                                                        0x00bc7fda
                                                                                                                                                                                                                                                        0x00bc7fe0
                                                                                                                                                                                                                                                        0x00bc7fe1
                                                                                                                                                                                                                                                        0x00bc7fe3
                                                                                                                                                                                                                                                        0x00bc7fe4
                                                                                                                                                                                                                                                        0x00bc7fe5
                                                                                                                                                                                                                                                        0x00bc7fe6
                                                                                                                                                                                                                                                        0x00bc7fe9
                                                                                                                                                                                                                                                        0x00bc7fec
                                                                                                                                                                                                                                                        0x00bc7fee
                                                                                                                                                                                                                                                        0x00bc7ff1
                                                                                                                                                                                                                                                        0x00bc7ff3
                                                                                                                                                                                                                                                        0x00bc7ff6
                                                                                                                                                                                                                                                        0x00bc7ff8
                                                                                                                                                                                                                                                        0x00bc7ffb
                                                                                                                                                                                                                                                        0x00bc8002
                                                                                                                                                                                                                                                        0x00bc8009
                                                                                                                                                                                                                                                        0x00bc8011
                                                                                                                                                                                                                                                        0x00bc8015
                                                                                                                                                                                                                                                        0x00bc8017
                                                                                                                                                                                                                                                        0x00bc8019
                                                                                                                                                                                                                                                        0x00bc8019
                                                                                                                                                                                                                                                        0x00bc801b
                                                                                                                                                                                                                                                        0x00bc801e
                                                                                                                                                                                                                                                        0x00bc8020
                                                                                                                                                                                                                                                        0x00bc8023
                                                                                                                                                                                                                                                        0x00bc8027
                                                                                                                                                                                                                                                        0x00bc8029
                                                                                                                                                                                                                                                        0x00bc8029
                                                                                                                                                                                                                                                        0x00bc802c
                                                                                                                                                                                                                                                        0x00bc802e
                                                                                                                                                                                                                                                        0x00bc802f
                                                                                                                                                                                                                                                        0x00bc8030
                                                                                                                                                                                                                                                        0x00bc8033
                                                                                                                                                                                                                                                        0x00bc8034
                                                                                                                                                                                                                                                        0x00bc8039
                                                                                                                                                                                                                                                        0x00bc803c
                                                                                                                                                                                                                                                        0x00bc803f
                                                                                                                                                                                                                                                        0x00bc8053
                                                                                                                                                                                                                                                        0x00bc8056
                                                                                                                                                                                                                                                        0x00bc8056
                                                                                                                                                                                                                                                        0x00bc8059
                                                                                                                                                                                                                                                        0x00bc805f
                                                                                                                                                                                                                                                        0x00bc806d
                                                                                                                                                                                                                                                        0x00bc8070
                                                                                                                                                                                                                                                        0x00bc8073
                                                                                                                                                                                                                                                        0x00bc8075
                                                                                                                                                                                                                                                        0x00bc8078
                                                                                                                                                                                                                                                        0x00bc8083
                                                                                                                                                                                                                                                        0x00bc8089
                                                                                                                                                                                                                                                        0x00bc808a
                                                                                                                                                                                                                                                        0x00bc808b
                                                                                                                                                                                                                                                        0x00bc808c
                                                                                                                                                                                                                                                        0x00bc808d
                                                                                                                                                                                                                                                        0x00bc808e
                                                                                                                                                                                                                                                        0x00bc808f
                                                                                                                                                                                                                                                        0x00bc8090
                                                                                                                                                                                                                                                        0x00bc8091
                                                                                                                                                                                                                                                        0x00bc8092
                                                                                                                                                                                                                                                        0x00bc8093
                                                                                                                                                                                                                                                        0x00bc8097
                                                                                                                                                                                                                                                        0x00bc809a
                                                                                                                                                                                                                                                        0x00bc809c
                                                                                                                                                                                                                                                        0x00bc809e
                                                                                                                                                                                                                                                        0x00bc80a3
                                                                                                                                                                                                                                                        0x00bc80ad
                                                                                                                                                                                                                                                        0x00bc80b2
                                                                                                                                                                                                                                                        0x00bc80bc
                                                                                                                                                                                                                                                        0x00bc80be
                                                                                                                                                                                                                                                        0x00bc80c1
                                                                                                                                                                                                                                                        0x00bc80c4
                                                                                                                                                                                                                                                        0x00bc80c4
                                                                                                                                                                                                                                                        0x00bc80c7
                                                                                                                                                                                                                                                        0x00bc80c9
                                                                                                                                                                                                                                                        0x00bc80ce
                                                                                                                                                                                                                                                        0x00bc80d1
                                                                                                                                                                                                                                                        0x00bc80d4
                                                                                                                                                                                                                                                        0x00bc80d4
                                                                                                                                                                                                                                                        0x00bc80b4
                                                                                                                                                                                                                                                        0x00bc80b4
                                                                                                                                                                                                                                                        0x00bc80b7
                                                                                                                                                                                                                                                        0x00bc80b7
                                                                                                                                                                                                                                                        0x00bc80d9
                                                                                                                                                                                                                                                        0x00bc80d9
                                                                                                                                                                                                                                                        0x00bc80dc
                                                                                                                                                                                                                                                        0x00bc80de
                                                                                                                                                                                                                                                        0x00bc80e3
                                                                                                                                                                                                                                                        0x00bc80e6
                                                                                                                                                                                                                                                        0x00bc80e9
                                                                                                                                                                                                                                                        0x00bc80e9
                                                                                                                                                                                                                                                        0x00bc80a5
                                                                                                                                                                                                                                                        0x00bc80a5
                                                                                                                                                                                                                                                        0x00bc80a8
                                                                                                                                                                                                                                                        0x00bc80a8
                                                                                                                                                                                                                                                        0x00bc80ec
                                                                                                                                                                                                                                                        0x00bc80ee
                                                                                                                                                                                                                                                        0x00bc80f0
                                                                                                                                                                                                                                                        0x00bc80f0
                                                                                                                                                                                                                                                        0x00bc80f2
                                                                                                                                                                                                                                                        0x00bc80f2
                                                                                                                                                                                                                                                        0x00bc80f5
                                                                                                                                                                                                                                                        0x00bc80f7
                                                                                                                                                                                                                                                        0x00bc80f7
                                                                                                                                                                                                                                                        0x00bc80fc
                                                                                                                                                                                                                                                        0x00bc80fc
                                                                                                                                                                                                                                                        0x00bc80ff
                                                                                                                                                                                                                                                        0x00bc8101
                                                                                                                                                                                                                                                        0x00bc8104
                                                                                                                                                                                                                                                        0x00bc8105
                                                                                                                                                                                                                                                        0x00bc8106
                                                                                                                                                                                                                                                        0x00bc8107
                                                                                                                                                                                                                                                        0x00bc807a
                                                                                                                                                                                                                                                        0x00bc807a
                                                                                                                                                                                                                                                        0x00bc807d
                                                                                                                                                                                                                                                        0x00bc807f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc807f
                                                                                                                                                                                                                                                        0x00bc8061
                                                                                                                                                                                                                                                        0x00bc8061
                                                                                                                                                                                                                                                        0x00bc8061
                                                                                                                                                                                                                                                        0x00bc8062
                                                                                                                                                                                                                                                        0x00bc8063
                                                                                                                                                                                                                                                        0x00bc8068
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc8068
                                                                                                                                                                                                                                                        0x00bc8041
                                                                                                                                                                                                                                                        0x00bc8041
                                                                                                                                                                                                                                                        0x00bc8041
                                                                                                                                                                                                                                                        0x00bc8044
                                                                                                                                                                                                                                                        0x00bc8044
                                                                                                                                                                                                                                                        0x00bc8046
                                                                                                                                                                                                                                                        0x00bc804b
                                                                                                                                                                                                                                                        0x00bc804e
                                                                                                                                                                                                                                                        0x00bc804f
                                                                                                                                                                                                                                                        0x00bc8050
                                                                                                                                                                                                                                                        0x00bc8051
                                                                                                                                                                                                                                                        0x00bc8052
                                                                                                                                                                                                                                                        0x00bc8052
                                                                                                                                                                                                                                                        0x00bc7fc1
                                                                                                                                                                                                                                                        0x00bc7fc1
                                                                                                                                                                                                                                                        0x00bc7fc4
                                                                                                                                                                                                                                                        0x00bc7fc4
                                                                                                                                                                                                                                                        0x00bc7fc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7fc7
                                                                                                                                                                                                                                                        0x00bc7fbf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7f59
                                                                                                                                                                                                                                                        0x00bc7f59
                                                                                                                                                                                                                                                        0x00bc7f5b
                                                                                                                                                                                                                                                        0x00bc7f5e
                                                                                                                                                                                                                                                        0x00bc7f5f
                                                                                                                                                                                                                                                        0x00bc7f60
                                                                                                                                                                                                                                                        0x00bc7f61
                                                                                                                                                                                                                                                        0x00bc6c50
                                                                                                                                                                                                                                                        0x00bc6c51
                                                                                                                                                                                                                                                        0x00bc6c53
                                                                                                                                                                                                                                                        0x00bc6c54
                                                                                                                                                                                                                                                        0x00bc6c58
                                                                                                                                                                                                                                                        0x00bc6c5a
                                                                                                                                                                                                                                                        0x00bc6c60
                                                                                                                                                                                                                                                        0x00bc6c65
                                                                                                                                                                                                                                                        0x00bc6c68
                                                                                                                                                                                                                                                        0x00bc6c6b
                                                                                                                                                                                                                                                        0x00bc6c6b
                                                                                                                                                                                                                                                        0x00bc6c74
                                                                                                                                                                                                                                                        0x00bc6c8a
                                                                                                                                                                                                                                                        0x00bc6c8a
                                                                                                                                                                                                                                                        0x00bc6c8b
                                                                                                                                                                                                                                                        0x00bc6c8c
                                                                                                                                                                                                                                                        0x00bc6c94
                                                                                                                                                                                                                                                        0x00bc6c9e
                                                                                                                                                                                                                                                        0x00bc6c76
                                                                                                                                                                                                                                                        0x00bc6c76
                                                                                                                                                                                                                                                        0x00bc6c7c
                                                                                                                                                                                                                                                        0x00bc6c81
                                                                                                                                                                                                                                                        0x00bc6c9f
                                                                                                                                                                                                                                                        0x00bc6ca5
                                                                                                                                                                                                                                                        0x00bc6ca6
                                                                                                                                                                                                                                                        0x00bc6ca7
                                                                                                                                                                                                                                                        0x00bc6ca8
                                                                                                                                                                                                                                                        0x00bc6ca9
                                                                                                                                                                                                                                                        0x00bc6caa
                                                                                                                                                                                                                                                        0x00bc6cab
                                                                                                                                                                                                                                                        0x00bc6cac
                                                                                                                                                                                                                                                        0x00bc6cad
                                                                                                                                                                                                                                                        0x00bc6cae
                                                                                                                                                                                                                                                        0x00bc6caf
                                                                                                                                                                                                                                                        0x00bc6cb0
                                                                                                                                                                                                                                                        0x00bc6cb1
                                                                                                                                                                                                                                                        0x00bc6cb3
                                                                                                                                                                                                                                                        0x00bc6cb4
                                                                                                                                                                                                                                                        0x00bc6cb5
                                                                                                                                                                                                                                                        0x00bc6cb6
                                                                                                                                                                                                                                                        0x00bc6cb9
                                                                                                                                                                                                                                                        0x00bc6cc0
                                                                                                                                                                                                                                                        0x00bc6cc3
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6ccb
                                                                                                                                                                                                                                                        0x00bc6e42
                                                                                                                                                                                                                                                        0x00bc6e47
                                                                                                                                                                                                                                                        0x00bc6e48
                                                                                                                                                                                                                                                        0x00bc6e49
                                                                                                                                                                                                                                                        0x00bc6e4a
                                                                                                                                                                                                                                                        0x00bc6e4b
                                                                                                                                                                                                                                                        0x00bc6e4c
                                                                                                                                                                                                                                                        0x00bc6e4d
                                                                                                                                                                                                                                                        0x00bc6e4e
                                                                                                                                                                                                                                                        0x00bc6e4f
                                                                                                                                                                                                                                                        0x00bc6e50
                                                                                                                                                                                                                                                        0x00bc6e51
                                                                                                                                                                                                                                                        0x00bc6e53
                                                                                                                                                                                                                                                        0x00bc6e54
                                                                                                                                                                                                                                                        0x00bc6e55
                                                                                                                                                                                                                                                        0x00bc6e56
                                                                                                                                                                                                                                                        0x00bc6e59
                                                                                                                                                                                                                                                        0x00bc6e5c
                                                                                                                                                                                                                                                        0x00bc6e64
                                                                                                                                                                                                                                                        0x00bc6e6b
                                                                                                                                                                                                                                                        0x00bc6e6d
                                                                                                                                                                                                                                                        0x00bc6fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e75
                                                                                                                                                                                                                                                        0x00bc6e78
                                                                                                                                                                                                                                                        0x00bc6e7b
                                                                                                                                                                                                                                                        0x00bc6e80
                                                                                                                                                                                                                                                        0x00bc6e83
                                                                                                                                                                                                                                                        0x00bc6e86
                                                                                                                                                                                                                                                        0x00bc6e8b
                                                                                                                                                                                                                                                        0x00bc6e99
                                                                                                                                                                                                                                                        0x00bc6e9d
                                                                                                                                                                                                                                                        0x00bc6e9f
                                                                                                                                                                                                                                                        0x00bc6ea1
                                                                                                                                                                                                                                                        0x00bc6ea4
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea9
                                                                                                                                                                                                                                                        0x00bc6eab
                                                                                                                                                                                                                                                        0x00bc6eae
                                                                                                                                                                                                                                                        0x00bc6eb4
                                                                                                                                                                                                                                                        0x00bc6ebc
                                                                                                                                                                                                                                                        0x00bc6ebf
                                                                                                                                                                                                                                                        0x00bc6ec2
                                                                                                                                                                                                                                                        0x00bc6ec4
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6f62
                                                                                                                                                                                                                                                        0x00bc6f66
                                                                                                                                                                                                                                                        0x00bc6f68
                                                                                                                                                                                                                                                        0x00bc6f73
                                                                                                                                                                                                                                                        0x00bc6f80
                                                                                                                                                                                                                                                        0x00bc6f8b
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6fab
                                                                                                                                                                                                                                                        0x00bc6fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ed7
                                                                                                                                                                                                                                                        0x00bc6ed9
                                                                                                                                                                                                                                                        0x00bc6edc
                                                                                                                                                                                                                                                        0x00bc6ee7
                                                                                                                                                                                                                                                        0x00bc6ef4
                                                                                                                                                                                                                                                        0x00bc6f1f
                                                                                                                                                                                                                                                        0x00bc6f24
                                                                                                                                                                                                                                                        0x00bc6f27
                                                                                                                                                                                                                                                        0x00bc6f2a
                                                                                                                                                                                                                                                        0x00bc6f2c
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f33
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f51
                                                                                                                                                                                                                                                        0x00bc6f52
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fc0
                                                                                                                                                                                                                                                        0x00bc6f3a
                                                                                                                                                                                                                                                        0x00bc6f3c
                                                                                                                                                                                                                                                        0x00bc6f44
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fce
                                                                                                                                                                                                                                                        0x00bc6fcf
                                                                                                                                                                                                                                                        0x00bc6fd0
                                                                                                                                                                                                                                                        0x00bc6fd1
                                                                                                                                                                                                                                                        0x00bc6fd3
                                                                                                                                                                                                                                                        0x00bc6fd4
                                                                                                                                                                                                                                                        0x00bc6fd5
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7153
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7155
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ff9
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc6ffe
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7021
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc6f49
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd4
                                                                                                                                                                                                                                                        0x00bc6cd7
                                                                                                                                                                                                                                                        0x00bc6cda
                                                                                                                                                                                                                                                        0x00bc6cdc
                                                                                                                                                                                                                                                        0x00bc6cdf
                                                                                                                                                                                                                                                        0x00bc6ce1
                                                                                                                                                                                                                                                        0x00bc6d1c
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1f
                                                                                                                                                                                                                                                        0x00bc6d5a
                                                                                                                                                                                                                                                        0x00bc6d5d
                                                                                                                                                                                                                                                        0x00bc6d60
                                                                                                                                                                                                                                                        0x00bc6d62
                                                                                                                                                                                                                                                        0x00bc6d64
                                                                                                                                                                                                                                                        0x00bc6da4
                                                                                                                                                                                                                                                        0x00bc6dab
                                                                                                                                                                                                                                                        0x00bc6dae
                                                                                                                                                                                                                                                        0x00bc6db1
                                                                                                                                                                                                                                                        0x00bc6db3
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db7
                                                                                                                                                                                                                                                        0x00bc6dbd
                                                                                                                                                                                                                                                        0x00bc6dc0
                                                                                                                                                                                                                                                        0x00bc6dc3
                                                                                                                                                                                                                                                        0x00bc6dc9
                                                                                                                                                                                                                                                        0x00bc6dcc
                                                                                                                                                                                                                                                        0x00bc6dcf
                                                                                                                                                                                                                                                        0x00bc6dd5
                                                                                                                                                                                                                                                        0x00bc6dd7
                                                                                                                                                                                                                                                        0x00bc6dda
                                                                                                                                                                                                                                                        0x00bc6ddc
                                                                                                                                                                                                                                                        0x00bc6dde
                                                                                                                                                                                                                                                        0x00bc6de1
                                                                                                                                                                                                                                                        0x00bc6de6
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6deb
                                                                                                                                                                                                                                                        0x00bc6df6
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6e06
                                                                                                                                                                                                                                                        0x00bc6e16
                                                                                                                                                                                                                                                        0x00bc6e1a
                                                                                                                                                                                                                                                        0x00bc6e1f
                                                                                                                                                                                                                                                        0x00bc6e38
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d66
                                                                                                                                                                                                                                                        0x00bc6d6c
                                                                                                                                                                                                                                                        0x00bc6d73
                                                                                                                                                                                                                                                        0x00bc6d77
                                                                                                                                                                                                                                                        0x00bc6d7a
                                                                                                                                                                                                                                                        0x00bc6d81
                                                                                                                                                                                                                                                        0x00bc6d85
                                                                                                                                                                                                                                                        0x00bc6d88
                                                                                                                                                                                                                                                        0x00bc6d8c
                                                                                                                                                                                                                                                        0x00bc6d98
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d21
                                                                                                                                                                                                                                                        0x00bc6d23
                                                                                                                                                                                                                                                        0x00bc6d25
                                                                                                                                                                                                                                                        0x00bc6d28
                                                                                                                                                                                                                                                        0x00bc6d2c
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d30
                                                                                                                                                                                                                                                        0x00bc6d36
                                                                                                                                                                                                                                                        0x00bc6d42
                                                                                                                                                                                                                                                        0x00bc6d47
                                                                                                                                                                                                                                                        0x00bc6d55
                                                                                                                                                                                                                                                        0x00bc6d56
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce7
                                                                                                                                                                                                                                                        0x00bc6ce9
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ced
                                                                                                                                                                                                                                                        0x00bc6cf3
                                                                                                                                                                                                                                                        0x00bc6cf3
                                                                                                                                                                                                                                                        0x00bc6cf8
                                                                                                                                                                                                                                                        0x00bc6cf9
                                                                                                                                                                                                                                                        0x00bc6cfa
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6d00
                                                                                                                                                                                                                                                        0x00bc6d06
                                                                                                                                                                                                                                                        0x00bc6d08
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c86
                                                                                                                                                                                                                                                        0x00bc6c88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6c88
                                                                                                                                                                                                                                                        0x00bc6c81
                                                                                                                                                                                                                                                        0x00bc6c74
                                                                                                                                                                                                                                                        0x00bc7f57
                                                                                                                                                                                                                                                        0x00bc7f19
                                                                                                                                                                                                                                                        0x00bc7f19
                                                                                                                                                                                                                                                        0x00bc7f1b
                                                                                                                                                                                                                                                        0x00bc7f1b
                                                                                                                                                                                                                                                        0x00bc7f1e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7f1e
                                                                                                                                                                                                                                                        0x00bc7f17
                                                                                                                                                                                                                                                        0x00bc7f08
                                                                                                                                                                                                                                                        0x00bc7dc7

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,00000000,?,?,?,?,00BC7A43), ref: 00BC7E0C
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,0000000A,?,?,00BC7A43), ref: 00BC7E41
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00BC7A43), ref: 00BC7E50
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,00BC7A43), ref: 00BC7EF3
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,0000000A,?,?,?,?,00BC7A43), ref: 00BC7F22
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,00BC7A43), ref: 00BC7F35
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturnmemcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1214998048-0
                                                                                                                                                                                                                                                        • Opcode ID: fca1a7c025fa06dafee867270e18c0541aa43c24e2d21380484b19110c35176b
                                                                                                                                                                                                                                                        • Instruction ID: bd3984daa0cf6ffec9f27ac61621944eb42b8be9107b34582a18be1bc7874cac
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fca1a7c025fa06dafee867270e18c0541aa43c24e2d21380484b19110c35176b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F831F7B26041046FD7289A19ECC4D7BB7EEEF8132472406BDF506CB691DE21E941CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 67%
                                                                                                                                                                                                                                                        			E00BC7330(void* __ecx, intOrPtr _a4, int _a12, signed int _a16) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				signed short* _v16;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				int _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t72;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				void* _t84;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				int _t94;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				intOrPtr* _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				unsigned int _t102;
                                                                                                                                                                                                                                                        				intOrPtr _t103;
                                                                                                                                                                                                                                                        				int _t104;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        				signed int _t110;
                                                                                                                                                                                                                                                        				signed int _t112;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        				int _t117;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed int _t123;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t94 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t103 = _a4;
                                                                                                                                                                                                                                                        				_t114 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t94 < _t103) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t112 = _t103 + _t94;
                                                                                                                                                                                                                                                        					_v32 = _t94;
                                                                                                                                                                                                                                                        					_v36 = __ecx;
                                                                                                                                                                                                                                                        					_v20 =  *((intOrPtr*)(__ecx + 0x14));
                                                                                                                                                                                                                                                        					_t70 = _t112 | 0x0000000f;
                                                                                                                                                                                                                                                        					if(_t70 >= 0) {
                                                                                                                                                                                                                                                        						_t102 = _v20;
                                                                                                                                                                                                                                                        						_t120 = _t102 >> 1;
                                                                                                                                                                                                                                                        						_t114 = _t120 + _t102;
                                                                                                                                                                                                                                                        						_t93 = _t120 ^ 0x7fffffff;
                                                                                                                                                                                                                                                        						if(_t70 >= _t114) {
                                                                                                                                                                                                                                                        							_t114 = _t70;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v20 > _t93) {
                                                                                                                                                                                                                                                        							_t114 = 0x7fffffff;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t77 = _v36;
                                                                                                                                                                                                                                                        					_t10 = _t114 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t72 = E00BBD730(_t10);
                                                                                                                                                                                                                                                        					 *(_t77 + 0x10) = _t112;
                                                                                                                                                                                                                                                        					 *(_t77 + 0x14) = _t114;
                                                                                                                                                                                                                                                        					_t114 = _v20;
                                                                                                                                                                                                                                                        					_v28 = _t72;
                                                                                                                                                                                                                                                        					if(_t114 >= 0x10) {
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t104 = _v32;
                                                                                                                                                                                                                                                        						_t56 =  *_t77;
                                                                                                                                                                                                                                                        						_v24 = _t56;
                                                                                                                                                                                                                                                        						_t78 = _v28;
                                                                                                                                                                                                                                                        						memcpy(_t78, _t56, _t104);
                                                                                                                                                                                                                                                        						memset(_t78 + _t104, _a16 & 0x000000ff, _a12);
                                                                                                                                                                                                                                                        						_t105 = _t104 + _a12;
                                                                                                                                                                                                                                                        						_t28 = _t114 + 1; // 0x80000000
                                                                                                                                                                                                                                                        						_t83 = _t28;
                                                                                                                                                                                                                                                        						__eflags = _t83 - 0x1000;
                                                                                                                                                                                                                                                        						 *((char*)(_t78 + _t105)) = 0;
                                                                                                                                                                                                                                                        						if(_t83 < 0x1000) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_push(_t83);
                                                                                                                                                                                                                                                        							_push(_v24);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t79 = _v36;
                                                                                                                                                                                                                                                        							goto L7;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t84 = _v24;
                                                                                                                                                                                                                                                        							_t63 =  *(_t84 - 4);
                                                                                                                                                                                                                                                        							__eflags = _t84 + 0xfffffffc - _t63 - 0x20;
                                                                                                                                                                                                                                                        							if(_t84 + 0xfffffffc - _t63 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t78);
                                                                                                                                                                                                                                                        								_push(_t105);
                                                                                                                                                                                                                                                        								_push(_t114);
                                                                                                                                                                                                                                                        								_t87 = _v12;
                                                                                                                                                                                                                                                        								_t64 = 0xffffffff;
                                                                                                                                                                                                                                                        								_t97 = _v24 - _t87;
                                                                                                                                                                                                                                                        								__eflags = _t97;
                                                                                                                                                                                                                                                        								if(_t97 >= 0) {
                                                                                                                                                                                                                                                        									_t106 = _v20;
                                                                                                                                                                                                                                                        									__eflags = _t97 - _t106;
                                                                                                                                                                                                                                                        									if(_t97 >= _t106) {
                                                                                                                                                                                                                                                        										__eflags = _t87;
                                                                                                                                                                                                                                                        										if(_t87 == 0) {
                                                                                                                                                                                                                                                        											return _t106;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t115 = _v28;
                                                                                                                                                                                                                                                        										_t80 = _t115 + 2 + _t97 * 2;
                                                                                                                                                                                                                                                        										_t98 = _t115 + _t106 * 2;
                                                                                                                                                                                                                                                        										_t108 = _t80 - _t98;
                                                                                                                                                                                                                                                        										__eflags = _t108;
                                                                                                                                                                                                                                                        										if(_t108 != 0) {
                                                                                                                                                                                                                                                        											_t123 =  *_v16 & 0x0000ffff;
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												_t109 = _t108 >> 1;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													__eflags =  *_t98 - _t123;
                                                                                                                                                                                                                                                        													if( *_t98 == _t123) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t98 = _t98 + 2;
                                                                                                                                                                                                                                                        													_t109 = _t109 - 1;
                                                                                                                                                                                                                                                        													__eflags = _t109;
                                                                                                                                                                                                                                                        													if(_t109 != 0) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													return _t64;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t110 = 1;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													__eflags = _t87 - _t110;
                                                                                                                                                                                                                                                        													if(_t87 == _t110) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags = ( *(_t98 + _t110 * 2) & 0x0000ffff) - _v16[_t110];
                                                                                                                                                                                                                                                        													_t115 = _v28;
                                                                                                                                                                                                                                                        													_t64 = 0xffffffff;
                                                                                                                                                                                                                                                        													_t110 = _t110 + 1;
                                                                                                                                                                                                                                                        													if(__eflags == 0) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L27;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t99 = _t98 - _t115;
                                                                                                                                                                                                                                                        												__eflags = _t99;
                                                                                                                                                                                                                                                        												return _t99 >> 1;
                                                                                                                                                                                                                                                        												L27:
                                                                                                                                                                                                                                                        												_t98 = _t98 + 2;
                                                                                                                                                                                                                                                        												_t108 = _t80 - _t98;
                                                                                                                                                                                                                                                        												__eflags = _t108;
                                                                                                                                                                                                                                                        											} while (_t108 != 0);
                                                                                                                                                                                                                                                        											return 0xffffffff;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								return _t64;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v24 = _t63;
                                                                                                                                                                                                                                                        								_t83 = _v20 + 0x24;
                                                                                                                                                                                                                                                        								__eflags = _t83;
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t117 = _v32;
                                                                                                                                                                                                                                                        						_t113 = _v28;
                                                                                                                                                                                                                                                        						memcpy(_t113, _t77, _t117);
                                                                                                                                                                                                                                                        						memset(_t113 + _t117, _a16 & 0x000000ff, _a12);
                                                                                                                                                                                                                                                        						 *((char*)(_t113 + _t117 + _a12)) = 0;
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						 *_t79 = _v28;
                                                                                                                                                                                                                                                        						return _t79;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































                                                                                                                                                                                                                                                        0x00bc7339
                                                                                                                                                                                                                                                        0x00bc733c
                                                                                                                                                                                                                                                        0x00bc7344
                                                                                                                                                                                                                                                        0x00bc734d
                                                                                                                                                                                                                                                        0x00bc73e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7353
                                                                                                                                                                                                                                                        0x00bc7356
                                                                                                                                                                                                                                                        0x00bc7358
                                                                                                                                                                                                                                                        0x00bc735b
                                                                                                                                                                                                                                                        0x00bc735e
                                                                                                                                                                                                                                                        0x00bc7363
                                                                                                                                                                                                                                                        0x00bc7366
                                                                                                                                                                                                                                                        0x00bc7368
                                                                                                                                                                                                                                                        0x00bc736d
                                                                                                                                                                                                                                                        0x00bc7371
                                                                                                                                                                                                                                                        0x00bc7373
                                                                                                                                                                                                                                                        0x00bc737b
                                                                                                                                                                                                                                                        0x00bc737d
                                                                                                                                                                                                                                                        0x00bc737d
                                                                                                                                                                                                                                                        0x00bc7382
                                                                                                                                                                                                                                                        0x00bc7453
                                                                                                                                                                                                                                                        0x00bc7453
                                                                                                                                                                                                                                                        0x00bc7382
                                                                                                                                                                                                                                                        0x00bc7388
                                                                                                                                                                                                                                                        0x00bc738b
                                                                                                                                                                                                                                                        0x00bc7391
                                                                                                                                                                                                                                                        0x00bc7396
                                                                                                                                                                                                                                                        0x00bc7399
                                                                                                                                                                                                                                                        0x00bc739c
                                                                                                                                                                                                                                                        0x00bc739f
                                                                                                                                                                                                                                                        0x00bc73a5
                                                                                                                                                                                                                                                        0x00bc73eb
                                                                                                                                                                                                                                                        0x00bc73eb
                                                                                                                                                                                                                                                        0x00bc73ee
                                                                                                                                                                                                                                                        0x00bc73f1
                                                                                                                                                                                                                                                        0x00bc73f5
                                                                                                                                                                                                                                                        0x00bc73f9
                                                                                                                                                                                                                                                        0x00bc740f
                                                                                                                                                                                                                                                        0x00bc7417
                                                                                                                                                                                                                                                        0x00bc741a
                                                                                                                                                                                                                                                        0x00bc741a
                                                                                                                                                                                                                                                        0x00bc741d
                                                                                                                                                                                                                                                        0x00bc7423
                                                                                                                                                                                                                                                        0x00bc7427
                                                                                                                                                                                                                                                        0x00bc7442
                                                                                                                                                                                                                                                        0x00bc7442
                                                                                                                                                                                                                                                        0x00bc7443
                                                                                                                                                                                                                                                        0x00bc7446
                                                                                                                                                                                                                                                        0x00bc744e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7429
                                                                                                                                                                                                                                                        0x00bc7429
                                                                                                                                                                                                                                                        0x00bc742c
                                                                                                                                                                                                                                                        0x00bc7434
                                                                                                                                                                                                                                                        0x00bc7437
                                                                                                                                                                                                                                                        0x00bc745d
                                                                                                                                                                                                                                                        0x00bc7463
                                                                                                                                                                                                                                                        0x00bc7464
                                                                                                                                                                                                                                                        0x00bc7465
                                                                                                                                                                                                                                                        0x00bc7466
                                                                                                                                                                                                                                                        0x00bc7467
                                                                                                                                                                                                                                                        0x00bc7468
                                                                                                                                                                                                                                                        0x00bc7469
                                                                                                                                                                                                                                                        0x00bc746a
                                                                                                                                                                                                                                                        0x00bc746b
                                                                                                                                                                                                                                                        0x00bc746c
                                                                                                                                                                                                                                                        0x00bc746d
                                                                                                                                                                                                                                                        0x00bc746e
                                                                                                                                                                                                                                                        0x00bc746f
                                                                                                                                                                                                                                                        0x00bc7471
                                                                                                                                                                                                                                                        0x00bc7472
                                                                                                                                                                                                                                                        0x00bc7473
                                                                                                                                                                                                                                                        0x00bc7474
                                                                                                                                                                                                                                                        0x00bc747c
                                                                                                                                                                                                                                                        0x00bc7481
                                                                                                                                                                                                                                                        0x00bc7481
                                                                                                                                                                                                                                                        0x00bc7483
                                                                                                                                                                                                                                                        0x00bc7485
                                                                                                                                                                                                                                                        0x00bc7489
                                                                                                                                                                                                                                                        0x00bc748b
                                                                                                                                                                                                                                                        0x00bc748d
                                                                                                                                                                                                                                                        0x00bc748f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74fd
                                                                                                                                                                                                                                                        0x00bc7491
                                                                                                                                                                                                                                                        0x00bc7495
                                                                                                                                                                                                                                                        0x00bc7499
                                                                                                                                                                                                                                                        0x00bc749e
                                                                                                                                                                                                                                                        0x00bc749e
                                                                                                                                                                                                                                                        0x00bc74a0
                                                                                                                                                                                                                                                        0x00bc74a6
                                                                                                                                                                                                                                                        0x00bc74aa
                                                                                                                                                                                                                                                        0x00bc74aa
                                                                                                                                                                                                                                                        0x00bc74b0
                                                                                                                                                                                                                                                        0x00bc74b0
                                                                                                                                                                                                                                                        0x00bc74b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74b5
                                                                                                                                                                                                                                                        0x00bc74b8
                                                                                                                                                                                                                                                        0x00bc74b8
                                                                                                                                                                                                                                                        0x00bc74b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74b9
                                                                                                                                                                                                                                                        0x00bc74c0
                                                                                                                                                                                                                                                        0x00bc74c5
                                                                                                                                                                                                                                                        0x00bc74c5
                                                                                                                                                                                                                                                        0x00bc74c7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74d3
                                                                                                                                                                                                                                                        0x00bc74d9
                                                                                                                                                                                                                                                        0x00bc74dd
                                                                                                                                                                                                                                                        0x00bc74e2
                                                                                                                                                                                                                                                        0x00bc74e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74e5
                                                                                                                                                                                                                                                        0x00bc74f2
                                                                                                                                                                                                                                                        0x00bc74f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74e7
                                                                                                                                                                                                                                                        0x00bc74e7
                                                                                                                                                                                                                                                        0x00bc74ec
                                                                                                                                                                                                                                                        0x00bc74ec
                                                                                                                                                                                                                                                        0x00bc74ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74aa
                                                                                                                                                                                                                                                        0x00bc74a0
                                                                                                                                                                                                                                                        0x00bc748b
                                                                                                                                                                                                                                                        0x00bc74fc
                                                                                                                                                                                                                                                        0x00bc7439
                                                                                                                                                                                                                                                        0x00bc743c
                                                                                                                                                                                                                                                        0x00bc743f
                                                                                                                                                                                                                                                        0x00bc743f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc743f
                                                                                                                                                                                                                                                        0x00bc7437
                                                                                                                                                                                                                                                        0x00bc73a7
                                                                                                                                                                                                                                                        0x00bc73a7
                                                                                                                                                                                                                                                        0x00bc73ac
                                                                                                                                                                                                                                                        0x00bc73b0
                                                                                                                                                                                                                                                        0x00bc73c6
                                                                                                                                                                                                                                                        0x00bc73d1
                                                                                                                                                                                                                                                        0x00bc73d5
                                                                                                                                                                                                                                                        0x00bc73d8
                                                                                                                                                                                                                                                        0x00bc73e3
                                                                                                                                                                                                                                                        0x00bc73e3
                                                                                                                                                                                                                                                        0x00bc73a5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(80000000,?,?,80000000,00000000,?,?,?,00BC72E9,?,?,?,?,?,00000000), ref: 00BC73B0
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC73C6
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,?,00000000,?,?,?,00BC72E9,?,?,?,?,?,00000000), ref: 00BC73F9
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC740F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,80000000,?,?,?,?,?,?,00000000,?,?,?,00BC72E9), ref: 00BC7446
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,00000000,?,?,?,00BC72E9,?,?,?,?,?), ref: 00BC745D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpymemset$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1558069132-0
                                                                                                                                                                                                                                                        • Opcode ID: 60cfc36a1feece76c1e1a192f21d6dcccdf6d8d158307044761e567e5adda64d
                                                                                                                                                                                                                                                        • Instruction ID: de1f152765eeb5a3810baa307dc98c4d53528928dccb9147d7594a34865f24bc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 60cfc36a1feece76c1e1a192f21d6dcccdf6d8d158307044761e567e5adda64d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4A41A5B2D042569BCF04DF55CC819BF7BB5BF85310B244669EC25A7381DB30AD118BB1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BBE810(void* __ecx, signed int _a4, void* _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				void* _v0;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				unsigned int _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				void _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				unsigned int _v58;
                                                                                                                                                                                                                                                        				short _v60;
                                                                                                                                                                                                                                                        				unsigned int _v62;
                                                                                                                                                                                                                                                        				short _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v92;
                                                                                                                                                                                                                                                        				void _v332;
                                                                                                                                                                                                                                                        				long _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t98;
                                                                                                                                                                                                                                                        				unsigned int _t107;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        				long _t112;
                                                                                                                                                                                                                                                        				int _t115;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				void* _t121;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				intOrPtr _t137;
                                                                                                                                                                                                                                                        				void _t138;
                                                                                                                                                                                                                                                        				void _t143;
                                                                                                                                                                                                                                                        				unsigned int _t144;
                                                                                                                                                                                                                                                        				void* _t156;
                                                                                                                                                                                                                                                        				unsigned int _t158;
                                                                                                                                                                                                                                                        				void* _t160;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				void* _t165;
                                                                                                                                                                                                                                                        				signed int _t168;
                                                                                                                                                                                                                                                        				unsigned int _t169;
                                                                                                                                                                                                                                                        				unsigned int _t171;
                                                                                                                                                                                                                                                        				void* _t172;
                                                                                                                                                                                                                                                        				signed int _t173;
                                                                                                                                                                                                                                                        				signed int _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				void* _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				intOrPtr _t183;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t135 = __ecx;
                                                                                                                                                                                                                                                        				_t182 = _t181 - 0x10;
                                                                                                                                                                                                                                                        				_t161 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t173 = _a4;
                                                                                                                                                                                                                                                        				_t132 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t161 < _t173) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L13;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t175 = _t173 + _t161;
                                                                                                                                                                                                                                                        					_t169 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_v28 = _t161;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					_t119 = _t175 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t119 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t132 = 0x7ffffffe;
                                                                                                                                                                                                                                                        						_t158 = _t169 >> 1;
                                                                                                                                                                                                                                                        						_t160 =  >=  ? _t119 : _t158 + _t169;
                                                                                                                                                                                                                                                        						if(_t169 <= 0x7ffffffe - _t158) {
                                                                                                                                                                                                                                                        							_t132 = _t160;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v32 = _t169;
                                                                                                                                                                                                                                                        					_t7 = _t132 + 1; // 0x7fffffff
                                                                                                                                                                                                                                                        					_t133 = _v20;
                                                                                                                                                                                                                                                        					_t121 = E00BBA8A0(_t7);
                                                                                                                                                                                                                                                        					 *(_t133 + 0x10) = _t175;
                                                                                                                                                                                                                                                        					 *(_t133 + 0x14) = _t132;
                                                                                                                                                                                                                                                        					_t171 = _v32;
                                                                                                                                                                                                                                                        					if(_t171 < 8) {
                                                                                                                                                                                                                                                        						_t176 = _v28;
                                                                                                                                                                                                                                                        						_t172 = _t133;
                                                                                                                                                                                                                                                        						_t134 = _t121;
                                                                                                                                                                                                                                                        						memcpy(_t121, _t133, _t176 + _t176);
                                                                                                                                                                                                                                                        						memcpy(_t134 + _t176 * 2, _a12, _a16 + _a16);
                                                                                                                                                                                                                                                        						 *((short*)(_t134 + (_t176 + _a16) * 2)) = 0;
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t178 = _v28;
                                                                                                                                                                                                                                                        						_t165 =  *_t133;
                                                                                                                                                                                                                                                        						_v24 = _t165;
                                                                                                                                                                                                                                                        						_t132 = _t121;
                                                                                                                                                                                                                                                        						memcpy(_t121, _t165, _t178 + _t178);
                                                                                                                                                                                                                                                        						memcpy(_t132 + _t178 * 2, _a12, _a16 + _a16);
                                                                                                                                                                                                                                                        						_t182 = _t182 + 0x18;
                                                                                                                                                                                                                                                        						_t173 = _t178 + _a16;
                                                                                                                                                                                                                                                        						_t168 = _t171 + 1;
                                                                                                                                                                                                                                                        						 *((short*)(_t132 + _t173 * 2)) = 0;
                                                                                                                                                                                                                                                        						if((_t168 & 0x7ffff800) != 0) {
                                                                                                                                                                                                                                                        							_t156 = _v24;
                                                                                                                                                                                                                                                        							_t135 =  *(_t156 - 4);
                                                                                                                                                                                                                                                        							if(_t156 + 0xfffffffc - _t135 >= 0x20) {
                                                                                                                                                                                                                                                        								L13:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t180 = _t182;
                                                                                                                                                                                                                                                        								_t183 = _t182 - 0x138;
                                                                                                                                                                                                                                                        								_v68 = _t183;
                                                                                                                                                                                                                                                        								_v48 = 0xffffffff;
                                                                                                                                                                                                                                                        								_v52 = 0xbf9620;
                                                                                                                                                                                                                                                        								_v56 = 0xbef860;
                                                                                                                                                                                                                                                        								_t174 = _t135;
                                                                                                                                                                                                                                                        								_v60 =  *[fs:0x0];
                                                                                                                                                                                                                                                        								_t44 = _t174 + 4; // 0xbfa7a0
                                                                                                                                                                                                                                                        								_t137 = _t44;
                                                                                                                                                                                                                                                        								 *[fs:0x0] =  &_v60;
                                                                                                                                                                                                                                                        								_v92 = _t137;
                                                                                                                                                                                                                                                        								__imp__AcquireSRWLockExclusive(_t137, _t173, _t168, _t132, _t179);
                                                                                                                                                                                                                                                        								_t138 =  *_t135;
                                                                                                                                                                                                                                                        								if(_t138 != 0) {
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_v52 = _t138;
                                                                                                                                                                                                                                                        										_v24 = 0;
                                                                                                                                                                                                                                                        										_t97 = WideCharToMultiByte(0xfde9, 0,  *(_t138 + 4), ( *_t138 & 0x0000ffff) >> 1,  &_v332, 0x104, 0, 0);
                                                                                                                                                                                                                                                        										if(_t97 == 0 || WriteFile(_v0,  &_v332, _t97,  &_v48, 0) == 0) {
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											if(( *(_v52 + 8) &  *(_v52 + 0xc)) == 0xffffffff) {
                                                                                                                                                                                                                                                        												L17:
                                                                                                                                                                                                                                                        												_v24 = 0;
                                                                                                                                                                                                                                                        												WriteFile(_v0, 0xbf361f, 1,  &_v48, 0);
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												WriteFile(_v0, 0xbf3c66, 1,  &_v48, 0);
                                                                                                                                                                                                                                                        												_t143 = _v52;
                                                                                                                                                                                                                                                        												_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        												_v56 = 0;
                                                                                                                                                                                                                                                        												_t107 =  *(_t143 + 8);
                                                                                                                                                                                                                                                        												_t144 =  *(_t143 + 0xc);
                                                                                                                                                                                                                                                        												_v64 = _t144 >> 0x10;
                                                                                                                                                                                                                                                        												_v62 = _t144;
                                                                                                                                                                                                                                                        												_v60 = _t107 >> 0x10;
                                                                                                                                                                                                                                                        												_v58 = _t107;
                                                                                                                                                                                                                                                        												E00BBEB70(_t107);
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													_t109 = _v56;
                                                                                                                                                                                                                                                        													if(_t109 >= 4) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v24 = 0;
                                                                                                                                                                                                                                                        													__imp___ltoa( *(_t180 + _t109 * 2 - 0x38) & 0x0000ffff,  &_v332, 0xa);
                                                                                                                                                                                                                                                        													_t112 = strlen( &_v332);
                                                                                                                                                                                                                                                        													_t183 = _t183 + 0x10;
                                                                                                                                                                                                                                                        													_t115 = E00BBEB70(WriteFile(_v0,  &_v332, _t112,  &_v48, 0));
                                                                                                                                                                                                                                                        													if(_v56 != 3) {
                                                                                                                                                                                                                                                        														_t115 = WriteFile(_v0, 0xbf3c64, 1,  &_v48, 0);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v56 = _v56 + 1;
                                                                                                                                                                                                                                                        													E00BBEB70(_t115);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        												goto L17;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        										L18:
                                                                                                                                                                                                                                                        										_t138 =  *(_v52 + 0x10);
                                                                                                                                                                                                                                                        									} while (_t138 != 0);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L27:
                                                                                                                                                                                                                                                        								_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        								__imp__ReleaseSRWLockExclusive(_v68);
                                                                                                                                                                                                                                                        								_t98 = _v36;
                                                                                                                                                                                                                                                        								 *[fs:0x0] = _t98;
                                                                                                                                                                                                                                                        								return _t98;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t172 = _v20;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t172 = _v20;
                                                                                                                                                                                                                                                        							_t135 = _v24;
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							free(_t135);
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							 *_t172 = _t134;
                                                                                                                                                                                                                                                        							return _t172;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L28:
                                                                                                                                                                                                                                                        			}




















































                                                                                                                                                                                                                                                        0x00bbe810
                                                                                                                                                                                                                                                        0x00bbe816
                                                                                                                                                                                                                                                        0x00bbe819
                                                                                                                                                                                                                                                        0x00bbe81c
                                                                                                                                                                                                                                                        0x00bbe824
                                                                                                                                                                                                                                                        0x00bbe82d
                                                                                                                                                                                                                                                        0x00bbe931
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe833
                                                                                                                                                                                                                                                        0x00bbe833
                                                                                                                                                                                                                                                        0x00bbe835
                                                                                                                                                                                                                                                        0x00bbe838
                                                                                                                                                                                                                                                        0x00bbe83b
                                                                                                                                                                                                                                                        0x00bbe840
                                                                                                                                                                                                                                                        0x00bbe848
                                                                                                                                                                                                                                                        0x00bbe851
                                                                                                                                                                                                                                                        0x00bbe856
                                                                                                                                                                                                                                                        0x00bbe85e
                                                                                                                                                                                                                                                        0x00bbe863
                                                                                                                                                                                                                                                        0x00bbe865
                                                                                                                                                                                                                                                        0x00bbe865
                                                                                                                                                                                                                                                        0x00bbe863
                                                                                                                                                                                                                                                        0x00bbe867
                                                                                                                                                                                                                                                        0x00bbe86c
                                                                                                                                                                                                                                                        0x00bbe86f
                                                                                                                                                                                                                                                        0x00bbe875
                                                                                                                                                                                                                                                        0x00bbe87a
                                                                                                                                                                                                                                                        0x00bbe87d
                                                                                                                                                                                                                                                        0x00bbe880
                                                                                                                                                                                                                                                        0x00bbe886
                                                                                                                                                                                                                                                        0x00bbe8e5
                                                                                                                                                                                                                                                        0x00bbe8ee
                                                                                                                                                                                                                                                        0x00bbe8f0
                                                                                                                                                                                                                                                        0x00bbe8f2
                                                                                                                                                                                                                                                        0x00bbe907
                                                                                                                                                                                                                                                        0x00bbe912
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe888
                                                                                                                                                                                                                                                        0x00bbe888
                                                                                                                                                                                                                                                        0x00bbe88b
                                                                                                                                                                                                                                                        0x00bbe891
                                                                                                                                                                                                                                                        0x00bbe896
                                                                                                                                                                                                                                                        0x00bbe898
                                                                                                                                                                                                                                                        0x00bbe8ad
                                                                                                                                                                                                                                                        0x00bbe8b2
                                                                                                                                                                                                                                                        0x00bbe8b5
                                                                                                                                                                                                                                                        0x00bbe8b8
                                                                                                                                                                                                                                                        0x00bbe8bf
                                                                                                                                                                                                                                                        0x00bbe8c5
                                                                                                                                                                                                                                                        0x00bbe91a
                                                                                                                                                                                                                                                        0x00bbe91f
                                                                                                                                                                                                                                                        0x00bbe92a
                                                                                                                                                                                                                                                        0x00bbe936
                                                                                                                                                                                                                                                        0x00bbe936
                                                                                                                                                                                                                                                        0x00bbe93c
                                                                                                                                                                                                                                                        0x00bbe93d
                                                                                                                                                                                                                                                        0x00bbe93e
                                                                                                                                                                                                                                                        0x00bbe93f
                                                                                                                                                                                                                                                        0x00bbe941
                                                                                                                                                                                                                                                        0x00bbe946
                                                                                                                                                                                                                                                        0x00bbe94c
                                                                                                                                                                                                                                                        0x00bbe94f
                                                                                                                                                                                                                                                        0x00bbe956
                                                                                                                                                                                                                                                        0x00bbe95d
                                                                                                                                                                                                                                                        0x00bbe964
                                                                                                                                                                                                                                                        0x00bbe970
                                                                                                                                                                                                                                                        0x00bbe973
                                                                                                                                                                                                                                                        0x00bbe973
                                                                                                                                                                                                                                                        0x00bbe976
                                                                                                                                                                                                                                                        0x00bbe97c
                                                                                                                                                                                                                                                        0x00bbe980
                                                                                                                                                                                                                                                        0x00bbe986
                                                                                                                                                                                                                                                        0x00bbe98a
                                                                                                                                                                                                                                                        0x00bbe9d2
                                                                                                                                                                                                                                                        0x00bbe9d5
                                                                                                                                                                                                                                                        0x00bbe9db
                                                                                                                                                                                                                                                        0x00bbe9fd
                                                                                                                                                                                                                                                        0x00bbea05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea22
                                                                                                                                                                                                                                                        0x00bbea2e
                                                                                                                                                                                                                                                        0x00bbe9a7
                                                                                                                                                                                                                                                        0x00bbe9a7
                                                                                                                                                                                                                                                        0x00bbe9be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea34
                                                                                                                                                                                                                                                        0x00bbea44
                                                                                                                                                                                                                                                        0x00bbea4a
                                                                                                                                                                                                                                                        0x00bbea4d
                                                                                                                                                                                                                                                        0x00bbea54
                                                                                                                                                                                                                                                        0x00bbea5b
                                                                                                                                                                                                                                                        0x00bbea5e
                                                                                                                                                                                                                                                        0x00bbea66
                                                                                                                                                                                                                                                        0x00bbea6a
                                                                                                                                                                                                                                                        0x00bbea73
                                                                                                                                                                                                                                                        0x00bbea77
                                                                                                                                                                                                                                                        0x00bbea7b
                                                                                                                                                                                                                                                        0x00bbea98
                                                                                                                                                                                                                                                        0x00bbea98
                                                                                                                                                                                                                                                        0x00bbea9e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeaa9
                                                                                                                                                                                                                                                        0x00bbeaba
                                                                                                                                                                                                                                                        0x00bbeaca
                                                                                                                                                                                                                                                        0x00bbeacf
                                                                                                                                                                                                                                                        0x00bbeae9
                                                                                                                                                                                                                                                        0x00bbeaf2
                                                                                                                                                                                                                                                        0x00bbeb04
                                                                                                                                                                                                                                                        0x00bbeb04
                                                                                                                                                                                                                                                        0x00bbea90
                                                                                                                                                                                                                                                        0x00bbea93
                                                                                                                                                                                                                                                        0x00bbea93
                                                                                                                                                                                                                                                        0x00bbe9a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe9a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe9c4
                                                                                                                                                                                                                                                        0x00bbe9c7
                                                                                                                                                                                                                                                        0x00bbe9ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe98c
                                                                                                                                                                                                                                                        0x00bbeb12
                                                                                                                                                                                                                                                        0x00bbeb12
                                                                                                                                                                                                                                                        0x00bbeb1c
                                                                                                                                                                                                                                                        0x00bbeb22
                                                                                                                                                                                                                                                        0x00bbeb25
                                                                                                                                                                                                                                                        0x00bbeb35
                                                                                                                                                                                                                                                        0x00bbe92c
                                                                                                                                                                                                                                                        0x00bbe92c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe92c
                                                                                                                                                                                                                                                        0x00bbe8c7
                                                                                                                                                                                                                                                        0x00bbe8c7
                                                                                                                                                                                                                                                        0x00bbe8ca
                                                                                                                                                                                                                                                        0x00bbe8cd
                                                                                                                                                                                                                                                        0x00bbe8ce
                                                                                                                                                                                                                                                        0x00bbe8d7
                                                                                                                                                                                                                                                        0x00bbe8d7
                                                                                                                                                                                                                                                        0x00bbe8e2
                                                                                                                                                                                                                                                        0x00bbe8e2
                                                                                                                                                                                                                                                        0x00bbe8c5
                                                                                                                                                                                                                                                        0x00bbe886
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE898
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,7FFFFFFF,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE8AD
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,7FFFFFFF,?,?,?,00BB742F), ref: 00BBE8CE
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE8F2
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,7FFFFFFF,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE907
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE936
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$_invalid_parameter_noinfo_noreturnfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 826125452-0
                                                                                                                                                                                                                                                        • Opcode ID: 3f886439c7a2621c59cbcfefd49c72620de43660e3165d999b792aba0c1ae3d1
                                                                                                                                                                                                                                                        • Instruction ID: 07e280c3fef616fd1d5557ebe57cc982783e0fd7ce0cd5f17cb454fb25392abd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3f886439c7a2621c59cbcfefd49c72620de43660e3165d999b792aba0c1ae3d1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F31B6B2E002099FCF18DF68CC818BE77A9EF84310B240668E925D7395EB71ED1187A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 53%
                                                                                                                                                                                                                                                        			E00BCC0B0(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, char _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				void** _t32;
                                                                                                                                                                                                                                                        				void** _t37;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				intOrPtr _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t51;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t49 = _a8;
                                                                                                                                                                                                                                                        				_t51 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t30 ^ _t53;
                                                                                                                                                                                                                                                        				_t32 =  &_v56;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v60 = 0;
                                                                                                                                                                                                                                                        				_v64 = 0;
                                                                                                                                                                                                                                                        				__imp__GetSecurityInfo(_t51, _t49, 4, 0, 0,  &_v60, 0, _t32);
                                                                                                                                                                                                                                                        				if(_t32 != 0) {
                                                                                                                                                                                                                                                        					_t41 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t48 = _a16;
                                                                                                                                                                                                                                                        					_t42 = _v60;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v48 = _a16;
                                                                                                                                                                                                                                                        					_v52 = _a20;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v36 = 0;
                                                                                                                                                                                                                                                        					_v24 = E00BE7750(_a12);
                                                                                                                                                                                                                                                        					_t37 =  &_v64;
                                                                                                                                                                                                                                                        					__imp__SetEntriesInAclW(1,  &_v52, _t42, _t37);
                                                                                                                                                                                                                                                        					if(_t37 != 0) {
                                                                                                                                                                                                                                                        						LocalFree(_v56);
                                                                                                                                                                                                                                                        						_t41 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__imp__SetSecurityInfo(_t51, _t49, 4, 0, 0, _v64, 0);
                                                                                                                                                                                                                                                        						LocalFree(_v64);
                                                                                                                                                                                                                                                        						LocalFree(_v56);
                                                                                                                                                                                                                                                        						_t41 = _t42 & 0xffffff00 | _t37 == 0x00000000;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t53, _t48);
                                                                                                                                                                                                                                                        				return _t41;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00bcc0b9
                                                                                                                                                                                                                                                        0x00bcc0be
                                                                                                                                                                                                                                                        0x00bcc0c1
                                                                                                                                                                                                                                                        0x00bcc0c9
                                                                                                                                                                                                                                                        0x00bcc0cc
                                                                                                                                                                                                                                                        0x00bcc0cf
                                                                                                                                                                                                                                                        0x00bcc0d6
                                                                                                                                                                                                                                                        0x00bcc0dd
                                                                                                                                                                                                                                                        0x00bcc0f0
                                                                                                                                                                                                                                                        0x00bcc0f8
                                                                                                                                                                                                                                                        0x00bcc18e
                                                                                                                                                                                                                                                        0x00bcc0fe
                                                                                                                                                                                                                                                        0x00bcc101
                                                                                                                                                                                                                                                        0x00bcc107
                                                                                                                                                                                                                                                        0x00bcc10a
                                                                                                                                                                                                                                                        0x00bcc111
                                                                                                                                                                                                                                                        0x00bcc114
                                                                                                                                                                                                                                                        0x00bcc117
                                                                                                                                                                                                                                                        0x00bcc11e
                                                                                                                                                                                                                                                        0x00bcc125
                                                                                                                                                                                                                                                        0x00bcc12c
                                                                                                                                                                                                                                                        0x00bcc138
                                                                                                                                                                                                                                                        0x00bcc13b
                                                                                                                                                                                                                                                        0x00bcc146
                                                                                                                                                                                                                                                        0x00bcc14e
                                                                                                                                                                                                                                                        0x00bcc195
                                                                                                                                                                                                                                                        0x00bcc19b
                                                                                                                                                                                                                                                        0x00bcc150
                                                                                                                                                                                                                                                        0x00bcc15d
                                                                                                                                                                                                                                                        0x00bcc16e
                                                                                                                                                                                                                                                        0x00bcc173
                                                                                                                                                                                                                                                        0x00bcc177
                                                                                                                                                                                                                                                        0x00bcc177
                                                                                                                                                                                                                                                        0x00bcc14e
                                                                                                                                                                                                                                                        0x00bcc17f
                                                                                                                                                                                                                                                        0x00bcc18d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,?,00000000,?), ref: 00BCC0F0
                                                                                                                                                                                                                                                        • SetEntriesInAclW.ADVAPI32(00000001,?,?,00000000), ref: 00BCC146
                                                                                                                                                                                                                                                        • SetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,00000000,00000000), ref: 00BCC15D
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BCC16E
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BCC173
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BCC195
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FreeLocal$InfoSecurity$Entries
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3140748100-0
                                                                                                                                                                                                                                                        • Opcode ID: b792f2723683b7cea1ac749bc6ed7c23c819d3d73d04d6abb5ec6f4b9de150d9
                                                                                                                                                                                                                                                        • Instruction ID: 1f1b85092d2dc887f05b88bc2c1e3a25dd15855d9aaaa8e7b9cf68f489869a40
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b792f2723683b7cea1ac749bc6ed7c23c819d3d73d04d6abb5ec6f4b9de150d9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91312BB1A00219AFEB14DFA1EC89FEEBBB5EF44714F104019FA157B290DB756904CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE16D0(intOrPtr* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed int _t17;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				long _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t17 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t43 = 0x3f0;
                                                                                                                                                                                                                                                        				_v20 = _t17 ^ _t45;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) != 0) {
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					_t20 = E00BE1360(__ecx,  &_v24);
                                                                                                                                                                                                                                                        					_t43 = _t20;
                                                                                                                                                                                                                                                        					if(_t20 != 0) {
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						E00BC51B0(_t20,  &_v24);
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(DuplicateToken(_v24, 2,  &_v28) != 0) {
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						E00BC5200(_v28,  &_v32, _v28);
                                                                                                                                                                                                                                                        						_t28 = GetCurrentProcess();
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _v32, _t28,  &_v36, 0xf01ff, 0, 0) != 0) {
                                                                                                                                                                                                                                                        							_t31 = E00BC5200(_t30, _a4, _v36);
                                                                                                                                                                                                                                                        							_t43 = 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t43 = GetLastError();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t20 = E00BC51B0(_t31,  &_v32);
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t43 = GetLastError();
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t45, _t41);
                                                                                                                                                                                                                                                        				return _t43;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00be16d9
                                                                                                                                                                                                                                                        0x00be16de
                                                                                                                                                                                                                                                        0x00be16e5
                                                                                                                                                                                                                                                        0x00be16ec
                                                                                                                                                                                                                                                        0x00be1707
                                                                                                                                                                                                                                                        0x00be170f
                                                                                                                                                                                                                                                        0x00be1714
                                                                                                                                                                                                                                                        0x00be1718
                                                                                                                                                                                                                                                        0x00be1792
                                                                                                                                                                                                                                                        0x00be1795
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1795
                                                                                                                                                                                                                                                        0x00be172b
                                                                                                                                                                                                                                                        0x00be173a
                                                                                                                                                                                                                                                        0x00be1745
                                                                                                                                                                                                                                                        0x00be1750
                                                                                                                                                                                                                                                        0x00be1771
                                                                                                                                                                                                                                                        0x00be1783
                                                                                                                                                                                                                                                        0x00be1788
                                                                                                                                                                                                                                                        0x00be1773
                                                                                                                                                                                                                                                        0x00be1779
                                                                                                                                                                                                                                                        0x00be1779
                                                                                                                                                                                                                                                        0x00be178d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be178d
                                                                                                                                                                                                                                                        0x00be1733
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1733
                                                                                                                                                                                                                                                        0x00be16ee
                                                                                                                                                                                                                                                        0x00be16f3
                                                                                                                                                                                                                                                        0x00be1701

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • DuplicateToken.ADVAPI32(00000000,00000002,?,?), ref: 00BE1723
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE172D
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,00000000), ref: 00BE1750
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,00000000), ref: 00BE1757
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,00000000,?,000F01FF,00000000,00000000,?,?,?,00000000), ref: 00BE1769
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,00000000), ref: 00BE1773
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$CurrentDuplicateHandleProcess$TokenVerifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 113006817-0
                                                                                                                                                                                                                                                        • Opcode ID: f9f93eeccf1d016651008cda9e1e79dca151b363eb1577c3b1af98f7a5c008d7
                                                                                                                                                                                                                                                        • Instruction ID: 43ab015eaab7b11258a5b681187188b8e791b436ce391f12e4b40f51d5eac1c3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f9f93eeccf1d016651008cda9e1e79dca151b363eb1577c3b1af98f7a5c008d7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A22130B1A002599BDB10EBB5DC49BBFB7F8EF04750F5104A9E902A7291DF74AD04CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BD5740(intOrPtr _a4, void* _a8, long _a12, HANDLE* _a16, long _a20, long _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				long _t16;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				long _t37;
                                                                                                                                                                                                                                                        				long _t38;
                                                                                                                                                                                                                                                        				long _t39;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t39 = 5;
                                                                                                                                                                                                                                                        				_v20 = _t29 ^ _t41;
                                                                                                                                                                                                                                                        				if(_a4 == 3) {
                                                                                                                                                                                                                                                        					_t37 = _a12;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					_t16 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        					_t40 = 0;
                                                                                                                                                                                                                                                        					if(_t16 != _t37) {
                                                                                                                                                                                                                                                        						_t18 = E00BCE430(E00BD5810(), _t37);
                                                                                                                                                                                                                                                        						_t39 = 5;
                                                                                                                                                                                                                                                        						if(_t18 == 0) {
                                                                                                                                                                                                                                                        							L10:
                                                                                                                                                                                                                                                        							E00BC51B0(_t18,  &_v24);
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						E00BC5200(OpenProcess(0x40, 0, _t37),  &_v24, _t22);
                                                                                                                                                                                                                                                        						_t40 = _v24;
                                                                                                                                                                                                                                                        						_t13 = _t40 + 1; // 0x1
                                                                                                                                                                                                                                                        						if(_t13 > 1) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t39 = GetLastError();
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t38 = _a24;
                                                                                                                                                                                                                                                        					_t28 = _a8;
                                                                                                                                                                                                                                                        					_t8 = _t40 + 1; // 0x1
                                                                                                                                                                                                                                                        					if(_t8 <= 1) {
                                                                                                                                                                                                                                                        						_t40 = GetCurrentProcess();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t18 = DuplicateHandle(GetCurrentProcess(), _t28, _t40, _a16, _a20, 0, _t38);
                                                                                                                                                                                                                                                        					_t39 = 0;
                                                                                                                                                                                                                                                        					if(_t18 == 0) {
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t41, _t36);
                                                                                                                                                                                                                                                        				return _t39;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bd5749
                                                                                                                                                                                                                                                        0x00bd5752
                                                                                                                                                                                                                                                        0x00bd575c
                                                                                                                                                                                                                                                        0x00bd575f
                                                                                                                                                                                                                                                        0x00bd5775
                                                                                                                                                                                                                                                        0x00bd5778
                                                                                                                                                                                                                                                        0x00bd577f
                                                                                                                                                                                                                                                        0x00bd5785
                                                                                                                                                                                                                                                        0x00bd5789
                                                                                                                                                                                                                                                        0x00bd57c9
                                                                                                                                                                                                                                                        0x00bd57ce
                                                                                                                                                                                                                                                        0x00bd57d5
                                                                                                                                                                                                                                                        0x00bd57fe
                                                                                                                                                                                                                                                        0x00bd5801
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5801
                                                                                                                                                                                                                                                        0x00bd57e6
                                                                                                                                                                                                                                                        0x00bd57eb
                                                                                                                                                                                                                                                        0x00bd57ee
                                                                                                                                                                                                                                                        0x00bd57f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd57f6
                                                                                                                                                                                                                                                        0x00bd57fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd57fc
                                                                                                                                                                                                                                                        0x00bd578b
                                                                                                                                                                                                                                                        0x00bd578b
                                                                                                                                                                                                                                                        0x00bd578e
                                                                                                                                                                                                                                                        0x00bd5791
                                                                                                                                                                                                                                                        0x00bd5797
                                                                                                                                                                                                                                                        0x00bd579f
                                                                                                                                                                                                                                                        0x00bd579f
                                                                                                                                                                                                                                                        0x00bd57b3
                                                                                                                                                                                                                                                        0x00bd57b9
                                                                                                                                                                                                                                                        0x00bd57bd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd57bf
                                                                                                                                                                                                                                                        0x00bd5761
                                                                                                                                                                                                                                                        0x00bd5766
                                                                                                                                                                                                                                                        0x00bd5774

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32 ref: 00BD577F
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000), ref: 00BD5799
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000), ref: 00BD57A1
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000000,00000000,?,00000000,?), ref: 00BD57B3
                                                                                                                                                                                                                                                          • Part of subcall function 00BD5810: ??2@YAPAXI@Z.MOZGLUE(00000034,00000000,?,00BD57C6), ref: 00BD581F
                                                                                                                                                                                                                                                          • Part of subcall function 00BD5810: __onexit.LIBCMT ref: 00BD583B
                                                                                                                                                                                                                                                          • Part of subcall function 00BCE430: EnterCriticalSection.KERNEL32(?), ref: 00BCE43C
                                                                                                                                                                                                                                                          • Part of subcall function 00BCE430: LeaveCriticalSection.KERNEL32(?), ref: 00BCE456
                                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00000040,00000000,?), ref: 00BD57DC
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00000000), ref: 00BD57F6
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentErrorLast$CriticalHandleSection$??2@DuplicateEnterLeaveOpenVerifier__onexit
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2942772492-0
                                                                                                                                                                                                                                                        • Opcode ID: d9dbedae35fa021ecc6b514b1093b78a9bcb055f654876c972731eb20cd07fd1
                                                                                                                                                                                                                                                        • Instruction ID: eb04b1423c338142d948b1dee13f340a904566b030cdd340ee1f0da3b2c6fc36
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d9dbedae35fa021ecc6b514b1093b78a9bcb055f654876c972731eb20cd07fd1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 09219F3190060A9BDB209FB09C49BAFBBA9EF44751F240495E909A7340EF30AC01CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 56%
                                                                                                                                                                                                                                                        			E00BCB740(void** __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				int* _t18;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				int _t21;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				void** _t27;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t12 ^ _t28;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 4)) != 0x48) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					_t20 = 0;
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t28, _t25);
                                                                                                                                                                                                                                                        					return _t20;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t27 = __ecx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 0x48)) == 0) {
                                                                                                                                                                                                                                                        					_t16 =  &_v24;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					__imp__InitializeProcThreadAttributeList(0, _a4, 0, _t16);
                                                                                                                                                                                                                                                        					_t21 = _v24;
                                                                                                                                                                                                                                                        					if(_t21 == 0) {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t26 = _t16;
                                                                                                                                                                                                                                                        					memset(_t16, 0, _t21);
                                                                                                                                                                                                                                                        					_t18 =  &_v24;
                                                                                                                                                                                                                                                        					__imp__InitializeProcThreadAttributeList(_t26, _a4, 0, _t18, _t21);
                                                                                                                                                                                                                                                        					if(_t18 == 0) {
                                                                                                                                                                                                                                                        						_push(_t26);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t19 =  *_t27;
                                                                                                                                                                                                                                                        					 *_t27 = _t26;
                                                                                                                                                                                                                                                        					if(_t19 != 0) {
                                                                                                                                                                                                                                                        						_push(_t19);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t27[0x12] = _t26;
                                                                                                                                                                                                                                                        					_t20 = 1;
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bcb749
                                                                                                                                                                                                                                                        0x00bcb750
                                                                                                                                                                                                                                                        0x00bcb757
                                                                                                                                                                                                                                                        0x00bcb761
                                                                                                                                                                                                                                                        0x00bcb761
                                                                                                                                                                                                                                                        0x00bcb763
                                                                                                                                                                                                                                                        0x00bcb768
                                                                                                                                                                                                                                                        0x00bcb776
                                                                                                                                                                                                                                                        0x00bcb776
                                                                                                                                                                                                                                                        0x00bcb75d
                                                                                                                                                                                                                                                        0x00bcb75f
                                                                                                                                                                                                                                                        0x00bcb779
                                                                                                                                                                                                                                                        0x00bcb77c
                                                                                                                                                                                                                                                        0x00bcb78b
                                                                                                                                                                                                                                                        0x00bcb791
                                                                                                                                                                                                                                                        0x00bcb796
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb799
                                                                                                                                                                                                                                                        0x00bcb7a1
                                                                                                                                                                                                                                                        0x00bcb7a7
                                                                                                                                                                                                                                                        0x00bcb7af
                                                                                                                                                                                                                                                        0x00bcb7b9
                                                                                                                                                                                                                                                        0x00bcb7c1
                                                                                                                                                                                                                                                        0x00bcb7db
                                                                                                                                                                                                                                                        0x00bcb7dc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb7e1
                                                                                                                                                                                                                                                        0x00bcb7c3
                                                                                                                                                                                                                                                        0x00bcb7c5
                                                                                                                                                                                                                                                        0x00bcb7c9
                                                                                                                                                                                                                                                        0x00bcb7cb
                                                                                                                                                                                                                                                        0x00bcb7cc
                                                                                                                                                                                                                                                        0x00bcb7d1
                                                                                                                                                                                                                                                        0x00bcb7d4
                                                                                                                                                                                                                                                        0x00bcb7d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb7d7
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • InitializeProcThreadAttributeList.KERNEL32(00000000,?,00000000,?), ref: 00BCB78B
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000000), ref: 00BCB799
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BCB7A7
                                                                                                                                                                                                                                                        • InitializeProcThreadAttributeList.KERNEL32(00000000,?,00000000,?), ref: 00BCB7B9
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BCB7CC
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BCB7DC
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@AttributeInitializeListProcThread$??2@memset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3591539531-0
                                                                                                                                                                                                                                                        • Opcode ID: 6d1901cf598c501a7722f1b6d84810a60f3d27c0a80a2267e403092711bc7770
                                                                                                                                                                                                                                                        • Instruction ID: 5dfcaf3da5b57451efea9df7df0204b6f5a830b212bd329cc6868120163745b3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d1901cf598c501a7722f1b6d84810a60f3d27c0a80a2267e403092711bc7770
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3C1190B1A00205AFDB20AFA59D86F7F77E8EB54340F24047EE905A7250DB329D18C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE6CD0(void* __ecx, void** __edx, void** _a4, HANDLE* _a8, HANDLE* _a12) {
                                                                                                                                                                                                                                                        				void** _t24;
                                                                                                                                                                                                                                                        				void** _t26;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t28 = __ecx;
                                                                                                                                                                                                                                                        				_t24 = __edx;
                                                                                                                                                                                                                                                        				E00BC5200(CreateEventW(0, 0, 0, 0), _t24, _t8);
                                                                                                                                                                                                                                                        				if(DuplicateHandle(GetCurrentProcess(),  *_t24,  *(_t28 + 0x10), _a8, 0x100002, 0, 0) != 0) {
                                                                                                                                                                                                                                                        					_t26 = _a4;
                                                                                                                                                                                                                                                        					E00BC5200(CreateEventW(0, 0, 0, 0), _t26, _t12);
                                                                                                                                                                                                                                                        					return DuplicateHandle(GetCurrentProcess(),  *_t26,  *(_t28 + 0x10), _a12, 0x100002, 0, 0) & 0xffffff00 | _t15 != 0x00000000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return 0;
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00be6cd6
                                                                                                                                                                                                                                                        0x00be6cd8
                                                                                                                                                                                                                                                        0x00be6ceb
                                                                                                                                                                                                                                                        0x00be6d12
                                                                                                                                                                                                                                                        0x00be6d1e
                                                                                                                                                                                                                                                        0x00be6d32
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6d57
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateEventW.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00000004,?,00BE6C0E,?,?,00000018,?,?,?,00000000), ref: 00BE6CE2
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE6CF5
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,?,00100002,00100002,00000000,00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400), ref: 00BE6D0A
                                                                                                                                                                                                                                                        • CreateEventW.KERNEL32(00000000,00000000,00000000,00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?), ref: 00BE6D29
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE6D3C
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,?,?,00100002,00000000,00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400), ref: 00BE6D4F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Handle$CreateCurrentDuplicateErrorEventLastProcess$Verifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1059238025-0
                                                                                                                                                                                                                                                        • Opcode ID: dbeb60b32e978cf79a1b3fd588d1a15d7714e5579d4355bf6ba6b3b622ee58c8
                                                                                                                                                                                                                                                        • Instruction ID: edb1ad5d4be2871812c2b0ae70a8c6815f67a78a36f5871d2879d4ed43469bf0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dbeb60b32e978cf79a1b3fd588d1a15d7714e5579d4355bf6ba6b3b622ee58c8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC01E976384344BBE6205BB19C4AF6B7BADEF88B51F644454F605AB2D0CEB0B800C674
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BDED80(intOrPtr* _a4, char _a8, char _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, char _a36, intOrPtr _a40, intOrPtr _a44) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				short _v544;
                                                                                                                                                                                                                                                        				intOrPtr _v560;
                                                                                                                                                                                                                                                        				long _v600;
                                                                                                                                                                                                                                                        				char _v608;
                                                                                                                                                                                                                                                        				char _v612;
                                                                                                                                                                                                                                                        				char _v616;
                                                                                                                                                                                                                                                        				char _v620;
                                                                                                                                                                                                                                                        				char _v624;
                                                                                                                                                                                                                                                        				intOrPtr _v628;
                                                                                                                                                                                                                                                        				char _v632;
                                                                                                                                                                                                                                                        				intOrPtr _v636;
                                                                                                                                                                                                                                                        				char _v640;
                                                                                                                                                                                                                                                        				char _v644;
                                                                                                                                                                                                                                                        				char _v649;
                                                                                                                                                                                                                                                        				void* _v652;
                                                                                                                                                                                                                                                        				char _v653;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				intOrPtr* _t73;
                                                                                                                                                                                                                                                        				intOrPtr* _t76;
                                                                                                                                                                                                                                                        				intOrPtr* _t77;
                                                                                                                                                                                                                                                        				char _t79;
                                                                                                                                                                                                                                                        				char _t80;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				long _t84;
                                                                                                                                                                                                                                                        				char _t87;
                                                                                                                                                                                                                                                        				char _t89;
                                                                                                                                                                                                                                                        				intOrPtr* _t90;
                                                                                                                                                                                                                                                        				char _t93;
                                                                                                                                                                                                                                                        				char _t95;
                                                                                                                                                                                                                                                        				char _t98;
                                                                                                                                                                                                                                                        				char _t102;
                                                                                                                                                                                                                                                        				char _t104;
                                                                                                                                                                                                                                                        				intOrPtr _t106;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				char _t113;
                                                                                                                                                                                                                                                        				char _t129;
                                                                                                                                                                                                                                                        				char _t137;
                                                                                                                                                                                                                                                        				long _t138;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				void* _t140;
                                                                                                                                                                                                                                                        				signed int _t141;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t71 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t113 = _a12;
                                                                                                                                                                                                                                                        				_t137 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t71 ^ _t141;
                                                                                                                                                                                                                                                        				_t73 = E00BE9C20();
                                                                                                                                                                                                                                                        				_t136 =  *_t73;
                                                                                                                                                                                                                                                        				if( *((char*)( *((intOrPtr*)( *_t73 + 8))() + 4)) == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					E00BC4600(_t113, _t136, _t137, _t139, "CreateProcessW", _t137);
                                                                                                                                                                                                                                                        					_t76 = E00BE9C20();
                                                                                                                                                                                                                                                        					_t136 =  *_t76;
                                                                                                                                                                                                                                                        					_t77 =  *((intOrPtr*)( *_t76 + 8))();
                                                                                                                                                                                                                                                        					_t140 = 0;
                                                                                                                                                                                                                                                        					if( *_t77 > 0) {
                                                                                                                                                                                                                                                        						_t138 = GetLastError();
                                                                                                                                                                                                                                                        						_t79 = E00BE3900(_a44, 0x10, 1);
                                                                                                                                                                                                                                                        						__eflags = _t79;
                                                                                                                                                                                                                                                        						if(_t79 != 0) {
                                                                                                                                                                                                                                                        							_t80 = E00BE3790();
                                                                                                                                                                                                                                                        							__eflags = _t80;
                                                                                                                                                                                                                                                        							if(_t80 == 0) {
                                                                                                                                                                                                                                                        								goto L5;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t83 =  *0xbfb68c;
                                                                                                                                                                                                                                                        							__eflags = _t83;
                                                                                                                                                                                                                                                        							if(_t83 == 0) {
                                                                                                                                                                                                                                                        								goto L5;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v652 = _t83;
                                                                                                                                                                                                                                                        							_t84 = GetCurrentDirectoryW(0x104,  &_v544);
                                                                                                                                                                                                                                                        							asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        							__eflags = _t84 - 1 - 0x103;
                                                                                                                                                                                                                                                        							_t121 =  <  ?  &_v544 : 0;
                                                                                                                                                                                                                                                        							_t87 = _v652;
                                                                                                                                                                                                                                                        							_v644 =  <  ?  &_v544 : 0;
                                                                                                                                                                                                                                                        							_v640 = _t87;
                                                                                                                                                                                                                                                        							asm("movaps [esp+0x50], xmm0");
                                                                                                                                                                                                                                                        							asm("movaps [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        							asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        							_v560 = 0;
                                                                                                                                                                                                                                                        							_v636 = _t87 +  *((intOrPtr*)(_t87 + 8));
                                                                                                                                                                                                                                                        							_t89 = E00BE6680( &_v640, _t84 - 1 - 0x103);
                                                                                                                                                                                                                                                        							__eflags = _t89;
                                                                                                                                                                                                                                                        							_v652 = _t89;
                                                                                                                                                                                                                                                        							if(_t89 == 0) {
                                                                                                                                                                                                                                                        								goto L5;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t90 = _v652;
                                                                                                                                                                                                                                                        							 *_t90 = 0xd;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t90 + 4)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t90 + 0x3c)) = 5;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t90 + 0x44)) = 0x88;
                                                                                                                                                                                                                                                        							_v612 = _a8;
                                                                                                                                                                                                                                                        							_t93 = E00BD19D0(_v652, 0, _v612, E00BD1910( &_v612), 0, 1);
                                                                                                                                                                                                                                                        							__eflags = _t93;
                                                                                                                                                                                                                                                        							if(_t93 == 0) {
                                                                                                                                                                                                                                                        								goto L5;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v616 = _t113;
                                                                                                                                                                                                                                                        							_t95 = E00BD19D0(_v652, 1, _v616, E00BD1910( &_v616), 0, 1);
                                                                                                                                                                                                                                                        							__eflags = _t95;
                                                                                                                                                                                                                                                        							if(_t95 == 0) {
                                                                                                                                                                                                                                                        								goto L5;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v620 = _v644;
                                                                                                                                                                                                                                                        							_t98 = E00BD19D0(_v652, 2, _v620, E00BD1910( &_v620), 0, 1);
                                                                                                                                                                                                                                                        							_t129 = 4;
                                                                                                                                                                                                                                                        							__eflags = _t98;
                                                                                                                                                                                                                                                        							if(_t98 == 0) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								__eflags = _t129;
                                                                                                                                                                                                                                                        								if(_t129 != 0) {
                                                                                                                                                                                                                                                        									goto L5;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								SetLastError(_v600);
                                                                                                                                                                                                                                                        								_t140 = 0;
                                                                                                                                                                                                                                                        								__eflags = _v600;
                                                                                                                                                                                                                                                        								if(_v600 == 0) {
                                                                                                                                                                                                                                                        									E00BC4830(_t136, "CreateProcessW", _a8);
                                                                                                                                                                                                                                                        									_t140 = 1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v624 = _a36;
                                                                                                                                                                                                                                                        							_t102 = E00BD19D0(_v652, 3, _v624, E00BD1910( &_v624), 0, 1);
                                                                                                                                                                                                                                                        							_t129 = 4;
                                                                                                                                                                                                                                                        							__eflags = _t102;
                                                                                                                                                                                                                                                        							if(_t102 == 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v632 = 0x10;
                                                                                                                                                                                                                                                        							_v628 = _a44;
                                                                                                                                                                                                                                                        							_t104 = E00BD19D0(_v652, 4, _a44, 0x10, 1, 6);
                                                                                                                                                                                                                                                        							_t129 = 4;
                                                                                                                                                                                                                                                        							__eflags = _t104;
                                                                                                                                                                                                                                                        							if(_t104 == 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t106 = E00BE67F0( &_v640, _v652,  &_v608);
                                                                                                                                                                                                                                                        							__eflags = _t106 - 0xa;
                                                                                                                                                                                                                                                        							_v652 = _t106;
                                                                                                                                                                                                                                                        							if(_t106 == 0xa) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								_t129 = _v644;
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v649 = E00BD1BB0( &_v632,  *((intOrPtr*)(_v652 + 0x74)) + _v652);
                                                                                                                                                                                                                                                        							E00BE67B0( &_v644, _v652);
                                                                                                                                                                                                                                                        							__eflags = _v653;
                                                                                                                                                                                                                                                        							_t129 = 2;
                                                                                                                                                                                                                                                        							if(_v653 == 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						SetLastError(_t138);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t141, _t136);
                                                                                                                                                                                                                                                        					return _t140;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t112 =  *_a4(_t137, _t113, _a16, _a20, _a24, _a28, _a32, _a36, _a40, _a44);
                                                                                                                                                                                                                                                        				_t140 = 1;
                                                                                                                                                                                                                                                        				if(_t112 != 0) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}

















































                                                                                                                                                                                                                                                        0x00bded8f
                                                                                                                                                                                                                                                        0x00bded94
                                                                                                                                                                                                                                                        0x00bded97
                                                                                                                                                                                                                                                        0x00bded9c
                                                                                                                                                                                                                                                        0x00bdeda3
                                                                                                                                                                                                                                                        0x00bdeda8
                                                                                                                                                                                                                                                        0x00bdedb3
                                                                                                                                                                                                                                                        0x00bdeddd
                                                                                                                                                                                                                                                        0x00bdede3
                                                                                                                                                                                                                                                        0x00bdedeb
                                                                                                                                                                                                                                                        0x00bdedf0
                                                                                                                                                                                                                                                        0x00bdedf4
                                                                                                                                                                                                                                                        0x00bdedf7
                                                                                                                                                                                                                                                        0x00bdedfc
                                                                                                                                                                                                                                                        0x00bdee1e
                                                                                                                                                                                                                                                        0x00bdee27
                                                                                                                                                                                                                                                        0x00bdee2f
                                                                                                                                                                                                                                                        0x00bdee31
                                                                                                                                                                                                                                                        0x00bdee3c
                                                                                                                                                                                                                                                        0x00bdee41
                                                                                                                                                                                                                                                        0x00bdee43
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdee45
                                                                                                                                                                                                                                                        0x00bdee4a
                                                                                                                                                                                                                                                        0x00bdee4c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdee58
                                                                                                                                                                                                                                                        0x00bdee5c
                                                                                                                                                                                                                                                        0x00bdee65
                                                                                                                                                                                                                                                        0x00bdee68
                                                                                                                                                                                                                                                        0x00bdee71
                                                                                                                                                                                                                                                        0x00bdee74
                                                                                                                                                                                                                                                        0x00bdee78
                                                                                                                                                                                                                                                        0x00bdee80
                                                                                                                                                                                                                                                        0x00bdee87
                                                                                                                                                                                                                                                        0x00bdee8c
                                                                                                                                                                                                                                                        0x00bdee91
                                                                                                                                                                                                                                                        0x00bdee96
                                                                                                                                                                                                                                                        0x00bdee9e
                                                                                                                                                                                                                                                        0x00bdeea2
                                                                                                                                                                                                                                                        0x00bdeea7
                                                                                                                                                                                                                                                        0x00bdeea9
                                                                                                                                                                                                                                                        0x00bdeead
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdeeaf
                                                                                                                                                                                                                                                        0x00bdeeb7
                                                                                                                                                                                                                                                        0x00bdeebd
                                                                                                                                                                                                                                                        0x00bdeec4
                                                                                                                                                                                                                                                        0x00bdeecb
                                                                                                                                                                                                                                                        0x00bdeed5
                                                                                                                                                                                                                                                        0x00bdeeed
                                                                                                                                                                                                                                                        0x00bdeef2
                                                                                                                                                                                                                                                        0x00bdeef4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdeefe
                                                                                                                                                                                                                                                        0x00bdef16
                                                                                                                                                                                                                                                        0x00bdef1b
                                                                                                                                                                                                                                                        0x00bdef1d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdef2b
                                                                                                                                                                                                                                                        0x00bdef43
                                                                                                                                                                                                                                                        0x00bdef48
                                                                                                                                                                                                                                                        0x00bdef4d
                                                                                                                                                                                                                                                        0x00bdef4f
                                                                                                                                                                                                                                                        0x00bdeff8
                                                                                                                                                                                                                                                        0x00bdeff8
                                                                                                                                                                                                                                                        0x00bdeffa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf004
                                                                                                                                                                                                                                                        0x00bdf00a
                                                                                                                                                                                                                                                        0x00bdf00c
                                                                                                                                                                                                                                                        0x00bdf011
                                                                                                                                                                                                                                                        0x00bdf01f
                                                                                                                                                                                                                                                        0x00bdf027
                                                                                                                                                                                                                                                        0x00bdf027
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf011
                                                                                                                                                                                                                                                        0x00bdef5c
                                                                                                                                                                                                                                                        0x00bdef74
                                                                                                                                                                                                                                                        0x00bdef79
                                                                                                                                                                                                                                                        0x00bdef7e
                                                                                                                                                                                                                                                        0x00bdef80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdef89
                                                                                                                                                                                                                                                        0x00bdef91
                                                                                                                                                                                                                                                        0x00bdef9e
                                                                                                                                                                                                                                                        0x00bdefa3
                                                                                                                                                                                                                                                        0x00bdefa8
                                                                                                                                                                                                                                                        0x00bdefaa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdefb9
                                                                                                                                                                                                                                                        0x00bdefbe
                                                                                                                                                                                                                                                        0x00bdefc1
                                                                                                                                                                                                                                                        0x00bdefc5
                                                                                                                                                                                                                                                        0x00bdeff4
                                                                                                                                                                                                                                                        0x00bdeff4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdeff4
                                                                                                                                                                                                                                                        0x00bdefde
                                                                                                                                                                                                                                                        0x00bdefe3
                                                                                                                                                                                                                                                        0x00bdefe8
                                                                                                                                                                                                                                                        0x00bdefed
                                                                                                                                                                                                                                                        0x00bdeff2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdeff2
                                                                                                                                                                                                                                                        0x00bdee33
                                                                                                                                                                                                                                                        0x00bdee34
                                                                                                                                                                                                                                                        0x00bdee34
                                                                                                                                                                                                                                                        0x00bdedfe
                                                                                                                                                                                                                                                        0x00bdee07
                                                                                                                                                                                                                                                        0x00bdee15
                                                                                                                                                                                                                                                        0x00bdee15
                                                                                                                                                                                                                                                        0x00bdedd2
                                                                                                                                                                                                                                                        0x00bdedd4
                                                                                                                                                                                                                                                        0x00bdeddb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDEE18
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00BDEE34
                                                                                                                                                                                                                                                        • GetCurrentDirectoryW.KERNEL32(00000104,?), ref: 00BDEE5C
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?,00000002,?,00000000,00000000,00000001,00000001,?,00000000,00000000,00000001,00000000,?,00000000,00000000,00000001), ref: 00BDF004
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$CurrentDirectory
                                                                                                                                                                                                                                                        • String ID: CreateProcessW
                                                                                                                                                                                                                                                        • API String ID: 3993060814-1552247879
                                                                                                                                                                                                                                                        • Opcode ID: 7eab86758f1226f9e013ce526210e2953f53119ace9dbb5169a8f110ea69f840
                                                                                                                                                                                                                                                        • Instruction ID: 5c9c6405176692552c88caae09668108f32793da8d503cac953d2ff0848f3bb5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7eab86758f1226f9e013ce526210e2953f53119ace9dbb5169a8f110ea69f840
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C871CF70508340AFEB10EF64C855FAABBE1EF88704F04489EFA955B392EB75C945CB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BD9C70(void* __eax, signed char _a4, signed int* _a12, signed int* _a16) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				signed int _t115;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t120;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				signed int* _t129;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				signed char _t139;
                                                                                                                                                                                                                                                        				signed int* _t140;
                                                                                                                                                                                                                                                        				void* _t150;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t129 = _a12;
                                                                                                                                                                                                                                                        				_t112 = E00BCBDD0();
                                                                                                                                                                                                                                                        				_t139 = _a4;
                                                                                                                                                                                                                                                        				_t150 = _t112;
                                                                                                                                                                                                                                                        				_t129[1] = 0;
                                                                                                                                                                                                                                                        				 *_t129 = 0;
                                                                                                                                                                                                                                                        				_t129[3] = 0;
                                                                                                                                                                                                                                                        				_t129[2] = 0;
                                                                                                                                                                                                                                                        				_t115 = 4 + (0 | _t150 - 0x00000004 > 0x00000000) * 4;
                                                                                                                                                                                                                                                        				 *_a16 = _t115;
                                                                                                                                                                                                                                                        				if((_t139 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        					_t115 =  *_t129;
                                                                                                                                                                                                                                                        					_t138 = _t129[1];
                                                                                                                                                                                                                                                        					 *_t129 = _t115 | 0x00000001;
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000002) == 0) {
                                                                                                                                                                                                                                                        						_t115 = _t115 | 0x00000003;
                                                                                                                                                                                                                                                        						_t129[1] = _t138;
                                                                                                                                                                                                                                                        						 *_t129 = _t115;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if((_t139 & 0x00000004) != 0) {
                                                                                                                                                                                                                                                        					 *_t129 =  *_t129 | 0x00000004;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t150 >= 5) {
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000008) != 0) {
                                                                                                                                                                                                                                                        						_t127 =  *_t129;
                                                                                                                                                                                                                                                        						_t137 = _t129[1];
                                                                                                                                                                                                                                                        						 *_t129 = _t127 | 0x00000100;
                                                                                                                                                                                                                                                        						if((_t139 & 0x00000010) != 0) {
                                                                                                                                                                                                                                                        							_t129[1] = _t137;
                                                                                                                                                                                                                                                        							 *_t129 = _t127 | 0x00000300;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000020) != 0) {
                                                                                                                                                                                                                                                        						_t129[0] = _t129[0] | 0x00000010;
                                                                                                                                                                                                                                                        						if((_t139 & 0x00000040) == 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							if(_t139 < 0) {
                                                                                                                                                                                                                                                        								L34:
                                                                                                                                                                                                                                                        								_t129[0] = _t129[0] | 0x00000010;
                                                                                                                                                                                                                                                        								if((_t139 & 0x00000100) == 0) {
                                                                                                                                                                                                                                                        									L14:
                                                                                                                                                                                                                                                        									if((_t139 & 0x00000800) != 0) {
                                                                                                                                                                                                                                                        										L36:
                                                                                                                                                                                                                                                        										_t129[0] = _t129[0] | 0x00000010;
                                                                                                                                                                                                                                                        										if((_t139 & 0x00001000) == 0) {
                                                                                                                                                                                                                                                        											L16:
                                                                                                                                                                                                                                                        											if(_t150 < 6) {
                                                                                                                                                                                                                                                        												L38:
                                                                                                                                                                                                                                                        												if(( *0xbfb5d8 |  *0xbfb5d0 |  *0xbfb5dc |  *0xbfb5d4) == 0) {
                                                                                                                                                                                                                                                        													_t120 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "GetProcessMitigationPolicy");
                                                                                                                                                                                                                                                        													if(_t120 != 0) {
                                                                                                                                                                                                                                                        														_v20 = 8 + (0 | E00BCBDD0() - 0x00000009 > 0x00000000) * 8;
                                                                                                                                                                                                                                                        														_t125 = GetCurrentProcess();
                                                                                                                                                                                                                                                        														 *_t120(_t125, 5, 0xbfb5d0, _v20);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t140 = _a16;
                                                                                                                                                                                                                                                        												 *_t129 =  *_t129 &  *0xbfb5d0;
                                                                                                                                                                                                                                                        												_t129[1] = _t129[1] &  *0xbfb5d4;
                                                                                                                                                                                                                                                        												_t134 =  *0xbfb5dc & _t129[3];
                                                                                                                                                                                                                                                        												_t115 =  *0xbfb5d8 & _t129[2];
                                                                                                                                                                                                                                                        												_t129[2] = _t115;
                                                                                                                                                                                                                                                        												_t129[3] = _t134;
                                                                                                                                                                                                                                                        												if(_t150 >= 0xa) {
                                                                                                                                                                                                                                                        													_t115 = _t115 | _t134;
                                                                                                                                                                                                                                                        													if(_t115 != 0) {
                                                                                                                                                                                                                                                        														 *_t140 = 0x10;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L6;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L17:
                                                                                                                                                                                                                                                        											if((_t139 & 0x00002000) != 0) {
                                                                                                                                                                                                                                                        												_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        												if(_t139 >= 0) {
                                                                                                                                                                                                                                                        													L19:
                                                                                                                                                                                                                                                        													if((_t139 & 0x00010000) == 0) {
                                                                                                                                                                                                                                                        														L22:
                                                                                                                                                                                                                                                        														if(_t150 < 8) {
                                                                                                                                                                                                                                                        															goto L38;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														if((_t139 & 0x00020000) != 0) {
                                                                                                                                                                                                                                                        															_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        															if((_t139 & 0x00040000) == 0) {
                                                                                                                                                                                                                                                        																L25:
                                                                                                                                                                                                                                                        																if((_t139 & 0x00080000) != 0) {
                                                                                                                                                                                                                                                        																	L49:
                                                                                                                                                                                                                                                        																	_t129[1] = _t129[1] | 0x00000001;
                                                                                                                                                                                                                                                        																	if(_t150 >= 9) {
                                                                                                                                                                                                                                                        																		L27:
                                                                                                                                                                                                                                                        																		if((_t139 & 0x00004000) != 0) {
                                                                                                                                                                                                                                                        																			_t129[1] = _t129[1] | 0x00000030;
                                                                                                                                                                                                                                                        																			if((_t139 & 0x00100000) == 0) {
                                                                                                                                                                                                                                                        																				L29:
                                                                                                                                                                                                                                                        																				if((_t139 & 0x00200000) == 0) {
                                                                                                                                                                                                                                                        																					goto L38;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				L30:
                                                                                                                                                                                                                                                        																				if(_t150 >= 0xb) {
                                                                                                                                                                                                                                                        																					_t129[2] = _t129[2] | 0x00000001;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				goto L38;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			L52:
                                                                                                                                                                                                                                                        																			_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        																			if((_t139 & 0x00200000) != 0) {
                                                                                                                                                                                                                                                        																				goto L30;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			goto L38;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		if((_t139 & 0x00100000) != 0) {
                                                                                                                                                                                                                                                        																			goto L52;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		goto L29;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L38;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L26:
                                                                                                                                                                                                                                                        																if(_t150 < 9) {
                                                                                                                                                                                                                                                        																	goto L38;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L27;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															L48:
                                                                                                                                                                                                                                                        															_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        															if((_t139 & 0x00080000) == 0) {
                                                                                                                                                                                                                                                        																goto L26;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L49;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														if((_t139 & 0x00040000) != 0) {
                                                                                                                                                                                                                                                        															goto L48;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L25;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L20:
                                                                                                                                                                                                                                                        													if(_t150 >= 7) {
                                                                                                                                                                                                                                                        														_t129[1] = _t129[1] | 0x00000001;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L22;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L45:
                                                                                                                                                                                                                                                        												_t129[1] = _t129[1] | 0x00000002;
                                                                                                                                                                                                                                                        												if((_t139 & 0x00010000) != 0) {
                                                                                                                                                                                                                                                        													goto L20;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L22;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											if(_t139 < 0) {
                                                                                                                                                                                                                                                        												goto L45;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L19;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L37:
                                                                                                                                                                                                                                                        										_t129[1] = _t129[1] | 0x00000001;
                                                                                                                                                                                                                                                        										if(_t150 >= 6) {
                                                                                                                                                                                                                                                        											goto L17;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L15:
                                                                                                                                                                                                                                                        									if((_t139 & 0x00001000) != 0) {
                                                                                                                                                                                                                                                        										goto L37;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L35:
                                                                                                                                                                                                                                                        								_t129[0] = _t129[0] | 0x00000001;
                                                                                                                                                                                                                                                        								if((_t139 & 0x00000800) == 0) {
                                                                                                                                                                                                                                                        									goto L15;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L36;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							if((_t139 & 0x00000100) != 0) {
                                                                                                                                                                                                                                                        								goto L35;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L33:
                                                                                                                                                                                                                                                        						_t129[0] = _t129[0] | 0x00000001;
                                                                                                                                                                                                                                                        						if(_t139 >= 0) {
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L34;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000040) != 0) {
                                                                                                                                                                                                                                                        						goto L33;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L6:
                                                                                                                                                                                                                                                        				return _t115;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bd9c7d
                                                                                                                                                                                                                                                        0x00bd9c80
                                                                                                                                                                                                                                                        0x00bd9c85
                                                                                                                                                                                                                                                        0x00bd9c87
                                                                                                                                                                                                                                                        0x00bd9c8b
                                                                                                                                                                                                                                                        0x00bd9c92
                                                                                                                                                                                                                                                        0x00bd9c98
                                                                                                                                                                                                                                                        0x00bd9c9f
                                                                                                                                                                                                                                                        0x00bd9caf
                                                                                                                                                                                                                                                        0x00bd9cb6
                                                                                                                                                                                                                                                        0x00bd9cb8
                                                                                                                                                                                                                                                        0x00bd9cba
                                                                                                                                                                                                                                                        0x00bd9cbe
                                                                                                                                                                                                                                                        0x00bd9cc6
                                                                                                                                                                                                                                                        0x00bd9ccd
                                                                                                                                                                                                                                                        0x00bd9ccf
                                                                                                                                                                                                                                                        0x00bd9cd2
                                                                                                                                                                                                                                                        0x00bd9cd5
                                                                                                                                                                                                                                                        0x00bd9cd5
                                                                                                                                                                                                                                                        0x00bd9ccd
                                                                                                                                                                                                                                                        0x00bd9cda
                                                                                                                                                                                                                                                        0x00bd9cdc
                                                                                                                                                                                                                                                        0x00bd9cdc
                                                                                                                                                                                                                                                        0x00bd9ce2
                                                                                                                                                                                                                                                        0x00bd9cef
                                                                                                                                                                                                                                                        0x00bd9cf1
                                                                                                                                                                                                                                                        0x00bd9cf5
                                                                                                                                                                                                                                                        0x00bd9d00
                                                                                                                                                                                                                                                        0x00bd9d07
                                                                                                                                                                                                                                                        0x00bd9d0e
                                                                                                                                                                                                                                                        0x00bd9d11
                                                                                                                                                                                                                                                        0x00bd9d11
                                                                                                                                                                                                                                                        0x00bd9d07
                                                                                                                                                                                                                                                        0x00bd9d16
                                                                                                                                                                                                                                                        0x00bd9de0
                                                                                                                                                                                                                                                        0x00bd9de7
                                                                                                                                                                                                                                                        0x00bd9d25
                                                                                                                                                                                                                                                        0x00bd9d27
                                                                                                                                                                                                                                                        0x00bd9df9
                                                                                                                                                                                                                                                        0x00bd9df9
                                                                                                                                                                                                                                                        0x00bd9e03
                                                                                                                                                                                                                                                        0x00bd9d39
                                                                                                                                                                                                                                                        0x00bd9d3f
                                                                                                                                                                                                                                                        0x00bd9e19
                                                                                                                                                                                                                                                        0x00bd9e19
                                                                                                                                                                                                                                                        0x00bd9e23
                                                                                                                                                                                                                                                        0x00bd9d51
                                                                                                                                                                                                                                                        0x00bd9d54
                                                                                                                                                                                                                                                        0x00bd9e36
                                                                                                                                                                                                                                                        0x00bd9e4f
                                                                                                                                                                                                                                                        0x00bd9ea8
                                                                                                                                                                                                                                                        0x00bd9eb0
                                                                                                                                                                                                                                                        0x00bd9ec8
                                                                                                                                                                                                                                                        0x00bd9ecb
                                                                                                                                                                                                                                                        0x00bd9edc
                                                                                                                                                                                                                                                        0x00bd9edc
                                                                                                                                                                                                                                                        0x00bd9eb0
                                                                                                                                                                                                                                                        0x00bd9e5c
                                                                                                                                                                                                                                                        0x00bd9e5f
                                                                                                                                                                                                                                                        0x00bd9e61
                                                                                                                                                                                                                                                        0x00bd9e6f
                                                                                                                                                                                                                                                        0x00bd9e72
                                                                                                                                                                                                                                                        0x00bd9e78
                                                                                                                                                                                                                                                        0x00bd9e7b
                                                                                                                                                                                                                                                        0x00bd9e7e
                                                                                                                                                                                                                                                        0x00bd9e84
                                                                                                                                                                                                                                                        0x00bd9e86
                                                                                                                                                                                                                                                        0x00bd9e8c
                                                                                                                                                                                                                                                        0x00bd9e8c
                                                                                                                                                                                                                                                        0x00bd9e86
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9e7e
                                                                                                                                                                                                                                                        0x00bd9d5a
                                                                                                                                                                                                                                                        0x00bd9d60
                                                                                                                                                                                                                                                        0x00bd9ee3
                                                                                                                                                                                                                                                        0x00bd9ee9
                                                                                                                                                                                                                                                        0x00bd9d6e
                                                                                                                                                                                                                                                        0x00bd9d74
                                                                                                                                                                                                                                                        0x00bd9d7f
                                                                                                                                                                                                                                                        0x00bd9d82
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d8e
                                                                                                                                                                                                                                                        0x00bd9f04
                                                                                                                                                                                                                                                        0x00bd9f0e
                                                                                                                                                                                                                                                        0x00bd9da0
                                                                                                                                                                                                                                                        0x00bd9da6
                                                                                                                                                                                                                                                        0x00bd9f24
                                                                                                                                                                                                                                                        0x00bd9f24
                                                                                                                                                                                                                                                        0x00bd9f2b
                                                                                                                                                                                                                                                        0x00bd9db5
                                                                                                                                                                                                                                                        0x00bd9dbb
                                                                                                                                                                                                                                                        0x00bd9f36
                                                                                                                                                                                                                                                        0x00bd9f40
                                                                                                                                                                                                                                                        0x00bd9dcd
                                                                                                                                                                                                                                                        0x00bd9dd3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9dd5
                                                                                                                                                                                                                                                        0x00bd9dd8
                                                                                                                                                                                                                                                        0x00bd9dda
                                                                                                                                                                                                                                                        0x00bd9dda
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9dd8
                                                                                                                                                                                                                                                        0x00bd9f46
                                                                                                                                                                                                                                                        0x00bd9f46
                                                                                                                                                                                                                                                        0x00bd9f50
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9f56
                                                                                                                                                                                                                                                        0x00bd9dc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9dc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9f31
                                                                                                                                                                                                                                                        0x00bd9dac
                                                                                                                                                                                                                                                        0x00bd9daf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9daf
                                                                                                                                                                                                                                                        0x00bd9f14
                                                                                                                                                                                                                                                        0x00bd9f14
                                                                                                                                                                                                                                                        0x00bd9f1e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9f1e
                                                                                                                                                                                                                                                        0x00bd9d9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d9a
                                                                                                                                                                                                                                                        0x00bd9d76
                                                                                                                                                                                                                                                        0x00bd9d79
                                                                                                                                                                                                                                                        0x00bd9d7b
                                                                                                                                                                                                                                                        0x00bd9d7b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d79
                                                                                                                                                                                                                                                        0x00bd9eef
                                                                                                                                                                                                                                                        0x00bd9eef
                                                                                                                                                                                                                                                        0x00bd9ef9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9eff
                                                                                                                                                                                                                                                        0x00bd9d68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d68
                                                                                                                                                                                                                                                        0x00bd9e29
                                                                                                                                                                                                                                                        0x00bd9e29
                                                                                                                                                                                                                                                        0x00bd9e30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9e30
                                                                                                                                                                                                                                                        0x00bd9d45
                                                                                                                                                                                                                                                        0x00bd9d4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d4b
                                                                                                                                                                                                                                                        0x00bd9e09
                                                                                                                                                                                                                                                        0x00bd9e09
                                                                                                                                                                                                                                                        0x00bd9e13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9e13
                                                                                                                                                                                                                                                        0x00bd9d2d
                                                                                                                                                                                                                                                        0x00bd9d33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d33
                                                                                                                                                                                                                                                        0x00bd9ded
                                                                                                                                                                                                                                                        0x00bd9ded
                                                                                                                                                                                                                                                        0x00bd9df3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9df3
                                                                                                                                                                                                                                                        0x00bd9d1f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d1f
                                                                                                                                                                                                                                                        0x00bd9ce4
                                                                                                                                                                                                                                                        0x00bd9ceb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll,00000000,?,?,?,?,00BCDA5E,00000000,?,?,?), ref: 00BD9E9C
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetProcessMitigationPolicy), ref: 00BD9EA8
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,00BCDA5E,00000000,?,?,?), ref: 00BD9ECB
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcProcess
                                                                                                                                                                                                                                                        • String ID: GetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 4190356694-1680159014
                                                                                                                                                                                                                                                        • Opcode ID: 95062ac9dfca185b3878c78fef0720edc492cd30415dbe61ccc5258fdf00bca3
                                                                                                                                                                                                                                                        • Instruction ID: 53c7b8bcaec4f16057d781c543d2ba7ce69f436e32d9f02f07731ccfb1e5b734
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 95062ac9dfca185b3878c78fef0720edc492cd30415dbe61ccc5258fdf00bca3
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 646170749042448AEB25CF19C5C57A2FBE2EB55354F08C0EACC898F39AF7B8D888D751
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 26%
                                                                                                                                                                                                                                                        			E00BBDD10(void* __ebx, signed int __ecx, void* __edi) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				void* _t85;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				void* _t95;
                                                                                                                                                                                                                                                        				signed short _t96;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				signed int _t113;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        				void* _t120;
                                                                                                                                                                                                                                                        				intOrPtr* _t122;
                                                                                                                                                                                                                                                        				intOrPtr* _t135;
                                                                                                                                                                                                                                                        				void* _t137;
                                                                                                                                                                                                                                                        				void* _t138;
                                                                                                                                                                                                                                                        				signed int _t140;
                                                                                                                                                                                                                                                        				void* _t143;
                                                                                                                                                                                                                                                        				void** _t150;
                                                                                                                                                                                                                                                        				void** _t152;
                                                                                                                                                                                                                                                        				signed int _t154;
                                                                                                                                                                                                                                                        				intOrPtr* _t156;
                                                                                                                                                                                                                                                        				signed int _t159;
                                                                                                                                                                                                                                                        				void* _t161;
                                                                                                                                                                                                                                                        				signed int _t162;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t108 = __ecx;
                                                                                                                                                                                                                                                        				_t162 = _t161 - 0xc;
                                                                                                                                                                                                                                                        				_t148 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				if( *__ecx == 0x18) {
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0x18);
                                                                                                                                                                                                                                                        					_t109 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					_t140 = _t84;
                                                                                                                                                                                                                                                        					if(_t109 > 0) {
                                                                                                                                                                                                                                                        						_t85 =  *__ecx;
                                                                                                                                                                                                                                                        						_t101 = 0;
                                                                                                                                                                                                                                                        						_v28 = _t140;
                                                                                                                                                                                                                                                        						_t137 = _t140 + 0x14;
                                                                                                                                                                                                                                                        						_t111 = _t85 + (_t109 + _t109 * 2) * 8;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t137 + _t101 - 4)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t137 + _t101)) = 0;
                                                                                                                                                                                                                                                        							_t47 = _t101 + 0x18; // 0x18
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax+ebx]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [eax+ebx+0x8]");
                                                                                                                                                                                                                                                        							asm("movsd [edx+ebx-0xc], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [edx+ebx-0x14], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax+ebx+0x10]");
                                                                                                                                                                                                                                                        							asm("movsd [edx+ebx-0x4], xmm0");
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t85 + _t101 + 0x10)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t85 + _t101 + 0x14)) = 7;
                                                                                                                                                                                                                                                        							 *((short*)(_t85 + _t101)) = 0;
                                                                                                                                                                                                                                                        							_t101 = _t101 + 0x18;
                                                                                                                                                                                                                                                        						} while (_t85 + _t47 < _t111);
                                                                                                                                                                                                                                                        						_t148 = _v20;
                                                                                                                                                                                                                                                        						_t140 = _v28;
                                                                                                                                                                                                                                                        						_t84 = _t148[1];
                                                                                                                                                                                                                                                        						if(_t84 > 0) {
                                                                                                                                                                                                                                                        							_t102 =  *_t148;
                                                                                                                                                                                                                                                        							_t84 = _t102 + (_t84 + _t84 * 2) * 8;
                                                                                                                                                                                                                                                        							_v24 = _t84;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								L24();
                                                                                                                                                                                                                                                        								_t102 = _t102 + 0x18;
                                                                                                                                                                                                                                                        								if(_t102 >= _v24) {
                                                                                                                                                                                                                                                        									goto L15;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L15:
                                                                                                                                                                                                                                                        					 *_t148 = _t140;
                                                                                                                                                                                                                                                        					_t148[2] = 1;
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t87 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					if(_t87 == 0) {
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t87 >= 0x2000000) {
                                                                                                                                                                                                                                                        							L23:
                                                                                                                                                                                                                                                        							__imp__mozalloc_abort("alloc overflow");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							_t159 = _t162;
                                                                                                                                                                                                                                                        							_push(_t148);
                                                                                                                                                                                                                                                        							_t154 = _t108;
                                                                                                                                                                                                                                                        							_t118 =  *((intOrPtr*)(_t108 + 0x14));
                                                                                                                                                                                                                                                        							if(_t118 >= 8) {
                                                                                                                                                                                                                                                        								_t92 =  *_t154;
                                                                                                                                                                                                                                                        								if((_t118 + 0x00000001 & 0x7ffff800) != 0) {
                                                                                                                                                                                                                                                        									_t120 = _t92;
                                                                                                                                                                                                                                                        									_t92 =  *(_t92 - 4);
                                                                                                                                                                                                                                                        									_t122 = _t120 + 0xfffffffc - _t92;
                                                                                                                                                                                                                                                        									if(_t122 < 0x20) {
                                                                                                                                                                                                                                                        										goto L27;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										_t160 = _t162;
                                                                                                                                                                                                                                                        										_t93 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        										_t156 = _t122;
                                                                                                                                                                                                                                                        										_v52 = _t93 ^ _t162;
                                                                                                                                                                                                                                                        										 *_t122 = 0;
                                                                                                                                                                                                                                                        										 *((char*)(_t122 + 0x10)) = 0;
                                                                                                                                                                                                                                                        										_t95 = _t122 + 0x14;
                                                                                                                                                                                                                                                        										_v56 = 0x209;
                                                                                                                                                                                                                                                        										__imp__QueryFullProcessImageNameW( *_t135, 1, _t95,  &_v56, _t154, _t159); // executed
                                                                                                                                                                                                                                                        										if(_t95 == 0) {
                                                                                                                                                                                                                                                        											_t96 = GetLastError();
                                                                                                                                                                                                                                                        											 *((char*)(_t156 + 0x10)) = 1;
                                                                                                                                                                                                                                                        											 *(_t156 + 4) = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t156 + 8)) = 0x1e;
                                                                                                                                                                                                                                                        											_t126 =  <=  ? _t96 : _t96 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t156 + 0xc)) =  <=  ? _t96 : _t96 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										E00BEECB0(_v20 ^ _t160, _t135);
                                                                                                                                                                                                                                                        										return _t156;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L27:
                                                                                                                                                                                                                                                        									free(_t92);
                                                                                                                                                                                                                                                        									goto L25;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L25:
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t154 + 0x10)) = 0;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t154 + 0x14)) = 7;
                                                                                                                                                                                                                                                        								 *_t154 = 0;
                                                                                                                                                                                                                                                        								return _t92;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t148 = _v20;
                                                                                                                                                                                                                                                        							_t135 = (_t87 << 4) + (_t87 << 4) * 2;
                                                                                                                                                                                                                                                        							asm("bsr ecx, ecx");
                                                                                                                                                                                                                                                        							_t106 =  <  ? 1 : 1 <<  ~(_t135 - 0x00000001 ^ 0x0000001f);
                                                                                                                                                                                                                                                        							_t107 = ( <  ? 1 : 1 <<  ~(_t135 - 0x00000001 ^ 0x0000001f)) - _t135;
                                                                                                                                                                                                                                                        							_t173 = ( <  ? 1 : 1 <<  ~(_t135 - 0x00000001 ^ 0x0000001f)) - _t135 - 0x17;
                                                                                                                                                                                                                                                        							_t108 = 0 | ( <  ? 1 : 1 <<  ~(_t135 - 0x00000001 ^ 0x0000001f)) - _t135 - 0x00000017 > 0x00000000;
                                                                                                                                                                                                                                                        							_t92 = _t108 + _t87 * 2;
                                                                                                                                                                                                                                                        							if(_t92 > 0x7ffffff) {
                                                                                                                                                                                                                                                        								goto L23;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L4:
                                                                                                                                                                                                                                                        								_v28 = 1;
                                                                                                                                                                                                                                                        								__imp__moz_xmalloc(0x18);
                                                                                                                                                                                                                                                        								_t113 = _t148[1];
                                                                                                                                                                                                                                                        								_t103 =  *_t148;
                                                                                                                                                                                                                                                        								_v24 = 0x18;
                                                                                                                                                                                                                                                        								if(_t113 <= 0) {
                                                                                                                                                                                                                                                        									_t143 = _t103 + (_t113 + _t113 * 2) * 8;
                                                                                                                                                                                                                                                        									_t115 = _t103;
                                                                                                                                                                                                                                                        									if(_t115 >= _t143) {
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L18;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L33;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t138 = 0;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(0x2c + _t138 - 4)) = 0;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(0x2c + _t138)) = 0;
                                                                                                                                                                                                                                                        										_t152 = _v20;
                                                                                                                                                                                                                                                        										asm("movsd xmm0, [ebx+edx+0x10]");
                                                                                                                                                                                                                                                        										asm("movsd [eax+edx-0x4], xmm0");
                                                                                                                                                                                                                                                        										asm("movsd xmm0, [ebx+edx]");
                                                                                                                                                                                                                                                        										asm("movsd xmm1, [ebx+edx+0x8]");
                                                                                                                                                                                                                                                        										asm("movsd [eax+edx-0xc], xmm1");
                                                                                                                                                                                                                                                        										asm("movsd [eax+edx-0x14], xmm0");
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t103 + _t138 + 0x10)) = 0;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t103 + _t138 + 0x14)) = 7;
                                                                                                                                                                                                                                                        										 *((short*)(_t103 + _t138)) = 0;
                                                                                                                                                                                                                                                        										_t115 =  *_t152;
                                                                                                                                                                                                                                                        										_t28 = _t138 + 0x18; // 0x19
                                                                                                                                                                                                                                                        										_t138 = _t138 + 0x18;
                                                                                                                                                                                                                                                        										_t143 = _t115 + (_t152[1] + _t152[1] * 2) * 8;
                                                                                                                                                                                                                                                        									} while (_t103 + _t28 < _t143);
                                                                                                                                                                                                                                                        									if(_t115 < _t143) {
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											L24();
                                                                                                                                                                                                                                                        											_t115 = _t115 + 0x18;
                                                                                                                                                                                                                                                        										} while (_t115 < _t143);
                                                                                                                                                                                                                                                        										_t150 = _v20;
                                                                                                                                                                                                                                                        										_t115 =  *_t150;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L8:
                                                                                                                                                                                                                                                        										_t150 = _v20;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								free(_t115);
                                                                                                                                                                                                                                                        								_t84 = _v24;
                                                                                                                                                                                                                                                        								 *_t150 = _t84;
                                                                                                                                                                                                                                                        								_t150[2] = _v28;
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								return _t84;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L33:
                                                                                                                                                                                                                                                        			}






































                                                                                                                                                                                                                                                        0x00bbdd10
                                                                                                                                                                                                                                                        0x00bbdd16
                                                                                                                                                                                                                                                        0x00bbdd1c
                                                                                                                                                                                                                                                        0x00bbdd1e
                                                                                                                                                                                                                                                        0x00bbdd21
                                                                                                                                                                                                                                                        0x00bbde3b
                                                                                                                                                                                                                                                        0x00bbde44
                                                                                                                                                                                                                                                        0x00bbde47
                                                                                                                                                                                                                                                        0x00bbde4b
                                                                                                                                                                                                                                                        0x00bbde4d
                                                                                                                                                                                                                                                        0x00bbde54
                                                                                                                                                                                                                                                        0x00bbde56
                                                                                                                                                                                                                                                        0x00bbde59
                                                                                                                                                                                                                                                        0x00bbde5c
                                                                                                                                                                                                                                                        0x00bbde60
                                                                                                                                                                                                                                                        0x00bbde60
                                                                                                                                                                                                                                                        0x00bbde68
                                                                                                                                                                                                                                                        0x00bbde6f
                                                                                                                                                                                                                                                        0x00bbde73
                                                                                                                                                                                                                                                        0x00bbde78
                                                                                                                                                                                                                                                        0x00bbde7e
                                                                                                                                                                                                                                                        0x00bbde84
                                                                                                                                                                                                                                                        0x00bbde8a
                                                                                                                                                                                                                                                        0x00bbde90
                                                                                                                                                                                                                                                        0x00bbde96
                                                                                                                                                                                                                                                        0x00bbde9e
                                                                                                                                                                                                                                                        0x00bbdea6
                                                                                                                                                                                                                                                        0x00bbdeac
                                                                                                                                                                                                                                                        0x00bbdeaf
                                                                                                                                                                                                                                                        0x00bbdeb3
                                                                                                                                                                                                                                                        0x00bbdeb6
                                                                                                                                                                                                                                                        0x00bbdeb9
                                                                                                                                                                                                                                                        0x00bbdebe
                                                                                                                                                                                                                                                        0x00bbdf02
                                                                                                                                                                                                                                                        0x00bbdf07
                                                                                                                                                                                                                                                        0x00bbdf0a
                                                                                                                                                                                                                                                        0x00bbdf0d
                                                                                                                                                                                                                                                        0x00bbdf0f
                                                                                                                                                                                                                                                        0x00bbdf14
                                                                                                                                                                                                                                                        0x00bbdf1a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdf1c
                                                                                                                                                                                                                                                        0x00bbdf0d
                                                                                                                                                                                                                                                        0x00bbdebe
                                                                                                                                                                                                                                                        0x00bbdec0
                                                                                                                                                                                                                                                        0x00bbdec0
                                                                                                                                                                                                                                                        0x00bbdec2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdd27
                                                                                                                                                                                                                                                        0x00bbdd27
                                                                                                                                                                                                                                                        0x00bbdd2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdd32
                                                                                                                                                                                                                                                        0x00bbdd37
                                                                                                                                                                                                                                                        0x00bbdf1e
                                                                                                                                                                                                                                                        0x00bbdf23
                                                                                                                                                                                                                                                        0x00bbdf29
                                                                                                                                                                                                                                                        0x00bbdf2a
                                                                                                                                                                                                                                                        0x00bbdf2b
                                                                                                                                                                                                                                                        0x00bbdf2c
                                                                                                                                                                                                                                                        0x00bbdf2d
                                                                                                                                                                                                                                                        0x00bbdf2e
                                                                                                                                                                                                                                                        0x00bbdf2f
                                                                                                                                                                                                                                                        0x00bbdf31
                                                                                                                                                                                                                                                        0x00bbdf33
                                                                                                                                                                                                                                                        0x00bbdf34
                                                                                                                                                                                                                                                        0x00bbdf36
                                                                                                                                                                                                                                                        0x00bbdf3c
                                                                                                                                                                                                                                                        0x00bbdf54
                                                                                                                                                                                                                                                        0x00bbdf5d
                                                                                                                                                                                                                                                        0x00bbdf6b
                                                                                                                                                                                                                                                        0x00bbdf6d
                                                                                                                                                                                                                                                        0x00bbdf73
                                                                                                                                                                                                                                                        0x00bbdf78
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdf7a
                                                                                                                                                                                                                                                        0x00bbdf7a
                                                                                                                                                                                                                                                        0x00bbdf81
                                                                                                                                                                                                                                                        0x00bbdf87
                                                                                                                                                                                                                                                        0x00bbdf8c
                                                                                                                                                                                                                                                        0x00bbdf90
                                                                                                                                                                                                                                                        0x00bbdf93
                                                                                                                                                                                                                                                        0x00bbdf99
                                                                                                                                                                                                                                                        0x00bbdf9d
                                                                                                                                                                                                                                                        0x00bbdfa3
                                                                                                                                                                                                                                                        0x00bbdfb0
                                                                                                                                                                                                                                                        0x00bbdfb8
                                                                                                                                                                                                                                                        0x00bbdfcc
                                                                                                                                                                                                                                                        0x00bbdfd5
                                                                                                                                                                                                                                                        0x00bbdfd9
                                                                                                                                                                                                                                                        0x00bbdfe0
                                                                                                                                                                                                                                                        0x00bbdfef
                                                                                                                                                                                                                                                        0x00bbdff2
                                                                                                                                                                                                                                                        0x00bbdff2
                                                                                                                                                                                                                                                        0x00bbdfbf
                                                                                                                                                                                                                                                        0x00bbdfcb
                                                                                                                                                                                                                                                        0x00bbdfcb
                                                                                                                                                                                                                                                        0x00bbdf5f
                                                                                                                                                                                                                                                        0x00bbdf5f
                                                                                                                                                                                                                                                        0x00bbdf60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdf66
                                                                                                                                                                                                                                                        0x00bbdf3e
                                                                                                                                                                                                                                                        0x00bbdf3e
                                                                                                                                                                                                                                                        0x00bbdf3e
                                                                                                                                                                                                                                                        0x00bbdf45
                                                                                                                                                                                                                                                        0x00bbdf4c
                                                                                                                                                                                                                                                        0x00bbdf53
                                                                                                                                                                                                                                                        0x00bbdf53
                                                                                                                                                                                                                                                        0x00bbdd3d
                                                                                                                                                                                                                                                        0x00bbdd49
                                                                                                                                                                                                                                                        0x00bbdd4f
                                                                                                                                                                                                                                                        0x00bbdd55
                                                                                                                                                                                                                                                        0x00bbdd62
                                                                                                                                                                                                                                                        0x00bbdd67
                                                                                                                                                                                                                                                        0x00bbdd69
                                                                                                                                                                                                                                                        0x00bbdd6c
                                                                                                                                                                                                                                                        0x00bbdd6f
                                                                                                                                                                                                                                                        0x00bbdd77
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdd7d
                                                                                                                                                                                                                                                        0x00bbdd7d
                                                                                                                                                                                                                                                        0x00bbdd7d
                                                                                                                                                                                                                                                        0x00bbdd8b
                                                                                                                                                                                                                                                        0x00bbdd94
                                                                                                                                                                                                                                                        0x00bbdd97
                                                                                                                                                                                                                                                        0x00bbdd99
                                                                                                                                                                                                                                                        0x00bbdd9e
                                                                                                                                                                                                                                                        0x00bbdedb
                                                                                                                                                                                                                                                        0x00bbdede
                                                                                                                                                                                                                                                        0x00bbdee2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbdda4
                                                                                                                                                                                                                                                        0x00bbdda7
                                                                                                                                                                                                                                                        0x00bbddb0
                                                                                                                                                                                                                                                        0x00bbddb0
                                                                                                                                                                                                                                                        0x00bbddb8
                                                                                                                                                                                                                                                        0x00bbddbf
                                                                                                                                                                                                                                                        0x00bbddc2
                                                                                                                                                                                                                                                        0x00bbddc8
                                                                                                                                                                                                                                                        0x00bbddce
                                                                                                                                                                                                                                                        0x00bbddd3
                                                                                                                                                                                                                                                        0x00bbddd9
                                                                                                                                                                                                                                                        0x00bbdddf
                                                                                                                                                                                                                                                        0x00bbdde5
                                                                                                                                                                                                                                                        0x00bbdded
                                                                                                                                                                                                                                                        0x00bbddf5
                                                                                                                                                                                                                                                        0x00bbddfe
                                                                                                                                                                                                                                                        0x00bbde00
                                                                                                                                                                                                                                                        0x00bbde04
                                                                                                                                                                                                                                                        0x00bbde0a
                                                                                                                                                                                                                                                        0x00bbde0d
                                                                                                                                                                                                                                                        0x00bbde13
                                                                                                                                                                                                                                                        0x00bbdee8
                                                                                                                                                                                                                                                        0x00bbdee8
                                                                                                                                                                                                                                                        0x00bbdeea
                                                                                                                                                                                                                                                        0x00bbdef1
                                                                                                                                                                                                                                                        0x00bbdef4
                                                                                                                                                                                                                                                        0x00bbdef8
                                                                                                                                                                                                                                                        0x00bbdefb
                                                                                                                                                                                                                                                        0x00bbde19
                                                                                                                                                                                                                                                        0x00bbde19
                                                                                                                                                                                                                                                        0x00bbde19
                                                                                                                                                                                                                                                        0x00bbde19
                                                                                                                                                                                                                                                        0x00bbde13
                                                                                                                                                                                                                                                        0x00bbde1d
                                                                                                                                                                                                                                                        0x00bbde26
                                                                                                                                                                                                                                                        0x00bbde2c
                                                                                                                                                                                                                                                        0x00bbde2e
                                                                                                                                                                                                                                                        0x00bbde31
                                                                                                                                                                                                                                                        0x00bbde38
                                                                                                                                                                                                                                                        0x00bbde38
                                                                                                                                                                                                                                                        0x00bbdd77
                                                                                                                                                                                                                                                        0x00bbdd37
                                                                                                                                                                                                                                                        0x00bbdd2c
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 00BBDD8B
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000001), ref: 00BBDE1D
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000018), ref: 00BBDE3B
                                                                                                                                                                                                                                                        • mozalloc_abort.MOZGLUE(alloc overflow), ref: 00BBDF23
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$freemozalloc_abort
                                                                                                                                                                                                                                                        • String ID: alloc overflow
                                                                                                                                                                                                                                                        • API String ID: 588434636-749304246
                                                                                                                                                                                                                                                        • Opcode ID: 5828a8fd71099e451206b16ee9b35addf90470a7208d6079bdd3bd97e14ddab3
                                                                                                                                                                                                                                                        • Instruction ID: 10d94ae8c5b9623c7d5afc9c2f3c8bdb37b78d784b19b80530dc8c7543eb23c0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5828a8fd71099e451206b16ee9b35addf90470a7208d6079bdd3bd97e14ddab3
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 97519B71D0071A8FCB24CF58C890ABAB7B1FF85308F5545ADC8066F252EBB5E955CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBFD70(void* __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				char* _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				char* _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				char* _v72;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				intOrPtr _v80;
                                                                                                                                                                                                                                                        				signed int _v84;
                                                                                                                                                                                                                                                        				signed int _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				intOrPtr _v96;
                                                                                                                                                                                                                                                        				intOrPtr _v100;
                                                                                                                                                                                                                                                        				signed int _v104;
                                                                                                                                                                                                                                                        				intOrPtr _v108;
                                                                                                                                                                                                                                                        				signed int _t76;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        				char* _t83;
                                                                                                                                                                                                                                                        				intOrPtr _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t85;
                                                                                                                                                                                                                                                        				intOrPtr* _t87;
                                                                                                                                                                                                                                                        				intOrPtr* _t89;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				intOrPtr _t98;
                                                                                                                                                                                                                                                        				intOrPtr _t104;
                                                                                                                                                                                                                                                        				intOrPtr _t113;
                                                                                                                                                                                                                                                        				intOrPtr _t115;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				signed int _t118;
                                                                                                                                                                                                                                                        				intOrPtr _t124;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t99 = __ecx;
                                                                                                                                                                                                                                                        				_t76 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t76 ^ _t126;
                                                                                                                                                                                                                                                        				_t2 = _t99 + 0xc; // 0x1
                                                                                                                                                                                                                                                        				if( *_t2 - 1 < 2) {
                                                                                                                                                                                                                                                        					L24:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t126, _t109);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t125 = __ecx;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_t82 = GetModuleHandleW(L"kernel32.dll") & 0xfffffffc;
                                                                                                                                                                                                                                                        				if(_t82 == 0 || ( *_t82 & 0x0000ffff) != 0x5a4d) {
                                                                                                                                                                                                                                                        					L23:
                                                                                                                                                                                                                                                        					_t83 =  &_v36;
                                                                                                                                                                                                                                                        					_v92 = _t83;
                                                                                                                                                                                                                                                        					_v84 = 0;
                                                                                                                                                                                                                                                        					_v88 = 0;
                                                                                                                                                                                                                                                        					_v76 = 0;
                                                                                                                                                                                                                                                        					_v80 = 0;
                                                                                                                                                                                                                                                        					_v72 = _t83;
                                                                                                                                                                                                                                                        					_v68 = 0;
                                                                                                                                                                                                                                                        					_v64 = 0;
                                                                                                                                                                                                                                                        					_v60 = _t83;
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_v48 = _t83;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					goto L24;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t109 =  *((intOrPtr*)(_t82 + 0x3c)) + _t82;
                                                                                                                                                                                                                                                        					if(_t109 == 0 ||  *_t109 != 0x4550 || ( *(_t109 + 0x18) & 0x0000ffff) != 0x10b ||  *((intOrPtr*)(_t109 + 0x50)) <= 0x137 ||  *((intOrPtr*)(_t109 + 0x74)) == 0) {
                                                                                                                                                                                                                                                        						goto L23;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t104 =  *((intOrPtr*)(_t109 + 0x78));
                                                                                                                                                                                                                                                        						if(_t104 == 0) {
                                                                                                                                                                                                                                                        							goto L23;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t109 =  *(_t109 + 0x7c);
                                                                                                                                                                                                                                                        						if(_t109 == 0) {
                                                                                                                                                                                                                                                        							goto L23;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t117 = _t104 + _t82;
                                                                                                                                                                                                                                                        						if(_t117 == 0) {
                                                                                                                                                                                                                                                        							goto L23;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t118 =  *(_t117 + 0x14);
                                                                                                                                                                                                                                                        						if(_t118 == 0) {
                                                                                                                                                                                                                                                        							goto L23;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_v104 = _t109;
                                                                                                                                                                                                                                                        							_v92 =  &_v36;
                                                                                                                                                                                                                                                        							_v88 = _t82;
                                                                                                                                                                                                                                                        							_v84 =  *((intOrPtr*)(_t82 + _t104 + 0x10));
                                                                                                                                                                                                                                                        							_v80 = _t104;
                                                                                                                                                                                                                                                        							_v76 = _t109 + _t104;
                                                                                                                                                                                                                                                        							_t95 =  *((intOrPtr*)(_t82 + _t104 + 0x1c)) + _t82;
                                                                                                                                                                                                                                                        							_t113 =  >=  ? _t118 : _t118 & 0x3fffffff;
                                                                                                                                                                                                                                                        							_v108 = _t95;
                                                                                                                                                                                                                                                        							_v72 =  &_v36;
                                                                                                                                                                                                                                                        							_v68 = _t95;
                                                                                                                                                                                                                                                        							_v64 = _t113;
                                                                                                                                                                                                                                                        							_v100 = _t113;
                                                                                                                                                                                                                                                        							_t120 =  *(_t82 + _t104 + 0x18);
                                                                                                                                                                                                                                                        							_t115 =  *((intOrPtr*)(_t82 + _t104 + 0x20)) + _t82;
                                                                                                                                                                                                                                                        							_v96 = _t115;
                                                                                                                                                                                                                                                        							_t98 =  >=  ?  *(_t82 + _t104 + 0x18) : _t120 & 0x3fffffff;
                                                                                                                                                                                                                                                        							_v60 =  &_v36;
                                                                                                                                                                                                                                                        							_v56 = _t115;
                                                                                                                                                                                                                                                        							_v52 = _t98;
                                                                                                                                                                                                                                                        							_t109 =  *(_t82 + _t104 + 0x18);
                                                                                                                                                                                                                                                        							_t84 = _t82 +  *((intOrPtr*)(_t82 + _t104 + 0x24));
                                                                                                                                                                                                                                                        							_t124 =  >=  ?  *(_t82 + _t104 + 0x18) : _t109 & 0x7fffffff;
                                                                                                                                                                                                                                                        							_t44 =  &_v104;
                                                                                                                                                                                                                                                        							 *_t44 = _v104 + _t104;
                                                                                                                                                                                                                                                        							_v48 =  &_v36;
                                                                                                                                                                                                                                                        							_v44 = _t84;
                                                                                                                                                                                                                                                        							_v40 = _t124;
                                                                                                                                                                                                                                                        							if( *_t44 != 0 && _v108 != 0 && _v100 != 0 && _v96 != 0 && _t98 != 0 && _t84 != 0 && _t124 != 0) {
                                                                                                                                                                                                                                                        								_t109 = "FlushInstructionCache";
                                                                                                                                                                                                                                                        								_t85 = E00BBFFB0( &_v92, "FlushInstructionCache");
                                                                                                                                                                                                                                                        								if(_t85 != 0) {
                                                                                                                                                                                                                                                        									_t109 = "GetSystemInfo";
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t125 + 0x10)) =  *_t85;
                                                                                                                                                                                                                                                        									_t87 = E00BBFFB0( &_v92, "GetSystemInfo");
                                                                                                                                                                                                                                                        									if(_t87 != 0) {
                                                                                                                                                                                                                                                        										_t109 = "VirtualProtect";
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t125 + 0x14)) =  *_t87;
                                                                                                                                                                                                                                                        										_t89 = E00BBFFB0( &_v92, "VirtualProtect");
                                                                                                                                                                                                                                                        										if(_t89 != 0) {
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t125 + 0x18)) =  *_t89;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t125 + 0xc)) = 1;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L24;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}











































                                                                                                                                                                                                                                                        0x00bbfd70
                                                                                                                                                                                                                                                        0x00bbfd79
                                                                                                                                                                                                                                                        0x00bbfd80
                                                                                                                                                                                                                                                        0x00bbfd83
                                                                                                                                                                                                                                                        0x00bbfd8a
                                                                                                                                                                                                                                                        0x00bbff9e
                                                                                                                                                                                                                                                        0x00bbffaf
                                                                                                                                                                                                                                                        0x00bbffaf
                                                                                                                                                                                                                                                        0x00bbfd90
                                                                                                                                                                                                                                                        0x00bbfd92
                                                                                                                                                                                                                                                        0x00bbfd99
                                                                                                                                                                                                                                                        0x00bbfda0
                                                                                                                                                                                                                                                        0x00bbfdb2
                                                                                                                                                                                                                                                        0x00bbfdb5
                                                                                                                                                                                                                                                        0x00bbff49
                                                                                                                                                                                                                                                        0x00bbff49
                                                                                                                                                                                                                                                        0x00bbff4c
                                                                                                                                                                                                                                                        0x00bbff4f
                                                                                                                                                                                                                                                        0x00bbff56
                                                                                                                                                                                                                                                        0x00bbff5d
                                                                                                                                                                                                                                                        0x00bbff64
                                                                                                                                                                                                                                                        0x00bbff6b
                                                                                                                                                                                                                                                        0x00bbff6e
                                                                                                                                                                                                                                                        0x00bbff75
                                                                                                                                                                                                                                                        0x00bbff7c
                                                                                                                                                                                                                                                        0x00bbff7f
                                                                                                                                                                                                                                                        0x00bbff86
                                                                                                                                                                                                                                                        0x00bbff8d
                                                                                                                                                                                                                                                        0x00bbff90
                                                                                                                                                                                                                                                        0x00bbff97
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfdca
                                                                                                                                                                                                                                                        0x00bbfdcd
                                                                                                                                                                                                                                                        0x00bbfdcf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfe08
                                                                                                                                                                                                                                                        0x00bbfe08
                                                                                                                                                                                                                                                        0x00bbfe0d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfe13
                                                                                                                                                                                                                                                        0x00bbfe18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfe20
                                                                                                                                                                                                                                                        0x00bbfe22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfe28
                                                                                                                                                                                                                                                        0x00bbfe2d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfe33
                                                                                                                                                                                                                                                        0x00bbfe36
                                                                                                                                                                                                                                                        0x00bbfe39
                                                                                                                                                                                                                                                        0x00bbfe3c
                                                                                                                                                                                                                                                        0x00bbfe43
                                                                                                                                                                                                                                                        0x00bbfe49
                                                                                                                                                                                                                                                        0x00bbfe4e
                                                                                                                                                                                                                                                        0x00bbfe5b
                                                                                                                                                                                                                                                        0x00bbfe5f
                                                                                                                                                                                                                                                        0x00bbfe65
                                                                                                                                                                                                                                                        0x00bbfe68
                                                                                                                                                                                                                                                        0x00bbfe6b
                                                                                                                                                                                                                                                        0x00bbfe6e
                                                                                                                                                                                                                                                        0x00bbfe71
                                                                                                                                                                                                                                                        0x00bbfe74
                                                                                                                                                                                                                                                        0x00bbfe7e
                                                                                                                                                                                                                                                        0x00bbfe86
                                                                                                                                                                                                                                                        0x00bbfe8b
                                                                                                                                                                                                                                                        0x00bbfe91
                                                                                                                                                                                                                                                        0x00bbfe94
                                                                                                                                                                                                                                                        0x00bbfe97
                                                                                                                                                                                                                                                        0x00bbfe9a
                                                                                                                                                                                                                                                        0x00bbfe9e
                                                                                                                                                                                                                                                        0x00bbfeac
                                                                                                                                                                                                                                                        0x00bbfeaf
                                                                                                                                                                                                                                                        0x00bbfeaf
                                                                                                                                                                                                                                                        0x00bbfeb5
                                                                                                                                                                                                                                                        0x00bbfeb8
                                                                                                                                                                                                                                                        0x00bbfebb
                                                                                                                                                                                                                                                        0x00bbfebe
                                                                                                                                                                                                                                                        0x00bbfefd
                                                                                                                                                                                                                                                        0x00bbff02
                                                                                                                                                                                                                                                        0x00bbff09
                                                                                                                                                                                                                                                        0x00bbff14
                                                                                                                                                                                                                                                        0x00bbff19
                                                                                                                                                                                                                                                        0x00bbff1c
                                                                                                                                                                                                                                                        0x00bbff23
                                                                                                                                                                                                                                                        0x00bbff2a
                                                                                                                                                                                                                                                        0x00bbff2f
                                                                                                                                                                                                                                                        0x00bbff32
                                                                                                                                                                                                                                                        0x00bbff39
                                                                                                                                                                                                                                                        0x00bbff3d
                                                                                                                                                                                                                                                        0x00bbff40
                                                                                                                                                                                                                                                        0x00bbff40
                                                                                                                                                                                                                                                        0x00bbff39
                                                                                                                                                                                                                                                        0x00bbff23
                                                                                                                                                                                                                                                        0x00bbff09
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfebe
                                                                                                                                                                                                                                                        0x00bbfe2d
                                                                                                                                                                                                                                                        0x00bbfdcf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(kernel32.dll), ref: 00BBFDAC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModule
                                                                                                                                                                                                                                                        • String ID: FlushInstructionCache$GetSystemInfo$VirtualProtect$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 4139908857-4125373761
                                                                                                                                                                                                                                                        • Opcode ID: 7f750bd197323378889c06f0edb1983a689e7230e97cc7a78aa28e300ad5dbb7
                                                                                                                                                                                                                                                        • Instruction ID: f24cd4e92892e2a8ea8bf4ea328bdafd28435982141790a5396a753b60db6a00
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7f750bd197323378889c06f0edb1983a689e7230e97cc7a78aa28e300ad5dbb7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EE610471E012098FDB24CFA9C8947FDBBF2FB89314F2481AAD414AB295DBB49845CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BDBAD0(char* __edx, intOrPtr _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				int _v32;
                                                                                                                                                                                                                                                        				int _v36;
                                                                                                                                                                                                                                                        				int _v40;
                                                                                                                                                                                                                                                        				int _v44;
                                                                                                                                                                                                                                                        				int _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				int _v56;
                                                                                                                                                                                                                                                        				int _v60;
                                                                                                                                                                                                                                                        				int _v64;
                                                                                                                                                                                                                                                        				int _v68;
                                                                                                                                                                                                                                                        				int _v72;
                                                                                                                                                                                                                                                        				int _v76;
                                                                                                                                                                                                                                                        				int _v80;
                                                                                                                                                                                                                                                        				short _v84;
                                                                                                                                                                                                                                                        				int _v88;
                                                                                                                                                                                                                                                        				int _v92;
                                                                                                                                                                                                                                                        				int _v96;
                                                                                                                                                                                                                                                        				int _v100;
                                                                                                                                                                                                                                                        				int _v104;
                                                                                                                                                                                                                                                        				int _v108;
                                                                                                                                                                                                                                                        				int _v112;
                                                                                                                                                                                                                                                        				int _v116;
                                                                                                                                                                                                                                                        				int _v120;
                                                                                                                                                                                                                                                        				char _v124;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				int _t37;
                                                                                                                                                                                                                                                        				int _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t40;
                                                                                                                                                                                                                                                        				intOrPtr* _t45;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 = __edx;
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t45 = _a12;
                                                                                                                                                                                                                                                        				_t47 = 0;
                                                                                                                                                                                                                                                        				_v20 = _t33 ^ _t48;
                                                                                                                                                                                                                                                        				if(_t45 != 0) {
                                                                                                                                                                                                                                                        					_t40 =  *_t45;
                                                                                                                                                                                                                                                        					if(_t40 == 0x48 || _t40 == 0x28) {
                                                                                                                                                                                                                                                        						_t44 =  &_v124;
                                                                                                                                                                                                                                                        						_v116 = 0;
                                                                                                                                                                                                                                                        						_v120 = 0;
                                                                                                                                                                                                                                                        						_v108 = 0;
                                                                                                                                                                                                                                                        						_v112 = 0;
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_v104 = 0;
                                                                                                                                                                                                                                                        						_v92 = 0;
                                                                                                                                                                                                                                                        						_v96 = 0;
                                                                                                                                                                                                                                                        						_v84 = 0;
                                                                                                                                                                                                                                                        						_v88 = 0;
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						_v80 = 0;
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_v72 = 0;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v64 = 0;
                                                                                                                                                                                                                                                        						_v52 = 0;
                                                                                                                                                                                                                                                        						_v56 = 0;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v24 = 0;
                                                                                                                                                                                                                                                        						_v124 = 0x68;
                                                                                                                                                                                                                                                        						_t37 = E00BDBC40(_a8,  &_v124, __eflags);
                                                                                                                                                                                                                                                        						_t47 = 0;
                                                                                                                                                                                                                                                        						__eflags = _t37;
                                                                                                                                                                                                                                                        						if(_t37 != 0) {
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x58]");
                                                                                                                                                                                                                                                        							__eflags = _t40 - 0x48;
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x20], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x60]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x18], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x68]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x10], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x78]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x70]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x8], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        							if(_t40 != 0x48) {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t47 = 1;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t39 = WideCharToMultiByte(0, 0,  &_v84, 0xffffffff, _t45 + 0x28, 0x20, 0, 0);
                                                                                                                                                                                                                                                        								__eflags = _t39;
                                                                                                                                                                                                                                                        								if(_t39 != 0) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t48, _t44);
                                                                                                                                                                                                                                                        				return _t47;
                                                                                                                                                                                                                                                        			}





































                                                                                                                                                                                                                                                        0x00bdbad0
                                                                                                                                                                                                                                                        0x00bdbad9
                                                                                                                                                                                                                                                        0x00bdbade
                                                                                                                                                                                                                                                        0x00bdbae1
                                                                                                                                                                                                                                                        0x00bdbae7
                                                                                                                                                                                                                                                        0x00bdbaea
                                                                                                                                                                                                                                                        0x00bdbaec
                                                                                                                                                                                                                                                        0x00bdbaf1
                                                                                                                                                                                                                                                        0x00bdbb11
                                                                                                                                                                                                                                                        0x00bdbb14
                                                                                                                                                                                                                                                        0x00bdbb1b
                                                                                                                                                                                                                                                        0x00bdbb22
                                                                                                                                                                                                                                                        0x00bdbb29
                                                                                                                                                                                                                                                        0x00bdbb30
                                                                                                                                                                                                                                                        0x00bdbb37
                                                                                                                                                                                                                                                        0x00bdbb3e
                                                                                                                                                                                                                                                        0x00bdbb45
                                                                                                                                                                                                                                                        0x00bdbb4c
                                                                                                                                                                                                                                                        0x00bdbb53
                                                                                                                                                                                                                                                        0x00bdbb5a
                                                                                                                                                                                                                                                        0x00bdbb61
                                                                                                                                                                                                                                                        0x00bdbb68
                                                                                                                                                                                                                                                        0x00bdbb6f
                                                                                                                                                                                                                                                        0x00bdbb76
                                                                                                                                                                                                                                                        0x00bdbb7d
                                                                                                                                                                                                                                                        0x00bdbb84
                                                                                                                                                                                                                                                        0x00bdbb8b
                                                                                                                                                                                                                                                        0x00bdbb92
                                                                                                                                                                                                                                                        0x00bdbb99
                                                                                                                                                                                                                                                        0x00bdbba0
                                                                                                                                                                                                                                                        0x00bdbba7
                                                                                                                                                                                                                                                        0x00bdbbae
                                                                                                                                                                                                                                                        0x00bdbbb5
                                                                                                                                                                                                                                                        0x00bdbbbc
                                                                                                                                                                                                                                                        0x00bdbbc3
                                                                                                                                                                                                                                                        0x00bdbbca
                                                                                                                                                                                                                                                        0x00bdbbcf
                                                                                                                                                                                                                                                        0x00bdbbd1
                                                                                                                                                                                                                                                        0x00bdbbd3
                                                                                                                                                                                                                                                        0x00bdbbd9
                                                                                                                                                                                                                                                        0x00bdbbde
                                                                                                                                                                                                                                                        0x00bdbbe1
                                                                                                                                                                                                                                                        0x00bdbbe6
                                                                                                                                                                                                                                                        0x00bdbbeb
                                                                                                                                                                                                                                                        0x00bdbbf0
                                                                                                                                                                                                                                                        0x00bdbbf5
                                                                                                                                                                                                                                                        0x00bdbbfa
                                                                                                                                                                                                                                                        0x00bdbbff
                                                                                                                                                                                                                                                        0x00bdbc04
                                                                                                                                                                                                                                                        0x00bdbc09
                                                                                                                                                                                                                                                        0x00bdbc0d
                                                                                                                                                                                                                                                        0x00bdbc31
                                                                                                                                                                                                                                                        0x00bdbc31
                                                                                                                                                                                                                                                        0x00bdbc0f
                                                                                                                                                                                                                                                        0x00bdbc23
                                                                                                                                                                                                                                                        0x00bdbc29
                                                                                                                                                                                                                                                        0x00bdbc2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdbc2b
                                                                                                                                                                                                                                                        0x00bdbc0d
                                                                                                                                                                                                                                                        0x00bdbbd3
                                                                                                                                                                                                                                                        0x00bdbaf1
                                                                                                                                                                                                                                                        0x00bdbafd
                                                                                                                                                                                                                                                        0x00bdbb0b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,?,00000020,00000000,00000000), ref: 00BDBC23
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide
                                                                                                                                                                                                                                                        • String ID: ($H$H$h
                                                                                                                                                                                                                                                        • API String ID: 626452242-1993871600
                                                                                                                                                                                                                                                        • Opcode ID: 569a58c332b4b36cfcf61be268b26ff264c41ef73bd986f985b1954b69291dd8
                                                                                                                                                                                                                                                        • Instruction ID: 5615bbb4462cee746b72093cd7b8c8dfda323263b9a05ae064ebac774272f29e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 569a58c332b4b36cfcf61be268b26ff264c41ef73bd986f985b1954b69291dd8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5641C7B1D01719DAEB10CF95C89979EFBB5FF45748F214209D4143F280DBBA5549CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BEB5C0(void* __edx, void* __eflags, void* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				void* _v80;
                                                                                                                                                                                                                                                        				intOrPtr _v100;
                                                                                                                                                                                                                                                        				void* _v108;
                                                                                                                                                                                                                                                        				void _v116;
                                                                                                                                                                                                                                                        				char _v120;
                                                                                                                                                                                                                                                        				void* _v121;
                                                                                                                                                                                                                                                        				void _v122;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				int _t32;
                                                                                                                                                                                                                                                        				int _t34;
                                                                                                                                                                                                                                                        				DWORD* _t35;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t41 = __edx;
                                                                                                                                                                                                                                                        				_t23 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t23 ^ _t45;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtQueryInformationProcess",  &_v28);
                                                                                                                                                                                                                                                        				_t27 = _v28;
                                                                                                                                                                                                                                                        				if(_t27 == 0) {
                                                                                                                                                                                                                                                        					_t43 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t42 = _a4;
                                                                                                                                                                                                                                                        					asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        					_t30 =  *_t27(_t42, 0,  &_v64, 0x18, 0);
                                                                                                                                                                                                                                                        					_t43 = 0;
                                                                                                                                                                                                                                                        					if(_t30 == 0) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_t35 =  &_v120;
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_v120 = 0;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						_t32 = ReadProcessMemory(_t42, _v80,  &_v116, 0x14, _t35);
                                                                                                                                                                                                                                                        						_t43 = 0;
                                                                                                                                                                                                                                                        						if(_t32 != 0 && _v120 == 0x14) {
                                                                                                                                                                                                                                                        							_t40 = _v108;
                                                                                                                                                                                                                                                        							_v122 = 0;
                                                                                                                                                                                                                                                        							_t36 = _t40;
                                                                                                                                                                                                                                                        							_t34 = ReadProcessMemory(_t42, _t40,  &_v122, 2, _t35);
                                                                                                                                                                                                                                                        							_t43 = 0;
                                                                                                                                                                                                                                                        							if(_t34 != 0 && _v120 == 2 && _v122 == 0x4d) {
                                                                                                                                                                                                                                                        								_t43 =  ==  ? _t36 : 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t45, _t41);
                                                                                                                                                                                                                                                        				return _t43;
                                                                                                                                                                                                                                                        			}




























                                                                                                                                                                                                                                                        0x00beb5c0
                                                                                                                                                                                                                                                        0x00beb5cc
                                                                                                                                                                                                                                                        0x00beb5d3
                                                                                                                                                                                                                                                        0x00beb5db
                                                                                                                                                                                                                                                        0x00beb5e9
                                                                                                                                                                                                                                                        0x00beb5f1
                                                                                                                                                                                                                                                        0x00beb5f7
                                                                                                                                                                                                                                                        0x00beb6a5
                                                                                                                                                                                                                                                        0x00beb5fd
                                                                                                                                                                                                                                                        0x00beb5fd
                                                                                                                                                                                                                                                        0x00beb600
                                                                                                                                                                                                                                                        0x00beb603
                                                                                                                                                                                                                                                        0x00beb60b
                                                                                                                                                                                                                                                        0x00beb617
                                                                                                                                                                                                                                                        0x00beb624
                                                                                                                                                                                                                                                        0x00beb626
                                                                                                                                                                                                                                                        0x00beb62a
                                                                                                                                                                                                                                                        0x00beb62c
                                                                                                                                                                                                                                                        0x00beb62f
                                                                                                                                                                                                                                                        0x00beb633
                                                                                                                                                                                                                                                        0x00beb63b
                                                                                                                                                                                                                                                        0x00beb647
                                                                                                                                                                                                                                                        0x00beb655
                                                                                                                                                                                                                                                        0x00beb65b
                                                                                                                                                                                                                                                        0x00beb65f
                                                                                                                                                                                                                                                        0x00beb668
                                                                                                                                                                                                                                                        0x00beb66c
                                                                                                                                                                                                                                                        0x00beb678
                                                                                                                                                                                                                                                        0x00beb67f
                                                                                                                                                                                                                                                        0x00beb685
                                                                                                                                                                                                                                                        0x00beb689
                                                                                                                                                                                                                                                        0x00beb6a0
                                                                                                                                                                                                                                                        0x00beb6a0
                                                                                                                                                                                                                                                        0x00beb689
                                                                                                                                                                                                                                                        0x00beb65f
                                                                                                                                                                                                                                                        0x00beb62a
                                                                                                                                                                                                                                                        0x00beb6ad
                                                                                                                                                                                                                                                        0x00beb6bb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNEL32(?,00000000,?,00000014,?), ref: 00BEB655
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNEL32(?,?,00000000,00000002,?), ref: 00BEB67F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: MemoryProcessRead$AddressProc
                                                                                                                                                                                                                                                        • String ID: M$NtQueryInformationProcess$Z
                                                                                                                                                                                                                                                        • API String ID: 746784354-857488985
                                                                                                                                                                                                                                                        • Opcode ID: 11b3c48870dff8623168883d5cbd6536beccf888d5b8cdfa6c1487047105ff62
                                                                                                                                                                                                                                                        • Instruction ID: 435474e54a3e6889fe05847a4a47467284d724f3ff2c6445f600cf5829232c6c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 11b3c48870dff8623168883d5cbd6536beccf888d5b8cdfa6c1487047105ff62
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 802180B1608384AEEB208B55C845F6BF7E8EF84714F40855DFA4497180EBB5D948CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                                                                                                                        			E00BE5220(void* __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				void* _t15;
                                                                                                                                                                                                                                                        				void** _t34;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				void** _t51;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t51 = (_t49 & 0xfffffff8) - 0xc8;
                                                                                                                                                                                                                                                        				_t15 = _a4;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t46 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t40 ^ _t48;
                                                                                                                                                                                                                                                        				if(_t15 == 0) {
                                                                                                                                                                                                                                                        					_push("handle");
                                                                                                                                                                                                                                                        					E00BC1FF0(_t51, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x17f);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        					_t15 = _a4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v212 = 0xffffffff;
                                                                                                                                                                                                                                                        				if(_t15 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t42 = _t51;
                                                                                                                                                                                                                                                        					E00BC2030(_t51, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x180, E00BE5BD0( &_a4, _t51, __eflags));
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        					_t15 = _a4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(SetHandleInformation(_t15, 1, 1) == 0) {
                                                                                                                                                                                                                                                        					E00BC2150(_t51, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x185, 3, GetLastError());
                                                                                                                                                                                                                                                        					E00BBC940(__eflags,  &_v212, "Check failed: result. ");
                                                                                                                                                                                                                                                        					E00BC21A0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t34 =  *(_t46 + 0x9c);
                                                                                                                                                                                                                                                        				_t23 =  *((intOrPtr*)(_t46 + 0xa0));
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t46 + 0xa0)) == _t34) {
                                                                                                                                                                                                                                                        					_t42 =  &_a4;
                                                                                                                                                                                                                                                        					E00BCF210(_t46 + 0x98, _t23,  &_a4);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *_t34 = _a4;
                                                                                                                                                                                                                                                        					 *(_t46 + 0x9c) =  &(( *(_t46 + 0x9c))[1]);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v16 ^ _t48, _t42);
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00be5228
                                                                                                                                                                                                                                                        0x00be522e
                                                                                                                                                                                                                                                        0x00be5231
                                                                                                                                                                                                                                                        0x00be5237
                                                                                                                                                                                                                                                        0x00be523d
                                                                                                                                                                                                                                                        0x00be5244
                                                                                                                                                                                                                                                        0x00be524a
                                                                                                                                                                                                                                                        0x00be5259
                                                                                                                                                                                                                                                        0x00be5260
                                                                                                                                                                                                                                                        0x00be5265
                                                                                                                                                                                                                                                        0x00be5265
                                                                                                                                                                                                                                                        0x00be526b
                                                                                                                                                                                                                                                        0x00be5272
                                                                                                                                                                                                                                                        0x00be52bd
                                                                                                                                                                                                                                                        0x00be52d3
                                                                                                                                                                                                                                                        0x00be52da
                                                                                                                                                                                                                                                        0x00be52df
                                                                                                                                                                                                                                                        0x00be52df
                                                                                                                                                                                                                                                        0x00be5281
                                                                                                                                                                                                                                                        0x00be52fa
                                                                                                                                                                                                                                                        0x00be5309
                                                                                                                                                                                                                                                        0x00be5313
                                                                                                                                                                                                                                                        0x00be5313
                                                                                                                                                                                                                                                        0x00be5283
                                                                                                                                                                                                                                                        0x00be5289
                                                                                                                                                                                                                                                        0x00be5291
                                                                                                                                                                                                                                                        0x00be5323
                                                                                                                                                                                                                                                        0x00be532a
                                                                                                                                                                                                                                                        0x00be5297
                                                                                                                                                                                                                                                        0x00be529a
                                                                                                                                                                                                                                                        0x00be529c
                                                                                                                                                                                                                                                        0x00be529c
                                                                                                                                                                                                                                                        0x00be52b7

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SetHandleInformation.KERNEL32(?,00000001,00000001,/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc,00000180,00000000), ref: 00BE5279
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,00000002,00000001), ref: 00BE5C28
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BE5C40
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BE5C52
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BE5C9A
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BE5CA2
                                                                                                                                                                                                                                                          • Part of subcall function 00BC2030: ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BC2077
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE52E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BCF210: memmove.NTDLL(00000000,?,?,?,?,?,00BE4972,?,00BCCFC5), ref: 00BCF277
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$??1?$basic_streambuf@??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??1ios_base@std@@??2@??3@ErrorHandleInformationLastmemmovestrlen
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc$Check failed: result. $handle
                                                                                                                                                                                                                                                        • API String ID: 3438728347-1146809918
                                                                                                                                                                                                                                                        • Opcode ID: 87bc8899a1164109d01bbef198080b9936b9fbbd49534e271883bc258dcd0b49
                                                                                                                                                                                                                                                        • Instruction ID: a3daa634f72ebe12e979bd656ce353466da627a67719bb7d168bb02216e4c241
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 87bc8899a1164109d01bbef198080b9936b9fbbd49534e271883bc258dcd0b49
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DF21E230B40744ABDA24EB65C852FBE37E6EB80720F04459DBA999B2C1DF709905C792
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 54%
                                                                                                                                                                                                                                                        			E00BCAC30() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t2;
                                                                                                                                                                                                                                                        				intOrPtr _t4;
                                                                                                                                                                                                                                                        				signed char _t7;
                                                                                                                                                                                                                                                        				signed char _t9;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t12;
                                                                                                                                                                                                                                                        				signed char _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t2 = GetProcAddress(GetModuleHandleW(0), "GetHandleVerifier");
                                                                                                                                                                                                                                                        				if(_t2 == 0) {
                                                                                                                                                                                                                                                        					_t9 = 0;
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t12 = _t2;
                                                                                                                                                                                                                                                        					if(_t2 != E00BCAB90) {
                                                                                                                                                                                                                                                        						_t9 =  *_t12();
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t13 = 0;
                                                                                                                                                                                                                                                        						_pop(_t21);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t9 = 0;
                                                                                                                                                                                                                                                        						_t13 = 1;
                                                                                                                                                                                                                                                        						_pop(_t21);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t7 = _t13;
                                                                                                                                                                                                                                                        				_t16 = _t9;
                                                                                                                                                                                                                                                        				_t19 = E00BCACD0();
                                                                                                                                                                                                                                                        				_t4 = E00BC8120(_t3, _t3);
                                                                                                                                                                                                                                                        				if( *0xbfb4a0 == 0) {
                                                                                                                                                                                                                                                        					if(_t16 == 0) {
                                                                                                                                                                                                                                                        						_push(0x34);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t16 = _t4;
                                                                                                                                                                                                                                                        						_t4 = E00BCABB0(_t4, _t7 & 0x000000ff);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *0xbfb4a0 = _t16;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__ReleaseSRWLockExclusive(_t19);
                                                                                                                                                                                                                                                        				return _t4;
                                                                                                                                                                                                                                                        			}











                                                                                                                                                                                                                                                        0x00bcac41
                                                                                                                                                                                                                                                        0x00bcac49
                                                                                                                                                                                                                                                        0x00bcac61
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcac4b
                                                                                                                                                                                                                                                        0x00bcac4b
                                                                                                                                                                                                                                                        0x00bcac52
                                                                                                                                                                                                                                                        0x00bcac67
                                                                                                                                                                                                                                                        0x00bcac69
                                                                                                                                                                                                                                                        0x00bcac69
                                                                                                                                                                                                                                                        0x00bcac6b
                                                                                                                                                                                                                                                        0x00bcac54
                                                                                                                                                                                                                                                        0x00bcac54
                                                                                                                                                                                                                                                        0x00bcac56
                                                                                                                                                                                                                                                        0x00bcac5b
                                                                                                                                                                                                                                                        0x00bcac5b
                                                                                                                                                                                                                                                        0x00bcac52
                                                                                                                                                                                                                                                        0x00bcac86
                                                                                                                                                                                                                                                        0x00bcac88
                                                                                                                                                                                                                                                        0x00bcac91
                                                                                                                                                                                                                                                        0x00bcac93
                                                                                                                                                                                                                                                        0x00bcac9f
                                                                                                                                                                                                                                                        0x00bcaca3
                                                                                                                                                                                                                                                        0x00bcaca5
                                                                                                                                                                                                                                                        0x00bcaca7
                                                                                                                                                                                                                                                        0x00bcacb4
                                                                                                                                                                                                                                                        0x00bcacb6
                                                                                                                                                                                                                                                        0x00bcacb6
                                                                                                                                                                                                                                                        0x00bcacbb
                                                                                                                                                                                                                                                        0x00bcacbb
                                                                                                                                                                                                                                                        0x00bcacc2
                                                                                                                                                                                                                                                        0x00bcaccc

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000,?,00BCABA3), ref: 00BCAC35
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetHandleVerifier), ref: 00BCAC41
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000034,?,?,?,?,00BCABA3), ref: 00BCACA7
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BCACC2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@AddressExclusiveHandleLockModuleProcRelease
                                                                                                                                                                                                                                                        • String ID: GetHandleVerifier
                                                                                                                                                                                                                                                        • API String ID: 2067283998-1090674830
                                                                                                                                                                                                                                                        • Opcode ID: 5da7f45ce82185eb335d5c7de22b7166e617ffd2243a883c5621a1d552f35442
                                                                                                                                                                                                                                                        • Instruction ID: 963357b1489589cb25d3b8b248bda290965de1fb1fe2be9e773ebc7daf6012f8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5da7f45ce82185eb335d5c7de22b7166e617ffd2243a883c5621a1d552f35442
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3F018F3264820C5BDB1867766C59F3B76DADB84769F1040FEF606C3381DE61880182A6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BD9BE0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				void* _t8;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t12;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				char _t15;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t24 = _a4;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t16 ^ _t26;
                                                                                                                                                                                                                                                        				_t23 = _t24 & 0xffff7fff | _a8;
                                                                                                                                                                                                                                                        				if((_t24 & 0xffff7fff | _a8) == 0) {
                                                                                                                                                                                                                                                        					_t8 = E00BCBDD0();
                                                                                                                                                                                                                                                        					_t15 = 1;
                                                                                                                                                                                                                                                        					if(_t8 >= 9 && _t24 < 0) {
                                                                                                                                                                                                                                                        						_v20 = 1;
                                                                                                                                                                                                                                                        						_t12 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "SetThreadInformation");
                                                                                                                                                                                                                                                        						if(_t12 == 0) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t13 = GetCurrentThread();
                                                                                                                                                                                                                                                        							_push(4);
                                                                                                                                                                                                                                                        							_push( &_v20);
                                                                                                                                                                                                                                                        							_push(2);
                                                                                                                                                                                                                                                        							_push(_t13);
                                                                                                                                                                                                                                                        							if( *_t12() == 0) {
                                                                                                                                                                                                                                                        								goto L1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t15 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v16 ^ _t26, _t23);
                                                                                                                                                                                                                                                        				return _t15;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bd9be8
                                                                                                                                                                                                                                                        0x00bd9beb
                                                                                                                                                                                                                                                        0x00bd9bfe
                                                                                                                                                                                                                                                        0x00bd9c01
                                                                                                                                                                                                                                                        0x00bd9c03
                                                                                                                                                                                                                                                        0x00bd9c1a
                                                                                                                                                                                                                                                        0x00bd9c1f
                                                                                                                                                                                                                                                        0x00bd9c24
                                                                                                                                                                                                                                                        0x00bd9c2b
                                                                                                                                                                                                                                                        0x00bd9c43
                                                                                                                                                                                                                                                        0x00bd9c4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9c4d
                                                                                                                                                                                                                                                        0x00bd9c4f
                                                                                                                                                                                                                                                        0x00bd9c58
                                                                                                                                                                                                                                                        0x00bd9c5a
                                                                                                                                                                                                                                                        0x00bd9c5b
                                                                                                                                                                                                                                                        0x00bd9c5d
                                                                                                                                                                                                                                                        0x00bd9c62
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9c64
                                                                                                                                                                                                                                                        0x00bd9c62
                                                                                                                                                                                                                                                        0x00bd9c4b
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c0c
                                                                                                                                                                                                                                                        0x00bd9c19

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00BD9C37
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetThreadInformation), ref: 00BD9C43
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD9C4F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcThread
                                                                                                                                                                                                                                                        • String ID: SetThreadInformation$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 2247210959-3009701951
                                                                                                                                                                                                                                                        • Opcode ID: 41b4d0352bc67fa4e4456455444d7c686aa8ce3c1dfb98509a24430285a8bbe5
                                                                                                                                                                                                                                                        • Instruction ID: 894d6b15ac17b1d5ebf68d33a9173de912540df5ed6f28431cc4d342f42032ee
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 41b4d0352bc67fa4e4456455444d7c686aa8ce3c1dfb98509a24430285a8bbe5
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F3018471B50209ABDF145FB1DC49ABBB7E8EF00354F0484AAE91A97380EE70980487A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BB1F70(char _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t12;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				intOrPtr _t20;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t21;
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t20 = _a8;
                                                                                                                                                                                                                                                        				_v16 = _t8 ^ _t22;
                                                                                                                                                                                                                                                        				if(_t20 != 0) {
                                                                                                                                                                                                                                                        					if( *0xbfa758 == 0) {
                                                                                                                                                                                                                                                        						_t12 = GetProcAddress(GetModuleHandleW(L"kernel32.dll"), "PrefetchVirtualMemory");
                                                                                                                                                                                                                                                        						 *0xbfa754 = _t12;
                                                                                                                                                                                                                                                        						_t21 = _t12;
                                                                                                                                                                                                                                                        						 *0xbfa758 = 1;
                                                                                                                                                                                                                                                        						if(_t21 != 0) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t21 =  *0xbfa754; // 0x0
                                                                                                                                                                                                                                                        						if(_t21 != 0) {
                                                                                                                                                                                                                                                        							L3:
                                                                                                                                                                                                                                                        							_v24 = _a4;
                                                                                                                                                                                                                                                        							_v20 = _t20;
                                                                                                                                                                                                                                                        							_t14 = GetCurrentProcess();
                                                                                                                                                                                                                                                        							 *_t21(_t14, 1,  &_v24, 0);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v16 ^ _t22, _t19);
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bb1f78
                                                                                                                                                                                                                                                        0x00bb1f7d
                                                                                                                                                                                                                                                        0x00bb1f84
                                                                                                                                                                                                                                                        0x00bb1f87
                                                                                                                                                                                                                                                        0x00bb1f90
                                                                                                                                                                                                                                                        0x00bb1fd8
                                                                                                                                                                                                                                                        0x00bb1fde
                                                                                                                                                                                                                                                        0x00bb1fe3
                                                                                                                                                                                                                                                        0x00bb1fe5
                                                                                                                                                                                                                                                        0x00bb1fee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1ff0
                                                                                                                                                                                                                                                        0x00bb1f92
                                                                                                                                                                                                                                                        0x00bb1f92
                                                                                                                                                                                                                                                        0x00bb1f9a
                                                                                                                                                                                                                                                        0x00bb1f9c
                                                                                                                                                                                                                                                        0x00bb1f9f
                                                                                                                                                                                                                                                        0x00bb1fa2
                                                                                                                                                                                                                                                        0x00bb1fa5
                                                                                                                                                                                                                                                        0x00bb1fb4
                                                                                                                                                                                                                                                        0x00bb1fb4
                                                                                                                                                                                                                                                        0x00bb1f9a
                                                                                                                                                                                                                                                        0x00bb1f90
                                                                                                                                                                                                                                                        0x00bb1fc6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BB1FA5
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(kernel32.dll), ref: 00BB1FCC
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,PrefetchVirtualMemory), ref: 00BB1FD8
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcProcess
                                                                                                                                                                                                                                                        • String ID: PrefetchVirtualMemory$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 4190356694-4069913949
                                                                                                                                                                                                                                                        • Opcode ID: fbab893702df7b8d5abfb78a5d5b54e14a56f81622e7075cfbde3ce6833fb67f
                                                                                                                                                                                                                                                        • Instruction ID: 5fbd79becf04be340279276a8f2ea23ff56b3a82b1c9447bc234c731b2266c05
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fbab893702df7b8d5abfb78a5d5b54e14a56f81622e7075cfbde3ce6833fb67f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1101B171D00248AFCB20DFA8EC09BBEBBF4EB44310F004499E918A7290DFB49904CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BD9B70() {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v18;
                                                                                                                                                                                                                                                        				signed short _v20;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t13;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        				signed char _t20;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t10 ^ _t28;
                                                                                                                                                                                                                                                        				_t13 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "IsWow64Process2");
                                                                                                                                                                                                                                                        				if(_t13 == 0) {
                                                                                                                                                                                                                                                        					_t20 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t16 = GetCurrentProcess();
                                                                                                                                                                                                                                                        					_t26 =  &_v18;
                                                                                                                                                                                                                                                        					_t20 = (_t19 & 0xffffff00 | (_v20 & 0x0000ffff) == 0x0000aa64) & ( *_t13(_t16,  &_v18,  &_v20) & 0xffffff00 | _t17 != 0x00000000);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v16 ^ _t28, _t26);
                                                                                                                                                                                                                                                        				return _t20;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bd9b78
                                                                                                                                                                                                                                                        0x00bd9b7f
                                                                                                                                                                                                                                                        0x00bd9b93
                                                                                                                                                                                                                                                        0x00bd9b9b
                                                                                                                                                                                                                                                        0x00bd9bd7
                                                                                                                                                                                                                                                        0x00bd9b9d
                                                                                                                                                                                                                                                        0x00bd9b9f
                                                                                                                                                                                                                                                        0x00bd9ba8
                                                                                                                                                                                                                                                        0x00bd9bc2
                                                                                                                                                                                                                                                        0x00bd9bc2
                                                                                                                                                                                                                                                        0x00bd9bc9
                                                                                                                                                                                                                                                        0x00bd9bd6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00BD9B87
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,IsWow64Process2), ref: 00BD9B93
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD9B9F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcProcess
                                                                                                                                                                                                                                                        • String ID: IsWow64Process2$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 4190356694-2577318745
                                                                                                                                                                                                                                                        • Opcode ID: 5a2ebcd3476df2796dc29f28eff43b4eb9ed9de5eba7e67cd6a184508376032a
                                                                                                                                                                                                                                                        • Instruction ID: 2a471956d0a92dfea9ff690e4d29dcdf3b648b4e85c55cc68871ef648ec82559
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a2ebcd3476df2796dc29f28eff43b4eb9ed9de5eba7e67cd6a184508376032a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20F09C71B4021DAF9B005FB19C899BE77ECEF047057454469F50697190ED789908C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BED090() {
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t1;
                                                                                                                                                                                                                                                        				int _t2;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 = LoadLibraryW(L"kernelbase.dll");
                                                                                                                                                                                                                                                        				 *0xbfb790 = _t1;
                                                                                                                                                                                                                                                        				 *0xbfb794 = 0;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t1 = GetProcAddress(_t1, "VirtualAlloc2");
                                                                                                                                                                                                                                                        					 *0xbfb794 = _t1;
                                                                                                                                                                                                                                                        					if(_t1 == 0) {
                                                                                                                                                                                                                                                        						_t2 = FreeLibrary( *0xbfb790);
                                                                                                                                                                                                                                                        						 *0xbfb790 = 0;
                                                                                                                                                                                                                                                        						return _t2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bed098
                                                                                                                                                                                                                                                        0x00bed0a0
                                                                                                                                                                                                                                                        0x00bed0a5
                                                                                                                                                                                                                                                        0x00bed0af
                                                                                                                                                                                                                                                        0x00bed0c7
                                                                                                                                                                                                                                                        0x00bed0c7
                                                                                                                                                                                                                                                        0x00bed0b1
                                                                                                                                                                                                                                                        0x00bed0b7
                                                                                                                                                                                                                                                        0x00bed0bf
                                                                                                                                                                                                                                                        0x00bed0c4
                                                                                                                                                                                                                                                        0x00bed0ce
                                                                                                                                                                                                                                                        0x00bed0d4
                                                                                                                                                                                                                                                        0x00bed0df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed0c4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernelbase.dll,?,?,?,?,?,?,?,00000000,?,?,00BECEDA,00000000,?,?,?), ref: 00BED098
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,VirtualAlloc2), ref: 00BED0B7
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,?,?,?,?,?,?,00000000,?,?,00BECEDA,00000000,?,?,?,?), ref: 00BED0CE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                        • String ID: VirtualAlloc2$kernelbase.dll
                                                                                                                                                                                                                                                        • API String ID: 145871493-1188699709
                                                                                                                                                                                                                                                        • Opcode ID: 9dd334886cf66dff8350c090fe5ae2b5b7300d7ee1f13c8dda863973ef429eac
                                                                                                                                                                                                                                                        • Instruction ID: caefca4921efbe6cc7b0fbcda7615f39b4b231a40bdc34ee8220d3a976d8467f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9dd334886cf66dff8350c090fe5ae2b5b7300d7ee1f13c8dda863973ef429eac
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 77E07E70695248AED720AF66EC0AB323AE8EB94715F444095E40DC32B1DFB59868CB10
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE530() {
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t1;
                                                                                                                                                                                                                                                        				int _t2;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 = LoadLibraryW(L"kernel32.dll");
                                                                                                                                                                                                                                                        				 *0xbfa76c = _t1;
                                                                                                                                                                                                                                                        				 *0xbfa770 = 0;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t1 = GetProcAddress(_t1, "SetProcessMitigationPolicy");
                                                                                                                                                                                                                                                        					 *0xbfa770 = _t1;
                                                                                                                                                                                                                                                        					if(_t1 == 0) {
                                                                                                                                                                                                                                                        						_t2 = FreeLibrary( *0xbfa76c);
                                                                                                                                                                                                                                                        						 *0xbfa76c = 0;
                                                                                                                                                                                                                                                        						return _t2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bbe538
                                                                                                                                                                                                                                                        0x00bbe540
                                                                                                                                                                                                                                                        0x00bbe545
                                                                                                                                                                                                                                                        0x00bbe54f
                                                                                                                                                                                                                                                        0x00bbe567
                                                                                                                                                                                                                                                        0x00bbe567
                                                                                                                                                                                                                                                        0x00bbe551
                                                                                                                                                                                                                                                        0x00bbe557
                                                                                                                                                                                                                                                        0x00bbe55f
                                                                                                                                                                                                                                                        0x00bbe564
                                                                                                                                                                                                                                                        0x00bbe56e
                                                                                                                                                                                                                                                        0x00bbe574
                                                                                                                                                                                                                                                        0x00bbe57f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe564

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernel32.dll,?,00BB483D), ref: 00BBE538
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetProcessMitigationPolicy), ref: 00BBE557
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,00BB483D), ref: 00BBE56E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                        • String ID: SetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 145871493-3066476245
                                                                                                                                                                                                                                                        • Opcode ID: 7d1331c41f63c0dbc760c4b91ab8495a001ca9703afea020b9328393445050b7
                                                                                                                                                                                                                                                        • Instruction ID: 49016d32708a16ba8f0dff2dfcfde5c4358827fc8827f04626a7f5bb0ad7057a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7d1331c41f63c0dbc760c4b91ab8495a001ca9703afea020b9328393445050b7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AFE075B05843049FD718AF65EC09F713AE8E704B55B004095A50CD3270EFB59955CB11
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BDF410(intOrPtr* _a4, long _a8, long _a12, long _a16, long _a20, char _a24, long _a28) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				long _t61;
                                                                                                                                                                                                                                                        				long* _t64;
                                                                                                                                                                                                                                                        				long _t65;
                                                                                                                                                                                                                                                        				long _t66;
                                                                                                                                                                                                                                                        				long _t67;
                                                                                                                                                                                                                                                        				long _t69;
                                                                                                                                                                                                                                                        				long _t72;
                                                                                                                                                                                                                                                        				long _t75;
                                                                                                                                                                                                                                                        				long _t78;
                                                                                                                                                                                                                                                        				long _t80;
                                                                                                                                                                                                                                                        				long _t82;
                                                                                                                                                                                                                                                        				long _t84;
                                                                                                                                                                                                                                                        				long _t85;
                                                                                                                                                                                                                                                        				intOrPtr* _t86;
                                                                                                                                                                                                                                                        				char _t91;
                                                                                                                                                                                                                                                        				long _t92;
                                                                                                                                                                                                                                                        				long _t94;
                                                                                                                                                                                                                                                        				long _t106;
                                                                                                                                                                                                                                                        				intOrPtr* _t108;
                                                                                                                                                                                                                                                        				long* _t110;
                                                                                                                                                                                                                                                        				long _t111;
                                                                                                                                                                                                                                                        				signed int _t112;
                                                                                                                                                                                                                                                        				long _t114;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t114 = (_t112 & 0xfffffff0) - 0x80;
                                                                                                                                                                                                                                                        				_t110 = _t114;
                                                                                                                                                                                                                                                        				_t110[0x18] = _t111;
                                                                                                                                                                                                                                                        				_t110[0x19] = _t114;
                                                                                                                                                                                                                                                        				_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        				_t110[0x1d] = 0xbf96e0;
                                                                                                                                                                                                                                                        				_t110[0x1c] = 0xbef860;
                                                                                                                                                                                                                                                        				_t91 = _a24;
                                                                                                                                                                                                                                                        				_t94 = _a28;
                                                                                                                                                                                                                                                        				_t106 = _a20;
                                                                                                                                                                                                                                                        				_t110[0x1b] =  *[fs:0x0];
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &(_t110[0x1b]);
                                                                                                                                                                                                                                                        				if( *0xbfb618 == 0) {
                                                                                                                                                                                                                                                        					_t108 = 0;
                                                                                                                                                                                                                                                        					 *_t110 = 0;
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_t61 =  *_a4(_a8, _a12, _a16, _t106, _t91, _t94);
                                                                                                                                                                                                                                                        					if(_t61 != 0) {
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						 *[fs:0x0] = _t110[0x1b];
                                                                                                                                                                                                                                                        						return _t61;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t92 = GetLastError();
                                                                                                                                                                                                                                                        					if( *_t110 != 0) {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t64 =  *((intOrPtr*)( *_t108 + 8))();
                                                                                                                                                                                                                                                        						__eflags =  *_t64;
                                                                                                                                                                                                                                                        						if( *_t64 <= 0) {
                                                                                                                                                                                                                                                        							L16:
                                                                                                                                                                                                                                                        							_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        							SetLastError(_t92);
                                                                                                                                                                                                                                                        							_t61 = 0;
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t65 = _a28;
                                                                                                                                                                                                                                                        						__eflags = _t65;
                                                                                                                                                                                                                                                        						if(_t65 == 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							__eflags = _a8;
                                                                                                                                                                                                                                                        							_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        							if(_a8 != 0) {
                                                                                                                                                                                                                                                        								goto L16;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _a16;
                                                                                                                                                                                                                                                        							if(_a16 != 0) {
                                                                                                                                                                                                                                                        								_t66 = E00BE3790();
                                                                                                                                                                                                                                                        								__eflags = _t66;
                                                                                                                                                                                                                                                        								if(_t66 == 0) {
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t67 =  *0xbfb68c;
                                                                                                                                                                                                                                                        								__eflags = _t67;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110[1] = _t67;
                                                                                                                                                                                                                                                        								asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        								asm("movaps [esi+0x40], xmm0");
                                                                                                                                                                                                                                                        								asm("movaps [esi+0x30], xmm0");
                                                                                                                                                                                                                                                        								asm("movaps [esi+0x20], xmm0");
                                                                                                                                                                                                                                                        								_t110[0x14] = 0;
                                                                                                                                                                                                                                                        								_t110[2] = _t67 +  *((intOrPtr*)(_t67 + 8));
                                                                                                                                                                                                                                                        								_t69 = E00BE6680( &(_t110[1]), __eflags);
                                                                                                                                                                                                                                                        								__eflags = _t69;
                                                                                                                                                                                                                                                        								if(_t69 == 0) {
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t109 = _t69;
                                                                                                                                                                                                                                                        								 *_t69 = 0x16;
                                                                                                                                                                                                                                                        								 *(_t69 + 4) = 0;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t69 + 0x3c)) = 4;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t69 + 0x44)) = 0x7c;
                                                                                                                                                                                                                                                        								_t110[5] = _a12;
                                                                                                                                                                                                                                                        								_t72 = E00BD55B0(_t69, 0,  &(_t110[5]), 4, 0, 4);
                                                                                                                                                                                                                                                        								__eflags = _t72;
                                                                                                                                                                                                                                                        								if(_t72 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110[4] = _a16;
                                                                                                                                                                                                                                                        								_t75 = E00BD55B0(_t109, 1,  &(_t110[4]), 4, 0, 4);
                                                                                                                                                                                                                                                        								__eflags = _t75;
                                                                                                                                                                                                                                                        								if(_t75 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110[3] = _a20;
                                                                                                                                                                                                                                                        								_t78 = E00BD55B0(_t109, 2,  &(_t110[3]), 4, 0, 4);
                                                                                                                                                                                                                                                        								__eflags = _t78;
                                                                                                                                                                                                                                                        								if(_t78 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t80 = E00BD55B0(_t109, 3,  &_a24, 4, 0, 2);
                                                                                                                                                                                                                                                        								__eflags = _t80;
                                                                                                                                                                                                                                                        								if(_t80 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								 *_t110 = _t92;
                                                                                                                                                                                                                                                        								_t82 = E00BE67F0( &(_t110[1]), _t109,  &(_t110[8]));
                                                                                                                                                                                                                                                        								__eflags = _t82 - 0xa;
                                                                                                                                                                                                                                                        								if(_t82 != 0xa) {
                                                                                                                                                                                                                                                        									E00BE67B0( &(_t110[1]), _t109);
                                                                                                                                                                                                                                                        									__eflags = _t82;
                                                                                                                                                                                                                                                        									_t92 =  *_t110;
                                                                                                                                                                                                                                                        									if(_t82 == 0) {
                                                                                                                                                                                                                                                        										SetLastError(_t110[0xa]);
                                                                                                                                                                                                                                                        										_t61 = 0;
                                                                                                                                                                                                                                                        										__eflags = _t110[0xa];
                                                                                                                                                                                                                                                        										if(_t110[0xa] != 0) {
                                                                                                                                                                                                                                                        											goto L17;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _a28;
                                                                                                                                                                                                                                                        										if(_a28 != 0) {
                                                                                                                                                                                                                                                        											_t84 = _t110[0xc];
                                                                                                                                                                                                                                                        											_t110[0x1e] = 1;
                                                                                                                                                                                                                                                        											__imp__GetThreadId(_t84);
                                                                                                                                                                                                                                                        											 *_a28 = _t84;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t61 = _t110[0xc];
                                                                                                                                                                                                                                                        										_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t92 =  *_t110;
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t110 = _t92;
                                                                                                                                                                                                                                                        						_t110[0x1e] = 0;
                                                                                                                                                                                                                                                        						_t85 = E00BE3900(_t65, 4, 1);
                                                                                                                                                                                                                                                        						_t92 =  *_t110;
                                                                                                                                                                                                                                                        						__eflags = _t85;
                                                                                                                                                                                                                                                        						if(_t85 == 0) {
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L16;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t86 = E00BE9C20();
                                                                                                                                                                                                                                                        				if(_t86 == 0) {
                                                                                                                                                                                                                                                        					_t108 = 0;
                                                                                                                                                                                                                                                        					__eflags = 0;
                                                                                                                                                                                                                                                        					 *_t110 = 0;
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t94 = _a28;
                                                                                                                                                                                                                                                        					_t106 = _a20;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t108 = _t86;
                                                                                                                                                                                                                                                        				if( *((char*)( *((intOrPtr*)( *_t86 + 8))() + 4)) == 0) {
                                                                                                                                                                                                                                                        					_t92 = GetLastError();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t91 = _a24;
                                                                                                                                                                                                                                                        				 *_t110 = 1;
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00bdf419
                                                                                                                                                                                                                                                        0x00bdf41f
                                                                                                                                                                                                                                                        0x00bdf421
                                                                                                                                                                                                                                                        0x00bdf424
                                                                                                                                                                                                                                                        0x00bdf427
                                                                                                                                                                                                                                                        0x00bdf42e
                                                                                                                                                                                                                                                        0x00bdf435
                                                                                                                                                                                                                                                        0x00bdf43f
                                                                                                                                                                                                                                                        0x00bdf442
                                                                                                                                                                                                                                                        0x00bdf445
                                                                                                                                                                                                                                                        0x00bdf44e
                                                                                                                                                                                                                                                        0x00bdf451
                                                                                                                                                                                                                                                        0x00bdf45f
                                                                                                                                                                                                                                                        0x00bdf482
                                                                                                                                                                                                                                                        0x00bdf484
                                                                                                                                                                                                                                                        0x00bdf49a
                                                                                                                                                                                                                                                        0x00bdf4a9
                                                                                                                                                                                                                                                        0x00bdf4ad
                                                                                                                                                                                                                                                        0x00bdf518
                                                                                                                                                                                                                                                        0x00bdf51b
                                                                                                                                                                                                                                                        0x00bdf529
                                                                                                                                                                                                                                                        0x00bdf529
                                                                                                                                                                                                                                                        0x00bdf4b8
                                                                                                                                                                                                                                                        0x00bdf4ba
                                                                                                                                                                                                                                                        0x00bdf4c6
                                                                                                                                                                                                                                                        0x00bdf4ca
                                                                                                                                                                                                                                                        0x00bdf4cd
                                                                                                                                                                                                                                                        0x00bdf4d0
                                                                                                                                                                                                                                                        0x00bdf508
                                                                                                                                                                                                                                                        0x00bdf508
                                                                                                                                                                                                                                                        0x00bdf510
                                                                                                                                                                                                                                                        0x00bdf516
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf516
                                                                                                                                                                                                                                                        0x00bdf4d2
                                                                                                                                                                                                                                                        0x00bdf4d5
                                                                                                                                                                                                                                                        0x00bdf4d7
                                                                                                                                                                                                                                                        0x00bdf4f5
                                                                                                                                                                                                                                                        0x00bdf4f5
                                                                                                                                                                                                                                                        0x00bdf4f9
                                                                                                                                                                                                                                                        0x00bdf500
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf502
                                                                                                                                                                                                                                                        0x00bdf506
                                                                                                                                                                                                                                                        0x00bdf52c
                                                                                                                                                                                                                                                        0x00bdf531
                                                                                                                                                                                                                                                        0x00bdf533
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf535
                                                                                                                                                                                                                                                        0x00bdf53a
                                                                                                                                                                                                                                                        0x00bdf53c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf53e
                                                                                                                                                                                                                                                        0x00bdf544
                                                                                                                                                                                                                                                        0x00bdf54a
                                                                                                                                                                                                                                                        0x00bdf54e
                                                                                                                                                                                                                                                        0x00bdf552
                                                                                                                                                                                                                                                        0x00bdf556
                                                                                                                                                                                                                                                        0x00bdf55d
                                                                                                                                                                                                                                                        0x00bdf560
                                                                                                                                                                                                                                                        0x00bdf565
                                                                                                                                                                                                                                                        0x00bdf567
                                                                                                                                                                                                                                                        0x00bdf621
                                                                                                                                                                                                                                                        0x00bdf621
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf621
                                                                                                                                                                                                                                                        0x00bdf56d
                                                                                                                                                                                                                                                        0x00bdf56f
                                                                                                                                                                                                                                                        0x00bdf575
                                                                                                                                                                                                                                                        0x00bdf57c
                                                                                                                                                                                                                                                        0x00bdf583
                                                                                                                                                                                                                                                        0x00bdf58f
                                                                                                                                                                                                                                                        0x00bdf59e
                                                                                                                                                                                                                                                        0x00bdf5a3
                                                                                                                                                                                                                                                        0x00bdf5a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5ac
                                                                                                                                                                                                                                                        0x00bdf5bb
                                                                                                                                                                                                                                                        0x00bdf5c0
                                                                                                                                                                                                                                                        0x00bdf5c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5c9
                                                                                                                                                                                                                                                        0x00bdf5d8
                                                                                                                                                                                                                                                        0x00bdf5dd
                                                                                                                                                                                                                                                        0x00bdf5df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5ef
                                                                                                                                                                                                                                                        0x00bdf5f4
                                                                                                                                                                                                                                                        0x00bdf5f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5fb
                                                                                                                                                                                                                                                        0x00bdf602
                                                                                                                                                                                                                                                        0x00bdf607
                                                                                                                                                                                                                                                        0x00bdf60a
                                                                                                                                                                                                                                                        0x00bdf616
                                                                                                                                                                                                                                                        0x00bdf61b
                                                                                                                                                                                                                                                        0x00bdf61d
                                                                                                                                                                                                                                                        0x00bdf61f
                                                                                                                                                                                                                                                        0x00bdf630
                                                                                                                                                                                                                                                        0x00bdf636
                                                                                                                                                                                                                                                        0x00bdf638
                                                                                                                                                                                                                                                        0x00bdf63c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf642
                                                                                                                                                                                                                                                        0x00bdf646
                                                                                                                                                                                                                                                        0x00bdf648
                                                                                                                                                                                                                                                        0x00bdf64b
                                                                                                                                                                                                                                                        0x00bdf653
                                                                                                                                                                                                                                                        0x00bdf65c
                                                                                                                                                                                                                                                        0x00bdf65c
                                                                                                                                                                                                                                                        0x00bdf65e
                                                                                                                                                                                                                                                        0x00bdf661
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf661
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf61f
                                                                                                                                                                                                                                                        0x00bdf60c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf60c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf506
                                                                                                                                                                                                                                                        0x00bdf4d9
                                                                                                                                                                                                                                                        0x00bdf4db
                                                                                                                                                                                                                                                        0x00bdf4e7
                                                                                                                                                                                                                                                        0x00bdf4ef
                                                                                                                                                                                                                                                        0x00bdf4f1
                                                                                                                                                                                                                                                        0x00bdf4f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf4f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf4bc
                                                                                                                                                                                                                                                        0x00bdf461
                                                                                                                                                                                                                                                        0x00bdf468
                                                                                                                                                                                                                                                        0x00bdf48c
                                                                                                                                                                                                                                                        0x00bdf48c
                                                                                                                                                                                                                                                        0x00bdf48e
                                                                                                                                                                                                                                                        0x00bdf494
                                                                                                                                                                                                                                                        0x00bdf494
                                                                                                                                                                                                                                                        0x00bdf497
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf497
                                                                                                                                                                                                                                                        0x00bdf46a
                                                                                                                                                                                                                                                        0x00bdf477
                                                                                                                                                                                                                                                        0x00bdf4c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf4c4
                                                                                                                                                                                                                                                        0x00bdf479
                                                                                                                                                                                                                                                        0x00bdf47e
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDF4AF
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDF4BE
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00BDF510
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?,00000000,00000000,?,00000003,?,00000004,00000000,00000002,00000002,?,00000004,00000000,00000004,00000001,?), ref: 00BDF630
                                                                                                                                                                                                                                                        • GetThreadId.KERNEL32(?), ref: 00BDF653
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Thread
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1128930793-0
                                                                                                                                                                                                                                                        • Opcode ID: 7b4a8f76a58a6502b9878a0fddff6938035534cebae31bf241a8b76eb102d46f
                                                                                                                                                                                                                                                        • Instruction ID: 88f82c4a89e9faf8e59c39ae0711b17d4a029dbc46107ec9c79ce49a7080e550
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7b4a8f76a58a6502b9878a0fddff6938035534cebae31bf241a8b76eb102d46f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95719DB02047019FEB31CF25D885BA6B7E4FF54714F1046AAEA928B7E1EB74E840CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 26%
                                                                                                                                                                                                                                                        			E00BBC940(void* __eflags, signed int _a4, char* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _t65;
                                                                                                                                                                                                                                                        				int _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t77;
                                                                                                                                                                                                                                                        				intOrPtr _t83;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				char _t91;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t98;
                                                                                                                                                                                                                                                        				intOrPtr _t100;
                                                                                                                                                                                                                                                        				intOrPtr* _t111;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				intOrPtr* _t127;
                                                                                                                                                                                                                                                        				void* _t129;
                                                                                                                                                                                                                                                        				signed int _t130;
                                                                                                                                                                                                                                                        				intOrPtr* _t131;
                                                                                                                                                                                                                                                        				signed int _t132;
                                                                                                                                                                                                                                                        				void* _t135;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t135 = __eflags;
                                                                                                                                                                                                                                                        				_t65 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t127 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t65 ^ _t132;
                                                                                                                                                                                                                                                        				_t67 = strlen(_a8);
                                                                                                                                                                                                                                                        				_v36 = _t67;
                                                                                                                                                                                                                                                        				_t100 =  *((intOrPtr*)( *_t127 + 4));
                                                                                                                                                                                                                                                        				asm("sbb ecx, edi");
                                                                                                                                                                                                                                                        				_v32 = _t135 < 0;
                                                                                                                                                                                                                                                        				asm("sbb ecx, edi");
                                                                                                                                                                                                                                                        				_t97 =  *((intOrPtr*)(_t127 + _t100 + 0x20)) - _t67;
                                                                                                                                                                                                                                                        				asm("sbb edi, 0x0");
                                                                                                                                                                                                                                                        				_t129 =  !=  ?  *((intOrPtr*)(_t127 + _t100 + 0x24)) : 0;
                                                                                                                                                                                                                                                        				_t121 =  !=  ? _t97 : 0;
                                                                                                                                                                                                                                                        				_v32 =  !=  ? _t97 : 0;
                                                                                                                                                                                                                                                        				E00BBD780( &_v28, _a4);
                                                                                                                                                                                                                                                        				if(_v24 == 0) {
                                                                                                                                                                                                                                                        					_t130 = _a4;
                                                                                                                                                                                                                                                        					_t122 = 4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t124 = _a4;
                                                                                                                                                                                                                                                        					asm("sbb ecx, 0x0");
                                                                                                                                                                                                                                                        					_t77 =  *((intOrPtr*)( *_t124 + 4));
                                                                                                                                                                                                                                                        					if(_v32 < 1) {
                                                                                                                                                                                                                                                        						_t98 = _v32;
                                                                                                                                                                                                                                                        						_t130 = _t124;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if((0x000001c0 &  *(_t124 + _t77 + 0x14)) == 0x40) {
                                                                                                                                                                                                                                                        							_t98 = _v32;
                                                                                                                                                                                                                                                        							_t130 = _a4;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t130 = _a4;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t91 =  *((char*)(_t130 + _t77 + 0x40));
                                                                                                                                                                                                                                                        								__imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z(_t91);
                                                                                                                                                                                                                                                        								if(_t91 == 0xffffffff) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t97 = _t97 + 0xffffffff;
                                                                                                                                                                                                                                                        								asm("adc edi, 0xffffffff");
                                                                                                                                                                                                                                                        								asm("sbb eax, edi");
                                                                                                                                                                                                                                                        								_t77 =  *((intOrPtr*)( *_t130 + 4));
                                                                                                                                                                                                                                                        								if(_t97 < 0) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L10:
                                                                                                                                                                                                                                                        									_push(0);
                                                                                                                                                                                                                                                        									_push(_v36);
                                                                                                                                                                                                                                                        									_push(_a8);
                                                                                                                                                                                                                                                        									if(( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t130 + _t77 + 0x38)))) + 0x24))() ^ _v36 | _t124) != 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										asm("sbb eax, 0x0");
                                                                                                                                                                                                                                                        										if(_t98 < 1) {
                                                                                                                                                                                                                                                        											L16:
                                                                                                                                                                                                                                                        											_t122 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t131 = __imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z;
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												_t89 =  *_t131( *((char*)(_a4 +  *((intOrPtr*)( *_a4 + 4)) + 0x40)));
                                                                                                                                                                                                                                                        												_t98 = _t98 + 0xffffffff;
                                                                                                                                                                                                                                                        												asm("adc edi, 0xffffffff");
                                                                                                                                                                                                                                                        												if(_t89 == 0xffffffff) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												asm("sbb eax, 0x0");
                                                                                                                                                                                                                                                        												if(_t98 >= 1) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t130 = _a4;
                                                                                                                                                                                                                                                        													goto L16;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L19;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t130 = _a4;
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t122 = 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L19:
                                                                                                                                                                                                                                                        					_t83 =  *((intOrPtr*)( *_t130 + 4));
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t130 + _t83 + 0x24)) = 0;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t130 + _t83 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t70 =  *((intOrPtr*)( *_t130 + 4));
                                                                                                                                                                                                                                                        				_t123 = _t122 |  *(_t130 + _t70 + 0xc);
                                                                                                                                                                                                                                                        				__imp__?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z(_t122 |  *(_t130 + _t70 + 0xc), 0);
                                                                                                                                                                                                                                                        				__imp__?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ();
                                                                                                                                                                                                                                                        				_t111 =  *((intOrPtr*)(_v28 +  *((intOrPtr*)( *_v28 + 4)) + 0x38));
                                                                                                                                                                                                                                                        				if(_t111 != 0) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t111 + 8))();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t132, _t123);
                                                                                                                                                                                                                                                        				return _t130;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00bbc940
                                                                                                                                                                                                                                                        0x00bbc949
                                                                                                                                                                                                                                                        0x00bbc94e
                                                                                                                                                                                                                                                        0x00bbc953
                                                                                                                                                                                                                                                        0x00bbc959
                                                                                                                                                                                                                                                        0x00bbc965
                                                                                                                                                                                                                                                        0x00bbc968
                                                                                                                                                                                                                                                        0x00bbc981
                                                                                                                                                                                                                                                        0x00bbc988
                                                                                                                                                                                                                                                        0x00bbc98e
                                                                                                                                                                                                                                                        0x00bbc993
                                                                                                                                                                                                                                                        0x00bbc995
                                                                                                                                                                                                                                                        0x00bbc99e
                                                                                                                                                                                                                                                        0x00bbc9a1
                                                                                                                                                                                                                                                        0x00bbc9a4
                                                                                                                                                                                                                                                        0x00bbc9aa
                                                                                                                                                                                                                                                        0x00bbc9b3
                                                                                                                                                                                                                                                        0x00bbca13
                                                                                                                                                                                                                                                        0x00bbca16
                                                                                                                                                                                                                                                        0x00bbc9b5
                                                                                                                                                                                                                                                        0x00bbc9b5
                                                                                                                                                                                                                                                        0x00bbc9c0
                                                                                                                                                                                                                                                        0x00bbc9c3
                                                                                                                                                                                                                                                        0x00bbc9c6
                                                                                                                                                                                                                                                        0x00bbca20
                                                                                                                                                                                                                                                        0x00bbca25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbc9c8
                                                                                                                                                                                                                                                        0x00bbc9d4
                                                                                                                                                                                                                                                        0x00bbca2b
                                                                                                                                                                                                                                                        0x00bbca2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbc9d6
                                                                                                                                                                                                                                                        0x00bbc9d6
                                                                                                                                                                                                                                                        0x00bbc9e0
                                                                                                                                                                                                                                                        0x00bbc9e4
                                                                                                                                                                                                                                                        0x00bbc9ea
                                                                                                                                                                                                                                                        0x00bbc9f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbc9f9
                                                                                                                                                                                                                                                        0x00bbc9fe
                                                                                                                                                                                                                                                        0x00bbca08
                                                                                                                                                                                                                                                        0x00bbca0c
                                                                                                                                                                                                                                                        0x00bbca0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca11
                                                                                                                                                                                                                                                        0x00bbca31
                                                                                                                                                                                                                                                        0x00bbca37
                                                                                                                                                                                                                                                        0x00bbca39
                                                                                                                                                                                                                                                        0x00bbca3c
                                                                                                                                                                                                                                                        0x00bbca47
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca49
                                                                                                                                                                                                                                                        0x00bbca4e
                                                                                                                                                                                                                                                        0x00bbca51
                                                                                                                                                                                                                                                        0x00bbca8e
                                                                                                                                                                                                                                                        0x00bbca8e
                                                                                                                                                                                                                                                        0x00bbca53
                                                                                                                                                                                                                                                        0x00bbca53
                                                                                                                                                                                                                                                        0x00bbca60
                                                                                                                                                                                                                                                        0x00bbca74
                                                                                                                                                                                                                                                        0x00bbca76
                                                                                                                                                                                                                                                        0x00bbca79
                                                                                                                                                                                                                                                        0x00bbca7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca86
                                                                                                                                                                                                                                                        0x00bbca89
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca8b
                                                                                                                                                                                                                                                        0x00bbca8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca89
                                                                                                                                                                                                                                                        0x00bbca92
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca92
                                                                                                                                                                                                                                                        0x00bbca51
                                                                                                                                                                                                                                                        0x00bbca47
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca0f
                                                                                                                                                                                                                                                        0x00bbca95
                                                                                                                                                                                                                                                        0x00bbca95
                                                                                                                                                                                                                                                        0x00bbc9d4
                                                                                                                                                                                                                                                        0x00bbca9a
                                                                                                                                                                                                                                                        0x00bbca9c
                                                                                                                                                                                                                                                        0x00bbca9f
                                                                                                                                                                                                                                                        0x00bbcaa7
                                                                                                                                                                                                                                                        0x00bbcaa7
                                                                                                                                                                                                                                                        0x00bbcab1
                                                                                                                                                                                                                                                        0x00bbcab4
                                                                                                                                                                                                                                                        0x00bbcabe
                                                                                                                                                                                                                                                        0x00bbcac7
                                                                                                                                                                                                                                                        0x00bbcad5
                                                                                                                                                                                                                                                        0x00bbcadb
                                                                                                                                                                                                                                                        0x00bbcadf
                                                                                                                                                                                                                                                        0x00bbcadf
                                                                                                                                                                                                                                                        0x00bbcae7
                                                                                                                                                                                                                                                        0x00bbcaf5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(00000002,?,?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7A7
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7C9
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?good@ios_base@std@@?sputc@?$basic_streambuf@$?clear@?$basic_ios@Osfx@?$basic_ostream@strlen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1759040666-0
                                                                                                                                                                                                                                                        • Opcode ID: b829de5600ec2cce33a55ff97946f3746b625cc10433d3a61fdc1fa7521d3507
                                                                                                                                                                                                                                                        • Instruction ID: 889d17b44d90deada23e3a974090d9da3a53ad5c861d77f50cbd07e77d91dfaf
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b829de5600ec2cce33a55ff97946f3746b625cc10433d3a61fdc1fa7521d3507
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6F518331A001199FDB14CF28C894BBABBE1FF48324F5986A8E9569B3D5C771EC41CB80
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 62%
                                                                                                                                                                                                                                                        			E00BCA4E1(signed int __eax, void* __edx, struct %anon52 _a4, char _a12, void* _a51, intOrPtr _a56, intOrPtr _a76, char _a80, struct %anon52 _a96, intOrPtr _a100, signed int _a104) {
                                                                                                                                                                                                                                                        				void* _v4;
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER _v32;
                                                                                                                                                                                                                                                        				struct %anon52 _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				signed char _t60;
                                                                                                                                                                                                                                                        				struct %anon52 _t62;
                                                                                                                                                                                                                                                        				intOrPtr _t63;
                                                                                                                                                                                                                                                        				signed int _t64;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				intOrPtr _t84;
                                                                                                                                                                                                                                                        				struct %anon52 _t88;
                                                                                                                                                                                                                                                        				long _t96;
                                                                                                                                                                                                                                                        				char _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t111;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        				intOrPtr _t119;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				signed int _t133;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				signed int _t141;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t116 = __edx;
                                                                                                                                                                                                                                                        				_t60 = __eax & 0x00000000;
                                                                                                                                                                                                                                                        				 *_t60 =  *_t60 + _t60;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 - 1)) =  *((intOrPtr*)(_t60 - 1)) + __edx;
                                                                                                                                                                                                                                                        				asm("adc eax, 0xbf7188");
                                                                                                                                                                                                                                                        				if(_t60 == 0) {
                                                                                                                                                                                                                                                        					_a4.LowPart = 0;
                                                                                                                                                                                                                                                        					 *_t141 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC4C80( &_a12, _t116);
                                                                                                                                                                                                                                                        				_t62 =  *_t141;
                                                                                                                                                                                                                                                        				_t96 = _a4.LowPart;
                                                                                                                                                                                                                                                        				asm("sbb edx, 0x0");
                                                                                                                                                                                                                                                        				if(_t62 < 1) {
                                                                                                                                                                                                                                                        					_t118 = E00BCA720;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t118 =  ==  ? E00BCA720 : E00BCA600;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				0xbfb498->LowPart = _t62;
                                                                                                                                                                                                                                                        				 *0xbfb49c = _t96;
                                                                                                                                                                                                                                                        				if( *0xbfa058 == E00BCA480) {
                                                                                                                                                                                                                                                        					 *0xbfa058 = _t118;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t63 = _a100;
                                                                                                                                                                                                                                                        				 *0xbfa05c = _t118;
                                                                                                                                                                                                                                                        				if(_t63 >= 0x10) {
                                                                                                                                                                                                                                                        					_t97 = _a80;
                                                                                                                                                                                                                                                        					_t132 = _t63 + 1;
                                                                                                                                                                                                                                                        					if(_t132 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t119 =  *((intOrPtr*)(_t97 - 4));
                                                                                                                                                                                                                                                        						if(_t97 + 0xfffffffc - _t119 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t97 = _t119;
                                                                                                                                                                                                                                                        							_t132 = _t63 + 0x24;
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_push(_t132);
                                                                                                                                                                                                                                                        						_push(_t97);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t141 = _t141 + 8;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_a96 = 0;
                                                                                                                                                                                                                                                        					_a100 = 0xf;
                                                                                                                                                                                                                                                        					_a80 = 0;
                                                                                                                                                                                                                                                        					_t84 = _a76;
                                                                                                                                                                                                                                                        					if(_t84 >= 0x10) {
                                                                                                                                                                                                                                                        						_t111 = _a56;
                                                                                                                                                                                                                                                        						_t132 = _t84 + 1;
                                                                                                                                                                                                                                                        						if(_t132 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t119 =  *((intOrPtr*)(_t111 - 4));
                                                                                                                                                                                                                                                        							if(_t111 + 0xfffffffc - _t119 >= 0x20) {
                                                                                                                                                                                                                                                        								L18:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t137);
                                                                                                                                                                                                                                                        								_t138 = _t141;
                                                                                                                                                                                                                                                        								_push(_t132);
                                                                                                                                                                                                                                                        								_t64 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t88 = _a4.LowPart;
                                                                                                                                                                                                                                                        								_v24 = _t64 ^ _t141;
                                                                                                                                                                                                                                                        								_v28 = 0;
                                                                                                                                                                                                                                                        								_v32.LowPart = 0;
                                                                                                                                                                                                                                                        								QueryPerformanceCounter( &_v32);
                                                                                                                                                                                                                                                        								_t129 = _v32.LowPart;
                                                                                                                                                                                                                                                        								_t133 = _v28;
                                                                                                                                                                                                                                                        								asm("sbb ecx, esi");
                                                                                                                                                                                                                                                        								if(0x7bd05af6 < _t129) {
                                                                                                                                                                                                                                                        									_v40 = 0xbfb498->LowPart;
                                                                                                                                                                                                                                                        									_v40.HighPart =  *0xbfb49c;
                                                                                                                                                                                                                                                        									_t70 = E00BEF5D0(_t129, _t133, 0xbfb498->LowPart,  *0xbfb49c);
                                                                                                                                                                                                                                                        									_v60 = _t70;
                                                                                                                                                                                                                                                        									asm("sbb esi, ebx");
                                                                                                                                                                                                                                                        									_v60 = _v60 * 0xf4240;
                                                                                                                                                                                                                                                        									_t126 = ((_t129 - _t70 * _v56) * 0xf4240 >> 0x20) + _t133 * 0xf4240;
                                                                                                                                                                                                                                                        									_t77 = E00BEF5D0((_t129 - _t70 * _v56) * 0xf4240, _t126, _v56, _v52) + _v76;
                                                                                                                                                                                                                                                        									asm("adc edx, ebx");
                                                                                                                                                                                                                                                        									_t88 = _a4;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t126 = _t129 * 0xf4240 >> 0x20;
                                                                                                                                                                                                                                                        									_t77 = E00BEF5D0(_t129 * 0xf4240, _t133 * 0xf4240 + _t126,  *0xbfb498,  *0xbfb49c);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t78 = E00BC8A40(0, 0, _t77, _t126);
                                                                                                                                                                                                                                                        								 *(_t88 + 4) = _t126;
                                                                                                                                                                                                                                                        								 *_t88 = _t78;
                                                                                                                                                                                                                                                        								E00BEECB0(_v24 ^ _t138, _t126);
                                                                                                                                                                                                                                                        								return _t88;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t111 = _t119;
                                                                                                                                                                                                                                                        								_t132 = _t84 + 0x24;
                                                                                                                                                                                                                                                        								goto L13;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_push(_t132);
                                                                                                                                                                                                                                                        							_push(_t111);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						return E00BEECB0(_a104 ^ _t137, _t119);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

































                                                                                                                                                                                                                                                        0x00bca4e1
                                                                                                                                                                                                                                                        0x00bca4e1
                                                                                                                                                                                                                                                        0x00bca4e3
                                                                                                                                                                                                                                                        0x00bca4e5
                                                                                                                                                                                                                                                        0x00bca4e8
                                                                                                                                                                                                                                                        0x00bca4ef
                                                                                                                                                                                                                                                        0x00bca4f1
                                                                                                                                                                                                                                                        0x00bca4f9
                                                                                                                                                                                                                                                        0x00bca4f9
                                                                                                                                                                                                                                                        0x00bca504
                                                                                                                                                                                                                                                        0x00bca509
                                                                                                                                                                                                                                                        0x00bca50c
                                                                                                                                                                                                                                                        0x00bca515
                                                                                                                                                                                                                                                        0x00bca518
                                                                                                                                                                                                                                                        0x00bca587
                                                                                                                                                                                                                                                        0x00bca51a
                                                                                                                                                                                                                                                        0x00bca529
                                                                                                                                                                                                                                                        0x00bca529
                                                                                                                                                                                                                                                        0x00bca52c
                                                                                                                                                                                                                                                        0x00bca531
                                                                                                                                                                                                                                                        0x00bca541
                                                                                                                                                                                                                                                        0x00bca543
                                                                                                                                                                                                                                                        0x00bca543
                                                                                                                                                                                                                                                        0x00bca549
                                                                                                                                                                                                                                                        0x00bca54d
                                                                                                                                                                                                                                                        0x00bca556
                                                                                                                                                                                                                                                        0x00bca58e
                                                                                                                                                                                                                                                        0x00bca592
                                                                                                                                                                                                                                                        0x00bca59b
                                                                                                                                                                                                                                                        0x00bca5c4
                                                                                                                                                                                                                                                        0x00bca5cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5d1
                                                                                                                                                                                                                                                        0x00bca5d4
                                                                                                                                                                                                                                                        0x00bca5d6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5d6
                                                                                                                                                                                                                                                        0x00bca59d
                                                                                                                                                                                                                                                        0x00bca59d
                                                                                                                                                                                                                                                        0x00bca59d
                                                                                                                                                                                                                                                        0x00bca59e
                                                                                                                                                                                                                                                        0x00bca59f
                                                                                                                                                                                                                                                        0x00bca5a4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5a4
                                                                                                                                                                                                                                                        0x00bca558
                                                                                                                                                                                                                                                        0x00bca558
                                                                                                                                                                                                                                                        0x00bca558
                                                                                                                                                                                                                                                        0x00bca560
                                                                                                                                                                                                                                                        0x00bca568
                                                                                                                                                                                                                                                        0x00bca56d
                                                                                                                                                                                                                                                        0x00bca574
                                                                                                                                                                                                                                                        0x00bca5a9
                                                                                                                                                                                                                                                        0x00bca5ad
                                                                                                                                                                                                                                                        0x00bca5b6
                                                                                                                                                                                                                                                        0x00bca5da
                                                                                                                                                                                                                                                        0x00bca5e5
                                                                                                                                                                                                                                                        0x00bca5f0
                                                                                                                                                                                                                                                        0x00bca5f0
                                                                                                                                                                                                                                                        0x00bca5f6
                                                                                                                                                                                                                                                        0x00bca5f7
                                                                                                                                                                                                                                                        0x00bca5f8
                                                                                                                                                                                                                                                        0x00bca5f9
                                                                                                                                                                                                                                                        0x00bca5fa
                                                                                                                                                                                                                                                        0x00bca5fb
                                                                                                                                                                                                                                                        0x00bca5fc
                                                                                                                                                                                                                                                        0x00bca5fd
                                                                                                                                                                                                                                                        0x00bca5fe
                                                                                                                                                                                                                                                        0x00bca5ff
                                                                                                                                                                                                                                                        0x00bca600
                                                                                                                                                                                                                                                        0x00bca601
                                                                                                                                                                                                                                                        0x00bca605
                                                                                                                                                                                                                                                        0x00bca60c
                                                                                                                                                                                                                                                        0x00bca611
                                                                                                                                                                                                                                                        0x00bca616
                                                                                                                                                                                                                                                        0x00bca61e
                                                                                                                                                                                                                                                        0x00bca626
                                                                                                                                                                                                                                                        0x00bca62f
                                                                                                                                                                                                                                                        0x00bca635
                                                                                                                                                                                                                                                        0x00bca639
                                                                                                                                                                                                                                                        0x00bca649
                                                                                                                                                                                                                                                        0x00bca64b
                                                                                                                                                                                                                                                        0x00bca67e
                                                                                                                                                                                                                                                        0x00bca682
                                                                                                                                                                                                                                                        0x00bca68a
                                                                                                                                                                                                                                                        0x00bca693
                                                                                                                                                                                                                                                        0x00bca6ba
                                                                                                                                                                                                                                                        0x00bca6c0
                                                                                                                                                                                                                                                        0x00bca6d5
                                                                                                                                                                                                                                                        0x00bca6e6
                                                                                                                                                                                                                                                        0x00bca6ea
                                                                                                                                                                                                                                                        0x00bca6ec
                                                                                                                                                                                                                                                        0x00bca64d
                                                                                                                                                                                                                                                        0x00bca654
                                                                                                                                                                                                                                                        0x00bca66c
                                                                                                                                                                                                                                                        0x00bca66c
                                                                                                                                                                                                                                                        0x00bca6f5
                                                                                                                                                                                                                                                        0x00bca6fd
                                                                                                                                                                                                                                                        0x00bca700
                                                                                                                                                                                                                                                        0x00bca708
                                                                                                                                                                                                                                                        0x00bca716
                                                                                                                                                                                                                                                        0x00bca5e7
                                                                                                                                                                                                                                                        0x00bca5ea
                                                                                                                                                                                                                                                        0x00bca5ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5ec
                                                                                                                                                                                                                                                        0x00bca5b8
                                                                                                                                                                                                                                                        0x00bca5b8
                                                                                                                                                                                                                                                        0x00bca5b8
                                                                                                                                                                                                                                                        0x00bca5b9
                                                                                                                                                                                                                                                        0x00bca5ba
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5bf
                                                                                                                                                                                                                                                        0x00bca576
                                                                                                                                                                                                                                                        0x00bca576
                                                                                                                                                                                                                                                        0x00bca586
                                                                                                                                                                                                                                                        0x00bca586
                                                                                                                                                                                                                                                        0x00bca574

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCA59F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCA5BA
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BCA5F0
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BCA62F
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA66C
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$CounterPerformanceQueryUnothrow_t@std@@@__ehfuncinfo$??2@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 933985766-0
                                                                                                                                                                                                                                                        • Opcode ID: 05538c9a44de4272d97181e3d6bf2edf40bf858febfca7cf6974a4ad72776f4a
                                                                                                                                                                                                                                                        • Instruction ID: 6ca168888bfbbf3a373662e6bdda5cc4417e242b804d66e7b6eaa65a4f6efa55
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 05538c9a44de4272d97181e3d6bf2edf40bf858febfca7cf6974a4ad72776f4a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0241F6B19043489FC708DF24E895B3ABBE5EB94318F1489ADF44687391DB31D844C793
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 70%
                                                                                                                                                                                                                                                        			E00BC75E0(intOrPtr __ecx, signed int* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v2068;
                                                                                                                                                                                                                                                        				intOrPtr _v2072;
                                                                                                                                                                                                                                                        				intOrPtr _v2076;
                                                                                                                                                                                                                                                        				char _v2084;
                                                                                                                                                                                                                                                        				int _v2088;
                                                                                                                                                                                                                                                        				int _v2092;
                                                                                                                                                                                                                                                        				void* _v2096;
                                                                                                                                                                                                                                                        				signed int* _v2100;
                                                                                                                                                                                                                                                        				signed int _v2104;
                                                                                                                                                                                                                                                        				intOrPtr _v2108;
                                                                                                                                                                                                                                                        				intOrPtr _v2112;
                                                                                                                                                                                                                                                        				void* _v2116;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				intOrPtr _t42;
                                                                                                                                                                                                                                                        				signed int* _t44;
                                                                                                                                                                                                                                                        				signed int* _t45;
                                                                                                                                                                                                                                                        				signed int* _t50;
                                                                                                                                                                                                                                                        				signed int* _t52;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				signed int* _t56;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				intOrPtr _t77;
                                                                                                                                                                                                                                                        				void** _t78;
                                                                                                                                                                                                                                                        				intOrPtr _t80;
                                                                                                                                                                                                                                                        				signed int* _t81;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				void* _t85;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t76 = __edx;
                                                                                                                                                                                                                                                        				_v2108 = __ecx;
                                                                                                                                                                                                                                                        				_t42 = _a4;
                                                                                                                                                                                                                                                        				_t58 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t58 ^ _t84;
                                                                                                                                                                                                                                                        				_v2072 = _t42;
                                                                                                                                                                                                                                                        				_v2076 = _t42;
                                                                                                                                                                                                                                                        				E00BC5F20( &_v2084);
                                                                                                                                                                                                                                                        				_t77 = _v2076;
                                                                                                                                                                                                                                                        				_t44 = E00BB18B0();
                                                                                                                                                                                                                                                        				_t79 =  &_v2068;
                                                                                                                                                                                                                                                        				_v2100 = __edx;
                                                                                                                                                                                                                                                        				__imp____stdio_common_vsnwprintf_s( *_t44, _t44[1],  &_v2068, 0x400, 0x3ff, __edx, 0, _t77);
                                                                                                                                                                                                                                                        				_t86 = _t85 + 0x20;
                                                                                                                                                                                                                                                        				_t56 = _t44;
                                                                                                                                                                                                                                                        				if(_t44 < 0) {
                                                                                                                                                                                                                                                        					_t45 = E00BB18B0();
                                                                                                                                                                                                                                                        					__imp____stdio_common_vswprintf( *_t45 | 0x00000002, _t45[1], 0, 0, _v2100, 0, _t77);
                                                                                                                                                                                                                                                        					_t86 = _t86 + 0x1c;
                                                                                                                                                                                                                                                        					_t56 = _t45;
                                                                                                                                                                                                                                                        					if(_t45 >= 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					E00BC5F60(_t45,  &_v2084);
                                                                                                                                                                                                                                                        					return E00BEECB0(_v20 ^ _t84, _t76);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				if(_t56 < 0x400) {
                                                                                                                                                                                                                                                        					_t45 = E00BB73B0(_v2108, _t79, _t56);
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t78 =  &_v2096;
                                                                                                                                                                                                                                                        				while(_t56 <= 0x1ffffff) {
                                                                                                                                                                                                                                                        					_t17 =  &(_t56[0]); // 0x1
                                                                                                                                                                                                                                                        					_t76 = _t17;
                                                                                                                                                                                                                                                        					_v2096 = 0;
                                                                                                                                                                                                                                                        					_v2092 = 0;
                                                                                                                                                                                                                                                        					_v2088 = 0;
                                                                                                                                                                                                                                                        					_v2104 = _t17;
                                                                                                                                                                                                                                                        					if(E00BC77E0(_t56, _t78, _t17) != 0) {
                                                                                                                                                                                                                                                        						_t53 = _v2096;
                                                                                                                                                                                                                                                        						_t74 = _v2104;
                                                                                                                                                                                                                                                        						memset(_t53, 0, _t74 + _t74);
                                                                                                                                                                                                                                                        						_t86 = _t86 + 0xc;
                                                                                                                                                                                                                                                        						_v2092 = _t53 + _t74 * 2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t80 = _v2072;
                                                                                                                                                                                                                                                        					_v2076 = _t80;
                                                                                                                                                                                                                                                        					_v2116 = _v2096;
                                                                                                                                                                                                                                                        					_t50 = E00BB18B0();
                                                                                                                                                                                                                                                        					_v2112 = _t80;
                                                                                                                                                                                                                                                        					__imp____stdio_common_vsnwprintf_s( *_t50, _t50[1], _v2116, _v2104, _t56, _v2100, 0, _t80);
                                                                                                                                                                                                                                                        					_t86 = _t86 + 0x20;
                                                                                                                                                                                                                                                        					_t81 = _t50;
                                                                                                                                                                                                                                                        					if(_t50 < 0) {
                                                                                                                                                                                                                                                        						_t52 = E00BB18B0();
                                                                                                                                                                                                                                                        						__imp____stdio_common_vswprintf( *_t52 | 0x00000002, _t52[1], 0, 0, _v2100, 0, _v2112);
                                                                                                                                                                                                                                                        						_t86 = _t86 + 0x1c;
                                                                                                                                                                                                                                                        						_t81 =  <=  ? 0xffffffff : _t52;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t81 < 0 || _t81 > _t56) {
                                                                                                                                                                                                                                                        						_t45 = E00BC3010(_t78);
                                                                                                                                                                                                                                                        						_t56 = _t81;
                                                                                                                                                                                                                                                        						if(_t81 >= 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						E00BB73B0(_v2108, _v2096, _t81);
                                                                                                                                                                                                                                                        						_t45 = E00BC3010( &_v2096);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L4;
                                                                                                                                                                                                                                                        			}

































                                                                                                                                                                                                                                                        0x00bc75e0
                                                                                                                                                                                                                                                        0x00bc75ec
                                                                                                                                                                                                                                                        0x00bc75f2
                                                                                                                                                                                                                                                        0x00bc75f7
                                                                                                                                                                                                                                                        0x00bc75ff
                                                                                                                                                                                                                                                        0x00bc7608
                                                                                                                                                                                                                                                        0x00bc760e
                                                                                                                                                                                                                                                        0x00bc7614
                                                                                                                                                                                                                                                        0x00bc7619
                                                                                                                                                                                                                                                        0x00bc761f
                                                                                                                                                                                                                                                        0x00bc7624
                                                                                                                                                                                                                                                        0x00bc762d
                                                                                                                                                                                                                                                        0x00bc7644
                                                                                                                                                                                                                                                        0x00bc764a
                                                                                                                                                                                                                                                        0x00bc764d
                                                                                                                                                                                                                                                        0x00bc7651
                                                                                                                                                                                                                                                        0x00bc7689
                                                                                                                                                                                                                                                        0x00bc76a4
                                                                                                                                                                                                                                                        0x00bc76aa
                                                                                                                                                                                                                                                        0x00bc76ad
                                                                                                                                                                                                                                                        0x00bc76b1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7669
                                                                                                                                                                                                                                                        0x00bc766f
                                                                                                                                                                                                                                                        0x00bc7688
                                                                                                                                                                                                                                                        0x00bc7688
                                                                                                                                                                                                                                                        0x00bc7653
                                                                                                                                                                                                                                                        0x00bc7659
                                                                                                                                                                                                                                                        0x00bc76bd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc76bd
                                                                                                                                                                                                                                                        0x00bc765b
                                                                                                                                                                                                                                                        0x00bc7661
                                                                                                                                                                                                                                                        0x00bc76c4
                                                                                                                                                                                                                                                        0x00bc76c4
                                                                                                                                                                                                                                                        0x00bc76c9
                                                                                                                                                                                                                                                        0x00bc76d3
                                                                                                                                                                                                                                                        0x00bc76dd
                                                                                                                                                                                                                                                        0x00bc76e7
                                                                                                                                                                                                                                                        0x00bc76f4
                                                                                                                                                                                                                                                        0x00bc76f6
                                                                                                                                                                                                                                                        0x00bc76fc
                                                                                                                                                                                                                                                        0x00bc770b
                                                                                                                                                                                                                                                        0x00bc7710
                                                                                                                                                                                                                                                        0x00bc7713
                                                                                                                                                                                                                                                        0x00bc7713
                                                                                                                                                                                                                                                        0x00bc7719
                                                                                                                                                                                                                                                        0x00bc7725
                                                                                                                                                                                                                                                        0x00bc772b
                                                                                                                                                                                                                                                        0x00bc7731
                                                                                                                                                                                                                                                        0x00bc7736
                                                                                                                                                                                                                                                        0x00bc7757
                                                                                                                                                                                                                                                        0x00bc775d
                                                                                                                                                                                                                                                        0x00bc7760
                                                                                                                                                                                                                                                        0x00bc7764
                                                                                                                                                                                                                                                        0x00bc7766
                                                                                                                                                                                                                                                        0x00bc7786
                                                                                                                                                                                                                                                        0x00bc778c
                                                                                                                                                                                                                                                        0x00bc7799
                                                                                                                                                                                                                                                        0x00bc7799
                                                                                                                                                                                                                                                        0x00bc779e
                                                                                                                                                                                                                                                        0x00bc77c8
                                                                                                                                                                                                                                                        0x00bc77cf
                                                                                                                                                                                                                                                        0x00bc77d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc77a4
                                                                                                                                                                                                                                                        0x00bc77b1
                                                                                                                                                                                                                                                        0x00bc77bc
                                                                                                                                                                                                                                                        0x00bc77bc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc779e
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5F20: _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0(00BF0324,?,?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F2D
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5F20: _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F33
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5F20: GetLastError.KERNEL32(?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F3B
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5F20: SetLastError.KERNEL32(00000000,?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F46
                                                                                                                                                                                                                                                        • __stdio_common_vsnwprintf_s.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,00000400,000003FF,?,00000000,?), ref: 00BC7644
                                                                                                                                                                                                                                                        • __stdio_common_vswprintf.API-MS-WIN-CRT-STDIO-L1-1-0(?,?,00000000,00000000,?,00000000,?), ref: 00BC76A4
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC770B
                                                                                                                                                                                                                                                        • __stdio_common_vsnwprintf_s.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,00000000,?,00000000,?), ref: 00BC7757
                                                                                                                                                                                                                                                        • __stdio_common_vswprintf.API-MS-WIN-CRT-STDIO-L1-1-0(?,?,00000000,00000000,?,00000000,?), ref: 00BC7786
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast__stdio_common_vsnwprintf_s__stdio_common_vswprintf_errno$memset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3782615934-0
                                                                                                                                                                                                                                                        • Opcode ID: 83dc1f1995b47ca3ac7a98ad1f7ea668f6a0d791748dd4da7d28771f8d6e17ef
                                                                                                                                                                                                                                                        • Instruction ID: c8d3d44ee51ba76b51b581eb6c04f3f48981134bb5fb8b465f338e3fcde1636b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 83dc1f1995b47ca3ac7a98ad1f7ea668f6a0d791748dd4da7d28771f8d6e17ef
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 46518E319402289BDB24AB64CC95FAE7AF5FF44700F1481EDE6496B291DE716E80CFD0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(00000002,?,?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7A7
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7C9
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBDB4A
                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000), ref: 00BBDB98
                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBDBA1
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(0000002E), ref: 00BBDBE4
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBDC1F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?sputc@?$basic_streambuf@$?good@ios_base@std@@$?clear@?$basic_ios@Osfx@?$basic_ostream@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1634116027-0
                                                                                                                                                                                                                                                        • Opcode ID: b7567cfd7a58ff9fabc573b0d1336d0a45907160502cc480a94fff2ff892210b
                                                                                                                                                                                                                                                        • Instruction ID: 5ff0e75a15c9ab0b2aaa2f8e1edd064c272a9afdc3560c2ca6136b1f9c45cbb9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b7567cfd7a58ff9fabc573b0d1336d0a45907160502cc480a94fff2ff892210b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4D415F356006008FD738CB38C994E7A7BE6EF89324F154798E9A6873E5DB74E845CB40
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 92%
                                                                                                                                                                                                                                                        			E00BEBFF0(void* __ecx, CHAR* __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				long _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				long _v80;
                                                                                                                                                                                                                                                        				char _v84;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				intOrPtr _v96;
                                                                                                                                                                                                                                                        				intOrPtr _v100;
                                                                                                                                                                                                                                                        				void* _v108;
                                                                                                                                                                                                                                                        				long _v112;
                                                                                                                                                                                                                                                        				char _v116;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t42;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t44;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				signed int _t64;
                                                                                                                                                                                                                                                        				long _t76;
                                                                                                                                                                                                                                                        				long _t77;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t79;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				void* _t95;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t42 =  *(__ecx + 0x34);
                                                                                                                                                                                                                                                        				if(_t42 == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					__eflags = 0;
                                                                                                                                                                                                                                                        					return 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t87 = __ecx;
                                                                                                                                                                                                                                                        					_t44 = GetProcAddress(_t42, __edx);
                                                                                                                                                                                                                                                        					if(_t44 == 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t99 =  *((char*)(_t87 + 0x14));
                                                                                                                                                                                                                                                        						if( *((char*)(_t87 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t87 + 0x14)) = 1;
                                                                                                                                                                                                                                                        							 *(_t87 + 0x10) = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t63 = _t87;
                                                                                                                                                                                                                                                        						_t79 = _t44;
                                                                                                                                                                                                                                                        						_pop(_t88);
                                                                                                                                                                                                                                                        						_pop(_t91);
                                                                                                                                                                                                                                                        						_t92 = _t93;
                                                                                                                                                                                                                                                        						_t89 = _t63;
                                                                                                                                                                                                                                                        						_t64 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        						_v20 = _t64 ^ _t93;
                                                                                                                                                                                                                                                        						E00BEC160(_t63,  &_v32, _t79);
                                                                                                                                                                                                                                                        						_t95 = _t93 - 0x60 + 4;
                                                                                                                                                                                                                                                        						_t81 =  &_v44;
                                                                                                                                                                                                                                                        						E00BEC7F0(_t63,  &_v44, _t99);
                                                                                                                                                                                                                                                        						if(_v36 == 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t59 = 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							E00BEC8B0();
                                                                                                                                                                                                                                                        							EnterCriticalSection(0xbfb778);
                                                                                                                                                                                                                                                        							_t81 =  &_v84;
                                                                                                                                                                                                                                                        							E00BED0E0(_v44,  &_v84);
                                                                                                                                                                                                                                                        							LeaveCriticalSection(0xbfb778);
                                                                                                                                                                                                                                                        							if(_v52 == 0) {
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								asm("movups xmm0, [ebp-0x4c]");
                                                                                                                                                                                                                                                        								_t84 = _a4;
                                                                                                                                                                                                                                                        								_t61 =  &_v116;
                                                                                                                                                                                                                                                        								_t81 =  &_v36;
                                                                                                                                                                                                                                                        								asm("movups [ebp-0x6c], xmm0");
                                                                                                                                                                                                                                                        								_v100 = _v68;
                                                                                                                                                                                                                                                        								_v96 = _v64;
                                                                                                                                                                                                                                                        								_v92 = _v60;
                                                                                                                                                                                                                                                        								_v80 = 0;
                                                                                                                                                                                                                                                        								_v56 = 0;
                                                                                                                                                                                                                                                        								_v88 = _v56;
                                                                                                                                                                                                                                                        								E00BEC220(_t89,  &_v36, _t61, _v0, _t84);
                                                                                                                                                                                                                                                        								_t95 = _t95 + 0xc;
                                                                                                                                                                                                                                                        								_t54 = _v108;
                                                                                                                                                                                                                                                        								_t59 = _t61 & 0xffffff00 |  *_t84 != 0x00000000;
                                                                                                                                                                                                                                                        								if(_t54 == 0) {
                                                                                                                                                                                                                                                        									L11:
                                                                                                                                                                                                                                                        									_t55 = _v76;
                                                                                                                                                                                                                                                        									if(_t55 != 0) {
                                                                                                                                                                                                                                                        										_t76 = _v80;
                                                                                                                                                                                                                                                        										if(_t76 != 0) {
                                                                                                                                                                                                                                                        											_t81 =  &_v80;
                                                                                                                                                                                                                                                        											VirtualProtect(_t55, _v60, _t76,  &_v80);
                                                                                                                                                                                                                                                        											_v76 = 0;
                                                                                                                                                                                                                                                        											_v72 = 0;
                                                                                                                                                                                                                                                        											_v80 = 0;
                                                                                                                                                                                                                                                        											_v56 = 0;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t77 = _v112;
                                                                                                                                                                                                                                                        									if(_t77 == 0) {
                                                                                                                                                                                                                                                        										goto L11;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t81 =  &_v112;
                                                                                                                                                                                                                                                        										VirtualProtect(_t54, _v92, _t77,  &_v112);
                                                                                                                                                                                                                                                        										if(_v52 != 0) {
                                                                                                                                                                                                                                                        											goto L11;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						E00BEECB0(_v24 ^ _t92, _t81);
                                                                                                                                                                                                                                                        						return _t59;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}








































                                                                                                                                                                                                                                                        0x00bebff4
                                                                                                                                                                                                                                                        0x00bebff9
                                                                                                                                                                                                                                                        0x00bec028
                                                                                                                                                                                                                                                        0x00bec028
                                                                                                                                                                                                                                                        0x00bec02c
                                                                                                                                                                                                                                                        0x00bebffb
                                                                                                                                                                                                                                                        0x00bebffb
                                                                                                                                                                                                                                                        0x00bebfff
                                                                                                                                                                                                                                                        0x00bec007
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec009
                                                                                                                                                                                                                                                        0x00bec009
                                                                                                                                                                                                                                                        0x00bec00d
                                                                                                                                                                                                                                                        0x00bec00f
                                                                                                                                                                                                                                                        0x00bec016
                                                                                                                                                                                                                                                        0x00bec016
                                                                                                                                                                                                                                                        0x00bec01d
                                                                                                                                                                                                                                                        0x00bec01f
                                                                                                                                                                                                                                                        0x00bec021
                                                                                                                                                                                                                                                        0x00bec022
                                                                                                                                                                                                                                                        0x00bec031
                                                                                                                                                                                                                                                        0x00bec039
                                                                                                                                                                                                                                                        0x00bec03b
                                                                                                                                                                                                                                                        0x00bec048
                                                                                                                                                                                                                                                        0x00bec04e
                                                                                                                                                                                                                                                        0x00bec053
                                                                                                                                                                                                                                                        0x00bec056
                                                                                                                                                                                                                                                        0x00bec05b
                                                                                                                                                                                                                                                        0x00bec064
                                                                                                                                                                                                                                                        0x00bec129
                                                                                                                                                                                                                                                        0x00bec129
                                                                                                                                                                                                                                                        0x00bec06a
                                                                                                                                                                                                                                                        0x00bec06a
                                                                                                                                                                                                                                                        0x00bec074
                                                                                                                                                                                                                                                        0x00bec07d
                                                                                                                                                                                                                                                        0x00bec080
                                                                                                                                                                                                                                                        0x00bec08a
                                                                                                                                                                                                                                                        0x00bec094
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec09a
                                                                                                                                                                                                                                                        0x00bec09a
                                                                                                                                                                                                                                                        0x00bec0a1
                                                                                                                                                                                                                                                        0x00bec0a7
                                                                                                                                                                                                                                                        0x00bec0aa
                                                                                                                                                                                                                                                        0x00bec0ad
                                                                                                                                                                                                                                                        0x00bec0b1
                                                                                                                                                                                                                                                        0x00bec0b7
                                                                                                                                                                                                                                                        0x00bec0bd
                                                                                                                                                                                                                                                        0x00bec0c3
                                                                                                                                                                                                                                                        0x00bec0ca
                                                                                                                                                                                                                                                        0x00bec0ce
                                                                                                                                                                                                                                                        0x00bec0d6
                                                                                                                                                                                                                                                        0x00bec0db
                                                                                                                                                                                                                                                        0x00bec0e1
                                                                                                                                                                                                                                                        0x00bec0e4
                                                                                                                                                                                                                                                        0x00bec0e9
                                                                                                                                                                                                                                                        0x00bec107
                                                                                                                                                                                                                                                        0x00bec107
                                                                                                                                                                                                                                                        0x00bec10c
                                                                                                                                                                                                                                                        0x00bec10e
                                                                                                                                                                                                                                                        0x00bec113
                                                                                                                                                                                                                                                        0x00bec12d
                                                                                                                                                                                                                                                        0x00bec136
                                                                                                                                                                                                                                                        0x00bec13c
                                                                                                                                                                                                                                                        0x00bec143
                                                                                                                                                                                                                                                        0x00bec14a
                                                                                                                                                                                                                                                        0x00bec151
                                                                                                                                                                                                                                                        0x00bec151
                                                                                                                                                                                                                                                        0x00bec113
                                                                                                                                                                                                                                                        0x00bec0eb
                                                                                                                                                                                                                                                        0x00bec0eb
                                                                                                                                                                                                                                                        0x00bec0f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec0f2
                                                                                                                                                                                                                                                        0x00bec0f2
                                                                                                                                                                                                                                                        0x00bec0fb
                                                                                                                                                                                                                                                        0x00bec105
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec105
                                                                                                                                                                                                                                                        0x00bec0f0
                                                                                                                                                                                                                                                        0x00bec0e9
                                                                                                                                                                                                                                                        0x00bec094
                                                                                                                                                                                                                                                        0x00bec11a
                                                                                                                                                                                                                                                        0x00bec128
                                                                                                                                                                                                                                                        0x00bec128
                                                                                                                                                                                                                                                        0x00bec007

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,?), ref: 00BEBFFF
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(00BFB778), ref: 00BEC074
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(00BFB778), ref: 00BEC08A
                                                                                                                                                                                                                                                        • VirtualProtect.KERNEL32(?,?,?,?), ref: 00BEC0FB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$AddressEnterLeaveProcProtectVirtual
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1826293591-0
                                                                                                                                                                                                                                                        • Opcode ID: 20989457b901a73dc8354246feaf332f68350bcf89caffed8d8f8d1af8295a4f
                                                                                                                                                                                                                                                        • Instruction ID: 0bbadd391b8be218673a97abeb736b34f55f5011f6acec6ac69ac79f2fb4de58
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 20989457b901a73dc8354246feaf332f68350bcf89caffed8d8f8d1af8295a4f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92418E70E043889BDF14DFA6E845BEEBFF5EF44304F044159E805A7242DB74A949CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 68%
                                                                                                                                                                                                                                                        			E00BD3070(intOrPtr _a4, void* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        				short* _t35;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				int _t43;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				signed int* _t63;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t30 ^ _t62;
                                                                                                                                                                                                                                                        				if( *0xbfb500 == 0) {
                                                                                                                                                                                                                                                        					E00BEB3D0("NtQueryObject", 0xbfb500);
                                                                                                                                                                                                                                                        					_t63 =  &(_t63[2]);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t59 = 0;
                                                                                                                                                                                                                                                        				_t43 = 0x104;
                                                                                                                                                                                                                                                        				_v28 = 0x104;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t32 = malloc(_t43);
                                                                                                                                                                                                                                                        					_t63 =  &(_t63[1]);
                                                                                                                                                                                                                                                        					_t58 = _t32;
                                                                                                                                                                                                                                                        					if(_t59 != 0) {
                                                                                                                                                                                                                                                        						free(_t59);
                                                                                                                                                                                                                                                        						_t63 =  &(_t63[1]);
                                                                                                                                                                                                                                                        						_t43 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t34 =  *0xbfb500(_a4, 1, _t58, _t43,  &_v28);
                                                                                                                                                                                                                                                        					if(_t34 == 0xc0000004) {
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t44 = _t34;
                                                                                                                                                                                                                                                        					if(_t34 == 0x80000005) {
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t44 < 0) {
                                                                                                                                                                                                                                                        						L15:
                                                                                                                                                                                                                                                        						_t46 = _a8;
                                                                                                                                                                                                                                                        						_t35 = _t46;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t46 + 0x14)) >= 8) {
                                                                                                                                                                                                                                                        							_t35 =  *_t46;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t46 + 0x10)) = 0;
                                                                                                                                                                                                                                                        						 *_t35 = 0;
                                                                                                                                                                                                                                                        						if(_t58 == 0) {
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							E00BEECB0(_v20 ^ _t62, _t53);
                                                                                                                                                                                                                                                        							return _t44 & 0xffffff00 | _t44 > 0x00000000;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L18:
                                                                                                                                                                                                                                                        							free(_t58);
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t38 =  *(_t58 + 4);
                                                                                                                                                                                                                                                        					if(_t38 == 0) {
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t49 =  *_t58 & 0x0000ffff;
                                                                                                                                                                                                                                                        					if(_t49 == 0) {
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t61 = _t49 >> 1;
                                                                                                                                                                                                                                                        					_t53 =  *((intOrPtr*)(_a8 + 0x14));
                                                                                                                                                                                                                                                        					if(_t53 < _t61) {
                                                                                                                                                                                                                                                        						_t63 = _t63 - 0xc;
                                                                                                                                                                                                                                                        						_v60 = _v24;
                                                                                                                                                                                                                                                        						_v56 = _t38;
                                                                                                                                                                                                                                                        						 *_t63 = _t61;
                                                                                                                                                                                                                                                        						E00BBA7D0(_t44, _a8, _t58, _t61);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v32 = _a8;
                                                                                                                                                                                                                                                        						if(_t53 >= 8) {
                                                                                                                                                                                                                                                        							_v32 =  *_a8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t53 = _a8;
                                                                                                                                                                                                                                                        						 *(_a8 + 0x10) = _t61;
                                                                                                                                                                                                                                                        						memmove(_v32, _t38, _t49 & 0xfffffffe);
                                                                                                                                                                                                                                                        						_t63 =  &(_t63[3]);
                                                                                                                                                                                                                                                        						 *((short*)(_v32 + _t61 * 2)) = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L18;
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t43 = _v28;
                                                                                                                                                                                                                                                        					_t59 = _t58;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bd3079
                                                                                                                                                                                                                                                        0x00bd3080
                                                                                                                                                                                                                                                        0x00bd308a
                                                                                                                                                                                                                                                        0x00bd3096
                                                                                                                                                                                                                                                        0x00bd309b
                                                                                                                                                                                                                                                        0x00bd309b
                                                                                                                                                                                                                                                        0x00bd309e
                                                                                                                                                                                                                                                        0x00bd30a0
                                                                                                                                                                                                                                                        0x00bd30a5
                                                                                                                                                                                                                                                        0x00bd30b5
                                                                                                                                                                                                                                                        0x00bd30b6
                                                                                                                                                                                                                                                        0x00bd30bc
                                                                                                                                                                                                                                                        0x00bd30bf
                                                                                                                                                                                                                                                        0x00bd30c3
                                                                                                                                                                                                                                                        0x00bd30c6
                                                                                                                                                                                                                                                        0x00bd30cc
                                                                                                                                                                                                                                                        0x00bd30cf
                                                                                                                                                                                                                                                        0x00bd30cf
                                                                                                                                                                                                                                                        0x00bd30dd
                                                                                                                                                                                                                                                        0x00bd30e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30ea
                                                                                                                                                                                                                                                        0x00bd30f1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30f5
                                                                                                                                                                                                                                                        0x00bd3147
                                                                                                                                                                                                                                                        0x00bd3147
                                                                                                                                                                                                                                                        0x00bd314e
                                                                                                                                                                                                                                                        0x00bd3150
                                                                                                                                                                                                                                                        0x00bd3152
                                                                                                                                                                                                                                                        0x00bd3152
                                                                                                                                                                                                                                                        0x00bd3156
                                                                                                                                                                                                                                                        0x00bd315d
                                                                                                                                                                                                                                                        0x00bd3162
                                                                                                                                                                                                                                                        0x00bd316e
                                                                                                                                                                                                                                                        0x00bd3178
                                                                                                                                                                                                                                                        0x00bd3186
                                                                                                                                                                                                                                                        0x00bd3164
                                                                                                                                                                                                                                                        0x00bd3164
                                                                                                                                                                                                                                                        0x00bd3165
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd316b
                                                                                                                                                                                                                                                        0x00bd3162
                                                                                                                                                                                                                                                        0x00bd30f7
                                                                                                                                                                                                                                                        0x00bd30fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30fe
                                                                                                                                                                                                                                                        0x00bd3103
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd310a
                                                                                                                                                                                                                                                        0x00bd310c
                                                                                                                                                                                                                                                        0x00bd3111
                                                                                                                                                                                                                                                        0x00bd3187
                                                                                                                                                                                                                                                        0x00bd318d
                                                                                                                                                                                                                                                        0x00bd3194
                                                                                                                                                                                                                                                        0x00bd3198
                                                                                                                                                                                                                                                        0x00bd319b
                                                                                                                                                                                                                                                        0x00bd3113
                                                                                                                                                                                                                                                        0x00bd3119
                                                                                                                                                                                                                                                        0x00bd311c
                                                                                                                                                                                                                                                        0x00bd3123
                                                                                                                                                                                                                                                        0x00bd3123
                                                                                                                                                                                                                                                        0x00bd3126
                                                                                                                                                                                                                                                        0x00bd312c
                                                                                                                                                                                                                                                        0x00bd3134
                                                                                                                                                                                                                                                        0x00bd3139
                                                                                                                                                                                                                                                        0x00bd313f
                                                                                                                                                                                                                                                        0x00bd313f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30b0
                                                                                                                                                                                                                                                        0x00bd30b0
                                                                                                                                                                                                                                                        0x00bd30b3
                                                                                                                                                                                                                                                        0x00bd30b3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000104), ref: 00BD30B6
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BD30C6
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?), ref: 00BD3134
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BD3165
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$AddressProcmallocmemmove
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 1959892876-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: cb0537141e49864d913407cc303472be5bdc8ef10d1a52b387d71dbfe36ebabe
                                                                                                                                                                                                                                                        • Instruction ID: c93663a16e40e10ade19a20356b4f4023fa4b963e316c500f37349b5debfaa18
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cb0537141e49864d913407cc303472be5bdc8ef10d1a52b387d71dbfe36ebabe
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B831D370A0021A9BDB148F58DC85ABFBBF5EF40B00F14816AE9159B352EB74DE45CBD2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BD5AC0(void* __eax, void* __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v4;
                                                                                                                                                                                                                                                        				char _v8;
                                                                                                                                                                                                                                                        				intOrPtr _v12;
                                                                                                                                                                                                                                                        				intOrPtr _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				signed int _v72;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				intOrPtr _v96;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				char _v116;
                                                                                                                                                                                                                                                        				intOrPtr _v120;
                                                                                                                                                                                                                                                        				char _v124;
                                                                                                                                                                                                                                                        				signed int _v140;
                                                                                                                                                                                                                                                        				intOrPtr _v144;
                                                                                                                                                                                                                                                        				signed int _v148;
                                                                                                                                                                                                                                                        				char _v152;
                                                                                                                                                                                                                                                        				char _v168;
                                                                                                                                                                                                                                                        				signed int _v172;
                                                                                                                                                                                                                                                        				char _v176;
                                                                                                                                                                                                                                                        				char _v192;
                                                                                                                                                                                                                                                        				intOrPtr _v196;
                                                                                                                                                                                                                                                        				char _v200;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v224;
                                                                                                                                                                                                                                                        				signed int _v244;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				intOrPtr* _t106;
                                                                                                                                                                                                                                                        				intOrPtr _t107;
                                                                                                                                                                                                                                                        				intOrPtr _t108;
                                                                                                                                                                                                                                                        				intOrPtr _t115;
                                                                                                                                                                                                                                                        				intOrPtr _t121;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				signed int _t130;
                                                                                                                                                                                                                                                        				intOrPtr _t134;
                                                                                                                                                                                                                                                        				intOrPtr _t139;
                                                                                                                                                                                                                                                        				intOrPtr _t144;
                                                                                                                                                                                                                                                        				intOrPtr* _t146;
                                                                                                                                                                                                                                                        				char* _t148;
                                                                                                                                                                                                                                                        				signed int _t149;
                                                                                                                                                                                                                                                        				intOrPtr* _t154;
                                                                                                                                                                                                                                                        				intOrPtr _t155;
                                                                                                                                                                                                                                                        				void* _t157;
                                                                                                                                                                                                                                                        				signed int _t158;
                                                                                                                                                                                                                                                        				signed int _t166;
                                                                                                                                                                                                                                                        				void* _t168;
                                                                                                                                                                                                                                                        				signed int _t169;
                                                                                                                                                                                                                                                        				signed int _t174;
                                                                                                                                                                                                                                                        				intOrPtr* _t176;
                                                                                                                                                                                                                                                        				signed int _t183;
                                                                                                                                                                                                                                                        				signed int _t188;
                                                                                                                                                                                                                                                        				intOrPtr _t194;
                                                                                                                                                                                                                                                        				intOrPtr _t196;
                                                                                                                                                                                                                                                        				intOrPtr _t197;
                                                                                                                                                                                                                                                        				signed int _t199;
                                                                                                                                                                                                                                                        				signed int _t201;
                                                                                                                                                                                                                                                        				intOrPtr _t206;
                                                                                                                                                                                                                                                        				intOrPtr* _t208;
                                                                                                                                                                                                                                                        				char* _t210;
                                                                                                                                                                                                                                                        				char* _t211;
                                                                                                                                                                                                                                                        				signed int _t212;
                                                                                                                                                                                                                                                        				intOrPtr* _t218;
                                                                                                                                                                                                                                                        				void* _t219;
                                                                                                                                                                                                                                                        				intOrPtr _t220;
                                                                                                                                                                                                                                                        				intOrPtr _t223;
                                                                                                                                                                                                                                                        				signed int _t229;
                                                                                                                                                                                                                                                        				signed int _t231;
                                                                                                                                                                                                                                                        				signed int _t232;
                                                                                                                                                                                                                                                        				signed int _t233;
                                                                                                                                                                                                                                                        				signed int _t237;
                                                                                                                                                                                                                                                        				signed int _t240;
                                                                                                                                                                                                                                                        				signed int _t242;
                                                                                                                                                                                                                                                        				void* _t243;
                                                                                                                                                                                                                                                        				void* _t245;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t154 = __ecx + 4;
                                                                                                                                                                                                                                                        				_t229 = _t237;
                                                                                                                                                                                                                                                        				_push(__eax);
                                                                                                                                                                                                                                                        				_t106 =  *_t154;
                                                                                                                                                                                                                                                        				_t208 =  *_t106;
                                                                                                                                                                                                                                                        				 *_t106 = _t106;
                                                                                                                                                                                                                                                        				_t107 =  *_t154;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t107 + 4)) = _t107;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t154 + 4)) = 0;
                                                                                                                                                                                                                                                        				if(_t208 ==  *_t154) {
                                                                                                                                                                                                                                                        					_t146 = _t208;
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t218 = _t154;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t108 =  *((intOrPtr*)(_t208 + 0x54));
                                                                                                                                                                                                                                                        						_t146 =  *_t208;
                                                                                                                                                                                                                                                        						if(_t108 >= 0x10) {
                                                                                                                                                                                                                                                        							_t155 =  *((intOrPtr*)(_t208 + 0x40));
                                                                                                                                                                                                                                                        							_t196 = _t108 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t196 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t196 >= 0x1000) {
                                                                                                                                                                                                                                                        								_t197 =  *((intOrPtr*)(_t155 - 4));
                                                                                                                                                                                                                                                        								_t157 = _t155 + 0xfffffffc - _t197;
                                                                                                                                                                                                                                                        								_v20 = _t197;
                                                                                                                                                                                                                                                        								__eflags = _t157 - 0x20;
                                                                                                                                                                                                                                                        								if(_t157 >= 0x20) {
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t155 = _v20;
                                                                                                                                                                                                                                                        									_t196 = _t108 + 0x24;
                                                                                                                                                                                                                                                        									goto L10;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								_push(_t196);
                                                                                                                                                                                                                                                        								_push(_t155);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t237 = _t237 + 8;
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t208 + 0x50)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t208 + 0x54)) = 0xf;
                                                                                                                                                                                                                                                        							 *((char*)(_t208 + 0x40)) = 0;
                                                                                                                                                                                                                                                        							_t144 =  *((intOrPtr*)(_t208 + 0x3c));
                                                                                                                                                                                                                                                        							if(_t144 < 0x10) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t194 =  *((intOrPtr*)(_t208 + 0x28));
                                                                                                                                                                                                                                                        								_t13 = _t144 + 1; // 0x10
                                                                                                                                                                                                                                                        								if(_t13 >= 0x1000) {
                                                                                                                                                                                                                                                        									_t206 =  *((intOrPtr*)(_t194 - 4));
                                                                                                                                                                                                                                                        									_t157 = _t194 + 0xfffffffc - _t206;
                                                                                                                                                                                                                                                        									_v20 = _t206;
                                                                                                                                                                                                                                                        									__eflags = _t157 - 0x20;
                                                                                                                                                                                                                                                        									if(_t157 >= 0x20) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(_t229);
                                                                                                                                                                                                                                                        										_t231 = _t237;
                                                                                                                                                                                                                                                        										_push(_t146);
                                                                                                                                                                                                                                                        										_push(_t208);
                                                                                                                                                                                                                                                        										_push(_t218);
                                                                                                                                                                                                                                                        										_t219 = _t157;
                                                                                                                                                                                                                                                        										_t158 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        										_t210 =  &_v92;
                                                                                                                                                                                                                                                        										_t148 =  &_v68;
                                                                                                                                                                                                                                                        										_v40 = _t158 ^ _t231;
                                                                                                                                                                                                                                                        										_v96 = 7;
                                                                                                                                                                                                                                                        										_v100 = 0;
                                                                                                                                                                                                                                                        										_v116 = 0;
                                                                                                                                                                                                                                                        										_v72 = 0xf;
                                                                                                                                                                                                                                                        										_v76 = 0;
                                                                                                                                                                                                                                                        										_v92 = 0;
                                                                                                                                                                                                                                                        										_v48 = 0xf;
                                                                                                                                                                                                                                                        										_v52 = 0;
                                                                                                                                                                                                                                                        										_v68 = 0;
                                                                                                                                                                                                                                                        										_v124 = _v8;
                                                                                                                                                                                                                                                        										_v120 = _v0;
                                                                                                                                                                                                                                                        										E00BBA740( &_v116, _v16);
                                                                                                                                                                                                                                                        										E00BBD9B0(_t210, _v12);
                                                                                                                                                                                                                                                        										E00BBD9B0(_t148, _v4);
                                                                                                                                                                                                                                                        										_v44 = 0;
                                                                                                                                                                                                                                                        										_push( &_v124);
                                                                                                                                                                                                                                                        										E00BD6AD0( &_v124, _t148, _t219 + 4,  *((intOrPtr*)(_t219 + 4)), _t210, _t219);
                                                                                                                                                                                                                                                        										_t240 = _t237 - 0x58 + 4;
                                                                                                                                                                                                                                                        										 *((char*)(_t219 + 0xc)) = 1;
                                                                                                                                                                                                                                                        										_t115 = _v48;
                                                                                                                                                                                                                                                        										__eflags = _t115 - 0x10;
                                                                                                                                                                                                                                                        										if(_t115 >= 0x10) {
                                                                                                                                                                                                                                                        											_t166 = _v52;
                                                                                                                                                                                                                                                        											_t58 = _t115 + 1; // 0x10
                                                                                                                                                                                                                                                        											_t220 = _t58;
                                                                                                                                                                                                                                                        											__eflags = _t220 - 0x1000;
                                                                                                                                                                                                                                                        											if(_t220 >= 0x1000) {
                                                                                                                                                                                                                                                        												_t199 =  *((intOrPtr*)(_t166 - 4));
                                                                                                                                                                                                                                                        												_t168 = _t166 + 0xfffffffc - _t199;
                                                                                                                                                                                                                                                        												__eflags = _t168 - 0x20;
                                                                                                                                                                                                                                                        												if(_t168 >= 0x20) {
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t166 = _t199;
                                                                                                                                                                                                                                                        													_t220 = _t115 + 0x24;
                                                                                                                                                                                                                                                        													goto L21;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L21:
                                                                                                                                                                                                                                                        												_push(_t220);
                                                                                                                                                                                                                                                        												_push(_t166);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t240 = _t240 + 8;
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											_v36 = 0;
                                                                                                                                                                                                                                                        											_v32 = 0xf;
                                                                                                                                                                                                                                                        											_v52 = 0;
                                                                                                                                                                                                                                                        											_t139 = _v56;
                                                                                                                                                                                                                                                        											__eflags = _t139 - 0x10;
                                                                                                                                                                                                                                                        											if(_t139 >= 0x10) {
                                                                                                                                                                                                                                                        												_t188 = _v76;
                                                                                                                                                                                                                                                        												_t60 = _t139 + 1; // 0x10
                                                                                                                                                                                                                                                        												_t220 = _t60;
                                                                                                                                                                                                                                                        												__eflags = _t220 - 0x1000;
                                                                                                                                                                                                                                                        												if(_t220 >= 0x1000) {
                                                                                                                                                                                                                                                        													_t199 =  *((intOrPtr*)(_t188 - 4));
                                                                                                                                                                                                                                                        													_t168 = _t188 + 0xfffffffc - _t199;
                                                                                                                                                                                                                                                        													__eflags = _t168 - 0x20;
                                                                                                                                                                                                                                                        													if(_t168 >= 0x20) {
                                                                                                                                                                                                                                                        														L28:
                                                                                                                                                                                                                                                        														__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														_push(_t231);
                                                                                                                                                                                                                                                        														_t232 = _t240;
                                                                                                                                                                                                                                                        														_push(_t210);
                                                                                                                                                                                                                                                        														_push(_t220);
                                                                                                                                                                                                                                                        														_t169 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        														_t211 =  &_v192;
                                                                                                                                                                                                                                                        														_v140 = _t169 ^ _t232;
                                                                                                                                                                                                                                                        														_v196 = 7;
                                                                                                                                                                                                                                                        														_v200 = 0;
                                                                                                                                                                                                                                                        														_v216 = 0;
                                                                                                                                                                                                                                                        														_v172 = 0xf;
                                                                                                                                                                                                                                                        														_v176 = 0;
                                                                                                                                                                                                                                                        														_v192 = 0;
                                                                                                                                                                                                                                                        														_v148 = 0xf;
                                                                                                                                                                                                                                                        														_v152 = 0;
                                                                                                                                                                                                                                                        														_v168 = 0;
                                                                                                                                                                                                                                                        														_v224 = 5;
                                                                                                                                                                                                                                                        														E00BBA740( &_v216, _v120);
                                                                                                                                                                                                                                                        														E00BBD9B0(_t211, L"@ntdll.dll");
                                                                                                                                                                                                                                                        														_v144 = 1;
                                                                                                                                                                                                                                                        														_push( &_v224);
                                                                                                                                                                                                                                                        														E00BD6AD0( &_v224, _t148, _t168 + 4,  *((intOrPtr*)(_t168 + 4)), _t211, _t168 + 4);
                                                                                                                                                                                                                                                        														_t242 = _t240 - 0x58 + 4;
                                                                                                                                                                                                                                                        														_t121 = _v148;
                                                                                                                                                                                                                                                        														__eflags = _t121 - 0x10;
                                                                                                                                                                                                                                                        														if(_t121 >= 0x10) {
                                                                                                                                                                                                                                                        															_t174 = _v52;
                                                                                                                                                                                                                                                        															_t91 = _t121 + 1; // 0x10
                                                                                                                                                                                                                                                        															_t223 = _t91;
                                                                                                                                                                                                                                                        															__eflags = _t223 - 0x1000;
                                                                                                                                                                                                                                                        															if(_t223 >= 0x1000) {
                                                                                                                                                                                                                                                        																_t201 =  *(_t174 - 4);
                                                                                                                                                                                                                                                        																_t176 = _t174 + 0xfffffffc - _t201;
                                                                                                                                                                                                                                                        																__eflags = _t176 - 0x20;
                                                                                                                                                                                                                                                        																if(_t176 >= 0x20) {
                                                                                                                                                                                                                                                        																	goto L40;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t174 = _t201;
                                                                                                                                                                                                                                                        																	_t223 = _t121 + 0x24;
                                                                                                                                                                                                                                                        																	goto L33;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																L33:
                                                                                                                                                                                                                                                        																_push(_t223);
                                                                                                                                                                                                                                                        																_push(_t174);
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																_t242 = _t242 + 8;
                                                                                                                                                                                                                                                        																goto L30;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L30:
                                                                                                                                                                                                                                                        															_v36 = 0;
                                                                                                                                                                                                                                                        															_v32 = 0xf;
                                                                                                                                                                                                                                                        															_v52 = 0;
                                                                                                                                                                                                                                                        															_t134 = _v56;
                                                                                                                                                                                                                                                        															__eflags = _t134 - 0x10;
                                                                                                                                                                                                                                                        															if(_t134 >= 0x10) {
                                                                                                                                                                                                                                                        																_t183 = _v76;
                                                                                                                                                                                                                                                        																_t93 = _t134 + 1; // 0x10
                                                                                                                                                                                                                                                        																_t223 = _t93;
                                                                                                                                                                                                                                                        																__eflags = _t223 - 0x1000;
                                                                                                                                                                                                                                                        																if(_t223 >= 0x1000) {
                                                                                                                                                                                                                                                        																	_t201 =  *(_t183 - 4);
                                                                                                                                                                                                                                                        																	_t176 = _t183 + 0xfffffffc - _t201;
                                                                                                                                                                                                                                                        																	__eflags = _t176 - 0x20;
                                                                                                                                                                                                                                                        																	if(_t176 >= 0x20) {
                                                                                                                                                                                                                                                        																		L40:
                                                                                                                                                                                                                                                        																		__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		_push(_t232);
                                                                                                                                                                                                                                                        																		_t233 = _t242;
                                                                                                                                                                                                                                                        																		_push(_t148);
                                                                                                                                                                                                                                                        																		_push(_t211);
                                                                                                                                                                                                                                                        																		_push(_t223);
                                                                                                                                                                                                                                                        																		_t243 = _t242 - 0xc;
                                                                                                                                                                                                                                                        																		_t122 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        																		_t149 = 0;
                                                                                                                                                                                                                                                        																		_v244 = _t122 ^ _t233;
                                                                                                                                                                                                                                                        																		__eflags =  *(_t176 + 8);
                                                                                                                                                                                                                                                        																		if(__eflags != 0) {
                                                                                                                                                                                                                                                        																			_t224 = _t176;
                                                                                                                                                                                                                                                        																			_t124 = E00BD5F40(_t176, __eflags);
                                                                                                                                                                                                                                                        																			_t212 = _t124;
                                                                                                                                                                                                                                                        																			_push(_t124);
                                                                                                                                                                                                                                                        																			L00BEF6CC();
                                                                                                                                                                                                                                                        																			_t125 = E00BD6040(_t176, _t124, _t212);
                                                                                                                                                                                                                                                        																			_t201 = _t124;
                                                                                                                                                                                                                                                        																			_t245 = _t243 + 8;
                                                                                                                                                                                                                                                        																			_t149 = 0x26;
                                                                                                                                                                                                                                                        																			__eflags = _t125;
                                                                                                                                                                                                                                                        																			if(_t125 != 0) {
                                                                                                                                                                                                                                                        																				_t149 = 0x27;
                                                                                                                                                                                                                                                        																				_v40 = _t201;
                                                                                                                                                                                                                                                        																				_t129 = E00BEB4E0( *((intOrPtr*)( *_t224)), _t201, _t212,  &_v36);
                                                                                                                                                                                                                                                        																				_t245 = _t245 + 0x10;
                                                                                                                                                                                                                                                        																				__eflags = _t129;
                                                                                                                                                                                                                                                        																				if(_t129 != 0) {
                                                                                                                                                                                                                                                        																					__eflags = _t212;
                                                                                                                                                                                                                                                        																					_t204 = 0 | _t212 != 0x00000000;
                                                                                                                                                                                                                                                        																					_t130 = E00BD6270(_t224, _t212 != 0);
                                                                                                                                                                                                                                                        																					_t149 = _t130;
                                                                                                                                                                                                                                                        																					__eflags = _t130;
                                                                                                                                                                                                                                                        																					if(__eflags == 0) {
                                                                                                                                                                                                                                                        																						 *0xbfb5bc = _v36;
                                                                                                                                                                                                                                                        																						_t149 = E00BE9630( *_t224, _t204, __eflags, "g_interceptions", "true", 4);
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t201 = _v40;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_push(_t201);
                                                                                                                                                                                                                                                        																			L00BEF6D2();
                                                                                                                                                                                                                                                        																			_t243 = _t245 + 4;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		__eflags = _v32 ^ _t233;
                                                                                                                                                                                                                                                        																		E00BEECB0(_v32 ^ _t233, _t201);
                                                                                                                                                                                                                                                        																		return _t149;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t134 = _t134 + 0x24;
                                                                                                                                                                                                                                                        																		_t183 = _t201;
                                                                                                                                                                                                                                                        																		_t223 = _t134;
                                                                                                                                                                                                                                                        																		goto L35;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	L35:
                                                                                                                                                                                                                                                        																	_push(_t223);
                                                                                                                                                                                                                                                        																	_push(_t183);
                                                                                                                                                                                                                                                        																	L00BEF6C6();
                                                                                                                                                                                                                                                        																	_t242 = _t242 + 8;
                                                                                                                                                                                                                                                        																	goto L31;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																L31:
                                                                                                                                                                                                                                                        																_v60 = 0;
                                                                                                                                                                                                                                                        																_v56 = 0xf;
                                                                                                                                                                                                                                                        																_v76 = 0;
                                                                                                                                                                                                                                                        																E00BBDF30(_t134,  &_v100, _t201);
                                                                                                                                                                                                                                                        																__eflags = _v24 ^ _t232;
                                                                                                                                                                                                                                                        																E00BEECB0(_v24 ^ _t232, _t201);
                                                                                                                                                                                                                                                        																return 1;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t139 = _t139 + 0x24;
                                                                                                                                                                                                                                                        														_t188 = _t199;
                                                                                                                                                                                                                                                        														_t220 = _t139;
                                                                                                                                                                                                                                                        														goto L23;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L23:
                                                                                                                                                                                                                                                        													_push(_t220);
                                                                                                                                                                                                                                                        													_push(_t188);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t240 = _t240 + 8;
                                                                                                                                                                                                                                                        													goto L19;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L19:
                                                                                                                                                                                                                                                        												_v60 = 0;
                                                                                                                                                                                                                                                        												_v56 = 0xf;
                                                                                                                                                                                                                                                        												_v76 = 0;
                                                                                                                                                                                                                                                        												E00BBDF30(_t139,  &_v100, _t199);
                                                                                                                                                                                                                                                        												__eflags = _v24 ^ _t231;
                                                                                                                                                                                                                                                        												E00BEECB0(_v24 ^ _t231, _t199);
                                                                                                                                                                                                                                                        												return 1;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t194 = _v20;
                                                                                                                                                                                                                                                        										_t196 = _t144;
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L8:
                                                                                                                                                                                                                                                        									_push(_t196);
                                                                                                                                                                                                                                                        									_push(_t194);
                                                                                                                                                                                                                                                        									L00BEF6C6();
                                                                                                                                                                                                                                                        									_t237 = _t237 + 8;
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L49;
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t3 = _t208 + 0x10; // 0x2d
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t208 + 0x38)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t208 + 0x3c)) = 0xf;
                                                                                                                                                                                                                                                        						 *((char*)(_t208 + 0x28)) = 0;
                                                                                                                                                                                                                                                        						_t107 = E00BBDF30(_t144, _t3, _t196);
                                                                                                                                                                                                                                                        						_push(0x5c);
                                                                                                                                                                                                                                                        						_push(_t208);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t237 = _t237 + 8;
                                                                                                                                                                                                                                                        						_t208 = _t146;
                                                                                                                                                                                                                                                        					} while (_t146 !=  *_t218);
                                                                                                                                                                                                                                                        					L11:
                                                                                                                                                                                                                                                        					_push(0x5c);
                                                                                                                                                                                                                                                        					_push(_t146);
                                                                                                                                                                                                                                                        					L00BEF6C6();
                                                                                                                                                                                                                                                        					return _t107;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L49:
                                                                                                                                                                                                                                                        			}





























































































                                                                                                                                                                                                                                                        0x00bd5ac0
                                                                                                                                                                                                                                                        0x00bd5ad1
                                                                                                                                                                                                                                                        0x00bd5ad6
                                                                                                                                                                                                                                                        0x00bd5ad7
                                                                                                                                                                                                                                                        0x00bd5ad9
                                                                                                                                                                                                                                                        0x00bd5adb
                                                                                                                                                                                                                                                        0x00bd5add
                                                                                                                                                                                                                                                        0x00bd5adf
                                                                                                                                                                                                                                                        0x00bd5ae2
                                                                                                                                                                                                                                                        0x00bd5aeb
                                                                                                                                                                                                                                                        0x00bd5af1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5aed
                                                                                                                                                                                                                                                        0x00bd5aed
                                                                                                                                                                                                                                                        0x00bd5b2b
                                                                                                                                                                                                                                                        0x00bd5b2b
                                                                                                                                                                                                                                                        0x00bd5b2e
                                                                                                                                                                                                                                                        0x00bd5b33
                                                                                                                                                                                                                                                        0x00bd5b69
                                                                                                                                                                                                                                                        0x00bd5b6c
                                                                                                                                                                                                                                                        0x00bd5b6f
                                                                                                                                                                                                                                                        0x00bd5b75
                                                                                                                                                                                                                                                        0x00bd5bad
                                                                                                                                                                                                                                                        0x00bd5bb3
                                                                                                                                                                                                                                                        0x00bd5bb5
                                                                                                                                                                                                                                                        0x00bd5bb8
                                                                                                                                                                                                                                                        0x00bd5bbb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5bbd
                                                                                                                                                                                                                                                        0x00bd5bbd
                                                                                                                                                                                                                                                        0x00bd5bc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5bc3
                                                                                                                                                                                                                                                        0x00bd5b77
                                                                                                                                                                                                                                                        0x00bd5b77
                                                                                                                                                                                                                                                        0x00bd5b77
                                                                                                                                                                                                                                                        0x00bd5b78
                                                                                                                                                                                                                                                        0x00bd5b79
                                                                                                                                                                                                                                                        0x00bd5b7e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b7e
                                                                                                                                                                                                                                                        0x00bd5b35
                                                                                                                                                                                                                                                        0x00bd5b35
                                                                                                                                                                                                                                                        0x00bd5b35
                                                                                                                                                                                                                                                        0x00bd5b3c
                                                                                                                                                                                                                                                        0x00bd5b43
                                                                                                                                                                                                                                                        0x00bd5b47
                                                                                                                                                                                                                                                        0x00bd5b4d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b4f
                                                                                                                                                                                                                                                        0x00bd5b4f
                                                                                                                                                                                                                                                        0x00bd5b52
                                                                                                                                                                                                                                                        0x00bd5b5b
                                                                                                                                                                                                                                                        0x00bd5b93
                                                                                                                                                                                                                                                        0x00bd5b99
                                                                                                                                                                                                                                                        0x00bd5b9b
                                                                                                                                                                                                                                                        0x00bd5b9e
                                                                                                                                                                                                                                                        0x00bd5ba1
                                                                                                                                                                                                                                                        0x00bd5bc7
                                                                                                                                                                                                                                                        0x00bd5bc7
                                                                                                                                                                                                                                                        0x00bd5bcd
                                                                                                                                                                                                                                                        0x00bd5bce
                                                                                                                                                                                                                                                        0x00bd5bcf
                                                                                                                                                                                                                                                        0x00bd5bd0
                                                                                                                                                                                                                                                        0x00bd5bd1
                                                                                                                                                                                                                                                        0x00bd5bd3
                                                                                                                                                                                                                                                        0x00bd5bd4
                                                                                                                                                                                                                                                        0x00bd5bd5
                                                                                                                                                                                                                                                        0x00bd5bd9
                                                                                                                                                                                                                                                        0x00bd5bdb
                                                                                                                                                                                                                                                        0x00bd5be4
                                                                                                                                                                                                                                                        0x00bd5be7
                                                                                                                                                                                                                                                        0x00bd5bec
                                                                                                                                                                                                                                                        0x00bd5bf2
                                                                                                                                                                                                                                                        0x00bd5bf9
                                                                                                                                                                                                                                                        0x00bd5c00
                                                                                                                                                                                                                                                        0x00bd5c06
                                                                                                                                                                                                                                                        0x00bd5c0d
                                                                                                                                                                                                                                                        0x00bd5c14
                                                                                                                                                                                                                                                        0x00bd5c18
                                                                                                                                                                                                                                                        0x00bd5c1f
                                                                                                                                                                                                                                                        0x00bd5c26
                                                                                                                                                                                                                                                        0x00bd5c2a
                                                                                                                                                                                                                                                        0x00bd5c30
                                                                                                                                                                                                                                                        0x00bd5c37
                                                                                                                                                                                                                                                        0x00bd5c41
                                                                                                                                                                                                                                                        0x00bd5c4b
                                                                                                                                                                                                                                                        0x00bd5c50
                                                                                                                                                                                                                                                        0x00bd5c60
                                                                                                                                                                                                                                                        0x00bd5c61
                                                                                                                                                                                                                                                        0x00bd5c66
                                                                                                                                                                                                                                                        0x00bd5c69
                                                                                                                                                                                                                                                        0x00bd5c6d
                                                                                                                                                                                                                                                        0x00bd5c70
                                                                                                                                                                                                                                                        0x00bd5c73
                                                                                                                                                                                                                                                        0x00bd5cbf
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc5
                                                                                                                                                                                                                                                        0x00bd5ccb
                                                                                                                                                                                                                                                        0x00bd5cf3
                                                                                                                                                                                                                                                        0x00bd5cf9
                                                                                                                                                                                                                                                        0x00bd5cfb
                                                                                                                                                                                                                                                        0x00bd5cfe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d00
                                                                                                                                                                                                                                                        0x00bd5d03
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5cce
                                                                                                                                                                                                                                                        0x00bd5ccf
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c7c
                                                                                                                                                                                                                                                        0x00bd5c83
                                                                                                                                                                                                                                                        0x00bd5c87
                                                                                                                                                                                                                                                        0x00bd5c8a
                                                                                                                                                                                                                                                        0x00bd5c8d
                                                                                                                                                                                                                                                        0x00bd5cd9
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdf
                                                                                                                                                                                                                                                        0x00bd5ce5
                                                                                                                                                                                                                                                        0x00bd5d09
                                                                                                                                                                                                                                                        0x00bd5d0f
                                                                                                                                                                                                                                                        0x00bd5d11
                                                                                                                                                                                                                                                        0x00bd5d14
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d25
                                                                                                                                                                                                                                                        0x00bd5d26
                                                                                                                                                                                                                                                        0x00bd5d27
                                                                                                                                                                                                                                                        0x00bd5d28
                                                                                                                                                                                                                                                        0x00bd5d29
                                                                                                                                                                                                                                                        0x00bd5d2a
                                                                                                                                                                                                                                                        0x00bd5d2b
                                                                                                                                                                                                                                                        0x00bd5d2c
                                                                                                                                                                                                                                                        0x00bd5d2d
                                                                                                                                                                                                                                                        0x00bd5d2e
                                                                                                                                                                                                                                                        0x00bd5d2f
                                                                                                                                                                                                                                                        0x00bd5d30
                                                                                                                                                                                                                                                        0x00bd5d31
                                                                                                                                                                                                                                                        0x00bd5d33
                                                                                                                                                                                                                                                        0x00bd5d34
                                                                                                                                                                                                                                                        0x00bd5d3a
                                                                                                                                                                                                                                                        0x00bd5d43
                                                                                                                                                                                                                                                        0x00bd5d48
                                                                                                                                                                                                                                                        0x00bd5d4e
                                                                                                                                                                                                                                                        0x00bd5d55
                                                                                                                                                                                                                                                        0x00bd5d5c
                                                                                                                                                                                                                                                        0x00bd5d62
                                                                                                                                                                                                                                                        0x00bd5d69
                                                                                                                                                                                                                                                        0x00bd5d70
                                                                                                                                                                                                                                                        0x00bd5d74
                                                                                                                                                                                                                                                        0x00bd5d7b
                                                                                                                                                                                                                                                        0x00bd5d82
                                                                                                                                                                                                                                                        0x00bd5d86
                                                                                                                                                                                                                                                        0x00bd5d8e
                                                                                                                                                                                                                                                        0x00bd5d9a
                                                                                                                                                                                                                                                        0x00bd5d9f
                                                                                                                                                                                                                                                        0x00bd5db1
                                                                                                                                                                                                                                                        0x00bd5db2
                                                                                                                                                                                                                                                        0x00bd5db7
                                                                                                                                                                                                                                                        0x00bd5dba
                                                                                                                                                                                                                                                        0x00bd5dbd
                                                                                                                                                                                                                                                        0x00bd5dc0
                                                                                                                                                                                                                                                        0x00bd5e0b
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e11
                                                                                                                                                                                                                                                        0x00bd5e17
                                                                                                                                                                                                                                                        0x00bd5e3f
                                                                                                                                                                                                                                                        0x00bd5e45
                                                                                                                                                                                                                                                        0x00bd5e47
                                                                                                                                                                                                                                                        0x00bd5e4a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e4c
                                                                                                                                                                                                                                                        0x00bd5e4f
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e1a
                                                                                                                                                                                                                                                        0x00bd5e1b
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc9
                                                                                                                                                                                                                                                        0x00bd5dd0
                                                                                                                                                                                                                                                        0x00bd5dd4
                                                                                                                                                                                                                                                        0x00bd5dd7
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5e25
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e2b
                                                                                                                                                                                                                                                        0x00bd5e31
                                                                                                                                                                                                                                                        0x00bd5e55
                                                                                                                                                                                                                                                        0x00bd5e5b
                                                                                                                                                                                                                                                        0x00bd5e5d
                                                                                                                                                                                                                                                        0x00bd5e60
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e71
                                                                                                                                                                                                                                                        0x00bd5e72
                                                                                                                                                                                                                                                        0x00bd5e73
                                                                                                                                                                                                                                                        0x00bd5e74
                                                                                                                                                                                                                                                        0x00bd5e75
                                                                                                                                                                                                                                                        0x00bd5e76
                                                                                                                                                                                                                                                        0x00bd5e77
                                                                                                                                                                                                                                                        0x00bd5e78
                                                                                                                                                                                                                                                        0x00bd5e79
                                                                                                                                                                                                                                                        0x00bd5e7a
                                                                                                                                                                                                                                                        0x00bd5e7b
                                                                                                                                                                                                                                                        0x00bd5e7c
                                                                                                                                                                                                                                                        0x00bd5e7d
                                                                                                                                                                                                                                                        0x00bd5e7e
                                                                                                                                                                                                                                                        0x00bd5e7f
                                                                                                                                                                                                                                                        0x00bd5e80
                                                                                                                                                                                                                                                        0x00bd5e81
                                                                                                                                                                                                                                                        0x00bd5e83
                                                                                                                                                                                                                                                        0x00bd5e84
                                                                                                                                                                                                                                                        0x00bd5e85
                                                                                                                                                                                                                                                        0x00bd5e86
                                                                                                                                                                                                                                                        0x00bd5e89
                                                                                                                                                                                                                                                        0x00bd5e8e
                                                                                                                                                                                                                                                        0x00bd5e92
                                                                                                                                                                                                                                                        0x00bd5e95
                                                                                                                                                                                                                                                        0x00bd5e99
                                                                                                                                                                                                                                                        0x00bd5eaf
                                                                                                                                                                                                                                                        0x00bd5eb1
                                                                                                                                                                                                                                                        0x00bd5eb6
                                                                                                                                                                                                                                                        0x00bd5eb8
                                                                                                                                                                                                                                                        0x00bd5eb9
                                                                                                                                                                                                                                                        0x00bd5ec8
                                                                                                                                                                                                                                                        0x00bd5ecd
                                                                                                                                                                                                                                                        0x00bd5ecf
                                                                                                                                                                                                                                                        0x00bd5ed2
                                                                                                                                                                                                                                                        0x00bd5ed7
                                                                                                                                                                                                                                                        0x00bd5ed9
                                                                                                                                                                                                                                                        0x00bd5ee0
                                                                                                                                                                                                                                                        0x00bd5ee7
                                                                                                                                                                                                                                                        0x00bd5eed
                                                                                                                                                                                                                                                        0x00bd5ef2
                                                                                                                                                                                                                                                        0x00bd5ef5
                                                                                                                                                                                                                                                        0x00bd5ef7
                                                                                                                                                                                                                                                        0x00bd5f09
                                                                                                                                                                                                                                                        0x00bd5f0d
                                                                                                                                                                                                                                                        0x00bd5f10
                                                                                                                                                                                                                                                        0x00bd5f15
                                                                                                                                                                                                                                                        0x00bd5f17
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5f1e
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5efc
                                                                                                                                                                                                                                                        0x00bd5efd
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5e9e
                                                                                                                                                                                                                                                        0x00bd5ea0
                                                                                                                                                                                                                                                        0x00bd5eae
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e65
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e34
                                                                                                                                                                                                                                                        0x00bd5e35
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddf
                                                                                                                                                                                                                                                        0x00bd5de6
                                                                                                                                                                                                                                                        0x00bd5ded
                                                                                                                                                                                                                                                        0x00bd5df1
                                                                                                                                                                                                                                                        0x00bd5df9
                                                                                                                                                                                                                                                        0x00bd5dfb
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d19
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce8
                                                                                                                                                                                                                                                        0x00bd5ce9
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c92
                                                                                                                                                                                                                                                        0x00bd5c99
                                                                                                                                                                                                                                                        0x00bd5ca0
                                                                                                                                                                                                                                                        0x00bd5ca4
                                                                                                                                                                                                                                                        0x00bd5cac
                                                                                                                                                                                                                                                        0x00bd5cae
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5c8d
                                                                                                                                                                                                                                                        0x00bd5ba3
                                                                                                                                                                                                                                                        0x00bd5ba3
                                                                                                                                                                                                                                                        0x00bd5ba9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5ba9
                                                                                                                                                                                                                                                        0x00bd5b5d
                                                                                                                                                                                                                                                        0x00bd5b5d
                                                                                                                                                                                                                                                        0x00bd5b5d
                                                                                                                                                                                                                                                        0x00bd5b5e
                                                                                                                                                                                                                                                        0x00bd5b5f
                                                                                                                                                                                                                                                        0x00bd5b64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b64
                                                                                                                                                                                                                                                        0x00bd5b5b
                                                                                                                                                                                                                                                        0x00bd5b4d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b00
                                                                                                                                                                                                                                                        0x00bd5b00
                                                                                                                                                                                                                                                        0x00bd5b03
                                                                                                                                                                                                                                                        0x00bd5b0a
                                                                                                                                                                                                                                                        0x00bd5b11
                                                                                                                                                                                                                                                        0x00bd5b15
                                                                                                                                                                                                                                                        0x00bd5b1a
                                                                                                                                                                                                                                                        0x00bd5b1c
                                                                                                                                                                                                                                                        0x00bd5b1d
                                                                                                                                                                                                                                                        0x00bd5b22
                                                                                                                                                                                                                                                        0x00bd5b27
                                                                                                                                                                                                                                                        0x00bd5b27
                                                                                                                                                                                                                                                        0x00bd5b83
                                                                                                                                                                                                                                                        0x00bd5b83
                                                                                                                                                                                                                                                        0x00bd5b85
                                                                                                                                                                                                                                                        0x00bd5b86
                                                                                                                                                                                                                                                        0x00bd5b92
                                                                                                                                                                                                                                                        0x00bd5b92
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(0000001D,0000005C), ref: 00BD5B1D
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5B5F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(0000001D,?,00000000,?,0000001D,?,?,00BE5896,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD5B79
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(0000001D,0000005C,00000000,?,0000001D,?,?,00BE5896,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD5B86
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,?,0000001D,?,?,00BE5896,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD5BC7
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 417036301-0
                                                                                                                                                                                                                                                        • Opcode ID: 33c219f3360e67b87da13ff37cd6a4f4c2453be0ededc235443d61569a548fc5
                                                                                                                                                                                                                                                        • Instruction ID: 82b5924cd52322402afbaaa0cf54e3f146a0a19ad17c8bc09029a8815749a0d2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33c219f3360e67b87da13ff37cd6a4f4c2453be0ededc235443d61569a548fc5
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1931D371200A46AFD724DF24CCC4B79BBE2FB85314F2446ABE1064BB91E772A850CB94
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 67%
                                                                                                                                                                                                                                                        			E00BCD5E0(void*** __esi, void* __eflags, struct _CRITICAL_SECTION* _a4, struct _CRITICAL_SECTION* _a8, intOrPtr _a12, intOrPtr _a16, struct _CRITICAL_SECTION* _a20, intOrPtr _a24, struct _CRITICAL_SECTION _a28) {
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v4;
                                                                                                                                                                                                                                                        				intOrPtr _v8;
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v28;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v32;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				void* _t230;
                                                                                                                                                                                                                                                        				signed int _t233;
                                                                                                                                                                                                                                                        				void** _t257;
                                                                                                                                                                                                                                                        				long _t273;
                                                                                                                                                                                                                                                        				signed int _t276;
                                                                                                                                                                                                                                                        				void*** _t279;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				L0:
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					L0:
                                                                                                                                                                                                                                                        					_t279 = __esi;
                                                                                                                                                                                                                                                        					__esi[0x10] = __esi[0xb];
                                                                                                                                                                                                                                                        					E00BCD780( &(__esi[0xe]),  &(__esi[0x10]));
                                                                                                                                                                                                                                                        					if(__esi[4] == 0) {
                                                                                                                                                                                                                                                        						ResetEvent( *(__esi + 0x24));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						L55:
                                                                                                                                                                                                                                                        						_t279[4] =  &(_t279[4][0]);
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_t279[0xd] = 0;
                                                                                                                                                                                                                                                        							_t279[0xc] = 0;
                                                                                                                                                                                                                                                        							_t279[0xb] = 0;
                                                                                                                                                                                                                                                        							if(GetQueuedCompletionStatus(_t279[7],  &(_t279[0xd]),  &(_t279[0xc]),  &(_t279[0xb]), 0xffffffff) == 0) {
                                                                                                                                                                                                                                                        								break;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L5:
                                                                                                                                                                                                                                                        							_t273 = _t279[0xc];
                                                                                                                                                                                                                                                        							if(_t273 >= 7) {
                                                                                                                                                                                                                                                        								L49:
                                                                                                                                                                                                                                                        								_t257 = _t279[1];
                                                                                                                                                                                                                                                        								_t230 =  *_t257;
                                                                                                                                                                                                                                                        								if(_t230 == _t257) {
                                                                                                                                                                                                                                                        									L52:
                                                                                                                                                                                                                                                        									_push("false");
                                                                                                                                                                                                                                                        									E00BC1FF0( &(_t279[0x10]), "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc", 0x102);
                                                                                                                                                                                                                                                        									E00BC20C0();
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L50:
                                                                                                                                                                                                                                                        									while( *((intOrPtr*)(_t230 + 8)) != _t273) {
                                                                                                                                                                                                                                                        										_t230 =  *_t230;
                                                                                                                                                                                                                                                        										if(_t230 != _t279[1]) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L52;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L53;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L53:
                                                                                                                                                                                                                                                        								_t233 = _t279[0xd] + 0xfffffffd;
                                                                                                                                                                                                                                                        								if(_t233 > 6) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L54:
                                                                                                                                                                                                                                                        									switch( *((intOrPtr*)(_t233 * 4 +  &M00BF1294))) {
                                                                                                                                                                                                                                                        										case 0:
                                                                                                                                                                                                                                                        											L55:
                                                                                                                                                                                                                                                        											_t279[4] =  &(_t279[4][0]);
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 1:
                                                                                                                                                                                                                                                        											L78:
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        											__ebx =  *__eax;
                                                                                                                                                                                                                                                        											if(__ebx == __eax) {
                                                                                                                                                                                                                                                        												L84:
                                                                                                                                                                                                                                                        												__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        												 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        												if( *(__esi + 0xc) == __ebx) {
                                                                                                                                                                                                                                                        													goto L102;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L85;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L79:
                                                                                                                                                                                                                                                        												__eax =  *__edi;
                                                                                                                                                                                                                                                        												__edi = __ebx;
                                                                                                                                                                                                                                                        												 *(__esi + 8) = __ebx;
                                                                                                                                                                                                                                                        												 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L80:
                                                                                                                                                                                                                                                        													__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        													__ecx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        													__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        													__edi =  *__ecx;
                                                                                                                                                                                                                                                        													if( *__eax ==  *(__esi + 0xc)) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L81:
                                                                                                                                                                                                                                                        													 *(__esi + 8) = __edi;
                                                                                                                                                                                                                                                        													if(__edi !=  *(__esi + 4)) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L82:
                                                                                                                                                                                                                                                        														 *(__esi + 0xc) = __ebx;
                                                                                                                                                                                                                                                        														__ebx = __edi;
                                                                                                                                                                                                                                                        														if( *(__esi + 0xc) != __ebx) {
                                                                                                                                                                                                                                                        															L85:
                                                                                                                                                                                                                                                        															if(__ebx !=  *(__esi + 4)) {
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	L88:
                                                                                                                                                                                                                                                        																	__edi =  *__ebx;
                                                                                                                                                                                                                                                        																	__eax =  *(__ebx + 4);
                                                                                                                                                                                                                                                        																	 *( *(__ebx + 4)) = __edi;
                                                                                                                                                                                                                                                        																	__eax =  *__ebx;
                                                                                                                                                                                                                                                        																	__ecx =  *(__ebx + 4);
                                                                                                                                                                                                                                                        																	 *(__eax + 4) =  *(__ebx + 4);
                                                                                                                                                                                                                                                        																	__ecx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        																	if(__ecx != 0) {
                                                                                                                                                                                                                                                        																		__eax = E00BCEC80(__ecx);
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	 *(__esi + 0x18) =  *(__esi + 0x18) - 1;
                                                                                                                                                                                                                                                        																	_push(0xc);
                                                                                                                                                                                                                                                        																	_push(__ebx);
                                                                                                                                                                                                                                                        																	L00BEF6C6();
                                                                                                                                                                                                                                                        																	__esp = __esp + 8;
                                                                                                                                                                                                                                                        																	__ebx = __edi;
                                                                                                                                                                                                                                                        																} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L83:
                                                                                                                                                                                                                                                        															L102:
                                                                                                                                                                                                                                                        															__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        															 *(__esi + 0x18) = 0;
                                                                                                                                                                                                                                                        															 *__eax = __eax;
                                                                                                                                                                                                                                                        															 *(__eax + 4) = __eax;
                                                                                                                                                                                                                                                        															if( *(__esi + 0xc) != __eax) {
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	L105:
                                                                                                                                                                                                                                                        																	__eax =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        																	__ecx =  *(__eax + 8);
                                                                                                                                                                                                                                                        																	__edi =  *__eax;
                                                                                                                                                                                                                                                        																	if(__ecx != 0) {
                                                                                                                                                                                                                                                        																		__eax = E00BCEC80(__ecx);
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_push(0xc);
                                                                                                                                                                                                                                                        																	_push( *(__esi + 0xc));
                                                                                                                                                                                                                                                        																	L00BEF6C6();
                                                                                                                                                                                                                                                        																	__esp = __esp + 8;
                                                                                                                                                                                                                                                        																	 *(__esi + 0xc) = __edi;
                                                                                                                                                                                                                                                        																} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L13;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L92:
                                                                                                                                                                                                                                                        												if(__edi !=  *(__esi + 4)) {
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														L96:
                                                                                                                                                                                                                                                        														__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        														__ecx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        														if( *__eax != __ecx) {
                                                                                                                                                                                                                                                        															if(__edi !=  *(__esi + 8)) {
                                                                                                                                                                                                                                                        																__edx =  *(__esi + 8);
                                                                                                                                                                                                                                                        																 *(__edi + 8) = 0;
                                                                                                                                                                                                                                                        																__ecx =  *(__edx + 8);
                                                                                                                                                                                                                                                        																 *(__edx + 8) = __eax;
                                                                                                                                                                                                                                                        																if(__ecx != 0) {
                                                                                                                                                                                                                                                        																	__eax = E00BCEC80(__ecx);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															 *(__esi + 8) =  *( *(__esi + 8));
                                                                                                                                                                                                                                                        															 *(__esi + 8) =  *( *(__esi + 8));
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__edi =  *__edi;
                                                                                                                                                                                                                                                        													} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        													__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        													__eax =  *( *(__esi + 4));
                                                                                                                                                                                                                                                        													 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L93:
                                                                                                                                                                                                                                                        													 *(__esi + 0xc) = __ebx;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L101:
                                                                                                                                                                                                                                                        												__ebx =  *(__esi + 8);
                                                                                                                                                                                                                                                        												if( *(__esi + 0xc) != __ebx) {
                                                                                                                                                                                                                                                        													goto L85;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L102;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 2:
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 3:
                                                                                                                                                                                                                                                        											goto L0;
                                                                                                                                                                                                                                                        										case 4:
                                                                                                                                                                                                                                                        											L107:
                                                                                                                                                                                                                                                        											__edi =  *(__esi + 0x28);
                                                                                                                                                                                                                                                        											EnterCriticalSection(__edi);
                                                                                                                                                                                                                                                        											__ecx = _a8;
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											__ebx = __esi + 0x40;
                                                                                                                                                                                                                                                        											__edx = __ebx;
                                                                                                                                                                                                                                                        											__ecx = _a8 + 0x14;
                                                                                                                                                                                                                                                        											 *(__esi + 0x40) =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											__eax = E00BCD800(_a8 + 0x14, __ebx);
                                                                                                                                                                                                                                                        											LeaveCriticalSection(__edi);
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											__ecx = __esi + 0x38;
                                                                                                                                                                                                                                                        											__edx = __ebx;
                                                                                                                                                                                                                                                        											 *(__esi + 0x40) =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											__eax = E00BCD800(__ecx, __edx);
                                                                                                                                                                                                                                                        											_t177 = __esi + 0x10;
                                                                                                                                                                                                                                                        											 *_t177 =  *(__esi + 0x10) - 1;
                                                                                                                                                                                                                                                        											if( *_t177 == 0) {
                                                                                                                                                                                                                                                        												__eax = SetEvent( *(__esi + 0x24));
                                                                                                                                                                                                                                                        												 *(__esi + 0x10) = 0;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 5:
                                                                                                                                                                                                                                                        											L77:
                                                                                                                                                                                                                                                        											_push(0x1b64);
                                                                                                                                                                                                                                                        											_push( *__edi);
                                                                                                                                                                                                                                                        											__imp__TerminateJobObject();
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 6:
                                                                                                                                                                                                                                                        											L118:
                                                                                                                                                                                                                                                        											_push(__ebp);
                                                                                                                                                                                                                                                        											__ebp = __esp;
                                                                                                                                                                                                                                                        											_push(__ebx);
                                                                                                                                                                                                                                                        											_push(__edi);
                                                                                                                                                                                                                                                        											_push(__esi);
                                                                                                                                                                                                                                                        											_push(__eax);
                                                                                                                                                                                                                                                        											__edi =  *(__ecx + 4);
                                                                                                                                                                                                                                                        											__ebx =  *(__ecx + 8);
                                                                                                                                                                                                                                                        											if(__edi == __ebx) {
                                                                                                                                                                                                                                                        												L122:
                                                                                                                                                                                                                                                        												__eax = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L119:
                                                                                                                                                                                                                                                        												__esi = _a4;
                                                                                                                                                                                                                                                        												_v20 = __ecx;
                                                                                                                                                                                                                                                        												asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L120:
                                                                                                                                                                                                                                                        													_push(0x28);
                                                                                                                                                                                                                                                        													_push(__esi);
                                                                                                                                                                                                                                                        													_push(__edi);
                                                                                                                                                                                                                                                        													L00BEF76E();
                                                                                                                                                                                                                                                        													__esp = __esp + 0xc;
                                                                                                                                                                                                                                                        													if(__eax == 0) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L121:
                                                                                                                                                                                                                                                        													__edi = __edi + 0x2c;
                                                                                                                                                                                                                                                        													if(__ebx != __edi) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L122;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L123;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L124:
                                                                                                                                                                                                                                                        												__eax =  *(__edi + 0x28);
                                                                                                                                                                                                                                                        												__ecx = _a8;
                                                                                                                                                                                                                                                        												 *_a8 =  *(__edi + 0x28);
                                                                                                                                                                                                                                                        												__eax = _v20;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L123:
                                                                                                                                                                                                                                                        											__esp = __esp + 4;
                                                                                                                                                                                                                                                        											_pop(__esi);
                                                                                                                                                                                                                                                        											_pop(__edi);
                                                                                                                                                                                                                                                        											_pop(__ebx);
                                                                                                                                                                                                                                                        											_pop(__ebp);
                                                                                                                                                                                                                                                        											return __eax;
                                                                                                                                                                                                                                                        										case 7:
                                                                                                                                                                                                                                                        											L142:
                                                                                                                                                                                                                                                        											return __imp___purecall();
                                                                                                                                                                                                                                                        										case 8:
                                                                                                                                                                                                                                                        											L125:
                                                                                                                                                                                                                                                        											asm("ud2");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											_push(__ebp);
                                                                                                                                                                                                                                                        											__ebp = __esp;
                                                                                                                                                                                                                                                        											_push(__esi);
                                                                                                                                                                                                                                                        											__esi = __ecx;
                                                                                                                                                                                                                                                        											__ecx =  *__ecx;
                                                                                                                                                                                                                                                        											if(__ecx == 0) {
                                                                                                                                                                                                                                                        												L129:
                                                                                                                                                                                                                                                        												_pop(__esi);
                                                                                                                                                                                                                                                        												_pop(__ebp);
                                                                                                                                                                                                                                                        												return __eax;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L127:
                                                                                                                                                                                                                                                        												__eax =  *(__esi + 8);
                                                                                                                                                                                                                                                        												__eax =  *(__esi + 8) - __ecx;
                                                                                                                                                                                                                                                        												if(__eax >= 0x1000) {
                                                                                                                                                                                                                                                        													L130:
                                                                                                                                                                                                                                                        													__edx =  *(__ecx - 4);
                                                                                                                                                                                                                                                        													__ecx = __ecx - __edx;
                                                                                                                                                                                                                                                        													__ecx = __ecx + 0xfffffffc;
                                                                                                                                                                                                                                                        													if(__ecx >= 0x20) {
                                                                                                                                                                                                                                                        														L132:
                                                                                                                                                                                                                                                        														__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														_push(__ebp);
                                                                                                                                                                                                                                                        														__ebp = __esp;
                                                                                                                                                                                                                                                        														_push(__ebx);
                                                                                                                                                                                                                                                        														_push(__edi);
                                                                                                                                                                                                                                                        														_push(__esi);
                                                                                                                                                                                                                                                        														__esp = __esp - 0x14;
                                                                                                                                                                                                                                                        														__eax =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        														__edx = _v0;
                                                                                                                                                                                                                                                        														__edi = _a4;
                                                                                                                                                                                                                                                        														__esi = __ecx;
                                                                                                                                                                                                                                                        														_v32 = __eax;
                                                                                                                                                                                                                                                        														__eax = _a8;
                                                                                                                                                                                                                                                        														__ebx =  *__ecx;
                                                                                                                                                                                                                                                        														_push(_a16);
                                                                                                                                                                                                                                                        														_push(_a12);
                                                                                                                                                                                                                                                        														_push(_a8);
                                                                                                                                                                                                                                                        														_push(_a4);
                                                                                                                                                                                                                                                        														_push(__edx);
                                                                                                                                                                                                                                                        														_push(_v4);
                                                                                                                                                                                                                                                        														_push(_v8);
                                                                                                                                                                                                                                                        														__eax =  *((intOrPtr*)( *__ecx + 0x14))();
                                                                                                                                                                                                                                                        														if(__eax < 0) {
                                                                                                                                                                                                                                                        															__edi = __eax;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															if( *(__esi + 0xc) == 0) {
                                                                                                                                                                                                                                                        																__edi = 0xc000000d;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																__ecx = __esi;
                                                                                                                                                                                                                                                        																__ebx = _a20;
                                                                                                                                                                                                                                                        																__eax = E00BE11C0(__ebx, _a24,  *(__esi + 4),  *(__esi + 8));
                                                                                                                                                                                                                                                        																__edi = 0xc0000023;
                                                                                                                                                                                                                                                        																if(__al != 0) {
                                                                                                                                                                                                                                                        																	_v40 = 0;
                                                                                                                                                                                                                                                        																	_v36 = 0;
                                                                                                                                                                                                                                                        																	_v32 = 0;
                                                                                                                                                                                                                                                        																	_v28 = 0;
                                                                                                                                                                                                                                                        																	__ecx =  &_v40;
                                                                                                                                                                                                                                                        																	__eax = E00BE44A0( &_v40,  *(__esi + 0xc), 4, 4);
                                                                                                                                                                                                                                                        																	__edi = __eax;
                                                                                                                                                                                                                                                        																	if(__eax >= 0) {
                                                                                                                                                                                                                                                        																		__ecx = _a28;
                                                                                                                                                                                                                                                        																		__ebx = __ebx - _v0;
                                                                                                                                                                                                                                                        																		__eax =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        																		 *( *(__esi + 0xc)) = __ebx;
                                                                                                                                                                                                                                                        																		if(__ecx != 0) {
                                                                                                                                                                                                                                                        																			__eax =  *__esi;
                                                                                                                                                                                                                                                        																			__ebx = __ecx;
                                                                                                                                                                                                                                                        																			__ecx = __esi;
                                                                                                                                                                                                                                                        																			__eax =  *((intOrPtr*)( *__esi + 0x10))();
                                                                                                                                                                                                                                                        																			 *__ebx =  *__esi;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__ecx =  &_v40;
                                                                                                                                                                                                                                                        																	__eax = E00BE4500( &_v40);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__ecx = _v24;
                                                                                                                                                                                                                                                        														__ecx = _v24 ^ __ebp;
                                                                                                                                                                                                                                                        														E00BEECB0(_v24 ^ __ebp, __edx) = __edi;
                                                                                                                                                                                                                                                        														__esp = __esp + 0x14;
                                                                                                                                                                                                                                                        														_pop(__esi);
                                                                                                                                                                                                                                                        														_pop(__edi);
                                                                                                                                                                                                                                                        														_pop(__ebx);
                                                                                                                                                                                                                                                        														_pop(__ebp);
                                                                                                                                                                                                                                                        														return __edi;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L131:
                                                                                                                                                                                                                                                        														__eax = __eax + 0x23;
                                                                                                                                                                                                                                                        														__ecx = __edx;
                                                                                                                                                                                                                                                        														goto L128;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L128:
                                                                                                                                                                                                                                                        													_push(__eax);
                                                                                                                                                                                                                                                        													_push(__ecx);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													__esp = __esp + 8;
                                                                                                                                                                                                                                                        													 *__esi = 0;
                                                                                                                                                                                                                                                        													 *(__esi + 4) = 0;
                                                                                                                                                                                                                                                        													 *(__esi + 8) = 0;
                                                                                                                                                                                                                                                        													goto L129;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L143;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L6:
                                                                                                                                                                                                                                                        								_t276 = _t273 - 1;
                                                                                                                                                                                                                                                        								if(_t276 > 4) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L7:
                                                                                                                                                                                                                                                        									switch( *((intOrPtr*)(_t276 * 4 +  &M00BF1280))) {
                                                                                                                                                                                                                                                        										case 0:
                                                                                                                                                                                                                                                        											L57:
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											__ecx = __esi + 0x38;
                                                                                                                                                                                                                                                        											__edx = __esi + 0x40;
                                                                                                                                                                                                                                                        											 *(__esi + 8) = __eax;
                                                                                                                                                                                                                                                        											__eax = __eax + 8;
                                                                                                                                                                                                                                                        											__eax = E00BCECF0(__esi + 0x38, __edx, __eax);
                                                                                                                                                                                                                                                        											__ebx =  *(__esi + 4);
                                                                                                                                                                                                                                                        											__edi =  *(__ebx + 4);
                                                                                                                                                                                                                                                        											_push(0xc);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											__esp = __esp + 4;
                                                                                                                                                                                                                                                        											__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        											 *__eax = __ebx;
                                                                                                                                                                                                                                                        											 *(__eax + 4) = __edi;
                                                                                                                                                                                                                                                        											 *(__eax + 8) = __ecx;
                                                                                                                                                                                                                                                        											if( *(__esi + 0x18) == 0x15555554) {
                                                                                                                                                                                                                                                        												goto L71;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L58:
                                                                                                                                                                                                                                                        												__ecx =  *(__esi + 4);
                                                                                                                                                                                                                                                        												 *(__esi + 0x18) =  &( *(__esi + 0x18)->Internal);
                                                                                                                                                                                                                                                        												 *(__ecx + 4) = __eax;
                                                                                                                                                                                                                                                        												 *__edi = __eax;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 1:
                                                                                                                                                                                                                                                        											L8:
                                                                                                                                                                                                                                                        											_t277 = _t279[0xb];
                                                                                                                                                                                                                                                        											if(_t279[0xf] == 0) {
                                                                                                                                                                                                                                                        												SetEvent( *(_a8 + 8));
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L10:
                                                                                                                                                                                                                                                        											_t234 = _t279[7];
                                                                                                                                                                                                                                                        											_t254 =  &(_t277->OffsetHigh);
                                                                                                                                                                                                                                                        											_t277->hEvent = _t234;
                                                                                                                                                                                                                                                        											_push(8);
                                                                                                                                                                                                                                                        											_push(0xffffffff);
                                                                                                                                                                                                                                                        											_push(_t277);
                                                                                                                                                                                                                                                        											_push(E00BCD880);
                                                                                                                                                                                                                                                        											_push(_t277->Offset);
                                                                                                                                                                                                                                                        											_push(_t254);
                                                                                                                                                                                                                                                        											__imp__RegisterWaitForSingleObject();
                                                                                                                                                                                                                                                        											_t279[2] = _t277;
                                                                                                                                                                                                                                                        											if(_t234 == 0) {
                                                                                                                                                                                                                                                        												L72:
                                                                                                                                                                                                                                                        												 *_t254 = 0xffffffff;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L11:
                                                                                                                                                                                                                                                        											_t278 =  *_t279;
                                                                                                                                                                                                                                                        											_t254 =  *(_t278 + 4);
                                                                                                                                                                                                                                                        											_push(0xc);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											_t283 = _t283 + 4;
                                                                                                                                                                                                                                                        											 *_t234 = _t278;
                                                                                                                                                                                                                                                        											 *(_t234 + 4) = _t254;
                                                                                                                                                                                                                                                        											 *(_t234 + 8) = _t279[2];
                                                                                                                                                                                                                                                        											_t266 = _t279[5];
                                                                                                                                                                                                                                                        											if(_t266 == 0x15555554) {
                                                                                                                                                                                                                                                        												L71:
                                                                                                                                                                                                                                                        												_push("list<T> too long");
                                                                                                                                                                                                                                                        												L00BEF798();
                                                                                                                                                                                                                                                        												goto L72;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												 *(_t278 + 4) = _t234;
                                                                                                                                                                                                                                                        												 *_t254 = _t234;
                                                                                                                                                                                                                                                        												_t279[5] =  &(_t266[0]);
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 2:
                                                                                                                                                                                                                                                        											L15:
                                                                                                                                                                                                                                                        											__ebx =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											__edi =  *(__esi + 0x28);
                                                                                                                                                                                                                                                        											EnterCriticalSection(__edi);
                                                                                                                                                                                                                                                        											__eax = _a8;
                                                                                                                                                                                                                                                        											__edx = __ebx + 4;
                                                                                                                                                                                                                                                        											_t42 = __eax + 0x14; // 0x14
                                                                                                                                                                                                                                                        											__ecx = _t42;
                                                                                                                                                                                                                                                        											__eax = E00BCD800(__ecx, __ebx + 4);
                                                                                                                                                                                                                                                        											LeaveCriticalSection(__edi);
                                                                                                                                                                                                                                                        											_push( *(__ebx + 0xc));
                                                                                                                                                                                                                                                        											__imp__UnregisterWait();
                                                                                                                                                                                                                                                        											__eax =  *__esi;
                                                                                                                                                                                                                                                        											 *(__ebx + 0xc) = 0xffffffff;
                                                                                                                                                                                                                                                        											__edx =  *__eax;
                                                                                                                                                                                                                                                        											if(__edx == __eax) {
                                                                                                                                                                                                                                                        												L73:
                                                                                                                                                                                                                                                        												__ebx =  *__esi;
                                                                                                                                                                                                                                                        												if(__ebx != __edx) {
                                                                                                                                                                                                                                                        													goto L23;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L74:
                                                                                                                                                                                                                                                        													goto L35;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L16:
                                                                                                                                                                                                                                                        												__eax =  *(__ebx + 4);
                                                                                                                                                                                                                                                        												 *(__esi + 8) = __ebx;
                                                                                                                                                                                                                                                        												__ebx = __edx;
                                                                                                                                                                                                                                                        												__edi = __edx;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L17:
                                                                                                                                                                                                                                                        													__ecx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        													__ebx =  *__edi;
                                                                                                                                                                                                                                                        													if( *(__ecx + 4) == __eax) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L18:
                                                                                                                                                                                                                                                        													__edi = __ebx;
                                                                                                                                                                                                                                                        													if(__ebx !=  *__esi) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L19:
                                                                                                                                                                                                                                                        														__eax = __edx;
                                                                                                                                                                                                                                                        														__edx = __ebx;
                                                                                                                                                                                                                                                        														__ebx = __eax;
                                                                                                                                                                                                                                                        														if(__ebx != __edx) {
                                                                                                                                                                                                                                                        															L23:
                                                                                                                                                                                                                                                        															if(__edx !=  *__esi) {
                                                                                                                                                                                                                                                        																L24:
                                                                                                                                                                                                                                                        																__edi =  *__edx;
                                                                                                                                                                                                                                                        																__eax =  *(__edx + 4);
                                                                                                                                                                                                                                                        																 *( *(__edx + 4)) = __edi;
                                                                                                                                                                                                                                                        																__eax =  *__edx;
                                                                                                                                                                                                                                                        																__ecx =  *(__edx + 4);
                                                                                                                                                                                                                                                        																 *(__eax + 4) =  *(__edx + 4);
                                                                                                                                                                                                                                                        																__ecx =  *(__edx + 8);
                                                                                                                                                                                                                                                        																if(__ecx != 0) {
                                                                                                                                                                                                                                                        																	__ebx = __edx;
                                                                                                                                                                                                                                                        																	__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        																	__edx = __ebx;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																 *(__esi + 0x14) =  *(__esi + 0x14) - 1;
                                                                                                                                                                                                                                                        																_push(0xc);
                                                                                                                                                                                                                                                        																_push(__edx);
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																__esp = __esp + 8;
                                                                                                                                                                                                                                                        																if(__edi !=  *__esi) {
                                                                                                                                                                                                                                                        																	do {
                                                                                                                                                                                                                                                        																		L1:
                                                                                                                                                                                                                                                        																		_t255 =  *_t272;
                                                                                                                                                                                                                                                        																		 *((intOrPtr*)( *((intOrPtr*)(_t272 + 4)))) = _t255;
                                                                                                                                                                                                                                                        																		 *((intOrPtr*)( *_t272 + 4)) =  *((intOrPtr*)(_t272 + 4));
                                                                                                                                                                                                                                                        																		_t269 =  *((intOrPtr*)(_t272 + 8));
                                                                                                                                                                                                                                                        																		if( *((intOrPtr*)(_t272 + 8)) != 0) {
                                                                                                                                                                                                                                                        																			E00BCF040(_t269);
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		L2:
                                                                                                                                                                                                                                                        																		_t279[5] = _t279[5] - 1;
                                                                                                                                                                                                                                                        																		_push(0xc);
                                                                                                                                                                                                                                                        																		_push(_t272);
                                                                                                                                                                                                                                                        																		L00BEF6C6();
                                                                                                                                                                                                                                                        																		_t283 = _t283 + 8;
                                                                                                                                                                                                                                                        																		_t272 = _t255;
                                                                                                                                                                                                                                                        																	} while (_t255 !=  *_t279);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L76:
                                                                                                                                                                                                                                                        															L35:
                                                                                                                                                                                                                                                        															__eax =  *__esi;
                                                                                                                                                                                                                                                        															 *(__esi + 0x14) = 0;
                                                                                                                                                                                                                                                        															 *__eax = __eax;
                                                                                                                                                                                                                                                        															 *(__eax + 4) = __eax;
                                                                                                                                                                                                                                                        															if(__ebx != __eax) {
                                                                                                                                                                                                                                                        																L36:
                                                                                                                                                                                                                                                        																__ecx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        																__edi =  *__ebx;
                                                                                                                                                                                                                                                        																if(__ecx != 0) {
                                                                                                                                                                                                                                                        																	__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_push(0xc);
                                                                                                                                                                                                                                                        																_push(__ebx);
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																__esp = __esp + 8;
                                                                                                                                                                                                                                                        																if(__edi !=  *__esi) {
                                                                                                                                                                                                                                                        																	do {
                                                                                                                                                                                                                                                        																		L39:
                                                                                                                                                                                                                                                        																		__ecx =  *(__edi + 8);
                                                                                                                                                                                                                                                        																		__ebx =  *__edi;
                                                                                                                                                                                                                                                        																		if(__ecx != 0) {
                                                                                                                                                                                                                                                        																			__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_push(0xc);
                                                                                                                                                                                                                                                        																		_push(__edi);
                                                                                                                                                                                                                                                        																		L00BEF6C6();
                                                                                                                                                                                                                                                        																		__esp = __esp + 8;
                                                                                                                                                                                                                                                        																		__edi = __ebx;
                                                                                                                                                                                                                                                        																	} while (__ebx !=  *__esi);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L13;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L20:
                                                                                                                                                                                                                                                        												if(__ebx !=  *__esi) {
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														L28:
                                                                                                                                                                                                                                                        														__edx =  *(__ebx + 8);
                                                                                                                                                                                                                                                        														if( *(__edx + 4) != __eax) {
                                                                                                                                                                                                                                                        															if(__ebx != __edi) {
                                                                                                                                                                                                                                                        																 *(__ebx + 8) = 0;
                                                                                                                                                                                                                                                        																__ecx =  *(__edi + 8);
                                                                                                                                                                                                                                                        																 *(__edi + 8) = __edx;
                                                                                                                                                                                                                                                        																if(__ecx != 0) {
                                                                                                                                                                                                                                                        																	__eax = E00BCF040(__ecx);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															__edi =  *__edi;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__ebx =  *__ebx;
                                                                                                                                                                                                                                                        														__eax =  *__esi;
                                                                                                                                                                                                                                                        														if(__ebx == __eax) {
                                                                                                                                                                                                                                                        															break;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														L27:
                                                                                                                                                                                                                                                        														__eax =  *(__esi + 8);
                                                                                                                                                                                                                                                        														__eax =  *( *(__esi + 8) + 4);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L34:
                                                                                                                                                                                                                                                        													__ebx =  *__eax;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L21:
                                                                                                                                                                                                                                                        													__ebx = __edx;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L22:
                                                                                                                                                                                                                                                        												__edx = __edi;
                                                                                                                                                                                                                                                        												if(__ebx == __edx) {
                                                                                                                                                                                                                                                        													goto L35;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L23;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 3:
                                                                                                                                                                                                                                                        											L59:
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 0x2c);
                                                                                                                                                                                                                                                        											 *(__esi + 0xc) = __eax;
                                                                                                                                                                                                                                                        											_push(0x10);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											__esp = __esp + 4;
                                                                                                                                                                                                                                                        											__ecx =  *__esi;
                                                                                                                                                                                                                                                        											 *__eax = 0xbf1268;
                                                                                                                                                                                                                                                        											 *(__eax + 4) = 0;
                                                                                                                                                                                                                                                        											 *(__eax + 8) = 0;
                                                                                                                                                                                                                                                        											 *(__esi + 8) = __eax;
                                                                                                                                                                                                                                                        											 *(__eax + 0xc) = 0;
                                                                                                                                                                                                                                                        											__edi =  *__ecx;
                                                                                                                                                                                                                                                        											if(__edi != __ecx) {
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													L62:
                                                                                                                                                                                                                                                        													__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        													if( *__eax != 0) {
                                                                                                                                                                                                                                                        														 *(__esi + 0x20) = __esp;
                                                                                                                                                                                                                                                        														_push(__eax);
                                                                                                                                                                                                                                                        														__ebx = __esp;
                                                                                                                                                                                                                                                        														_push(4);
                                                                                                                                                                                                                                                        														L00BEF6BA();
                                                                                                                                                                                                                                                        														__esp = __esp + 4;
                                                                                                                                                                                                                                                        														__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        														__edx = __ebx;
                                                                                                                                                                                                                                                        														 *__eax = 0xbf1278;
                                                                                                                                                                                                                                                        														 *__ebx = __eax;
                                                                                                                                                                                                                                                        														__eax = E00BCD8A0( *(__esi + 8), __edx);
                                                                                                                                                                                                                                                        														__esp =  *(__esi + 0x20);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__edi =  *__edi;
                                                                                                                                                                                                                                                        												} while (__edi !=  *__esi);
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L64:
                                                                                                                                                                                                                                                        											__eax =  *(__esi + 4);
                                                                                                                                                                                                                                                        											__edi =  *__eax;
                                                                                                                                                                                                                                                        											if(__edi != __eax) {
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													L67:
                                                                                                                                                                                                                                                        													__eax =  *(__edi + 8);
                                                                                                                                                                                                                                                        													if( *(__eax + 4) != 0) {
                                                                                                                                                                                                                                                        														 *(__esi + 0x20) = __esp;
                                                                                                                                                                                                                                                        														_push(__eax);
                                                                                                                                                                                                                                                        														__ebx = __esp;
                                                                                                                                                                                                                                                        														_push(4);
                                                                                                                                                                                                                                                        														L00BEF6BA();
                                                                                                                                                                                                                                                        														__esp = __esp + 4;
                                                                                                                                                                                                                                                        														__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        														__edx = __ebx;
                                                                                                                                                                                                                                                        														 *__eax = 0xbf1278;
                                                                                                                                                                                                                                                        														 *__ebx = __eax;
                                                                                                                                                                                                                                                        														__eax = E00BCD8A0( *(__esi + 8), __edx);
                                                                                                                                                                                                                                                        														__esp =  *(__esi + 0x20);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__edi =  *__edi;
                                                                                                                                                                                                                                                        												} while (__edi !=  *(__esi + 4));
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L69:
                                                                                                                                                                                                                                                        											__edi = __esp;
                                                                                                                                                                                                                                                        											_push(__eax);
                                                                                                                                                                                                                                                        											__ecx =  *(__esi + 8);
                                                                                                                                                                                                                                                        											__ebx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        											__eax = __esp;
                                                                                                                                                                                                                                                        											 *__esp =  *(__esi + 8);
                                                                                                                                                                                                                                                        											__ecx = __ebx;
                                                                                                                                                                                                                                                        											__eax =  *__ebx;
                                                                                                                                                                                                                                                        											__eax =  *( *__ebx)();
                                                                                                                                                                                                                                                        											__esp = __edi;
                                                                                                                                                                                                                                                        											if(__ebx != 0) {
                                                                                                                                                                                                                                                        												__ecx =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        												__eax =  *__ecx;
                                                                                                                                                                                                                                                        												_push(1);
                                                                                                                                                                                                                                                        												__eax =  *((intOrPtr*)( *__ecx + 8))();
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										case 4:
                                                                                                                                                                                                                                                        											L44:
                                                                                                                                                                                                                                                        											__eax =  *__esi;
                                                                                                                                                                                                                                                        											__edi = 0;
                                                                                                                                                                                                                                                        											__ebx =  *__eax;
                                                                                                                                                                                                                                                        											if(__ebx != __eax) {
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L90:
                                                                                                                                                                                                                                                        													__eax =  *(__ebx + 8);
                                                                                                                                                                                                                                                        													_push( *( *(__ebx + 8) + 0xc));
                                                                                                                                                                                                                                                        													__imp__UnregisterWait();
                                                                                                                                                                                                                                                        													__eax =  *(__ebx + 8);
                                                                                                                                                                                                                                                        													 *( *(__ebx + 8) + 0xc) = 0xffffffff;
                                                                                                                                                                                                                                                        													__ebx =  *__ebx;
                                                                                                                                                                                                                                                        													if(__ebx ==  *__esi) {
                                                                                                                                                                                                                                                        														goto L45;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L91:
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L45:
                                                                                                                                                                                                                                                        											_t237 =  *_t279;
                                                                                                                                                                                                                                                        											_t251 =  *_t237;
                                                                                                                                                                                                                                                        											 *_t237 = _t237;
                                                                                                                                                                                                                                                        											_t237[1] = _t237;
                                                                                                                                                                                                                                                        											if(_t251 != _t237) {
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L110:
                                                                                                                                                                                                                                                        													_t260 =  *((intOrPtr*)(_t251 + 8));
                                                                                                                                                                                                                                                        													_t279[7] =  *_t251;
                                                                                                                                                                                                                                                        													if( *((intOrPtr*)(_t251 + 8)) != 0) {
                                                                                                                                                                                                                                                        														E00BCF040(_t260);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_push(0xc);
                                                                                                                                                                                                                                                        													_push(_t251);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t283 = _t283 + 8;
                                                                                                                                                                                                                                                        													_t237 =  *_t279;
                                                                                                                                                                                                                                                        													_t251 = _t279[7];
                                                                                                                                                                                                                                                        													if(_t251 == _t237) {
                                                                                                                                                                                                                                                        														goto L46;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L112:
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L46:
                                                                                                                                                                                                                                                        											_push(0xc);
                                                                                                                                                                                                                                                        											_push(_t237);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t284 = _t283 + 8;
                                                                                                                                                                                                                                                        											_t240 = _t279[1];
                                                                                                                                                                                                                                                        											_t252 =  *_t240;
                                                                                                                                                                                                                                                        											 *_t240 = _t240;
                                                                                                                                                                                                                                                        											_t240[1] = _t240;
                                                                                                                                                                                                                                                        											if(_t252 != _t240) {
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													L114:
                                                                                                                                                                                                                                                        													_t261 = _t252[2];
                                                                                                                                                                                                                                                        													 *_t279 =  *_t252;
                                                                                                                                                                                                                                                        													if(_t252[2] != 0) {
                                                                                                                                                                                                                                                        														E00BCEC80(_t261);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_push(0xc);
                                                                                                                                                                                                                                                        													_push(_t252);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t284 = _t284 + 8;
                                                                                                                                                                                                                                                        													_t240 = _t279[1];
                                                                                                                                                                                                                                                        													_t252 =  *_t279;
                                                                                                                                                                                                                                                        													if(_t252 == _t240) {
                                                                                                                                                                                                                                                        														goto L47;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L116:
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L47:
                                                                                                                                                                                                                                                        											_push(0xc);
                                                                                                                                                                                                                                                        											_push(_t240);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t271 =  &(_t279[0x10]);
                                                                                                                                                                                                                                                        											E00BCE590( &(_t279[0xe]),  &(_t279[0x10]),  *(_t279[0xe]), _t279[0xe]);
                                                                                                                                                                                                                                                        											_push(0x14);
                                                                                                                                                                                                                                                        											_push(_t279[0xe]);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											E00BEECB0(_t279[0x3e] ^ _t281, _t271);
                                                                                                                                                                                                                                                        											return 1;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L143:
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						goto L45;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bcd5e0
                                                                                                                                                                                                                                                        0x00bcd5e0
                                                                                                                                                                                                                                                        0x00bcd5e0
                                                                                                                                                                                                                                                        0x00bcd5e0
                                                                                                                                                                                                                                                        0x00bcd5e9
                                                                                                                                                                                                                                                        0x00bcd5ec
                                                                                                                                                                                                                                                        0x00bcd5f5
                                                                                                                                                                                                                                                        0x00bcd5fe
                                                                                                                                                                                                                                                        0x00bcd5fe
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00bcd058
                                                                                                                                                                                                                                                        0x00bcd058
                                                                                                                                                                                                                                                        0x00bcd058
                                                                                                                                                                                                                                                        0x00bcd05f
                                                                                                                                                                                                                                                        0x00bcd066
                                                                                                                                                                                                                                                        0x00bcd086
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfd0
                                                                                                                                                                                                                                                        0x00bccfd0
                                                                                                                                                                                                                                                        0x00bccfd6
                                                                                                                                                                                                                                                        0x00bcd270
                                                                                                                                                                                                                                                        0x00bcd270
                                                                                                                                                                                                                                                        0x00bcd273
                                                                                                                                                                                                                                                        0x00bcd277
                                                                                                                                                                                                                                                        0x00bcd285
                                                                                                                                                                                                                                                        0x00bcd28a
                                                                                                                                                                                                                                                        0x00bcd299
                                                                                                                                                                                                                                                        0x00bcd2a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd279
                                                                                                                                                                                                                                                        0x00bcd27e
                                                                                                                                                                                                                                                        0x00bcd283
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd283
                                                                                                                                                                                                                                                        0x00bcd279
                                                                                                                                                                                                                                                        0x00bcd2a5
                                                                                                                                                                                                                                                        0x00bcd2a8
                                                                                                                                                                                                                                                        0x00bcd2ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00bcd2bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd441
                                                                                                                                                                                                                                                        0x00bcd441
                                                                                                                                                                                                                                                        0x00bcd444
                                                                                                                                                                                                                                                        0x00bcd448
                                                                                                                                                                                                                                                        0x00bcd47e
                                                                                                                                                                                                                                                        0x00bcd47e
                                                                                                                                                                                                                                                        0x00bcd481
                                                                                                                                                                                                                                                        0x00bcd487
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd44a
                                                                                                                                                                                                                                                        0x00bcd44a
                                                                                                                                                                                                                                                        0x00bcd44a
                                                                                                                                                                                                                                                        0x00bcd44c
                                                                                                                                                                                                                                                        0x00bcd44e
                                                                                                                                                                                                                                                        0x00bcd451
                                                                                                                                                                                                                                                        0x00bcd454
                                                                                                                                                                                                                                                        0x00bcd454
                                                                                                                                                                                                                                                        0x00bcd454
                                                                                                                                                                                                                                                        0x00bcd457
                                                                                                                                                                                                                                                        0x00bcd45c
                                                                                                                                                                                                                                                        0x00bcd45f
                                                                                                                                                                                                                                                        0x00bcd461
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd467
                                                                                                                                                                                                                                                        0x00bcd46a
                                                                                                                                                                                                                                                        0x00bcd46d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd46f
                                                                                                                                                                                                                                                        0x00bcd46f
                                                                                                                                                                                                                                                        0x00bcd46f
                                                                                                                                                                                                                                                        0x00bcd472
                                                                                                                                                                                                                                                        0x00bcd477
                                                                                                                                                                                                                                                        0x00bcd48d
                                                                                                                                                                                                                                                        0x00bcd490
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd4b2
                                                                                                                                                                                                                                                        0x00bcd4b5
                                                                                                                                                                                                                                                        0x00bcd4b7
                                                                                                                                                                                                                                                        0x00bcd4b9
                                                                                                                                                                                                                                                        0x00bcd4bc
                                                                                                                                                                                                                                                        0x00bcd4bf
                                                                                                                                                                                                                                                        0x00bcd4c4
                                                                                                                                                                                                                                                        0x00bcd4c6
                                                                                                                                                                                                                                                        0x00bcd4c6
                                                                                                                                                                                                                                                        0x00bcd497
                                                                                                                                                                                                                                                        0x00bcd49a
                                                                                                                                                                                                                                                        0x00bcd49c
                                                                                                                                                                                                                                                        0x00bcd49d
                                                                                                                                                                                                                                                        0x00bcd4a2
                                                                                                                                                                                                                                                        0x00bcd4a8
                                                                                                                                                                                                                                                        0x00bcd4a8
                                                                                                                                                                                                                                                        0x00bcd4b0
                                                                                                                                                                                                                                                        0x00bcd479
                                                                                                                                                                                                                                                        0x00bcd479
                                                                                                                                                                                                                                                        0x00bcd546
                                                                                                                                                                                                                                                        0x00bcd546
                                                                                                                                                                                                                                                        0x00bcd549
                                                                                                                                                                                                                                                        0x00bcd553
                                                                                                                                                                                                                                                        0x00bcd555
                                                                                                                                                                                                                                                        0x00bcd558
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd57b
                                                                                                                                                                                                                                                        0x00bcd57e
                                                                                                                                                                                                                                                        0x00bcd582
                                                                                                                                                                                                                                                        0x00bcd584
                                                                                                                                                                                                                                                        0x00bcd584
                                                                                                                                                                                                                                                        0x00bcd55f
                                                                                                                                                                                                                                                        0x00bcd561
                                                                                                                                                                                                                                                        0x00bcd564
                                                                                                                                                                                                                                                        0x00bcd569
                                                                                                                                                                                                                                                        0x00bcd56f
                                                                                                                                                                                                                                                        0x00bcd56f
                                                                                                                                                                                                                                                        0x00bcd578
                                                                                                                                                                                                                                                        0x00bcd558
                                                                                                                                                                                                                                                        0x00bcd477
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd46d
                                                                                                                                                                                                                                                        0x00bcd4ef
                                                                                                                                                                                                                                                        0x00bcd4f2
                                                                                                                                                                                                                                                        0x00bcd508
                                                                                                                                                                                                                                                        0x00bcd508
                                                                                                                                                                                                                                                        0x00bcd508
                                                                                                                                                                                                                                                        0x00bcd50b
                                                                                                                                                                                                                                                        0x00bcd510
                                                                                                                                                                                                                                                        0x00bcd515
                                                                                                                                                                                                                                                        0x00bcd517
                                                                                                                                                                                                                                                        0x00bcd51a
                                                                                                                                                                                                                                                        0x00bcd521
                                                                                                                                                                                                                                                        0x00bcd524
                                                                                                                                                                                                                                                        0x00bcd529
                                                                                                                                                                                                                                                        0x00bcd52b
                                                                                                                                                                                                                                                        0x00bcd52b
                                                                                                                                                                                                                                                        0x00bcd529
                                                                                                                                                                                                                                                        0x00bcd4fc
                                                                                                                                                                                                                                                        0x00bcd4fe
                                                                                                                                                                                                                                                        0x00bcd4fe
                                                                                                                                                                                                                                                        0x00bcd501
                                                                                                                                                                                                                                                        0x00bcd503
                                                                                                                                                                                                                                                        0x00bcd532
                                                                                                                                                                                                                                                        0x00bcd535
                                                                                                                                                                                                                                                        0x00bcd537
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd4f4
                                                                                                                                                                                                                                                        0x00bcd53a
                                                                                                                                                                                                                                                        0x00bcd53a
                                                                                                                                                                                                                                                        0x00bcd540
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd540
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58b
                                                                                                                                                                                                                                                        0x00bcd58f
                                                                                                                                                                                                                                                        0x00bcd595
                                                                                                                                                                                                                                                        0x00bcd598
                                                                                                                                                                                                                                                        0x00bcd59b
                                                                                                                                                                                                                                                        0x00bcd59e
                                                                                                                                                                                                                                                        0x00bcd5a0
                                                                                                                                                                                                                                                        0x00bcd5a3
                                                                                                                                                                                                                                                        0x00bcd5a6
                                                                                                                                                                                                                                                        0x00bcd5ac
                                                                                                                                                                                                                                                        0x00bcd5b2
                                                                                                                                                                                                                                                        0x00bcd5b5
                                                                                                                                                                                                                                                        0x00bcd5b8
                                                                                                                                                                                                                                                        0x00bcd5ba
                                                                                                                                                                                                                                                        0x00bcd5bd
                                                                                                                                                                                                                                                        0x00bcd5c2
                                                                                                                                                                                                                                                        0x00bcd5c2
                                                                                                                                                                                                                                                        0x00bcd5c5
                                                                                                                                                                                                                                                        0x00bcd5ce
                                                                                                                                                                                                                                                        0x00bcd5d4
                                                                                                                                                                                                                                                        0x00bcd5d4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd42f
                                                                                                                                                                                                                                                        0x00bcd42f
                                                                                                                                                                                                                                                        0x00bcd434
                                                                                                                                                                                                                                                        0x00bcd436
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfab0
                                                                                                                                                                                                                                                        0x00bcfab0
                                                                                                                                                                                                                                                        0x00bcfab1
                                                                                                                                                                                                                                                        0x00bcfab3
                                                                                                                                                                                                                                                        0x00bcfab4
                                                                                                                                                                                                                                                        0x00bcfab5
                                                                                                                                                                                                                                                        0x00bcfab6
                                                                                                                                                                                                                                                        0x00bcfab7
                                                                                                                                                                                                                                                        0x00bcfaba
                                                                                                                                                                                                                                                        0x00bcfabf
                                                                                                                                                                                                                                                        0x00bcfae7
                                                                                                                                                                                                                                                        0x00bcfae7
                                                                                                                                                                                                                                                        0x00bcfac1
                                                                                                                                                                                                                                                        0x00bcfac1
                                                                                                                                                                                                                                                        0x00bcfac1
                                                                                                                                                                                                                                                        0x00bcfac4
                                                                                                                                                                                                                                                        0x00bcfac7
                                                                                                                                                                                                                                                        0x00bcfad0
                                                                                                                                                                                                                                                        0x00bcfad0
                                                                                                                                                                                                                                                        0x00bcfad0
                                                                                                                                                                                                                                                        0x00bcfad2
                                                                                                                                                                                                                                                        0x00bcfad3
                                                                                                                                                                                                                                                        0x00bcfad4
                                                                                                                                                                                                                                                        0x00bcfad9
                                                                                                                                                                                                                                                        0x00bcfade
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfae0
                                                                                                                                                                                                                                                        0x00bcfae0
                                                                                                                                                                                                                                                        0x00bcfae5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfae5
                                                                                                                                                                                                                                                        0x00bcfaf3
                                                                                                                                                                                                                                                        0x00bcfaf3
                                                                                                                                                                                                                                                        0x00bcfaf6
                                                                                                                                                                                                                                                        0x00bcfaf9
                                                                                                                                                                                                                                                        0x00bcfafb
                                                                                                                                                                                                                                                        0x00bcfafb
                                                                                                                                                                                                                                                        0x00bcfae9
                                                                                                                                                                                                                                                        0x00bcfae9
                                                                                                                                                                                                                                                        0x00bcfaec
                                                                                                                                                                                                                                                        0x00bcfaed
                                                                                                                                                                                                                                                        0x00bcfaee
                                                                                                                                                                                                                                                        0x00bcfaef
                                                                                                                                                                                                                                                        0x00bcfaf0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bef870
                                                                                                                                                                                                                                                        0x00bef870
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfb00
                                                                                                                                                                                                                                                        0x00bcfb00
                                                                                                                                                                                                                                                        0x00bcfb02
                                                                                                                                                                                                                                                        0x00bcfb03
                                                                                                                                                                                                                                                        0x00bcfb04
                                                                                                                                                                                                                                                        0x00bcfb05
                                                                                                                                                                                                                                                        0x00bcfb06
                                                                                                                                                                                                                                                        0x00bcfb07
                                                                                                                                                                                                                                                        0x00bcfb08
                                                                                                                                                                                                                                                        0x00bcfb09
                                                                                                                                                                                                                                                        0x00bcfb0a
                                                                                                                                                                                                                                                        0x00bcfb0b
                                                                                                                                                                                                                                                        0x00bcfb0c
                                                                                                                                                                                                                                                        0x00bcfb0d
                                                                                                                                                                                                                                                        0x00bcfb0e
                                                                                                                                                                                                                                                        0x00bcfb0f
                                                                                                                                                                                                                                                        0x00bcfb10
                                                                                                                                                                                                                                                        0x00bcfb11
                                                                                                                                                                                                                                                        0x00bcfb13
                                                                                                                                                                                                                                                        0x00bcfb14
                                                                                                                                                                                                                                                        0x00bcfb16
                                                                                                                                                                                                                                                        0x00bcfb1a
                                                                                                                                                                                                                                                        0x00bcfb46
                                                                                                                                                                                                                                                        0x00bcfb46
                                                                                                                                                                                                                                                        0x00bcfb47
                                                                                                                                                                                                                                                        0x00bcfb48
                                                                                                                                                                                                                                                        0x00bcfb1c
                                                                                                                                                                                                                                                        0x00bcfb1c
                                                                                                                                                                                                                                                        0x00bcfb1c
                                                                                                                                                                                                                                                        0x00bcfb1f
                                                                                                                                                                                                                                                        0x00bcfb26
                                                                                                                                                                                                                                                        0x00bcfb49
                                                                                                                                                                                                                                                        0x00bcfb49
                                                                                                                                                                                                                                                        0x00bcfb4c
                                                                                                                                                                                                                                                        0x00bcfb4e
                                                                                                                                                                                                                                                        0x00bcfb54
                                                                                                                                                                                                                                                        0x00bcfb5d
                                                                                                                                                                                                                                                        0x00bcfb5d
                                                                                                                                                                                                                                                        0x00bcfb63
                                                                                                                                                                                                                                                        0x00bcfb64
                                                                                                                                                                                                                                                        0x00bcfb65
                                                                                                                                                                                                                                                        0x00bcfb66
                                                                                                                                                                                                                                                        0x00bcfb67
                                                                                                                                                                                                                                                        0x00bcfb68
                                                                                                                                                                                                                                                        0x00bcfb69
                                                                                                                                                                                                                                                        0x00bcfb6a
                                                                                                                                                                                                                                                        0x00bcfb6b
                                                                                                                                                                                                                                                        0x00bcfb6c
                                                                                                                                                                                                                                                        0x00bcfb6d
                                                                                                                                                                                                                                                        0x00bcfb6e
                                                                                                                                                                                                                                                        0x00bcfb6f
                                                                                                                                                                                                                                                        0x00bcfb70
                                                                                                                                                                                                                                                        0x00bcfb71
                                                                                                                                                                                                                                                        0x00bcfb73
                                                                                                                                                                                                                                                        0x00bcfb74
                                                                                                                                                                                                                                                        0x00bcfb75
                                                                                                                                                                                                                                                        0x00bcfb76
                                                                                                                                                                                                                                                        0x00bcfb79
                                                                                                                                                                                                                                                        0x00bcfb7e
                                                                                                                                                                                                                                                        0x00bcfb81
                                                                                                                                                                                                                                                        0x00bcfb84
                                                                                                                                                                                                                                                        0x00bcfb88
                                                                                                                                                                                                                                                        0x00bcfb8b
                                                                                                                                                                                                                                                        0x00bcfb8e
                                                                                                                                                                                                                                                        0x00bcfb90
                                                                                                                                                                                                                                                        0x00bcfb93
                                                                                                                                                                                                                                                        0x00bcfb96
                                                                                                                                                                                                                                                        0x00bcfb97
                                                                                                                                                                                                                                                        0x00bcfb98
                                                                                                                                                                                                                                                        0x00bcfb99
                                                                                                                                                                                                                                                        0x00bcfb9c
                                                                                                                                                                                                                                                        0x00bcfb9f
                                                                                                                                                                                                                                                        0x00bcfba4
                                                                                                                                                                                                                                                        0x00bcfc1f
                                                                                                                                                                                                                                                        0x00bcfba6
                                                                                                                                                                                                                                                        0x00bcfbaa
                                                                                                                                                                                                                                                        0x00bcfc37
                                                                                                                                                                                                                                                        0x00bcfbb0
                                                                                                                                                                                                                                                        0x00bcfbb0
                                                                                                                                                                                                                                                        0x00bcfbbb
                                                                                                                                                                                                                                                        0x00bcfbbf
                                                                                                                                                                                                                                                        0x00bcfbc4
                                                                                                                                                                                                                                                        0x00bcfbcb
                                                                                                                                                                                                                                                        0x00bcfbcd
                                                                                                                                                                                                                                                        0x00bcfbd1
                                                                                                                                                                                                                                                        0x00bcfbd8
                                                                                                                                                                                                                                                        0x00bcfbdf
                                                                                                                                                                                                                                                        0x00bcfbe6
                                                                                                                                                                                                                                                        0x00bcfbf0
                                                                                                                                                                                                                                                        0x00bcfbf5
                                                                                                                                                                                                                                                        0x00bcfbf9
                                                                                                                                                                                                                                                        0x00bcfbfb
                                                                                                                                                                                                                                                        0x00bcfbfe
                                                                                                                                                                                                                                                        0x00bcfc01
                                                                                                                                                                                                                                                        0x00bcfc06
                                                                                                                                                                                                                                                        0x00bcfc08
                                                                                                                                                                                                                                                        0x00bcfc0a
                                                                                                                                                                                                                                                        0x00bcfc0c
                                                                                                                                                                                                                                                        0x00bcfc0e
                                                                                                                                                                                                                                                        0x00bcfc10
                                                                                                                                                                                                                                                        0x00bcfc13
                                                                                                                                                                                                                                                        0x00bcfc13
                                                                                                                                                                                                                                                        0x00bcfc08
                                                                                                                                                                                                                                                        0x00bcfc15
                                                                                                                                                                                                                                                        0x00bcfc18
                                                                                                                                                                                                                                                        0x00bcfc18
                                                                                                                                                                                                                                                        0x00bcfbcb
                                                                                                                                                                                                                                                        0x00bcfbaa
                                                                                                                                                                                                                                                        0x00bcfc21
                                                                                                                                                                                                                                                        0x00bcfc24
                                                                                                                                                                                                                                                        0x00bcfc2b
                                                                                                                                                                                                                                                        0x00bcfc2d
                                                                                                                                                                                                                                                        0x00bcfc30
                                                                                                                                                                                                                                                        0x00bcfc31
                                                                                                                                                                                                                                                        0x00bcfc32
                                                                                                                                                                                                                                                        0x00bcfc33
                                                                                                                                                                                                                                                        0x00bcfc34
                                                                                                                                                                                                                                                        0x00bcfb56
                                                                                                                                                                                                                                                        0x00bcfb56
                                                                                                                                                                                                                                                        0x00bcfb56
                                                                                                                                                                                                                                                        0x00bcfb59
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfb59
                                                                                                                                                                                                                                                        0x00bcfb28
                                                                                                                                                                                                                                                        0x00bcfb28
                                                                                                                                                                                                                                                        0x00bcfb28
                                                                                                                                                                                                                                                        0x00bcfb29
                                                                                                                                                                                                                                                        0x00bcfb2a
                                                                                                                                                                                                                                                        0x00bcfb2f
                                                                                                                                                                                                                                                        0x00bcfb32
                                                                                                                                                                                                                                                        0x00bcfb38
                                                                                                                                                                                                                                                        0x00bcfb3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcfb3f
                                                                                                                                                                                                                                                        0x00bcfb26
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2b4
                                                                                                                                                                                                                                                        0x00bccfdc
                                                                                                                                                                                                                                                        0x00bccfdc
                                                                                                                                                                                                                                                        0x00bccfdc
                                                                                                                                                                                                                                                        0x00bccfe0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2cd
                                                                                                                                                                                                                                                        0x00bcd2cd
                                                                                                                                                                                                                                                        0x00bcd2d0
                                                                                                                                                                                                                                                        0x00bcd2d3
                                                                                                                                                                                                                                                        0x00bcd2d6
                                                                                                                                                                                                                                                        0x00bcd2d9
                                                                                                                                                                                                                                                        0x00bcd2dd
                                                                                                                                                                                                                                                        0x00bcd2e5
                                                                                                                                                                                                                                                        0x00bcd2e8
                                                                                                                                                                                                                                                        0x00bcd2eb
                                                                                                                                                                                                                                                        0x00bcd2ed
                                                                                                                                                                                                                                                        0x00bcd2f2
                                                                                                                                                                                                                                                        0x00bcd2fc
                                                                                                                                                                                                                                                        0x00bcd2ff
                                                                                                                                                                                                                                                        0x00bcd301
                                                                                                                                                                                                                                                        0x00bcd304
                                                                                                                                                                                                                                                        0x00bcd307
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd30d
                                                                                                                                                                                                                                                        0x00bcd30d
                                                                                                                                                                                                                                                        0x00bcd30d
                                                                                                                                                                                                                                                        0x00bcd310
                                                                                                                                                                                                                                                        0x00bcd313
                                                                                                                                                                                                                                                        0x00bcd316
                                                                                                                                                                                                                                                        0x00bcd316
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfe9
                                                                                                                                                                                                                                                        0x00bccfe9
                                                                                                                                                                                                                                                        0x00bccff0
                                                                                                                                                                                                                                                        0x00bccff8
                                                                                                                                                                                                                                                        0x00bccff8
                                                                                                                                                                                                                                                        0x00bccffe
                                                                                                                                                                                                                                                        0x00bccffe
                                                                                                                                                                                                                                                        0x00bcd001
                                                                                                                                                                                                                                                        0x00bcd004
                                                                                                                                                                                                                                                        0x00bcd007
                                                                                                                                                                                                                                                        0x00bcd009
                                                                                                                                                                                                                                                        0x00bcd00b
                                                                                                                                                                                                                                                        0x00bcd00c
                                                                                                                                                                                                                                                        0x00bcd011
                                                                                                                                                                                                                                                        0x00bcd014
                                                                                                                                                                                                                                                        0x00bcd015
                                                                                                                                                                                                                                                        0x00bcd01d
                                                                                                                                                                                                                                                        0x00bcd020
                                                                                                                                                                                                                                                        0x00bcd402
                                                                                                                                                                                                                                                        0x00bcd402
                                                                                                                                                                                                                                                        0x00bcd402
                                                                                                                                                                                                                                                        0x00bcd026
                                                                                                                                                                                                                                                        0x00bcd026
                                                                                                                                                                                                                                                        0x00bcd028
                                                                                                                                                                                                                                                        0x00bcd02b
                                                                                                                                                                                                                                                        0x00bcd02d
                                                                                                                                                                                                                                                        0x00bcd032
                                                                                                                                                                                                                                                        0x00bcd038
                                                                                                                                                                                                                                                        0x00bcd03a
                                                                                                                                                                                                                                                        0x00bcd03d
                                                                                                                                                                                                                                                        0x00bcd040
                                                                                                                                                                                                                                                        0x00bcd049
                                                                                                                                                                                                                                                        0x00bcd3f8
                                                                                                                                                                                                                                                        0x00bcd3f8
                                                                                                                                                                                                                                                        0x00bcd3fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd04f
                                                                                                                                                                                                                                                        0x00bcd050
                                                                                                                                                                                                                                                        0x00bcd053
                                                                                                                                                                                                                                                        0x00bcd055
                                                                                                                                                                                                                                                        0x00bcd055
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0a0
                                                                                                                                                                                                                                                        0x00bcd0a0
                                                                                                                                                                                                                                                        0x00bcd0a3
                                                                                                                                                                                                                                                        0x00bcd0a7
                                                                                                                                                                                                                                                        0x00bcd0ad
                                                                                                                                                                                                                                                        0x00bcd0b0
                                                                                                                                                                                                                                                        0x00bcd0b3
                                                                                                                                                                                                                                                        0x00bcd0b3
                                                                                                                                                                                                                                                        0x00bcd0b6
                                                                                                                                                                                                                                                        0x00bcd0bc
                                                                                                                                                                                                                                                        0x00bcd0c2
                                                                                                                                                                                                                                                        0x00bcd0c5
                                                                                                                                                                                                                                                        0x00bcd0cb
                                                                                                                                                                                                                                                        0x00bcd0cd
                                                                                                                                                                                                                                                        0x00bcd0d4
                                                                                                                                                                                                                                                        0x00bcd0d8
                                                                                                                                                                                                                                                        0x00bcd40d
                                                                                                                                                                                                                                                        0x00bcd40d
                                                                                                                                                                                                                                                        0x00bcd411
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd417
                                                                                                                                                                                                                                                        0x00bcd417
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd417
                                                                                                                                                                                                                                                        0x00bcd0de
                                                                                                                                                                                                                                                        0x00bcd0de
                                                                                                                                                                                                                                                        0x00bcd0de
                                                                                                                                                                                                                                                        0x00bcd0e1
                                                                                                                                                                                                                                                        0x00bcd0e4
                                                                                                                                                                                                                                                        0x00bcd0e6
                                                                                                                                                                                                                                                        0x00bcd0e8
                                                                                                                                                                                                                                                        0x00bcd0e8
                                                                                                                                                                                                                                                        0x00bcd0e8
                                                                                                                                                                                                                                                        0x00bcd0eb
                                                                                                                                                                                                                                                        0x00bcd0f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0f2
                                                                                                                                                                                                                                                        0x00bcd0f4
                                                                                                                                                                                                                                                        0x00bcd0f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0f8
                                                                                                                                                                                                                                                        0x00bcd0f8
                                                                                                                                                                                                                                                        0x00bcd41c
                                                                                                                                                                                                                                                        0x00bcd41e
                                                                                                                                                                                                                                                        0x00bcd420
                                                                                                                                                                                                                                                        0x00bcd424
                                                                                                                                                                                                                                                        0x00bcd10c
                                                                                                                                                                                                                                                        0x00bcd10e
                                                                                                                                                                                                                                                        0x00bcd114
                                                                                                                                                                                                                                                        0x00bcd114
                                                                                                                                                                                                                                                        0x00bcd116
                                                                                                                                                                                                                                                        0x00bcd119
                                                                                                                                                                                                                                                        0x00bcd11b
                                                                                                                                                                                                                                                        0x00bcd11d
                                                                                                                                                                                                                                                        0x00bcd120
                                                                                                                                                                                                                                                        0x00bcd123
                                                                                                                                                                                                                                                        0x00bcd128
                                                                                                                                                                                                                                                        0x00bcd1e1
                                                                                                                                                                                                                                                        0x00bcd1e3
                                                                                                                                                                                                                                                        0x00bcd1e8
                                                                                                                                                                                                                                                        0x00bcd1e8
                                                                                                                                                                                                                                                        0x00bcd12e
                                                                                                                                                                                                                                                        0x00bcd131
                                                                                                                                                                                                                                                        0x00bcd133
                                                                                                                                                                                                                                                        0x00bcd134
                                                                                                                                                                                                                                                        0x00bcd139
                                                                                                                                                                                                                                                        0x00bcd13e
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bccf95
                                                                                                                                                                                                                                                        0x00bccf9c
                                                                                                                                                                                                                                                        0x00bccf9f
                                                                                                                                                                                                                                                        0x00bccfa4
                                                                                                                                                                                                                                                        0x00bccfc0
                                                                                                                                                                                                                                                        0x00bccfc0
                                                                                                                                                                                                                                                        0x00bccfa6
                                                                                                                                                                                                                                                        0x00bccfa6
                                                                                                                                                                                                                                                        0x00bccfa9
                                                                                                                                                                                                                                                        0x00bccfab
                                                                                                                                                                                                                                                        0x00bccfac
                                                                                                                                                                                                                                                        0x00bccfb1
                                                                                                                                                                                                                                                        0x00bccfb6
                                                                                                                                                                                                                                                        0x00bccfb6
                                                                                                                                                                                                                                                        0x00bccf90
                                                                                                                                                                                                                                                        0x00bcd13e
                                                                                                                                                                                                                                                        0x00bcd42a
                                                                                                                                                                                                                                                        0x00bcd42a
                                                                                                                                                                                                                                                        0x00bcd186
                                                                                                                                                                                                                                                        0x00bcd186
                                                                                                                                                                                                                                                        0x00bcd188
                                                                                                                                                                                                                                                        0x00bcd191
                                                                                                                                                                                                                                                        0x00bcd193
                                                                                                                                                                                                                                                        0x00bcd196
                                                                                                                                                                                                                                                        0x00bcd19c
                                                                                                                                                                                                                                                        0x00bcd19c
                                                                                                                                                                                                                                                        0x00bcd19f
                                                                                                                                                                                                                                                        0x00bcd1a3
                                                                                                                                                                                                                                                        0x00bcd1a5
                                                                                                                                                                                                                                                        0x00bcd1a5
                                                                                                                                                                                                                                                        0x00bcd1aa
                                                                                                                                                                                                                                                        0x00bcd1ac
                                                                                                                                                                                                                                                        0x00bcd1ad
                                                                                                                                                                                                                                                        0x00bcd1b2
                                                                                                                                                                                                                                                        0x00bcd1b7
                                                                                                                                                                                                                                                        0x00bcd1bd
                                                                                                                                                                                                                                                        0x00bcd1bd
                                                                                                                                                                                                                                                        0x00bcd1bd
                                                                                                                                                                                                                                                        0x00bcd1c0
                                                                                                                                                                                                                                                        0x00bcd1c4
                                                                                                                                                                                                                                                        0x00bcd1c6
                                                                                                                                                                                                                                                        0x00bcd1c6
                                                                                                                                                                                                                                                        0x00bcd1cb
                                                                                                                                                                                                                                                        0x00bcd1cd
                                                                                                                                                                                                                                                        0x00bcd1ce
                                                                                                                                                                                                                                                        0x00bcd1d3
                                                                                                                                                                                                                                                        0x00bcd1d8
                                                                                                                                                                                                                                                        0x00bcd1d8
                                                                                                                                                                                                                                                        0x00bcd1dc
                                                                                                                                                                                                                                                        0x00bcd1b7
                                                                                                                                                                                                                                                        0x00bcd196
                                                                                                                                                                                                                                                        0x00bcd424
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd0f6
                                                                                                                                                                                                                                                        0x00bcd100
                                                                                                                                                                                                                                                        0x00bcd102
                                                                                                                                                                                                                                                        0x00bcd156
                                                                                                                                                                                                                                                        0x00bcd156
                                                                                                                                                                                                                                                        0x00bcd156
                                                                                                                                                                                                                                                        0x00bcd15c
                                                                                                                                                                                                                                                        0x00bcd160
                                                                                                                                                                                                                                                        0x00bcd162
                                                                                                                                                                                                                                                        0x00bcd169
                                                                                                                                                                                                                                                        0x00bcd16c
                                                                                                                                                                                                                                                        0x00bcd171
                                                                                                                                                                                                                                                        0x00bcd173
                                                                                                                                                                                                                                                        0x00bcd173
                                                                                                                                                                                                                                                        0x00bcd171
                                                                                                                                                                                                                                                        0x00bcd178
                                                                                                                                                                                                                                                        0x00bcd178
                                                                                                                                                                                                                                                        0x00bcd17a
                                                                                                                                                                                                                                                        0x00bcd17c
                                                                                                                                                                                                                                                        0x00bcd180
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd150
                                                                                                                                                                                                                                                        0x00bcd150
                                                                                                                                                                                                                                                        0x00bcd153
                                                                                                                                                                                                                                                        0x00bcd153
                                                                                                                                                                                                                                                        0x00bcd182
                                                                                                                                                                                                                                                        0x00bcd182
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd104
                                                                                                                                                                                                                                                        0x00bcd106
                                                                                                                                                                                                                                                        0x00bcd106
                                                                                                                                                                                                                                                        0x00bcd10a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd10a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd31d
                                                                                                                                                                                                                                                        0x00bcd31d
                                                                                                                                                                                                                                                        0x00bcd320
                                                                                                                                                                                                                                                        0x00bcd323
                                                                                                                                                                                                                                                        0x00bcd325
                                                                                                                                                                                                                                                        0x00bcd32a
                                                                                                                                                                                                                                                        0x00bcd32d
                                                                                                                                                                                                                                                        0x00bcd32f
                                                                                                                                                                                                                                                        0x00bcd335
                                                                                                                                                                                                                                                        0x00bcd33c
                                                                                                                                                                                                                                                        0x00bcd343
                                                                                                                                                                                                                                                        0x00bcd346
                                                                                                                                                                                                                                                        0x00bcd34d
                                                                                                                                                                                                                                                        0x00bcd351
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd361
                                                                                                                                                                                                                                                        0x00bcd363
                                                                                                                                                                                                                                                        0x00bcd366
                                                                                                                                                                                                                                                        0x00bcd367
                                                                                                                                                                                                                                                        0x00bcd369
                                                                                                                                                                                                                                                        0x00bcd36b
                                                                                                                                                                                                                                                        0x00bcd370
                                                                                                                                                                                                                                                        0x00bcd373
                                                                                                                                                                                                                                                        0x00bcd376
                                                                                                                                                                                                                                                        0x00bcd378
                                                                                                                                                                                                                                                        0x00bcd37e
                                                                                                                                                                                                                                                        0x00bcd380
                                                                                                                                                                                                                                                        0x00bcd385
                                                                                                                                                                                                                                                        0x00bcd385
                                                                                                                                                                                                                                                        0x00bcd355
                                                                                                                                                                                                                                                        0x00bcd357
                                                                                                                                                                                                                                                        0x00bcd35b
                                                                                                                                                                                                                                                        0x00bcd38a
                                                                                                                                                                                                                                                        0x00bcd38a
                                                                                                                                                                                                                                                        0x00bcd38d
                                                                                                                                                                                                                                                        0x00bcd391
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd3a3
                                                                                                                                                                                                                                                        0x00bcd3a5
                                                                                                                                                                                                                                                        0x00bcd3a8
                                                                                                                                                                                                                                                        0x00bcd3a9
                                                                                                                                                                                                                                                        0x00bcd3ab
                                                                                                                                                                                                                                                        0x00bcd3ad
                                                                                                                                                                                                                                                        0x00bcd3b2
                                                                                                                                                                                                                                                        0x00bcd3b5
                                                                                                                                                                                                                                                        0x00bcd3b8
                                                                                                                                                                                                                                                        0x00bcd3ba
                                                                                                                                                                                                                                                        0x00bcd3c0
                                                                                                                                                                                                                                                        0x00bcd3c2
                                                                                                                                                                                                                                                        0x00bcd3c7
                                                                                                                                                                                                                                                        0x00bcd3c7
                                                                                                                                                                                                                                                        0x00bcd395
                                                                                                                                                                                                                                                        0x00bcd397
                                                                                                                                                                                                                                                        0x00bcd39c
                                                                                                                                                                                                                                                        0x00bcd3cc
                                                                                                                                                                                                                                                        0x00bcd3cc
                                                                                                                                                                                                                                                        0x00bcd3ce
                                                                                                                                                                                                                                                        0x00bcd3cf
                                                                                                                                                                                                                                                        0x00bcd3d2
                                                                                                                                                                                                                                                        0x00bcd3d5
                                                                                                                                                                                                                                                        0x00bcd3d7
                                                                                                                                                                                                                                                        0x00bcd3d9
                                                                                                                                                                                                                                                        0x00bcd3db
                                                                                                                                                                                                                                                        0x00bcd3dd
                                                                                                                                                                                                                                                        0x00bcd3df
                                                                                                                                                                                                                                                        0x00bcd3e3
                                                                                                                                                                                                                                                        0x00bcd3e9
                                                                                                                                                                                                                                                        0x00bcd3ec
                                                                                                                                                                                                                                                        0x00bcd3ee
                                                                                                                                                                                                                                                        0x00bcd3f0
                                                                                                                                                                                                                                                        0x00bcd3f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd1ef
                                                                                                                                                                                                                                                        0x00bcd1ef
                                                                                                                                                                                                                                                        0x00bcd1f1
                                                                                                                                                                                                                                                        0x00bcd1f3
                                                                                                                                                                                                                                                        0x00bcd1f7
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd4d0
                                                                                                                                                                                                                                                        0x00bcd4d3
                                                                                                                                                                                                                                                        0x00bcd4d9
                                                                                                                                                                                                                                                        0x00bcd4dc
                                                                                                                                                                                                                                                        0x00bcd4e3
                                                                                                                                                                                                                                                        0x00bcd4e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd4ed
                                                                                                                                                                                                                                                        0x00bcd4ed
                                                                                                                                                                                                                                                        0x00bcd4cd
                                                                                                                                                                                                                                                        0x00bcd1fd
                                                                                                                                                                                                                                                        0x00bcd1fd
                                                                                                                                                                                                                                                        0x00bcd1ff
                                                                                                                                                                                                                                                        0x00bcd201
                                                                                                                                                                                                                                                        0x00bcd203
                                                                                                                                                                                                                                                        0x00bcd208
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd610
                                                                                                                                                                                                                                                        0x00bcd613
                                                                                                                                                                                                                                                        0x00bcd62f
                                                                                                                                                                                                                                                        0x00bcd62f
                                                                                                                                                                                                                                                        0x00bcd615
                                                                                                                                                                                                                                                        0x00bcd617
                                                                                                                                                                                                                                                        0x00bcd618
                                                                                                                                                                                                                                                        0x00bcd61d
                                                                                                                                                                                                                                                        0x00bcd620
                                                                                                                                                                                                                                                        0x00bcd622
                                                                                                                                                                                                                                                        0x00bcd627
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd62d
                                                                                                                                                                                                                                                        0x00bcd62d
                                                                                                                                                                                                                                                        0x00bcd609
                                                                                                                                                                                                                                                        0x00bcd20e
                                                                                                                                                                                                                                                        0x00bcd20e
                                                                                                                                                                                                                                                        0x00bcd210
                                                                                                                                                                                                                                                        0x00bcd211
                                                                                                                                                                                                                                                        0x00bcd216
                                                                                                                                                                                                                                                        0x00bcd219
                                                                                                                                                                                                                                                        0x00bcd21c
                                                                                                                                                                                                                                                        0x00bcd21e
                                                                                                                                                                                                                                                        0x00bcd220
                                                                                                                                                                                                                                                        0x00bcd225
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd63d
                                                                                                                                                                                                                                                        0x00bcd63f
                                                                                                                                                                                                                                                        0x00bcd65b
                                                                                                                                                                                                                                                        0x00bcd65b
                                                                                                                                                                                                                                                        0x00bcd641
                                                                                                                                                                                                                                                        0x00bcd643
                                                                                                                                                                                                                                                        0x00bcd644
                                                                                                                                                                                                                                                        0x00bcd649
                                                                                                                                                                                                                                                        0x00bcd64c
                                                                                                                                                                                                                                                        0x00bcd64f
                                                                                                                                                                                                                                                        0x00bcd653
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd659
                                                                                                                                                                                                                                                        0x00bcd659
                                                                                                                                                                                                                                                        0x00bcd636
                                                                                                                                                                                                                                                        0x00bcd22b
                                                                                                                                                                                                                                                        0x00bcd22b
                                                                                                                                                                                                                                                        0x00bcd22d
                                                                                                                                                                                                                                                        0x00bcd22e
                                                                                                                                                                                                                                                        0x00bcd23c
                                                                                                                                                                                                                                                        0x00bcd242
                                                                                                                                                                                                                                                        0x00bcd24a
                                                                                                                                                                                                                                                        0x00bcd24c
                                                                                                                                                                                                                                                        0x00bcd24f
                                                                                                                                                                                                                                                        0x00bcd25f
                                                                                                                                                                                                                                                        0x00bcd26d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfe2
                                                                                                                                                                                                                                                        0x00bccfe0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bccfd6
                                                                                                                                                                                                                                                        0x00bcd08c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcd2c3
                                                                                                                                                                                                                                                        0x00bcd2bb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetQueuedCompletionStatus.KERNEL32(?,00000000,00000000,00000000,000000FF), ref: 00BCD07E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,0000000C), ref: 00BCD211
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,0000000C), ref: 00BCD22E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000014,00000014), ref: 00BCD24F
                                                                                                                                                                                                                                                        • ResetEvent.KERNEL32(?), ref: 00BCD5FE
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$CompletionEventQueuedResetStatus
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1648753108-0
                                                                                                                                                                                                                                                        • Opcode ID: 621f91ad6f193e350b76aa77adc616aabbd4f9da3646472283192a820ec7628f
                                                                                                                                                                                                                                                        • Instruction ID: 9f4c5d9343024965ade472570de3e4169edacb9e6adb3f8cbec748b85fa9f968
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 621f91ad6f193e350b76aa77adc616aabbd4f9da3646472283192a820ec7628f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 542125756007019FD7209F20C885F66BBE4FB18304F404AADE59B9BAA1E772F809CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BBCB00(void** __ecx, short* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void** _v20;
                                                                                                                                                                                                                                                        				short* _v24;
                                                                                                                                                                                                                                                        				int _t9;
                                                                                                                                                                                                                                                        				int _t12;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				int _t18;
                                                                                                                                                                                                                                                        				void** _t19;
                                                                                                                                                                                                                                                        				int _t21;
                                                                                                                                                                                                                                                        				char* _t22;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t19 = __ecx;
                                                                                                                                                                                                                                                        				_t18 =  <  ? _a4 : 0x50;
                                                                                                                                                                                                                                                        				_v24 = __edx;
                                                                                                                                                                                                                                                        				_t9 = WideCharToMultiByte(0xfde9, 0, __edx, 0x50, 0, 0, 0, 0);
                                                                                                                                                                                                                                                        				if(_t9 == 0) {
                                                                                                                                                                                                                                                        					 *_t19 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v20 = _t19;
                                                                                                                                                                                                                                                        					_t21 = _t9 + 1;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t21);
                                                                                                                                                                                                                                                        					_t22 = _t9;
                                                                                                                                                                                                                                                        					memset(_t9, 0, _t21);
                                                                                                                                                                                                                                                        					_t14 = _t22;
                                                                                                                                                                                                                                                        					_t12 = WideCharToMultiByte(0xfde9, 0, _v24, _t18, _t22, _t9, 0, 0);
                                                                                                                                                                                                                                                        					if(_t12 == 0) {
                                                                                                                                                                                                                                                        						_t19 = _v20;
                                                                                                                                                                                                                                                        						 *_t19 = 0;
                                                                                                                                                                                                                                                        						free(_t14);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t19 = _v20;
                                                                                                                                                                                                                                                        						 *((char*)(_t14 + _t12)) = 0;
                                                                                                                                                                                                                                                        						 *_t19 = _t14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t19;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bbcb11
                                                                                                                                                                                                                                                        0x00bbcb16
                                                                                                                                                                                                                                                        0x00bbcb22
                                                                                                                                                                                                                                                        0x00bbcb2d
                                                                                                                                                                                                                                                        0x00bbcb35
                                                                                                                                                                                                                                                        0x00bbcb7f
                                                                                                                                                                                                                                                        0x00bbcb37
                                                                                                                                                                                                                                                        0x00bbcb37
                                                                                                                                                                                                                                                        0x00bbcb3e
                                                                                                                                                                                                                                                        0x00bbcb40
                                                                                                                                                                                                                                                        0x00bbcb4d
                                                                                                                                                                                                                                                        0x00bbcb4f
                                                                                                                                                                                                                                                        0x00bbcb5c
                                                                                                                                                                                                                                                        0x00bbcb6a
                                                                                                                                                                                                                                                        0x00bbcb72
                                                                                                                                                                                                                                                        0x00bbcb8f
                                                                                                                                                                                                                                                        0x00bbcb92
                                                                                                                                                                                                                                                        0x00bbcb99
                                                                                                                                                                                                                                                        0x00bbcb74
                                                                                                                                                                                                                                                        0x00bbcb74
                                                                                                                                                                                                                                                        0x00bbcb77
                                                                                                                                                                                                                                                        0x00bbcb7b
                                                                                                                                                                                                                                                        0x00bbcb7b
                                                                                                                                                                                                                                                        0x00bbcb72
                                                                                                                                                                                                                                                        0x00bbcb8e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000050,00000000,00000000,00000000,00000000), ref: 00BBCB2D
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001), ref: 00BBCB40
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBCB4F
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000050,00000000,00000000,00000000,00000000), ref: 00BBCB6A
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BBCB99
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide$freememsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3915892875-0
                                                                                                                                                                                                                                                        • Opcode ID: 9656188f7fbba72b51f02686ba54c8a4d548e61d252870f3dc6e6169045163d1
                                                                                                                                                                                                                                                        • Instruction ID: 0b8f63b7dd2fa9d526f3e9b94ccb7c2f072c5717efd9925a6fcbd11ab7c5a3f9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9656188f7fbba72b51f02686ba54c8a4d548e61d252870f3dc6e6169045163d1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C7110271A403156BE7305B659C46F7B7FA8DB41B60F240065F908AB2C0E6B16C04C7FA
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE12C0(void* __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				long _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t27 = 0x4df;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t30;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t20 = _a4;
                                                                                                                                                                                                                                                        					_t29 = __ecx;
                                                                                                                                                                                                                                                        					_t28 = GetCurrentProcess();
                                                                                                                                                                                                                                                        					if(_t20 == 0) {
                                                                                                                                                                                                                                                        						if(OpenProcessToken(_t28, 0xf01ff,  &_v24) == 0) {
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L6;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _t20, _t28,  &_v24, 0, 0, 2) != 0) {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							E00BC5200(_t14, _t29 + 0x30, _v24);
                                                                                                                                                                                                                                                        							_t27 = 0;
                                                                                                                                                                                                                                                        							 *((char*)(_t29 + 0x38)) = 1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							_t27 = GetLastError();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t30, _t26);
                                                                                                                                                                                                                                                        				return _t27;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00be12c9
                                                                                                                                                                                                                                                        0x00be12ce
                                                                                                                                                                                                                                                        0x00be12d5
                                                                                                                                                                                                                                                        0x00be12dc
                                                                                                                                                                                                                                                        0x00be12f4
                                                                                                                                                                                                                                                        0x00be12f7
                                                                                                                                                                                                                                                        0x00be12ff
                                                                                                                                                                                                                                                        0x00be1303
                                                                                                                                                                                                                                                        0x00be133e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1305
                                                                                                                                                                                                                                                        0x00be1320
                                                                                                                                                                                                                                                        0x00be1340
                                                                                                                                                                                                                                                        0x00be1346
                                                                                                                                                                                                                                                        0x00be134b
                                                                                                                                                                                                                                                        0x00be134d
                                                                                                                                                                                                                                                        0x00be1322
                                                                                                                                                                                                                                                        0x00be1322
                                                                                                                                                                                                                                                        0x00be1328
                                                                                                                                                                                                                                                        0x00be1328
                                                                                                                                                                                                                                                        0x00be1320
                                                                                                                                                                                                                                                        0x00be1303
                                                                                                                                                                                                                                                        0x00be12e3
                                                                                                                                                                                                                                                        0x00be12f1

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00BE21F1,?), ref: 00BE12F9
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE1305
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00BE21F1,00000000,?,00000000,00000000,00000002), ref: 00BE1318
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE1322
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,000F01FF,?), ref: 00BE1336
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$Current$DuplicateErrorHandleLastOpenToken
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1850537763-0
                                                                                                                                                                                                                                                        • Opcode ID: 23f6362555357bfc4a46a3d553482c0c16e9201de028ed3da6d049f993e961e4
                                                                                                                                                                                                                                                        • Instruction ID: 4f9d5c74e254ecb7a3049d5cd2ea408006bdbcc8bf39d3a3217872c18cb65694
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 23f6362555357bfc4a46a3d553482c0c16e9201de028ed3da6d049f993e961e4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AA11E171600285ABD7209B7ADC89FBB7BA8EF44340F600869EA0697280DF70EC04C724
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BE9180(intOrPtr* __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				intOrPtr _v8;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				void** __esi;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t22;
                                                                                                                                                                                                                                                        				intOrPtr* _t24;
                                                                                                                                                                                                                                                        				intOrPtr* _t34;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t52;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				intOrPtr* _t54;
                                                                                                                                                                                                                                                        				intOrPtr* _t55;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 = __ecx;
                                                                                                                                                                                                                                                        				_push(_t43);
                                                                                                                                                                                                                                                        				_t52 = __ecx;
                                                                                                                                                                                                                                                        				if(E00BCB550(__ecx) != 0) {
                                                                                                                                                                                                                                                        					WaitForSingleObject( *__esi, 0x32);
                                                                                                                                                                                                                                                        					TerminateProcess( *__esi, 1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t44 =  *((intOrPtr*)(_t52 + 0x20));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t52 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				if(_t44 != 0) {
                                                                                                                                                                                                                                                        					E00BE6A50(_t44);
                                                                                                                                                                                                                                                        					_push(_t44);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC3010(_t52 + 0x30);
                                                                                                                                                                                                                                                        				_t16 =  *(_t52 + 0x2c);
                                                                                                                                                                                                                                                        				if(_t16 != 0) {
                                                                                                                                                                                                                                                        					free(_t16);
                                                                                                                                                                                                                                                        					_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t45 =  *((intOrPtr*)(_t52 + 0x20));
                                                                                                                                                                                                                                                        				if(_t45 != 0) {
                                                                                                                                                                                                                                                        					_t16 = E00BE6A50(_t45);
                                                                                                                                                                                                                                                        					_push(_t45);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				_t34 = _t52;
                                                                                                                                                                                                                                                        				_pop(_t53);
                                                                                                                                                                                                                                                        				_pop(_t46);
                                                                                                                                                                                                                                                        				_pop(_t58);
                                                                                                                                                                                                                                                        				_t54 = _t34;
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t54 + 8)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t54 + 0xc)) = 0;
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				_t29 = _t54;
                                                                                                                                                                                                                                                        				_t52 = _t53;
                                                                                                                                                                                                                                                        				_t43 = _t46;
                                                                                                                                                                                                                                                        				_t57 = _t58;
                                                                                                                                                                                                                                                        				_push(_t57);
                                                                                                                                                                                                                                                        				_push(_t43);
                                                                                                                                                                                                                                                        				_push(_t52);
                                                                                                                                                                                                                                                        				_push(_t16);
                                                                                                                                                                                                                                                        				_t19 =  *_t29 + 1;
                                                                                                                                                                                                                                                        				if(_t19 >= 2) {
                                                                                                                                                                                                                                                        					_t55 = _t29;
                                                                                                                                                                                                                                                        					_t20 = E00BC50B0();
                                                                                                                                                                                                                                                        					_v28 =  *_t55;
                                                                                                                                                                                                                                                        					_t22 = E00BCAB90();
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t22 + 8))(_v28, _t55, _v8, _t20);
                                                                                                                                                                                                                                                        					_t24 = E00BCAB90();
                                                                                                                                                                                                                                                        					_t19 =  *((intOrPtr*)( *_t24))( *_t55);
                                                                                                                                                                                                                                                        					 *_t55 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t19;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00be9180
                                                                                                                                                                                                                                                        0x00be9183
                                                                                                                                                                                                                                                        0x00be9185
                                                                                                                                                                                                                                                        0x00be918e
                                                                                                                                                                                                                                                        0x00be9194
                                                                                                                                                                                                                                                        0x00be919e
                                                                                                                                                                                                                                                        0x00be919e
                                                                                                                                                                                                                                                        0x00be91a4
                                                                                                                                                                                                                                                        0x00be91a7
                                                                                                                                                                                                                                                        0x00be91b0
                                                                                                                                                                                                                                                        0x00be91b4
                                                                                                                                                                                                                                                        0x00be91b9
                                                                                                                                                                                                                                                        0x00be91ba
                                                                                                                                                                                                                                                        0x00be91bf
                                                                                                                                                                                                                                                        0x00be91bf
                                                                                                                                                                                                                                                        0x00be91c5
                                                                                                                                                                                                                                                        0x00be91ca
                                                                                                                                                                                                                                                        0x00be91cf
                                                                                                                                                                                                                                                        0x00be91d2
                                                                                                                                                                                                                                                        0x00be91d8
                                                                                                                                                                                                                                                        0x00be91d8
                                                                                                                                                                                                                                                        0x00be91db
                                                                                                                                                                                                                                                        0x00be91e0
                                                                                                                                                                                                                                                        0x00be91e4
                                                                                                                                                                                                                                                        0x00be91e9
                                                                                                                                                                                                                                                        0x00be91ea
                                                                                                                                                                                                                                                        0x00be91ef
                                                                                                                                                                                                                                                        0x00be91ef
                                                                                                                                                                                                                                                        0x00be91f5
                                                                                                                                                                                                                                                        0x00be91fd
                                                                                                                                                                                                                                                        0x00be9205
                                                                                                                                                                                                                                                        0x00be920a
                                                                                                                                                                                                                                                        0x00be920c
                                                                                                                                                                                                                                                        0x00be920d
                                                                                                                                                                                                                                                        0x00be920e
                                                                                                                                                                                                                                                        0x00bcb515
                                                                                                                                                                                                                                                        0x00bcb517
                                                                                                                                                                                                                                                        0x00bcb521
                                                                                                                                                                                                                                                        0x00bcb528
                                                                                                                                                                                                                                                        0x00bcb52f
                                                                                                                                                                                                                                                        0x00bcb536
                                                                                                                                                                                                                                                        0x00bcb53b
                                                                                                                                                                                                                                                        0x00bcb53d
                                                                                                                                                                                                                                                        0x00bcb53e
                                                                                                                                                                                                                                                        0x00bcb53f
                                                                                                                                                                                                                                                        0x00bc51b0
                                                                                                                                                                                                                                                        0x00bc51b4
                                                                                                                                                                                                                                                        0x00bc51b5
                                                                                                                                                                                                                                                        0x00bc51b6
                                                                                                                                                                                                                                                        0x00bc51b9
                                                                                                                                                                                                                                                        0x00bc51bd
                                                                                                                                                                                                                                                        0x00bc51c7
                                                                                                                                                                                                                                                        0x00bc51c9
                                                                                                                                                                                                                                                        0x00bc51d5
                                                                                                                                                                                                                                                        0x00bc51d8
                                                                                                                                                                                                                                                        0x00bc51e7
                                                                                                                                                                                                                                                        0x00bc51ec
                                                                                                                                                                                                                                                        0x00bc51f6
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51c6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,00000032,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE9194
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000001,?,00BE5934,?,00BCCFC5), ref: 00BE919E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE91BA
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE91D2
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE91EA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$ObjectProcessSingleTerminateWaitfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 800840640-0
                                                                                                                                                                                                                                                        • Opcode ID: 76262a97d36e4a5f73b0868a274f2e4f8cdbd8f0bd9ff4eafb9a6353459b527b
                                                                                                                                                                                                                                                        • Instruction ID: bcd6ebdb0302c3d7006669e7fe87bb1b965a8e0561908749d50828e5c2faeec5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76262a97d36e4a5f73b0868a274f2e4f8cdbd8f0bd9ff4eafb9a6353459b527b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 610196751006405BD634FB21D85AF7A73E5BF90B00B4809ACF583636A1EF61F908D692
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BC05D0(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				intOrPtr _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t23;
                                                                                                                                                                                                                                                        				intOrPtr* _t24;
                                                                                                                                                                                                                                                        				intOrPtr* _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t26;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t26 = _a4;
                                                                                                                                                                                                                                                        				_t23 = _a12;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0xc)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 8)) = 0;
                                                                                                                                                                                                                                                        				_t25 = _t26 + 0x14;
                                                                                                                                                                                                                                                        				_t17 =  *((intOrPtr*)( *[fs:0x18] + 0x24));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x10)) = _t17;
                                                                                                                                                                                                                                                        				if(_t23 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t25 + 4)) = 0;
                                                                                                                                                                                                                                                        					 *_t25 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_push(_t25);
                                                                                                                                                                                                                                                        					_push(_t23);
                                                                                                                                                                                                                                                        					_push(1);
                                                                                                                                                                                                                                                        					L00BEF720();
                                                                                                                                                                                                                                                        					if(_t17 < 0) {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x24)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x2c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x30)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t26 + 0x28)) = 4;
                                                                                                                                                                                                                                                        				L00BEF74A();
                                                                                                                                                                                                                                                        				L00BEF70E();
                                                                                                                                                                                                                                                        				_t24 =  *0xbfa040; // 0xbfa048
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t24))(_a8, _t23, 0xbfa7c8, _t26);
                                                                                                                                                                                                                                                        				_push(0xbfa7c8);
                                                                                                                                                                                                                                                        				L00BEF75C();
                                                                                                                                                                                                                                                        				_push(_t26 + 8);
                                                                                                                                                                                                                                                        				L00BEF74A();
                                                                                                                                                                                                                                                        				return _t26;
                                                                                                                                                                                                                                                        			}








                                                                                                                                                                                                                                                        0x00bc05d6
                                                                                                                                                                                                                                                        0x00bc05d9
                                                                                                                                                                                                                                                        0x00bc05dc
                                                                                                                                                                                                                                                        0x00bc05e3
                                                                                                                                                                                                                                                        0x00bc05ea
                                                                                                                                                                                                                                                        0x00bc05f5
                                                                                                                                                                                                                                                        0x00bc05f8
                                                                                                                                                                                                                                                        0x00bc05fb
                                                                                                                                                                                                                                                        0x00bc060a
                                                                                                                                                                                                                                                        0x00bc060a
                                                                                                                                                                                                                                                        0x00bc0611
                                                                                                                                                                                                                                                        0x00bc05fd
                                                                                                                                                                                                                                                        0x00bc05fd
                                                                                                                                                                                                                                                        0x00bc05fe
                                                                                                                                                                                                                                                        0x00bc05ff
                                                                                                                                                                                                                                                        0x00bc0601
                                                                                                                                                                                                                                                        0x00bc0608
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0608
                                                                                                                                                                                                                                                        0x00bc0617
                                                                                                                                                                                                                                                        0x00bc061e
                                                                                                                                                                                                                                                        0x00bc0625
                                                                                                                                                                                                                                                        0x00bc062c
                                                                                                                                                                                                                                                        0x00bc0633
                                                                                                                                                                                                                                                        0x00bc063a
                                                                                                                                                                                                                                                        0x00bc0642
                                                                                                                                                                                                                                                        0x00bc064c
                                                                                                                                                                                                                                                        0x00bc0651
                                                                                                                                                                                                                                                        0x00bc065d
                                                                                                                                                                                                                                                        0x00bc065f
                                                                                                                                                                                                                                                        0x00bc0664
                                                                                                                                                                                                                                                        0x00bc066e
                                                                                                                                                                                                                                                        0x00bc066f
                                                                                                                                                                                                                                                        0x00bc067a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlDuplicateUnicodeString.NTDLL(00000001,?,?), ref: 00BC0601
                                                                                                                                                                                                                                                        • RtlQueryPerformanceCounter.NTDLL(?), ref: 00BC0642
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockShared.NTDLL(00BFA7C8), ref: 00BC064C
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockShared.NTDLL(00BFA7C8), ref: 00BC0664
                                                                                                                                                                                                                                                        • RtlQueryPerformanceCounter.NTDLL(?), ref: 00BC066F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CounterLockPerformanceQueryShared$AcquireDuplicateReleaseStringUnicode
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4293362968-0
                                                                                                                                                                                                                                                        • Opcode ID: 165fca6a74e521cbcd7d898b1315f05f48a9e400f7c5a7fb5253713731fb6182
                                                                                                                                                                                                                                                        • Instruction ID: 588ca8e4ec34ab981878831a093008be088920bd5088ca004ceed737ceec6101
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 165fca6a74e521cbcd7d898b1315f05f48a9e400f7c5a7fb5253713731fb6182
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 86111BB02007559FE320AF66D895F57BBF8FF84758F00456CE5498B690C7B9E808CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCB5B0(void* __ecx, intOrPtr __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t24 = __edx;
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t8 ^ _t27;
                                                                                                                                                                                                                                                        				if(__ecx == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t17 = 1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t25 = __ecx;
                                                                                                                                                                                                                                                        					_v28 = __edx;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					_t12 = GetCurrentProcess();
                                                                                                                                                                                                                                                        					if(DuplicateHandle(GetCurrentProcess(), _t25, _t12,  &_v24, 0, 0, 2) != 0) {
                                                                                                                                                                                                                                                        						E00BC5200(_t14, _v28, _v24);
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						SetLastError(GetLastError());
                                                                                                                                                                                                                                                        						_t17 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t27, _t24);
                                                                                                                                                                                                                                                        				return _t17;
                                                                                                                                                                                                                                                        			}











                                                                                                                                                                                                                                                        0x00bcb5b0
                                                                                                                                                                                                                                                        0x00bcb5b9
                                                                                                                                                                                                                                                        0x00bcb5c2
                                                                                                                                                                                                                                                        0x00bcb5c5
                                                                                                                                                                                                                                                        0x00bcb624
                                                                                                                                                                                                                                                        0x00bcb624
                                                                                                                                                                                                                                                        0x00bcb5c7
                                                                                                                                                                                                                                                        0x00bcb5cd
                                                                                                                                                                                                                                                        0x00bcb5cf
                                                                                                                                                                                                                                                        0x00bcb5d2
                                                                                                                                                                                                                                                        0x00bcb5d9
                                                                                                                                                                                                                                                        0x00bcb5f4
                                                                                                                                                                                                                                                        0x00bcb61f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb5f6
                                                                                                                                                                                                                                                        0x00bcb5fd
                                                                                                                                                                                                                                                        0x00bcb603
                                                                                                                                                                                                                                                        0x00bcb603
                                                                                                                                                                                                                                                        0x00bcb5f4
                                                                                                                                                                                                                                                        0x00bcb60a
                                                                                                                                                                                                                                                        0x00bcb618

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BCB5D9
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BCB5DD
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000002), ref: 00BCB5EC
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00000000,00000000,00000000,00000000,00000002), ref: 00BCB5F6
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000002), ref: 00BCB5FD
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CurrentErrorLastProcess$DuplicateHandle
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 49493922-0
                                                                                                                                                                                                                                                        • Opcode ID: 76370a1596560cdbcc4c45315465d0a90303c32e3485aeed87d5a903978fe1c9
                                                                                                                                                                                                                                                        • Instruction ID: d2d85355b6b4cfe108e7c2036ea309b2d392264fa1c32332e4da6102555a5d30
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76370a1596560cdbcc4c45315465d0a90303c32e3485aeed87d5a903978fe1c9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6F012C71A442099BDB149BF5EC4AFBFBBA8EF88304F100479E605A7290DE609904CAA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 86%
                                                                                                                                                                                                                                                        			E00BD29D0(signed int __edx, wchar_t* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				short _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				short _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				short _v60;
                                                                                                                                                                                                                                                        				char _v76;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				char _v84;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				short _v96;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				intOrPtr _v104;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				char* _v112;
                                                                                                                                                                                                                                                        				short _v116;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				void* _t107;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				int _t120;
                                                                                                                                                                                                                                                        				void* _t126;
                                                                                                                                                                                                                                                        				wchar_t* _t127;
                                                                                                                                                                                                                                                        				intOrPtr* _t129;
                                                                                                                                                                                                                                                        				intOrPtr _t147;
                                                                                                                                                                                                                                                        				signed int _t153;
                                                                                                                                                                                                                                                        				signed int _t156;
                                                                                                                                                                                                                                                        				intOrPtr _t158;
                                                                                                                                                                                                                                                        				char* _t160;
                                                                                                                                                                                                                                                        				char* _t162;
                                                                                                                                                                                                                                                        				void* _t163;
                                                                                                                                                                                                                                                        				intOrPtr* _t164;
                                                                                                                                                                                                                                                        				intOrPtr _t165;
                                                                                                                                                                                                                                                        				signed int _t167;
                                                                                                                                                                                                                                                        				intOrPtr _t168;
                                                                                                                                                                                                                                                        				void* _t172;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t154 = __edx;
                                                                                                                                                                                                                                                        				_t93 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t127 = _a4;
                                                                                                                                                                                                                                                        				_t156 = 2;
                                                                                                                                                                                                                                                        				_v20 = _t93 ^ _t167;
                                                                                                                                                                                                                                                        				if(_t127 != 0) {
                                                                                                                                                                                                                                                        					_t164 = _t129;
                                                                                                                                                                                                                                                        					_t95 = 7;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					if(_a8 == 0) {
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_v56 = _t95;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						E00BBA740( &_v76, _t127);
                                                                                                                                                                                                                                                        						_t99 = E00BBDF30(E00BD2C90( &_v84, _t164,  &_v84,  &_v76),  &_v76, _t154);
                                                                                                                                                                                                                                                        						_t158 = _v84;
                                                                                                                                                                                                                                                        						if(_t158 !=  *_t164) {
                                                                                                                                                                                                                                                        							if(_a8 == 0) {
                                                                                                                                                                                                                                                        								_t165 =  *((intOrPtr*)(_t158 + 0x28));
                                                                                                                                                                                                                                                        								E00BD3F10(_t99, _t158 + 0x28, _t154,  *((intOrPtr*)(_t165 + 4)));
                                                                                                                                                                                                                                                        								 *((intOrPtr*)( *((intOrPtr*)(_t158 + 0x28)) + 4)) = _t165;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)( *((intOrPtr*)(_t158 + 0x28)))) = _t165;
                                                                                                                                                                                                                                                        								_t99 =  *((intOrPtr*)(_t158 + 0x28));
                                                                                                                                                                                                                                                        								 *((intOrPtr*)( *((intOrPtr*)(_t158 + 0x28)) + 8)) = _t165;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t158 + 0x2c)) = 0;
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t156 = 0;
                                                                                                                                                                                                                                                        								L18:
                                                                                                                                                                                                                                                        								E00BBDF30(_t99,  &_v44, _t154);
                                                                                                                                                                                                                                                        								goto L1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t158 + 0x2c)) == 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t154 =  &_v44;
                                                                                                                                                                                                                                                        							_v108 = _v92;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t168 - 0x10)) =  &_v76;
                                                                                                                                                                                                                                                        							_t138 = _t158 + 0x28;
                                                                                                                                                                                                                                                        							_v112 =  &_v44;
                                                                                                                                                                                                                                                        							L16:
                                                                                                                                                                                                                                                        							_v116 = 0;
                                                                                                                                                                                                                                                        							_t99 = E00BD3C40(_t138);
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_v96 = 0;
                                                                                                                                                                                                                                                        						_t107 = E00BD3710(1);
                                                                                                                                                                                                                                                        						_t160 =  &_v76;
                                                                                                                                                                                                                                                        						 *_t107 = _t107;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t107 + 4)) = _t107;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t107 + 8)) = _t107;
                                                                                                                                                                                                                                                        						 *((short*)(_t107 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        						_v100 = _t107;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v56 = 7;
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						E00BBA740(_t160, _t127);
                                                                                                                                                                                                                                                        						_v52 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_t110 = E00BD3710(1);
                                                                                                                                                                                                                                                        						 *_t110 = _t110;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t110 + 4)) = _t110;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t110 + 8)) = _t110;
                                                                                                                                                                                                                                                        						 *((short*)(_t110 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        						_v100 = _t110;
                                                                                                                                                                                                                                                        						_v52 = _v100;
                                                                                                                                                                                                                                                        						_v48 = _v96;
                                                                                                                                                                                                                                                        						_t154 =  &_v92;
                                                                                                                                                                                                                                                        						_v96 = _v48;
                                                                                                                                                                                                                                                        						E00BD3920(_t164,  &_v92, _t160);
                                                                                                                                                                                                                                                        						_t114 = E00BD3770( &_v52,  &_v80,  *_v52, _v52);
                                                                                                                                                                                                                                                        						_push(0x28);
                                                                                                                                                                                                                                                        						_push(_v52);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						E00BBDF30(_t114, _t160,  &_v92);
                                                                                                                                                                                                                                                        						_t99 = E00BD3770( &_v100,  &_v80,  *_v100, _v100);
                                                                                                                                                                                                                                                        						_push(0x28);
                                                                                                                                                                                                                                                        						_push(_v100);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t172 = _t168 + 0x14;
                                                                                                                                                                                                                                                        						_t147 = _v92;
                                                                                                                                                                                                                                                        						_v84 = _t147;
                                                                                                                                                                                                                                                        						if(_a8 == 0) {
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t138 = _t147 + 0x28;
                                                                                                                                                                                                                                                        						_t154 =  &_v44;
                                                                                                                                                                                                                                                        						_v108 = _v100;
                                                                                                                                                                                                                                                        						_v112 =  &_v44;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t172 - 0x10)) = _t160;
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BBA740( &_v44, _a8);
                                                                                                                                                                                                                                                        					_v56 = 7;
                                                                                                                                                                                                                                                        					_t162 =  &_v76;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_v76 = 0;
                                                                                                                                                                                                                                                        					E00BBA740(_t162, "Key");
                                                                                                                                                                                                                                                        					_t120 = wcslen(_t127);
                                                                                                                                                                                                                                                        					_t168 = _t168 + 4;
                                                                                                                                                                                                                                                        					if(_v60 != _t120) {
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						E00BBDF30(_t120,  &_v76, _t154);
                                                                                                                                                                                                                                                        						_t95 = 7;
                                                                                                                                                                                                                                                        						goto L13;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t120 == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						E00BBDF30(_t120,  &_v76, _t154);
                                                                                                                                                                                                                                                        						_v104 = _t168;
                                                                                                                                                                                                                                                        						_t163 = _t168 - 0x1c;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t163 + 0x10)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t163 + 0x14)) = 0;
                                                                                                                                                                                                                                                        						E00BC1CE0(_t163,  &_v44);
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t163 + 0x18)) =  &_v44;
                                                                                                                                                                                                                                                        						_t126 = E00BEA340();
                                                                                                                                                                                                                                                        						_t156 = 2;
                                                                                                                                                                                                                                                        						_t168 = _v104;
                                                                                                                                                                                                                                                        						_t95 = 7;
                                                                                                                                                                                                                                                        						if(_t126 != 0) {
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_v56 > 7) {
                                                                                                                                                                                                                                                        						_t162 = _v76;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t153 = 0;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t154 =  *(_t162 + _t153 * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        						if(( *(_t162 + _t153 * 2) & 0x0000ffff) !=  *((intOrPtr*)(_t127 + _t153 * 2))) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t153 = _t153 + 1;
                                                                                                                                                                                                                                                        						if(_t120 != _t153) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t167, _t154);
                                                                                                                                                                                                                                                        				return _t156;
                                                                                                                                                                                                                                                        			}











































                                                                                                                                                                                                                                                        0x00bd29d0
                                                                                                                                                                                                                                                        0x00bd29d9
                                                                                                                                                                                                                                                        0x00bd29de
                                                                                                                                                                                                                                                        0x00bd29e1
                                                                                                                                                                                                                                                        0x00bd29ea
                                                                                                                                                                                                                                                        0x00bd29ed
                                                                                                                                                                                                                                                        0x00bd2a09
                                                                                                                                                                                                                                                        0x00bd2a0b
                                                                                                                                                                                                                                                        0x00bd2a10
                                                                                                                                                                                                                                                        0x00bd2a17
                                                                                                                                                                                                                                                        0x00bd2a1e
                                                                                                                                                                                                                                                        0x00bd2a24
                                                                                                                                                                                                                                                        0x00bd2ae9
                                                                                                                                                                                                                                                        0x00bd2aec
                                                                                                                                                                                                                                                        0x00bd2aef
                                                                                                                                                                                                                                                        0x00bd2af6
                                                                                                                                                                                                                                                        0x00bd2aff
                                                                                                                                                                                                                                                        0x00bd2b12
                                                                                                                                                                                                                                                        0x00bd2b17
                                                                                                                                                                                                                                                        0x00bd2b1c
                                                                                                                                                                                                                                                        0x00bd2c3d
                                                                                                                                                                                                                                                        0x00bd2c60
                                                                                                                                                                                                                                                        0x00bd2c69
                                                                                                                                                                                                                                                        0x00bd2c71
                                                                                                                                                                                                                                                        0x00bd2c77
                                                                                                                                                                                                                                                        0x00bd2c79
                                                                                                                                                                                                                                                        0x00bd2c7c
                                                                                                                                                                                                                                                        0x00bd2c7f
                                                                                                                                                                                                                                                        0x00bd2c27
                                                                                                                                                                                                                                                        0x00bd2c27
                                                                                                                                                                                                                                                        0x00bd2c29
                                                                                                                                                                                                                                                        0x00bd2c2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c2c
                                                                                                                                                                                                                                                        0x00bd2c43
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c4e
                                                                                                                                                                                                                                                        0x00bd2c51
                                                                                                                                                                                                                                                        0x00bd2c55
                                                                                                                                                                                                                                                        0x00bd2c58
                                                                                                                                                                                                                                                        0x00bd2c5a
                                                                                                                                                                                                                                                        0x00bd2c1a
                                                                                                                                                                                                                                                        0x00bd2c1a
                                                                                                                                                                                                                                                        0x00bd2c22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c22
                                                                                                                                                                                                                                                        0x00bd2b25
                                                                                                                                                                                                                                                        0x00bd2b2c
                                                                                                                                                                                                                                                        0x00bd2b35
                                                                                                                                                                                                                                                        0x00bd2b3a
                                                                                                                                                                                                                                                        0x00bd2b3d
                                                                                                                                                                                                                                                        0x00bd2b3f
                                                                                                                                                                                                                                                        0x00bd2b42
                                                                                                                                                                                                                                                        0x00bd2b45
                                                                                                                                                                                                                                                        0x00bd2b4b
                                                                                                                                                                                                                                                        0x00bd2b53
                                                                                                                                                                                                                                                        0x00bd2b5c
                                                                                                                                                                                                                                                        0x00bd2b5f
                                                                                                                                                                                                                                                        0x00bd2b66
                                                                                                                                                                                                                                                        0x00bd2b6e
                                                                                                                                                                                                                                                        0x00bd2b75
                                                                                                                                                                                                                                                        0x00bd2b80
                                                                                                                                                                                                                                                        0x00bd2b85
                                                                                                                                                                                                                                                        0x00bd2b87
                                                                                                                                                                                                                                                        0x00bd2b8a
                                                                                                                                                                                                                                                        0x00bd2b8d
                                                                                                                                                                                                                                                        0x00bd2b99
                                                                                                                                                                                                                                                        0x00bd2b9c
                                                                                                                                                                                                                                                        0x00bd2ba4
                                                                                                                                                                                                                                                        0x00bd2ba7
                                                                                                                                                                                                                                                        0x00bd2baa
                                                                                                                                                                                                                                                        0x00bd2bae
                                                                                                                                                                                                                                                        0x00bd2bc2
                                                                                                                                                                                                                                                        0x00bd2bc7
                                                                                                                                                                                                                                                        0x00bd2bc9
                                                                                                                                                                                                                                                        0x00bd2bcc
                                                                                                                                                                                                                                                        0x00bd2bd6
                                                                                                                                                                                                                                                        0x00bd2be5
                                                                                                                                                                                                                                                        0x00bd2bea
                                                                                                                                                                                                                                                        0x00bd2bec
                                                                                                                                                                                                                                                        0x00bd2bef
                                                                                                                                                                                                                                                        0x00bd2bf4
                                                                                                                                                                                                                                                        0x00bd2bf7
                                                                                                                                                                                                                                                        0x00bd2bfe
                                                                                                                                                                                                                                                        0x00bd2c01
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c03
                                                                                                                                                                                                                                                        0x00bd2c0c
                                                                                                                                                                                                                                                        0x00bd2c0f
                                                                                                                                                                                                                                                        0x00bd2c13
                                                                                                                                                                                                                                                        0x00bd2c17
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c17
                                                                                                                                                                                                                                                        0x00bd2a35
                                                                                                                                                                                                                                                        0x00bd2a3a
                                                                                                                                                                                                                                                        0x00bd2a3d
                                                                                                                                                                                                                                                        0x00bd2a40
                                                                                                                                                                                                                                                        0x00bd2a47
                                                                                                                                                                                                                                                        0x00bd2a54
                                                                                                                                                                                                                                                        0x00bd2a5a
                                                                                                                                                                                                                                                        0x00bd2a5f
                                                                                                                                                                                                                                                        0x00bd2a65
                                                                                                                                                                                                                                                        0x00bd2adc
                                                                                                                                                                                                                                                        0x00bd2adf
                                                                                                                                                                                                                                                        0x00bd2ae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2ae4
                                                                                                                                                                                                                                                        0x00bd2a69
                                                                                                                                                                                                                                                        0x00bd2a8f
                                                                                                                                                                                                                                                        0x00bd2a92
                                                                                                                                                                                                                                                        0x00bd2a97
                                                                                                                                                                                                                                                        0x00bd2a9d
                                                                                                                                                                                                                                                        0x00bd2aa2
                                                                                                                                                                                                                                                        0x00bd2aa9
                                                                                                                                                                                                                                                        0x00bd2ab3
                                                                                                                                                                                                                                                        0x00bd2abb
                                                                                                                                                                                                                                                        0x00bd2abe
                                                                                                                                                                                                                                                        0x00bd2ac6
                                                                                                                                                                                                                                                        0x00bd2acb
                                                                                                                                                                                                                                                        0x00bd2ad0
                                                                                                                                                                                                                                                        0x00bd2ad5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2ad7
                                                                                                                                                                                                                                                        0x00bd2a6f
                                                                                                                                                                                                                                                        0x00bd2a71
                                                                                                                                                                                                                                                        0x00bd2a71
                                                                                                                                                                                                                                                        0x00bd2a74
                                                                                                                                                                                                                                                        0x00bd2a76
                                                                                                                                                                                                                                                        0x00bd2a80
                                                                                                                                                                                                                                                        0x00bd2a80
                                                                                                                                                                                                                                                        0x00bd2a88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2a8a
                                                                                                                                                                                                                                                        0x00bd2a8d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2a8d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2a80
                                                                                                                                                                                                                                                        0x00bd29ef
                                                                                                                                                                                                                                                        0x00bd29f4
                                                                                                                                                                                                                                                        0x00bd2a02

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?,Key,00000000), ref: 00BD2A5A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcslen
                                                                                                                                                                                                                                                        • String ID: Key
                                                                                                                                                                                                                                                        • API String ID: 4088430540-3000888649
                                                                                                                                                                                                                                                        • Opcode ID: 0a9e1b46d02ffd987b35b2779d455db89a8611bb5abf627a2656855bd5ae8cde
                                                                                                                                                                                                                                                        • Instruction ID: 66970f848091dedacbbd36f18b80b7918a935dec94b2f0367fc311a01de7c70c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0a9e1b46d02ffd987b35b2779d455db89a8611bb5abf627a2656855bd5ae8cde
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BD8147B0D102489FCB14DF94C885BEDBBF5FF58314F0880AAE409AB351EB74A949CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 56%
                                                                                                                                                                                                                                                        			E00BBCE10(char* __ecx, intOrPtr* __edx) {
                                                                                                                                                                                                                                                        				int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t49;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				intOrPtr _t56;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int _t68;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				int _t73;
                                                                                                                                                                                                                                                        				signed int _t75;
                                                                                                                                                                                                                                                        				intOrPtr* _t85;
                                                                                                                                                                                                                                                        				signed char* _t86;
                                                                                                                                                                                                                                                        				char* _t87;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				 *(__ecx + 8) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 0xc) = 0;
                                                                                                                                                                                                                                                        				_t85 = __edx;
                                                                                                                                                                                                                                                        				_t87 = __ecx;
                                                                                                                                                                                                                                                        				_t72 =  *__edx;
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				if(_t72 == 0) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					 *_t87 = 0;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t87 + 8)) = _t85;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t87 + 4)) = _t46 - _t85;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t56 = __imp__?gTwoCharEscapes@detail@mozilla@@3QBDB;
                                                                                                                                                                                                                                                        					_t49 = __edx;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						if( *((char*)(_t56 + (_t72 & 0x000000ff))) != 0) {
                                                                                                                                                                                                                                                        							_v20 = _v20 + 1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(_t72 < 0x20) {
                                                                                                                                                                                                                                                        								_v20 = _v20 + 5;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t72 =  *(_t49 + 1) & 0x000000ff;
                                                                                                                                                                                                                                                        						_t49 = _t49 + 1;
                                                                                                                                                                                                                                                        					} while (_t72 != 0);
                                                                                                                                                                                                                                                        					_t73 = _v20;
                                                                                                                                                                                                                                                        					if(_t73 != 0) {
                                                                                                                                                                                                                                                        						_t50 = _t49 - _t85;
                                                                                                                                                                                                                                                        						 *_t87 = 1;
                                                                                                                                                                                                                                                        						_t15 = _t50 + 1; // 0x1
                                                                                                                                                                                                                                                        						_t51 = _t73 + _t15;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t87 + 4)) = _t73 + _t49 - _t85;
                                                                                                                                                                                                                                                        						_v20 = _t51;
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(_t51);
                                                                                                                                                                                                                                                        						_v24 = _t51;
                                                                                                                                                                                                                                                        						memset(_t51, 0, _v20);
                                                                                                                                                                                                                                                        						_t53 =  *(_t87 + 0xc);
                                                                                                                                                                                                                                                        						 *(_t87 + 0xc) = _v24;
                                                                                                                                                                                                                                                        						if(_t53 != 0) {
                                                                                                                                                                                                                                                        							free(_t53);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t61 =  *_t85;
                                                                                                                                                                                                                                                        						if(_t61 == 0) {
                                                                                                                                                                                                                                                        							_t54 = 0;
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t86 = _t85 + 1;
                                                                                                                                                                                                                                                        							_t55 = 0;
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								_t75 =  *(_t56 + (_t61 & 0x000000ff)) & 0x000000ff;
                                                                                                                                                                                                                                                        								if(_t75 != 0) {
                                                                                                                                                                                                                                                        									 *( *(_t87 + 0xc) + _t55) = 0x5c;
                                                                                                                                                                                                                                                        									_t55 = _t55 + 1;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t61 > 0x1f) {
                                                                                                                                                                                                                                                        										_t75 = _t61;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t68 = (_t61 & 0x0000000f) >> 0x00000004 | 0x00000030;
                                                                                                                                                                                                                                                        										 *((char*)( *(_t87 + 0xc) + _t54)) = 0x5c;
                                                                                                                                                                                                                                                        										 *((char*)(_t54 +  *(_t87 + 0xc) + 1)) = 0x75;
                                                                                                                                                                                                                                                        										 *((char*)(_t54 +  *(_t87 + 0xc) + 2)) = 0x30;
                                                                                                                                                                                                                                                        										 *((char*)(_t54 +  *(_t87 + 0xc) + 3)) = 0x30;
                                                                                                                                                                                                                                                        										 *(_t54 +  *(_t87 + 0xc) + 4) = _t68;
                                                                                                                                                                                                                                                        										_t55 = _t54 + 5;
                                                                                                                                                                                                                                                        										_v20 = (_t68 | 0x00000030) & 0x000000ff;
                                                                                                                                                                                                                                                        										_t75 =  <  ? _v20 : _t68 + 0x00000057 & 0x000000ff;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								 *( *(_t87 + 0xc) + _t55) = _t75;
                                                                                                                                                                                                                                                        								_t54 = _t55 + 1;
                                                                                                                                                                                                                                                        								_t61 =  *_t86 & 0x000000ff;
                                                                                                                                                                                                                                                        								_t86 =  &(_t86[1]);
                                                                                                                                                                                                                                                        							} while (_t61 != 0);
                                                                                                                                                                                                                                                        							L21:
                                                                                                                                                                                                                                                        							 *((char*)( *(_t87 + 0xc) + _t54)) = 0;
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							return _t87;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bbce19
                                                                                                                                                                                                                                                        0x00bbce20
                                                                                                                                                                                                                                                        0x00bbce27
                                                                                                                                                                                                                                                        0x00bbce29
                                                                                                                                                                                                                                                        0x00bbce2b
                                                                                                                                                                                                                                                        0x00bbce2d
                                                                                                                                                                                                                                                        0x00bbce31
                                                                                                                                                                                                                                                        0x00bbce6e
                                                                                                                                                                                                                                                        0x00bbce70
                                                                                                                                                                                                                                                        0x00bbce73
                                                                                                                                                                                                                                                        0x00bbce76
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbce33
                                                                                                                                                                                                                                                        0x00bbce33
                                                                                                                                                                                                                                                        0x00bbce39
                                                                                                                                                                                                                                                        0x00bbce3b
                                                                                                                                                                                                                                                        0x00bbce42
                                                                                                                                                                                                                                                        0x00bbce50
                                                                                                                                                                                                                                                        0x00bbce57
                                                                                                                                                                                                                                                        0x00bbce83
                                                                                                                                                                                                                                                        0x00bbce59
                                                                                                                                                                                                                                                        0x00bbce5c
                                                                                                                                                                                                                                                        0x00bbce88
                                                                                                                                                                                                                                                        0x00bbce88
                                                                                                                                                                                                                                                        0x00bbce5c
                                                                                                                                                                                                                                                        0x00bbce5e
                                                                                                                                                                                                                                                        0x00bbce62
                                                                                                                                                                                                                                                        0x00bbce63
                                                                                                                                                                                                                                                        0x00bbce67
                                                                                                                                                                                                                                                        0x00bbce6c
                                                                                                                                                                                                                                                        0x00bbce8e
                                                                                                                                                                                                                                                        0x00bbce90
                                                                                                                                                                                                                                                        0x00bbce96
                                                                                                                                                                                                                                                        0x00bbce96
                                                                                                                                                                                                                                                        0x00bbce9a
                                                                                                                                                                                                                                                        0x00bbce9d
                                                                                                                                                                                                                                                        0x00bbcea1
                                                                                                                                                                                                                                                        0x00bbceaa
                                                                                                                                                                                                                                                        0x00bbceb3
                                                                                                                                                                                                                                                        0x00bbcebb
                                                                                                                                                                                                                                                        0x00bbcec3
                                                                                                                                                                                                                                                        0x00bbcec6
                                                                                                                                                                                                                                                        0x00bbcec9
                                                                                                                                                                                                                                                        0x00bbcecf
                                                                                                                                                                                                                                                        0x00bbced2
                                                                                                                                                                                                                                                        0x00bbced6
                                                                                                                                                                                                                                                        0x00bbcf5c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbcedc
                                                                                                                                                                                                                                                        0x00bbcedc
                                                                                                                                                                                                                                                        0x00bbcedd
                                                                                                                                                                                                                                                        0x00bbcef8
                                                                                                                                                                                                                                                        0x00bbcefb
                                                                                                                                                                                                                                                        0x00bbcf01
                                                                                                                                                                                                                                                        0x00bbcee4
                                                                                                                                                                                                                                                        0x00bbcee8
                                                                                                                                                                                                                                                        0x00bbcf03
                                                                                                                                                                                                                                                        0x00bbcf06
                                                                                                                                                                                                                                                        0x00bbcf58
                                                                                                                                                                                                                                                        0x00bbcf08
                                                                                                                                                                                                                                                        0x00bbcf13
                                                                                                                                                                                                                                                        0x00bbcf16
                                                                                                                                                                                                                                                        0x00bbcf1d
                                                                                                                                                                                                                                                        0x00bbcf25
                                                                                                                                                                                                                                                        0x00bbcf2d
                                                                                                                                                                                                                                                        0x00bbcf35
                                                                                                                                                                                                                                                        0x00bbcf3d
                                                                                                                                                                                                                                                        0x00bbcf4c
                                                                                                                                                                                                                                                        0x00bbcf52
                                                                                                                                                                                                                                                        0x00bbcf52
                                                                                                                                                                                                                                                        0x00bbcf06
                                                                                                                                                                                                                                                        0x00bbceec
                                                                                                                                                                                                                                                        0x00bbceef
                                                                                                                                                                                                                                                        0x00bbcef0
                                                                                                                                                                                                                                                        0x00bbcef3
                                                                                                                                                                                                                                                        0x00bbcef4
                                                                                                                                                                                                                                                        0x00bbcf5e
                                                                                                                                                                                                                                                        0x00bbcf61
                                                                                                                                                                                                                                                        0x00bbce79
                                                                                                                                                                                                                                                        0x00bbce82
                                                                                                                                                                                                                                                        0x00bbce82
                                                                                                                                                                                                                                                        0x00bbced6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbce6c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: freememsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: type
                                                                                                                                                                                                                                                        • API String ID: 582819960-2363381545
                                                                                                                                                                                                                                                        • Opcode ID: 4b32f18777aa7284d706a4bdd54eae2cff044d028e7e6b5660b1441252afa652
                                                                                                                                                                                                                                                        • Instruction ID: e69ed4c6d65bead242b9016b95c8f173216f7982d48ca3e3267c6c423234a836
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4b32f18777aa7284d706a4bdd54eae2cff044d028e7e6b5660b1441252afa652
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3741AF70504655CFE721CB28C894BB7FFE6EF46304F18C59AD8998B742D3B6A809CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                                                                                                                        			E00BC48F0(intOrPtr _a4, void* _a8, signed short _a12) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				intOrPtr _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				void _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				intOrPtr* _t47;
                                                                                                                                                                                                                                                        				intOrPtr _t48;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				signed int _t63;
                                                                                                                                                                                                                                                        				void _t66;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t75;
                                                                                                                                                                                                                                                        				unsigned int _t78;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        				char* _t86;
                                                                                                                                                                                                                                                        				intOrPtr _t87;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				signed int* _t95;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t93 = _t92 - 0x34;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v12 = _t40 ^ _t90;
                                                                                                                                                                                                                                                        				if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v12 ^ _t90, _t77);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t63 = _a12 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t43 = _a8;
                                                                                                                                                                                                                                                        					_v40 = 7;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_t78 = _t63 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t85 = _t78 >> 1;
                                                                                                                                                                                                                                                        					if(_t78 > 0xf) {
                                                                                                                                                                                                                                                        						_t95 = _t93 - 0xc;
                                                                                                                                                                                                                                                        						_v68 = _v36;
                                                                                                                                                                                                                                                        						_v64 = _t43;
                                                                                                                                                                                                                                                        						 *_t95 = _t85;
                                                                                                                                                                                                                                                        						E00BBA7D0(_t58,  &_v60, _t79, _t85);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v44 = _t85;
                                                                                                                                                                                                                                                        						_t77 =  &_v60;
                                                                                                                                                                                                                                                        						memcpy( &_v60, _t43, _t63 & 0x0000fffe);
                                                                                                                                                                                                                                                        						_t95 = _t93 + 0xc;
                                                                                                                                                                                                                                                        						 *((short*)(_t90 + _t85 * 2 - 0x38)) = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t45 = _v44;
                                                                                                                                                                                                                                                        					if(_v40 <= 7) {
                                                                                                                                                                                                                                                        						_t66 =  &_v60;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t66 = _v60;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t86 =  &_v36;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t86, _t66, _t45);
                                                                                                                                                                                                                                                        					_t93 =  &(_t95[3]);
                                                                                                                                                                                                                                                        					_t47 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t47 != 0) {
                                                                                                                                                                                                                                                        						_t75 = _a4;
                                                                                                                                                                                                                                                        						if(_v16 > 0xf) {
                                                                                                                                                                                                                                                        							_t86 = _v36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t47("Broker ALLOWED", _t75, _t86, 0, 0);
                                                                                                                                                                                                                                                        						_t93 = _t93 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t48 = _v16;
                                                                                                                                                                                                                                                        					if(_t48 >= 0x10) {
                                                                                                                                                                                                                                                        						_t67 = _v36;
                                                                                                                                                                                                                                                        						_t87 = _t48 + 1;
                                                                                                                                                                                                                                                        						if(_t87 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t77 =  *((intOrPtr*)(_t67 - 4));
                                                                                                                                                                                                                                                        							if(_t67 + 0xfffffffc - _t77 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t90);
                                                                                                                                                                                                                                                        								_push(_t58);
                                                                                                                                                                                                                                                        								_push(_t79);
                                                                                                                                                                                                                                                        								_push(_t87);
                                                                                                                                                                                                                                                        								_push(_t48);
                                                                                                                                                                                                                                                        								_t49 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t50 = _t49 ^ _t93;
                                                                                                                                                                                                                                                        								_v80 = _t50;
                                                                                                                                                                                                                                                        								_push(_t50);
                                                                                                                                                                                                                                                        								_push(0x18);
                                                                                                                                                                                                                                                        								L00BEF6BA();
                                                                                                                                                                                                                                                        								_t80 = _t50;
                                                                                                                                                                                                                                                        								E00BC4BB0(_t50, E00BC4B80, E00BC4BA0);
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t80 + 0x10)) = _v56;
                                                                                                                                                                                                                                                        								 *_t93 = _t80;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t80 + 0x14)) = _v52;
                                                                                                                                                                                                                                                        								E00BC4BE0(_t93);
                                                                                                                                                                                                                                                        								return E00BEECB0(_v80 ^ _t93, _t77);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t48 = _t48 + 0x24;
                                                                                                                                                                                                                                                        								_t67 = _t77;
                                                                                                                                                                                                                                                        								_t87 = _t48;
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_push(_t87);
                                                                                                                                                                                                                                                        							_push(_t67);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t93 = _t93 + 8;
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						_v16 = 0xf;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						E00BBDF30(_t48,  &_v60, _t77);
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































                                                                                                                                                                                                                                                        0x00bc48f4
                                                                                                                                                                                                                                                        0x00bc48f7
                                                                                                                                                                                                                                                        0x00bc48fe
                                                                                                                                                                                                                                                        0x00bc4908
                                                                                                                                                                                                                                                        0x00bc49be
                                                                                                                                                                                                                                                        0x00bc49cd
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc4912
                                                                                                                                                                                                                                                        0x00bc4915
                                                                                                                                                                                                                                                        0x00bc491c
                                                                                                                                                                                                                                                        0x00bc4923
                                                                                                                                                                                                                                                        0x00bc4929
                                                                                                                                                                                                                                                        0x00bc492e
                                                                                                                                                                                                                                                        0x00bc4934
                                                                                                                                                                                                                                                        0x00bc49e8
                                                                                                                                                                                                                                                        0x00bc49ee
                                                                                                                                                                                                                                                        0x00bc49f5
                                                                                                                                                                                                                                                        0x00bc49f9
                                                                                                                                                                                                                                                        0x00bc49fc
                                                                                                                                                                                                                                                        0x00bc493a
                                                                                                                                                                                                                                                        0x00bc4940
                                                                                                                                                                                                                                                        0x00bc4943
                                                                                                                                                                                                                                                        0x00bc4949
                                                                                                                                                                                                                                                        0x00bc494e
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4958
                                                                                                                                                                                                                                                        0x00bc495f
                                                                                                                                                                                                                                                        0x00bc4966
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4969
                                                                                                                                                                                                                                                        0x00bc496f
                                                                                                                                                                                                                                                        0x00bc4974
                                                                                                                                                                                                                                                        0x00bc4977
                                                                                                                                                                                                                                                        0x00bc497e
                                                                                                                                                                                                                                                        0x00bc4980
                                                                                                                                                                                                                                                        0x00bc4987
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4997
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc499c
                                                                                                                                                                                                                                                        0x00bc49a2
                                                                                                                                                                                                                                                        0x00bc49ce
                                                                                                                                                                                                                                                        0x00bc49d1
                                                                                                                                                                                                                                                        0x00bc49da
                                                                                                                                                                                                                                                        0x00bc4a06
                                                                                                                                                                                                                                                        0x00bc4a11
                                                                                                                                                                                                                                                        0x00bc4a1c
                                                                                                                                                                                                                                                        0x00bc4a22
                                                                                                                                                                                                                                                        0x00bc4a23
                                                                                                                                                                                                                                                        0x00bc4a24
                                                                                                                                                                                                                                                        0x00bc4a25
                                                                                                                                                                                                                                                        0x00bc4a26
                                                                                                                                                                                                                                                        0x00bc4a27
                                                                                                                                                                                                                                                        0x00bc4a28
                                                                                                                                                                                                                                                        0x00bc4a29
                                                                                                                                                                                                                                                        0x00bc4a2a
                                                                                                                                                                                                                                                        0x00bc4a2b
                                                                                                                                                                                                                                                        0x00bc4a2c
                                                                                                                                                                                                                                                        0x00bc4a2d
                                                                                                                                                                                                                                                        0x00bc4a2e
                                                                                                                                                                                                                                                        0x00bc4a2f
                                                                                                                                                                                                                                                        0x00bc4a30
                                                                                                                                                                                                                                                        0x00bc4a33
                                                                                                                                                                                                                                                        0x00bc4a34
                                                                                                                                                                                                                                                        0x00bc4a35
                                                                                                                                                                                                                                                        0x00bc4a36
                                                                                                                                                                                                                                                        0x00bc4a37
                                                                                                                                                                                                                                                        0x00bc4a3f
                                                                                                                                                                                                                                                        0x00bc4a41
                                                                                                                                                                                                                                                        0x00bc4a44
                                                                                                                                                                                                                                                        0x00bc4a47
                                                                                                                                                                                                                                                        0x00bc4a49
                                                                                                                                                                                                                                                        0x00bc4a51
                                                                                                                                                                                                                                                        0x00bc4a5f
                                                                                                                                                                                                                                                        0x00bc4a69
                                                                                                                                                                                                                                                        0x00bc4a6c
                                                                                                                                                                                                                                                        0x00bc4a6e
                                                                                                                                                                                                                                                        0x00bc4a71
                                                                                                                                                                                                                                                        0x00bc4a87
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a16
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dd
                                                                                                                                                                                                                                                        0x00bc49de
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a7
                                                                                                                                                                                                                                                        0x00bc49ae
                                                                                                                                                                                                                                                        0x00bc49b5
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00bc49a2

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC4949
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BC49DE
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC4A1C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturnmemcpy
                                                                                                                                                                                                                                                        • String ID: Broker ALLOWED
                                                                                                                                                                                                                                                        • API String ID: 1214998048-3284428901
                                                                                                                                                                                                                                                        • Opcode ID: 5a354f2a45e49a3e07cfad1b50765d82bd20c60e5af87e8b9ba9aaa1f0df31cc
                                                                                                                                                                                                                                                        • Instruction ID: 7cb1529ab08b33d69732ad7cf0118a63a12eb51b579fdbbc9b16cdbec38d6d3c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a354f2a45e49a3e07cfad1b50765d82bd20c60e5af87e8b9ba9aaa1f0df31cc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8331B2B1C00128AFCB14DF94D895BFEBBF4EF44310F1445ACE8566B290D7795A88CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 17%
                                                                                                                                                                                                                                                        			E00BC46C0(void* __ebx, void* __edi, void* __esi, intOrPtr _a4, void* _a8, signed short _a12) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				intOrPtr _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				intOrPtr _t43;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				void _t55;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				unsigned int _t63;
                                                                                                                                                                                                                                                        				signed int _t68;
                                                                                                                                                                                                                                                        				char* _t69;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				void* _t74;
                                                                                                                                                                                                                                                        				signed int* _t75;
                                                                                                                                                                                                                                                        				signed int* _t77;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t75 = _t74 - 0x34;
                                                                                                                                                                                                                                                        				_t35 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v12 = _t35 ^ _t71;
                                                                                                                                                                                                                                                        				if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v12 ^ _t71, _t62);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t52 = _a12 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t38 = _a8;
                                                                                                                                                                                                                                                        					_v40 = 7;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_t63 = _t52 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t68 = _t63 >> 1;
                                                                                                                                                                                                                                                        					if(_t63 > 0xf) {
                                                                                                                                                                                                                                                        						_t77 = _t75 - 0xc;
                                                                                                                                                                                                                                                        						_v68 = _v36;
                                                                                                                                                                                                                                                        						_v64 = _t38;
                                                                                                                                                                                                                                                        						 *_t77 = _t68;
                                                                                                                                                                                                                                                        						E00BBA7D0(__ebx,  &_v60, __edi, _t68);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v44 = _t68;
                                                                                                                                                                                                                                                        						_t62 =  &_v60;
                                                                                                                                                                                                                                                        						memcpy( &_v60, _t38, _t52 & 0x0000fffe);
                                                                                                                                                                                                                                                        						_t77 =  &(_t75[3]);
                                                                                                                                                                                                                                                        						 *((short*)(_t71 + _t68 * 2 - 0x38)) = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t40 = _v44;
                                                                                                                                                                                                                                                        					if(_v40 <= 7) {
                                                                                                                                                                                                                                                        						_t55 =  &_v60;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t55 = _v60;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t69 =  &_v36;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t69, _t55, _t40);
                                                                                                                                                                                                                                                        					_t75 =  &(_t77[3]);
                                                                                                                                                                                                                                                        					_t42 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t42 != 0) {
                                                                                                                                                                                                                                                        						_t60 = _a4;
                                                                                                                                                                                                                                                        						if(_v16 > 0xf) {
                                                                                                                                                                                                                                                        							_t69 = _v36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t42("BLOCKED", _t60, _t69, 1, 3);
                                                                                                                                                                                                                                                        						_t75 =  &(_t75[5]);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t43 = _v16;
                                                                                                                                                                                                                                                        					if(_t43 >= 0x10) {
                                                                                                                                                                                                                                                        						_t56 = _v36;
                                                                                                                                                                                                                                                        						_t70 = _t43 + 1;
                                                                                                                                                                                                                                                        						if(_t70 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t62 =  *((intOrPtr*)(_t56 - 4));
                                                                                                                                                                                                                                                        							if(_t56 + 0xfffffffc - _t62 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t71);
                                                                                                                                                                                                                                                        								_t44 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        								if(_t44 != 0) {
                                                                                                                                                                                                                                                        									return  *_t44("Broker ALLOWED", _v0, _a4, 0, 0);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								return _t44;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t43 = _t43 + 0x24;
                                                                                                                                                                                                                                                        								_t56 = _t62;
                                                                                                                                                                                                                                                        								_t70 = _t43;
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_push(_t70);
                                                                                                                                                                                                                                                        							_push(_t56);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t75 =  &(_t75[2]);
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						_v16 = 0xf;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						E00BBDF30(_t43,  &_v60, _t62);
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bc46c4
                                                                                                                                                                                                                                                        0x00bc46c7
                                                                                                                                                                                                                                                        0x00bc46ce
                                                                                                                                                                                                                                                        0x00bc46d8
                                                                                                                                                                                                                                                        0x00bc478e
                                                                                                                                                                                                                                                        0x00bc479d
                                                                                                                                                                                                                                                        0x00bc46de
                                                                                                                                                                                                                                                        0x00bc46de
                                                                                                                                                                                                                                                        0x00bc46e2
                                                                                                                                                                                                                                                        0x00bc46e5
                                                                                                                                                                                                                                                        0x00bc46ec
                                                                                                                                                                                                                                                        0x00bc46f3
                                                                                                                                                                                                                                                        0x00bc46f9
                                                                                                                                                                                                                                                        0x00bc46fe
                                                                                                                                                                                                                                                        0x00bc4704
                                                                                                                                                                                                                                                        0x00bc47b8
                                                                                                                                                                                                                                                        0x00bc47be
                                                                                                                                                                                                                                                        0x00bc47c5
                                                                                                                                                                                                                                                        0x00bc47c9
                                                                                                                                                                                                                                                        0x00bc47cc
                                                                                                                                                                                                                                                        0x00bc470a
                                                                                                                                                                                                                                                        0x00bc4710
                                                                                                                                                                                                                                                        0x00bc4713
                                                                                                                                                                                                                                                        0x00bc4719
                                                                                                                                                                                                                                                        0x00bc471e
                                                                                                                                                                                                                                                        0x00bc4721
                                                                                                                                                                                                                                                        0x00bc4721
                                                                                                                                                                                                                                                        0x00bc4728
                                                                                                                                                                                                                                                        0x00bc472f
                                                                                                                                                                                                                                                        0x00bc4736
                                                                                                                                                                                                                                                        0x00bc4731
                                                                                                                                                                                                                                                        0x00bc4731
                                                                                                                                                                                                                                                        0x00bc4731
                                                                                                                                                                                                                                                        0x00bc4739
                                                                                                                                                                                                                                                        0x00bc473f
                                                                                                                                                                                                                                                        0x00bc4744
                                                                                                                                                                                                                                                        0x00bc4747
                                                                                                                                                                                                                                                        0x00bc474e
                                                                                                                                                                                                                                                        0x00bc4750
                                                                                                                                                                                                                                                        0x00bc4757
                                                                                                                                                                                                                                                        0x00bc4759
                                                                                                                                                                                                                                                        0x00bc4759
                                                                                                                                                                                                                                                        0x00bc4767
                                                                                                                                                                                                                                                        0x00bc4769
                                                                                                                                                                                                                                                        0x00bc4769
                                                                                                                                                                                                                                                        0x00bc476c
                                                                                                                                                                                                                                                        0x00bc4772
                                                                                                                                                                                                                                                        0x00bc479e
                                                                                                                                                                                                                                                        0x00bc47a1
                                                                                                                                                                                                                                                        0x00bc47aa
                                                                                                                                                                                                                                                        0x00bc47d6
                                                                                                                                                                                                                                                        0x00bc47e1
                                                                                                                                                                                                                                                        0x00bc47ec
                                                                                                                                                                                                                                                        0x00bc47f2
                                                                                                                                                                                                                                                        0x00bc47f3
                                                                                                                                                                                                                                                        0x00bc47f4
                                                                                                                                                                                                                                                        0x00bc47f5
                                                                                                                                                                                                                                                        0x00bc47f6
                                                                                                                                                                                                                                                        0x00bc47f7
                                                                                                                                                                                                                                                        0x00bc47f8
                                                                                                                                                                                                                                                        0x00bc47f9
                                                                                                                                                                                                                                                        0x00bc47fa
                                                                                                                                                                                                                                                        0x00bc47fb
                                                                                                                                                                                                                                                        0x00bc47fc
                                                                                                                                                                                                                                                        0x00bc47fd
                                                                                                                                                                                                                                                        0x00bc47fe
                                                                                                                                                                                                                                                        0x00bc47ff
                                                                                                                                                                                                                                                        0x00bc4800
                                                                                                                                                                                                                                                        0x00bc4803
                                                                                                                                                                                                                                                        0x00bc480a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc481d
                                                                                                                                                                                                                                                        0x00bc4821
                                                                                                                                                                                                                                                        0x00bc47e3
                                                                                                                                                                                                                                                        0x00bc47e3
                                                                                                                                                                                                                                                        0x00bc47e6
                                                                                                                                                                                                                                                        0x00bc47e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc47e8
                                                                                                                                                                                                                                                        0x00bc47ac
                                                                                                                                                                                                                                                        0x00bc47ac
                                                                                                                                                                                                                                                        0x00bc47ac
                                                                                                                                                                                                                                                        0x00bc47ad
                                                                                                                                                                                                                                                        0x00bc47ae
                                                                                                                                                                                                                                                        0x00bc47b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc47b3
                                                                                                                                                                                                                                                        0x00bc4774
                                                                                                                                                                                                                                                        0x00bc4774
                                                                                                                                                                                                                                                        0x00bc4777
                                                                                                                                                                                                                                                        0x00bc477e
                                                                                                                                                                                                                                                        0x00bc4785
                                                                                                                                                                                                                                                        0x00bc4789
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4789
                                                                                                                                                                                                                                                        0x00bc4772

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC4719
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BC47AE
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC47EC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturnmemcpy
                                                                                                                                                                                                                                                        • String ID: BLOCKED
                                                                                                                                                                                                                                                        • API String ID: 1214998048-3843036570
                                                                                                                                                                                                                                                        • Opcode ID: 38f8b5ea61926eddd937725d721631136220f2fcf15d90193b987bcc31bdd71a
                                                                                                                                                                                                                                                        • Instruction ID: 036a793cd76d561be68b769c65d721a32d03a0590ed5119ef03f694e6cb2e307
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 38f8b5ea61926eddd937725d721631136220f2fcf15d90193b987bcc31bdd71a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 70319DB1D00218ABCB14DF90D895BFEBBF5EF05310F0445ADE8156B281DB795E88CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BD5240(intOrPtr __ecx, intOrPtr _a4, void* _a8, long _a12, long _a16, signed int _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v176;
                                                                                                                                                                                                                                                        				signed short _v180;
                                                                                                                                                                                                                                                        				char _v200;
                                                                                                                                                                                                                                                        				void* _v204;
                                                                                                                                                                                                                                                        				long _v208;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				intOrPtr _v216;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				intOrPtr _t39;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				signed int _t68;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				void* _t72;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v216 = __ecx;
                                                                                                                                                                                                                                                        				_t68 = _a20;
                                                                                                                                                                                                                                                        				_t70 = _a4;
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t32 ^ _t71;
                                                                                                                                                                                                                                                        				if( *0xbfb50c == 0) {
                                                                                                                                                                                                                                                        					E00BEB3D0("NtQueryObject", 0xbfb50c);
                                                                                                                                                                                                                                                        					_t72 = _t72 + 8;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t34 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				_t67 =  &_v204;
                                                                                                                                                                                                                                                        				if(DuplicateHandle( *( *(_t70 + 4)), _a8, _t34,  &_v204, 0, 0, _t68 | 0x00000002) != 0) {
                                                                                                                                                                                                                                                        					_t53 = _t68;
                                                                                                                                                                                                                                                        					_v208 = 0;
                                                                                                                                                                                                                                                        					E00BC5200(_v204,  &_v208, _v204);
                                                                                                                                                                                                                                                        					_v212 = 0x9e;
                                                                                                                                                                                                                                                        					_t39 =  *0xbfb50c(_v208, 2,  &_v180, 0x9e,  &_v212);
                                                                                                                                                                                                                                                        					if(_t39 < 0) {
                                                                                                                                                                                                                                                        						_t54 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						 *((short*)(_v176 + (_v180 & 0xfffe))) = 0;
                                                                                                                                                                                                                                                        						_v200 = 2;
                                                                                                                                                                                                                                                        						asm("movd xmm0, eax");
                                                                                                                                                                                                                                                        						asm("movd xmm1, eax");
                                                                                                                                                                                                                                                        						asm("punpcklqdq xmm1, xmm0");
                                                                                                                                                                                                                                                        						asm("psllq xmm1, 0x20");
                                                                                                                                                                                                                                                        						asm("por xmm1, [0xbf12d0]");
                                                                                                                                                                                                                                                        						asm("movdqu [ebp-0xc0], xmm1");
                                                                                                                                                                                                                                                        						_t39 = E00BD5740(E00BE5950( *((intOrPtr*)(_v216 + 0x10)), 0x12,  &_v200), _v208, _a12, _t70 + 0x18, _a16, _t53 & 0xfffffffe);
                                                                                                                                                                                                                                                        						_t54 = 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t70 + 0x10)) = _t39;
                                                                                                                                                                                                                                                        					E00BC51B0(_t39,  &_v208);
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t70 + 0x10)) = GetLastError();
                                                                                                                                                                                                                                                        					_t54 = 0;
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t71, _t67);
                                                                                                                                                                                                                                                        					return _t54;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bd524c
                                                                                                                                                                                                                                                        0x00bd5252
                                                                                                                                                                                                                                                        0x00bd5255
                                                                                                                                                                                                                                                        0x00bd5258
                                                                                                                                                                                                                                                        0x00bd525f
                                                                                                                                                                                                                                                        0x00bd5269
                                                                                                                                                                                                                                                        0x00bd5275
                                                                                                                                                                                                                                                        0x00bd527a
                                                                                                                                                                                                                                                        0x00bd527a
                                                                                                                                                                                                                                                        0x00bd5282
                                                                                                                                                                                                                                                        0x00bd528b
                                                                                                                                                                                                                                                        0x00bd52a5
                                                                                                                                                                                                                                                        0x00bd52d1
                                                                                                                                                                                                                                                        0x00bd52d3
                                                                                                                                                                                                                                                        0x00bd52e4
                                                                                                                                                                                                                                                        0x00bd52ef
                                                                                                                                                                                                                                                        0x00bd530e
                                                                                                                                                                                                                                                        0x00bd5316
                                                                                                                                                                                                                                                        0x00bd539f
                                                                                                                                                                                                                                                        0x00bd531c
                                                                                                                                                                                                                                                        0x00bd5332
                                                                                                                                                                                                                                                        0x00bd533b
                                                                                                                                                                                                                                                        0x00bd5345
                                                                                                                                                                                                                                                        0x00bd534f
                                                                                                                                                                                                                                                        0x00bd5359
                                                                                                                                                                                                                                                        0x00bd535d
                                                                                                                                                                                                                                                        0x00bd5362
                                                                                                                                                                                                                                                        0x00bd536a
                                                                                                                                                                                                                                                        0x00bd5393
                                                                                                                                                                                                                                                        0x00bd539b
                                                                                                                                                                                                                                                        0x00bd539b
                                                                                                                                                                                                                                                        0x00bd53a7
                                                                                                                                                                                                                                                        0x00bd53aa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd52a7
                                                                                                                                                                                                                                                        0x00bd52ad
                                                                                                                                                                                                                                                        0x00bd52b0
                                                                                                                                                                                                                                                        0x00bd52b2
                                                                                                                                                                                                                                                        0x00bd52b7
                                                                                                                                                                                                                                                        0x00bd52c8
                                                                                                                                                                                                                                                        0x00bd52c8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD5282
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(?,?,00000000,?,00000000,00000000,?), ref: 00BD529D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD52A7
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Handle$AddressCurrentDuplicateProcProcessVerifier
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 3306402287-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: 1286d4c2b09c6ba39706e8fbecffc680364afc86b40457c34f28415788c16e70
                                                                                                                                                                                                                                                        • Instruction ID: d59ba5810e644fe9cdc4200845f68d000236bff4a4067139f3abe8532592fea4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1286d4c2b09c6ba39706e8fbecffc680364afc86b40457c34f28415788c16e70
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F5416D719003199FEB20DF64DC45FAAB7B8FF45310F0046D9E919A7291EB70AA88CF60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE8A40(intOrPtr* __ecx, char* __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				short _v40;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v72;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				short _v96;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				char _v112;
                                                                                                                                                                                                                                                        				intOrPtr _v116;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t27;
                                                                                                                                                                                                                                                        				long _t30;
                                                                                                                                                                                                                                                        				char* _t41;
                                                                                                                                                                                                                                                        				char* _t44;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				signed int _t60;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t55 = __edx;
                                                                                                                                                                                                                                                        				_t62 = (_t60 & 0xfffffff0) - 0x60;
                                                                                                                                                                                                                                                        				_t25 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t58 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t25 ^ _t59;
                                                                                                                                                                                                                                                        				_t27 =  *0xbfb6b4;
                                                                                                                                                                                                                                                        				if(_t27 == 0) {
                                                                                                                                                                                                                                                        					_v108 = 0;
                                                                                                                                                                                                                                                        					E00BEB3D0("NtOpenDirectoryObject",  &_v108);
                                                                                                                                                                                                                                                        					_t63 = _t62 + 8;
                                                                                                                                                                                                                                                        					_v112 = 0;
                                                                                                                                                                                                                                                        					_t30 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        					__imp__ProcessIdToSessionId(_t30, _t62 + 8);
                                                                                                                                                                                                                                                        					_t44 =  &_v88;
                                                                                                                                                                                                                                                        					_v36 = 7;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					E00BC7590(__eflags, _t44, L"%d",  *_t63);
                                                                                                                                                                                                                                                        					_t56 =  &_v112;
                                                                                                                                                                                                                                                        					_v92 = 7;
                                                                                                                                                                                                                                                        					_v96 = 0;
                                                                                                                                                                                                                                                        					_v112 = 0;
                                                                                                                                                                                                                                                        					E00BBA740( &_v112, L"\\Sessions\\BNOLINKS");
                                                                                                                                                                                                                                                        					_t55 = _t44;
                                                                                                                                                                                                                                                        					_t45 = E00BE8770( &_v112, _t44, __eflags,  &_v60);
                                                                                                                                                                                                                                                        					_t36 = E00BBDF30(E00BBDF30(_t34, _t56, _t44),  &_v92, _t44);
                                                                                                                                                                                                                                                        					__eflags = _t45;
                                                                                                                                                                                                                                                        					if(_t45 >= 0) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v108 = 0;
                                                                                                                                                                                                                                                        						_v112 = 0;
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_v72 = 0;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        						_t41 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE5CE0( &_v56, 0x40, 0, _t41,  &_v112, 0);
                                                                                                                                                                                                                                                        						_t36 = _v116(0xbfb6b4, 0xf, _t41);
                                                                                                                                                                                                                                                        						_t45 = _t36;
                                                                                                                                                                                                                                                        						__eflags = _t36;
                                                                                                                                                                                                                                                        						if(_t36 >= 0) {
                                                                                                                                                                                                                                                        							_t36 =  *0xbfb6b4;
                                                                                                                                                                                                                                                        							 *_t58 =  *0xbfb6b4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BBDF30(_t36,  &_v56, _t55);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *__ecx = _t27;
                                                                                                                                                                                                                                                        					_t45 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v32 ^ _t59, _t55);
                                                                                                                                                                                                                                                        				return _t45;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00be8a40
                                                                                                                                                                                                                                                        0x00be8a49
                                                                                                                                                                                                                                                        0x00be8a4c
                                                                                                                                                                                                                                                        0x00be8a51
                                                                                                                                                                                                                                                        0x00be8a55
                                                                                                                                                                                                                                                        0x00be8a59
                                                                                                                                                                                                                                                        0x00be8a60
                                                                                                                                                                                                                                                        0x00be8a7f
                                                                                                                                                                                                                                                        0x00be8a8d
                                                                                                                                                                                                                                                        0x00be8a92
                                                                                                                                                                                                                                                        0x00be8a95
                                                                                                                                                                                                                                                        0x00be8a9c
                                                                                                                                                                                                                                                        0x00be8aa6
                                                                                                                                                                                                                                                        0x00be8aac
                                                                                                                                                                                                                                                        0x00be8ab0
                                                                                                                                                                                                                                                        0x00be8ab8
                                                                                                                                                                                                                                                        0x00be8ac0
                                                                                                                                                                                                                                                        0x00be8ad0
                                                                                                                                                                                                                                                        0x00be8ad8
                                                                                                                                                                                                                                                        0x00be8adc
                                                                                                                                                                                                                                                        0x00be8ae4
                                                                                                                                                                                                                                                        0x00be8aec
                                                                                                                                                                                                                                                        0x00be8afa
                                                                                                                                                                                                                                                        0x00be8b05
                                                                                                                                                                                                                                                        0x00be8b12
                                                                                                                                                                                                                                                        0x00be8b1d
                                                                                                                                                                                                                                                        0x00be8b22
                                                                                                                                                                                                                                                        0x00be8b24
                                                                                                                                                                                                                                                        0x00be8b26
                                                                                                                                                                                                                                                        0x00be8b29
                                                                                                                                                                                                                                                        0x00be8b31
                                                                                                                                                                                                                                                        0x00be8b39
                                                                                                                                                                                                                                                        0x00be8b41
                                                                                                                                                                                                                                                        0x00be8b49
                                                                                                                                                                                                                                                        0x00be8b55
                                                                                                                                                                                                                                                        0x00be8b65
                                                                                                                                                                                                                                                        0x00be8b75
                                                                                                                                                                                                                                                        0x00be8b79
                                                                                                                                                                                                                                                        0x00be8b7b
                                                                                                                                                                                                                                                        0x00be8b7d
                                                                                                                                                                                                                                                        0x00be8b7f
                                                                                                                                                                                                                                                        0x00be8b84
                                                                                                                                                                                                                                                        0x00be8b84
                                                                                                                                                                                                                                                        0x00be8b7d
                                                                                                                                                                                                                                                        0x00be8b8a
                                                                                                                                                                                                                                                        0x00be8a62
                                                                                                                                                                                                                                                        0x00be8a62
                                                                                                                                                                                                                                                        0x00be8a64
                                                                                                                                                                                                                                                        0x00be8a64
                                                                                                                                                                                                                                                        0x00be8a6c
                                                                                                                                                                                                                                                        0x00be8a7a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32 ref: 00BE8A9C
                                                                                                                                                                                                                                                        • ProcessIdToSessionId.KERNEL32(00000000), ref: 00BE8AA6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentSession
                                                                                                                                                                                                                                                        • String ID: NtOpenDirectoryObject$\Sessions\BNOLINKS
                                                                                                                                                                                                                                                        • API String ID: 2701954971-2858905111
                                                                                                                                                                                                                                                        • Opcode ID: 331bc24024b6d320a20e6c81263626c03bcc75a1e8610febc8f3f6791f665d7a
                                                                                                                                                                                                                                                        • Instruction ID: 28fc2af018cee43f19036c070fe490514bcbb2ca2176e952f6d733e263ee8ffb
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 331bc24024b6d320a20e6c81263626c03bcc75a1e8610febc8f3f6791f665d7a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F631C4B0608385ABD310DF61D845B6BBBE8EF84314F00496DF58997291EFB5D908CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 47%
                                                                                                                                                                                                                                                        			E00BEA450(int __edx, void* __eflags, intOrPtr _a4, void* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				signed short* _v44;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				char _v72;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				signed short* _t29;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				signed short* _t37;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        				signed short* _t40;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        				char _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t50;
                                                                                                                                                                                                                                                        				signed int _t51;
                                                                                                                                                                                                                                                        				void* _t52;
                                                                                                                                                                                                                                                        				signed int* _t53;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 = __edx;
                                                                                                                                                                                                                                                        				_t24 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t24 ^ _t51;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtQueryObject",  &_v28);
                                                                                                                                                                                                                                                        				_t53 = _t52 + 8;
                                                                                                                                                                                                                                                        				_t46 = _v28;
                                                                                                                                                                                                                                                        				_t37 =  &_v36;
                                                                                                                                                                                                                                                        				_v40 = 8;
                                                                                                                                                                                                                                                        				_t29 =  *_t46(_a4, 1, _t37, 8,  &_v40);
                                                                                                                                                                                                                                                        				_t49 = _v40;
                                                                                                                                                                                                                                                        				if(_t49 == 0) {
                                                                                                                                                                                                                                                        					_t40 = 0;
                                                                                                                                                                                                                                                        					if(_t29 != 0) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t38 = 0;
                                                                                                                                                                                                                                                        						if(_t40 == 0) {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							E00BEECB0(_v20 ^ _t51, _t44);
                                                                                                                                                                                                                                                        							return _t38;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						_push(_t40);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_v44 = _t40;
                                                                                                                                                                                                                                                        					_t43 = _a8;
                                                                                                                                                                                                                                                        					_t45 =  *_t37 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t32 = _t37[2];
                                                                                                                                                                                                                                                        					_t16 = _t43 + 0x14; // 0xc045c766
                                                                                                                                                                                                                                                        					_t50 =  *_t16;
                                                                                                                                                                                                                                                        					_t48 = _t45 >> 1;
                                                                                                                                                                                                                                                        					if(_t50 < _t48) {
                                                                                                                                                                                                                                                        						_t53 = _t53 - 0xc;
                                                                                                                                                                                                                                                        						_t44 = _v24;
                                                                                                                                                                                                                                                        						_v72 = _v24;
                                                                                                                                                                                                                                                        						_v68 = _t32;
                                                                                                                                                                                                                                                        						 *_t53 = _t48;
                                                                                                                                                                                                                                                        						E00BBA7D0(_t37, _t43, _t48, _t50);
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t40 = _v44;
                                                                                                                                                                                                                                                        						_t38 = 1;
                                                                                                                                                                                                                                                        						if(_t40 != 0) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t39 = _t43;
                                                                                                                                                                                                                                                        					if(_t50 >= 8) {
                                                                                                                                                                                                                                                        						_t39 =  *_t43;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t44 = _t45 & 0xfffffffe;
                                                                                                                                                                                                                                                        					 *(_t43 + 0x10) = _t48;
                                                                                                                                                                                                                                                        					memmove(_t39, _t32, _t45 & 0xfffffffe);
                                                                                                                                                                                                                                                        					_t53 =  &(_t53[3]);
                                                                                                                                                                                                                                                        					 *((short*)(_t39 + _t48 * 2)) = 0;
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L00BEF6CC();
                                                                                                                                                                                                                                                        				_t53 =  &(_t53[1]);
                                                                                                                                                                                                                                                        				_t37 = _t29;
                                                                                                                                                                                                                                                        				_t36 =  *_t46(_a4, 1, _t37, _t49,  &_v40, _t49);
                                                                                                                                                                                                                                                        				_t40 = _t37;
                                                                                                                                                                                                                                                        				if(_t36 == 0) {
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bea450
                                                                                                                                                                                                                                                        0x00bea459
                                                                                                                                                                                                                                                        0x00bea460
                                                                                                                                                                                                                                                        0x00bea466
                                                                                                                                                                                                                                                        0x00bea473
                                                                                                                                                                                                                                                        0x00bea478
                                                                                                                                                                                                                                                        0x00bea47b
                                                                                                                                                                                                                                                        0x00bea481
                                                                                                                                                                                                                                                        0x00bea484
                                                                                                                                                                                                                                                        0x00bea494
                                                                                                                                                                                                                                                        0x00bea496
                                                                                                                                                                                                                                                        0x00bea49b
                                                                                                                                                                                                                                                        0x00bea4de
                                                                                                                                                                                                                                                        0x00bea4e2
                                                                                                                                                                                                                                                        0x00bea4bb
                                                                                                                                                                                                                                                        0x00bea4bb
                                                                                                                                                                                                                                                        0x00bea4bf
                                                                                                                                                                                                                                                        0x00bea4ca
                                                                                                                                                                                                                                                        0x00bea4cf
                                                                                                                                                                                                                                                        0x00bea4dd
                                                                                                                                                                                                                                                        0x00bea4dd
                                                                                                                                                                                                                                                        0x00bea4c1
                                                                                                                                                                                                                                                        0x00bea4c1
                                                                                                                                                                                                                                                        0x00bea4c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea4c7
                                                                                                                                                                                                                                                        0x00bea4e4
                                                                                                                                                                                                                                                        0x00bea4e4
                                                                                                                                                                                                                                                        0x00bea4e7
                                                                                                                                                                                                                                                        0x00bea4ea
                                                                                                                                                                                                                                                        0x00bea4ed
                                                                                                                                                                                                                                                        0x00bea4f0
                                                                                                                                                                                                                                                        0x00bea4f0
                                                                                                                                                                                                                                                        0x00bea4f5
                                                                                                                                                                                                                                                        0x00bea4f9
                                                                                                                                                                                                                                                        0x00bea526
                                                                                                                                                                                                                                                        0x00bea529
                                                                                                                                                                                                                                                        0x00bea52c
                                                                                                                                                                                                                                                        0x00bea530
                                                                                                                                                                                                                                                        0x00bea534
                                                                                                                                                                                                                                                        0x00bea537
                                                                                                                                                                                                                                                        0x00bea51b
                                                                                                                                                                                                                                                        0x00bea51b
                                                                                                                                                                                                                                                        0x00bea51e
                                                                                                                                                                                                                                                        0x00bea522
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea524
                                                                                                                                                                                                                                                        0x00bea4fe
                                                                                                                                                                                                                                                        0x00bea500
                                                                                                                                                                                                                                                        0x00bea502
                                                                                                                                                                                                                                                        0x00bea502
                                                                                                                                                                                                                                                        0x00bea504
                                                                                                                                                                                                                                                        0x00bea507
                                                                                                                                                                                                                                                        0x00bea50d
                                                                                                                                                                                                                                                        0x00bea512
                                                                                                                                                                                                                                                        0x00bea515
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea515
                                                                                                                                                                                                                                                        0x00bea49e
                                                                                                                                                                                                                                                        0x00bea4a3
                                                                                                                                                                                                                                                        0x00bea4a6
                                                                                                                                                                                                                                                        0x00bea4b3
                                                                                                                                                                                                                                                        0x00bea4b5
                                                                                                                                                                                                                                                        0x00bea4b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000008), ref: 00BEA49E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BEA4C2
                                                                                                                                                                                                                                                        • memmove.NTDLL(00BEA9B5,?), ref: 00BEA50D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@AddressProcmemmove
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 634340399-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: fb65e2cfacba6ec6515705740b7217e99f0119029e9b5ff3562cb3f90a8ae2ff
                                                                                                                                                                                                                                                        • Instruction ID: 99b0279f76d64dab762dbdbed6c140c1271c6977722c743839a4920179657989
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb65e2cfacba6ec6515705740b7217e99f0119029e9b5ff3562cb3f90a8ae2ff
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1331A4B1A00249ABDF109F65CC91AFF7BF9EF54310F1440A9E809AB391D775AD05C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 48%
                                                                                                                                                                                                                                                        			E00BCAD80(void* __ecx, char* __edx, char _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				long _v212;
                                                                                                                                                                                                                                                        				intOrPtr _v220;
                                                                                                                                                                                                                                                        				intOrPtr _v224;
                                                                                                                                                                                                                                                        				intOrPtr _v228;
                                                                                                                                                                                                                                                        				char _v232;
                                                                                                                                                                                                                                                        				char _v236;
                                                                                                                                                                                                                                                        				char _v240;
                                                                                                                                                                                                                                                        				intOrPtr _v248;
                                                                                                                                                                                                                                                        				char _v264;
                                                                                                                                                                                                                                                        				char _v265;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        				long _t30;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        				intOrPtr _t64;
                                                                                                                                                                                                                                                        				signed int _t65;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t60 = __edx;
                                                                                                                                                                                                                                                        				_t28 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t28 ^ _t65;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 5)) != 0) {
                                                                                                                                                                                                                                                        					_t62 = __ecx;
                                                                                                                                                                                                                                                        					_t30 = GetCurrentThreadId();
                                                                                                                                                                                                                                                        					_t64 =  *((intOrPtr*)(_t62 + 0x10));
                                                                                                                                                                                                                                                        					E00BC8120(_t30, _t64);
                                                                                                                                                                                                                                                        					_v232 = _a4;
                                                                                                                                                                                                                                                        					_v228 = _a8;
                                                                                                                                                                                                                                                        					_v224 = _a12;
                                                                                                                                                                                                                                                        					_v220 = _a16;
                                                                                                                                                                                                                                                        					_v212 = _t30;
                                                                                                                                                                                                                                                        					_push( &_v232);
                                                                                                                                                                                                                                                        					E00BCB1E0( &_v232, _t62 + 0x18,  *((intOrPtr*)( *((intOrPtr*)(_t62 + 0x18)))));
                                                                                                                                                                                                                                                        					_t60 =  &_v240;
                                                                                                                                                                                                                                                        					E00BCB0B0(_t62 + 0x14,  &_v240,  *((intOrPtr*)( *((intOrPtr*)(_t62 + 0x18)))) + 8,  *((intOrPtr*)( *((intOrPtr*)(_t62 + 0x18)))));
                                                                                                                                                                                                                                                        					if(_v236 == 0) {
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax+0xc]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [eax+0x14]");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0x8], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0x10], xmm1");
                                                                                                                                                                                                                                                        						_v248 =  *((intOrPtr*)(_v240 + 0x1c));
                                                                                                                                                                                                                                                        						_push( &_v264);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v264);
                                                                                                                                                                                                                                                        						_push( &_v265);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v265);
                                                                                                                                                                                                                                                        						_push("false");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc", 0xaf);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive(_t64);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v28 ^ _t65, _t60);
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bcad80
                                                                                                                                                                                                                                                        0x00bcad8f
                                                                                                                                                                                                                                                        0x00bcad96
                                                                                                                                                                                                                                                        0x00bcada1
                                                                                                                                                                                                                                                        0x00bcadbb
                                                                                                                                                                                                                                                        0x00bcadbd
                                                                                                                                                                                                                                                        0x00bcadc3
                                                                                                                                                                                                                                                        0x00bcadca
                                                                                                                                                                                                                                                        0x00bcadd5
                                                                                                                                                                                                                                                        0x00bcaddc
                                                                                                                                                                                                                                                        0x00bcade3
                                                                                                                                                                                                                                                        0x00bcadea
                                                                                                                                                                                                                                                        0x00bcadee
                                                                                                                                                                                                                                                        0x00bcadfb
                                                                                                                                                                                                                                                        0x00bcadfc
                                                                                                                                                                                                                                                        0x00bcae0a
                                                                                                                                                                                                                                                        0x00bcae15
                                                                                                                                                                                                                                                        0x00bcae22
                                                                                                                                                                                                                                                        0x00bcae28
                                                                                                                                                                                                                                                        0x00bcae2d
                                                                                                                                                                                                                                                        0x00bcae32
                                                                                                                                                                                                                                                        0x00bcae38
                                                                                                                                                                                                                                                        0x00bcae41
                                                                                                                                                                                                                                                        0x00bcae49
                                                                                                                                                                                                                                                        0x00bcae4a
                                                                                                                                                                                                                                                        0x00bcae56
                                                                                                                                                                                                                                                        0x00bcae57
                                                                                                                                                                                                                                                        0x00bcae65
                                                                                                                                                                                                                                                        0x00bcae74
                                                                                                                                                                                                                                                        0x00bcae7b
                                                                                                                                                                                                                                                        0x00bcae7b
                                                                                                                                                                                                                                                        0x00bcae81
                                                                                                                                                                                                                                                        0x00bcae81
                                                                                                                                                                                                                                                        0x00bcadb8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 00BCADBD
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BCAE81
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • false, xrefs: 00BCAE65
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc, xrefs: 00BCAE6F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CurrentExclusiveLockReleaseThread
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc$false
                                                                                                                                                                                                                                                        • API String ID: 2448954584-175217558
                                                                                                                                                                                                                                                        • Opcode ID: d973af096e1dac171c2de77ea0e431b421527173fe6d18041f50bb5c9699be1a
                                                                                                                                                                                                                                                        • Instruction ID: b68c1b8d5d5dd61c5dc7a7a0ab8a72d044840f93215343e91a18fbb17aa65ffc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d973af096e1dac171c2de77ea0e431b421527173fe6d18041f50bb5c9699be1a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 27318EB5A047499FC710DF24D881E9BB7E4BF89314F004969F89997252EB30E645CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BB1760(void* __ecx, intOrPtr __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v280;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				intOrPtr* _t20;
                                                                                                                                                                                                                                                        				char* _t27;
                                                                                                                                                                                                                                                        				intOrPtr* _t32;
                                                                                                                                                                                                                                                        				intOrPtr* _t34;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t35 = __edx;
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t12 ^ _t39;
                                                                                                                                                                                                                                                        				if( *0xbfa534 != 0) {
                                                                                                                                                                                                                                                        					_t36 = 0;
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t39, _t35);
                                                                                                                                                                                                                                                        					return _t36;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t27 =  &_v280;
                                                                                                                                                                                                                                                        				_t37 = __ecx;
                                                                                                                                                                                                                                                        				if(E00BB18C0(_t27, __edx) < 0) {
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					_push("Couldn\'t find the application directory.\n");
                                                                                                                                                                                                                                                        					E00BB16A0();
                                                                                                                                                                                                                                                        					_t36 = 0x80004005;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t18 = strdup(_t27);
                                                                                                                                                                                                                                                        				_t40 = _t40 + 4;
                                                                                                                                                                                                                                                        				if(_t18 == 0) {
                                                                                                                                                                                                                                                        					goto L8;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t38 = _t18;
                                                                                                                                                                                                                                                        				E00BB2000(_t35, _t27, _t18, _t37);
                                                                                                                                                                                                                                                        				_t42 = _t40 + 0xc;
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        				_t32 = _v280;
                                                                                                                                                                                                                                                        				_v280 = 0;
                                                                                                                                                                                                                                                        				 *0xbfa534 = _t32;
                                                                                                                                                                                                                                                        				if(_t20 != 0) {
                                                                                                                                                                                                                                                        					_t35 =  *_t20;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t20 + 4))();
                                                                                                                                                                                                                                                        					_t34 = _v280;
                                                                                                                                                                                                                                                        					_v280 = 0;
                                                                                                                                                                                                                                                        					if(_t34 != 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t34 + 4))();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t32 =  *0xbfa534; // 0x0
                                                                                                                                                                                                                                                        					if(_t32 != 0) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t32 + 8))();
                                                                                                                                                                                                                                                        						_t36 = 0;
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						free(_t38);
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					_push("Couldn\'t load XPCOM.\n");
                                                                                                                                                                                                                                                        					E00BB16A0();
                                                                                                                                                                                                                                                        					_t42 = _t42 + 4;
                                                                                                                                                                                                                                                        					_t36 = 0x80004005;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v280 = 0;
                                                                                                                                                                                                                                                        				if(_t32 == 0) {
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L5;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bb1760
                                                                                                                                                                                                                                                        0x00bb176c
                                                                                                                                                                                                                                                        0x00bb1773
                                                                                                                                                                                                                                                        0x00bb177d
                                                                                                                                                                                                                                                        0x00bb181a
                                                                                                                                                                                                                                                        0x00bb17ef
                                                                                                                                                                                                                                                        0x00bb17f4
                                                                                                                                                                                                                                                        0x00bb1805
                                                                                                                                                                                                                                                        0x00bb1805
                                                                                                                                                                                                                                                        0x00bb1783
                                                                                                                                                                                                                                                        0x00bb1789
                                                                                                                                                                                                                                                        0x00bb1794
                                                                                                                                                                                                                                                        0x00bb1806
                                                                                                                                                                                                                                                        0x00bb1806
                                                                                                                                                                                                                                                        0x00bb180b
                                                                                                                                                                                                                                                        0x00bb1813
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1813
                                                                                                                                                                                                                                                        0x00bb1797
                                                                                                                                                                                                                                                        0x00bb179d
                                                                                                                                                                                                                                                        0x00bb17a2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb17a4
                                                                                                                                                                                                                                                        0x00bb17a9
                                                                                                                                                                                                                                                        0x00bb17ae
                                                                                                                                                                                                                                                        0x00bb17b1
                                                                                                                                                                                                                                                        0x00bb17b6
                                                                                                                                                                                                                                                        0x00bb17bc
                                                                                                                                                                                                                                                        0x00bb17c8
                                                                                                                                                                                                                                                        0x00bb17ce
                                                                                                                                                                                                                                                        0x00bb181e
                                                                                                                                                                                                                                                        0x00bb1822
                                                                                                                                                                                                                                                        0x00bb1825
                                                                                                                                                                                                                                                        0x00bb182b
                                                                                                                                                                                                                                                        0x00bb1837
                                                                                                                                                                                                                                                        0x00bb1859
                                                                                                                                                                                                                                                        0x00bb1859
                                                                                                                                                                                                                                                        0x00bb1839
                                                                                                                                                                                                                                                        0x00bb1841
                                                                                                                                                                                                                                                        0x00bb17de
                                                                                                                                                                                                                                                        0x00bb17e0
                                                                                                                                                                                                                                                        0x00bb17e3
                                                                                                                                                                                                                                                        0x00bb17e5
                                                                                                                                                                                                                                                        0x00bb17e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb17ec
                                                                                                                                                                                                                                                        0x00bb1843
                                                                                                                                                                                                                                                        0x00bb1843
                                                                                                                                                                                                                                                        0x00bb1848
                                                                                                                                                                                                                                                        0x00bb184d
                                                                                                                                                                                                                                                        0x00bb1850
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1850
                                                                                                                                                                                                                                                        0x00bb17d0
                                                                                                                                                                                                                                                        0x00bb17dc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB18C0: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,000000FF,?,00000104,00000000,00000000), ref: 00BB18FD
                                                                                                                                                                                                                                                        • strdup.MOZGLUE(?), ref: 00BB1797
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: strrchr.VCRUNTIME140(?,0000005C), ref: 00BB2027
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: malloc.MOZGLUE(00000009), ref: 00BB2042
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: memcpy.NTDLL(00000000,?,00000001), ref: 00BB2050
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: memcpy.NTDLL(?,00000000,00000000), ref: 00BB20B2
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_RUN_GTEST), ref: 00BB2103
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,\dependentlibs.list,000000FF,?,00000104), ref: 00BB2130
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: _wfopen.API-MS-WIN-CRT-STDIO-L1-1-0(?,00BF412A), ref: 00BB213C
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: fgets.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000104,00000000), ref: 00BB216B
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB17E6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Couldn't load XPCOM., xrefs: 00BB1843
                                                                                                                                                                                                                                                        • Couldn't find the application directory., xrefs: 00BB1806
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWidememcpy$_wfopenfgetsfreegetenvmallocstrdupstrrchr
                                                                                                                                                                                                                                                        • String ID: Couldn't find the application directory.$Couldn't load XPCOM.
                                                                                                                                                                                                                                                        • API String ID: 1623436115-4242252557
                                                                                                                                                                                                                                                        • Opcode ID: ba8dc982e8e22917817324120474409651f45b8a1e69662c37b31bed1be6e36a
                                                                                                                                                                                                                                                        • Instruction ID: 574d22feac4b91243a16a8e3f9918767b4d3ce57af7e6fc4782e87bed375729a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ba8dc982e8e22917817324120474409651f45b8a1e69662c37b31bed1be6e36a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F921B5B5E011084FEB189F29ED59BFA77F9EF84305F4404B8E90A87251EFB49D04CA52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BD2290(HANDLE* __ecx, signed int __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, void* _a28) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				HANDLE* _v32;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t39 = __edx;
                                                                                                                                                                                                                                                        				_v32 = __ecx;
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t21 ^ _t47;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtCreateFile",  &_v24);
                                                                                                                                                                                                                                                        				_v28 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t45 = _a4;
                                                                                                                                                                                                                                                        				_t26 = _v24( &_v28, __edx, _a4, _a8, 0, _a12, _a16, _a20, _a24, 0, 0);
                                                                                                                                                                                                                                                        				_t52 = _t26;
                                                                                                                                                                                                                                                        				if(_t26 < 0) {
                                                                                                                                                                                                                                                        					_t41 = _t26;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t30 = E00BEA920(__edx, _t52, _v28,  *((intOrPtr*)( *((intOrPtr*)(_t45 + 8)) + 4)));
                                                                                                                                                                                                                                                        					_t42 = _v28;
                                                                                                                                                                                                                                                        					if(_t30 == 0) {
                                                                                                                                                                                                                                                        						CloseHandle(_t42);
                                                                                                                                                                                                                                                        						_t41 = 0xc0000022;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						DuplicateHandle(GetCurrentProcess(), _t42, _a28, _v32, 0, 0, 3);
                                                                                                                                                                                                                                                        						_t41 =  !=  ? 0 : 0xc0000022;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t47, _t39);
                                                                                                                                                                                                                                                        				return _t41;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bd2290
                                                                                                                                                                                                                                                        0x00bd2299
                                                                                                                                                                                                                                                        0x00bd22a4
                                                                                                                                                                                                                                                        0x00bd22ab
                                                                                                                                                                                                                                                        0x00bd22b1
                                                                                                                                                                                                                                                        0x00bd22be
                                                                                                                                                                                                                                                        0x00bd22c9
                                                                                                                                                                                                                                                        0x00bd22d6
                                                                                                                                                                                                                                                        0x00bd22e7
                                                                                                                                                                                                                                                        0x00bd22ea
                                                                                                                                                                                                                                                        0x00bd22ec
                                                                                                                                                                                                                                                        0x00bd232f
                                                                                                                                                                                                                                                        0x00bd22ee
                                                                                                                                                                                                                                                        0x00bd22f7
                                                                                                                                                                                                                                                        0x00bd22ff
                                                                                                                                                                                                                                                        0x00bd2304
                                                                                                                                                                                                                                                        0x00bd2334
                                                                                                                                                                                                                                                        0x00bd233a
                                                                                                                                                                                                                                                        0x00bd2306
                                                                                                                                                                                                                                                        0x00bd231b
                                                                                                                                                                                                                                                        0x00bd232a
                                                                                                                                                                                                                                                        0x00bd232a
                                                                                                                                                                                                                                                        0x00bd2304
                                                                                                                                                                                                                                                        0x00bd2344
                                                                                                                                                                                                                                                        0x00bd2352

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD2309
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,FFFFFFFF,?,?,00000000,00000000,00000003), ref: 00BD231B
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(FFFFFFFF), ref: 00BD2334
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Handle$AddressCloseCurrentDuplicateProcProcess
                                                                                                                                                                                                                                                        • String ID: NtCreateFile
                                                                                                                                                                                                                                                        • API String ID: 1945942884-1055312982
                                                                                                                                                                                                                                                        • Opcode ID: b03dfd75dce5ceae37061353bb95f3b2b04c6287f46944d6192895568f4659ee
                                                                                                                                                                                                                                                        • Instruction ID: 55e5e9be24771ea801f1bcd0285839b15e2e086baa62177e2022429facb8dbe9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b03dfd75dce5ceae37061353bb95f3b2b04c6287f46944d6192895568f4659ee
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B521A472A0020AAFDF109FA5DC09FAF7BB9EF48720F150455FA14A7391DB34A911CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 41%
                                                                                                                                                                                                                                                        			E00BC38A0(intOrPtr __eax, intOrPtr* __ecx, void* __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				intOrPtr* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr* _v40;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				unsigned int _v84;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				intOrPtr* _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t68;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				intOrPtr* _t79;
                                                                                                                                                                                                                                                        				void* _t84;
                                                                                                                                                                                                                                                        				intOrPtr _t89;
                                                                                                                                                                                                                                                        				unsigned int _t95;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				intOrPtr* _t100;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				intOrPtr _t106;
                                                                                                                                                                                                                                                        				intOrPtr* _t107;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        				intOrPtr* _t112;
                                                                                                                                                                                                                                                        				unsigned int _t119;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				void* _t123;
                                                                                                                                                                                                                                                        				intOrPtr _t125;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				intOrPtr* _t128;
                                                                                                                                                                                                                                                        				intOrPtr* _t129;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				intOrPtr* _t134;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				intOrPtr* _t140;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        				signed int _t143;
                                                                                                                                                                                                                                                        				void* _t144;
                                                                                                                                                                                                                                                        				void* _t146;
                                                                                                                                                                                                                                                        				signed int _t149;
                                                                                                                                                                                                                                                        				void* _t150;
                                                                                                                                                                                                                                                        				void* _t153;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t131 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x2c);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t90 = __eax;
                                                                                                                                                                                                                                                        				_v24 = _t131;
                                                                                                                                                                                                                                                        				_t64 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t132 =  ==  ? __eax : _t131;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t131;
                                                                                                                                                                                                                                                        				_t6 = _t90 + 0xc; // 0xc
                                                                                                                                                                                                                                                        				_t133 = _t6;
                                                                                                                                                                                                                                                        				_t67 =  *((intOrPtr*)( *_a4));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 8)) = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0xc)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x14)) = 0;
                                                                                                                                                                                                                                                        				_push(0x24);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t149 = _t146 - 8 + 8;
                                                                                                                                                                                                                                                        				 *_t67 = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x10)) = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x18)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x20)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t67 + 4)) = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0xc)) = 0x3f800000;
                                                                                                                                                                                                                                                        				L3();
                                                                                                                                                                                                                                                        				_t100 = _v20;
                                                                                                                                                                                                                                                        				_t68 =  *((intOrPtr*)(_t100 + 4));
                                                                                                                                                                                                                                                        				if(_t68 == 0x5d1745c) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t143 = _t149;
                                                                                                                                                                                                                                                        					_push(__eax);
                                                                                                                                                                                                                                                        					_push(_t133);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_t150 = _t149 - 8;
                                                                                                                                                                                                                                                        					_t69 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        					_t134 = _t100;
                                                                                                                                                                                                                                                        					_v48 = _t69 ^ _t143;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t100 + 0x14)) -  *((intOrPtr*)(_t100 + 0xc)) >> 2 >= 0x10) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						_v28 =  *((intOrPtr*)(_t134 + 4));
                                                                                                                                                                                                                                                        						_push( &_v28);
                                                                                                                                                                                                                                                        						L8();
                                                                                                                                                                                                                                                        						_t31 = 8 - 1; // 0x7
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t134 + 0x18)) = _t31;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t134 + 0x1c)) = 8;
                                                                                                                                                                                                                                                        						return E00BEECB0(_v24 ^ _t143, 0x10);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(0x10 >= 0x40000000) {
                                                                                                                                                                                                                                                        							E00BC14B0(0x10, _t100);
                                                                                                                                                                                                                                                        							_push(_t143);
                                                                                                                                                                                                                                                        							_t144 = _t150;
                                                                                                                                                                                                                                                        							_push(0x10);
                                                                                                                                                                                                                                                        							_push(_t134);
                                                                                                                                                                                                                                                        							_push(8);
                                                                                                                                                                                                                                                        							_t153 = _t150 - 8;
                                                                                                                                                                                                                                                        							_t92 = _t100;
                                                                                                                                                                                                                                                        							_t79 =  *_t100;
                                                                                                                                                                                                                                                        							_t140 = _v40;
                                                                                                                                                                                                                                                        							_t135 = 8;
                                                                                                                                                                                                                                                        							_t105 =  *((intOrPtr*)(_t100 + 8)) - _t79;
                                                                                                                                                                                                                                                        							_t119 = _t105 >> 2;
                                                                                                                                                                                                                                                        							if(_t119 >= 8) {
                                                                                                                                                                                                                                                        								_t106 =  *((intOrPtr*)(_t92 + 4));
                                                                                                                                                                                                                                                        								_t122 = _t106 - _t79 >> 2;
                                                                                                                                                                                                                                                        								_v28 = _t122;
                                                                                                                                                                                                                                                        								_t123 = _t122 - 8;
                                                                                                                                                                                                                                                        								if(_t123 >= 0) {
                                                                                                                                                                                                                                                        									_t107 = _t79 + 0x20;
                                                                                                                                                                                                                                                        									if(8 != 0) {
                                                                                                                                                                                                                                                        										_t136 = 8 << 2;
                                                                                                                                                                                                                                                        										asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											 *_t79 =  *_t140;
                                                                                                                                                                                                                                                        											_t79 = _t79 + 4;
                                                                                                                                                                                                                                                        											_t136 = _t136 + 0xfffffffc;
                                                                                                                                                                                                                                                        										} while (_t136 != 0);
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t79 == _t106) {
                                                                                                                                                                                                                                                        										_t107 = _t79;
                                                                                                                                                                                                                                                        										if(8 != _v28) {
                                                                                                                                                                                                                                                        											asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        											goto L30;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v32 = _t92;
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											 *_t79 =  *_t140;
                                                                                                                                                                                                                                                        											_t79 = _t79 + 4;
                                                                                                                                                                                                                                                        										} while (_t106 != _t79);
                                                                                                                                                                                                                                                        										_t92 = _v32;
                                                                                                                                                                                                                                                        										_t107 =  *((intOrPtr*)(_t92 + 4));
                                                                                                                                                                                                                                                        										if(8 != _v28) {
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												L30:
                                                                                                                                                                                                                                                        												_t79 =  *_t140;
                                                                                                                                                                                                                                                        												 *_t107 = _t79;
                                                                                                                                                                                                                                                        												_t107 = _t107 + 4;
                                                                                                                                                                                                                                                        												_t123 = _t123 + 1;
                                                                                                                                                                                                                                                        											} while (_t123 != 0);
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v32 = _t92;
                                                                                                                                                                                                                                                        								if(8 >= 0x40000000) {
                                                                                                                                                                                                                                                        									E00BC14B0(_t92, _t105);
                                                                                                                                                                                                                                                        									goto L34;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v28 = 0x3fffffff;
                                                                                                                                                                                                                                                        									_t95 = _t119 >> 1;
                                                                                                                                                                                                                                                        									_v28 = _v28 - _t95;
                                                                                                                                                                                                                                                        									_t96 = _t95 + _t119;
                                                                                                                                                                                                                                                        									_t97 =  <  ? 8 : _t96;
                                                                                                                                                                                                                                                        									_t92 =  >  ? 8 :  <  ? 8 : _t96;
                                                                                                                                                                                                                                                        									if(_t79 == 0) {
                                                                                                                                                                                                                                                        										L15:
                                                                                                                                                                                                                                                        										_t128 = _t92;
                                                                                                                                                                                                                                                        										_t92 = _v32;
                                                                                                                                                                                                                                                        										E00BC3C20(_t92, _v32, _t128);
                                                                                                                                                                                                                                                        										_t112 =  *_t92;
                                                                                                                                                                                                                                                        										asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											_t79 =  *_t140;
                                                                                                                                                                                                                                                        											 *_t112 = _t79;
                                                                                                                                                                                                                                                        											_t112 = _t112 + 4;
                                                                                                                                                                                                                                                        											_t135 = _t135 - 1;
                                                                                                                                                                                                                                                        										} while (_t135 != 0);
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t92 + 4)) = _t107;
                                                                                                                                                                                                                                                        										return _t79;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										if(_t105 < 0x1000) {
                                                                                                                                                                                                                                                        											_t129 = _t79;
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t119 =  *(_t79 - 4);
                                                                                                                                                                                                                                                        											if(_t79 + 0xfffffffc - _t119 >= 0x20) {
                                                                                                                                                                                                                                                        												L34:
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t144);
                                                                                                                                                                                                                                                        												_push(_t92);
                                                                                                                                                                                                                                                        												_push(_t135);
                                                                                                                                                                                                                                                        												_push(_t140);
                                                                                                                                                                                                                                                        												_t137 = _t105;
                                                                                                                                                                                                                                                        												_v84 = _t119;
                                                                                                                                                                                                                                                        												_v80 =  *((intOrPtr*)(_t105 + 4)) -  *_t105 >> 2;
                                                                                                                                                                                                                                                        												_t84 = E00BC3B70(_t119);
                                                                                                                                                                                                                                                        												_t109 =  *_t137;
                                                                                                                                                                                                                                                        												_t125 =  *((intOrPtr*)(_t137 + 4));
                                                                                                                                                                                                                                                        												if(_t109 != _t125) {
                                                                                                                                                                                                                                                        													_t127 = _t125 - _t109;
                                                                                                                                                                                                                                                        													_t141 = 0;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														_t92 =  *((intOrPtr*)(_t109 + _t141));
                                                                                                                                                                                                                                                        														 *((intOrPtr*)(_t84 + _t141)) =  *((intOrPtr*)(_t109 + _t141));
                                                                                                                                                                                                                                                        														_t141 = _t141 + 4;
                                                                                                                                                                                                                                                        													} while (_t127 != _t141);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												return E00BC3BC0(_t92, _t137, _t84, _v32, _v36);
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t105 = _t105 + 0x23;
                                                                                                                                                                                                                                                        												L14:
                                                                                                                                                                                                                                                        												_push(_t105);
                                                                                                                                                                                                                                                        												_push(_t129);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t153 = _t153 + 8;
                                                                                                                                                                                                                                                        												goto L15;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L35();
                                                                                                                                                                                                                                                        							goto L6;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t89 = _t68 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t100 + 4)) = _t89;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_v24 = __eax;
                                                                                                                                                                                                                                                        					return _t89;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















































                                                                                                                                                                                                                                                        0x00bc38a9
                                                                                                                                                                                                                                                        0x00bc38ae
                                                                                                                                                                                                                                                        0x00bc38b1
                                                                                                                                                                                                                                                        0x00bc38b3
                                                                                                                                                                                                                                                        0x00bc38bb
                                                                                                                                                                                                                                                        0x00bc38c1
                                                                                                                                                                                                                                                        0x00bc38c4
                                                                                                                                                                                                                                                        0x00bc38c7
                                                                                                                                                                                                                                                        0x00bc38ca
                                                                                                                                                                                                                                                        0x00bc38cf
                                                                                                                                                                                                                                                        0x00bc38d2
                                                                                                                                                                                                                                                        0x00bc38d2
                                                                                                                                                                                                                                                        0x00bc38d7
                                                                                                                                                                                                                                                        0x00bc38d9
                                                                                                                                                                                                                                                        0x00bc38dc
                                                                                                                                                                                                                                                        0x00bc38e3
                                                                                                                                                                                                                                                        0x00bc38ea
                                                                                                                                                                                                                                                        0x00bc38f1
                                                                                                                                                                                                                                                        0x00bc38f3
                                                                                                                                                                                                                                                        0x00bc38f8
                                                                                                                                                                                                                                                        0x00bc3902
                                                                                                                                                                                                                                                        0x00bc3904
                                                                                                                                                                                                                                                        0x00bc3907
                                                                                                                                                                                                                                                        0x00bc390e
                                                                                                                                                                                                                                                        0x00bc3915
                                                                                                                                                                                                                                                        0x00bc391c
                                                                                                                                                                                                                                                        0x00bc391f
                                                                                                                                                                                                                                                        0x00bc3926
                                                                                                                                                                                                                                                        0x00bc392b
                                                                                                                                                                                                                                                        0x00bc392e
                                                                                                                                                                                                                                                        0x00bc3936
                                                                                                                                                                                                                                                        0x00bc394c
                                                                                                                                                                                                                                                        0x00bc3951
                                                                                                                                                                                                                                                        0x00bc3956
                                                                                                                                                                                                                                                        0x00bc3957
                                                                                                                                                                                                                                                        0x00bc3958
                                                                                                                                                                                                                                                        0x00bc3959
                                                                                                                                                                                                                                                        0x00bc395a
                                                                                                                                                                                                                                                        0x00bc395b
                                                                                                                                                                                                                                                        0x00bc395c
                                                                                                                                                                                                                                                        0x00bc395d
                                                                                                                                                                                                                                                        0x00bc395e
                                                                                                                                                                                                                                                        0x00bc395f
                                                                                                                                                                                                                                                        0x00bc3961
                                                                                                                                                                                                                                                        0x00bc3963
                                                                                                                                                                                                                                                        0x00bc3964
                                                                                                                                                                                                                                                        0x00bc3965
                                                                                                                                                                                                                                                        0x00bc3966
                                                                                                                                                                                                                                                        0x00bc3969
                                                                                                                                                                                                                                                        0x00bc3973
                                                                                                                                                                                                                                                        0x00bc3977
                                                                                                                                                                                                                                                        0x00bc3985
                                                                                                                                                                                                                                                        0x00bc3999
                                                                                                                                                                                                                                                        0x00bc39a1
                                                                                                                                                                                                                                                        0x00bc39a7
                                                                                                                                                                                                                                                        0x00bc39a8
                                                                                                                                                                                                                                                        0x00bc39b0
                                                                                                                                                                                                                                                        0x00bc39b3
                                                                                                                                                                                                                                                        0x00bc39b6
                                                                                                                                                                                                                                                        0x00bc39ca
                                                                                                                                                                                                                                                        0x00bc3987
                                                                                                                                                                                                                                                        0x00bc398d
                                                                                                                                                                                                                                                        0x00bc39cb
                                                                                                                                                                                                                                                        0x00bc39d0
                                                                                                                                                                                                                                                        0x00bc39d1
                                                                                                                                                                                                                                                        0x00bc39d3
                                                                                                                                                                                                                                                        0x00bc39d4
                                                                                                                                                                                                                                                        0x00bc39d5
                                                                                                                                                                                                                                                        0x00bc39d6
                                                                                                                                                                                                                                                        0x00bc39d9
                                                                                                                                                                                                                                                        0x00bc39db
                                                                                                                                                                                                                                                        0x00bc39e0
                                                                                                                                                                                                                                                        0x00bc39e3
                                                                                                                                                                                                                                                        0x00bc39e5
                                                                                                                                                                                                                                                        0x00bc39e9
                                                                                                                                                                                                                                                        0x00bc39ee
                                                                                                                                                                                                                                                        0x00bc3a75
                                                                                                                                                                                                                                                        0x00bc3a7c
                                                                                                                                                                                                                                                        0x00bc3a7f
                                                                                                                                                                                                                                                        0x00bc3a82
                                                                                                                                                                                                                                                        0x00bc3a84
                                                                                                                                                                                                                                                        0x00bc3aa8
                                                                                                                                                                                                                                                        0x00bc3aad
                                                                                                                                                                                                                                                        0x00bc3aaf
                                                                                                                                                                                                                                                        0x00bc3ab2
                                                                                                                                                                                                                                                        0x00bc3ac0
                                                                                                                                                                                                                                                        0x00bc3ac2
                                                                                                                                                                                                                                                        0x00bc3ac4
                                                                                                                                                                                                                                                        0x00bc3ac7
                                                                                                                                                                                                                                                        0x00bc3ac7
                                                                                                                                                                                                                                                        0x00bc3acc
                                                                                                                                                                                                                                                        0x00bc3a86
                                                                                                                                                                                                                                                        0x00bc3a88
                                                                                                                                                                                                                                                        0x00bc3ace
                                                                                                                                                                                                                                                        0x00bc3ad3
                                                                                                                                                                                                                                                        0x00bc3ad5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3ad5
                                                                                                                                                                                                                                                        0x00bc3a8a
                                                                                                                                                                                                                                                        0x00bc3a8a
                                                                                                                                                                                                                                                        0x00bc3a90
                                                                                                                                                                                                                                                        0x00bc3a92
                                                                                                                                                                                                                                                        0x00bc3a94
                                                                                                                                                                                                                                                        0x00bc3a97
                                                                                                                                                                                                                                                        0x00bc3a9b
                                                                                                                                                                                                                                                        0x00bc3a9e
                                                                                                                                                                                                                                                        0x00bc3aa4
                                                                                                                                                                                                                                                        0x00bc3ae0
                                                                                                                                                                                                                                                        0x00bc3ae0
                                                                                                                                                                                                                                                        0x00bc3ae0
                                                                                                                                                                                                                                                        0x00bc3ae2
                                                                                                                                                                                                                                                        0x00bc3ae4
                                                                                                                                                                                                                                                        0x00bc3ae7
                                                                                                                                                                                                                                                        0x00bc3ae7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3aa6
                                                                                                                                                                                                                                                        0x00bc3aa4
                                                                                                                                                                                                                                                        0x00bc3a88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc39f4
                                                                                                                                                                                                                                                        0x00bc39fa
                                                                                                                                                                                                                                                        0x00bc39fd
                                                                                                                                                                                                                                                        0x00bc3af6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3a03
                                                                                                                                                                                                                                                        0x00bc3a05
                                                                                                                                                                                                                                                        0x00bc3a0c
                                                                                                                                                                                                                                                        0x00bc3a0e
                                                                                                                                                                                                                                                        0x00bc3a11
                                                                                                                                                                                                                                                        0x00bc3a15
                                                                                                                                                                                                                                                        0x00bc3a1b
                                                                                                                                                                                                                                                        0x00bc3a20
                                                                                                                                                                                                                                                        0x00bc3a4c
                                                                                                                                                                                                                                                        0x00bc3a4f
                                                                                                                                                                                                                                                        0x00bc3a51
                                                                                                                                                                                                                                                        0x00bc3a53
                                                                                                                                                                                                                                                        0x00bc3a58
                                                                                                                                                                                                                                                        0x00bc3a5a
                                                                                                                                                                                                                                                        0x00bc3a60
                                                                                                                                                                                                                                                        0x00bc3a60
                                                                                                                                                                                                                                                        0x00bc3a62
                                                                                                                                                                                                                                                        0x00bc3a64
                                                                                                                                                                                                                                                        0x00bc3a67
                                                                                                                                                                                                                                                        0x00bc3a67
                                                                                                                                                                                                                                                        0x00bc3a6a
                                                                                                                                                                                                                                                        0x00bc3a6a
                                                                                                                                                                                                                                                        0x00bc3a74
                                                                                                                                                                                                                                                        0x00bc3a22
                                                                                                                                                                                                                                                        0x00bc3a28
                                                                                                                                                                                                                                                        0x00bc3aef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3a2e
                                                                                                                                                                                                                                                        0x00bc3a2e
                                                                                                                                                                                                                                                        0x00bc3a39
                                                                                                                                                                                                                                                        0x00bc3afb
                                                                                                                                                                                                                                                        0x00bc3afb
                                                                                                                                                                                                                                                        0x00bc3b01
                                                                                                                                                                                                                                                        0x00bc3b02
                                                                                                                                                                                                                                                        0x00bc3b03
                                                                                                                                                                                                                                                        0x00bc3b04
                                                                                                                                                                                                                                                        0x00bc3b05
                                                                                                                                                                                                                                                        0x00bc3b06
                                                                                                                                                                                                                                                        0x00bc3b07
                                                                                                                                                                                                                                                        0x00bc3b08
                                                                                                                                                                                                                                                        0x00bc3b09
                                                                                                                                                                                                                                                        0x00bc3b0a
                                                                                                                                                                                                                                                        0x00bc3b0b
                                                                                                                                                                                                                                                        0x00bc3b0c
                                                                                                                                                                                                                                                        0x00bc3b0d
                                                                                                                                                                                                                                                        0x00bc3b0e
                                                                                                                                                                                                                                                        0x00bc3b0f
                                                                                                                                                                                                                                                        0x00bc3b10
                                                                                                                                                                                                                                                        0x00bc3b13
                                                                                                                                                                                                                                                        0x00bc3b14
                                                                                                                                                                                                                                                        0x00bc3b15
                                                                                                                                                                                                                                                        0x00bc3b1c
                                                                                                                                                                                                                                                        0x00bc3b1e
                                                                                                                                                                                                                                                        0x00bc3b28
                                                                                                                                                                                                                                                        0x00bc3b2b
                                                                                                                                                                                                                                                        0x00bc3b30
                                                                                                                                                                                                                                                        0x00bc3b32
                                                                                                                                                                                                                                                        0x00bc3b37
                                                                                                                                                                                                                                                        0x00bc3b39
                                                                                                                                                                                                                                                        0x00bc3b3b
                                                                                                                                                                                                                                                        0x00bc3b40
                                                                                                                                                                                                                                                        0x00bc3b40
                                                                                                                                                                                                                                                        0x00bc3b43
                                                                                                                                                                                                                                                        0x00bc3b46
                                                                                                                                                                                                                                                        0x00bc3b49
                                                                                                                                                                                                                                                        0x00bc3b40
                                                                                                                                                                                                                                                        0x00bc3b63
                                                                                                                                                                                                                                                        0x00bc3a3f
                                                                                                                                                                                                                                                        0x00bc3a3f
                                                                                                                                                                                                                                                        0x00bc3a42
                                                                                                                                                                                                                                                        0x00bc3a42
                                                                                                                                                                                                                                                        0x00bc3a43
                                                                                                                                                                                                                                                        0x00bc3a44
                                                                                                                                                                                                                                                        0x00bc3a49
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3a49
                                                                                                                                                                                                                                                        0x00bc3a39
                                                                                                                                                                                                                                                        0x00bc3a28
                                                                                                                                                                                                                                                        0x00bc3a20
                                                                                                                                                                                                                                                        0x00bc39fd
                                                                                                                                                                                                                                                        0x00bc398f
                                                                                                                                                                                                                                                        0x00bc3994
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3994
                                                                                                                                                                                                                                                        0x00bc398d
                                                                                                                                                                                                                                                        0x00bc3938
                                                                                                                                                                                                                                                        0x00bc3938
                                                                                                                                                                                                                                                        0x00bc3939
                                                                                                                                                                                                                                                        0x00bc393f
                                                                                                                                                                                                                                                        0x00bc3942
                                                                                                                                                                                                                                                        0x00bc394b
                                                                                                                                                                                                                                                        0x00bc394b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000002C,00BC3721,?,?,?,00BC3524,?), ref: 00BC38B3
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000024,?,00BC3721,?,?,?,00BC3524,?), ref: 00BC38F3
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?,?,00BC3721,?,?,?,00BC3524,?), ref: 00BC3951
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 4208904865-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 641f7ef110d75e050ad87f7b8ab4c2955cb1c2cf8013fcfdeb6c8993caa826c2
                                                                                                                                                                                                                                                        • Instruction ID: fe89da1b736ec2ac35909cf7fbd83d2cd05540a8aaec20fbb690922b7ffb9786
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 641f7ef110d75e050ad87f7b8ab4c2955cb1c2cf8013fcfdeb6c8993caa826c2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 782123B1A002059FDB44DF59C88975ABBF1FF48310F5481A9EC099F356D3B2E909CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BDD650(intOrPtr* __edx, intOrPtr* _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr* _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t22;
                                                                                                                                                                                                                                                        				intOrPtr _t23;
                                                                                                                                                                                                                                                        				intOrPtr* _t24;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t26;
                                                                                                                                                                                                                                                        				intOrPtr* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				char* _t33;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 = __edx;
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t31 = _a8;
                                                                                                                                                                                                                                                        				_t24 = _t31;
                                                                                                                                                                                                                                                        				_v20 = _t12 ^ _t34;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t31 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        					_t24 =  *_t31;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t14 = E00BDD4B0(_t24);
                                                                                                                                                                                                                                                        				_t32 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_t14 != 0) {
                                                                                                                                                                                                                                                        					_t23 = _a12;
                                                                                                                                                                                                                                                        					_t33 =  &_v28;
                                                                                                                                                                                                                                                        					_t30 = _t31;
                                                                                                                                                                                                                                                        					E00BDD600(_t33, _t31);
                                                                                                                                                                                                                                                        					_t26 =  *0xbfb5f0;
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					if(_t26 == 0) {
                                                                                                                                                                                                                                                        						_t22 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "CreateOPMProtectedOutputs");
                                                                                                                                                                                                                                                        						_t26 = _t22;
                                                                                                                                                                                                                                                        						 *0xbfb5f0 = _t22;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t17 =  *_t26(_t33, 1, _a16,  &_v32, _t23);
                                                                                                                                                                                                                                                        					_t32 = _t17;
                                                                                                                                                                                                                                                        					if(_t17 == 0) {
                                                                                                                                                                                                                                                        						 *_a20 = _v32;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t34, _t30);
                                                                                                                                                                                                                                                        				return _t32;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bdd650
                                                                                                                                                                                                                                                        0x00bdd659
                                                                                                                                                                                                                                                        0x00bdd65e
                                                                                                                                                                                                                                                        0x00bdd663
                                                                                                                                                                                                                                                        0x00bdd665
                                                                                                                                                                                                                                                        0x00bdd66c
                                                                                                                                                                                                                                                        0x00bdd66e
                                                                                                                                                                                                                                                        0x00bdd66e
                                                                                                                                                                                                                                                        0x00bdd670
                                                                                                                                                                                                                                                        0x00bdd675
                                                                                                                                                                                                                                                        0x00bdd67c
                                                                                                                                                                                                                                                        0x00bdd692
                                                                                                                                                                                                                                                        0x00bdd695
                                                                                                                                                                                                                                                        0x00bdd698
                                                                                                                                                                                                                                                        0x00bdd69c
                                                                                                                                                                                                                                                        0x00bdd6a1
                                                                                                                                                                                                                                                        0x00bdd6a7
                                                                                                                                                                                                                                                        0x00bdd6b0
                                                                                                                                                                                                                                                        0x00bdd6c3
                                                                                                                                                                                                                                                        0x00bdd6c9
                                                                                                                                                                                                                                                        0x00bdd6cb
                                                                                                                                                                                                                                                        0x00bdd6cb
                                                                                                                                                                                                                                                        0x00bdd6db
                                                                                                                                                                                                                                                        0x00bdd6dd
                                                                                                                                                                                                                                                        0x00bdd6e1
                                                                                                                                                                                                                                                        0x00bdd6e9
                                                                                                                                                                                                                                                        0x00bdd6e9
                                                                                                                                                                                                                                                        0x00bdd6e1
                                                                                                                                                                                                                                                        0x00bdd683
                                                                                                                                                                                                                                                        0x00bdd691

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll), ref: 00BDD6B7
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CreateOPMProtectedOutputs), ref: 00BDD6C3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: CreateOPMProtectedOutputs$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-243847470
                                                                                                                                                                                                                                                        • Opcode ID: 2830967edd1f5f6f5866854b9167101a13f42720da01710fdc7a59b1225e5295
                                                                                                                                                                                                                                                        • Instruction ID: c6bdc4c6d41a3d7bd3330bbd4ae4511be528a5227abab4629c410fbfd2bfb14e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2830967edd1f5f6f5866854b9167101a13f42720da01710fdc7a59b1225e5295
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 06117071A0021AAFDB049FA9D855ABFF7E9EF48314F00049AE95997351EF34AC05CBE0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCC020(void* __edx, void* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t22 = __edx;
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t17 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t8 ^ _t25;
                                                                                                                                                                                                                                                        				_v92 = 0x4c;
                                                                                                                                                                                                                                                        				_t10 = malloc(0x4c);
                                                                                                                                                                                                                                                        				_t27 = _t26 + 4;
                                                                                                                                                                                                                                                        				_t24 = _t10;
                                                                                                                                                                                                                                                        				if(GetTokenInformation(_a4, 1, _t24, 0x4c,  &_v92) != 0) {
                                                                                                                                                                                                                                                        					E00BE7140( &_v88,  *_t24);
                                                                                                                                                                                                                                                        					_t14 = E00BCBE80(_t22, _t17,  &_v88, 1, _a8);
                                                                                                                                                                                                                                                        					_t27 = _t27 + 0x10;
                                                                                                                                                                                                                                                        					_t18 = _t14;
                                                                                                                                                                                                                                                        					goto L2;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t18 = 0;
                                                                                                                                                                                                                                                        					if(_t24 != 0) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						free(_t24);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t25, _t22);
                                                                                                                                                                                                                                                        				return _t18;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bcc020
                                                                                                                                                                                                                                                        0x00bcc029
                                                                                                                                                                                                                                                        0x00bcc02e
                                                                                                                                                                                                                                                        0x00bcc033
                                                                                                                                                                                                                                                        0x00bcc036
                                                                                                                                                                                                                                                        0x00bcc03f
                                                                                                                                                                                                                                                        0x00bcc045
                                                                                                                                                                                                                                                        0x00bcc048
                                                                                                                                                                                                                                                        0x00bcc05c
                                                                                                                                                                                                                                                        0x00bcc089
                                                                                                                                                                                                                                                        0x00bcc095
                                                                                                                                                                                                                                                        0x00bcc09a
                                                                                                                                                                                                                                                        0x00bcc09d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc05e
                                                                                                                                                                                                                                                        0x00bcc05e
                                                                                                                                                                                                                                                        0x00bcc062
                                                                                                                                                                                                                                                        0x00bcc064
                                                                                                                                                                                                                                                        0x00bcc065
                                                                                                                                                                                                                                                        0x00bcc06b
                                                                                                                                                                                                                                                        0x00bcc062
                                                                                                                                                                                                                                                        0x00bcc073
                                                                                                                                                                                                                                                        0x00bcc081

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(0000004C), ref: 00BCC03F
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000001(TokenIntegrityLevel),00000000,0000004C,?), ref: 00BCC054
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,00000000), ref: 00BCC065
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: InformationTokenfreemalloc
                                                                                                                                                                                                                                                        • String ID: L
                                                                                                                                                                                                                                                        • API String ID: 987351147-2909332022
                                                                                                                                                                                                                                                        • Opcode ID: fc2ae06d559d4b216827ce21b7ab3b39010c0c3ff15cd3354d11c22bb5a2dd41
                                                                                                                                                                                                                                                        • Instruction ID: cefaea47e0cca75ebe27befdaed12b37983ebc8a6c3410cad55dbaeac4315ca0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fc2ae06d559d4b216827ce21b7ab3b39010c0c3ff15cd3354d11c22bb5a2dd41
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8901D8B1600304ABDB109FA5DC86FEF7FA9EF44744F000428FE09AB242DA765904C6A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BDD560(intOrPtr* __edx, intOrPtr* _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				void* _t15;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t21;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t23;
                                                                                                                                                                                                                                                        				intOrPtr* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				char* _t30;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t27 = __edx;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t28 = _a8;
                                                                                                                                                                                                                                                        				_t21 = _t28;
                                                                                                                                                                                                                                                        				_v16 = _t10 ^ _t31;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t28 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        					_t21 =  *_t28;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t12 = E00BDD4B0(_t21);
                                                                                                                                                                                                                                                        				_t29 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_t12 != 0) {
                                                                                                                                                                                                                                                        					_t30 =  &_v24;
                                                                                                                                                                                                                                                        					_t27 = _t28;
                                                                                                                                                                                                                                                        					E00BDD600(_t30, _t28);
                                                                                                                                                                                                                                                        					_t23 =  *0xbfb5ec;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					if(_t23 == 0) {
                                                                                                                                                                                                                                                        						_t20 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetSuggestedOPMProtectedOutputArraySize");
                                                                                                                                                                                                                                                        						_t23 = _t20;
                                                                                                                                                                                                                                                        						 *0xbfb5ec = _t20;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t15 =  *_t23(_t30,  &_v28);
                                                                                                                                                                                                                                                        					_t29 = _t15;
                                                                                                                                                                                                                                                        					if(_t15 == 0) {
                                                                                                                                                                                                                                                        						 *_a12 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v16 ^ _t31, _t27);
                                                                                                                                                                                                                                                        				return _t29;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bdd560
                                                                                                                                                                                                                                                        0x00bdd568
                                                                                                                                                                                                                                                        0x00bdd56d
                                                                                                                                                                                                                                                        0x00bdd572
                                                                                                                                                                                                                                                        0x00bdd574
                                                                                                                                                                                                                                                        0x00bdd57b
                                                                                                                                                                                                                                                        0x00bdd57d
                                                                                                                                                                                                                                                        0x00bdd57d
                                                                                                                                                                                                                                                        0x00bdd57f
                                                                                                                                                                                                                                                        0x00bdd584
                                                                                                                                                                                                                                                        0x00bdd58b
                                                                                                                                                                                                                                                        0x00bdd5a0
                                                                                                                                                                                                                                                        0x00bdd5a3
                                                                                                                                                                                                                                                        0x00bdd5a7
                                                                                                                                                                                                                                                        0x00bdd5ac
                                                                                                                                                                                                                                                        0x00bdd5b2
                                                                                                                                                                                                                                                        0x00bdd5bb
                                                                                                                                                                                                                                                        0x00bdd5ce
                                                                                                                                                                                                                                                        0x00bdd5d4
                                                                                                                                                                                                                                                        0x00bdd5d6
                                                                                                                                                                                                                                                        0x00bdd5d6
                                                                                                                                                                                                                                                        0x00bdd5e0
                                                                                                                                                                                                                                                        0x00bdd5e2
                                                                                                                                                                                                                                                        0x00bdd5e6
                                                                                                                                                                                                                                                        0x00bdd5ee
                                                                                                                                                                                                                                                        0x00bdd5ee
                                                                                                                                                                                                                                                        0x00bdd5e6
                                                                                                                                                                                                                                                        0x00bdd592
                                                                                                                                                                                                                                                        0x00bdd59f

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,?), ref: 00BDD5C2
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetSuggestedOPMProtectedOutputArraySize), ref: 00BDD5CE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • GetSuggestedOPMProtectedOutputArraySize, xrefs: 00BDD5C8
                                                                                                                                                                                                                                                        • gdi32.dll, xrefs: 00BDD5BD
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetSuggestedOPMProtectedOutputArraySize$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-3976124831
                                                                                                                                                                                                                                                        • Opcode ID: 5a928e2cf0e4120e2ea21f3d6246960ec0472a853ef8eb99f13f5278cb96d3cc
                                                                                                                                                                                                                                                        • Instruction ID: 04b2f1d1f6d3caf9c51dc86872d5072dc38caed69c4ccd621203790948521f2b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a928e2cf0e4120e2ea21f3d6246960ec0472a853ef8eb99f13f5278cb96d3cc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7D016D71B002159FDB08AF69E8559BEF7E9EF94318B0044AAE94697350EF34AD05CBE0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 46%
                                                                                                                                                                                                                                                        			E00BEBC90(void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				WCHAR* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				intOrPtr* _t14;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t25 = __edx;
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t11 ^ _t29;
                                                                                                                                                                                                                                                        				_t13 = E00BEBE20();
                                                                                                                                                                                                                                                        				__imp__?IsWin32kLockedDown@mozilla@@YA_NXZ();
                                                                                                                                                                                                                                                        				if(_t13 != 0) {
                                                                                                                                                                                                                                                        					if( *0xbfb748 == 0) {
                                                                                                                                                                                                                                                        						 *0xbfb748 = LoadLibraryW(L"Api-ms-win-core-apiquery-l1-1-0.dll");
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v40 = 0xbfb79c;
                                                                                                                                                                                                                                                        					_v36 = 0xbfb714;
                                                                                                                                                                                                                                                        					_v32 = "ApiSetQueryApiSetPresence";
                                                                                                                                                                                                                                                        					_v28 = E00BEDDC0;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					__imp__InitOnceExecuteOnce(0xbfb7a0, E00BEBFA0,  &_v40,  &_v20);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t14 = E00BE3760();
                                                                                                                                                                                                                                                        				if(_t14 == 0) {
                                                                                                                                                                                                                                                        					_t27 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t14))();
                                                                                                                                                                                                                                                        					_t27 =  ==  ? _t14 : 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v16 ^ _t29, _t25);
                                                                                                                                                                                                                                                        				return _t27;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bebc90
                                                                                                                                                                                                                                                        0x00bebc98
                                                                                                                                                                                                                                                        0x00bebc9f
                                                                                                                                                                                                                                                        0x00bebca2
                                                                                                                                                                                                                                                        0x00bebca7
                                                                                                                                                                                                                                                        0x00bebcaf
                                                                                                                                                                                                                                                        0x00bebcb8
                                                                                                                                                                                                                                                        0x00bebcc5
                                                                                                                                                                                                                                                        0x00bebcc5
                                                                                                                                                                                                                                                        0x00bebccd
                                                                                                                                                                                                                                                        0x00bebcd4
                                                                                                                                                                                                                                                        0x00bebcdb
                                                                                                                                                                                                                                                        0x00bebce2
                                                                                                                                                                                                                                                        0x00bebce9
                                                                                                                                                                                                                                                        0x00bebcf0
                                                                                                                                                                                                                                                        0x00bebd03
                                                                                                                                                                                                                                                        0x00bebd03
                                                                                                                                                                                                                                                        0x00bebd09
                                                                                                                                                                                                                                                        0x00bebd10
                                                                                                                                                                                                                                                        0x00bebd34
                                                                                                                                                                                                                                                        0x00bebd12
                                                                                                                                                                                                                                                        0x00bebd18
                                                                                                                                                                                                                                                        0x00bebd1e
                                                                                                                                                                                                                                                        0x00bebd1e
                                                                                                                                                                                                                                                        0x00bebd26
                                                                                                                                                                                                                                                        0x00bebd33

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEBE20: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_ENABLE_HANDLE_VERIFIER,?,?,?,?,?,00000000,?,?,00BEBDB7,?,00BEBD7B,00BB1412), ref: 00BEBE37
                                                                                                                                                                                                                                                        • ?IsWin32kLockedDown@mozilla@@YA_NXZ.MOZGLUE(?,?,?,00000000,?,?,00BEBC72,00BB1493), ref: 00BEBCA7
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Api-ms-win-core-apiquery-l1-1-0.dll,?,?,?,00000000,?,?,00BEBC72,00BB1493), ref: 00BEBCBF
                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(00BFB7A0,00BEBFA0,00BFB79C,00000000), ref: 00BEBD03
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Api-ms-win-core-apiquery-l1-1-0.dll, xrefs: 00BEBCBA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Once$Down@mozilla@@ExecuteInitLibraryLoadLockedWin32kgetenv
                                                                                                                                                                                                                                                        • String ID: Api-ms-win-core-apiquery-l1-1-0.dll
                                                                                                                                                                                                                                                        • API String ID: 3164627539-3406996180
                                                                                                                                                                                                                                                        • Opcode ID: 8465abbfb2b0fc6094a25879fe1dac1f14d41c176bfdd9280474cba2c9b9862f
                                                                                                                                                                                                                                                        • Instruction ID: fb1801b4264b24f6b9a8744bd366b5692b1fa197564339756aa0be7e515975ee
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8465abbfb2b0fc6094a25879fe1dac1f14d41c176bfdd9280474cba2c9b9862f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BC113C71A0025D9BCB14EFA6DC49ABFBBF4EF48705F5044E8E501A7261DFB45908CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BDD780(intOrPtr* __edx, intOrPtr* _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t16;
                                                                                                                                                                                                                                                        				intOrPtr _t17;
                                                                                                                                                                                                                                                        				intOrPtr* _t18;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t24;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				char* _t26;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t23 = __edx;
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t24 = _a8;
                                                                                                                                                                                                                                                        				_t18 = _t24;
                                                                                                                                                                                                                                                        				_v20 = _t8 ^ _t27;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t24 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        					_t18 =  *_t24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t10 = E00BDD4B0(_t18);
                                                                                                                                                                                                                                                        				_t25 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_t10 != 0) {
                                                                                                                                                                                                                                                        					_t17 = _a12;
                                                                                                                                                                                                                                                        					_t26 =  &_v28;
                                                                                                                                                                                                                                                        					_t23 = _t24;
                                                                                                                                                                                                                                                        					E00BDD600(_t26, _t24);
                                                                                                                                                                                                                                                        					_t20 =  *0xbfb5f8;
                                                                                                                                                                                                                                                        					if(_t20 == 0) {
                                                                                                                                                                                                                                                        						_t16 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetCertificate");
                                                                                                                                                                                                                                                        						_t20 = _t16;
                                                                                                                                                                                                                                                        						 *0xbfb5f8 = _t16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t25 =  *_t20(_t26, 0, _t17, _a16);
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t27, _t23);
                                                                                                                                                                                                                                                        					return _t25;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bdd780
                                                                                                                                                                                                                                                        0x00bdd789
                                                                                                                                                                                                                                                        0x00bdd78e
                                                                                                                                                                                                                                                        0x00bdd793
                                                                                                                                                                                                                                                        0x00bdd795
                                                                                                                                                                                                                                                        0x00bdd79c
                                                                                                                                                                                                                                                        0x00bdd79e
                                                                                                                                                                                                                                                        0x00bdd79e
                                                                                                                                                                                                                                                        0x00bdd7a0
                                                                                                                                                                                                                                                        0x00bdd7a5
                                                                                                                                                                                                                                                        0x00bdd7ac
                                                                                                                                                                                                                                                        0x00bdd7c2
                                                                                                                                                                                                                                                        0x00bdd7c5
                                                                                                                                                                                                                                                        0x00bdd7c8
                                                                                                                                                                                                                                                        0x00bdd7cc
                                                                                                                                                                                                                                                        0x00bdd7d1
                                                                                                                                                                                                                                                        0x00bdd7d9
                                                                                                                                                                                                                                                        0x00bdd7ec
                                                                                                                                                                                                                                                        0x00bdd7f2
                                                                                                                                                                                                                                                        0x00bdd7f4
                                                                                                                                                                                                                                                        0x00bdd7f4
                                                                                                                                                                                                                                                        0x00bdd802
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd7ae
                                                                                                                                                                                                                                                        0x00bdd7ae
                                                                                                                                                                                                                                                        0x00bdd7b3
                                                                                                                                                                                                                                                        0x00bdd7c1
                                                                                                                                                                                                                                                        0x00bdd7c1

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?), ref: 00BDD7E0
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetCertificate), ref: 00BDD7EC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetCertificate$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1557901897
                                                                                                                                                                                                                                                        • Opcode ID: 437c3822acdcc6b12b9e5998c211cd34dc23f74ce3e1795f2ef8716766eda780
                                                                                                                                                                                                                                                        • Instruction ID: e517dc4f2e428b2ffa0936b84164536a54dbb649f7d2fadbdaa6104bb4496fd3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 437c3822acdcc6b12b9e5998c211cd34dc23f74ce3e1795f2ef8716766eda780
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BE019E31B00219AFDB04AF65EC55ABFB3E9EF84314B0004AAE94A97350EF306C05C7E4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BDD6F0(intOrPtr* __edx, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _t7;
                                                                                                                                                                                                                                                        				void* _t9;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t15;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				intOrPtr* _t17;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t19;
                                                                                                                                                                                                                                                        				intOrPtr* _t23;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				char* _t25;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t22 = __edx;
                                                                                                                                                                                                                                                        				_t7 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t23 = _a8;
                                                                                                                                                                                                                                                        				_t17 = _t23;
                                                                                                                                                                                                                                                        				_v20 = _t7 ^ _t26;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t23 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        					_t17 =  *_t23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t9 = E00BDD4B0(_t17);
                                                                                                                                                                                                                                                        				_t24 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_t9 != 0) {
                                                                                                                                                                                                                                                        					_t16 = _a12;
                                                                                                                                                                                                                                                        					_t25 =  &_v28;
                                                                                                                                                                                                                                                        					_t22 = _t23;
                                                                                                                                                                                                                                                        					E00BDD600(_t25, _t23);
                                                                                                                                                                                                                                                        					_t19 =  *0xbfb5f4;
                                                                                                                                                                                                                                                        					if(_t19 == 0) {
                                                                                                                                                                                                                                                        						_t15 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetCertificateSize");
                                                                                                                                                                                                                                                        						_t19 = _t15;
                                                                                                                                                                                                                                                        						 *0xbfb5f4 = _t15;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t24 =  *_t19(_t25, 0, _t16);
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t26, _t22);
                                                                                                                                                                                                                                                        					return _t24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bdd6f0
                                                                                                                                                                                                                                                        0x00bdd6f9
                                                                                                                                                                                                                                                        0x00bdd6fe
                                                                                                                                                                                                                                                        0x00bdd703
                                                                                                                                                                                                                                                        0x00bdd705
                                                                                                                                                                                                                                                        0x00bdd70c
                                                                                                                                                                                                                                                        0x00bdd70e
                                                                                                                                                                                                                                                        0x00bdd70e
                                                                                                                                                                                                                                                        0x00bdd710
                                                                                                                                                                                                                                                        0x00bdd715
                                                                                                                                                                                                                                                        0x00bdd71c
                                                                                                                                                                                                                                                        0x00bdd732
                                                                                                                                                                                                                                                        0x00bdd735
                                                                                                                                                                                                                                                        0x00bdd738
                                                                                                                                                                                                                                                        0x00bdd73c
                                                                                                                                                                                                                                                        0x00bdd741
                                                                                                                                                                                                                                                        0x00bdd749
                                                                                                                                                                                                                                                        0x00bdd75c
                                                                                                                                                                                                                                                        0x00bdd762
                                                                                                                                                                                                                                                        0x00bdd764
                                                                                                                                                                                                                                                        0x00bdd764
                                                                                                                                                                                                                                                        0x00bdd76f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd71e
                                                                                                                                                                                                                                                        0x00bdd71e
                                                                                                                                                                                                                                                        0x00bdd723
                                                                                                                                                                                                                                                        0x00bdd731
                                                                                                                                                                                                                                                        0x00bdd731

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll), ref: 00BDD750
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetCertificateSize), ref: 00BDD75C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetCertificateSize$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1197277730
                                                                                                                                                                                                                                                        • Opcode ID: e9623872d1a074eea8a38b8282a920edeca51eb730107fbbeedfc0bc01a80826
                                                                                                                                                                                                                                                        • Instruction ID: cc83264fb7e46ee5b84c09d94a771a94df94314443b239648cad0960b465d9ba
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e9623872d1a074eea8a38b8282a920edeca51eb730107fbbeedfc0bc01a80826
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7A017C31B40219AFDB08AF65EC55A7FB7E9EF84314B0004AAE94A97350EF306C05C7E4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE060(intOrPtr* __ecx, intOrPtr* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t15;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t21;
                                                                                                                                                                                                                                                        				intOrPtr* _t22;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t20 = __edx;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t9 ^ _t24;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x10)) == 0) {
                                                                                                                                                                                                                                                        					_t22 = __edx;
                                                                                                                                                                                                                                                        					if( *((char*)(__edx + 0x10)) != 0 ||  *__ecx != 0 ||  *__edx != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t21 =  &_v28;
                                                                                                                                                                                                                                                        						RtlInitUnicodeString(_t21, __ecx + 0x14);
                                                                                                                                                                                                                                                        						_t15 =  &_v36;
                                                                                                                                                                                                                                                        						RtlInitUnicodeString(_t15, _t22 + 0x14);
                                                                                                                                                                                                                                                        						_t14 = _t15 & 0xffffff00 | RtlEqualUnicodeString(_t21, _t15, 1) != 0x00000000;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t14 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t24, _t20);
                                                                                                                                                                                                                                                        				return _t14;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bbe060
                                                                                                                                                                                                                                                        0x00bbe069
                                                                                                                                                                                                                                                        0x00bbe070
                                                                                                                                                                                                                                                        0x00bbe077
                                                                                                                                                                                                                                                        0x00bbe093
                                                                                                                                                                                                                                                        0x00bbe095
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe0a1
                                                                                                                                                                                                                                                        0x00bbe0a4
                                                                                                                                                                                                                                                        0x00bbe0a9
                                                                                                                                                                                                                                                        0x00bbe0b1
                                                                                                                                                                                                                                                        0x00bbe0b6
                                                                                                                                                                                                                                                        0x00bbe0c6
                                                                                                                                                                                                                                                        0x00bbe0c6
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe080
                                                                                                                                                                                                                                                        0x00bbe08e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,?), ref: 00BBE0A9
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,?), ref: 00BBE0B6
                                                                                                                                                                                                                                                        • RtlEqualUnicodeString.NTDLL ref: 00BBE0BF
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h, xrefs: 00BBE063
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: StringUnicode$Init$Equal
                                                                                                                                                                                                                                                        • String ID: /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h
                                                                                                                                                                                                                                                        • API String ID: 1551056730-3364526140
                                                                                                                                                                                                                                                        • Opcode ID: 2e6155fd7b78d422a000c126f7c96cd775041949389652b1b2ad5f73ea6adb68
                                                                                                                                                                                                                                                        • Instruction ID: 3bb2c1b0a3ad24020bfa37d6bd21256b2d6acacf2de45f3bd0af732bbe8b0383
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2e6155fd7b78d422a000c126f7c96cd775041949389652b1b2ad5f73ea6adb68
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21F044719002196BDB107B698C86BFB77E8EB01318FC109FCE4252B142D7F4CC89C2A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BB6160(intOrPtr _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				char* _t10;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				intOrPtr* _t21;
                                                                                                                                                                                                                                                        				intOrPtr _t22;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t8 ^ _t23;
                                                                                                                                                                                                                                                        				_t10 =  &_v20;
                                                                                                                                                                                                                                                        				__imp__GetModuleHandleExW(6, _v0, _t10);
                                                                                                                                                                                                                                                        				if(_t10 == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t21 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t22 = _v20;
                                                                                                                                                                                                                                                        					if(_t22 == 0 || _t22 != GetModuleHandleW(L"mozglue.dll")) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L00BEF762();
                                                                                                                                                                                                                                                        						_t21 =  *0xbf0550; // 0xbfa044
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t21 + 0x1c))(_a4, 0xbfa7d0, E00BC0F50, 0, 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v16 ^ _t23, _t19);
                                                                                                                                                                                                                                                        				return _t21;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bb6168
                                                                                                                                                                                                                                                        0x00bb616f
                                                                                                                                                                                                                                                        0x00bb6172
                                                                                                                                                                                                                                                        0x00bb617b
                                                                                                                                                                                                                                                        0x00bb6183
                                                                                                                                                                                                                                                        0x00bb61d2
                                                                                                                                                                                                                                                        0x00bb61d2
                                                                                                                                                                                                                                                        0x00bb6185
                                                                                                                                                                                                                                                        0x00bb6185
                                                                                                                                                                                                                                                        0x00bb618a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb619b
                                                                                                                                                                                                                                                        0x00bb61ac
                                                                                                                                                                                                                                                        0x00bb61b1
                                                                                                                                                                                                                                                        0x00bb61bc
                                                                                                                                                                                                                                                        0x00bb61bc
                                                                                                                                                                                                                                                        0x00bb618a
                                                                                                                                                                                                                                                        0x00bb61c4
                                                                                                                                                                                                                                                        0x00bb61d1

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleExW.KERNEL32(00000006,?,?), ref: 00BB617B
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(mozglue.dll), ref: 00BB6191
                                                                                                                                                                                                                                                        • RtlRunOnceExecuteOnce.NTDLL ref: 00BB61AC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModuleOnce$Execute
                                                                                                                                                                                                                                                        • String ID: mozglue.dll
                                                                                                                                                                                                                                                        • API String ID: 3073045944-2883331376
                                                                                                                                                                                                                                                        • Opcode ID: 62baefdfd1f1acbdc933f284f78e6dfe2112b74a57731751795eb8fffbc52b6e
                                                                                                                                                                                                                                                        • Instruction ID: 7ee95da51c2283bf93c58c9069f08c45301f8c33f8ee68dc5cab9cad0c8de0f2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 62baefdfd1f1acbdc933f284f78e6dfe2112b74a57731751795eb8fffbc52b6e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21016231B40228ABCB10AFA99C45FBE77A5FF44B10F0540A4FE59BB291DE70AC04CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BE5CE0(intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr* _a16, intOrPtr _a20, intOrPtr _a24) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t15;
                                                                                                                                                                                                                                                        				intOrPtr* _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t18;
                                                                                                                                                                                                                                                        				intOrPtr _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t21;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t13 =  *0xbfb6ac;
                                                                                                                                                                                                                                                        				_t21 = _a4;
                                                                                                                                                                                                                                                        				if(_t13 == 0) {
                                                                                                                                                                                                                                                        					_t13 = GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "RtlInitUnicodeString");
                                                                                                                                                                                                                                                        					 *0xbfb6ac = _t13;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t18 = _a20;
                                                                                                                                                                                                                                                        				_t17 = _a16;
                                                                                                                                                                                                                                                        				_t20 = _a12;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t21 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        					_t21 =  *_t21;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t13(_t18, _t21);
                                                                                                                                                                                                                                                        				_t15 = _a8;
                                                                                                                                                                                                                                                        				 *_t17 = 0x18;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 4)) = _t20;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 0xc)) = _t15;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 8)) = _t18;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 0x14)) = _a24;
                                                                                                                                                                                                                                                        				return _t15;
                                                                                                                                                                                                                                                        			}









                                                                                                                                                                                                                                                        0x00be5ce6
                                                                                                                                                                                                                                                        0x00be5ceb
                                                                                                                                                                                                                                                        0x00be5cf0
                                                                                                                                                                                                                                                        0x00be5d03
                                                                                                                                                                                                                                                        0x00be5d09
                                                                                                                                                                                                                                                        0x00be5d09
                                                                                                                                                                                                                                                        0x00be5d0e
                                                                                                                                                                                                                                                        0x00be5d11
                                                                                                                                                                                                                                                        0x00be5d14
                                                                                                                                                                                                                                                        0x00be5d1b
                                                                                                                                                                                                                                                        0x00be5d1d
                                                                                                                                                                                                                                                        0x00be5d1d
                                                                                                                                                                                                                                                        0x00be5d23
                                                                                                                                                                                                                                                        0x00be5d25
                                                                                                                                                                                                                                                        0x00be5d2b
                                                                                                                                                                                                                                                        0x00be5d31
                                                                                                                                                                                                                                                        0x00be5d34
                                                                                                                                                                                                                                                        0x00be5d37
                                                                                                                                                                                                                                                        0x00be5d3a
                                                                                                                                                                                                                                                        0x00be5d41
                                                                                                                                                                                                                                                        0x00be5d48

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,?,00000000,?,?,00BE33B2,?,00000000,00000000,?,?,00000000), ref: 00BE5CF7
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,RtlInitUnicodeString), ref: 00BE5D03
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: RtlInitUnicodeString$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-760228555
                                                                                                                                                                                                                                                        • Opcode ID: 2f884789e59ddd3173961b52ed4eafd03b535fcda6e0a0237249673ebdf79828
                                                                                                                                                                                                                                                        • Instruction ID: 1a75d3dee28b576c02f7330a3ac924652265fe783aa12dea5eb58dcf23803109
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2f884789e59ddd3173961b52ed4eafd03b535fcda6e0a0237249673ebdf79828
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EA01E8B1504218AFCB14CF59DC84956BBE8EF48354B04849AED059B341CB71E800CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD600(void* __ecx, intOrPtr* __edx) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t3;
                                                                                                                                                                                                                                                        				intOrPtr* _t8;
                                                                                                                                                                                                                                                        				void* _t9;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t3 =  *0xbfb5e0;
                                                                                                                                                                                                                                                        				_t8 = __edx;
                                                                                                                                                                                                                                                        				_t9 = __ecx;
                                                                                                                                                                                                                                                        				if(_t3 == 0) {
                                                                                                                                                                                                                                                        					_t3 = GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "RtlInitUnicodeString");
                                                                                                                                                                                                                                                        					 *0xbfb5e0 = _t3;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t8 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(__edx + 0x14)) > 7) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t8 =  *_t8;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t3(_t9, _t8);
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00bdd605
                                                                                                                                                                                                                                                        0x00bdd60a
                                                                                                                                                                                                                                                        0x00bdd60c
                                                                                                                                                                                                                                                        0x00bdd610
                                                                                                                                                                                                                                                        0x00bdd633
                                                                                                                                                                                                                                                        0x00bdd639
                                                                                                                                                                                                                                                        0x00bdd642
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd644
                                                                                                                                                                                                                                                        0x00bdd612
                                                                                                                                                                                                                                                        0x00bdd616
                                                                                                                                                                                                                                                        0x00bdd618
                                                                                                                                                                                                                                                        0x00bdd618
                                                                                                                                                                                                                                                        0x00bdd618
                                                                                                                                                                                                                                                        0x00bdd616
                                                                                                                                                                                                                                                        0x00bdd621

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,00000007,?,?,00BDD5AC,?,?,?,?), ref: 00BDD627
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,RtlInitUnicodeString), ref: 00BDD633
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: RtlInitUnicodeString$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-760228555
                                                                                                                                                                                                                                                        • Opcode ID: b3f8e39f9490c3ade2060de5241d3de091eb357420347bcea65e578ce5821506
                                                                                                                                                                                                                                                        • Instruction ID: f0188c3e26f8a6ce7c37e44f812c9dafe0657fd41c066f242929a57d3ce23eab
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b3f8e39f9490c3ade2060de5241d3de091eb357420347bcea65e578ce5821506
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3AE01231545715BB82209FA9EC19C6AB7ECFE857A230845A7F908C3210EF70E846CBF1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD860(intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t8;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfb600;
                                                                                                                                                                                                                                                        				if(_t8 == 0) {
                                                                                                                                                                                                                                                        					_t5 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetCertificateByHandle");
                                                                                                                                                                                                                                                        					_t8 = _t5;
                                                                                                                                                                                                                                                        					 *0xbfb600 = _t5;
                                                                                                                                                                                                                                                        					if(_t5 != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						return 0xc0000002;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					return  *_t8(_a8, 0, _a12, _a16);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd863
                                                                                                                                                                                                                                                        0x00bdd86b
                                                                                                                                                                                                                                                        0x00bdd88d
                                                                                                                                                                                                                                                        0x00bdd893
                                                                                                                                                                                                                                                        0x00bdd897
                                                                                                                                                                                                                                                        0x00bdd89c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd89e
                                                                                                                                                                                                                                                        0x00bdd8a4
                                                                                                                                                                                                                                                        0x00bdd8a4
                                                                                                                                                                                                                                                        0x00bdd86d
                                                                                                                                                                                                                                                        0x00bdd86d
                                                                                                                                                                                                                                                        0x00bdd87b
                                                                                                                                                                                                                                                        0x00bdd87b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,00BDAAC7,?,?,?,?), ref: 00BDD881
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetCertificateByHandle), ref: 00BDD88D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetCertificateByHandle$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-467210491
                                                                                                                                                                                                                                                        • Opcode ID: f3800c7c4f740a64979d1e7eb4ec7f825ad70151707d0117b10de99cabd48021
                                                                                                                                                                                                                                                        • Instruction ID: 6a24e7cedb50a87abf5fa20351f66133014e7fe4f2ff343e115ac7e4402454d0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f3800c7c4f740a64979d1e7eb4ec7f825ad70151707d0117b10de99cabd48021
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B3E09A7128430DBBDF159FA9AC15E7A7B99AB48725F008099BA09D7261EF729810D710
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD8B0(intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t6;
                                                                                                                                                                                                                                                        				intOrPtr _t7;
                                                                                                                                                                                                                                                        				intOrPtr _t8;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t6 =  *0xbfb604;
                                                                                                                                                                                                                                                        				_t7 = _a12;
                                                                                                                                                                                                                                                        				_t8 = _a8;
                                                                                                                                                                                                                                                        				if(_t6 == 0) {
                                                                                                                                                                                                                                                        					_t5 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetOPMRandomNumber");
                                                                                                                                                                                                                                                        					_t6 = _t5;
                                                                                                                                                                                                                                                        					 *0xbfb604 = _t5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t6(_t8, _t7);
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00bdd8b5
                                                                                                                                                                                                                                                        0x00bdd8bb
                                                                                                                                                                                                                                                        0x00bdd8be
                                                                                                                                                                                                                                                        0x00bdd8c3
                                                                                                                                                                                                                                                        0x00bdd8d6
                                                                                                                                                                                                                                                        0x00bdd8dc
                                                                                                                                                                                                                                                        0x00bdd8de
                                                                                                                                                                                                                                                        0x00bdd8de
                                                                                                                                                                                                                                                        0x00bdd8ea

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,00BDABE3,?,?,?), ref: 00BDD8CA
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetOPMRandomNumber), ref: 00BDD8D6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetOPMRandomNumber$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1331891004
                                                                                                                                                                                                                                                        • Opcode ID: 9bc0691f5599df7bfeefe4924af6ab22ba65f680b393ccb2c9a5762730eb4705
                                                                                                                                                                                                                                                        • Instruction ID: 12c6c43c50e4810089248dadfc3e5807e744b7c95a681c6b52844c8720724139
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9bc0691f5599df7bfeefe4924af6ab22ba65f680b393ccb2c9a5762730eb4705
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 68E0BF352453547B9E149F66ED09C7B77A8EA9576130040A9FA05D3350DF716801C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD8F0(intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t6;
                                                                                                                                                                                                                                                        				intOrPtr _t7;
                                                                                                                                                                                                                                                        				intOrPtr _t8;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t6 =  *0xbfb608;
                                                                                                                                                                                                                                                        				_t7 = _a12;
                                                                                                                                                                                                                                                        				_t8 = _a8;
                                                                                                                                                                                                                                                        				if(_t6 == 0) {
                                                                                                                                                                                                                                                        					_t5 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "SetOPMSigningKeyAndSequenceNumbers");
                                                                                                                                                                                                                                                        					_t6 = _t5;
                                                                                                                                                                                                                                                        					 *0xbfb608 = _t5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t6(_t8, _t7);
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00bdd8f5
                                                                                                                                                                                                                                                        0x00bdd8fb
                                                                                                                                                                                                                                                        0x00bdd8fe
                                                                                                                                                                                                                                                        0x00bdd903
                                                                                                                                                                                                                                                        0x00bdd916
                                                                                                                                                                                                                                                        0x00bdd91c
                                                                                                                                                                                                                                                        0x00bdd91e
                                                                                                                                                                                                                                                        0x00bdd91e
                                                                                                                                                                                                                                                        0x00bdd92a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,00BDAC86,?,?,?), ref: 00BDD90A
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetOPMSigningKeyAndSequenceNumbers), ref: 00BDD916
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: SetOPMSigningKeyAndSequenceNumbers$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1511089670
                                                                                                                                                                                                                                                        • Opcode ID: 1ec1add535d90977c9a31fda6fc66e4d9775aaf9aad21131449f148f6ccf5978
                                                                                                                                                                                                                                                        • Instruction ID: 548cfac340aafa60f5a1c4e7df9e25b5f640c3baf22a5b2b5585eb364523a2ba
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1ec1add535d90977c9a31fda6fc66e4d9775aaf9aad21131449f148f6ccf5978
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45E04F322453047F8F049F66EC08C7B77A8EA856213004099FD05D3310DF346801C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD810(intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t4;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t7;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t7 =  *0xbfb5fc;
                                                                                                                                                                                                                                                        				if(_t7 == 0) {
                                                                                                                                                                                                                                                        					_t4 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetCertificateSizeByHandle");
                                                                                                                                                                                                                                                        					_t7 = _t4;
                                                                                                                                                                                                                                                        					 *0xbfb5fc = _t4;
                                                                                                                                                                                                                                                        					if(_t4 != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						return 0xc0000002;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					return  *_t7(_a8, 0, _a12);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd813
                                                                                                                                                                                                                                                        0x00bdd81b
                                                                                                                                                                                                                                                        0x00bdd83a
                                                                                                                                                                                                                                                        0x00bdd840
                                                                                                                                                                                                                                                        0x00bdd844
                                                                                                                                                                                                                                                        0x00bdd849
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd84b
                                                                                                                                                                                                                                                        0x00bdd851
                                                                                                                                                                                                                                                        0x00bdd851
                                                                                                                                                                                                                                                        0x00bdd81d
                                                                                                                                                                                                                                                        0x00bdd81d
                                                                                                                                                                                                                                                        0x00bdd828
                                                                                                                                                                                                                                                        0x00bdd828

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,00BDA9A0,?,?,?), ref: 00BDD82E
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetCertificateSizeByHandle), ref: 00BDD83A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetCertificateSizeByHandle$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1777644256
                                                                                                                                                                                                                                                        • Opcode ID: c87e90a58e7620152599c7355ab647666f6d9e0b12403847a3ede7b10d2231ad
                                                                                                                                                                                                                                                        • Instruction ID: dd0f667a59ca0b46aa23b1de6e131774bdc7dde92b3dfb7a370f808daa672728
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c87e90a58e7620152599c7355ab647666f6d9e0b12403847a3ede7b10d2231ad
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B8E08671284309AFDF055FA5BC15F3A77D9AB04720F0080A9F909C3660EF359410DF00
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDDB60(intOrPtr _a4) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t4;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				intOrPtr _t6;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t5 =  *0xbfb614;
                                                                                                                                                                                                                                                        				_t6 = _a4;
                                                                                                                                                                                                                                                        				if(_t5 == 0) {
                                                                                                                                                                                                                                                        					_t4 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "DestroyOPMProtectedOutput");
                                                                                                                                                                                                                                                        					_t5 = _t4;
                                                                                                                                                                                                                                                        					 *0xbfb614 = _t4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t5(_t6);
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00bddb64
                                                                                                                                                                                                                                                        0x00bddb6a
                                                                                                                                                                                                                                                        0x00bddb6f
                                                                                                                                                                                                                                                        0x00bddb82
                                                                                                                                                                                                                                                        0x00bddb88
                                                                                                                                                                                                                                                        0x00bddb8a
                                                                                                                                                                                                                                                        0x00bddb8a
                                                                                                                                                                                                                                                        0x00bddb94

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,00BDB395,?,?,?,?,?,?,00BDA145,?,?), ref: 00BDDB76
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,DestroyOPMProtectedOutput), ref: 00BDDB82
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: DestroyOPMProtectedOutput$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-3495823380
                                                                                                                                                                                                                                                        • Opcode ID: 460c8b5ae54b7be2dc8fc6c4b6f5fa2affeea6b4fc4b0d0c3ac198fc07ef6d76
                                                                                                                                                                                                                                                        • Instruction ID: a249f85220db648db69688ece46dd6fc973a270a224b5a35ea6014a5f49a5509
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 460c8b5ae54b7be2dc8fc6c4b6f5fa2affeea6b4fc4b0d0c3ac198fc07ef6d76
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BFD012312453147F9B085B64EC05D7A77D8DA08621700009AFA09D3250DF705901CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB1F30() {
                                                                                                                                                                                                                                                        				signed int _t4;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				if( *0xbfa758 == 0) {
                                                                                                                                                                                                                                                        					_t4 = GetProcAddress(GetModuleHandleW(L"kernel32.dll"), "PrefetchVirtualMemory");
                                                                                                                                                                                                                                                        					 *0xbfa754 = _t4;
                                                                                                                                                                                                                                                        					 *0xbfa758 = 1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t4 =  *0xbfa754; // 0x0
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t4 & 0xffffff00 | _t4 != 0x00000000;
                                                                                                                                                                                                                                                        			}




                                                                                                                                                                                                                                                        0x00bb1f3a
                                                                                                                                                                                                                                                        0x00bb1f59
                                                                                                                                                                                                                                                        0x00bb1f5f
                                                                                                                                                                                                                                                        0x00bb1f64
                                                                                                                                                                                                                                                        0x00bb1f3c
                                                                                                                                                                                                                                                        0x00bb1f3c
                                                                                                                                                                                                                                                        0x00bb1f3c
                                                                                                                                                                                                                                                        0x00bb1f47

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(kernel32.dll,?,00BB1D73,?,00000000,?,?,00BB2281,?), ref: 00BB1F4D
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,PrefetchVirtualMemory), ref: 00BB1F59
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: PrefetchVirtualMemory$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-4069913949
                                                                                                                                                                                                                                                        • Opcode ID: 789084e77d34e68958394a409ec1fd92d537c998c5907ca023f51a13c67d6487
                                                                                                                                                                                                                                                        • Instruction ID: dc8e3132f6704377090e3827f192d5f0a7beb441346467d1359655346386c1e3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 789084e77d34e68958394a409ec1fd92d537c998c5907ca023f51a13c67d6487
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F0E0ECA01493849FD30567B9ED8AF757BE99700701F5454D5A61CD31B0CFA85884D712
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BDD9F0() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t1;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t3;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 =  *0xbfb60c;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					_t3 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "ConfigureOPMProtectedOutput");
                                                                                                                                                                                                                                                        					 *0xbfb60c = _t3;
                                                                                                                                                                                                                                                        					return _t3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd9f3
                                                                                                                                                                                                                                                        0x00bdd9fa
                                                                                                                                                                                                                                                        0x00bdda0f
                                                                                                                                                                                                                                                        0x00bdda15
                                                                                                                                                                                                                                                        0x00bdda1b
                                                                                                                                                                                                                                                        0x00bdd9fd
                                                                                                                                                                                                                                                        0x00bdd9fd
                                                                                                                                                                                                                                                        0x00bdd9fd

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,00BDD9D6), ref: 00BDDA03
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,ConfigureOPMProtectedOutput), ref: 00BDDA0F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: ConfigureOPMProtectedOutput$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1355904375
                                                                                                                                                                                                                                                        • Opcode ID: a9c2e3ce859bdf7faf02edcac74f7163bf330c854453faaaa8866ceccf9c6b99
                                                                                                                                                                                                                                                        • Instruction ID: 1b3900331a860a546864987225d63fe933c8f5eb244b91cb2633d08f190d8c3c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a9c2e3ce859bdf7faf02edcac74f7163bf330c854453faaaa8866ceccf9c6b99
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 88D0C9712C4308AFAA009BFAFC09C36B7DCAE04B6130081D2BA0CC3660DF759400CB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BDD300() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t1;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t3;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 =  *0xbfb5e8;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					_t3 = GetProcAddress(GetModuleHandleW(L"user32.dll"), "EnumDisplayMonitors");
                                                                                                                                                                                                                                                        					 *0xbfb5e8 = _t3;
                                                                                                                                                                                                                                                        					return _t3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd303
                                                                                                                                                                                                                                                        0x00bdd30a
                                                                                                                                                                                                                                                        0x00bdd31f
                                                                                                                                                                                                                                                        0x00bdd325
                                                                                                                                                                                                                                                        0x00bdd32b
                                                                                                                                                                                                                                                        0x00bdd30d
                                                                                                                                                                                                                                                        0x00bdd30d
                                                                                                                                                                                                                                                        0x00bdd30d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(user32.dll,?,00BDD2DA,00BDA711), ref: 00BDD313
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumDisplayMonitors), ref: 00BDD31F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: EnumDisplayMonitors$user32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-2459821190
                                                                                                                                                                                                                                                        • Opcode ID: f8012c29e64a79dd3f008eb67540c2e022861f0d12ff5a5db56f23b28b4a410d
                                                                                                                                                                                                                                                        • Instruction ID: 888acf0126143b0352e76a79745a4a2183db1607a5c2b538aaf5906af9c132b6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f8012c29e64a79dd3f008eb67540c2e022861f0d12ff5a5db56f23b28b4a410d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9FD0C9712843089F96009BE4BD49D3277DCBA04B1130004E2FA08C7660DF749450C725
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BDD530() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t1;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t3;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 =  *0xbfb5e4;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					_t3 = GetProcAddress(GetModuleHandleW(L"user32.dll"), "GetMonitorInfoW");
                                                                                                                                                                                                                                                        					 *0xbfb5e4 = _t3;
                                                                                                                                                                                                                                                        					return _t3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd533
                                                                                                                                                                                                                                                        0x00bdd53a
                                                                                                                                                                                                                                                        0x00bdd54f
                                                                                                                                                                                                                                                        0x00bdd555
                                                                                                                                                                                                                                                        0x00bdd55b
                                                                                                                                                                                                                                                        0x00bdd53d
                                                                                                                                                                                                                                                        0x00bdd53d
                                                                                                                                                                                                                                                        0x00bdd53d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(user32.dll,?,00BDD487), ref: 00BDD543
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetMonitorInfoW), ref: 00BDD54F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetMonitorInfoW$user32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-3787768890
                                                                                                                                                                                                                                                        • Opcode ID: cc049f3d561722545b38c9e64648587114e5c0faf529b3b4f51287d5aaa2a8cb
                                                                                                                                                                                                                                                        • Instruction ID: c5777fbce2883a106eb346b0cd11f3a0424558c4e3f2fb61c711fa5d7a1a27f5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cc049f3d561722545b38c9e64648587114e5c0faf529b3b4f51287d5aaa2a8cb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D4D0C931284309AF86009BF4FD19C7677DCBA14B1530040D2FA0CC36A0DF749510C620
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BC6CB0(signed int __ecx, signed int _a4, signed int _a8, signed int _a12, void* _a16, signed int _a20) {
                                                                                                                                                                                                                                                        				int _v0;
                                                                                                                                                                                                                                                        				signed int _v4;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				void* _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				signed int _v88;
                                                                                                                                                                                                                                                        				void* _v104;
                                                                                                                                                                                                                                                        				signed int _v112;
                                                                                                                                                                                                                                                        				signed int _v116;
                                                                                                                                                                                                                                                        				intOrPtr _v120;
                                                                                                                                                                                                                                                        				signed int _v124;
                                                                                                                                                                                                                                                        				char _v128;
                                                                                                                                                                                                                                                        				signed int _v132;
                                                                                                                                                                                                                                                        				int _v136;
                                                                                                                                                                                                                                                        				signed int _v160;
                                                                                                                                                                                                                                                        				int _v168;
                                                                                                                                                                                                                                                        				int _v172;
                                                                                                                                                                                                                                                        				char _v176;
                                                                                                                                                                                                                                                        				signed int _t225;
                                                                                                                                                                                                                                                        				signed int _t227;
                                                                                                                                                                                                                                                        				signed int _t232;
                                                                                                                                                                                                                                                        				intOrPtr _t234;
                                                                                                                                                                                                                                                        				int _t239;
                                                                                                                                                                                                                                                        				signed int _t245;
                                                                                                                                                                                                                                                        				void* _t247;
                                                                                                                                                                                                                                                        				signed int _t251;
                                                                                                                                                                                                                                                        				signed int _t258;
                                                                                                                                                                                                                                                        				void* _t261;
                                                                                                                                                                                                                                                        				signed int _t268;
                                                                                                                                                                                                                                                        				signed int _t273;
                                                                                                                                                                                                                                                        				signed int _t278;
                                                                                                                                                                                                                                                        				signed int _t279;
                                                                                                                                                                                                                                                        				signed int _t281;
                                                                                                                                                                                                                                                        				void* _t283;
                                                                                                                                                                                                                                                        				signed int _t305;
                                                                                                                                                                                                                                                        				signed int _t319;
                                                                                                                                                                                                                                                        				signed int _t320;
                                                                                                                                                                                                                                                        				signed int _t324;
                                                                                                                                                                                                                                                        				signed int _t326;
                                                                                                                                                                                                                                                        				signed int _t332;
                                                                                                                                                                                                                                                        				void* _t335;
                                                                                                                                                                                                                                                        				intOrPtr _t336;
                                                                                                                                                                                                                                                        				intOrPtr _t337;
                                                                                                                                                                                                                                                        				intOrPtr _t338;
                                                                                                                                                                                                                                                        				signed int _t339;
                                                                                                                                                                                                                                                        				void* _t340;
                                                                                                                                                                                                                                                        				void* _t341;
                                                                                                                                                                                                                                                        				int _t344;
                                                                                                                                                                                                                                                        				intOrPtr _t345;
                                                                                                                                                                                                                                                        				void* _t346;
                                                                                                                                                                                                                                                        				void* _t348;
                                                                                                                                                                                                                                                        				void* _t352;
                                                                                                                                                                                                                                                        				void* _t353;
                                                                                                                                                                                                                                                        				unsigned int _t355;
                                                                                                                                                                                                                                                        				void* _t356;
                                                                                                                                                                                                                                                        				void* _t359;
                                                                                                                                                                                                                                                        				void* _t361;
                                                                                                                                                                                                                                                        				signed int _t364;
                                                                                                                                                                                                                                                        				intOrPtr _t366;
                                                                                                                                                                                                                                                        				int _t377;
                                                                                                                                                                                                                                                        				signed int _t382;
                                                                                                                                                                                                                                                        				void* _t383;
                                                                                                                                                                                                                                                        				void* _t386;
                                                                                                                                                                                                                                                        				void* _t388;
                                                                                                                                                                                                                                                        				void* _t399;
                                                                                                                                                                                                                                                        				signed int _t400;
                                                                                                                                                                                                                                                        				signed int _t411;
                                                                                                                                                                                                                                                        				signed int _t420;
                                                                                                                                                                                                                                                        				signed int _t431;
                                                                                                                                                                                                                                                        				signed int _t433;
                                                                                                                                                                                                                                                        				int _t436;
                                                                                                                                                                                                                                                        				signed int _t439;
                                                                                                                                                                                                                                                        				signed int _t440;
                                                                                                                                                                                                                                                        				unsigned int _t443;
                                                                                                                                                                                                                                                        				signed int _t446;
                                                                                                                                                                                                                                                        				void* _t449;
                                                                                                                                                                                                                                                        				signed int _t453;
                                                                                                                                                                                                                                                        				void* _t460;
                                                                                                                                                                                                                                                        				unsigned int _t461;
                                                                                                                                                                                                                                                        				signed int _t464;
                                                                                                                                                                                                                                                        				void* _t465;
                                                                                                                                                                                                                                                        				signed int _t467;
                                                                                                                                                                                                                                                        				void* _t469;
                                                                                                                                                                                                                                                        				intOrPtr _t470;
                                                                                                                                                                                                                                                        				unsigned int _t471;
                                                                                                                                                                                                                                                        				int _t472;
                                                                                                                                                                                                                                                        				int _t477;
                                                                                                                                                                                                                                                        				int _t478;
                                                                                                                                                                                                                                                        				signed int _t480;
                                                                                                                                                                                                                                                        				signed int _t482;
                                                                                                                                                                                                                                                        				unsigned int _t483;
                                                                                                                                                                                                                                                        				void* _t484;
                                                                                                                                                                                                                                                        				void _t485;
                                                                                                                                                                                                                                                        				void* _t486;
                                                                                                                                                                                                                                                        				void* _t487;
                                                                                                                                                                                                                                                        				signed int _t488;
                                                                                                                                                                                                                                                        				signed int _t489;
                                                                                                                                                                                                                                                        				void* _t493;
                                                                                                                                                                                                                                                        				void* _t496;
                                                                                                                                                                                                                                                        				signed int _t497;
                                                                                                                                                                                                                                                        				signed int _t498;
                                                                                                                                                                                                                                                        				void* _t501;
                                                                                                                                                                                                                                                        				void _t503;
                                                                                                                                                                                                                                                        				void* _t505;
                                                                                                                                                                                                                                                        				signed int _t506;
                                                                                                                                                                                                                                                        				signed int _t507;
                                                                                                                                                                                                                                                        				signed int _t510;
                                                                                                                                                                                                                                                        				void* _t511;
                                                                                                                                                                                                                                                        				unsigned int _t513;
                                                                                                                                                                                                                                                        				void* _t514;
                                                                                                                                                                                                                                                        				void* _t515;
                                                                                                                                                                                                                                                        				void* _t516;
                                                                                                                                                                                                                                                        				signed int _t518;
                                                                                                                                                                                                                                                        				signed int _t519;
                                                                                                                                                                                                                                                        				signed int _t521;
                                                                                                                                                                                                                                                        				signed int _t524;
                                                                                                                                                                                                                                                        				void* _t525;
                                                                                                                                                                                                                                                        				signed int _t526;
                                                                                                                                                                                                                                                        				void* _t527;
                                                                                                                                                                                                                                                        				signed int _t528;
                                                                                                                                                                                                                                                        				void* _t529;
                                                                                                                                                                                                                                                        				void* _t530;
                                                                                                                                                                                                                                                        				signed int _t531;
                                                                                                                                                                                                                                                        				void* _t532;
                                                                                                                                                                                                                                                        				signed int _t533;
                                                                                                                                                                                                                                                        				void* _t534;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t363 = __ecx;
                                                                                                                                                                                                                                                        				_t530 = _t529 - 0x1c;
                                                                                                                                                                                                                                                        				_t225 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t225 ^ _t524;
                                                                                                                                                                                                                                                        				_t227 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        				_t335 = _t227 - _a4;
                                                                                                                                                                                                                                                        				if(_t335 < 0) {
                                                                                                                                                                                                                                                        					E00BBDAC0(__ecx, __eflags);
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t524);
                                                                                                                                                                                                                                                        					_t525 = _t530;
                                                                                                                                                                                                                                                        					_push(_t335);
                                                                                                                                                                                                                                                        					_t531 = _t530 - 0xc;
                                                                                                                                                                                                                                                        					_t431 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        					_t467 = _v40;
                                                                                                                                                                                                                                                        					_t336 = 0x7ffffffe;
                                                                                                                                                                                                                                                        					__eflags = 0x7ffffffe - _t431 - _t467;
                                                                                                                                                                                                                                                        					if(0x7ffffffe - _t431 < _t467) {
                                                                                                                                                                                                                                                        						E00BBA890();
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t482 = _t467 + _t431;
                                                                                                                                                                                                                                                        						_t513 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        						_v28 = _t431;
                                                                                                                                                                                                                                                        						_v32 = __ecx;
                                                                                                                                                                                                                                                        						_v24 = _t482;
                                                                                                                                                                                                                                                        						_t281 = _t482 | 0x00000007;
                                                                                                                                                                                                                                                        						__eflags = _t281 - 0x7ffffffe;
                                                                                                                                                                                                                                                        						if(_t281 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        							_t355 = _t513 >> 1;
                                                                                                                                                                                                                                                        							_t356 = _t355 + _t513;
                                                                                                                                                                                                                                                        							__eflags = _t281 - _t356;
                                                                                                                                                                                                                                                        							_t357 =  >=  ? _t281 : _t356;
                                                                                                                                                                                                                                                        							__eflags = _t513 - 0x7ffffffe - _t355;
                                                                                                                                                                                                                                                        							_t336 =  >  ? 0x7ffffffe :  >=  ? _t281 : _t356;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t483 = _t513;
                                                                                                                                                                                                                                                        						_t514 = _v32;
                                                                                                                                                                                                                                                        						_t83 = _t336 + 1; // 0x11
                                                                                                                                                                                                                                                        						_t283 = E00BBA8A0(_t83);
                                                                                                                                                                                                                                                        						__eflags = _t483 - 8;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t514 + 0x10)) = _v24;
                                                                                                                                                                                                                                                        						_t399 = _t514;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t514 + 0x14)) = _t336;
                                                                                                                                                                                                                                                        						if(_t483 < 8) {
                                                                                                                                                                                                                                                        							_t515 = _t399;
                                                                                                                                                                                                                                                        							_t352 = _t283;
                                                                                                                                                                                                                                                        							memcpy(_t283, _t399, _a8 + _a8);
                                                                                                                                                                                                                                                        							_t484 = _t352 + _a8 * 2;
                                                                                                                                                                                                                                                        							memcpy(_t484, _a16, _a20 + _a20);
                                                                                                                                                                                                                                                        							_t400 = _a8;
                                                                                                                                                                                                                                                        							_t453 = _v28 - _a12 + _t400;
                                                                                                                                                                                                                                                        							__eflags = _t453;
                                                                                                                                                                                                                                                        							memcpy(_t484 + _a20 * 2, _t515 + _t400 * 2 + _a12 * 2, _t453 + _t453 + 2);
                                                                                                                                                                                                                                                        							_t485 = _t352;
                                                                                                                                                                                                                                                        							goto L30;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t353 =  *_t399;
                                                                                                                                                                                                                                                        							_t516 = _t283;
                                                                                                                                                                                                                                                        							_v24 = _t483;
                                                                                                                                                                                                                                                        							memcpy(_t283, _t353, _a8 + _a8);
                                                                                                                                                                                                                                                        							_t486 = _t516 + _a8 * 2;
                                                                                                                                                                                                                                                        							memcpy(_t486, _a16, _a20 + _a20);
                                                                                                                                                                                                                                                        							memcpy(_t486 + _a20 * 2, _t353 + _a8 * 2 + _a12 * 2, _v28 - _a12 + _a8 + _v28 - _a12 + _a8 + 2);
                                                                                                                                                                                                                                                        							_t531 = _t531 + 0x24;
                                                                                                                                                                                                                                                        							_t363 = _v24;
                                                                                                                                                                                                                                                        							_t485 = _t516;
                                                                                                                                                                                                                                                        							_t515 = _v32;
                                                                                                                                                                                                                                                        							_t110 = _t363 + 2; // 0x13
                                                                                                                                                                                                                                                        							_t305 = _t363 + _t110;
                                                                                                                                                                                                                                                        							__eflags = _t305 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t305 < 0x1000) {
                                                                                                                                                                                                                                                        								L28:
                                                                                                                                                                                                                                                        								_push(_t305);
                                                                                                                                                                                                                                                        								_push(_t353);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								L30:
                                                                                                                                                                                                                                                        								 *_t515 = _t485;
                                                                                                                                                                                                                                                        								return _t515;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t336 =  *((intOrPtr*)(_t353 - 4));
                                                                                                                                                                                                                                                        								__eflags = _t353 + 0xfffffffc - _t336 - 0x20;
                                                                                                                                                                                                                                                        								if(_t353 + 0xfffffffc - _t336 >= 0x20) {
                                                                                                                                                                                                                                                        									L32:
                                                                                                                                                                                                                                                        									__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t525);
                                                                                                                                                                                                                                                        									_t526 = _t531;
                                                                                                                                                                                                                                                        									_push(_t336);
                                                                                                                                                                                                                                                        									_push(_t467);
                                                                                                                                                                                                                                                        									_push(_t495);
                                                                                                                                                                                                                                                        									_t532 = _t531 - 0x18;
                                                                                                                                                                                                                                                        									_t232 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        									_t432 = _v64;
                                                                                                                                                                                                                                                        									_v88 = _t232 ^ _t526;
                                                                                                                                                                                                                                                        									_t234 =  *((intOrPtr*)(_t363 + 0x10));
                                                                                                                                                                                                                                                        									_t469 = _t234 - _t432;
                                                                                                                                                                                                                                                        									__eflags = _t469;
                                                                                                                                                                                                                                                        									if(__eflags < 0) {
                                                                                                                                                                                                                                                        										E00BBDAC0(_t363, __eflags);
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(_t526);
                                                                                                                                                                                                                                                        										_t527 = _t532;
                                                                                                                                                                                                                                                        										_push(_t336);
                                                                                                                                                                                                                                                        										_push(_t469);
                                                                                                                                                                                                                                                        										_push(_t495);
                                                                                                                                                                                                                                                        										_t533 = _t532 - 0x14;
                                                                                                                                                                                                                                                        										_t433 =  *((intOrPtr*)(_t363 + 0x10));
                                                                                                                                                                                                                                                        										_t496 = _v104;
                                                                                                                                                                                                                                                        										_t337 = 0x7fffffff;
                                                                                                                                                                                                                                                        										__eflags = 0x7fffffff - _t433 - _t496;
                                                                                                                                                                                                                                                        										if(0x7fffffff - _t433 < _t496) {
                                                                                                                                                                                                                                                        											E00BBA890();
                                                                                                                                                                                                                                                        											goto L65;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t471 =  *(_t363 + 0x14);
                                                                                                                                                                                                                                                        											_t498 = _t496 + _t433;
                                                                                                                                                                                                                                                        											_v36 = _t433;
                                                                                                                                                                                                                                                        											_v44 = _t363;
                                                                                                                                                                                                                                                        											_v48 = _t498;
                                                                                                                                                                                                                                                        											_t245 = _t498 | 0x0000000f;
                                                                                                                                                                                                                                                        											__eflags = _t245;
                                                                                                                                                                                                                                                        											if(_t245 >= 0) {
                                                                                                                                                                                                                                                        												_t382 = _t471 >> 1;
                                                                                                                                                                                                                                                        												_t383 = _t382 + _t471;
                                                                                                                                                                                                                                                        												__eflags = _t245 - _t383;
                                                                                                                                                                                                                                                        												_t384 =  >=  ? _t245 : _t383;
                                                                                                                                                                                                                                                        												__eflags = _t471 - (_t382 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        												_t337 =  <=  ?  >=  ? _t245 : _t383 : 0x7fffffff;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v40 = _t471;
                                                                                                                                                                                                                                                        											_t472 = _v0;
                                                                                                                                                                                                                                                        											_t188 = _t337 + 1; // 0x80000000
                                                                                                                                                                                                                                                        											_t340 = _v44;
                                                                                                                                                                                                                                                        											_t247 = E00BBD730(_t188);
                                                                                                                                                                                                                                                        											__eflags = _v40 - 0x10;
                                                                                                                                                                                                                                                        											_v32 = _t247;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t340 + 0x10)) = _v48;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t340 + 0x14)) = _t337;
                                                                                                                                                                                                                                                        											if(_v40 < 0x10) {
                                                                                                                                                                                                                                                        												memcpy(_t247, _t340, _t472);
                                                                                                                                                                                                                                                        												_t501 = _v32 + _t472;
                                                                                                                                                                                                                                                        												memcpy(_t501, _a8, _a12);
                                                                                                                                                                                                                                                        												_t251 = _a4;
                                                                                                                                                                                                                                                        												_t377 = _v36 - _t251 + _t472 + 1;
                                                                                                                                                                                                                                                        												__eflags = _t377;
                                                                                                                                                                                                                                                        												_t503 = _v32;
                                                                                                                                                                                                                                                        												memcpy(_t501 + _a12, _t340 + _t472 + _t251, _t377);
                                                                                                                                                                                                                                                        												goto L63;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t341 =  *_t340;
                                                                                                                                                                                                                                                        												memcpy(_t247, _t341, _t472);
                                                                                                                                                                                                                                                        												_t505 = _t247 + _t472;
                                                                                                                                                                                                                                                        												memcpy(_t505, _a8, _a12);
                                                                                                                                                                                                                                                        												_t258 = _a4;
                                                                                                                                                                                                                                                        												_t496 = _t505 + _a12;
                                                                                                                                                                                                                                                        												_t469 = _t341 + _t472 + _t258;
                                                                                                                                                                                                                                                        												memcpy(_t496, _t469, _v36 - _t258 + _t472 + 1);
                                                                                                                                                                                                                                                        												_t533 = _t533 + 0x24;
                                                                                                                                                                                                                                                        												_t439 = _v40;
                                                                                                                                                                                                                                                        												_t201 = _t439 + 1; // 0x11
                                                                                                                                                                                                                                                        												_t363 = _t201;
                                                                                                                                                                                                                                                        												__eflags = _t363 - 0x1000;
                                                                                                                                                                                                                                                        												if(_t363 < 0x1000) {
                                                                                                                                                                                                                                                        													L61:
                                                                                                                                                                                                                                                        													_push(_t363);
                                                                                                                                                                                                                                                        													_push(_t341);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t503 = _v32;
                                                                                                                                                                                                                                                        													_t340 = _v44;
                                                                                                                                                                                                                                                        													L63:
                                                                                                                                                                                                                                                        													 *_t340 = _t503;
                                                                                                                                                                                                                                                        													return _t340;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t261 =  *(_t341 - 4);
                                                                                                                                                                                                                                                        													_t337 = _t341 + 0xfffffffc - _t261;
                                                                                                                                                                                                                                                        													__eflags = _t337 - 0x20;
                                                                                                                                                                                                                                                        													if(_t337 >= 0x20) {
                                                                                                                                                                                                                                                        														L65:
                                                                                                                                                                                                                                                        														__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														_push(_t527);
                                                                                                                                                                                                                                                        														_t528 = _t533;
                                                                                                                                                                                                                                                        														_push(_t337);
                                                                                                                                                                                                                                                        														_push(_t469);
                                                                                                                                                                                                                                                        														_push(_t496);
                                                                                                                                                                                                                                                        														_t534 = _t533 - 8;
                                                                                                                                                                                                                                                        														_t497 = _t363;
                                                                                                                                                                                                                                                        														_t364 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        														_t239 = _v136;
                                                                                                                                                                                                                                                        														_v160 = _t364 ^ _t528;
                                                                                                                                                                                                                                                        														_t338 =  *((intOrPtr*)(_t497 + 0x14));
                                                                                                                                                                                                                                                        														_t366 =  *((intOrPtr*)(_t497 + 0x10));
                                                                                                                                                                                                                                                        														__eflags = _t338 - _t366 - _t239;
                                                                                                                                                                                                                                                        														_t436 = _v132;
                                                                                                                                                                                                                                                        														if(_t338 - _t366 >= _t239) {
                                                                                                                                                                                                                                                        															_t470 = _t366 + _t239;
                                                                                                                                                                                                                                                        															__eflags = _t338 - 0x10;
                                                                                                                                                                                                                                                        															_t339 = _t497;
                                                                                                                                                                                                                                                        															 *((intOrPtr*)(_t497 + 0x10)) = _t470;
                                                                                                                                                                                                                                                        															if(_t338 >= 0x10) {
                                                                                                                                                                                                                                                        																_t339 =  *_t497;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															memset(_t366 + _t339, _t436, _t239);
                                                                                                                                                                                                                                                        															 *((char*)(_t339 + _t470)) = 0;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_v176 = _v40;
                                                                                                                                                                                                                                                        															_v172 = _t239;
                                                                                                                                                                                                                                                        															 *(_t534 - 0x10) = _t239;
                                                                                                                                                                                                                                                        															_v168 = _t436;
                                                                                                                                                                                                                                                        															_t497 = E00BC7330(_t497);
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _v36 ^ _t528;
                                                                                                                                                                                                                                                        														E00BEECB0(_v36 ^ _t528, _t436);
                                                                                                                                                                                                                                                        														return _t497;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t440 = _t439 + 0x24;
                                                                                                                                                                                                                                                        														__eflags = _t440;
                                                                                                                                                                                                                                                        														_t341 = _t261;
                                                                                                                                                                                                                                                        														_t363 = _t440;
                                                                                                                                                                                                                                                        														goto L61;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t344 = _v0;
                                                                                                                                                                                                                                                        										_t506 = _a8;
                                                                                                                                                                                                                                                        										__eflags = _t469 - _t344;
                                                                                                                                                                                                                                                        										_t345 =  <  ? _t469 : _t344;
                                                                                                                                                                                                                                                        										__eflags = _t345 - _t506;
                                                                                                                                                                                                                                                        										if(_t345 != _t506) {
                                                                                                                                                                                                                                                        											_t477 = _t469 - _t345 + 1;
                                                                                                                                                                                                                                                        											_t507 = _t506 - _t345;
                                                                                                                                                                                                                                                        											__eflags = _t507;
                                                                                                                                                                                                                                                        											if(_t507 >= 0) {
                                                                                                                                                                                                                                                        												_t443 =  *(_t363 + 0x14);
                                                                                                                                                                                                                                                        												_v36 = _t443;
                                                                                                                                                                                                                                                        												_t444 = _t443 - _t234;
                                                                                                                                                                                                                                                        												__eflags = _t507 - _t443 - _t234;
                                                                                                                                                                                                                                                        												if(_t507 <= _t443 - _t234) {
                                                                                                                                                                                                                                                        													__eflags = _v36 - 0x10;
                                                                                                                                                                                                                                                        													 *((intOrPtr*)(_t363 + 0x10)) = _t507 + _t234;
                                                                                                                                                                                                                                                        													_t446 = _t363;
                                                                                                                                                                                                                                                        													if(_v36 >= 0x10) {
                                                                                                                                                                                                                                                        														_t446 =  *_t363;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v36 = _t363;
                                                                                                                                                                                                                                                        													_v48 = _t446;
                                                                                                                                                                                                                                                        													_t386 = _v4 + _t446;
                                                                                                                                                                                                                                                        													_v44 = _t386;
                                                                                                                                                                                                                                                        													_t346 = _t345 + _t386;
                                                                                                                                                                                                                                                        													_t388 = _a4;
                                                                                                                                                                                                                                                        													__eflags = _a8 + _a4 - _v44;
                                                                                                                                                                                                                                                        													_t432 = _a8;
                                                                                                                                                                                                                                                        													_v40 = _a8;
                                                                                                                                                                                                                                                        													if(_a8 + _a4 > _v44) {
                                                                                                                                                                                                                                                        														_t449 = _t388;
                                                                                                                                                                                                                                                        														__eflags = _v48 + _t234 - _t449;
                                                                                                                                                                                                                                                        														_t388 = _t449;
                                                                                                                                                                                                                                                        														_t432 = _a8;
                                                                                                                                                                                                                                                        														_v40 = _a8;
                                                                                                                                                                                                                                                        														if(_v48 + _t234 >= _t449) {
                                                                                                                                                                                                                                                        															_t432 = 0;
                                                                                                                                                                                                                                                        															_t480 = _t346 - _t388;
                                                                                                                                                                                                                                                        															__eflags = _t480;
                                                                                                                                                                                                                                                        															_t481 =  <=  ? 0 : _t480;
                                                                                                                                                                                                                                                        															_v40 =  <=  ? 0 : _t480;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t348 = _t388;
                                                                                                                                                                                                                                                        													memmove(_t346 + _t507, _t346, _t477);
                                                                                                                                                                                                                                                        													_t478 = _v40;
                                                                                                                                                                                                                                                        													memmove(_v44, _t348, _t478);
                                                                                                                                                                                                                                                        													_t532 = _t532 + 0x18;
                                                                                                                                                                                                                                                        													memcpy(_v44 + _t478, _t348 + _t507 + _t478, _a8 - _t478);
                                                                                                                                                                                                                                                        													goto L39;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_v128 = _v32;
                                                                                                                                                                                                                                                        													_v120 = _t345;
                                                                                                                                                                                                                                                        													_v132 = _t507;
                                                                                                                                                                                                                                                        													_v112 = _a8;
                                                                                                                                                                                                                                                        													_v116 = _a4;
                                                                                                                                                                                                                                                        													_t273 = _v4;
                                                                                                                                                                                                                                                        													_v124 = _t273;
                                                                                                                                                                                                                                                        													L54();
                                                                                                                                                                                                                                                        													E00BEECB0(_v28 ^ _t526, _t444);
                                                                                                                                                                                                                                                        													_t268 = _t273;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t363 + 0x10)) = _t507 + _t234;
                                                                                                                                                                                                                                                        												_t510 = _t363;
                                                                                                                                                                                                                                                        												__eflags =  *(_t363 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        												if( *(_t363 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        													_t510 =  *_t363;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v36 = _t363;
                                                                                                                                                                                                                                                        												_t511 = _t510 + _t432;
                                                                                                                                                                                                                                                        												memmove(_t511, _a4, _a8);
                                                                                                                                                                                                                                                        												_t532 = _t532 + 0xc;
                                                                                                                                                                                                                                                        												_push(_t477);
                                                                                                                                                                                                                                                        												_push(_t345 + _t511);
                                                                                                                                                                                                                                                        												_push(_t511 + _a8);
                                                                                                                                                                                                                                                        												goto L38;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											__eflags =  *(_t363 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        											_t278 = _t363;
                                                                                                                                                                                                                                                        											if( *(_t363 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        												_t278 =  *_t363;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v36 = _t363;
                                                                                                                                                                                                                                                        											_t279 = _t278 + _t432;
                                                                                                                                                                                                                                                        											__eflags = _t279;
                                                                                                                                                                                                                                                        											_push(_t506);
                                                                                                                                                                                                                                                        											_push(_a4);
                                                                                                                                                                                                                                                        											_push(_t279);
                                                                                                                                                                                                                                                        											L38:
                                                                                                                                                                                                                                                        											memmove();
                                                                                                                                                                                                                                                        											L39:
                                                                                                                                                                                                                                                        											__eflags = _v28 ^ _t526;
                                                                                                                                                                                                                                                        											E00BEECB0(_v28 ^ _t526, _t432);
                                                                                                                                                                                                                                                        											_t268 = _v36;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										return _t268;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t411 = _t363 + _t363 + 0x25;
                                                                                                                                                                                                                                                        									__eflags = _t411;
                                                                                                                                                                                                                                                        									_t305 = _t411;
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t487 = _a16;
                                                                                                                                                                                                                                                        					_t460 = _a12;
                                                                                                                                                                                                                                                        					_t518 =  <  ? _t335 : _a8;
                                                                                                                                                                                                                                                        					if(_t518 != _t487) {
                                                                                                                                                                                                                                                        						_t359 = _t335 - _t518 + 1;
                                                                                                                                                                                                                                                        						_t488 = _t487 - _t518;
                                                                                                                                                                                                                                                        						__eflags = _t488;
                                                                                                                                                                                                                                                        						if(_t488 >= 0) {
                                                                                                                                                                                                                                                        							_t461 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        							_v28 = _t461;
                                                                                                                                                                                                                                                        							_t462 = _t461 - _t227;
                                                                                                                                                                                                                                                        							__eflags = _t488 - _t461 - _t227;
                                                                                                                                                                                                                                                        							if(_t488 <= _t461 - _t227) {
                                                                                                                                                                                                                                                        								__eflags = _v28 - 8;
                                                                                                                                                                                                                                                        								_v32 = _t488;
                                                                                                                                                                                                                                                        								 *(__ecx + 0x10) = _t488 + _t227;
                                                                                                                                                                                                                                                        								_t464 = __ecx;
                                                                                                                                                                                                                                                        								if(_v28 >= 8) {
                                                                                                                                                                                                                                                        									_t464 =  *__ecx;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_v28 = _t363;
                                                                                                                                                                                                                                                        								_v36 = _t464;
                                                                                                                                                                                                                                                        								_t489 = _a16;
                                                                                                                                                                                                                                                        								_t465 = _t464 + _a4 * 2;
                                                                                                                                                                                                                                                        								_t519 = _a12;
                                                                                                                                                                                                                                                        								_v44 = _t465;
                                                                                                                                                                                                                                                        								_v40 = _t465 + _t518 * 2;
                                                                                                                                                                                                                                                        								__eflags = _t519 + _t489 * 2 - _t465;
                                                                                                                                                                                                                                                        								_t460 = _v40;
                                                                                                                                                                                                                                                        								_t521 = _t489;
                                                                                                                                                                                                                                                        								if(_t519 + _t489 * 2 > _t465) {
                                                                                                                                                                                                                                                        									_t420 = _v36;
                                                                                                                                                                                                                                                        									_t521 = _t489;
                                                                                                                                                                                                                                                        									__eflags = _t420 + _t227 * 2 - _a12;
                                                                                                                                                                                                                                                        									if(_t420 + _t227 * 2 >= _a12) {
                                                                                                                                                                                                                                                        										_t320 = _a12;
                                                                                                                                                                                                                                                        										__eflags = _t460 - _t320;
                                                                                                                                                                                                                                                        										_t521 =  >  ? _t460 - _t320 >> 1 : 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								memmove(_t460 + _v32 * 2, _t460, _t359 + _t359);
                                                                                                                                                                                                                                                        								_t361 = _v44;
                                                                                                                                                                                                                                                        								memmove(_t361, _a12, _t521 + _t521);
                                                                                                                                                                                                                                                        								_t530 = _t530 + 0x18;
                                                                                                                                                                                                                                                        								memcpy(_t361 + _t521 * 2, _a12 + _v32 * 2 + _t521 * 2, _t489 - _t521 + _t489 - _t521);
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v64 = _v24;
                                                                                                                                                                                                                                                        								_v56 = _t518;
                                                                                                                                                                                                                                                        								 *(_t530 - 0x18) = _t488;
                                                                                                                                                                                                                                                        								_v48 = _a16;
                                                                                                                                                                                                                                                        								_v52 = _a12;
                                                                                                                                                                                                                                                        								_t324 = _a4;
                                                                                                                                                                                                                                                        								_v60 = _t324;
                                                                                                                                                                                                                                                        								L21();
                                                                                                                                                                                                                                                        								E00BEECB0(_v20 ^ _t524, _t462);
                                                                                                                                                                                                                                                        								_t319 = _t324;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t326 = __ecx;
                                                                                                                                                                                                                                                        							 *(__ecx + 0x10) = _t488 + _t227;
                                                                                                                                                                                                                                                        							__eflags =  *(__ecx + 0x14) - 8;
                                                                                                                                                                                                                                                        							if( *(__ecx + 0x14) >= 8) {
                                                                                                                                                                                                                                                        								_t326 =  *__ecx;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v28 = _t363;
                                                                                                                                                                                                                                                        							_t493 = _t326 + _a4 * 2;
                                                                                                                                                                                                                                                        							memmove(_t493, _t460, _a16 + _a16);
                                                                                                                                                                                                                                                        							_t530 = _t530 + 0xc;
                                                                                                                                                                                                                                                        							_push(_t359 + _t359);
                                                                                                                                                                                                                                                        							_push(_t493 + _t518 * 2);
                                                                                                                                                                                                                                                        							_push(_t493 + _a16 * 2);
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t332 = __ecx;
                                                                                                                                                                                                                                                        						if( *(__ecx + 0x14) >= 8) {
                                                                                                                                                                                                                                                        							_t332 =  *__ecx;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v28 = _t363;
                                                                                                                                                                                                                                                        						_push(_t487 + _t487);
                                                                                                                                                                                                                                                        						_push(_t460);
                                                                                                                                                                                                                                                        						_push(_t332 + _a4 * 2);
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						memmove();
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t524, _t460);
                                                                                                                                                                                                                                                        						_t319 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return _t319;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}










































































































































                                                                                                                                                                                                                                                        0x00bc6cb0
                                                                                                                                                                                                                                                        0x00bc6cb6
                                                                                                                                                                                                                                                        0x00bc6cb9
                                                                                                                                                                                                                                                        0x00bc6cc0
                                                                                                                                                                                                                                                        0x00bc6cc3
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6ccb
                                                                                                                                                                                                                                                        0x00bc6e42
                                                                                                                                                                                                                                                        0x00bc6e47
                                                                                                                                                                                                                                                        0x00bc6e48
                                                                                                                                                                                                                                                        0x00bc6e49
                                                                                                                                                                                                                                                        0x00bc6e4a
                                                                                                                                                                                                                                                        0x00bc6e4b
                                                                                                                                                                                                                                                        0x00bc6e4c
                                                                                                                                                                                                                                                        0x00bc6e4d
                                                                                                                                                                                                                                                        0x00bc6e4e
                                                                                                                                                                                                                                                        0x00bc6e4f
                                                                                                                                                                                                                                                        0x00bc6e50
                                                                                                                                                                                                                                                        0x00bc6e51
                                                                                                                                                                                                                                                        0x00bc6e53
                                                                                                                                                                                                                                                        0x00bc6e56
                                                                                                                                                                                                                                                        0x00bc6e59
                                                                                                                                                                                                                                                        0x00bc6e5c
                                                                                                                                                                                                                                                        0x00bc6e64
                                                                                                                                                                                                                                                        0x00bc6e6b
                                                                                                                                                                                                                                                        0x00bc6e6d
                                                                                                                                                                                                                                                        0x00bc6fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e75
                                                                                                                                                                                                                                                        0x00bc6e78
                                                                                                                                                                                                                                                        0x00bc6e7b
                                                                                                                                                                                                                                                        0x00bc6e80
                                                                                                                                                                                                                                                        0x00bc6e83
                                                                                                                                                                                                                                                        0x00bc6e86
                                                                                                                                                                                                                                                        0x00bc6e8b
                                                                                                                                                                                                                                                        0x00bc6e99
                                                                                                                                                                                                                                                        0x00bc6e9d
                                                                                                                                                                                                                                                        0x00bc6e9f
                                                                                                                                                                                                                                                        0x00bc6ea1
                                                                                                                                                                                                                                                        0x00bc6ea4
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea9
                                                                                                                                                                                                                                                        0x00bc6eab
                                                                                                                                                                                                                                                        0x00bc6eae
                                                                                                                                                                                                                                                        0x00bc6eb4
                                                                                                                                                                                                                                                        0x00bc6ebc
                                                                                                                                                                                                                                                        0x00bc6ebf
                                                                                                                                                                                                                                                        0x00bc6ec2
                                                                                                                                                                                                                                                        0x00bc6ec4
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6f62
                                                                                                                                                                                                                                                        0x00bc6f66
                                                                                                                                                                                                                                                        0x00bc6f68
                                                                                                                                                                                                                                                        0x00bc6f73
                                                                                                                                                                                                                                                        0x00bc6f80
                                                                                                                                                                                                                                                        0x00bc6f8b
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6fab
                                                                                                                                                                                                                                                        0x00bc6fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ed7
                                                                                                                                                                                                                                                        0x00bc6ed9
                                                                                                                                                                                                                                                        0x00bc6edc
                                                                                                                                                                                                                                                        0x00bc6ee7
                                                                                                                                                                                                                                                        0x00bc6ef4
                                                                                                                                                                                                                                                        0x00bc6f1f
                                                                                                                                                                                                                                                        0x00bc6f24
                                                                                                                                                                                                                                                        0x00bc6f27
                                                                                                                                                                                                                                                        0x00bc6f2a
                                                                                                                                                                                                                                                        0x00bc6f2c
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f33
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f51
                                                                                                                                                                                                                                                        0x00bc6f52
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fc0
                                                                                                                                                                                                                                                        0x00bc6f3a
                                                                                                                                                                                                                                                        0x00bc6f3c
                                                                                                                                                                                                                                                        0x00bc6f44
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fce
                                                                                                                                                                                                                                                        0x00bc6fcf
                                                                                                                                                                                                                                                        0x00bc6fd0
                                                                                                                                                                                                                                                        0x00bc6fd1
                                                                                                                                                                                                                                                        0x00bc6fd3
                                                                                                                                                                                                                                                        0x00bc6fd4
                                                                                                                                                                                                                                                        0x00bc6fd5
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7153
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7155
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ff9
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc6ffe
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7021
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc6f49
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd4
                                                                                                                                                                                                                                                        0x00bc6cd7
                                                                                                                                                                                                                                                        0x00bc6cdc
                                                                                                                                                                                                                                                        0x00bc6ce1
                                                                                                                                                                                                                                                        0x00bc6d1c
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1f
                                                                                                                                                                                                                                                        0x00bc6d5a
                                                                                                                                                                                                                                                        0x00bc6d5d
                                                                                                                                                                                                                                                        0x00bc6d60
                                                                                                                                                                                                                                                        0x00bc6d62
                                                                                                                                                                                                                                                        0x00bc6d64
                                                                                                                                                                                                                                                        0x00bc6da4
                                                                                                                                                                                                                                                        0x00bc6dab
                                                                                                                                                                                                                                                        0x00bc6dae
                                                                                                                                                                                                                                                        0x00bc6db1
                                                                                                                                                                                                                                                        0x00bc6db3
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db7
                                                                                                                                                                                                                                                        0x00bc6dbd
                                                                                                                                                                                                                                                        0x00bc6dc0
                                                                                                                                                                                                                                                        0x00bc6dc3
                                                                                                                                                                                                                                                        0x00bc6dc9
                                                                                                                                                                                                                                                        0x00bc6dcc
                                                                                                                                                                                                                                                        0x00bc6dcf
                                                                                                                                                                                                                                                        0x00bc6dd5
                                                                                                                                                                                                                                                        0x00bc6dd7
                                                                                                                                                                                                                                                        0x00bc6dda
                                                                                                                                                                                                                                                        0x00bc6ddc
                                                                                                                                                                                                                                                        0x00bc6dde
                                                                                                                                                                                                                                                        0x00bc6de1
                                                                                                                                                                                                                                                        0x00bc6de6
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6deb
                                                                                                                                                                                                                                                        0x00bc6df6
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6e06
                                                                                                                                                                                                                                                        0x00bc6e16
                                                                                                                                                                                                                                                        0x00bc6e1a
                                                                                                                                                                                                                                                        0x00bc6e1f
                                                                                                                                                                                                                                                        0x00bc6e38
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d66
                                                                                                                                                                                                                                                        0x00bc6d6c
                                                                                                                                                                                                                                                        0x00bc6d73
                                                                                                                                                                                                                                                        0x00bc6d77
                                                                                                                                                                                                                                                        0x00bc6d7a
                                                                                                                                                                                                                                                        0x00bc6d81
                                                                                                                                                                                                                                                        0x00bc6d85
                                                                                                                                                                                                                                                        0x00bc6d88
                                                                                                                                                                                                                                                        0x00bc6d8c
                                                                                                                                                                                                                                                        0x00bc6d98
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d21
                                                                                                                                                                                                                                                        0x00bc6d23
                                                                                                                                                                                                                                                        0x00bc6d25
                                                                                                                                                                                                                                                        0x00bc6d28
                                                                                                                                                                                                                                                        0x00bc6d2c
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d30
                                                                                                                                                                                                                                                        0x00bc6d36
                                                                                                                                                                                                                                                        0x00bc6d42
                                                                                                                                                                                                                                                        0x00bc6d47
                                                                                                                                                                                                                                                        0x00bc6d55
                                                                                                                                                                                                                                                        0x00bc6d56
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce7
                                                                                                                                                                                                                                                        0x00bc6ce9
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ced
                                                                                                                                                                                                                                                        0x00bc6cf8
                                                                                                                                                                                                                                                        0x00bc6cf9
                                                                                                                                                                                                                                                        0x00bc6cfa
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6d00
                                                                                                                                                                                                                                                        0x00bc6d08
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6d17

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,00000000,?), ref: 00BC6CFB
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC6D42
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,?), ref: 00BC6E06
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,00000000), ref: 00BC6E1A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BC6E38
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memmove$memcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3033661859-0
                                                                                                                                                                                                                                                        • Opcode ID: 9c58cbdc8a7843fd2370edc8d9126b4927223b4a58846100d1dc1c127a570372
                                                                                                                                                                                                                                                        • Instruction ID: cefdd99787e1e6717a075777cf00a6fa3e3d72d6d64b050e1858d8bf6e394526
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9c58cbdc8a7843fd2370edc8d9126b4927223b4a58846100d1dc1c127a570372
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45516BB5A0020A9FCB14DF68C880CAE7BF5FF88304B5145ADE8569B315DB31AD15CBE1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BC6FD0(void* __ecx, signed int _a4, int _a8, void* _a12, int _a16, int _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				int _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				int _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				signed int _v64;
                                                                                                                                                                                                                                                        				int _v68;
                                                                                                                                                                                                                                                        				signed int _v92;
                                                                                                                                                                                                                                                        				int _v100;
                                                                                                                                                                                                                                                        				int _v104;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				intOrPtr _t97;
                                                                                                                                                                                                                                                        				int _t102;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				void* _t121;
                                                                                                                                                                                                                                                        				void* _t124;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				void _t141;
                                                                                                                                                                                                                                                        				intOrPtr _t144;
                                                                                                                                                                                                                                                        				intOrPtr _t145;
                                                                                                                                                                                                                                                        				void _t146;
                                                                                                                                                                                                                                                        				void* _t147;
                                                                                                                                                                                                                                                        				void* _t148;
                                                                                                                                                                                                                                                        				intOrPtr _t152;
                                                                                                                                                                                                                                                        				void* _t153;
                                                                                                                                                                                                                                                        				void* _t155;
                                                                                                                                                                                                                                                        				signed int _t160;
                                                                                                                                                                                                                                                        				intOrPtr _t162;
                                                                                                                                                                                                                                                        				int _t173;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				signed int _t194;
                                                                                                                                                                                                                                                        				int _t197;
                                                                                                                                                                                                                                                        				int _t200;
                                                                                                                                                                                                                                                        				signed int _t201;
                                                                                                                                                                                                                                                        				unsigned int _t204;
                                                                                                                                                                                                                                                        				void _t207;
                                                                                                                                                                                                                                                        				void* _t210;
                                                                                                                                                                                                                                                        				void* _t212;
                                                                                                                                                                                                                                                        				intOrPtr _t213;
                                                                                                                                                                                                                                                        				unsigned int _t214;
                                                                                                                                                                                                                                                        				int _t215;
                                                                                                                                                                                                                                                        				int _t220;
                                                                                                                                                                                                                                                        				int _t221;
                                                                                                                                                                                                                                                        				signed int _t223;
                                                                                                                                                                                                                                                        				void* _t226;
                                                                                                                                                                                                                                                        				void* _t227;
                                                                                                                                                                                                                                                        				signed int _t228;
                                                                                                                                                                                                                                                        				void* _t231;
                                                                                                                                                                                                                                                        				void _t233;
                                                                                                                                                                                                                                                        				void* _t235;
                                                                                                                                                                                                                                                        				int _t236;
                                                                                                                                                                                                                                                        				signed int _t237;
                                                                                                                                                                                                                                                        				void _t240;
                                                                                                                                                                                                                                                        				void* _t241;
                                                                                                                                                                                                                                                        				signed int _t243;
                                                                                                                                                                                                                                                        				void* _t244;
                                                                                                                                                                                                                                                        				signed int _t245;
                                                                                                                                                                                                                                                        				void* _t246;
                                                                                                                                                                                                                                                        				void* _t247;
                                                                                                                                                                                                                                                        				signed int _t248;
                                                                                                                                                                                                                                                        				void* _t249;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t159 = __ecx;
                                                                                                                                                                                                                                                        				_t247 = _t246 - 0x18;
                                                                                                                                                                                                                                                        				_t95 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t193 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t95 ^ _t243;
                                                                                                                                                                                                                                                        				_t97 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t212 = _t97 - _t193;
                                                                                                                                                                                                                                                        				if(_t212 < 0) {
                                                                                                                                                                                                                                                        					E00BBDAC0(__ecx, __eflags);
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t243);
                                                                                                                                                                                                                                                        					_t244 = _t247;
                                                                                                                                                                                                                                                        					_push(_t212);
                                                                                                                                                                                                                                                        					_t248 = _t247 - 0x14;
                                                                                                                                                                                                                                                        					_t194 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        					_t226 = _v36;
                                                                                                                                                                                                                                                        					_t144 = 0x7fffffff;
                                                                                                                                                                                                                                                        					__eflags = 0x7fffffff - _t194 - _t226;
                                                                                                                                                                                                                                                        					if(0x7fffffff - _t194 < _t226) {
                                                                                                                                                                                                                                                        						E00BBA890();
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t214 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        						_t228 = _t226 + _t194;
                                                                                                                                                                                                                                                        						_v28 = _t194;
                                                                                                                                                                                                                                                        						_v36 = __ecx;
                                                                                                                                                                                                                                                        						_v40 = _t228;
                                                                                                                                                                                                                                                        						_t108 = _t228 | 0x0000000f;
                                                                                                                                                                                                                                                        						__eflags = _t108;
                                                                                                                                                                                                                                                        						if(_t108 >= 0) {
                                                                                                                                                                                                                                                        							_t178 = _t214 >> 1;
                                                                                                                                                                                                                                                        							_t179 = _t178 + _t214;
                                                                                                                                                                                                                                                        							__eflags = _t108 - _t179;
                                                                                                                                                                                                                                                        							_t180 =  >=  ? _t108 : _t179;
                                                                                                                                                                                                                                                        							__eflags = _t214 - (_t178 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        							_t144 =  <=  ?  >=  ? _t108 : _t179 : 0x7fffffff;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v32 = _t214;
                                                                                                                                                                                                                                                        						_t215 = _a8;
                                                                                                                                                                                                                                                        						_t58 = _t144 + 1; // 0x80000000
                                                                                                                                                                                                                                                        						_t147 = _v36;
                                                                                                                                                                                                                                                        						_t110 = E00BBD730(_t58);
                                                                                                                                                                                                                                                        						__eflags = _v32 - 0x10;
                                                                                                                                                                                                                                                        						_v24 = _t110;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t147 + 0x10)) = _v40;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t147 + 0x14)) = _t144;
                                                                                                                                                                                                                                                        						if(_v32 < 0x10) {
                                                                                                                                                                                                                                                        							memcpy(_t110, _t147, _t215);
                                                                                                                                                                                                                                                        							_t231 = _v24 + _t215;
                                                                                                                                                                                                                                                        							memcpy(_t231, _a16, _a20);
                                                                                                                                                                                                                                                        							_t114 = _a12;
                                                                                                                                                                                                                                                        							_t173 = _v28 - _t114 + _t215 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t173;
                                                                                                                                                                                                                                                        							_t233 = _v24;
                                                                                                                                                                                                                                                        							memcpy(_t231 + _a20, _t147 + _t215 + _t114, _t173);
                                                                                                                                                                                                                                                        							goto L30;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t148 =  *_t147;
                                                                                                                                                                                                                                                        							memcpy(_t110, _t148, _t215);
                                                                                                                                                                                                                                                        							_t235 = _t110 + _t215;
                                                                                                                                                                                                                                                        							memcpy(_t235, _a16, _a20);
                                                                                                                                                                                                                                                        							_t121 = _a12;
                                                                                                                                                                                                                                                        							_t226 = _t235 + _a20;
                                                                                                                                                                                                                                                        							_t212 = _t148 + _t215 + _t121;
                                                                                                                                                                                                                                                        							memcpy(_t226, _t212, _v28 - _t121 + _t215 + 1);
                                                                                                                                                                                                                                                        							_t248 = _t248 + 0x24;
                                                                                                                                                                                                                                                        							_t200 = _v32;
                                                                                                                                                                                                                                                        							_t71 = _t200 + 1; // 0x11
                                                                                                                                                                                                                                                        							_t159 = _t71;
                                                                                                                                                                                                                                                        							__eflags = _t159 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t159 < 0x1000) {
                                                                                                                                                                                                                                                        								L28:
                                                                                                                                                                                                                                                        								_push(_t159);
                                                                                                                                                                                                                                                        								_push(_t148);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t233 = _v24;
                                                                                                                                                                                                                                                        								_t147 = _v36;
                                                                                                                                                                                                                                                        								L30:
                                                                                                                                                                                                                                                        								 *_t147 = _t233;
                                                                                                                                                                                                                                                        								return _t147;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t124 =  *(_t148 - 4);
                                                                                                                                                                                                                                                        								_t144 = _t148 + 0xfffffffc - _t124;
                                                                                                                                                                                                                                                        								__eflags = _t144 - 0x20;
                                                                                                                                                                                                                                                        								if(_t144 >= 0x20) {
                                                                                                                                                                                                                                                        									L32:
                                                                                                                                                                                                                                                        									__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t244);
                                                                                                                                                                                                                                                        									_t245 = _t248;
                                                                                                                                                                                                                                                        									_push(_t144);
                                                                                                                                                                                                                                                        									_push(_t212);
                                                                                                                                                                                                                                                        									_push(_t226);
                                                                                                                                                                                                                                                        									_t249 = _t248 - 8;
                                                                                                                                                                                                                                                        									_t227 = _t159;
                                                                                                                                                                                                                                                        									_t160 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        									_t102 = _v68;
                                                                                                                                                                                                                                                        									_v92 = _t160 ^ _t245;
                                                                                                                                                                                                                                                        									_t145 =  *((intOrPtr*)(_t227 + 0x14));
                                                                                                                                                                                                                                                        									_t162 =  *((intOrPtr*)(_t227 + 0x10));
                                                                                                                                                                                                                                                        									__eflags = _t145 - _t162 - _t102;
                                                                                                                                                                                                                                                        									_t197 = _v64;
                                                                                                                                                                                                                                                        									if(_t145 - _t162 >= _t102) {
                                                                                                                                                                                                                                                        										_t213 = _t162 + _t102;
                                                                                                                                                                                                                                                        										__eflags = _t145 - 0x10;
                                                                                                                                                                                                                                                        										_t146 = _t227;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t227 + 0x10)) = _t213;
                                                                                                                                                                                                                                                        										if(_t145 >= 0x10) {
                                                                                                                                                                                                                                                        											_t146 =  *_t227;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										memset(_t162 + _t146, _t197, _t102);
                                                                                                                                                                                                                                                        										 *((char*)(_t146 + _t213)) = 0;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v108 = _v32;
                                                                                                                                                                                                                                                        										_v104 = _t102;
                                                                                                                                                                                                                                                        										 *(_t249 - 0x10) = _t102;
                                                                                                                                                                                                                                                        										_v100 = _t197;
                                                                                                                                                                                                                                                        										_t227 = E00BC7330(_t227);
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v28 ^ _t245;
                                                                                                                                                                                                                                                        									E00BEECB0(_v28 ^ _t245, _t197);
                                                                                                                                                                                                                                                        									return _t227;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t201 = _t200 + 0x24;
                                                                                                                                                                                                                                                        									__eflags = _t201;
                                                                                                                                                                                                                                                        									_t148 = _t124;
                                                                                                                                                                                                                                                        									_t159 = _t201;
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t236 = _a16;
                                                                                                                                                                                                                                                        					_t152 =  <  ? _t212 : _a8;
                                                                                                                                                                                                                                                        					if(_t152 != _t236) {
                                                                                                                                                                                                                                                        						_t220 = _t212 - _t152 + 1;
                                                                                                                                                                                                                                                        						_t237 = _t236 - _t152;
                                                                                                                                                                                                                                                        						__eflags = _t237;
                                                                                                                                                                                                                                                        						if(_t237 >= 0) {
                                                                                                                                                                                                                                                        							_t204 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        							_v28 = _t204;
                                                                                                                                                                                                                                                        							_t205 = _t204 - _t97;
                                                                                                                                                                                                                                                        							__eflags = _t237 - _t204 - _t97;
                                                                                                                                                                                                                                                        							if(_t237 <= _t204 - _t97) {
                                                                                                                                                                                                                                                        								__eflags = _v28 - 0x10;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(__ecx + 0x10)) = _t237 + _t97;
                                                                                                                                                                                                                                                        								_t207 = __ecx;
                                                                                                                                                                                                                                                        								if(_v28 >= 0x10) {
                                                                                                                                                                                                                                                        									_t207 =  *__ecx;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_v28 = _t159;
                                                                                                                                                                                                                                                        								_v40 = _t207;
                                                                                                                                                                                                                                                        								_t182 = _a4 + _t207;
                                                                                                                                                                                                                                                        								_v36 = _t182;
                                                                                                                                                                                                                                                        								_t153 = _t152 + _t182;
                                                                                                                                                                                                                                                        								_t184 = _a12;
                                                                                                                                                                                                                                                        								__eflags = _a12 + _a16 - _v36;
                                                                                                                                                                                                                                                        								_t193 = _a16;
                                                                                                                                                                                                                                                        								_v32 = _a16;
                                                                                                                                                                                                                                                        								if(_a12 + _a16 > _v36) {
                                                                                                                                                                                                                                                        									_t210 = _t184;
                                                                                                                                                                                                                                                        									__eflags = _v40 + _t97 - _t210;
                                                                                                                                                                                                                                                        									_t184 = _t210;
                                                                                                                                                                                                                                                        									_t193 = _a16;
                                                                                                                                                                                                                                                        									_v32 = _a16;
                                                                                                                                                                                                                                                        									if(_v40 + _t97 >= _t210) {
                                                                                                                                                                                                                                                        										_t193 = 0;
                                                                                                                                                                                                                                                        										_t223 = _t153 - _t184;
                                                                                                                                                                                                                                                        										__eflags = _t223;
                                                                                                                                                                                                                                                        										_t224 =  <=  ? 0 : _t223;
                                                                                                                                                                                                                                                        										_v32 =  <=  ? 0 : _t223;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t155 = _t184;
                                                                                                                                                                                                                                                        								memmove(_t153 + _t237, _t153, _t220);
                                                                                                                                                                                                                                                        								_t221 = _v32;
                                                                                                                                                                                                                                                        								memmove(_v36, _t155, _t221);
                                                                                                                                                                                                                                                        								_t247 = _t247 + 0x18;
                                                                                                                                                                                                                                                        								memcpy(_v36 + _t221, _t155 + _t237 + _t221, _a16 - _t221);
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v60 = _v24;
                                                                                                                                                                                                                                                        								_v52 = _t152;
                                                                                                                                                                                                                                                        								_v64 = _t237;
                                                                                                                                                                                                                                                        								_v44 = _a16;
                                                                                                                                                                                                                                                        								_v48 = _a12;
                                                                                                                                                                                                                                                        								_t136 = _a4;
                                                                                                                                                                                                                                                        								_v56 = _t136;
                                                                                                                                                                                                                                                        								L21();
                                                                                                                                                                                                                                                        								E00BEECB0(_v20 ^ _t243, _t205);
                                                                                                                                                                                                                                                        								_t131 = _t136;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(__ecx + 0x10)) = _t237 + _t97;
                                                                                                                                                                                                                                                        							_t240 = __ecx;
                                                                                                                                                                                                                                                        							__eflags =  *(__ecx + 0x14) - 0x10;
                                                                                                                                                                                                                                                        							if( *(__ecx + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        								_t240 =  *__ecx;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v28 = _t159;
                                                                                                                                                                                                                                                        							_t241 = _t240 + _t193;
                                                                                                                                                                                                                                                        							memmove(_t241, _a12, _a16);
                                                                                                                                                                                                                                                        							_t247 = _t247 + 0xc;
                                                                                                                                                                                                                                                        							_push(_t220);
                                                                                                                                                                                                                                                        							_push(_t152 + _t241);
                                                                                                                                                                                                                                                        							_push(_t241 + _a16);
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t141 = __ecx;
                                                                                                                                                                                                                                                        						if( *(__ecx + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        							_t141 =  *__ecx;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v28 = _t159;
                                                                                                                                                                                                                                                        						_push(_t236);
                                                                                                                                                                                                                                                        						_push(_a12);
                                                                                                                                                                                                                                                        						_push(_t141 + _t193);
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						memmove();
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						E00BEECB0(_v20 ^ _t243, _t193);
                                                                                                                                                                                                                                                        						_t131 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return _t131;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}













































































                                                                                                                                                                                                                                                        0x00bc6fd0
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memmove$memcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3033661859-0
                                                                                                                                                                                                                                                        • Opcode ID: e399b0f3f23b268ef7e0027c4e9392b94100a41313080217569e83e030234881
                                                                                                                                                                                                                                                        • Instruction ID: 2a520564abfac655373d3bff4a7f7720fa571f72d08b19124f17dbbb504cbef2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e399b0f3f23b268ef7e0027c4e9392b94100a41313080217569e83e030234881
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF517CB1A442199FCF08DF69DC819AF7BF6EF88300B24896DF915A7341DA319D01CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BC58B0(short* _a4, void* _a8, signed int* _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _v212;
                                                                                                                                                                                                                                                        				signed int _v216;
                                                                                                                                                                                                                                                        				signed int _v232;
                                                                                                                                                                                                                                                        				char _v236;
                                                                                                                                                                                                                                                        				void* _v244;
                                                                                                                                                                                                                                                        				char _v248;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				signed int _t76;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				signed int _t78;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t85;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				intOrPtr* _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				short* _t112;
                                                                                                                                                                                                                                                        				short* _t113;
                                                                                                                                                                                                                                                        				short* _t114;
                                                                                                                                                                                                                                                        				intOrPtr* _t119;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				short* _t135;
                                                                                                                                                                                                                                                        				short* _t136;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				intOrPtr* _t140;
                                                                                                                                                                                                                                                        				intOrPtr* _t142;
                                                                                                                                                                                                                                                        				intOrPtr _t143;
                                                                                                                                                                                                                                                        				signed int _t145;
                                                                                                                                                                                                                                                        				signed int _t146;
                                                                                                                                                                                                                                                        				signed int _t147;
                                                                                                                                                                                                                                                        				signed int* _t149;
                                                                                                                                                                                                                                                        				signed int* _t151;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t149 = (_t147 & 0xfffffff8) - 0xe0;
                                                                                                                                                                                                                                                        				_t73 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t112 = _a4;
                                                                                                                                                                                                                                                        				_t139 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t73 ^ _t146;
                                                                                                                                                                                                                                                        				 *(_t112 + 0x14) = 7;
                                                                                                                                                                                                                                                        				 *(_t112 + 0x10) = 0;
                                                                                                                                                                                                                                                        				 *_t112 = 0;
                                                                                                                                                                                                                                                        				if( *_t139 == 0) {
                                                                                                                                                                                                                                                        					L14:
                                                                                                                                                                                                                                                        					_t76 =  *_a12;
                                                                                                                                                                                                                                                        					_t110 =  *_t76;
                                                                                                                                                                                                                                                        					 *_t149 = _t76;
                                                                                                                                                                                                                                                        					__eflags = _t110 - _t76;
                                                                                                                                                                                                                                                        					if(_t110 != _t76) {
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t77 =  *(_t110 + 0x20);
                                                                                                                                                                                                                                                        							__eflags =  *((intOrPtr*)(_t110 + 0x24)) - 8;
                                                                                                                                                                                                                                                        							_t140 = _t110 + 0x10;
                                                                                                                                                                                                                                                        							_t113 = _t140;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t110 + 0x24)) >= 8) {
                                                                                                                                                                                                                                                        								_t113 =  *_t140;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _t77;
                                                                                                                                                                                                                                                        							if(_t77 == 0) {
                                                                                                                                                                                                                                                        								L23:
                                                                                                                                                                                                                                                        								_v232 = 0xffffffff;
                                                                                                                                                                                                                                                        								goto L24;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t135 = _t113;
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									__eflags =  *_t135;
                                                                                                                                                                                                                                                        									if( *_t135 == 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t135 = _t135 + 2;
                                                                                                                                                                                                                                                        									_t77 = _t77 - 1;
                                                                                                                                                                                                                                                        									__eflags = _t77;
                                                                                                                                                                                                                                                        									if(_t77 != 0) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L23;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t134 = _t135 - _t113;
                                                                                                                                                                                                                                                        								__eflags = _t134 - 0xfffffffe;
                                                                                                                                                                                                                                                        								_v232 = _t134 >> 1;
                                                                                                                                                                                                                                                        								if(__eflags != 0) {
                                                                                                                                                                                                                                                        									_t97 = E00BC4A90(_t134, __eflags, 0xbf0f60,  &_v232, "std::wstring::npos == i.first.find(L\'\\0\')");
                                                                                                                                                                                                                                                        									_t149 =  &(_t149[3]);
                                                                                                                                                                                                                                                        									__eflags = _t97;
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										E00BC2030( &_v232, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc", 0x6e, _t97);
                                                                                                                                                                                                                                                        										E00BC20C0();
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L24:
                                                                                                                                                                                                                                                        								_t78 =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        								__eflags =  *((intOrPtr*)(_t110 + 0x3c)) - 8;
                                                                                                                                                                                                                                                        								_t142 = _t110 + 0x28;
                                                                                                                                                                                                                                                        								_t114 = _t142;
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t110 + 0x3c)) >= 8) {
                                                                                                                                                                                                                                                        									_t114 =  *_t142;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t78;
                                                                                                                                                                                                                                                        								if(_t78 == 0) {
                                                                                                                                                                                                                                                        									L30:
                                                                                                                                                                                                                                                        									_v232 = 0xffffffff;
                                                                                                                                                                                                                                                        									goto L31;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t136 = _t114;
                                                                                                                                                                                                                                                        									while(1) {
                                                                                                                                                                                                                                                        										__eflags =  *_t136;
                                                                                                                                                                                                                                                        										if( *_t136 == 0) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t136 = _t136 + 2;
                                                                                                                                                                                                                                                        										_t78 = _t78 - 1;
                                                                                                                                                                                                                                                        										__eflags = _t78;
                                                                                                                                                                                                                                                        										if(_t78 != 0) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t134 = _t136 - _t114;
                                                                                                                                                                                                                                                        									__eflags = _t134 - 0xfffffffe;
                                                                                                                                                                                                                                                        									_v232 = _t134 >> 1;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										L31:
                                                                                                                                                                                                                                                        										__eflags =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        										if( *(_t110 + 0x38) != 0) {
                                                                                                                                                                                                                                                        											L45:
                                                                                                                                                                                                                                                        											_t79 =  *(_t110 + 0x20);
                                                                                                                                                                                                                                                        											__eflags =  *((intOrPtr*)(_t110 + 0x24)) - 7;
                                                                                                                                                                                                                                                        											if( *((intOrPtr*)(_t110 + 0x24)) > 7) {
                                                                                                                                                                                                                                                        												_t140 =  *((intOrPtr*)(_t110 + 0x10));
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB73B0(_a4, _t140, _t79);
                                                                                                                                                                                                                                                        											E00BC5CD0(_t110, _a4, 0x3d);
                                                                                                                                                                                                                                                        											_t82 =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        											__eflags =  *((intOrPtr*)(_t110 + 0x3c)) - 7;
                                                                                                                                                                                                                                                        											if( *((intOrPtr*)(_t110 + 0x3c)) > 7) {
                                                                                                                                                                                                                                                        												_t142 =  *((intOrPtr*)(_t110 + 0x28));
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB73B0(_a4, _t142, _t82);
                                                                                                                                                                                                                                                        											E00BC5CD0(_t110, _a4, 0);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L32:
                                                                                                                                                                                                                                                        										_t119 =  *((intOrPtr*)(_t110 + 8));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t119 + 0xd));
                                                                                                                                                                                                                                                        										if( *((char*)(_t119 + 0xd)) == 0) {
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												_t85 = _t119;
                                                                                                                                                                                                                                                        												_t119 =  *_t119;
                                                                                                                                                                                                                                                        												__eflags =  *((char*)(_t119 + 0xd));
                                                                                                                                                                                                                                                        											} while ( *((char*)(_t119 + 0xd)) == 0);
                                                                                                                                                                                                                                                        											goto L16;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											_t85 =  *((intOrPtr*)(_t110 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t85 + 0xd));
                                                                                                                                                                                                                                                        											if( *((char*)(_t85 + 0xd)) != 0) {
                                                                                                                                                                                                                                                        												goto L16;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = _t110 -  *((intOrPtr*)(_t85 + 8));
                                                                                                                                                                                                                                                        											_t110 = _t85;
                                                                                                                                                                                                                                                        											if(__eflags == 0) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L16;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L16;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t92 = E00BC4A90(_t134, __eflags, 0xbf0f60,  &_v232, "std::wstring::npos == i.second.find(L\'\\0\')");
                                                                                                                                                                                                                                                        									_t149 =  &(_t149[3]);
                                                                                                                                                                                                                                                        									__eflags = _t92;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										goto L31;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									E00BC2030( &_v232, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc", 0x6f, _t92);
                                                                                                                                                                                                                                                        									E00BC20C0();
                                                                                                                                                                                                                                                        									__eflags =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        									if( *(_t110 + 0x38) == 0) {
                                                                                                                                                                                                                                                        										goto L32;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L45;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L16:
                                                                                                                                                                                                                                                        							__eflags = _t85 -  *_t149;
                                                                                                                                                                                                                                                        							_t110 = _t85;
                                                                                                                                                                                                                                                        						} while (_t85 !=  *_t149);
                                                                                                                                                                                                                                                        						L50:
                                                                                                                                                                                                                                                        						_t143 = _a4;
                                                                                                                                                                                                                                                        						E00BC5CD0(_t110, _t143, 0);
                                                                                                                                                                                                                                                        						__eflags = _v28 ^ _t146;
                                                                                                                                                                                                                                                        						E00BEECB0(_v28 ^ _t146, _t134);
                                                                                                                                                                                                                                                        						return _t143;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L50;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t127 =  &_v232;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t111 = _t139;
                                                                                                                                                                                                                                                        						_t145 = 0;
                                                                                                                                                                                                                                                        						_v28 = 7;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							_t99 =  *(_t111 + _t145 * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t99 == 0 || _t99 == 0x3d) {
                                                                                                                                                                                                                                                        								break;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t145 = _t145 + 1;
                                                                                                                                                                                                                                                        							_t139 = _t139 + 2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _t145 - 7;
                                                                                                                                                                                                                                                        						_v212 = 7;
                                                                                                                                                                                                                                                        						_v216 = 0;
                                                                                                                                                                                                                                                        						_v232 = 0;
                                                                                                                                                                                                                                                        						if(_t145 <= 7) {
                                                                                                                                                                                                                                                        							_v216 = _t145;
                                                                                                                                                                                                                                                        							_t101 = memmove(_t127, _t111, _t145 + _t145);
                                                                                                                                                                                                                                                        							_t151 =  &(_t149[3]);
                                                                                                                                                                                                                                                        							 *((short*)(_t151 + 8 + _t145 * 2)) = 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t151 = _t149 - 0xc;
                                                                                                                                                                                                                                                        							_v248 = _v236;
                                                                                                                                                                                                                                                        							_v244 = _t111;
                                                                                                                                                                                                                                                        							 *_t151 = _t145;
                                                                                                                                                                                                                                                        							_t101 = E00BBA7D0(_t111, _t127, _t139, _t145);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t102 = E00BBDF30(_t101,  &_v48, 7);
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [esp+0x18]");
                                                                                                                                                                                                                                                        						asm("movsd xmm2, [esp+0x8]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [esp+0x10]");
                                                                                                                                                                                                                                                        						_v216 = 0;
                                                                                                                                                                                                                                                        						_v212 = 7;
                                                                                                                                                                                                                                                        						_v232 = 0;
                                                                                                                                                                                                                                                        						asm("movsd [esp+0xd0], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0xc8], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0xc0], xmm2");
                                                                                                                                                                                                                                                        						E00BBDF30(_t102,  &_v232, 7);
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t145 = _t145 + 1;
                                                                                                                                                                                                                                                        							__eflags =  *_t139;
                                                                                                                                                                                                                                                        							_t139 = _t139 + 2;
                                                                                                                                                                                                                                                        						} while (__eflags != 0);
                                                                                                                                                                                                                                                        						_t138 =  &_v232;
                                                                                                                                                                                                                                                        						E00BC5C60( &_v48, _a12,  &_v232,  &_v48);
                                                                                                                                                                                                                                                        						_t149 =  &(_t151[1]);
                                                                                                                                                                                                                                                        						_t107 = _v232;
                                                                                                                                                                                                                                                        						__eflags = _v232 -  *_a12;
                                                                                                                                                                                                                                                        						if(_v232 ==  *_a12) {
                                                                                                                                                                                                                                                        							_t107 = E00BB73B0(_a4, _t111, _t145);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						E00BBDF30(_t107,  &_v48, _t138);
                                                                                                                                                                                                                                                        						__eflags =  *_t139;
                                                                                                                                                                                                                                                        						_t134 = 7;
                                                                                                                                                                                                                                                        						_t127 =  &_v232;
                                                                                                                                                                                                                                                        					} while ( *_t139 != 0);
                                                                                                                                                                                                                                                        					goto L14;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
















































                                                                                                                                                                                                                                                        0x00bc58b9
                                                                                                                                                                                                                                                        0x00bc58bf
                                                                                                                                                                                                                                                        0x00bc58c4
                                                                                                                                                                                                                                                        0x00bc58c7
                                                                                                                                                                                                                                                        0x00bc58cc
                                                                                                                                                                                                                                                        0x00bc58d3
                                                                                                                                                                                                                                                        0x00bc58da
                                                                                                                                                                                                                                                        0x00bc58e1
                                                                                                                                                                                                                                                        0x00bc58ea
                                                                                                                                                                                                                                                        0x00bc5a61
                                                                                                                                                                                                                                                        0x00bc5a64
                                                                                                                                                                                                                                                        0x00bc5a66
                                                                                                                                                                                                                                                        0x00bc5a68
                                                                                                                                                                                                                                                        0x00bc5a6b
                                                                                                                                                                                                                                                        0x00bc5a6d
                                                                                                                                                                                                                                                        0x00bc5a8b
                                                                                                                                                                                                                                                        0x00bc5a8b
                                                                                                                                                                                                                                                        0x00bc5a8e
                                                                                                                                                                                                                                                        0x00bc5a92
                                                                                                                                                                                                                                                        0x00bc5a95
                                                                                                                                                                                                                                                        0x00bc5a97
                                                                                                                                                                                                                                                        0x00bc5a99
                                                                                                                                                                                                                                                        0x00bc5a99
                                                                                                                                                                                                                                                        0x00bc5a9b
                                                                                                                                                                                                                                                        0x00bc5a9d
                                                                                                                                                                                                                                                        0x00bc5ac0
                                                                                                                                                                                                                                                        0x00bc5ac0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5a9f
                                                                                                                                                                                                                                                        0x00bc5a9f
                                                                                                                                                                                                                                                        0x00bc5aa1
                                                                                                                                                                                                                                                        0x00bc5ab0
                                                                                                                                                                                                                                                        0x00bc5ab0
                                                                                                                                                                                                                                                        0x00bc5ab4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5aba
                                                                                                                                                                                                                                                        0x00bc5abd
                                                                                                                                                                                                                                                        0x00bc5abd
                                                                                                                                                                                                                                                        0x00bc5abe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5abe
                                                                                                                                                                                                                                                        0x00bc5b40
                                                                                                                                                                                                                                                        0x00bc5b46
                                                                                                                                                                                                                                                        0x00bc5b49
                                                                                                                                                                                                                                                        0x00bc5b4d
                                                                                                                                                                                                                                                        0x00bc5b62
                                                                                                                                                                                                                                                        0x00bc5b67
                                                                                                                                                                                                                                                        0x00bc5b6a
                                                                                                                                                                                                                                                        0x00bc5b6c
                                                                                                                                                                                                                                                        0x00bc5b80
                                                                                                                                                                                                                                                        0x00bc5b87
                                                                                                                                                                                                                                                        0x00bc5b87
                                                                                                                                                                                                                                                        0x00bc5b6c
                                                                                                                                                                                                                                                        0x00bc5ac8
                                                                                                                                                                                                                                                        0x00bc5ac8
                                                                                                                                                                                                                                                        0x00bc5acb
                                                                                                                                                                                                                                                        0x00bc5acf
                                                                                                                                                                                                                                                        0x00bc5ad2
                                                                                                                                                                                                                                                        0x00bc5ad4
                                                                                                                                                                                                                                                        0x00bc5ad6
                                                                                                                                                                                                                                                        0x00bc5ad6
                                                                                                                                                                                                                                                        0x00bc5ad8
                                                                                                                                                                                                                                                        0x00bc5ada
                                                                                                                                                                                                                                                        0x00bc5af0
                                                                                                                                                                                                                                                        0x00bc5af0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5adc
                                                                                                                                                                                                                                                        0x00bc5adc
                                                                                                                                                                                                                                                        0x00bc5ae0
                                                                                                                                                                                                                                                        0x00bc5ae0
                                                                                                                                                                                                                                                        0x00bc5ae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5aea
                                                                                                                                                                                                                                                        0x00bc5aed
                                                                                                                                                                                                                                                        0x00bc5aed
                                                                                                                                                                                                                                                        0x00bc5aee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5aee
                                                                                                                                                                                                                                                        0x00bc5ba0
                                                                                                                                                                                                                                                        0x00bc5ba6
                                                                                                                                                                                                                                                        0x00bc5ba9
                                                                                                                                                                                                                                                        0x00bc5bad
                                                                                                                                                                                                                                                        0x00bc5af8
                                                                                                                                                                                                                                                        0x00bc5af8
                                                                                                                                                                                                                                                        0x00bc5afc
                                                                                                                                                                                                                                                        0x00bc5bf6
                                                                                                                                                                                                                                                        0x00bc5bf6
                                                                                                                                                                                                                                                        0x00bc5bf9
                                                                                                                                                                                                                                                        0x00bc5bfd
                                                                                                                                                                                                                                                        0x00bc5bff
                                                                                                                                                                                                                                                        0x00bc5bff
                                                                                                                                                                                                                                                        0x00bc5c07
                                                                                                                                                                                                                                                        0x00bc5c11
                                                                                                                                                                                                                                                        0x00bc5c16
                                                                                                                                                                                                                                                        0x00bc5c19
                                                                                                                                                                                                                                                        0x00bc5c1d
                                                                                                                                                                                                                                                        0x00bc5c1f
                                                                                                                                                                                                                                                        0x00bc5c1f
                                                                                                                                                                                                                                                        0x00bc5c29
                                                                                                                                                                                                                                                        0x00bc5c32
                                                                                                                                                                                                                                                        0x00bc5c32
                                                                                                                                                                                                                                                        0x00bc5b02
                                                                                                                                                                                                                                                        0x00bc5b02
                                                                                                                                                                                                                                                        0x00bc5b05
                                                                                                                                                                                                                                                        0x00bc5b09
                                                                                                                                                                                                                                                        0x00bc5b30
                                                                                                                                                                                                                                                        0x00bc5b30
                                                                                                                                                                                                                                                        0x00bc5b32
                                                                                                                                                                                                                                                        0x00bc5b34
                                                                                                                                                                                                                                                        0x00bc5b34
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b3a
                                                                                                                                                                                                                                                        0x00bc5b10
                                                                                                                                                                                                                                                        0x00bc5b10
                                                                                                                                                                                                                                                        0x00bc5b13
                                                                                                                                                                                                                                                        0x00bc5b17
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b1d
                                                                                                                                                                                                                                                        0x00bc5b20
                                                                                                                                                                                                                                                        0x00bc5b22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b24
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b10
                                                                                                                                                                                                                                                        0x00bc5bc2
                                                                                                                                                                                                                                                        0x00bc5bc7
                                                                                                                                                                                                                                                        0x00bc5bca
                                                                                                                                                                                                                                                        0x00bc5bcc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5bde
                                                                                                                                                                                                                                                        0x00bc5be7
                                                                                                                                                                                                                                                        0x00bc5bec
                                                                                                                                                                                                                                                        0x00bc5bf0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5bf0
                                                                                                                                                                                                                                                        0x00bc5ada
                                                                                                                                                                                                                                                        0x00bc5a80
                                                                                                                                                                                                                                                        0x00bc5a80
                                                                                                                                                                                                                                                        0x00bc5a83
                                                                                                                                                                                                                                                        0x00bc5a83
                                                                                                                                                                                                                                                        0x00bc5c3c
                                                                                                                                                                                                                                                        0x00bc5c3c
                                                                                                                                                                                                                                                        0x00bc5c43
                                                                                                                                                                                                                                                        0x00bc5c4f
                                                                                                                                                                                                                                                        0x00bc5c51
                                                                                                                                                                                                                                                        0x00bc5c5f
                                                                                                                                                                                                                                                        0x00bc5c5f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc58f0
                                                                                                                                                                                                                                                        0x00bc58f5
                                                                                                                                                                                                                                                        0x00bc591f
                                                                                                                                                                                                                                                        0x00bc591f
                                                                                                                                                                                                                                                        0x00bc5921
                                                                                                                                                                                                                                                        0x00bc5923
                                                                                                                                                                                                                                                        0x00bc592a
                                                                                                                                                                                                                                                        0x00bc5935
                                                                                                                                                                                                                                                        0x00bc5940
                                                                                                                                                                                                                                                        0x00bc5940
                                                                                                                                                                                                                                                        0x00bc5947
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc594f
                                                                                                                                                                                                                                                        0x00bc5950
                                                                                                                                                                                                                                                        0x00bc5950
                                                                                                                                                                                                                                                        0x00bc5960
                                                                                                                                                                                                                                                        0x00bc5963
                                                                                                                                                                                                                                                        0x00bc5967
                                                                                                                                                                                                                                                        0x00bc596f
                                                                                                                                                                                                                                                        0x00bc5976
                                                                                                                                                                                                                                                        0x00bc59a3
                                                                                                                                                                                                                                                        0x00bc59aa
                                                                                                                                                                                                                                                        0x00bc59af
                                                                                                                                                                                                                                                        0x00bc59b2
                                                                                                                                                                                                                                                        0x00bc5978
                                                                                                                                                                                                                                                        0x00bc5978
                                                                                                                                                                                                                                                        0x00bc597f
                                                                                                                                                                                                                                                        0x00bc5983
                                                                                                                                                                                                                                                        0x00bc5987
                                                                                                                                                                                                                                                        0x00bc598a
                                                                                                                                                                                                                                                        0x00bc598a
                                                                                                                                                                                                                                                        0x00bc59c0
                                                                                                                                                                                                                                                        0x00bc59c5
                                                                                                                                                                                                                                                        0x00bc59cb
                                                                                                                                                                                                                                                        0x00bc59d1
                                                                                                                                                                                                                                                        0x00bc59db
                                                                                                                                                                                                                                                        0x00bc59e3
                                                                                                                                                                                                                                                        0x00bc59eb
                                                                                                                                                                                                                                                        0x00bc59f2
                                                                                                                                                                                                                                                        0x00bc59fb
                                                                                                                                                                                                                                                        0x00bc5a04
                                                                                                                                                                                                                                                        0x00bc5a0d
                                                                                                                                                                                                                                                        0x00bc5a12
                                                                                                                                                                                                                                                        0x00bc5a20
                                                                                                                                                                                                                                                        0x00bc5a20
                                                                                                                                                                                                                                                        0x00bc5a21
                                                                                                                                                                                                                                                        0x00bc5a25
                                                                                                                                                                                                                                                        0x00bc5a25
                                                                                                                                                                                                                                                        0x00bc5a2d
                                                                                                                                                                                                                                                        0x00bc5a3b
                                                                                                                                                                                                                                                        0x00bc5a40
                                                                                                                                                                                                                                                        0x00bc5a43
                                                                                                                                                                                                                                                        0x00bc5a4a
                                                                                                                                                                                                                                                        0x00bc5a4c
                                                                                                                                                                                                                                                        0x00bc5a57
                                                                                                                                                                                                                                                        0x00bc5a57
                                                                                                                                                                                                                                                        0x00bc5907
                                                                                                                                                                                                                                                        0x00bc590c
                                                                                                                                                                                                                                                        0x00bc5910
                                                                                                                                                                                                                                                        0x00bc5915
                                                                                                                                                                                                                                                        0x00bc5915
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc591f

                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • std::wstring::npos == i.first.find(L'\0'), xrefs: 00BC5B53
                                                                                                                                                                                                                                                        • std::wstring::npos == i.second.find(L'\0'), xrefs: 00BC5BB3
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc, xrefs: 00BC5B7B, 00BC5BD9
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc$std::wstring::npos == i.first.find(L'\0')$std::wstring::npos == i.second.find(L'\0')
                                                                                                                                                                                                                                                        • API String ID: 0-119606527
                                                                                                                                                                                                                                                        • Opcode ID: 40a8a0c34ff66f061018c25bf566ee3c9e9a037f98361f4a1e6e4ad11d5657ad
                                                                                                                                                                                                                                                        • Instruction ID: 68dbbd042b898242daf6d317732632417458cedaf8e6e630c0d6f899fc99d197
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 40a8a0c34ff66f061018c25bf566ee3c9e9a037f98361f4a1e6e4ad11d5657ad
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60919F70608B059BD734DF15C880FAB7BE5FF84350F54899DF88A8B291DB70A985CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 83%
                                                                                                                                                                                                                                                        			E00BE3A00(void* __eflags, intOrPtr _a4, wchar_t* _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				short _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed short* _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				intOrPtr _t85;
                                                                                                                                                                                                                                                        				signed short* _t90;
                                                                                                                                                                                                                                                        				int _t93;
                                                                                                                                                                                                                                                        				signed short* _t95;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				void* _t99;
                                                                                                                                                                                                                                                        				intOrPtr* _t102;
                                                                                                                                                                                                                                                        				signed short* _t104;
                                                                                                                                                                                                                                                        				intOrPtr* _t111;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed short* _t130;
                                                                                                                                                                                                                                                        				intOrPtr _t131;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v40 = _t131;
                                                                                                                                                                                                                                                        				_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        				_v24 = 0xbf974c;
                                                                                                                                                                                                                                                        				_v28 = 0xbef860;
                                                                                                                                                                                                                                                        				_t130 = 0xc0000017;
                                                                                                                                                                                                                                                        				_v32 =  *[fs:0x0];
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &_v32;
                                                                                                                                                                                                                                                        				if(E00BE3850( &_v32) == 0) {
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					 *[fs:0x0] = _v32;
                                                                                                                                                                                                                                                        					return _t130;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t102 =  *0xbfb690;
                                                                                                                                                                                                                                                        					if(_t102 == 0) {
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						E00BEB3D0("NtQueryObject", 0xbfb690);
                                                                                                                                                                                                                                                        						_t131 = _t131 + 8;
                                                                                                                                                                                                                                                        						_t102 =  *0xbfb690;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_v44 =  *_t102(_a4, 1, 0, 0,  &_v56);
                                                                                                                                                                                                                                                        					_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					E00BC8110( &_v48);
                                                                                                                                                                                                                                                        					_t76 = _v56;
                                                                                                                                                                                                                                                        					_t104 = _v44;
                                                                                                                                                                                                                                                        					if(_v56 != 0) {
                                                                                                                                                                                                                                                        						_v20 = 1;
                                                                                                                                                                                                                                                        						_t97 = E00BE3CE0(_t76, 0);
                                                                                                                                                                                                                                                        						_t131 = _t131 - 4 + 0xc;
                                                                                                                                                                                                                                                        						E00BE3CC0( &_v48, _t97);
                                                                                                                                                                                                                                                        						_t99 = E00BD1C40( &_v48);
                                                                                                                                                                                                                                                        						_t104 =  *0xbfb690(_a4, 1, _t99, _v56,  &_v56);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t104 == 0) {
                                                                                                                                                                                                                                                        						_v20 = 1;
                                                                                                                                                                                                                                                        						_v44 = E00BD1C40( &_v48);
                                                                                                                                                                                                                                                        						_t83 = E00BE3D00(E00BE3CC0(_a12, E00BE3CE0(( *_v44 & 0x0000ffff) + 0x00000004 + wcslen(_a8) * 0x00000002 & 0xfffffffe, 0)), _a12);
                                                                                                                                                                                                                                                        						_t104 = 0;
                                                                                                                                                                                                                                                        						if(_t83 != 0) {
                                                                                                                                                                                                                                                        							_v44 = E00BD1C40(_a12);
                                                                                                                                                                                                                                                        							_v52 = E00BD1C40( &_v48);
                                                                                                                                                                                                                                                        							_t90 = E00BE3980(_v44, (E00BD1C40( &_v48))[2],  *_v52 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t104 = _t90;
                                                                                                                                                                                                                                                        							if(_t90 >= 0) {
                                                                                                                                                                                                                                                        								_t120 =  *(E00BD1C40( &_v48)) & 0xfffe;
                                                                                                                                                                                                                                                        								_v52 = _t120;
                                                                                                                                                                                                                                                        								 *((short*)(_v44 + _t120)) = 0x5c;
                                                                                                                                                                                                                                                        								_t93 = wcslen(_a8);
                                                                                                                                                                                                                                                        								_v52 = _v44 + _v52 + 2;
                                                                                                                                                                                                                                                        								_t95 = E00BE3980(_v44 + _v52 + 2, _a8, _t93 + _t93);
                                                                                                                                                                                                                                                        								_t104 = _t95;
                                                                                                                                                                                                                                                        								if(_t95 >= 0) {
                                                                                                                                                                                                                                                        									_v44 = _t104;
                                                                                                                                                                                                                                                        									_t96 = wcslen(_a8);
                                                                                                                                                                                                                                                        									_t104 = _v44;
                                                                                                                                                                                                                                                        									 *((short*)(_v52 + _t96 * 2)) = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v44 = _t104;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					E00BE3D10( &_v48);
                                                                                                                                                                                                                                                        					_t130 = _v44;
                                                                                                                                                                                                                                                        					_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        					_t111 = _a12;
                                                                                                                                                                                                                                                        					if(_t130 < 0) {
                                                                                                                                                                                                                                                        						_t85 =  *_t111;
                                                                                                                                                                                                                                                        						if(_t85 != 0) {
                                                                                                                                                                                                                                                        							 *_t111 = 0;
                                                                                                                                                                                                                                                        							_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        							 *0xbfb668( *0xbfb67c, 0, _t85);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00be3a09
                                                                                                                                                                                                                                                        0x00be3a0c
                                                                                                                                                                                                                                                        0x00be3a13
                                                                                                                                                                                                                                                        0x00be3a1a
                                                                                                                                                                                                                                                        0x00be3a24
                                                                                                                                                                                                                                                        0x00be3a30
                                                                                                                                                                                                                                                        0x00be3a33
                                                                                                                                                                                                                                                        0x00be3a40
                                                                                                                                                                                                                                                        0x00be3afe
                                                                                                                                                                                                                                                        0x00be3b01
                                                                                                                                                                                                                                                        0x00be3b10
                                                                                                                                                                                                                                                        0x00be3a46
                                                                                                                                                                                                                                                        0x00be3a46
                                                                                                                                                                                                                                                        0x00be3a4e
                                                                                                                                                                                                                                                        0x00be3b11
                                                                                                                                                                                                                                                        0x00be3b22
                                                                                                                                                                                                                                                        0x00be3b27
                                                                                                                                                                                                                                                        0x00be3b2a
                                                                                                                                                                                                                                                        0x00be3b2a
                                                                                                                                                                                                                                                        0x00be3a57
                                                                                                                                                                                                                                                        0x00be3a5e
                                                                                                                                                                                                                                                        0x00be3a65
                                                                                                                                                                                                                                                        0x00be3a78
                                                                                                                                                                                                                                                        0x00be3a7e
                                                                                                                                                                                                                                                        0x00be3a85
                                                                                                                                                                                                                                                        0x00be3a8c
                                                                                                                                                                                                                                                        0x00be3a91
                                                                                                                                                                                                                                                        0x00be3a94
                                                                                                                                                                                                                                                        0x00be3a99
                                                                                                                                                                                                                                                        0x00be3a9b
                                                                                                                                                                                                                                                        0x00be3aa8
                                                                                                                                                                                                                                                        0x00be3aad
                                                                                                                                                                                                                                                        0x00be3ab5
                                                                                                                                                                                                                                                        0x00be3abd
                                                                                                                                                                                                                                                        0x00be3ad5
                                                                                                                                                                                                                                                        0x00be3ad5
                                                                                                                                                                                                                                                        0x00be3ad9
                                                                                                                                                                                                                                                        0x00be3b5d
                                                                                                                                                                                                                                                        0x00be3b69
                                                                                                                                                                                                                                                        0x00be3ba0
                                                                                                                                                                                                                                                        0x00be3ba5
                                                                                                                                                                                                                                                        0x00be3ba9
                                                                                                                                                                                                                                                        0x00be3bb7
                                                                                                                                                                                                                                                        0x00be3bc2
                                                                                                                                                                                                                                                        0x00be3bda
                                                                                                                                                                                                                                                        0x00be3be2
                                                                                                                                                                                                                                                        0x00be3be6
                                                                                                                                                                                                                                                        0x00be3bfa
                                                                                                                                                                                                                                                        0x00be3bfd
                                                                                                                                                                                                                                                        0x00be3c00
                                                                                                                                                                                                                                                        0x00be3c09
                                                                                                                                                                                                                                                        0x00be3c22
                                                                                                                                                                                                                                                        0x00be3c26
                                                                                                                                                                                                                                                        0x00be3c2e
                                                                                                                                                                                                                                                        0x00be3c32
                                                                                                                                                                                                                                                        0x00be3c3b
                                                                                                                                                                                                                                                        0x00be3c3e
                                                                                                                                                                                                                                                        0x00be3c44
                                                                                                                                                                                                                                                        0x00be3c4d
                                                                                                                                                                                                                                                        0x00be3c4d
                                                                                                                                                                                                                                                        0x00be3c32
                                                                                                                                                                                                                                                        0x00be3be6
                                                                                                                                                                                                                                                        0x00be3ba9
                                                                                                                                                                                                                                                        0x00be3adb
                                                                                                                                                                                                                                                        0x00be3ae1
                                                                                                                                                                                                                                                        0x00be3ae8
                                                                                                                                                                                                                                                        0x00be3aed
                                                                                                                                                                                                                                                        0x00be3af0
                                                                                                                                                                                                                                                        0x00be3af7
                                                                                                                                                                                                                                                        0x00be3afc
                                                                                                                                                                                                                                                        0x00be3b35
                                                                                                                                                                                                                                                        0x00be3b39
                                                                                                                                                                                                                                                        0x00be3b3b
                                                                                                                                                                                                                                                        0x00be3b41
                                                                                                                                                                                                                                                        0x00be3b52
                                                                                                                                                                                                                                                        0x00be3b52
                                                                                                                                                                                                                                                        0x00be3b39
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3afc

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BE3B6F
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BE3C09
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BE3C3E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcslen
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 4088430540-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: 6d2c3a7ac5f21fcbcd06a698dc74167b83969f098f885b239ca8c8d4ac730839
                                                                                                                                                                                                                                                        • Instruction ID: fbc1e959ce8ae82847bdb794cc8080cd79295ee86402bec0d0d8e41edfeb94e8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d2c3a7ac5f21fcbcd06a698dc74167b83969f098f885b239ca8c8d4ac730839
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B8618C70900249ABCB14DFA5DC59BEEBBF1FF04714F144269E8226B391EB719A14CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 97%
                                                                                                                                                                                                                                                        			E00BE6B10(signed int __ecx, int* _a4, intOrPtr _a8, signed int _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v60;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				void* _t107;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				signed int** _t109;
                                                                                                                                                                                                                                                        				int* _t113;
                                                                                                                                                                                                                                                        				int* _t114;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				intOrPtr _t128;
                                                                                                                                                                                                                                                        				intOrPtr _t130;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				signed int _t132;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				intOrPtr _t137;
                                                                                                                                                                                                                                                        				signed int _t140;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        				void* _t143;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t74 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t125 = _a12;
                                                                                                                                                                                                                                                        				_t130 = _a8;
                                                                                                                                                                                                                                                        				_t106 = 0;
                                                                                                                                                                                                                                                        				_v20 = _t74 ^ _t140;
                                                                                                                                                                                                                                                        				if(_t130 < _t125) {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t140, _t125);
                                                                                                                                                                                                                                                        					return _t106;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v32 = __ecx;
                                                                                                                                                                                                                                                        				if((_t125 & 0x0000001f) != 0) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t131 = _t130 + 0xfffffff8;
                                                                                                                                                                                                                                                        				_t5 = _t125 + 0x14; // 0x14
                                                                                                                                                                                                                                                        				_t134 = _t5;
                                                                                                                                                                                                                                                        				_t106 = 0;
                                                                                                                                                                                                                                                        				_t80 = _t131;
                                                                                                                                                                                                                                                        				_t81 = _t80 / _t134;
                                                                                                                                                                                                                                                        				_t125 = _t80 % _t134;
                                                                                                                                                                                                                                                        				if(_t134 <= _t131) {
                                                                                                                                                                                                                                                        					_t113 = _a4;
                                                                                                                                                                                                                                                        					_t135 = _v32;
                                                                                                                                                                                                                                                        					_v36 = _t81;
                                                                                                                                                                                                                                                        					_v40 = 8 + (_t81 + _t81 * 4) * 4;
                                                                                                                                                                                                                                                        					 *_t135 = _t113;
                                                                                                                                                                                                                                                        					 *_t113 = 0;
                                                                                                                                                                                                                                                        					_t114 =  *_t135;
                                                                                                                                                                                                                                                        					_v44 = _t135 + 4;
                                                                                                                                                                                                                                                        					_t85 = 0;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_v60 = _t106;
                                                                                                                                                                                                                                                        						_v28 = _t114;
                                                                                                                                                                                                                                                        						_v48 = _t85;
                                                                                                                                                                                                                                                        						_push(0x24);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						 *_t85 = 0;
                                                                                                                                                                                                                                                        						 *(_t85 + 4) = 0;
                                                                                                                                                                                                                                                        						_v24 = _t85;
                                                                                                                                                                                                                                                        						_t132 = _t85;
                                                                                                                                                                                                                                                        						_v56 = _t85 + 4;
                                                                                                                                                                                                                                                        						_t88 = E00BE70E0( &_v24, _t106, _v44,  *((intOrPtr*)(_t135 + 4)), _t132,  &_v24);
                                                                                                                                                                                                                                                        						_t143 = _t141 + 8;
                                                                                                                                                                                                                                                        						_t136 = _v24;
                                                                                                                                                                                                                                                        						if(_t136 != 0) {
                                                                                                                                                                                                                                                        							_t32 = _t136 + 4; // 0x404
                                                                                                                                                                                                                                                        							E00BC51B0(E00BC51B0(_t88, _t32), _t136);
                                                                                                                                                                                                                                                        							_push(_t136);
                                                                                                                                                                                                                                                        							L00BEF6C0();
                                                                                                                                                                                                                                                        							_t143 = _t143 + 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t107 = _v28;
                                                                                                                                                                                                                                                        						_t137 = _v60;
                                                                                                                                                                                                                                                        						_t125 = _t132;
                                                                                                                                                                                                                                                        						_t36 = _t137 + 0x10; // 0x14
                                                                                                                                                                                                                                                        						_t38 = _t137 + 0x14; // 0x18
                                                                                                                                                                                                                                                        						_v52 = _t107 + _t36;
                                                                                                                                                                                                                                                        						_t90 = E00BE6CD0(_v32, _t132, _v56, _v52, _t107 + _t38);
                                                                                                                                                                                                                                                        						_t141 = _t143 + 0xc;
                                                                                                                                                                                                                                                        						if(_t90 == 0) {
                                                                                                                                                                                                                                                        							L11:
                                                                                                                                                                                                                                                        							_t106 = 0;
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t128 = _v40;
                                                                                                                                                                                                                                                        						_t46 = _t137 + 8; // 0xc
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t107 + _t137 + 8)) = _t128;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t107 + _t137 + 0xc)) = 1;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t132 + 0x10)) = _a4;
                                                                                                                                                                                                                                                        						_t119 = _a12;
                                                                                                                                                                                                                                                        						 *(_t132 + 8) = _t119;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t132 + 0x14)) = _t107 + _t46;
                                                                                                                                                                                                                                                        						_t108 = _v32;
                                                                                                                                                                                                                                                        						_v40 = _t128 + _t119;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t132 + 0xc)) =  *((intOrPtr*)(_t107 + _t137 + 8)) + _a4;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t132 + 0x18)) =  *((intOrPtr*)(_t108 + 0x18));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t132 + 0x1c)) =  *((intOrPtr*)(_t108 + 0x10));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t132 + 0x20)) =  *((intOrPtr*)(_t108 + 0x14));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t108 + 0xc))))))(_t108,  *_t132, E00BE6D60, _t132);
                                                                                                                                                                                                                                                        						_t114 =  *_t108;
                                                                                                                                                                                                                                                        						_t125 = _t108;
                                                                                                                                                                                                                                                        						_t106 = _t137 + 0x14;
                                                                                                                                                                                                                                                        						_t135 = _t108;
                                                                                                                                                                                                                                                        						_t85 = _v48 + 1;
                                                                                                                                                                                                                                                        					} while (_t85 != _v36);
                                                                                                                                                                                                                                                        					_t109 = _t135;
                                                                                                                                                                                                                                                        					_v28 =  *((intOrPtr*)(_t135 + 0x10));
                                                                                                                                                                                                                                                        					if(DuplicateHandle(GetCurrentProcess(),  *0xbfb6b0, _v28,  &(_t114[1]), 0x100002, 0, 0) == 0) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t106 = 1;
                                                                                                                                                                                                                                                        					 *( *_t109) = _v36;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L3;
                                                                                                                                                                                                                                                        			}








































                                                                                                                                                                                                                                                        0x00be6b19
                                                                                                                                                                                                                                                        0x00be6b1e
                                                                                                                                                                                                                                                        0x00be6b21
                                                                                                                                                                                                                                                        0x00be6b24
                                                                                                                                                                                                                                                        0x00be6b2a
                                                                                                                                                                                                                                                        0x00be6b2d
                                                                                                                                                                                                                                                        0x00be6b4b
                                                                                                                                                                                                                                                        0x00be6b50
                                                                                                                                                                                                                                                        0x00be6b5e
                                                                                                                                                                                                                                                        0x00be6b5e
                                                                                                                                                                                                                                                        0x00be6b31
                                                                                                                                                                                                                                                        0x00be6b37
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6b39
                                                                                                                                                                                                                                                        0x00be6b3c
                                                                                                                                                                                                                                                        0x00be6b3c
                                                                                                                                                                                                                                                        0x00be6b41
                                                                                                                                                                                                                                                        0x00be6b43
                                                                                                                                                                                                                                                        0x00be6b45
                                                                                                                                                                                                                                                        0x00be6b45
                                                                                                                                                                                                                                                        0x00be6b49
                                                                                                                                                                                                                                                        0x00be6b61
                                                                                                                                                                                                                                                        0x00be6b64
                                                                                                                                                                                                                                                        0x00be6b67
                                                                                                                                                                                                                                                        0x00be6b74
                                                                                                                                                                                                                                                        0x00be6b77
                                                                                                                                                                                                                                                        0x00be6b79
                                                                                                                                                                                                                                                        0x00be6b82
                                                                                                                                                                                                                                                        0x00be6b84
                                                                                                                                                                                                                                                        0x00be6b87
                                                                                                                                                                                                                                                        0x00be6b90
                                                                                                                                                                                                                                                        0x00be6b90
                                                                                                                                                                                                                                                        0x00be6b93
                                                                                                                                                                                                                                                        0x00be6b96
                                                                                                                                                                                                                                                        0x00be6b99
                                                                                                                                                                                                                                                        0x00be6b9b
                                                                                                                                                                                                                                                        0x00be6ba3
                                                                                                                                                                                                                                                        0x00be6ba9
                                                                                                                                                                                                                                                        0x00be6bb0
                                                                                                                                                                                                                                                        0x00be6bb6
                                                                                                                                                                                                                                                        0x00be6bbe
                                                                                                                                                                                                                                                        0x00be6bc5
                                                                                                                                                                                                                                                        0x00be6bca
                                                                                                                                                                                                                                                        0x00be6bcd
                                                                                                                                                                                                                                                        0x00be6bd2
                                                                                                                                                                                                                                                        0x00be6bd4
                                                                                                                                                                                                                                                        0x00be6bde
                                                                                                                                                                                                                                                        0x00be6be3
                                                                                                                                                                                                                                                        0x00be6be4
                                                                                                                                                                                                                                                        0x00be6be9
                                                                                                                                                                                                                                                        0x00be6be9
                                                                                                                                                                                                                                                        0x00be6bec
                                                                                                                                                                                                                                                        0x00be6bef
                                                                                                                                                                                                                                                        0x00be6bf2
                                                                                                                                                                                                                                                        0x00be6bf4
                                                                                                                                                                                                                                                        0x00be6bf8
                                                                                                                                                                                                                                                        0x00be6bfc
                                                                                                                                                                                                                                                        0x00be6c09
                                                                                                                                                                                                                                                        0x00be6c0e
                                                                                                                                                                                                                                                        0x00be6c13
                                                                                                                                                                                                                                                        0x00be6cc7
                                                                                                                                                                                                                                                        0x00be6cc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6cc7
                                                                                                                                                                                                                                                        0x00be6c19
                                                                                                                                                                                                                                                        0x00be6c1f
                                                                                                                                                                                                                                                        0x00be6c23
                                                                                                                                                                                                                                                        0x00be6c27
                                                                                                                                                                                                                                                        0x00be6c2f
                                                                                                                                                                                                                                                        0x00be6c32
                                                                                                                                                                                                                                                        0x00be6c35
                                                                                                                                                                                                                                                        0x00be6c38
                                                                                                                                                                                                                                                        0x00be6c41
                                                                                                                                                                                                                                                        0x00be6c44
                                                                                                                                                                                                                                                        0x00be6c4a
                                                                                                                                                                                                                                                        0x00be6c50
                                                                                                                                                                                                                                                        0x00be6c56
                                                                                                                                                                                                                                                        0x00be6c5c
                                                                                                                                                                                                                                                        0x00be6c6d
                                                                                                                                                                                                                                                        0x00be6c72
                                                                                                                                                                                                                                                        0x00be6c77
                                                                                                                                                                                                                                                        0x00be6c79
                                                                                                                                                                                                                                                        0x00be6c7b
                                                                                                                                                                                                                                                        0x00be6c7d
                                                                                                                                                                                                                                                        0x00be6c7e
                                                                                                                                                                                                                                                        0x00be6c8d
                                                                                                                                                                                                                                                        0x00be6c91
                                                                                                                                                                                                                                                        0x00be6cb7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6cbe
                                                                                                                                                                                                                                                        0x00be6cc0
                                                                                                                                                                                                                                                        0x00be6cc0
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000024,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size,?,00000004), ref: 00BE6B9B
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000400,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE6BE4
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?), ref: 00BE6C9A
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000004,?,00100002,00000000,00000000,?,?,?,?,?,?,00000000,?,00BE9870), ref: 00BE6CAF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@CurrentDuplicateHandleProcess
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1210554287-0
                                                                                                                                                                                                                                                        • Opcode ID: 7ed35c60ee281612df75865e159970f57a82cfa262e3591fc5a99c210a773a32
                                                                                                                                                                                                                                                        • Instruction ID: 31adca33ae094fbc8427cae42f6fb3ea864a56e48792547e2d894c821b9098aa
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7ed35c60ee281612df75865e159970f57a82cfa262e3591fc5a99c210a773a32
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1F513AB5E006099FCB14CFA5D881AAEBBF5FF58310F1481A9E919AB351D730E945CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 96%
                                                                                                                                                                                                                                                        			E00BCF690(void* _a4, intOrPtr _a8, void* _a12) {
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				void* _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				void* _t81;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				void _t98;
                                                                                                                                                                                                                                                        				intOrPtr* _t103;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				intOrPtr _t112;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				intOrPtr _t115;
                                                                                                                                                                                                                                                        				void* _t116;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t94 = _a4;
                                                                                                                                                                                                                                                        				_v40 = _t115;
                                                                                                                                                                                                                                                        				_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        				_v24 = 0xbf9638;
                                                                                                                                                                                                                                                        				_v28 = 0xbef860;
                                                                                                                                                                                                                                                        				_v32 =  *[fs:0x0];
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &_v32;
                                                                                                                                                                                                                                                        				if(_a4 == 0 || _a8 + 0xffffffc0 > 0x3c0) {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t110 = 0;
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_v56 = E00BCF8A0(_t94);
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_t79 = E00BCF640(_v56);
                                                                                                                                                                                                                                                        					if(_t79 <= _a8) {
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = _t79;
                                                                                                                                                                                                                                                        						_v52 = E00BCF630(_v56, _a4);
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_t81 = E00BCF660(_a8, _v48, _v52);
                                                                                                                                                                                                                                                        						_t116 = _t115 + 4;
                                                                                                                                                                                                                                                        						if(_t81 == 0) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t82 = _a12;
                                                                                                                                                                                                                                                        						_t98 = _v52;
                                                                                                                                                                                                                                                        						 *_t82 = _t98;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_push(_t98);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t114 = _t82;
                                                                                                                                                                                                                                                        						_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        						memcpy(_t82, _a4, _v52);
                                                                                                                                                                                                                                                        						_t118 = _t116 + 0x10;
                                                                                                                                                                                                                                                        						_v44 = _t114;
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						_v48 = _t114;
                                                                                                                                                                                                                                                        						E00BCF8B0();
                                                                                                                                                                                                                                                        						_v44 = _v48;
                                                                                                                                                                                                                                                        						_v60 = E00BCF640(_v56);
                                                                                                                                                                                                                                                        						_v44 = _v48;
                                                                                                                                                                                                                                                        						_t87 = E00BCF8A0(_v48);
                                                                                                                                                                                                                                                        						_t111 = _v48;
                                                                                                                                                                                                                                                        						if(_t87 != _v56) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							_v44 = _t111;
                                                                                                                                                                                                                                                        							_push(_t111);
                                                                                                                                                                                                                                                        							L00BEF6D2();
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v44 = _t111;
                                                                                                                                                                                                                                                        						_t88 = E00BCF630(_v56, _t111);
                                                                                                                                                                                                                                                        						_t111 = _v48;
                                                                                                                                                                                                                                                        						if(_t88 != _v52) {
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v44 = _t111;
                                                                                                                                                                                                                                                        						_t89 = E00BCF660(_a8, _v60, _v52);
                                                                                                                                                                                                                                                        						_t111 = _v48;
                                                                                                                                                                                                                                                        						_t118 = _t118 + 4;
                                                                                                                                                                                                                                                        						if(_t89 == 0) {
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v56 == 0) {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							 *[fs:0x0] = _v32;
                                                                                                                                                                                                                                                        							return _t110;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v52 = _t111 + _v52;
                                                                                                                                                                                                                                                        						_v60 = _v60 + _t111;
                                                                                                                                                                                                                                                        						_t103 = _t111 + 0x48;
                                                                                                                                                                                                                                                        						_t109 = 0;
                                                                                                                                                                                                                                                        						_v64 =  *((intOrPtr*)(_t111 + 0x3c));
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t112 = 0;
                                                                                                                                                                                                                                                        							_t92 = 0;
                                                                                                                                                                                                                                                        							if(_v64 > _t109) {
                                                                                                                                                                                                                                                        								_t114 =  *(_t103 - 8);
                                                                                                                                                                                                                                                        								_t112 =  *_t103;
                                                                                                                                                                                                                                                        								_t92 =  *((intOrPtr*)(_t103 - 4)) + _v48;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if(_t92 > _v52 || _t92 < _v60 || _t92 < _v48) {
                                                                                                                                                                                                                                                        								L23:
                                                                                                                                                                                                                                                        								_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        								_push(_v48);
                                                                                                                                                                                                                                                        								L00BEF6D2();
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t66 = _t114 - 1; // -1
                                                                                                                                                                                                                                                        								if(_t66 > 5 || _t92 == 0) {
                                                                                                                                                                                                                                                        									goto L23;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t113 = _t112 + _t92;
                                                                                                                                                                                                                                                        									if(_t113 < 0 || _t113 > _v52) {
                                                                                                                                                                                                                                                        										goto L23;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L20;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L20:
                                                                                                                                                                                                                                                        							_t109 = _t109 + 1;
                                                                                                                                                                                                                                                        							_t103 = _t103 + 0xc;
                                                                                                                                                                                                                                                        							_t110 = _v48;
                                                                                                                                                                                                                                                        						} while (_v56 != _t109);
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
































                                                                                                                                                                                                                                                        0x00bcf699
                                                                                                                                                                                                                                                        0x00bcf69c
                                                                                                                                                                                                                                                        0x00bcf69f
                                                                                                                                                                                                                                                        0x00bcf6a6
                                                                                                                                                                                                                                                        0x00bcf6ad
                                                                                                                                                                                                                                                        0x00bcf6c0
                                                                                                                                                                                                                                                        0x00bcf6c3
                                                                                                                                                                                                                                                        0x00bcf6c9
                                                                                                                                                                                                                                                        0x00bcf702
                                                                                                                                                                                                                                                        0x00bcf702
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf6d8
                                                                                                                                                                                                                                                        0x00bcf6d8
                                                                                                                                                                                                                                                        0x00bcf6df
                                                                                                                                                                                                                                                        0x00bcf6eb
                                                                                                                                                                                                                                                        0x00bcf6f1
                                                                                                                                                                                                                                                        0x00bcf6f8
                                                                                                                                                                                                                                                        0x00bcf700
                                                                                                                                                                                                                                                        0x00bcf71d
                                                                                                                                                                                                                                                        0x00bcf724
                                                                                                                                                                                                                                                        0x00bcf72f
                                                                                                                                                                                                                                                        0x00bcf735
                                                                                                                                                                                                                                                        0x00bcf73f
                                                                                                                                                                                                                                                        0x00bcf744
                                                                                                                                                                                                                                                        0x00bcf749
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf74b
                                                                                                                                                                                                                                                        0x00bcf74e
                                                                                                                                                                                                                                                        0x00bcf751
                                                                                                                                                                                                                                                        0x00bcf753
                                                                                                                                                                                                                                                        0x00bcf75a
                                                                                                                                                                                                                                                        0x00bcf75b
                                                                                                                                                                                                                                                        0x00bcf763
                                                                                                                                                                                                                                                        0x00bcf765
                                                                                                                                                                                                                                                        0x00bcf773
                                                                                                                                                                                                                                                        0x00bcf778
                                                                                                                                                                                                                                                        0x00bcf77b
                                                                                                                                                                                                                                                        0x00bcf77e
                                                                                                                                                                                                                                                        0x00bcf785
                                                                                                                                                                                                                                                        0x00bcf788
                                                                                                                                                                                                                                                        0x00bcf793
                                                                                                                                                                                                                                                        0x00bcf79e
                                                                                                                                                                                                                                                        0x00bcf7a1
                                                                                                                                                                                                                                                        0x00bcf7a4
                                                                                                                                                                                                                                                        0x00bcf7a9
                                                                                                                                                                                                                                                        0x00bcf7af
                                                                                                                                                                                                                                                        0x00bcf853
                                                                                                                                                                                                                                                        0x00bcf853
                                                                                                                                                                                                                                                        0x00bcf856
                                                                                                                                                                                                                                                        0x00bcf857
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf85c
                                                                                                                                                                                                                                                        0x00bcf7ba
                                                                                                                                                                                                                                                        0x00bcf7bd
                                                                                                                                                                                                                                                        0x00bcf7c2
                                                                                                                                                                                                                                                        0x00bcf7c8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf7d4
                                                                                                                                                                                                                                                        0x00bcf7da
                                                                                                                                                                                                                                                        0x00bcf7df
                                                                                                                                                                                                                                                        0x00bcf7e2
                                                                                                                                                                                                                                                        0x00bcf7e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf7ed
                                                                                                                                                                                                                                                        0x00bcf704
                                                                                                                                                                                                                                                        0x00bcf707
                                                                                                                                                                                                                                                        0x00bcf716
                                                                                                                                                                                                                                                        0x00bcf716
                                                                                                                                                                                                                                                        0x00bcf7f6
                                                                                                                                                                                                                                                        0x00bcf7f9
                                                                                                                                                                                                                                                        0x00bcf7fc
                                                                                                                                                                                                                                                        0x00bcf7ff
                                                                                                                                                                                                                                                        0x00bcf801
                                                                                                                                                                                                                                                        0x00bcf804
                                                                                                                                                                                                                                                        0x00bcf807
                                                                                                                                                                                                                                                        0x00bcf80c
                                                                                                                                                                                                                                                        0x00bcf811
                                                                                                                                                                                                                                                        0x00bcf816
                                                                                                                                                                                                                                                        0x00bcf819
                                                                                                                                                                                                                                                        0x00bcf81b
                                                                                                                                                                                                                                                        0x00bcf81b
                                                                                                                                                                                                                                                        0x00bcf821
                                                                                                                                                                                                                                                        0x00bcf864
                                                                                                                                                                                                                                                        0x00bcf864
                                                                                                                                                                                                                                                        0x00bcf86b
                                                                                                                                                                                                                                                        0x00bcf86e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf82d
                                                                                                                                                                                                                                                        0x00bcf82d
                                                                                                                                                                                                                                                        0x00bcf833
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf839
                                                                                                                                                                                                                                                        0x00bcf839
                                                                                                                                                                                                                                                        0x00bcf83b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf83b
                                                                                                                                                                                                                                                        0x00bcf833
                                                                                                                                                                                                                                                        0x00bcf842
                                                                                                                                                                                                                                                        0x00bcf842
                                                                                                                                                                                                                                                        0x00bcf843
                                                                                                                                                                                                                                                        0x00bcf846
                                                                                                                                                                                                                                                        0x00bcf849
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf84e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf700

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$??2@memcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2235277842-0
                                                                                                                                                                                                                                                        • Opcode ID: e3931b0ea49dd2eff16485802793394a811903500640c8c2a25ab0b9fd497bde
                                                                                                                                                                                                                                                        • Instruction ID: b2dbf982020c6cdc7aa42eb2274c1d6884ffda16aca625f38fdbe72048a8ce83
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e3931b0ea49dd2eff16485802793394a811903500640c8c2a25ab0b9fd497bde
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D051E5B1D0024AEBDB10DF99D881BEDBBF2FF48320F2481AAE81467250D735A945CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 54%
                                                                                                                                                                                                                                                        			E00BEC920(intOrPtr* __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				intOrPtr* _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				intOrPtr* _v48;
                                                                                                                                                                                                                                                        				intOrPtr* _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				intOrPtr* _v60;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				intOrPtr* _t76;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				signed int _t78;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void* _t85;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				signed int _t91;
                                                                                                                                                                                                                                                        				intOrPtr* _t93;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				intOrPtr _t107;
                                                                                                                                                                                                                                                        				intOrPtr* _t111;
                                                                                                                                                                                                                                                        				intOrPtr* _t112;
                                                                                                                                                                                                                                                        				intOrPtr* _t114;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				signed int _t117;
                                                                                                                                                                                                                                                        				void* _t119;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t119 = (_t117 & 0xfffffff8) - 0x30;
                                                                                                                                                                                                                                                        				_t74 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t111 = __ecx;
                                                                                                                                                                                                                                                        				_t110 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t74 ^ _t116;
                                                                                                                                                                                                                                                        				_t76 = E00BECB20( &_v32, __ecx);
                                                                                                                                                                                                                                                        				_t114 =  *0xbfb76c;
                                                                                                                                                                                                                                                        				if(_t114 == 0) {
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0xc);
                                                                                                                                                                                                                                                        					_t119 = _t119 + 4;
                                                                                                                                                                                                                                                        					_t114 = _t76;
                                                                                                                                                                                                                                                        					 *(_t76 + 4) = 0;
                                                                                                                                                                                                                                                        					 *(_t76 + 8) = 0;
                                                                                                                                                                                                                                                        					 *_t76 = 0xc;
                                                                                                                                                                                                                                                        					 *0xbfb76c = _t76;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *((char*)(_t111 + 8)) != 0) {
                                                                                                                                                                                                                                                        					_t77 =  *(_t114 + 4);
                                                                                                                                                                                                                                                        					_t112 =  *_t114;
                                                                                                                                                                                                                                                        					_v56 = _t77;
                                                                                                                                                                                                                                                        					_t78 = _t77 * 4;
                                                                                                                                                                                                                                                        					_v52 = _t112;
                                                                                                                                                                                                                                                        					__eflags = _t78 + _t78 * 2;
                                                                                                                                                                                                                                                        					if(_t78 + _t78 * 2 <= 0) {
                                                                                                                                                                                                                                                        						goto L19;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t106 = _v56;
                                                                                                                                                                                                                                                        					_t112 = _v52;
                                                                                                                                                                                                                                                        					_v60 = _v32;
                                                                                                                                                                                                                                                        					_v48 = _v28;
                                                                                                                                                                                                                                                        					_t90 = _t106;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t110 = _v60;
                                                                                                                                                                                                                                                        						_t91 = _t90 >> 1;
                                                                                                                                                                                                                                                        						_t98 = _t91 + _t91 * 2;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(_t112 + _t98 * 4)) - _v60;
                                                                                                                                                                                                                                                        						if(__eflags < 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_t112 = _t112 + _t98 * 4 + 0xc;
                                                                                                                                                                                                                                                        							_t90 = _t106 +  !_t91;
                                                                                                                                                                                                                                                        							__eflags = _t90;
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t110 = _v48;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(_t112 + 4 + _t98 * 4)) - _v48;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t112 + 4 + _t98 * 4)) < _v48) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						__eflags = _t90;
                                                                                                                                                                                                                                                        						_t106 = _t90;
                                                                                                                                                                                                                                                        					} while (_t90 > 0);
                                                                                                                                                                                                                                                        					goto L19;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if( *(_t114 + 4) != 0) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t112 =  *_t114;
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						E00BEECB0(_v24 ^ _t116, _t110);
                                                                                                                                                                                                                                                        						return  *((intOrPtr*)(_t112 + 8));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t93 = _v32;
                                                                                                                                                                                                                                                        					_t99 = _v28;
                                                                                                                                                                                                                                                        					_v60 = _t93;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0x14);
                                                                                                                                                                                                                                                        					_t119 = _t119 + 4;
                                                                                                                                                                                                                                                        					 *(_t93 + 8) = 0;
                                                                                                                                                                                                                                                        					 *(_t93 + 4) = 0;
                                                                                                                                                                                                                                                        					 *(_t93 + 0x10) = 0;
                                                                                                                                                                                                                                                        					 *(_t93 + 0xc) = 0;
                                                                                                                                                                                                                                                        					_t112 = _t93;
                                                                                                                                                                                                                                                        					_t94 =  *(_t114 + 4);
                                                                                                                                                                                                                                                        					if(_t94 ==  *((intOrPtr*)(_t114 + 8))) {
                                                                                                                                                                                                                                                        						E00BECCD0(_t94, _t114);
                                                                                                                                                                                                                                                        						_t94 =  *(_t114 + 4);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t107 =  *_t114;
                                                                                                                                                                                                                                                        					_t110 = _v60;
                                                                                                                                                                                                                                                        					_t95 = _t94 + _t94 * 2;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t107 + 4 + _t95 * 4)) = _t99;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t107 + _t95 * 4)) = _v60;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t107 + 8 + _t95 * 4)) = _t112;
                                                                                                                                                                                                                                                        					 *(_t114 + 4) =  *(_t114 + 4) + 1;
                                                                                                                                                                                                                                                        					_t114 =  *0xbfb76c;
                                                                                                                                                                                                                                                        					if(_t114 == 0 ||  *(_t114 + 4) == 0) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						E00BB77D5(0x83, _t110, __eflags);
                                                                                                                                                                                                                                                        						L19:
                                                                                                                                                                                                                                                        						_t82 = _v52 + (_v56 + _v56 * 2) * 4;
                                                                                                                                                                                                                                                        						__eflags = _t112 - _t82;
                                                                                                                                                                                                                                                        						if(_t112 == _t82) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [esp+0x20]");
                                                                                                                                                                                                                                                        							asm("movsd [esp+0x14], xmm0");
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(0x14);
                                                                                                                                                                                                                                                        							 *(_t82 + 8) = 0;
                                                                                                                                                                                                                                                        							 *(_t82 + 4) = 0;
                                                                                                                                                                                                                                                        							 *(_t82 + 0x10) = 0;
                                                                                                                                                                                                                                                        							 *(_t82 + 0xc) = 0;
                                                                                                                                                                                                                                                        							_v36 = _t82;
                                                                                                                                                                                                                                                        							_t110 = _t112;
                                                                                                                                                                                                                                                        							_t112 = E00BECB70(_t114, _t112,  &_v44);
                                                                                                                                                                                                                                                        							_t85 = _v36;
                                                                                                                                                                                                                                                        							_v36 = 0;
                                                                                                                                                                                                                                                        							__eflags = _t85;
                                                                                                                                                                                                                                                        							if(_t85 != 0) {
                                                                                                                                                                                                                                                        								free(_t85);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t82 =  *_t112;
                                                                                                                                                                                                                                                        						__eflags = _t82 - _v32;
                                                                                                                                                                                                                                                        						if(_t82 > _v32) {
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t82 =  *((intOrPtr*)(_t112 + 4));
                                                                                                                                                                                                                                                        						__eflags = _t82 - _v28;
                                                                                                                                                                                                                                                        						if(_t82 >= _v28) {
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L22;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


































                                                                                                                                                                                                                                                        0x00bec929
                                                                                                                                                                                                                                                        0x00bec92c
                                                                                                                                                                                                                                                        0x00bec931
                                                                                                                                                                                                                                                        0x00bec937
                                                                                                                                                                                                                                                        0x00bec93b
                                                                                                                                                                                                                                                        0x00bec93f
                                                                                                                                                                                                                                                        0x00bec944
                                                                                                                                                                                                                                                        0x00bec94c
                                                                                                                                                                                                                                                        0x00bec950
                                                                                                                                                                                                                                                        0x00bec956
                                                                                                                                                                                                                                                        0x00bec959
                                                                                                                                                                                                                                                        0x00bec95b
                                                                                                                                                                                                                                                        0x00bec962
                                                                                                                                                                                                                                                        0x00bec969
                                                                                                                                                                                                                                                        0x00bec96f
                                                                                                                                                                                                                                                        0x00bec96f
                                                                                                                                                                                                                                                        0x00bec978
                                                                                                                                                                                                                                                        0x00beca10
                                                                                                                                                                                                                                                        0x00beca13
                                                                                                                                                                                                                                                        0x00beca15
                                                                                                                                                                                                                                                        0x00beca19
                                                                                                                                                                                                                                                        0x00beca20
                                                                                                                                                                                                                                                        0x00beca27
                                                                                                                                                                                                                                                        0x00beca29
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca2f
                                                                                                                                                                                                                                                        0x00beca33
                                                                                                                                                                                                                                                        0x00beca37
                                                                                                                                                                                                                                                        0x00beca3f
                                                                                                                                                                                                                                                        0x00beca43
                                                                                                                                                                                                                                                        0x00beca57
                                                                                                                                                                                                                                                        0x00beca57
                                                                                                                                                                                                                                                        0x00beca5b
                                                                                                                                                                                                                                                        0x00beca5d
                                                                                                                                                                                                                                                        0x00beca60
                                                                                                                                                                                                                                                        0x00beca63
                                                                                                                                                                                                                                                        0x00beca47
                                                                                                                                                                                                                                                        0x00beca4c
                                                                                                                                                                                                                                                        0x00beca4f
                                                                                                                                                                                                                                                        0x00beca4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca4f
                                                                                                                                                                                                                                                        0x00beca65
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca67
                                                                                                                                                                                                                                                        0x00beca6b
                                                                                                                                                                                                                                                        0x00beca6f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca51
                                                                                                                                                                                                                                                        0x00beca51
                                                                                                                                                                                                                                                        0x00beca53
                                                                                                                                                                                                                                                        0x00beca53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec97e
                                                                                                                                                                                                                                                        0x00bec982
                                                                                                                                                                                                                                                        0x00bec9f6
                                                                                                                                                                                                                                                        0x00bec9f6
                                                                                                                                                                                                                                                        0x00bec9f8
                                                                                                                                                                                                                                                        0x00beca01
                                                                                                                                                                                                                                                        0x00beca0f
                                                                                                                                                                                                                                                        0x00beca0f
                                                                                                                                                                                                                                                        0x00bec984
                                                                                                                                                                                                                                                        0x00bec988
                                                                                                                                                                                                                                                        0x00bec98c
                                                                                                                                                                                                                                                        0x00bec992
                                                                                                                                                                                                                                                        0x00bec998
                                                                                                                                                                                                                                                        0x00bec99b
                                                                                                                                                                                                                                                        0x00bec9a2
                                                                                                                                                                                                                                                        0x00bec9a9
                                                                                                                                                                                                                                                        0x00bec9b0
                                                                                                                                                                                                                                                        0x00bec9b7
                                                                                                                                                                                                                                                        0x00bec9b9
                                                                                                                                                                                                                                                        0x00bec9bf
                                                                                                                                                                                                                                                        0x00bec9c3
                                                                                                                                                                                                                                                        0x00bec9c8
                                                                                                                                                                                                                                                        0x00bec9c8
                                                                                                                                                                                                                                                        0x00bec9cb
                                                                                                                                                                                                                                                        0x00bec9cd
                                                                                                                                                                                                                                                        0x00bec9d1
                                                                                                                                                                                                                                                        0x00bec9d4
                                                                                                                                                                                                                                                        0x00bec9d8
                                                                                                                                                                                                                                                        0x00bec9db
                                                                                                                                                                                                                                                        0x00bec9df
                                                                                                                                                                                                                                                        0x00bec9e2
                                                                                                                                                                                                                                                        0x00bec9ea
                                                                                                                                                                                                                                                        0x00beca73
                                                                                                                                                                                                                                                        0x00beca79
                                                                                                                                                                                                                                                        0x00beca7e
                                                                                                                                                                                                                                                        0x00beca89
                                                                                                                                                                                                                                                        0x00beca8c
                                                                                                                                                                                                                                                        0x00beca8e
                                                                                                                                                                                                                                                        0x00becaa5
                                                                                                                                                                                                                                                        0x00becaa5
                                                                                                                                                                                                                                                        0x00becaab
                                                                                                                                                                                                                                                        0x00becab3
                                                                                                                                                                                                                                                        0x00becabc
                                                                                                                                                                                                                                                        0x00becac3
                                                                                                                                                                                                                                                        0x00becaca
                                                                                                                                                                                                                                                        0x00becad1
                                                                                                                                                                                                                                                        0x00becad8
                                                                                                                                                                                                                                                        0x00becae2
                                                                                                                                                                                                                                                        0x00becaed
                                                                                                                                                                                                                                                        0x00becaef
                                                                                                                                                                                                                                                        0x00becaf3
                                                                                                                                                                                                                                                        0x00becafb
                                                                                                                                                                                                                                                        0x00becafd
                                                                                                                                                                                                                                                        0x00becb04
                                                                                                                                                                                                                                                        0x00becb0a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becafd
                                                                                                                                                                                                                                                        0x00beca90
                                                                                                                                                                                                                                                        0x00beca92
                                                                                                                                                                                                                                                        0x00beca96
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca98
                                                                                                                                                                                                                                                        0x00beca9b
                                                                                                                                                                                                                                                        0x00beca9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec9ea

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(0000000C), ref: 00BEC950
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000014), ref: 00BEC992
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000014), ref: 00BECAB3
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BECB04
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$free
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3441548216-0
                                                                                                                                                                                                                                                        • Opcode ID: b81194caae34b3ebe8b1936c4bef903eef2c9d867a3a496e5fb77119d2905233
                                                                                                                                                                                                                                                        • Instruction ID: e18ba196bcfd73b4d6957cf28c8761ab0a74bd202fa89671672047bfdfc24a12
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b81194caae34b3ebe8b1936c4bef903eef2c9d867a3a496e5fb77119d2905233
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC5188B46043458FD310CF19C584B2ABBE1FB88714F158AADE8999B361DB35ED16CF82
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BC1E50(void* __ebx, void* __ecx, void* __edi, void* __esi, intOrPtr _a4, intOrPtr _a12, signed short _a16) {
                                                                                                                                                                                                                                                        				unsigned int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				void** _t53;
                                                                                                                                                                                                                                                        				signed int* _t54;
                                                                                                                                                                                                                                                        				signed int* _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t58;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t68;
                                                                                                                                                                                                                                                        				void* _t69;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t71;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        				signed int _t88;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t74 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t95 = _a4;
                                                                                                                                                                                                                                                        				_t58 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t74 < _t95) {
                                                                                                                                                                                                                                                        					_t45 = E00BBA890();
                                                                                                                                                                                                                                                        					goto L17;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t96 = _t95 + _t74;
                                                                                                                                                                                                                                                        					_v28 = _t74;
                                                                                                                                                                                                                                                        					_v24 = __ecx;
                                                                                                                                                                                                                                                        					_v20 =  *((intOrPtr*)(__ecx + 0x14));
                                                                                                                                                                                                                                                        					_t49 = _t96 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t49 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t64 = _v20 + (_v20 >> 1);
                                                                                                                                                                                                                                                        						_t65 =  >=  ? _t49 : _t64;
                                                                                                                                                                                                                                                        						_t58 =  >  ? 0x7ffffffe :  >=  ? _t49 : _t64;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t88 = _a16 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t10 = _t58 + 1; // 0x1
                                                                                                                                                                                                                                                        					_t51 = E00BBA8A0(_t10);
                                                                                                                                                                                                                                                        					_t67 = _v24;
                                                                                                                                                                                                                                                        					 *(_t67 + 0x10) = _t96;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t67 + 0x14)) = _t58;
                                                                                                                                                                                                                                                        					if(_v20 < 8) {
                                                                                                                                                                                                                                                        						_t97 = _v28;
                                                                                                                                                                                                                                                        						_v20 = _t51;
                                                                                                                                                                                                                                                        						memcpy(_t51, _t67, _t97 + _t97);
                                                                                                                                                                                                                                                        						_t77 = _t97;
                                                                                                                                                                                                                                                        						_t59 = _a12;
                                                                                                                                                                                                                                                        						_t98 = _v20;
                                                                                                                                                                                                                                                        						if(_t59 != 0) {
                                                                                                                                                                                                                                                        							_t54 = _t98 + _t77 * 2;
                                                                                                                                                                                                                                                        							_t68 = _t59;
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								 *_t54 = _t88;
                                                                                                                                                                                                                                                        								_t54 =  &(_t54[0]);
                                                                                                                                                                                                                                                        								_t68 = _t68 - 1;
                                                                                                                                                                                                                                                        							} while (_t68 != 0);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *((short*)(_t98 + (_t77 + _t59) * 2)) = 0;
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t100 = _v28;
                                                                                                                                                                                                                                                        						_t69 =  *_t67;
                                                                                                                                                                                                                                                        						_v32 = _t69;
                                                                                                                                                                                                                                                        						memcpy(_t51, _t69, _t100 + _t100);
                                                                                                                                                                                                                                                        						_t80 = _t100;
                                                                                                                                                                                                                                                        						_t98 = _t51;
                                                                                                                                                                                                                                                        						if(_a12 != 0) {
                                                                                                                                                                                                                                                        							_t71 = _a12;
                                                                                                                                                                                                                                                        							_t56 = _t98 + _t80 * 2;
                                                                                                                                                                                                                                                        							asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								 *_t56 = _t88;
                                                                                                                                                                                                                                                        								_t56 =  &(_t56[0]);
                                                                                                                                                                                                                                                        								_t71 = _t71 - 1;
                                                                                                                                                                                                                                                        							} while (_t71 != 0);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t90 = _v20;
                                                                                                                                                                                                                                                        						 *((short*)(_t98 + (_t80 + _a12) * 2)) = 0;
                                                                                                                                                                                                                                                        						_t82 = _v32;
                                                                                                                                                                                                                                                        						_t28 = _t90 + 2; // 0x2
                                                                                                                                                                                                                                                        						_t70 = _t90 + _t28;
                                                                                                                                                                                                                                                        						if(_t70 < 0x1000) {
                                                                                                                                                                                                                                                        							L10:
                                                                                                                                                                                                                                                        							_push(_t70);
                                                                                                                                                                                                                                                        							_push(_t82);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							L15:
                                                                                                                                                                                                                                                        							_t53 = _v24;
                                                                                                                                                                                                                                                        							 *_t53 = _t98;
                                                                                                                                                                                                                                                        							return _t53;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t45 =  *(_t82 - 4);
                                                                                                                                                                                                                                                        							if(_t82 + 0xfffffffc - _t45 >= 0x20) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								return _t45 & 0xffffff00 | _v24 > 0x00000000;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t82 = _t45;
                                                                                                                                                                                                                                                        								_t70 = _t90 + _t90 + 0x25;
                                                                                                                                                                                                                                                        								goto L10;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
































                                                                                                                                                                                                                                                        0x00bc1e59
                                                                                                                                                                                                                                                        0x00bc1e5c
                                                                                                                                                                                                                                                        0x00bc1e64
                                                                                                                                                                                                                                                        0x00bc1e6d
                                                                                                                                                                                                                                                        0x00bc1f90
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1e73
                                                                                                                                                                                                                                                        0x00bc1e76
                                                                                                                                                                                                                                                        0x00bc1e78
                                                                                                                                                                                                                                                        0x00bc1e7b
                                                                                                                                                                                                                                                        0x00bc1e7e
                                                                                                                                                                                                                                                        0x00bc1e83
                                                                                                                                                                                                                                                        0x00bc1e8b
                                                                                                                                                                                                                                                        0x00bc1ea0
                                                                                                                                                                                                                                                        0x00bc1ea4
                                                                                                                                                                                                                                                        0x00bc1eac
                                                                                                                                                                                                                                                        0x00bc1eac
                                                                                                                                                                                                                                                        0x00bc1eaf
                                                                                                                                                                                                                                                        0x00bc1eb3
                                                                                                                                                                                                                                                        0x00bc1eb7
                                                                                                                                                                                                                                                        0x00bc1ebf
                                                                                                                                                                                                                                                        0x00bc1ec5
                                                                                                                                                                                                                                                        0x00bc1ec8
                                                                                                                                                                                                                                                        0x00bc1ecb
                                                                                                                                                                                                                                                        0x00bc1f46
                                                                                                                                                                                                                                                        0x00bc1f4f
                                                                                                                                                                                                                                                        0x00bc1f52
                                                                                                                                                                                                                                                        0x00bc1f57
                                                                                                                                                                                                                                                        0x00bc1f5c
                                                                                                                                                                                                                                                        0x00bc1f5f
                                                                                                                                                                                                                                                        0x00bc1f64
                                                                                                                                                                                                                                                        0x00bc1f66
                                                                                                                                                                                                                                                        0x00bc1f69
                                                                                                                                                                                                                                                        0x00bc1f70
                                                                                                                                                                                                                                                        0x00bc1f70
                                                                                                                                                                                                                                                        0x00bc1f73
                                                                                                                                                                                                                                                        0x00bc1f76
                                                                                                                                                                                                                                                        0x00bc1f76
                                                                                                                                                                                                                                                        0x00bc1f70
                                                                                                                                                                                                                                                        0x00bc1f7b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1ecd
                                                                                                                                                                                                                                                        0x00bc1ecd
                                                                                                                                                                                                                                                        0x00bc1ed0
                                                                                                                                                                                                                                                        0x00bc1ed6
                                                                                                                                                                                                                                                        0x00bc1edd
                                                                                                                                                                                                                                                        0x00bc1ee2
                                                                                                                                                                                                                                                        0x00bc1eeb
                                                                                                                                                                                                                                                        0x00bc1eed
                                                                                                                                                                                                                                                        0x00bc1eef
                                                                                                                                                                                                                                                        0x00bc1ef2
                                                                                                                                                                                                                                                        0x00bc1ef5
                                                                                                                                                                                                                                                        0x00bc1f00
                                                                                                                                                                                                                                                        0x00bc1f00
                                                                                                                                                                                                                                                        0x00bc1f03
                                                                                                                                                                                                                                                        0x00bc1f06
                                                                                                                                                                                                                                                        0x00bc1f06
                                                                                                                                                                                                                                                        0x00bc1f00
                                                                                                                                                                                                                                                        0x00bc1f0c
                                                                                                                                                                                                                                                        0x00bc1f0f
                                                                                                                                                                                                                                                        0x00bc1f15
                                                                                                                                                                                                                                                        0x00bc1f18
                                                                                                                                                                                                                                                        0x00bc1f18
                                                                                                                                                                                                                                                        0x00bc1f22
                                                                                                                                                                                                                                                        0x00bc1f3a
                                                                                                                                                                                                                                                        0x00bc1f3a
                                                                                                                                                                                                                                                        0x00bc1f3b
                                                                                                                                                                                                                                                        0x00bc1f3c
                                                                                                                                                                                                                                                        0x00bc1f81
                                                                                                                                                                                                                                                        0x00bc1f81
                                                                                                                                                                                                                                                        0x00bc1f84
                                                                                                                                                                                                                                                        0x00bc1f8d
                                                                                                                                                                                                                                                        0x00bc1f24
                                                                                                                                                                                                                                                        0x00bc1f24
                                                                                                                                                                                                                                                        0x00bc1f2f
                                                                                                                                                                                                                                                        0x00bc1f95
                                                                                                                                                                                                                                                        0x00bc1f95
                                                                                                                                                                                                                                                        0x00bc1f9b
                                                                                                                                                                                                                                                        0x00bc1f9c
                                                                                                                                                                                                                                                        0x00bc1f9d
                                                                                                                                                                                                                                                        0x00bc1f9e
                                                                                                                                                                                                                                                        0x00bc1f9f
                                                                                                                                                                                                                                                        0x00bc1fa8
                                                                                                                                                                                                                                                        0x00bc1f31
                                                                                                                                                                                                                                                        0x00bc1f33
                                                                                                                                                                                                                                                        0x00bc1f38
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc1f38
                                                                                                                                                                                                                                                        0x00bc1f2f
                                                                                                                                                                                                                                                        0x00bc1f22
                                                                                                                                                                                                                                                        0x00bc1ecb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000000,7FFFFFFF,00000000,?,?,00BC1C27,?,?,?,00BC1876,?,00000000), ref: 00BC1EDD
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,00000002,?,?,7FFFFFFF), ref: 00BC1F3C
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,7FFFFFFF,00000000,7FFFFFFF,00000000,?,?,00BC1C27,?,?,?,00BC1876,?,00000000), ref: 00BC1F52
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,?,?,00BC1C27,?,?,?,00BC1876,?,00000000), ref: 00BC1F95
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: e935b3f537c3e1ae30d894cccd1e201d16d1bd8a7126ccbc04813578e3ce3eb3
                                                                                                                                                                                                                                                        • Instruction ID: 4d5d2bd2b74294019958afee44cacf711d0b2e6fd498b88d38a5c1b76d39a112
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e935b3f537c3e1ae30d894cccd1e201d16d1bd8a7126ccbc04813578e3ce3eb3
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9C41B271A002068FCB14CF68C8809BFB7F6FF85315B644A6CE415AB395EB70AD0187A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BECF00(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi, long _a4, void** _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				void** _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				long _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				void** _t34;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t36;
                                                                                                                                                                                                                                                        				int _t37;
                                                                                                                                                                                                                                                        				intOrPtr _t43;
                                                                                                                                                                                                                                                        				void* _t44;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				long _t57;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				intOrPtr _t63;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				signed int _t76;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				void** _t86;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t70 = __edx;
                                                                                                                                                                                                                                                        				_t86 = (_t84 & 0xfffffff0) - 0x40;
                                                                                                                                                                                                                                                        				_t76 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t34 = _a8;
                                                                                                                                                                                                                                                        				_t57 = _a4;
                                                                                                                                                                                                                                                        				_v24 = _t76 ^ _t81;
                                                                                                                                                                                                                                                        				if(_t34[2] != 0) {
                                                                                                                                                                                                                                                        					_t78 = __edx;
                                                                                                                                                                                                                                                        					_t71 =  *_t34;
                                                                                                                                                                                                                                                        					__eflags = _t71;
                                                                                                                                                                                                                                                        					_v72 = _t71;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						E00BB77D5(0x2ce, _t71, __eflags);
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						_push(_t81);
                                                                                                                                                                                                                                                        						_t36 = LoadLibraryW(L"kernelbase.dll");
                                                                                                                                                                                                                                                        						__eflags = _t36;
                                                                                                                                                                                                                                                        						 *0xbfb790 = _t36;
                                                                                                                                                                                                                                                        						 *0xbfb794 = 0;
                                                                                                                                                                                                                                                        						if(_t36 == 0) {
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							return _t36;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t36 = GetProcAddress(_t36, "VirtualAlloc2");
                                                                                                                                                                                                                                                        							__eflags = _t36;
                                                                                                                                                                                                                                                        							 *0xbfb794 = _t36;
                                                                                                                                                                                                                                                        							if(_t36 == 0) {
                                                                                                                                                                                                                                                        								_t37 = FreeLibrary( *0xbfb790);
                                                                                                                                                                                                                                                        								 *0xbfb790 = 0;
                                                                                                                                                                                                                                                        								return _t37;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t70 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        						_v76 = _t34[1];
                                                                                                                                                                                                                                                        						_t39 =  *0xbfb798;
                                                                                                                                                                                                                                                        						_t62 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        						_t63 =  *((intOrPtr*)( *[fs:0x2c] + _t62 * 4));
                                                                                                                                                                                                                                                        						__eflags =  *0xbfb798 -  *((intOrPtr*)(_t63 + 4));
                                                                                                                                                                                                                                                        						if( *0xbfb798 >  *((intOrPtr*)(_t63 + 4))) {
                                                                                                                                                                                                                                                        							E00BEE547(_t39, 0xbfb798);
                                                                                                                                                                                                                                                        							_t86 =  &(_t86[1]);
                                                                                                                                                                                                                                                        							__eflags =  *0xbfb798 - 0xffffffff;
                                                                                                                                                                                                                                                        							if( *0xbfb798 == 0xffffffff) {
                                                                                                                                                                                                                                                        								L17();
                                                                                                                                                                                                                                                        								E00BEE599(0xbfb798);
                                                                                                                                                                                                                                                        								_t86 =  &(_t86[1]);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t64 =  *0xbfb794;
                                                                                                                                                                                                                                                        						__eflags = _t64;
                                                                                                                                                                                                                                                        						if(_t64 == 0) {
                                                                                                                                                                                                                                                        							_v68 = 0xffffffff;
                                                                                                                                                                                                                                                        							_t28 =  &_v72;
                                                                                                                                                                                                                                                        							 *_t28 = _v72 + _v76;
                                                                                                                                                                                                                                                        							__eflags =  *_t28;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t43 = _v68 + 1;
                                                                                                                                                                                                                                                        								__eflags = _t43 - 7;
                                                                                                                                                                                                                                                        								_v68 = _t43;
                                                                                                                                                                                                                                                        								if(__eflags > 0) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t47 = E00BB97B0(__eflags, _t78, _t57, _v76, _v72);
                                                                                                                                                                                                                                                        								__eflags = _t47;
                                                                                                                                                                                                                                                        								if(_t47 == 0) {
                                                                                                                                                                                                                                                        									 *_t86 = 0;
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t49 = VirtualAlloc(_t47, _t57, 0x2000, 1);
                                                                                                                                                                                                                                                        									__eflags = _t49;
                                                                                                                                                                                                                                                        									 *_t86 = _t49;
                                                                                                                                                                                                                                                        									if(_t49 == 0) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L2;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t70 = _v76;
                                                                                                                                                                                                                                                        							asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        							asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        							_v60 = 0;
                                                                                                                                                                                                                                                        							_v64 = 1;
                                                                                                                                                                                                                                                        							_v36 = _t70;
                                                                                                                                                                                                                                                        							_v32 = _t70 + _v72 - 1;
                                                                                                                                                                                                                                                        							_v28 = 0;
                                                                                                                                                                                                                                                        							_v56 =  &_v36;
                                                                                                                                                                                                                                                        							 *_t86 =  *_t64(_t78, 0, _t57, 0x2000, 1,  &_v64, 1);
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							E00BEECB0(_v24 ^ _t81, _t70);
                                                                                                                                                                                                                                                        							_t46 =  *_t86;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t44 = VirtualAlloc(0, _t57, 0x2000, 1);
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t81, _t70);
                                                                                                                                                                                                                                                        					_t46 = _t44;
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t46;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
































                                                                                                                                                                                                                                                        0x00becf00
                                                                                                                                                                                                                                                        0x00becf09
                                                                                                                                                                                                                                                        0x00becf0c
                                                                                                                                                                                                                                                        0x00becf12
                                                                                                                                                                                                                                                        0x00becf15
                                                                                                                                                                                                                                                        0x00becf1c
                                                                                                                                                                                                                                                        0x00becf24
                                                                                                                                                                                                                                                        0x00becf4d
                                                                                                                                                                                                                                                        0x00becf4f
                                                                                                                                                                                                                                                        0x00becf51
                                                                                                                                                                                                                                                        0x00becf55
                                                                                                                                                                                                                                                        0x00becf59
                                                                                                                                                                                                                                                        0x00bed080
                                                                                                                                                                                                                                                        0x00bed086
                                                                                                                                                                                                                                                        0x00bed08b
                                                                                                                                                                                                                                                        0x00bed08c
                                                                                                                                                                                                                                                        0x00bed08d
                                                                                                                                                                                                                                                        0x00bed08e
                                                                                                                                                                                                                                                        0x00bed08f
                                                                                                                                                                                                                                                        0x00bed090
                                                                                                                                                                                                                                                        0x00bed098
                                                                                                                                                                                                                                                        0x00bed09e
                                                                                                                                                                                                                                                        0x00bed0a0
                                                                                                                                                                                                                                                        0x00bed0a5
                                                                                                                                                                                                                                                        0x00bed0af
                                                                                                                                                                                                                                                        0x00bed0c7
                                                                                                                                                                                                                                                        0x00bed0c7
                                                                                                                                                                                                                                                        0x00bed0b1
                                                                                                                                                                                                                                                        0x00bed0b7
                                                                                                                                                                                                                                                        0x00bed0bd
                                                                                                                                                                                                                                                        0x00bed0bf
                                                                                                                                                                                                                                                        0x00bed0c4
                                                                                                                                                                                                                                                        0x00bed0ce
                                                                                                                                                                                                                                                        0x00bed0d4
                                                                                                                                                                                                                                                        0x00bed0df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed0c4
                                                                                                                                                                                                                                                        0x00becf5f
                                                                                                                                                                                                                                                        0x00becf62
                                                                                                                                                                                                                                                        0x00becf69
                                                                                                                                                                                                                                                        0x00becf6d
                                                                                                                                                                                                                                                        0x00becf72
                                                                                                                                                                                                                                                        0x00becf78
                                                                                                                                                                                                                                                        0x00becf7b
                                                                                                                                                                                                                                                        0x00becf81
                                                                                                                                                                                                                                                        0x00bed054
                                                                                                                                                                                                                                                        0x00bed059
                                                                                                                                                                                                                                                        0x00bed05c
                                                                                                                                                                                                                                                        0x00bed063
                                                                                                                                                                                                                                                        0x00bed069
                                                                                                                                                                                                                                                        0x00bed073
                                                                                                                                                                                                                                                        0x00bed078
                                                                                                                                                                                                                                                        0x00bed078
                                                                                                                                                                                                                                                        0x00bed063
                                                                                                                                                                                                                                                        0x00becf87
                                                                                                                                                                                                                                                        0x00becf8d
                                                                                                                                                                                                                                                        0x00becf8f
                                                                                                                                                                                                                                                        0x00becffb
                                                                                                                                                                                                                                                        0x00bed003
                                                                                                                                                                                                                                                        0x00bed003
                                                                                                                                                                                                                                                        0x00bed003
                                                                                                                                                                                                                                                        0x00bed007
                                                                                                                                                                                                                                                        0x00bed00b
                                                                                                                                                                                                                                                        0x00bed00c
                                                                                                                                                                                                                                                        0x00bed00f
                                                                                                                                                                                                                                                        0x00bed013
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed025
                                                                                                                                                                                                                                                        0x00bed02a
                                                                                                                                                                                                                                                        0x00bed02c
                                                                                                                                                                                                                                                        0x00bed046
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed02e
                                                                                                                                                                                                                                                        0x00bed037
                                                                                                                                                                                                                                                        0x00bed03d
                                                                                                                                                                                                                                                        0x00bed03f
                                                                                                                                                                                                                                                        0x00bed042
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed044
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed044
                                                                                                                                                                                                                                                        0x00bed042
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed02c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becf91
                                                                                                                                                                                                                                                        0x00becf91
                                                                                                                                                                                                                                                        0x00becf99
                                                                                                                                                                                                                                                        0x00becf9c
                                                                                                                                                                                                                                                        0x00becfa1
                                                                                                                                                                                                                                                        0x00becfa9
                                                                                                                                                                                                                                                        0x00becfb5
                                                                                                                                                                                                                                                        0x00becfb9
                                                                                                                                                                                                                                                        0x00becfc1
                                                                                                                                                                                                                                                        0x00becfc9
                                                                                                                                                                                                                                                        0x00becfe1
                                                                                                                                                                                                                                                        0x00becfe4
                                                                                                                                                                                                                                                        0x00becfea
                                                                                                                                                                                                                                                        0x00becfef
                                                                                                                                                                                                                                                        0x00becfef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becf8f
                                                                                                                                                                                                                                                        0x00becf26
                                                                                                                                                                                                                                                        0x00becf26
                                                                                                                                                                                                                                                        0x00becf30
                                                                                                                                                                                                                                                        0x00becf3e
                                                                                                                                                                                                                                                        0x00becf43
                                                                                                                                                                                                                                                        0x00becf45
                                                                                                                                                                                                                                                        0x00becf4c
                                                                                                                                                                                                                                                        0x00becf4c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001), ref: 00BECF30
                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001,00000000,?,?,?), ref: 00BED037
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BED054
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BED073
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AllocVirtual$Init_thread_footerInit_thread_header
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3509768543-0
                                                                                                                                                                                                                                                        • Opcode ID: a4b22d43e4a49e37129054055fea95ace8b201f41679d462ee7200acf17a5874
                                                                                                                                                                                                                                                        • Instruction ID: d9736ac7c7ba066cb0a1cafc955877419de0448ac558f3df6e9a5eb62ede830e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a4b22d43e4a49e37129054055fea95ace8b201f41679d462ee7200acf17a5874
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF41BEB0608380AFD714DF25C881F6ABBE5EFC4360F14895DF99987291DB709C85CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BD74E0(intOrPtr _a4, char _a8, char _a12, char _a16, char _a20, char _a24, char _a28, char _a32, long _a36) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				char* _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				char _v112;
                                                                                                                                                                                                                                                        				long _v120;
                                                                                                                                                                                                                                                        				char _v132;
                                                                                                                                                                                                                                                        				char _v136;
                                                                                                                                                                                                                                                        				char _v140;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				intOrPtr _t42;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				long _t46;
                                                                                                                                                                                                                                                        				long _t49;
                                                                                                                                                                                                                                                        				long _t50;
                                                                                                                                                                                                                                                        				long _t53;
                                                                                                                                                                                                                                                        				long _t61;
                                                                                                                                                                                                                                                        				long _t64;
                                                                                                                                                                                                                                                        				long _t65;
                                                                                                                                                                                                                                                        				char _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t76;
                                                                                                                                                                                                                                                        				long _t77;
                                                                                                                                                                                                                                                        				intOrPtr _t79;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t67 = _a8;
                                                                                                                                                                                                                                                        				_t74 = _a20;
                                                                                                                                                                                                                                                        				_v108 = _a12;
                                                                                                                                                                                                                                                        				_v112 = _a16;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t40 ^ _t80;
                                                                                                                                                                                                                                                        				_t76 = _t67;
                                                                                                                                                                                                                                                        				_t42 = _a4(_t67, _v108, _v112, _a20, _a24, _a28, _a32, _a36);
                                                                                                                                                                                                                                                        				_t79 = _t42;
                                                                                                                                                                                                                                                        				if(_t42 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t64 = _a36;
                                                                                                                                                                                                                                                        					E00BC4600(_t64, _t74, _t76, _t79, "CreateNamedPipeW", _t76);
                                                                                                                                                                                                                                                        					_t44 = E00BE3760();
                                                                                                                                                                                                                                                        					_t74 =  *_t44;
                                                                                                                                                                                                                                                        					_t46 = E00BE9C60( *((intOrPtr*)( *_t44 + 8))(), _t45);
                                                                                                                                                                                                                                                        					_t79 = 0xffffffff;
                                                                                                                                                                                                                                                        					__eflags = _t46;
                                                                                                                                                                                                                                                        					if(_t46 == 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t49 = GetLastError();
                                                                                                                                                                                                                                                        					__eflags = _t64;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t77 = _t49;
                                                                                                                                                                                                                                                        					_t50 = E00BE3830(__eflags);
                                                                                                                                                                                                                                                        					__eflags = _t50;
                                                                                                                                                                                                                                                        					if(_t50 == 0) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						SetLastError(_t77);
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t65 = _t50;
                                                                                                                                                                                                                                                        					_v68 = 1;
                                                                                                                                                                                                                                                        					_v64 = 1;
                                                                                                                                                                                                                                                        					_v60 =  &_a8;
                                                                                                                                                                                                                                                        					_t53 = E00BD95D0(_t74, 8,  &_v68);
                                                                                                                                                                                                                                                        					__eflags = _t53;
                                                                                                                                                                                                                                                        					if(_t53 != 0) {
                                                                                                                                                                                                                                                        						E00BE67D0( &_v136, _t65);
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v84 = 0;
                                                                                                                                                                                                                                                        						_t74 =  &_a8;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						_t61 = E00BD7650( &_v140,  &_a8, __eflags,  &_a12,  &_a16,  &_a20,  &_a24,  &_a28,  &_a32,  &_v132);
                                                                                                                                                                                                                                                        						__eflags = _t61;
                                                                                                                                                                                                                                                        						if(_t61 != 0) {
                                                                                                                                                                                                                                                        							goto L6;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						SetLastError(_v120);
                                                                                                                                                                                                                                                        						__eflags = _v120;
                                                                                                                                                                                                                                                        						_t79 = 0xffffffff;
                                                                                                                                                                                                                                                        						if(_v120 == 0) {
                                                                                                                                                                                                                                                        							E00BC4830( &_a8, "CreateNamedPipeW", _a8);
                                                                                                                                                                                                                                                        							_t79 = _v112;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v56 ^ _t80, _t74);
                                                                                                                                                                                                                                                        				return _t79;
                                                                                                                                                                                                                                                        			}


































                                                                                                                                                                                                                                                        0x00bd74ef
                                                                                                                                                                                                                                                        0x00bd74f2
                                                                                                                                                                                                                                                        0x00bd74fe
                                                                                                                                                                                                                                                        0x00bd7505
                                                                                                                                                                                                                                                        0x00bd7508
                                                                                                                                                                                                                                                        0x00bd750f
                                                                                                                                                                                                                                                        0x00bd7517
                                                                                                                                                                                                                                                        0x00bd7525
                                                                                                                                                                                                                                                        0x00bd7528
                                                                                                                                                                                                                                                        0x00bd752d
                                                                                                                                                                                                                                                        0x00bd7546
                                                                                                                                                                                                                                                        0x00bd754f
                                                                                                                                                                                                                                                        0x00bd7557
                                                                                                                                                                                                                                                        0x00bd755c
                                                                                                                                                                                                                                                        0x00bd7565
                                                                                                                                                                                                                                                        0x00bd756a
                                                                                                                                                                                                                                                        0x00bd756f
                                                                                                                                                                                                                                                        0x00bd7571
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7573
                                                                                                                                                                                                                                                        0x00bd7579
                                                                                                                                                                                                                                                        0x00bd757b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd757d
                                                                                                                                                                                                                                                        0x00bd757f
                                                                                                                                                                                                                                                        0x00bd7584
                                                                                                                                                                                                                                                        0x00bd7586
                                                                                                                                                                                                                                                        0x00bd75b4
                                                                                                                                                                                                                                                        0x00bd75b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd75b5
                                                                                                                                                                                                                                                        0x00bd7588
                                                                                                                                                                                                                                                        0x00bd758d
                                                                                                                                                                                                                                                        0x00bd7595
                                                                                                                                                                                                                                                        0x00bd759d
                                                                                                                                                                                                                                                        0x00bd75a8
                                                                                                                                                                                                                                                        0x00bd75b0
                                                                                                                                                                                                                                                        0x00bd75b2
                                                                                                                                                                                                                                                        0x00bd75c5
                                                                                                                                                                                                                                                        0x00bd75ca
                                                                                                                                                                                                                                                        0x00bd75d1
                                                                                                                                                                                                                                                        0x00bd75dc
                                                                                                                                                                                                                                                        0x00bd75e3
                                                                                                                                                                                                                                                        0x00bd75e8
                                                                                                                                                                                                                                                        0x00bd75ed
                                                                                                                                                                                                                                                        0x00bd7608
                                                                                                                                                                                                                                                        0x00bd7610
                                                                                                                                                                                                                                                        0x00bd7612
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7618
                                                                                                                                                                                                                                                        0x00bd761e
                                                                                                                                                                                                                                                        0x00bd7623
                                                                                                                                                                                                                                                        0x00bd7628
                                                                                                                                                                                                                                                        0x00bd7636
                                                                                                                                                                                                                                                        0x00bd763e
                                                                                                                                                                                                                                                        0x00bd763e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7628
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd75b2
                                                                                                                                                                                                                                                        0x00bd752f
                                                                                                                                                                                                                                                        0x00bd7535
                                                                                                                                                                                                                                                        0x00bd7543

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD7573
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00BD75B5
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?,?,?,?,?,?,?,00000000), ref: 00BD7618
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast
                                                                                                                                                                                                                                                        • String ID: CreateNamedPipeW
                                                                                                                                                                                                                                                        • API String ID: 1452528299-2502196537
                                                                                                                                                                                                                                                        • Opcode ID: 0c65a71aa1ebabaad0f237cc8fbfb98bd5bfdf5349f6c994c137631efcf33e01
                                                                                                                                                                                                                                                        • Instruction ID: 3ca1810f1c6a3a27de37b20735ca0d90e517c4f3904af75be99f101ad722d015
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0c65a71aa1ebabaad0f237cc8fbfb98bd5bfdf5349f6c994c137631efcf33e01
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DE4182755042489BCB00DF64E845AEBB7E8EF98368F004699FD5593291FB31DA44CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 89%
                                                                                                                                                                                                                                                        			E00BE5640(void* __ecx, signed int __edx, signed int _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t56;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t54 = __edx;
                                                                                                                                                                                                                                                        				_t55 = _a4;
                                                                                                                                                                                                                                                        				_t23 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t57 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t23 ^ _t59;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 0x70)) != 0) {
                                                                                                                                                                                                                                                        					E00BD8570( *((intOrPtr*)(__ecx + 0x6c)));
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t42 = 0x1c;
                                                                                                                                                                                                                                                        				_push( *((intOrPtr*)(_t57 + 0x5c)));
                                                                                                                                                                                                                                                        				if(E00BD9F80(_t54,  *_t55,  *((intOrPtr*)(_t57 + 0x58))) != 0) {
                                                                                                                                                                                                                                                        					_t54 = _t55;
                                                                                                                                                                                                                                                        					_t26 = E00BE57B0(_t57, _t54);
                                                                                                                                                                                                                                                        					_t42 = _t26;
                                                                                                                                                                                                                                                        					__eflags = _t26;
                                                                                                                                                                                                                                                        					if(_t26 == 0) {
                                                                                                                                                                                                                                                        						_t29 = E00BD2E00(_t57 + 0x80, _t54, _t55);
                                                                                                                                                                                                                                                        						_t42 = 0x21;
                                                                                                                                                                                                                                                        						__eflags = _t29;
                                                                                                                                                                                                                                                        						if(_t29 != 0) {
                                                                                                                                                                                                                                                        							_v24 = 0;
                                                                                                                                                                                                                                                        							_t31 = E00BE96D0(_t55,  *((intOrPtr*)(_t57 + 0x90)),  *((intOrPtr*)(_t57 + 0x70)), 0x2000, 0xe000,  &_v24);
                                                                                                                                                                                                                                                        							_t42 = _t31;
                                                                                                                                                                                                                                                        							__eflags = _t31;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								 *0xbfa060 =  *((intOrPtr*)(_t57 + 0x50));
                                                                                                                                                                                                                                                        								_t33 = E00BE9630(_t55, _t54, __eflags, "g_shared_delayed_integrity_level", "true", 4);
                                                                                                                                                                                                                                                        								_t42 = _t33;
                                                                                                                                                                                                                                                        								__eflags = _t33;
                                                                                                                                                                                                                                                        								 *0xbfa060 = 7;
                                                                                                                                                                                                                                                        								if(_t33 == 0) {
                                                                                                                                                                                                                                                        									_v28 =  *((intOrPtr*)(_t57 + 0x64));
                                                                                                                                                                                                                                                        									_push( *((intOrPtr*)(_t57 + 0x5c)));
                                                                                                                                                                                                                                                        									_t35 = E00BD9F60( *((intOrPtr*)(_t57 + 0x58)));
                                                                                                                                                                                                                                                        									_t54 = _t54 | _v28;
                                                                                                                                                                                                                                                        									_t42 = 2;
                                                                                                                                                                                                                                                        									 *0xbfb6c0 = _t35 |  *(_t57 + 0x60);
                                                                                                                                                                                                                                                        									 *0xbfb6c4 = _t54;
                                                                                                                                                                                                                                                        									__eflags = E00BD9B50(__eflags, _t35 |  *(_t57 + 0x60), _t54);
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										_t38 = E00BE9630(_t55, _t54, __eflags, "g_shared_delayed_mitigations", 0xbfb6c0, 8);
                                                                                                                                                                                                                                                        										_t42 = _t38;
                                                                                                                                                                                                                                                        										__eflags = _t38;
                                                                                                                                                                                                                                                        										 *0xbfb6c4 = 0;
                                                                                                                                                                                                                                                        										 *0xbfb6c0 = 0;
                                                                                                                                                                                                                                                        										if(_t38 == 0) {
                                                                                                                                                                                                                                                        											_t56 = _t57 + 4;
                                                                                                                                                                                                                                                        											EnterCriticalSection(_t56);
                                                                                                                                                                                                                                                        											_t54 =  *(_t57 + 0x1c);
                                                                                                                                                                                                                                                        											_push( &_a4);
                                                                                                                                                                                                                                                        											E00BD9570( &_a4, _t57 + 0x1c,  *(_t57 + 0x1c));
                                                                                                                                                                                                                                                        											LeaveCriticalSection(_t56);
                                                                                                                                                                                                                                                        											_t42 = 0;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t59, _t54);
                                                                                                                                                                                                                                                        				return _t42;
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00be5640
                                                                                                                                                                                                                                                        0x00be5649
                                                                                                                                                                                                                                                        0x00be564c
                                                                                                                                                                                                                                                        0x00be5651
                                                                                                                                                                                                                                                        0x00be5655
                                                                                                                                                                                                                                                        0x00be565c
                                                                                                                                                                                                                                                        0x00be5661
                                                                                                                                                                                                                                                        0x00be5661
                                                                                                                                                                                                                                                        0x00be5666
                                                                                                                                                                                                                                                        0x00be566b
                                                                                                                                                                                                                                                        0x00be567d
                                                                                                                                                                                                                                                        0x00be5697
                                                                                                                                                                                                                                                        0x00be5699
                                                                                                                                                                                                                                                        0x00be569e
                                                                                                                                                                                                                                                        0x00be56a0
                                                                                                                                                                                                                                                        0x00be56a2
                                                                                                                                                                                                                                                        0x00be56ab
                                                                                                                                                                                                                                                        0x00be56b0
                                                                                                                                                                                                                                                        0x00be56b5
                                                                                                                                                                                                                                                        0x00be56b7
                                                                                                                                                                                                                                                        0x00be56bc
                                                                                                                                                                                                                                                        0x00be56d9
                                                                                                                                                                                                                                                        0x00be56de
                                                                                                                                                                                                                                                        0x00be56e0
                                                                                                                                                                                                                                                        0x00be56e2
                                                                                                                                                                                                                                                        0x00be56e9
                                                                                                                                                                                                                                                        0x00be56fa
                                                                                                                                                                                                                                                        0x00be56ff
                                                                                                                                                                                                                                                        0x00be5701
                                                                                                                                                                                                                                                        0x00be5703
                                                                                                                                                                                                                                                        0x00be570d
                                                                                                                                                                                                                                                        0x00be5719
                                                                                                                                                                                                                                                        0x00be571c
                                                                                                                                                                                                                                                        0x00be5722
                                                                                                                                                                                                                                                        0x00be572a
                                                                                                                                                                                                                                                        0x00be572f
                                                                                                                                                                                                                                                        0x00be5734
                                                                                                                                                                                                                                                        0x00be5739
                                                                                                                                                                                                                                                        0x00be5749
                                                                                                                                                                                                                                                        0x00be574b
                                                                                                                                                                                                                                                        0x00be575f
                                                                                                                                                                                                                                                        0x00be5764
                                                                                                                                                                                                                                                        0x00be5766
                                                                                                                                                                                                                                                        0x00be5768
                                                                                                                                                                                                                                                        0x00be5772
                                                                                                                                                                                                                                                        0x00be577c
                                                                                                                                                                                                                                                        0x00be5782
                                                                                                                                                                                                                                                        0x00be5786
                                                                                                                                                                                                                                                        0x00be578c
                                                                                                                                                                                                                                                        0x00be5797
                                                                                                                                                                                                                                                        0x00be5798
                                                                                                                                                                                                                                                        0x00be57a1
                                                                                                                                                                                                                                                        0x00be57a7
                                                                                                                                                                                                                                                        0x00be57a7
                                                                                                                                                                                                                                                        0x00be577c
                                                                                                                                                                                                                                                        0x00be574b
                                                                                                                                                                                                                                                        0x00be570d
                                                                                                                                                                                                                                                        0x00be56e2
                                                                                                                                                                                                                                                        0x00be56b7
                                                                                                                                                                                                                                                        0x00be56a2
                                                                                                                                                                                                                                                        0x00be5684
                                                                                                                                                                                                                                                        0x00be5692

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BD8570: ??2@YAPAXI@Z.MOZGLUE(0000001C), ref: 00BD858E
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?,g_shared_delayed_mitigations,00BFB6C0,00000008,?,?,?,00000000), ref: 00BE5786
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?,?,?,?,?,00000000), ref: 00BE57A1
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • g_shared_delayed_integrity_level, xrefs: 00BE56F5
                                                                                                                                                                                                                                                        • g_shared_delayed_mitigations, xrefs: 00BE575A
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$??2@EnterLeave
                                                                                                                                                                                                                                                        • String ID: g_shared_delayed_integrity_level$g_shared_delayed_mitigations
                                                                                                                                                                                                                                                        • API String ID: 1937562654-1566576417
                                                                                                                                                                                                                                                        • Opcode ID: b0b14e045282b59ac6764dcdf2e95a19e6dff4b990e6327c07856a2a31d94f44
                                                                                                                                                                                                                                                        • Instruction ID: f691024bceb941cef5be0b0490e728c603c1d4bb72f2217021e0968c6da70fbc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b0b14e045282b59ac6764dcdf2e95a19e6dff4b990e6327c07856a2a31d94f44
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7E3180B06007449FDB209F65EC45F7BB7E5FF54708F400569EA469B3A2EBB1A809C790
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 29%
                                                                                                                                                                                                                                                        			E00BC2380(intOrPtr* _a4, intOrPtr _a8, signed int _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t65;
                                                                                                                                                                                                                                                        				char _t68;
                                                                                                                                                                                                                                                        				char _t69;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				intOrPtr* _t81;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				intOrPtr* _t91;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t91 = _a4;
                                                                                                                                                                                                                                                        				_t71 = _a12;
                                                                                                                                                                                                                                                        				_t90 = 0;
                                                                                                                                                                                                                                                        				_v20 = _t44 ^ _t92;
                                                                                                                                                                                                                                                        				_t89 =  *(_t91 +  *((intOrPtr*)( *_t91 + 4)) + 0x20);
                                                                                                                                                                                                                                                        				_t49 =  <  ? 0 : _t89 - _t71;
                                                                                                                                                                                                                                                        				asm("sbb ecx, 0x0");
                                                                                                                                                                                                                                                        				if(_t89 >= 1) {
                                                                                                                                                                                                                                                        					_t90 = _t49;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BBD780( &_v28, _t91);
                                                                                                                                                                                                                                                        				if(_v24 == 0) {
                                                                                                                                                                                                                                                        					_t72 = 4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t59 =  *((intOrPtr*)( *_t91 + 4));
                                                                                                                                                                                                                                                        					if((0x000001c0 &  *(_t91 + _t59 + 0x14)) == 0x40) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_push(0);
                                                                                                                                                                                                                                                        						_push(_t71);
                                                                                                                                                                                                                                                        						_push(_a8);
                                                                                                                                                                                                                                                        						if(( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t91 + _t59 + 0x38)))) + 0x24))() ^ _t71 | _t89) != 0) {
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t72 = 0;
                                                                                                                                                                                                                                                        							if(_t90 != 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t90 != 0) {
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t69 =  *((char*)(_t91 + _t59 + 0x40));
                                                                                                                                                                                                                                                        								__imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z(_t69);
                                                                                                                                                                                                                                                        								if(_t69 == 0xffffffff) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t90 = _t90 - 1;
                                                                                                                                                                                                                                                        								_t59 =  *((intOrPtr*)( *_t91 + 4));
                                                                                                                                                                                                                                                        								if(_t90 == 0) {
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L21:
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t72 = 4;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t68 =  *((char*)(_t91 +  *((intOrPtr*)( *_t91 + 4)) + 0x40));
                                                                                                                                                                                                                                                        								__imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z(_t68);
                                                                                                                                                                                                                                                        								if(_t68 == 0xffffffff) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t90 = _t90 - 1;
                                                                                                                                                                                                                                                        								if(_t90 == 0) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L21;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L20:
                                                                                                                                                                                                                                                        							_t72 = 4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							_t90 = 0;
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_t65 =  *((intOrPtr*)( *_t91 + 4));
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t91 + _t65 + 0x24)) = 0;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t91 + _t65 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z(_t72 |  *(_t91 +  *((intOrPtr*)( *_t91 + 4)) + 0xc), 0);
                                                                                                                                                                                                                                                        				__imp__?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ();
                                                                                                                                                                                                                                                        				_t81 =  *((intOrPtr*)(_v28 +  *((intOrPtr*)( *_v28 + 4)) + 0x38));
                                                                                                                                                                                                                                                        				if(_t81 != 0) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t81 + 8))();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t92, _t89);
                                                                                                                                                                                                                                                        				return _t91;
                                                                                                                                                                                                                                                        				goto L21;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bc2389
                                                                                                                                                                                                                                                        0x00bc238e
                                                                                                                                                                                                                                                        0x00bc2391
                                                                                                                                                                                                                                                        0x00bc2394
                                                                                                                                                                                                                                                        0x00bc2398
                                                                                                                                                                                                                                                        0x00bc23a0
                                                                                                                                                                                                                                                        0x00bc23ac
                                                                                                                                                                                                                                                        0x00bc23b2
                                                                                                                                                                                                                                                        0x00bc23b5
                                                                                                                                                                                                                                                        0x00bc246a
                                                                                                                                                                                                                                                        0x00bc246a
                                                                                                                                                                                                                                                        0x00bc23bf
                                                                                                                                                                                                                                                        0x00bc23c8
                                                                                                                                                                                                                                                        0x00bc2471
                                                                                                                                                                                                                                                        0x00bc23ce
                                                                                                                                                                                                                                                        0x00bc23d5
                                                                                                                                                                                                                                                        0x00bc23df
                                                                                                                                                                                                                                                        0x00bc23eb
                                                                                                                                                                                                                                                        0x00bc23f1
                                                                                                                                                                                                                                                        0x00bc23f3
                                                                                                                                                                                                                                                        0x00bc23f4
                                                                                                                                                                                                                                                        0x00bc23fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2404
                                                                                                                                                                                                                                                        0x00bc2404
                                                                                                                                                                                                                                                        0x00bc2408
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2408
                                                                                                                                                                                                                                                        0x00bc23e1
                                                                                                                                                                                                                                                        0x00bc23e3
                                                                                                                                                                                                                                                        0x00bc2478
                                                                                                                                                                                                                                                        0x00bc247c
                                                                                                                                                                                                                                                        0x00bc2482
                                                                                                                                                                                                                                                        0x00bc248b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc248f
                                                                                                                                                                                                                                                        0x00bc2490
                                                                                                                                                                                                                                                        0x00bc2493
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2499
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2499
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2493
                                                                                                                                                                                                                                                        0x00bc249b
                                                                                                                                                                                                                                                        0x00bc24a0
                                                                                                                                                                                                                                                        0x00bc24a0
                                                                                                                                                                                                                                                        0x00bc24a9
                                                                                                                                                                                                                                                        0x00bc24af
                                                                                                                                                                                                                                                        0x00bc24b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24ba
                                                                                                                                                                                                                                                        0x00bc24bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24c1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24c1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24bb
                                                                                                                                                                                                                                                        0x00bc24c3
                                                                                                                                                                                                                                                        0x00bc24c3
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00bc23e3
                                                                                                                                                                                                                                                        0x00bc240e
                                                                                                                                                                                                                                                        0x00bc2410
                                                                                                                                                                                                                                                        0x00bc2413
                                                                                                                                                                                                                                                        0x00bc241b
                                                                                                                                                                                                                                                        0x00bc241b
                                                                                                                                                                                                                                                        0x00bc2432
                                                                                                                                                                                                                                                        0x00bc243b
                                                                                                                                                                                                                                                        0x00bc2449
                                                                                                                                                                                                                                                        0x00bc244f
                                                                                                                                                                                                                                                        0x00bc2453
                                                                                                                                                                                                                                                        0x00bc2453
                                                                                                                                                                                                                                                        0x00bc245b
                                                                                                                                                                                                                                                        0x00bc2469
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000), ref: 00BC2432
                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BC243B
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(00000000), ref: 00BC2482
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(00000000), ref: 00BC24AF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?sputc@?$basic_streambuf@$?clear@?$basic_ios@Osfx@?$basic_ostream@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2262293658-0
                                                                                                                                                                                                                                                        • Opcode ID: 5dd5c6fcd26aafa9f3971b382ecddb26564dfa6558a3c313d33e21be02f97eea
                                                                                                                                                                                                                                                        • Instruction ID: 63b9da179cf16bd25d41fe670ee2d0e78c99c8c85d72498928afa00be29bbd20
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5dd5c6fcd26aafa9f3971b382ecddb26564dfa6558a3c313d33e21be02f97eea
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 31410B742006009FD729CF69C994F7ABBE5EF88314F54459CEA968B3A1CB35EC45CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 63%
                                                                                                                                                                                                                                                        			E00BC5DB0(void* __ebx, void* __ecx, void* __edi, intOrPtr _a4, signed int _a12) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				intOrPtr _v16;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				unsigned int _v28;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int _t63;
                                                                                                                                                                                                                                                        				void* _t66;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				void* _t76;
                                                                                                                                                                                                                                                        				unsigned int _t77;
                                                                                                                                                                                                                                                        				unsigned int _t81;
                                                                                                                                                                                                                                                        				unsigned int _t85;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				intOrPtr _t89;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				void* _t93;
                                                                                                                                                                                                                                                        				void* _t95;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t99 = _t98 - 0xc;
                                                                                                                                                                                                                                                        				_t81 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        				_t89 = _a4;
                                                                                                                                                                                                                                                        				_t60 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t81 < _t89) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t92 = _t89 + _t81;
                                                                                                                                                                                                                                                        					_t85 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_v24 = _t81;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					_t45 = _t92 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t45 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t66 = (_t85 >> 1) + _t85;
                                                                                                                                                                                                                                                        						_t67 =  >=  ? _t45 : _t66;
                                                                                                                                                                                                                                                        						_t60 =  >  ? 0x7ffffffe :  >=  ? _t45 : _t66;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t7 = _t60 + 1; // 0x8
                                                                                                                                                                                                                                                        					_t47 = E00BBA8A0(_t7);
                                                                                                                                                                                                                                                        					_t76 = _v20;
                                                                                                                                                                                                                                                        					_t81 = _t85;
                                                                                                                                                                                                                                                        					_t86 = _t47;
                                                                                                                                                                                                                                                        					 *(_t76 + 0x10) = _t92;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t76 + 0x14)) = _t60;
                                                                                                                                                                                                                                                        					if(_t81 < 8) {
                                                                                                                                                                                                                                                        						_t61 = _v24;
                                                                                                                                                                                                                                                        						_t93 = _t76;
                                                                                                                                                                                                                                                        						memcpy(_t86, _t76, _t61 + _t61);
                                                                                                                                                                                                                                                        						 *((short*)(_t86 + _t61 * 2)) = _a12 & 0x0000ffff;
                                                                                                                                                                                                                                                        						 *((short*)(_t86 + 2 + _t61 * 2)) = 0;
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t63 = _v24;
                                                                                                                                                                                                                                                        						_t95 =  *_t76;
                                                                                                                                                                                                                                                        						_v28 = _t81;
                                                                                                                                                                                                                                                        						memcpy(_t86, _t95, _t63 + _t63);
                                                                                                                                                                                                                                                        						_t77 = _v28;
                                                                                                                                                                                                                                                        						_t99 = _t99 + 0xc;
                                                                                                                                                                                                                                                        						 *((short*)(_t86 + _t63 * 2)) = _a12 & 0x0000ffff;
                                                                                                                                                                                                                                                        						_t55 = _t77 + _t77 + 2;
                                                                                                                                                                                                                                                        						 *((short*)(_t86 + 2 + _t63 * 2)) = 0;
                                                                                                                                                                                                                                                        						if(_t55 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t55);
                                                                                                                                                                                                                                                        							_push(_t95);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t93 = _v20;
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t93 = _t86;
                                                                                                                                                                                                                                                        							return _t93;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t89 =  *((intOrPtr*)(_t95 - 4));
                                                                                                                                                                                                                                                        							if(_t95 + 0xfffffffc - _t89 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t97 = _t99;
                                                                                                                                                                                                                                                        								_push(_t89);
                                                                                                                                                                                                                                                        								_t101 = (_t99 & 0xfffffff8) - 0xc0;
                                                                                                                                                                                                                                                        								_t69 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t41 = _v16;
                                                                                                                                                                                                                                                        								_v40 = _t69 ^ _t99;
                                                                                                                                                                                                                                                        								if(_t41 != 0) {
                                                                                                                                                                                                                                                        									_push(_t41);
                                                                                                                                                                                                                                                        									_push(_v0);
                                                                                                                                                                                                                                                        									L00BEF6EA();
                                                                                                                                                                                                                                                        									if(_t41 == 0) {
                                                                                                                                                                                                                                                        										_push("success");
                                                                                                                                                                                                                                                        										E00BC1FF0(_t101, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/rand_util_win.cc", 0x20);
                                                                                                                                                                                                                                                        										E00BC20C0();
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								return E00BEECB0(_v40 ^ _t97, _t81);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t55 = _t77 + _t77 + 0x25;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bc5db6
                                                                                                                                                                                                                                                        0x00bc5db9
                                                                                                                                                                                                                                                        0x00bc5dbc
                                                                                                                                                                                                                                                        0x00bc5dc4
                                                                                                                                                                                                                                                        0x00bc5dcd
                                                                                                                                                                                                                                                        0x00bc5eac
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5dd3
                                                                                                                                                                                                                                                        0x00bc5dd3
                                                                                                                                                                                                                                                        0x00bc5dd5
                                                                                                                                                                                                                                                        0x00bc5dd8
                                                                                                                                                                                                                                                        0x00bc5ddb
                                                                                                                                                                                                                                                        0x00bc5de0
                                                                                                                                                                                                                                                        0x00bc5de8
                                                                                                                                                                                                                                                        0x00bc5dfa
                                                                                                                                                                                                                                                        0x00bc5dfe
                                                                                                                                                                                                                                                        0x00bc5e03
                                                                                                                                                                                                                                                        0x00bc5e03
                                                                                                                                                                                                                                                        0x00bc5e09
                                                                                                                                                                                                                                                        0x00bc5e0d
                                                                                                                                                                                                                                                        0x00bc5e12
                                                                                                                                                                                                                                                        0x00bc5e15
                                                                                                                                                                                                                                                        0x00bc5e17
                                                                                                                                                                                                                                                        0x00bc5e1c
                                                                                                                                                                                                                                                        0x00bc5e1f
                                                                                                                                                                                                                                                        0x00bc5e22
                                                                                                                                                                                                                                                        0x00bc5e7c
                                                                                                                                                                                                                                                        0x00bc5e85
                                                                                                                                                                                                                                                        0x00bc5e87
                                                                                                                                                                                                                                                        0x00bc5e93
                                                                                                                                                                                                                                                        0x00bc5e97
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5e24
                                                                                                                                                                                                                                                        0x00bc5e24
                                                                                                                                                                                                                                                        0x00bc5e27
                                                                                                                                                                                                                                                        0x00bc5e2f
                                                                                                                                                                                                                                                        0x00bc5e32
                                                                                                                                                                                                                                                        0x00bc5e37
                                                                                                                                                                                                                                                        0x00bc5e3a
                                                                                                                                                                                                                                                        0x00bc5e41
                                                                                                                                                                                                                                                        0x00bc5e45
                                                                                                                                                                                                                                                        0x00bc5e49
                                                                                                                                                                                                                                                        0x00bc5e55
                                                                                                                                                                                                                                                        0x00bc5e6d
                                                                                                                                                                                                                                                        0x00bc5e6d
                                                                                                                                                                                                                                                        0x00bc5e6e
                                                                                                                                                                                                                                                        0x00bc5e6f
                                                                                                                                                                                                                                                        0x00bc5e77
                                                                                                                                                                                                                                                        0x00bc5e9e
                                                                                                                                                                                                                                                        0x00bc5e9e
                                                                                                                                                                                                                                                        0x00bc5ea9
                                                                                                                                                                                                                                                        0x00bc5e57
                                                                                                                                                                                                                                                        0x00bc5e59
                                                                                                                                                                                                                                                        0x00bc5e64
                                                                                                                                                                                                                                                        0x00bc5eb1
                                                                                                                                                                                                                                                        0x00bc5eb1
                                                                                                                                                                                                                                                        0x00bc5eb7
                                                                                                                                                                                                                                                        0x00bc5eb8
                                                                                                                                                                                                                                                        0x00bc5eb9
                                                                                                                                                                                                                                                        0x00bc5eba
                                                                                                                                                                                                                                                        0x00bc5ebb
                                                                                                                                                                                                                                                        0x00bc5ebc
                                                                                                                                                                                                                                                        0x00bc5ebd
                                                                                                                                                                                                                                                        0x00bc5ebe
                                                                                                                                                                                                                                                        0x00bc5ebf
                                                                                                                                                                                                                                                        0x00bc5ec1
                                                                                                                                                                                                                                                        0x00bc5ec3
                                                                                                                                                                                                                                                        0x00bc5ec7
                                                                                                                                                                                                                                                        0x00bc5ecd
                                                                                                                                                                                                                                                        0x00bc5ed3
                                                                                                                                                                                                                                                        0x00bc5eda
                                                                                                                                                                                                                                                        0x00bc5ee1
                                                                                                                                                                                                                                                        0x00bc5ee3
                                                                                                                                                                                                                                                        0x00bc5ee4
                                                                                                                                                                                                                                                        0x00bc5ee7
                                                                                                                                                                                                                                                        0x00bc5eee
                                                                                                                                                                                                                                                        0x00bc5ef4
                                                                                                                                                                                                                                                        0x00bc5f00
                                                                                                                                                                                                                                                        0x00bc5f07
                                                                                                                                                                                                                                                        0x00bc5f07
                                                                                                                                                                                                                                                        0x00bc5eee
                                                                                                                                                                                                                                                        0x00bc5f1f
                                                                                                                                                                                                                                                        0x00bc5e66
                                                                                                                                                                                                                                                        0x00bc5e6b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5e6b
                                                                                                                                                                                                                                                        0x00bc5e64
                                                                                                                                                                                                                                                        0x00bc5e55
                                                                                                                                                                                                                                                        0x00bc5e22

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000000,7FFFFFFF,?,?,00BC5D36), ref: 00BC5E32
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?,?,?,7FFFFFFF,?,?,00BC5D36), ref: 00BC5E6F
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,7FFFFFFF,00000000,7FFFFFFF,?,?,00BC5D36), ref: 00BC5E87
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00BC5D36), ref: 00BC5EB1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: 20a3d78e2d6f75169ddd1ef1af3c40b532ada49390240a3fdc80eb4f6cc859d8
                                                                                                                                                                                                                                                        • Instruction ID: 781b2fff0f1c414f6df895d9585ee2f6a8da3a199c0cc9cdefbcee4a5cbe4da7
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 20a3d78e2d6f75169ddd1ef1af3c40b532ada49390240a3fdc80eb4f6cc859d8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CF31D571A006169BCB148F68CCC19BEB7F8FF853207244669E814DB3A5E770ED51C7A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BC3200(void* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				unsigned int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				void* _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* _t93;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void _t109;
                                                                                                                                                                                                                                                        				intOrPtr _t112;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				signed int _t123;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t140;
                                                                                                                                                                                                                                                        				void* _t142;
                                                                                                                                                                                                                                                        				void _t147;
                                                                                                                                                                                                                                                        				signed int _t150;
                                                                                                                                                                                                                                                        				unsigned int _t155;
                                                                                                                                                                                                                                                        				signed int _t156;
                                                                                                                                                                                                                                                        				signed int _t157;
                                                                                                                                                                                                                                                        				unsigned int _t160;
                                                                                                                                                                                                                                                        				intOrPtr _t161;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				void _t166;
                                                                                                                                                                                                                                                        				void _t167;
                                                                                                                                                                                                                                                        				signed int _t170;
                                                                                                                                                                                                                                                        				intOrPtr _t173;
                                                                                                                                                                                                                                                        				void* _t174;
                                                                                                                                                                                                                                                        				void* _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				signed int _t177;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				signed int _t179;
                                                                                                                                                                                                                                                        				signed int _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				void** _t182;
                                                                                                                                                                                                                                                        				signed int _t183;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				unsigned int _t185;
                                                                                                                                                                                                                                                        				unsigned int _t187;
                                                                                                                                                                                                                                                        				void* _t188;
                                                                                                                                                                                                                                                        				signed int _t192;
                                                                                                                                                                                                                                                        				unsigned int _t193;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				void* _t196;
                                                                                                                                                                                                                                                        				void* _t198;
                                                                                                                                                                                                                                                        				void* _t199;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				void* _t203;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t135 = __ecx;
                                                                                                                                                                                                                                                        				_t199 = _t198 - 0x10;
                                                                                                                                                                                                                                                        				_t157 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        				_t173 = _a4;
                                                                                                                                                                                                                                                        				_t129 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t157 < _t173) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t180 = _t173 + _t157;
                                                                                                                                                                                                                                                        					_v28 = _t157;
                                                                                                                                                                                                                                                        					_v32 = __ecx;
                                                                                                                                                                                                                                                        					_v20 =  *((intOrPtr*)(__ecx + 0x14));
                                                                                                                                                                                                                                                        					_t123 = _t180 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t123 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t193 = _v20;
                                                                                                                                                                                                                                                        						_t129 = 0x7ffffffe;
                                                                                                                                                                                                                                                        						_t155 = _t193 >> 1;
                                                                                                                                                                                                                                                        						_t157 = 0x7ffffffe - _t155;
                                                                                                                                                                                                                                                        						_t156 = _t155 + _t193;
                                                                                                                                                                                                                                                        						if(_t123 >= _t156) {
                                                                                                                                                                                                                                                        							_t156 = _t123;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v20 <= _t157) {
                                                                                                                                                                                                                                                        							_t129 = _t156;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t181 = _v32;
                                                                                                                                                                                                                                                        					_t10 = _t129 + 1; // 0x7fffffff
                                                                                                                                                                                                                                                        					_t135 = _t181;
                                                                                                                                                                                                                                                        					_t125 = E00BBA8A0(_t10);
                                                                                                                                                                                                                                                        					 *(_t181 + 0x10) = _t180;
                                                                                                                                                                                                                                                        					 *(_t181 + 0x14) = _t129;
                                                                                                                                                                                                                                                        					_t129 = _v20;
                                                                                                                                                                                                                                                        					_v24 = _t125;
                                                                                                                                                                                                                                                        					if(_t129 >= 8) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t174 =  *_t181;
                                                                                                                                                                                                                                                        						memcpy(_v24, _t174, _v28 + _v28 + 2);
                                                                                                                                                                                                                                                        						_t200 = _t199 + 0xc;
                                                                                                                                                                                                                                                        						_t25 = _t129 + 2; // 0x80000000
                                                                                                                                                                                                                                                        						_t93 = _t129 + _t25;
                                                                                                                                                                                                                                                        						if(_t93 < 0x1000) {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_push(_t93);
                                                                                                                                                                                                                                                        							_push(_t174);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t182 = _v32;
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t96 = _t174;
                                                                                                                                                                                                                                                        							_t174 =  *(_t174 - 4);
                                                                                                                                                                                                                                                        							if(_t96 + 0xfffffffc - _t174 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t195 = _t200;
                                                                                                                                                                                                                                                        								_push(_t129);
                                                                                                                                                                                                                                                        								_push(_t174);
                                                                                                                                                                                                                                                        								_push(_t181);
                                                                                                                                                                                                                                                        								_t203 = _t200 - 8;
                                                                                                                                                                                                                                                        								_t99 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t130 = _t157 + _t157;
                                                                                                                                                                                                                                                        								_t183 = _t157;
                                                                                                                                                                                                                                                        								_t175 = _t135;
                                                                                                                                                                                                                                                        								_v48 = _t99 ^ _t195;
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t135 + 0x14)) -  *((intOrPtr*)(_t135 + 0xc)) >> 2 >= _t130) {
                                                                                                                                                                                                                                                        									L18:
                                                                                                                                                                                                                                                        									_v28 =  *((intOrPtr*)(_t175 + 4));
                                                                                                                                                                                                                                                        									_push( &_v28);
                                                                                                                                                                                                                                                        									L20();
                                                                                                                                                                                                                                                        									_t38 = _t183 - 1; // 0x7
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t175 + 0x18)) = _t38;
                                                                                                                                                                                                                                                        									 *(_t175 + 0x1c) = _t183;
                                                                                                                                                                                                                                                        									return E00BEECB0(_v24 ^ _t195, _t130);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t130 >= 0x40000000) {
                                                                                                                                                                                                                                                        										E00BC14B0(_t130, _t135);
                                                                                                                                                                                                                                                        										_push(_t195);
                                                                                                                                                                                                                                                        										_t196 = _t203;
                                                                                                                                                                                                                                                        										_push(_t130);
                                                                                                                                                                                                                                                        										_push(_t175);
                                                                                                                                                                                                                                                        										_push(_t183);
                                                                                                                                                                                                                                                        										_t206 = _t203 - 8;
                                                                                                                                                                                                                                                        										_t184 = _t135;
                                                                                                                                                                                                                                                        										_t109 =  *_t135;
                                                                                                                                                                                                                                                        										_t131 = _v40;
                                                                                                                                                                                                                                                        										_t176 = _t157;
                                                                                                                                                                                                                                                        										_t140 =  *((intOrPtr*)(_t135 + 8)) - _t109;
                                                                                                                                                                                                                                                        										_t160 = _t140 >> 2;
                                                                                                                                                                                                                                                        										if(_t160 < _t176) {
                                                                                                                                                                                                                                                        											_v32 = _t184;
                                                                                                                                                                                                                                                        											if(_t176 >= 0x40000000) {
                                                                                                                                                                                                                                                        												_t110 = E00BC14B0(_t131, _t140);
                                                                                                                                                                                                                                                        												goto L53;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_v28 = 0x3fffffff;
                                                                                                                                                                                                                                                        												_t187 = _t160 >> 1;
                                                                                                                                                                                                                                                        												_v28 = _v28 - _t187;
                                                                                                                                                                                                                                                        												_t188 = _t187 + _t160;
                                                                                                                                                                                                                                                        												_t189 =  <  ? _t176 : _t188;
                                                                                                                                                                                                                                                        												_t184 =  >  ? _t176 :  <  ? _t176 : _t188;
                                                                                                                                                                                                                                                        												_v28 = _t184;
                                                                                                                                                                                                                                                        												if(_t109 == 0) {
                                                                                                                                                                                                                                                        													L40:
                                                                                                                                                                                                                                                        													_t184 = _v32;
                                                                                                                                                                                                                                                        													E00BC3620(_t131, _t184, _v28);
                                                                                                                                                                                                                                                        													_t147 =  *_t184;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														_t109 =  *_t131;
                                                                                                                                                                                                                                                        														 *_t147 = _t109;
                                                                                                                                                                                                                                                        														_t147 = _t147 + 4;
                                                                                                                                                                                                                                                        														_t176 = _t176 - 1;
                                                                                                                                                                                                                                                        													} while (_t176 != 0);
                                                                                                                                                                                                                                                        													goto L27;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													if(_t140 < 0x1000) {
                                                                                                                                                                                                                                                        														_t166 = _t109;
                                                                                                                                                                                                                                                        														goto L39;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t160 =  *(_t109 - 4);
                                                                                                                                                                                                                                                        														_t110 = _t109 + 0xfffffffc - _t160;
                                                                                                                                                                                                                                                        														if(_t109 + 0xfffffffc - _t160 >= 0x20) {
                                                                                                                                                                                                                                                        															L53:
                                                                                                                                                                                                                                                        															__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															_push(_t196);
                                                                                                                                                                                                                                                        															_push(_t131);
                                                                                                                                                                                                                                                        															_push(_t176);
                                                                                                                                                                                                                                                        															_push(_t184);
                                                                                                                                                                                                                                                        															_t177 = _t140;
                                                                                                                                                                                                                                                        															_t185 = _t160;
                                                                                                                                                                                                                                                        															_t134 =  *((intOrPtr*)(_t140 + 4)) -  *_t140 >> 2;
                                                                                                                                                                                                                                                        															_v84 = E00BC3560(_t110, _t160);
                                                                                                                                                                                                                                                        															_t112 =  *_t177;
                                                                                                                                                                                                                                                        															_t161 =  *((intOrPtr*)(_t177 + 4));
                                                                                                                                                                                                                                                        															if(_t112 != _t161) {
                                                                                                                                                                                                                                                        																_t162 = _t161 - _t112;
                                                                                                                                                                                                                                                        																_t142 = 0;
                                                                                                                                                                                                                                                        																while(1) {
                                                                                                                                                                                                                                                        																	_v32 = _t142;
                                                                                                                                                                                                                                                        																	_v40 = _t162;
                                                                                                                                                                                                                                                        																	_v44 = _t112;
                                                                                                                                                                                                                                                        																	_v32 = _v32 + 4;
                                                                                                                                                                                                                                                        																	 *((intOrPtr*)(_v36 + _v32)) =  *((intOrPtr*)(_t112 + _v32));
                                                                                                                                                                                                                                                        																	_t162 = _v40;
                                                                                                                                                                                                                                                        																	_t112 = _v44;
                                                                                                                                                                                                                                                        																	_t142 = _v32;
                                                                                                                                                                                                                                                        																	if(_t162 == _v32) {
                                                                                                                                                                                                                                                        																		goto L55;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															L55:
                                                                                                                                                                                                                                                        															return E00BC35C0(_t134, _t177, _v36, _t134, _t185);
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t140 = _t140 + 0x23;
                                                                                                                                                                                                                                                        															L39:
                                                                                                                                                                                                                                                        															_push(_t140);
                                                                                                                                                                                                                                                        															_push(_t166);
                                                                                                                                                                                                                                                        															L00BEF6C6();
                                                                                                                                                                                                                                                        															_t206 = _t206 + 8;
                                                                                                                                                                                                                                                        															goto L40;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t167 =  *(_t184 + 4);
                                                                                                                                                                                                                                                        											_t150 = _t167 - _t109 >> 2;
                                                                                                                                                                                                                                                        											if(_t150 >= _t176) {
                                                                                                                                                                                                                                                        												_t147 = _t109 + _t176 * 4;
                                                                                                                                                                                                                                                        												if(_t176 != 0) {
                                                                                                                                                                                                                                                        													_t178 = _t176 << 2;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														 *_t109 =  *_t131;
                                                                                                                                                                                                                                                        														_t109 = _t109 + 4;
                                                                                                                                                                                                                                                        														_t178 = _t178 + 0xfffffffc;
                                                                                                                                                                                                                                                        													} while (_t178 != 0);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												if(_t109 != _t167) {
                                                                                                                                                                                                                                                        													_v32 = _t184;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														 *_t109 =  *_t131;
                                                                                                                                                                                                                                                        														_t109 = _t109 + 4;
                                                                                                                                                                                                                                                        													} while (_t167 != _t109);
                                                                                                                                                                                                                                                        													_t184 = _v32;
                                                                                                                                                                                                                                                        													_t109 =  *(_t184 + 4);
                                                                                                                                                                                                                                                        													_t179 = _t176 - _t150;
                                                                                                                                                                                                                                                        													if(_t179 != 0) {
                                                                                                                                                                                                                                                        														goto L24;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L50;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t179 = _t176 - _t150;
                                                                                                                                                                                                                                                        													if(_t179 == 0) {
                                                                                                                                                                                                                                                        														L50:
                                                                                                                                                                                                                                                        														_t147 = _t109;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L24:
                                                                                                                                                                                                                                                        														if(_t179 >= 8) {
                                                                                                                                                                                                                                                        															_t46 = _t131 + 1; // 0xbc334e
                                                                                                                                                                                                                                                        															if(_t46 <= _t109 || _t109 + _t179 * 4 <= _t131) {
                                                                                                                                                                                                                                                        																asm("movd xmm0, dword [ebx]");
                                                                                                                                                                                                                                                        																_v32 = _t184;
                                                                                                                                                                                                                                                        																_t192 = _t179 & 0xfffffff8;
                                                                                                                                                                                                                                                        																_t147 = _t109 + _t192 * 4;
                                                                                                                                                                                                                                                        																_t170 = _t179 - _t192;
                                                                                                                                                                                                                                                        																_t117 = _t109 + 0x10;
                                                                                                                                                                                                                                                        																_v28 = _t192;
                                                                                                                                                                                                                                                        																asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        																asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	asm("movdqu [eax-0x10], xmm0");
                                                                                                                                                                                                                                                        																	asm("movdqu [eax], xmm0");
                                                                                                                                                                                                                                                        																	_t117 = _t117 + 0x20;
                                                                                                                                                                                                                                                        																	_t192 = _t192 + 0xfffffff8;
                                                                                                                                                                                                                                                        																} while (_t192 != 0);
                                                                                                                                                                                                                                                        																_t184 = _v32;
                                                                                                                                                                                                                                                        																if(_t179 != _v28) {
                                                                                                                                                                                                                                                        																	goto L26;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																goto L25;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L25:
                                                                                                                                                                                                                                                        															_t170 = _t179;
                                                                                                                                                                                                                                                        															_t147 = _t109;
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																L26:
                                                                                                                                                                                                                                                        																_t109 =  *_t131;
                                                                                                                                                                                                                                                        																 *_t147 = _t109;
                                                                                                                                                                                                                                                        																_t147 = _t147 + 4;
                                                                                                                                                                                                                                                        																_t170 = _t170 - 1;
                                                                                                                                                                                                                                                        															} while (_t170 != 0);
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											 *(_t184 + 4) = _t147;
                                                                                                                                                                                                                                                        											return _t109;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L54();
                                                                                                                                                                                                                                                        										goto L18;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t93 = _v20 + _v20 + 0x25;
                                                                                                                                                                                                                                                        								goto L13;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						memcpy(_v24, _t181, _v28 + _v28 + 2);
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						 *_t182 = _v24;
                                                                                                                                                                                                                                                        						return _t182;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






























































                                                                                                                                                                                                                                                        0x00bc3200
                                                                                                                                                                                                                                                        0x00bc3206
                                                                                                                                                                                                                                                        0x00bc3209
                                                                                                                                                                                                                                                        0x00bc320c
                                                                                                                                                                                                                                                        0x00bc3214
                                                                                                                                                                                                                                                        0x00bc321d
                                                                                                                                                                                                                                                        0x00bc32a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3223
                                                                                                                                                                                                                                                        0x00bc3228
                                                                                                                                                                                                                                                        0x00bc322a
                                                                                                                                                                                                                                                        0x00bc322d
                                                                                                                                                                                                                                                        0x00bc3230
                                                                                                                                                                                                                                                        0x00bc3235
                                                                                                                                                                                                                                                        0x00bc323d
                                                                                                                                                                                                                                                        0x00bc323f
                                                                                                                                                                                                                                                        0x00bc3247
                                                                                                                                                                                                                                                        0x00bc324e
                                                                                                                                                                                                                                                        0x00bc3250
                                                                                                                                                                                                                                                        0x00bc3252
                                                                                                                                                                                                                                                        0x00bc3256
                                                                                                                                                                                                                                                        0x00bc3258
                                                                                                                                                                                                                                                        0x00bc3258
                                                                                                                                                                                                                                                        0x00bc325d
                                                                                                                                                                                                                                                        0x00bc325f
                                                                                                                                                                                                                                                        0x00bc325f
                                                                                                                                                                                                                                                        0x00bc325d
                                                                                                                                                                                                                                                        0x00bc3261
                                                                                                                                                                                                                                                        0x00bc3264
                                                                                                                                                                                                                                                        0x00bc3267
                                                                                                                                                                                                                                                        0x00bc326a
                                                                                                                                                                                                                                                        0x00bc326f
                                                                                                                                                                                                                                                        0x00bc3272
                                                                                                                                                                                                                                                        0x00bc3275
                                                                                                                                                                                                                                                        0x00bc3278
                                                                                                                                                                                                                                                        0x00bc327e
                                                                                                                                                                                                                                                        0x00bc32aa
                                                                                                                                                                                                                                                        0x00bc32ad
                                                                                                                                                                                                                                                        0x00bc32b8
                                                                                                                                                                                                                                                        0x00bc32bd
                                                                                                                                                                                                                                                        0x00bc32c0
                                                                                                                                                                                                                                                        0x00bc32c0
                                                                                                                                                                                                                                                        0x00bc32c9
                                                                                                                                                                                                                                                        0x00bc32e2
                                                                                                                                                                                                                                                        0x00bc32e2
                                                                                                                                                                                                                                                        0x00bc32e3
                                                                                                                                                                                                                                                        0x00bc32e4
                                                                                                                                                                                                                                                        0x00bc32ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc32cb
                                                                                                                                                                                                                                                        0x00bc32cb
                                                                                                                                                                                                                                                        0x00bc32cd
                                                                                                                                                                                                                                                        0x00bc32d8
                                                                                                                                                                                                                                                        0x00bc32f1
                                                                                                                                                                                                                                                        0x00bc32f7
                                                                                                                                                                                                                                                        0x00bc32f8
                                                                                                                                                                                                                                                        0x00bc32f9
                                                                                                                                                                                                                                                        0x00bc32fa
                                                                                                                                                                                                                                                        0x00bc32fb
                                                                                                                                                                                                                                                        0x00bc32fc
                                                                                                                                                                                                                                                        0x00bc32fd
                                                                                                                                                                                                                                                        0x00bc32fe
                                                                                                                                                                                                                                                        0x00bc32ff
                                                                                                                                                                                                                                                        0x00bc3301
                                                                                                                                                                                                                                                        0x00bc3303
                                                                                                                                                                                                                                                        0x00bc3304
                                                                                                                                                                                                                                                        0x00bc3305
                                                                                                                                                                                                                                                        0x00bc3306
                                                                                                                                                                                                                                                        0x00bc3309
                                                                                                                                                                                                                                                        0x00bc330e
                                                                                                                                                                                                                                                        0x00bc3311
                                                                                                                                                                                                                                                        0x00bc3313
                                                                                                                                                                                                                                                        0x00bc3317
                                                                                                                                                                                                                                                        0x00bc3325
                                                                                                                                                                                                                                                        0x00bc3339
                                                                                                                                                                                                                                                        0x00bc3341
                                                                                                                                                                                                                                                        0x00bc3347
                                                                                                                                                                                                                                                        0x00bc3348
                                                                                                                                                                                                                                                        0x00bc3350
                                                                                                                                                                                                                                                        0x00bc3353
                                                                                                                                                                                                                                                        0x00bc3356
                                                                                                                                                                                                                                                        0x00bc336a
                                                                                                                                                                                                                                                        0x00bc3327
                                                                                                                                                                                                                                                        0x00bc332d
                                                                                                                                                                                                                                                        0x00bc336b
                                                                                                                                                                                                                                                        0x00bc3370
                                                                                                                                                                                                                                                        0x00bc3371
                                                                                                                                                                                                                                                        0x00bc3373
                                                                                                                                                                                                                                                        0x00bc3374
                                                                                                                                                                                                                                                        0x00bc3375
                                                                                                                                                                                                                                                        0x00bc3376
                                                                                                                                                                                                                                                        0x00bc3379
                                                                                                                                                                                                                                                        0x00bc337b
                                                                                                                                                                                                                                                        0x00bc3380
                                                                                                                                                                                                                                                        0x00bc3383
                                                                                                                                                                                                                                                        0x00bc3385
                                                                                                                                                                                                                                                        0x00bc3389
                                                                                                                                                                                                                                                        0x00bc338e
                                                                                                                                                                                                                                                        0x00bc3431
                                                                                                                                                                                                                                                        0x00bc3434
                                                                                                                                                                                                                                                        0x00bc34e2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc343a
                                                                                                                                                                                                                                                        0x00bc343c
                                                                                                                                                                                                                                                        0x00bc3443
                                                                                                                                                                                                                                                        0x00bc3445
                                                                                                                                                                                                                                                        0x00bc3448
                                                                                                                                                                                                                                                        0x00bc344c
                                                                                                                                                                                                                                                        0x00bc3452
                                                                                                                                                                                                                                                        0x00bc3457
                                                                                                                                                                                                                                                        0x00bc345a
                                                                                                                                                                                                                                                        0x00bc347e
                                                                                                                                                                                                                                                        0x00bc347e
                                                                                                                                                                                                                                                        0x00bc3486
                                                                                                                                                                                                                                                        0x00bc348b
                                                                                                                                                                                                                                                        0x00bc348d
                                                                                                                                                                                                                                                        0x00bc348d
                                                                                                                                                                                                                                                        0x00bc348f
                                                                                                                                                                                                                                                        0x00bc3491
                                                                                                                                                                                                                                                        0x00bc3494
                                                                                                                                                                                                                                                        0x00bc3494
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc345c
                                                                                                                                                                                                                                                        0x00bc3462
                                                                                                                                                                                                                                                        0x00bc34de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3464
                                                                                                                                                                                                                                                        0x00bc3464
                                                                                                                                                                                                                                                        0x00bc346a
                                                                                                                                                                                                                                                        0x00bc346f
                                                                                                                                                                                                                                                        0x00bc34e7
                                                                                                                                                                                                                                                        0x00bc34e7
                                                                                                                                                                                                                                                        0x00bc34ed
                                                                                                                                                                                                                                                        0x00bc34ee
                                                                                                                                                                                                                                                        0x00bc34ef
                                                                                                                                                                                                                                                        0x00bc34f0
                                                                                                                                                                                                                                                        0x00bc34f3
                                                                                                                                                                                                                                                        0x00bc34f4
                                                                                                                                                                                                                                                        0x00bc34f5
                                                                                                                                                                                                                                                        0x00bc34fc
                                                                                                                                                                                                                                                        0x00bc34fe
                                                                                                                                                                                                                                                        0x00bc3504
                                                                                                                                                                                                                                                        0x00bc350c
                                                                                                                                                                                                                                                        0x00bc350f
                                                                                                                                                                                                                                                        0x00bc3511
                                                                                                                                                                                                                                                        0x00bc3516
                                                                                                                                                                                                                                                        0x00bc352c
                                                                                                                                                                                                                                                        0x00bc352e
                                                                                                                                                                                                                                                        0x00bc3530
                                                                                                                                                                                                                                                        0x00bc3530
                                                                                                                                                                                                                                                        0x00bc3533
                                                                                                                                                                                                                                                        0x00bc3536
                                                                                                                                                                                                                                                        0x00bc353f
                                                                                                                                                                                                                                                        0x00bc3549
                                                                                                                                                                                                                                                        0x00bc354c
                                                                                                                                                                                                                                                        0x00bc354f
                                                                                                                                                                                                                                                        0x00bc3552
                                                                                                                                                                                                                                                        0x00bc3558
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc355a
                                                                                                                                                                                                                                                        0x00bc3530
                                                                                                                                                                                                                                                        0x00bc3518
                                                                                                                                                                                                                                                        0x00bc352b
                                                                                                                                                                                                                                                        0x00bc3471
                                                                                                                                                                                                                                                        0x00bc3471
                                                                                                                                                                                                                                                        0x00bc3474
                                                                                                                                                                                                                                                        0x00bc3474
                                                                                                                                                                                                                                                        0x00bc3475
                                                                                                                                                                                                                                                        0x00bc3476
                                                                                                                                                                                                                                                        0x00bc347b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc347b
                                                                                                                                                                                                                                                        0x00bc346f
                                                                                                                                                                                                                                                        0x00bc3462
                                                                                                                                                                                                                                                        0x00bc345a
                                                                                                                                                                                                                                                        0x00bc3394
                                                                                                                                                                                                                                                        0x00bc3394
                                                                                                                                                                                                                                                        0x00bc339b
                                                                                                                                                                                                                                                        0x00bc33a0
                                                                                                                                                                                                                                                        0x00bc349c
                                                                                                                                                                                                                                                        0x00bc34a1
                                                                                                                                                                                                                                                        0x00bc34a7
                                                                                                                                                                                                                                                        0x00bc34aa
                                                                                                                                                                                                                                                        0x00bc34ac
                                                                                                                                                                                                                                                        0x00bc34ae
                                                                                                                                                                                                                                                        0x00bc34b1
                                                                                                                                                                                                                                                        0x00bc34b1
                                                                                                                                                                                                                                                        0x00bc34b6
                                                                                                                                                                                                                                                        0x00bc33a6
                                                                                                                                                                                                                                                        0x00bc33a8
                                                                                                                                                                                                                                                        0x00bc34bb
                                                                                                                                                                                                                                                        0x00bc34be
                                                                                                                                                                                                                                                        0x00bc34c0
                                                                                                                                                                                                                                                        0x00bc34c2
                                                                                                                                                                                                                                                        0x00bc34c5
                                                                                                                                                                                                                                                        0x00bc34c9
                                                                                                                                                                                                                                                        0x00bc34cc
                                                                                                                                                                                                                                                        0x00bc34cf
                                                                                                                                                                                                                                                        0x00bc34d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc33ae
                                                                                                                                                                                                                                                        0x00bc33ae
                                                                                                                                                                                                                                                        0x00bc33b0
                                                                                                                                                                                                                                                        0x00bc34d7
                                                                                                                                                                                                                                                        0x00bc34d7
                                                                                                                                                                                                                                                        0x00bc33b6
                                                                                                                                                                                                                                                        0x00bc33b6
                                                                                                                                                                                                                                                        0x00bc33b9
                                                                                                                                                                                                                                                        0x00bc33d5
                                                                                                                                                                                                                                                        0x00bc33da
                                                                                                                                                                                                                                                        0x00bc33e3
                                                                                                                                                                                                                                                        0x00bc33e7
                                                                                                                                                                                                                                                        0x00bc33ee
                                                                                                                                                                                                                                                        0x00bc33f1
                                                                                                                                                                                                                                                        0x00bc33f4
                                                                                                                                                                                                                                                        0x00bc33f6
                                                                                                                                                                                                                                                        0x00bc33f9
                                                                                                                                                                                                                                                        0x00bc33fc
                                                                                                                                                                                                                                                        0x00bc3401
                                                                                                                                                                                                                                                        0x00bc3410
                                                                                                                                                                                                                                                        0x00bc3410
                                                                                                                                                                                                                                                        0x00bc3415
                                                                                                                                                                                                                                                        0x00bc3419
                                                                                                                                                                                                                                                        0x00bc341c
                                                                                                                                                                                                                                                        0x00bc341c
                                                                                                                                                                                                                                                        0x00bc3424
                                                                                                                                                                                                                                                        0x00bc3427
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3429
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc33bb
                                                                                                                                                                                                                                                        0x00bc33bb
                                                                                                                                                                                                                                                        0x00bc33bb
                                                                                                                                                                                                                                                        0x00bc33bd
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33c2
                                                                                                                                                                                                                                                        0x00bc33c4
                                                                                                                                                                                                                                                        0x00bc33c7
                                                                                                                                                                                                                                                        0x00bc33c7
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33b9
                                                                                                                                                                                                                                                        0x00bc33b0
                                                                                                                                                                                                                                                        0x00bc33a8
                                                                                                                                                                                                                                                        0x00bc33ca
                                                                                                                                                                                                                                                        0x00bc33ca
                                                                                                                                                                                                                                                        0x00bc33d4
                                                                                                                                                                                                                                                        0x00bc33d4
                                                                                                                                                                                                                                                        0x00bc332f
                                                                                                                                                                                                                                                        0x00bc3334
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3334
                                                                                                                                                                                                                                                        0x00bc332d
                                                                                                                                                                                                                                                        0x00bc32da
                                                                                                                                                                                                                                                        0x00bc32df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc32df
                                                                                                                                                                                                                                                        0x00bc32d8
                                                                                                                                                                                                                                                        0x00bc3280
                                                                                                                                                                                                                                                        0x00bc328c
                                                                                                                                                                                                                                                        0x00bc3294
                                                                                                                                                                                                                                                        0x00bc3297
                                                                                                                                                                                                                                                        0x00bc32a2
                                                                                                                                                                                                                                                        0x00bc32a2
                                                                                                                                                                                                                                                        0x00bc327e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(7FFFFFFF,?,?,7FFFFFFF,?,?,?,?,?,?,?,?,?), ref: 00BC328C
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC32B8
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,80000000,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC32E4
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC32F1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: c6281c4f4faf131676edb24b99719bfa426bc3ebdbbecb22173705da4602eb0f
                                                                                                                                                                                                                                                        • Instruction ID: 6b292dd462235877e6a41e6c25e78833c325d8166242c6381512768906a89990
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c6281c4f4faf131676edb24b99719bfa426bc3ebdbbecb22173705da4602eb0f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B0319171A001169FCF14DFA8CC859AFB7F9FF89720B644669E425EB391D730AA4187A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BEA340(char _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				short _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				int _t23;
                                                                                                                                                                                                                                                        				signed char _t24;
                                                                                                                                                                                                                                                        				long _t27;
                                                                                                                                                                                                                                                        				int _t32;
                                                                                                                                                                                                                                                        				int _t34;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				signed char _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				int _t49;
                                                                                                                                                                                                                                                        				wchar_t* _t50;
                                                                                                                                                                                                                                                        				char* _t51;
                                                                                                                                                                                                                                                        				intOrPtr* _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t52 =  &_a4;
                                                                                                                                                                                                                                                        				_t37 = 0xffffffb8;
                                                                                                                                                                                                                                                        				_v20 = _t21 ^ _t53;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t50 =  *(_t37 + L"\\\\.\\");
                                                                                                                                                                                                                                                        					_t23 = wcslen(_t50);
                                                                                                                                                                                                                                                        					_t55 = _t54 + 4;
                                                                                                                                                                                                                                                        					_t41 =  *((intOrPtr*)(_t52 + 0x10));
                                                                                                                                                                                                                                                        					_t49 = _t52;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t52 + 0x14)) >= 8) {
                                                                                                                                                                                                                                                        						_t49 =  *_t52;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t24 = E00BC7470(_t49, _t41, 0, _t50, _t23);
                                                                                                                                                                                                                                                        					_t54 = _t55 + 0x14;
                                                                                                                                                                                                                                                        					if(_t24 == 0) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t37 = _t37 + 8;
                                                                                                                                                                                                                                                        					if(_t37 != 0) {
                                                                                                                                                                                                                                                        						continue;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t39 = 0;
                                                                                                                                                                                                                                                        					L9:
                                                                                                                                                                                                                                                        					E00BBDF30(_t24, _t52, _t49);
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t53, _t49);
                                                                                                                                                                                                                                                        					return _t39 & _t24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__eflags = RegCreateKeyExW( *(_t37 + 0xbf1de8), 0xbf54a2, 0, 0, 0, 0x2000000, 0,  &_v48,  &_v52);
                                                                                                                                                                                                                                                        				if(__eflags == 0) {
                                                                                                                                                                                                                                                        					_t27 = E00BEA450(_t49, __eflags, _v48,  *((intOrPtr*)(_t52 + 0x18)));
                                                                                                                                                                                                                                                        					RegCloseKey(_v48);
                                                                                                                                                                                                                                                        					__eflags = _t27;
                                                                                                                                                                                                                                                        					if(_t27 == 0) {
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t32 = wcslen(_t50);
                                                                                                                                                                                                                                                        					_t51 =  &_v44;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					E00BC30B0(_t51, _t52, _t32, 0xffffffff);
                                                                                                                                                                                                                                                        					_t47 =  *((intOrPtr*)(_t52 + 0x18));
                                                                                                                                                                                                                                                        					_t34 = _v28;
                                                                                                                                                                                                                                                        					__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        					_t49 = _t51;
                                                                                                                                                                                                                                                        					if(_v24 > 7) {
                                                                                                                                                                                                                                                        						_t49 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BBDF30(E00BB73B0(_t47, _t49, _t34), _t51, _t49);
                                                                                                                                                                                                                                                        					_t24 = 1;
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					_t39 = 1;
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L7:
                                                                                                                                                                                                                                                        				_t24 = 0;
                                                                                                                                                                                                                                                        				__eflags = 0;
                                                                                                                                                                                                                                                        				goto L8;
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bea349
                                                                                                                                                                                                                                                        0x00bea34e
                                                                                                                                                                                                                                                        0x00bea351
                                                                                                                                                                                                                                                        0x00bea358
                                                                                                                                                                                                                                                        0x00bea360
                                                                                                                                                                                                                                                        0x00bea360
                                                                                                                                                                                                                                                        0x00bea367
                                                                                                                                                                                                                                                        0x00bea36c
                                                                                                                                                                                                                                                        0x00bea36f
                                                                                                                                                                                                                                                        0x00bea376
                                                                                                                                                                                                                                                        0x00bea378
                                                                                                                                                                                                                                                        0x00bea37a
                                                                                                                                                                                                                                                        0x00bea37a
                                                                                                                                                                                                                                                        0x00bea382
                                                                                                                                                                                                                                                        0x00bea387
                                                                                                                                                                                                                                                        0x00bea38c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea38e
                                                                                                                                                                                                                                                        0x00bea391
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea393
                                                                                                                                                                                                                                                        0x00bea3c5
                                                                                                                                                                                                                                                        0x00bea3c9
                                                                                                                                                                                                                                                        0x00bea3d3
                                                                                                                                                                                                                                                        0x00bea3e1
                                                                                                                                                                                                                                                        0x00bea3e1
                                                                                                                                                                                                                                                        0x00bea3bd
                                                                                                                                                                                                                                                        0x00bea3bf
                                                                                                                                                                                                                                                        0x00bea3e8
                                                                                                                                                                                                                                                        0x00bea3f5
                                                                                                                                                                                                                                                        0x00bea3fb
                                                                                                                                                                                                                                                        0x00bea3fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea400
                                                                                                                                                                                                                                                        0x00bea408
                                                                                                                                                                                                                                                        0x00bea40b
                                                                                                                                                                                                                                                        0x00bea412
                                                                                                                                                                                                                                                        0x00bea419
                                                                                                                                                                                                                                                        0x00bea425
                                                                                                                                                                                                                                                        0x00bea42a
                                                                                                                                                                                                                                                        0x00bea42d
                                                                                                                                                                                                                                                        0x00bea430
                                                                                                                                                                                                                                                        0x00bea434
                                                                                                                                                                                                                                                        0x00bea436
                                                                                                                                                                                                                                                        0x00bea438
                                                                                                                                                                                                                                                        0x00bea438
                                                                                                                                                                                                                                                        0x00bea444
                                                                                                                                                                                                                                                        0x00bea449
                                                                                                                                                                                                                                                        0x00bea3c3
                                                                                                                                                                                                                                                        0x00bea3c3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea3c3
                                                                                                                                                                                                                                                        0x00bea3c1
                                                                                                                                                                                                                                                        0x00bea3c1
                                                                                                                                                                                                                                                        0x00bea3c1
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BEA367
                                                                                                                                                                                                                                                        • RegCreateKeyExW.ADVAPI32(?,00BF54A2,00000000,00000000,00000000,02000000,00000000,?,?), ref: 00BEA3B7
                                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?), ref: 00BEA3F5
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BEA400
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcslen$CloseCreate
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3159950608-0
                                                                                                                                                                                                                                                        • Opcode ID: b691f5bac26268f87cfe713e42a4499e6de1a0566a0e40eb66741df19f096117
                                                                                                                                                                                                                                                        • Instruction ID: 6972abd2684828978b7d13c39768a16cabf9295907e72fddda4dbf0bd3b790e3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b691f5bac26268f87cfe713e42a4499e6de1a0566a0e40eb66741df19f096117
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9731ED71A00204ABDB209F61DC82FBF77F9EF84714F140468F9016B281EB71B909D7A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 62%
                                                                                                                                                                                                                                                        			E00BC5FF0(void* __ecx, void* _a4, char _a12) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				signed short _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				void _v32;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				void _t45;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				int _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				void _t55;
                                                                                                                                                                                                                                                        				int _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        				unsigned int _t63;
                                                                                                                                                                                                                                                        				void* _t66;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				void* _t72;
                                                                                                                                                                                                                                                        				void* _t74;
                                                                                                                                                                                                                                                        				intOrPtr* _t75;
                                                                                                                                                                                                                                                        				signed short _t78;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				int _t87;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				void _t92;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t90 = __ecx;
                                                                                                                                                                                                                                                        				_t59 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t83 = _a4;
                                                                                                                                                                                                                                                        				_t51 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t59 < _t83) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t86 = _t83 + _t59;
                                                                                                                                                                                                                                                        					_v28 = _t59;
                                                                                                                                                                                                                                                        					_t63 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_t41 = _t86 | 0x0000000f;
                                                                                                                                                                                                                                                        					_v20 = _t63;
                                                                                                                                                                                                                                                        					if(_t41 >= 0) {
                                                                                                                                                                                                                                                        						_t72 = (_t63 >> 1) + _v20;
                                                                                                                                                                                                                                                        						_t73 =  >=  ? _t41 : _t72;
                                                                                                                                                                                                                                                        						_t51 =  <=  ?  >=  ? _t41 : _t72 : 0x7fffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t8 = _t51 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t43 = E00BBD730(_t8);
                                                                                                                                                                                                                                                        					 *(_t90 + 0x10) = _t86;
                                                                                                                                                                                                                                                        					 *(_t90 + 0x14) = _t51;
                                                                                                                                                                                                                                                        					if(_v20 < 0x10) {
                                                                                                                                                                                                                                                        						_t87 = _v28;
                                                                                                                                                                                                                                                        						_t55 = _t43;
                                                                                                                                                                                                                                                        						memcpy(_t43, _t90, _t87);
                                                                                                                                                                                                                                                        						_t45 = _t55;
                                                                                                                                                                                                                                                        						 *((char*)(_t55 + _t87)) = _a12;
                                                                                                                                                                                                                                                        						 *((char*)(_t55 + _t87 + 1)) = 0;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t66 =  *_t90;
                                                                                                                                                                                                                                                        						_t51 = _v28;
                                                                                                                                                                                                                                                        						_v24 = _t66;
                                                                                                                                                                                                                                                        						_t83 = _t43;
                                                                                                                                                                                                                                                        						memcpy(_t43, _t66, _t51);
                                                                                                                                                                                                                                                        						_t78 = _v20;
                                                                                                                                                                                                                                                        						_t16 = _t78 + 1; // 0x11
                                                                                                                                                                                                                                                        						_t67 = _t16;
                                                                                                                                                                                                                                                        						_v32 = _t83;
                                                                                                                                                                                                                                                        						 *((char*)(_t83 + _t51)) = _a12;
                                                                                                                                                                                                                                                        						 *((char*)(_t83 + _t51 + 1)) = 0;
                                                                                                                                                                                                                                                        						if(_t67 < 0x1000) {
                                                                                                                                                                                                                                                        							_t49 = _v24;
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t68 = _v24;
                                                                                                                                                                                                                                                        							_t49 =  *((intOrPtr*)(_t68 - 4));
                                                                                                                                                                                                                                                        							if(_t68 + 0xfffffffc - _t49 >= 0x20) {
                                                                                                                                                                                                                                                        								L12:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t51);
                                                                                                                                                                                                                                                        								_push(_t83);
                                                                                                                                                                                                                                                        								_push(_t90);
                                                                                                                                                                                                                                                        								_t74 = _v24;
                                                                                                                                                                                                                                                        								_t52 = _v16;
                                                                                                                                                                                                                                                        								_t39 = 0xffffffff;
                                                                                                                                                                                                                                                        								_t60 =  *((intOrPtr*)(_t74 + 4));
                                                                                                                                                                                                                                                        								if(_t60 > _t52) {
                                                                                                                                                                                                                                                        									_t92 =  *_t74;
                                                                                                                                                                                                                                                        									_t85 = _v20 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t75 = _t92 + _t52 * 2;
                                                                                                                                                                                                                                                        									_t62 = _t60 + _t60 - _t52 + _t52;
                                                                                                                                                                                                                                                        									asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        									while( *_t75 != _t85) {
                                                                                                                                                                                                                                                        										_t75 = _t75 + 2;
                                                                                                                                                                                                                                                        										_t62 = _t62 + 0xfffffffe;
                                                                                                                                                                                                                                                        										if(_t62 != 0) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L19;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t39 = _t75 - _t92 >> 1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L19:
                                                                                                                                                                                                                                                        								return _t39;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t67 = _t78 + 0x24;
                                                                                                                                                                                                                                                        								L9:
                                                                                                                                                                                                                                                        								_push(_t67);
                                                                                                                                                                                                                                                        								_push(_t49);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t45 = _v32;
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								 *_t90 = _t45;
                                                                                                                                                                                                                                                        								return _t90;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

































                                                                                                                                                                                                                                                        0x00bc5ff9
                                                                                                                                                                                                                                                        0x00bc5ffb
                                                                                                                                                                                                                                                        0x00bc5ffe
                                                                                                                                                                                                                                                        0x00bc6006
                                                                                                                                                                                                                                                        0x00bc600f
                                                                                                                                                                                                                                                        0x00bc60e0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6015
                                                                                                                                                                                                                                                        0x00bc6015
                                                                                                                                                                                                                                                        0x00bc6017
                                                                                                                                                                                                                                                        0x00bc601a
                                                                                                                                                                                                                                                        0x00bc601f
                                                                                                                                                                                                                                                        0x00bc6022
                                                                                                                                                                                                                                                        0x00bc6025
                                                                                                                                                                                                                                                        0x00bc6030
                                                                                                                                                                                                                                                        0x00bc603b
                                                                                                                                                                                                                                                        0x00bc6041
                                                                                                                                                                                                                                                        0x00bc6041
                                                                                                                                                                                                                                                        0x00bc6044
                                                                                                                                                                                                                                                        0x00bc604a
                                                                                                                                                                                                                                                        0x00bc6053
                                                                                                                                                                                                                                                        0x00bc6056
                                                                                                                                                                                                                                                        0x00bc6059
                                                                                                                                                                                                                                                        0x00bc60a3
                                                                                                                                                                                                                                                        0x00bc60a9
                                                                                                                                                                                                                                                        0x00bc60ab
                                                                                                                                                                                                                                                        0x00bc60b0
                                                                                                                                                                                                                                                        0x00bc60b8
                                                                                                                                                                                                                                                        0x00bc60bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc605b
                                                                                                                                                                                                                                                        0x00bc605b
                                                                                                                                                                                                                                                        0x00bc605d
                                                                                                                                                                                                                                                        0x00bc6061
                                                                                                                                                                                                                                                        0x00bc6066
                                                                                                                                                                                                                                                        0x00bc6068
                                                                                                                                                                                                                                                        0x00bc606d
                                                                                                                                                                                                                                                        0x00bc6076
                                                                                                                                                                                                                                                        0x00bc6076
                                                                                                                                                                                                                                                        0x00bc6079
                                                                                                                                                                                                                                                        0x00bc6082
                                                                                                                                                                                                                                                        0x00bc6085
                                                                                                                                                                                                                                                        0x00bc608a
                                                                                                                                                                                                                                                        0x00bc60c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc608c
                                                                                                                                                                                                                                                        0x00bc608c
                                                                                                                                                                                                                                                        0x00bc608f
                                                                                                                                                                                                                                                        0x00bc609a
                                                                                                                                                                                                                                                        0x00bc60e5
                                                                                                                                                                                                                                                        0x00bc60e5
                                                                                                                                                                                                                                                        0x00bc60eb
                                                                                                                                                                                                                                                        0x00bc60ec
                                                                                                                                                                                                                                                        0x00bc60ed
                                                                                                                                                                                                                                                        0x00bc60ee
                                                                                                                                                                                                                                                        0x00bc60ef
                                                                                                                                                                                                                                                        0x00bc60f0
                                                                                                                                                                                                                                                        0x00bc60f1
                                                                                                                                                                                                                                                        0x00bc60f2
                                                                                                                                                                                                                                                        0x00bc60f3
                                                                                                                                                                                                                                                        0x00bc60f7
                                                                                                                                                                                                                                                        0x00bc60fb
                                                                                                                                                                                                                                                        0x00bc6100
                                                                                                                                                                                                                                                        0x00bc6105
                                                                                                                                                                                                                                                        0x00bc6107
                                                                                                                                                                                                                                                        0x00bc6109
                                                                                                                                                                                                                                                        0x00bc6110
                                                                                                                                                                                                                                                        0x00bc6115
                                                                                                                                                                                                                                                        0x00bc6117
                                                                                                                                                                                                                                                        0x00bc6120
                                                                                                                                                                                                                                                        0x00bc6125
                                                                                                                                                                                                                                                        0x00bc6128
                                                                                                                                                                                                                                                        0x00bc612b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc612d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc612b
                                                                                                                                                                                                                                                        0x00bc6133
                                                                                                                                                                                                                                                        0x00bc6133
                                                                                                                                                                                                                                                        0x00bc6135
                                                                                                                                                                                                                                                        0x00bc6138
                                                                                                                                                                                                                                                        0x00bc609c
                                                                                                                                                                                                                                                        0x00bc609f
                                                                                                                                                                                                                                                        0x00bc60c5
                                                                                                                                                                                                                                                        0x00bc60c5
                                                                                                                                                                                                                                                        0x00bc60c6
                                                                                                                                                                                                                                                        0x00bc60c7
                                                                                                                                                                                                                                                        0x00bc60cf
                                                                                                                                                                                                                                                        0x00bc60d2
                                                                                                                                                                                                                                                        0x00bc60d2
                                                                                                                                                                                                                                                        0x00bc60dd
                                                                                                                                                                                                                                                        0x00bc60dd
                                                                                                                                                                                                                                                        0x00bc609a
                                                                                                                                                                                                                                                        0x00bc608a
                                                                                                                                                                                                                                                        0x00bc6059

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,80000000), ref: 00BC6068
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,80000000), ref: 00BC60AB
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(80000000,00000011,?,?,80000000), ref: 00BC60C7
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,00BC800E,?,00BC5FE0,?,?,?,00BC800E,?), ref: 00BC60E5
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: 0cb4b16c2f0ae727289f8e5efeeee6c0732fc371fba0d4dd8afbe5684ebf51a9
                                                                                                                                                                                                                                                        • Instruction ID: f175da3d5a64dd6dd349ccd7bf04b0b717926d3de9d2d5346809e465a28f5fd6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0cb4b16c2f0ae727289f8e5efeeee6c0732fc371fba0d4dd8afbe5684ebf51a9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A4313771A042459FCB14DF68C8C49BFBBF5FF48310B244B6DE46597381DA719900C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BC6B70(void* __ecx, signed int _a4, void* _a8, signed int _a12) {
                                                                                                                                                                                                                                                        				signed int _v0;
                                                                                                                                                                                                                                                        				signed int _v4;
                                                                                                                                                                                                                                                        				int _v8;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v72;
                                                                                                                                                                                                                                                        				void* _v80;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed int _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				char _v96;
                                                                                                                                                                                                                                                        				signed int _v120;
                                                                                                                                                                                                                                                        				void* _v136;
                                                                                                                                                                                                                                                        				signed int _v144;
                                                                                                                                                                                                                                                        				signed int _v148;
                                                                                                                                                                                                                                                        				intOrPtr _v152;
                                                                                                                                                                                                                                                        				signed int _v156;
                                                                                                                                                                                                                                                        				char _v160;
                                                                                                                                                                                                                                                        				signed int _v164;
                                                                                                                                                                                                                                                        				int _v168;
                                                                                                                                                                                                                                                        				signed int _v192;
                                                                                                                                                                                                                                                        				int _v200;
                                                                                                                                                                                                                                                        				int _v204;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				signed int _t251;
                                                                                                                                                                                                                                                        				signed int _t252;
                                                                                                                                                                                                                                                        				signed int _t254;
                                                                                                                                                                                                                                                        				signed int _t259;
                                                                                                                                                                                                                                                        				signed int _t261;
                                                                                                                                                                                                                                                        				int _t266;
                                                                                                                                                                                                                                                        				signed int _t272;
                                                                                                                                                                                                                                                        				void* _t274;
                                                                                                                                                                                                                                                        				signed int _t278;
                                                                                                                                                                                                                                                        				signed int _t285;
                                                                                                                                                                                                                                                        				void* _t288;
                                                                                                                                                                                                                                                        				signed int _t295;
                                                                                                                                                                                                                                                        				signed int _t300;
                                                                                                                                                                                                                                                        				void _t305;
                                                                                                                                                                                                                                                        				signed int _t306;
                                                                                                                                                                                                                                                        				signed int _t308;
                                                                                                                                                                                                                                                        				void* _t310;
                                                                                                                                                                                                                                                        				signed int _t332;
                                                                                                                                                                                                                                                        				void* _t346;
                                                                                                                                                                                                                                                        				signed int _t347;
                                                                                                                                                                                                                                                        				void* _t351;
                                                                                                                                                                                                                                                        				void _t353;
                                                                                                                                                                                                                                                        				void _t359;
                                                                                                                                                                                                                                                        				signed int _t362;
                                                                                                                                                                                                                                                        				void* _t364;
                                                                                                                                                                                                                                                        				void* _t368;
                                                                                                                                                                                                                                                        				signed int _t370;
                                                                                                                                                                                                                                                        				signed int _t372;
                                                                                                                                                                                                                                                        				intOrPtr _t373;
                                                                                                                                                                                                                                                        				intOrPtr _t374;
                                                                                                                                                                                                                                                        				intOrPtr _t375;
                                                                                                                                                                                                                                                        				void _t376;
                                                                                                                                                                                                                                                        				void* _t378;
                                                                                                                                                                                                                                                        				void* _t380;
                                                                                                                                                                                                                                                        				int _t383;
                                                                                                                                                                                                                                                        				intOrPtr _t384;
                                                                                                                                                                                                                                                        				void* _t385;
                                                                                                                                                                                                                                                        				void* _t387;
                                                                                                                                                                                                                                                        				void* _t392;
                                                                                                                                                                                                                                                        				void* _t394;
                                                                                                                                                                                                                                                        				unsigned int _t396;
                                                                                                                                                                                                                                                        				void* _t397;
                                                                                                                                                                                                                                                        				void* _t400;
                                                                                                                                                                                                                                                        				void* _t402;
                                                                                                                                                                                                                                                        				signed int _t405;
                                                                                                                                                                                                                                                        				void* _t406;
                                                                                                                                                                                                                                                        				void* _t409;
                                                                                                                                                                                                                                                        				signed int _t410;
                                                                                                                                                                                                                                                        				intOrPtr _t412;
                                                                                                                                                                                                                                                        				int _t423;
                                                                                                                                                                                                                                                        				signed int _t428;
                                                                                                                                                                                                                                                        				void* _t429;
                                                                                                                                                                                                                                                        				void* _t432;
                                                                                                                                                                                                                                                        				void* _t434;
                                                                                                                                                                                                                                                        				void* _t445;
                                                                                                                                                                                                                                                        				signed int _t446;
                                                                                                                                                                                                                                                        				signed int _t457;
                                                                                                                                                                                                                                                        				void* _t466;
                                                                                                                                                                                                                                                        				void* _t478;
                                                                                                                                                                                                                                                        				void* _t481;
                                                                                                                                                                                                                                                        				intOrPtr _t483;
                                                                                                                                                                                                                                                        				signed int _t484;
                                                                                                                                                                                                                                                        				signed int _t485;
                                                                                                                                                                                                                                                        				signed int _t487;
                                                                                                                                                                                                                                                        				int _t490;
                                                                                                                                                                                                                                                        				signed int _t493;
                                                                                                                                                                                                                                                        				void* _t494;
                                                                                                                                                                                                                                                        				unsigned int _t497;
                                                                                                                                                                                                                                                        				void _t500;
                                                                                                                                                                                                                                                        				void* _t503;
                                                                                                                                                                                                                                                        				signed int _t507;
                                                                                                                                                                                                                                                        				void* _t514;
                                                                                                                                                                                                                                                        				unsigned int _t515;
                                                                                                                                                                                                                                                        				void _t518;
                                                                                                                                                                                                                                                        				void* _t519;
                                                                                                                                                                                                                                                        				int _t521;
                                                                                                                                                                                                                                                        				unsigned int _t526;
                                                                                                                                                                                                                                                        				void* _t527;
                                                                                                                                                                                                                                                        				void* _t530;
                                                                                                                                                                                                                                                        				intOrPtr _t531;
                                                                                                                                                                                                                                                        				void* _t533;
                                                                                                                                                                                                                                                        				intOrPtr _t534;
                                                                                                                                                                                                                                                        				unsigned int _t536;
                                                                                                                                                                                                                                                        				int _t537;
                                                                                                                                                                                                                                                        				int _t543;
                                                                                                                                                                                                                                                        				int _t544;
                                                                                                                                                                                                                                                        				signed int _t547;
                                                                                                                                                                                                                                                        				signed int _t549;
                                                                                                                                                                                                                                                        				unsigned int _t550;
                                                                                                                                                                                                                                                        				void* _t551;
                                                                                                                                                                                                                                                        				void _t552;
                                                                                                                                                                                                                                                        				void* _t554;
                                                                                                                                                                                                                                                        				void* _t555;
                                                                                                                                                                                                                                                        				signed int _t556;
                                                                                                                                                                                                                                                        				signed int _t557;
                                                                                                                                                                                                                                                        				void* _t562;
                                                                                                                                                                                                                                                        				signed int _t563;
                                                                                                                                                                                                                                                        				intOrPtr _t567;
                                                                                                                                                                                                                                                        				void* _t568;
                                                                                                                                                                                                                                                        				void* _t570;
                                                                                                                                                                                                                                                        				void* _t571;
                                                                                                                                                                                                                                                        				signed int _t573;
                                                                                                                                                                                                                                                        				void* _t576;
                                                                                                                                                                                                                                                        				void _t578;
                                                                                                                                                                                                                                                        				void* _t581;
                                                                                                                                                                                                                                                        				signed int _t582;
                                                                                                                                                                                                                                                        				signed int _t583;
                                                                                                                                                                                                                                                        				void _t587;
                                                                                                                                                                                                                                                        				void* _t588;
                                                                                                                                                                                                                                                        				unsigned int _t590;
                                                                                                                                                                                                                                                        				void* _t591;
                                                                                                                                                                                                                                                        				void* _t592;
                                                                                                                                                                                                                                                        				void* _t594;
                                                                                                                                                                                                                                                        				int _t595;
                                                                                                                                                                                                                                                        				signed int _t596;
                                                                                                                                                                                                                                                        				signed int _t597;
                                                                                                                                                                                                                                                        				signed int _t599;
                                                                                                                                                                                                                                                        				void* _t603;
                                                                                                                                                                                                                                                        				void* _t605;
                                                                                                                                                                                                                                                        				void* _t609;
                                                                                                                                                                                                                                                        				signed int _t610;
                                                                                                                                                                                                                                                        				void* _t611;
                                                                                                                                                                                                                                                        				signed int _t612;
                                                                                                                                                                                                                                                        				void* _t613;
                                                                                                                                                                                                                                                        				signed int _t614;
                                                                                                                                                                                                                                                        				void* _t615;
                                                                                                                                                                                                                                                        				void* _t616;
                                                                                                                                                                                                                                                        				signed int _t617;
                                                                                                                                                                                                                                                        				void* _t619;
                                                                                                                                                                                                                                                        				signed int _t620;
                                                                                                                                                                                                                                                        				void* _t621;
                                                                                                                                                                                                                                                        				signed int _t622;
                                                                                                                                                                                                                                                        				void* _t623;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t408 = __ecx;
                                                                                                                                                                                                                                                        				_push(_t526);
                                                                                                                                                                                                                                                        				_t616 = _t615 - 8;
                                                                                                                                                                                                                                                        				_t483 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t370 = _a4;
                                                                                                                                                                                                                                                        				_t567 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t483 < _t370) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t526 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_t405 = _t370 + _t483;
                                                                                                                                                                                                                                                        					_v24 = _t483;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					_t362 = _t405 | 0x0000000f;
                                                                                                                                                                                                                                                        					if(_t362 >= 0) {
                                                                                                                                                                                                                                                        						_t481 = (_t526 >> 1) + _t526;
                                                                                                                                                                                                                                                        						_t482 =  >=  ? _t362 : _t481;
                                                                                                                                                                                                                                                        						_t567 =  <=  ?  >=  ? _t362 : _t481 : 0x7fffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t7 = _t567 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t364 = E00BBD730(_t7);
                                                                                                                                                                                                                                                        					_t478 = _v20;
                                                                                                                                                                                                                                                        					 *(_t478 + 0x10) = _t405;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t478 + 0x14)) = _t567;
                                                                                                                                                                                                                                                        					if(_t526 < 0x10) {
                                                                                                                                                                                                                                                        						_t521 = _v24 + 1;
                                                                                                                                                                                                                                                        						__eflags = _t521;
                                                                                                                                                                                                                                                        						_t603 = _t478;
                                                                                                                                                                                                                                                        						_t406 = _t364;
                                                                                                                                                                                                                                                        						memcpy(_t364, _t478, _t521);
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t605 =  *_t478;
                                                                                                                                                                                                                                                        						_t406 = _t364;
                                                                                                                                                                                                                                                        						memcpy(_t364, _t605, _v24 + 1);
                                                                                                                                                                                                                                                        						_t616 = _t616 + 0xc;
                                                                                                                                                                                                                                                        						_t408 = _t526 + 1;
                                                                                                                                                                                                                                                        						if(_t408 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t408);
                                                                                                                                                                                                                                                        							_push(_t605);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t603 = _v20;
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t603 = _t406;
                                                                                                                                                                                                                                                        							return _t603;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t368 =  *(_t605 - 4);
                                                                                                                                                                                                                                                        							_t567 = _t605 + 0xfffffffc - _t368;
                                                                                                                                                                                                                                                        							if(_t567 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t609 = _t616;
                                                                                                                                                                                                                                                        								_push(_t526);
                                                                                                                                                                                                                                                        								_push(_t567);
                                                                                                                                                                                                                                                        								_t527 =  *_t408;
                                                                                                                                                                                                                                                        								_t568 = _t408;
                                                                                                                                                                                                                                                        								memcpy(_t408, _t527,  *((intOrPtr*)(_t408 + 0x10)) + 1);
                                                                                                                                                                                                                                                        								_t617 = _t616 + 0xc;
                                                                                                                                                                                                                                                        								_t251 =  *(_t568 + 0x14);
                                                                                                                                                                                                                                                        								_t18 = _t251 + 1; // 0x11
                                                                                                                                                                                                                                                        								_t484 = _t18;
                                                                                                                                                                                                                                                        								__eflags = _t484 - 0x1000;
                                                                                                                                                                                                                                                        								if(_t484 < 0x1000) {
                                                                                                                                                                                                                                                        									L15:
                                                                                                                                                                                                                                                        									_push(_t484);
                                                                                                                                                                                                                                                        									_push(_t527);
                                                                                                                                                                                                                                                        									L00BEF6C6();
                                                                                                                                                                                                                                                        									 *(_t568 + 0x14) = 0xf;
                                                                                                                                                                                                                                                        									return _t251;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t409 =  *(_t527 - 4);
                                                                                                                                                                                                                                                        									_t530 = _t527 + 0xfffffffc - _t409;
                                                                                                                                                                                                                                                        									__eflags = _t530 - 0x20;
                                                                                                                                                                                                                                                        									if(_t530 >= 0x20) {
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(_t609);
                                                                                                                                                                                                                                                        										_t610 = _t617;
                                                                                                                                                                                                                                                        										_push(_t370);
                                                                                                                                                                                                                                                        										_push(_t530);
                                                                                                                                                                                                                                                        										_push(_t568);
                                                                                                                                                                                                                                                        										_t619 = _t617 - 0x1c;
                                                                                                                                                                                                                                                        										_t252 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        										_v52 = _t252 ^ _t610;
                                                                                                                                                                                                                                                        										_t254 =  *(_t409 + 0x10);
                                                                                                                                                                                                                                                        										_t372 = _t254 - _v28;
                                                                                                                                                                                                                                                        										__eflags = _t372;
                                                                                                                                                                                                                                                        										if(__eflags < 0) {
                                                                                                                                                                                                                                                        											E00BBDAC0(_t409, __eflags);
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											_push(_t610);
                                                                                                                                                                                                                                                        											_t611 = _t619;
                                                                                                                                                                                                                                                        											_push(_t372);
                                                                                                                                                                                                                                                        											_push(_t530);
                                                                                                                                                                                                                                                        											_push(_t568);
                                                                                                                                                                                                                                                        											_t620 = _t619 - 0xc;
                                                                                                                                                                                                                                                        											_t485 =  *(_t409 + 0x10);
                                                                                                                                                                                                                                                        											_t531 = _v72;
                                                                                                                                                                                                                                                        											_t373 = 0x7ffffffe;
                                                                                                                                                                                                                                                        											__eflags = 0x7ffffffe - _t485 - _t531;
                                                                                                                                                                                                                                                        											if(0x7ffffffe - _t485 < _t531) {
                                                                                                                                                                                                                                                        												E00BBA890();
                                                                                                                                                                                                                                                        												goto L49;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t549 = _t531 + _t485;
                                                                                                                                                                                                                                                        												_t590 =  *(_t409 + 0x14);
                                                                                                                                                                                                                                                        												_v36 = _t485;
                                                                                                                                                                                                                                                        												_v40 = _t409;
                                                                                                                                                                                                                                                        												_v32 = _t549;
                                                                                                                                                                                                                                                        												_t308 = _t549 | 0x00000007;
                                                                                                                                                                                                                                                        												__eflags = _t308 - 0x7ffffffe;
                                                                                                                                                                                                                                                        												if(_t308 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        													_t396 = _t590 >> 1;
                                                                                                                                                                                                                                                        													_t397 = _t396 + _t590;
                                                                                                                                                                                                                                                        													__eflags = _t308 - _t397;
                                                                                                                                                                                                                                                        													_t398 =  >=  ? _t308 : _t397;
                                                                                                                                                                                                                                                        													__eflags = _t590 - 0x7ffffffe - _t396;
                                                                                                                                                                                                                                                        													_t373 =  >  ? 0x7ffffffe :  >=  ? _t308 : _t397;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t550 = _t590;
                                                                                                                                                                                                                                                        												_t591 = _v40;
                                                                                                                                                                                                                                                        												_t103 = _t373 + 1; // 0x11
                                                                                                                                                                                                                                                        												_t310 = E00BBA8A0(_t103);
                                                                                                                                                                                                                                                        												__eflags = _t550 - 8;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t591 + 0x10)) = _v32;
                                                                                                                                                                                                                                                        												_t445 = _t591;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t591 + 0x14)) = _t373;
                                                                                                                                                                                                                                                        												if(_t550 < 8) {
                                                                                                                                                                                                                                                        													_t592 = _t445;
                                                                                                                                                                                                                                                        													_t392 = _t310;
                                                                                                                                                                                                                                                        													memcpy(_t310, _t445, _v0 + _v0);
                                                                                                                                                                                                                                                        													_t551 = _t392 + _v0 * 2;
                                                                                                                                                                                                                                                        													memcpy(_t551, _a8, _a12 + _a12);
                                                                                                                                                                                                                                                        													_t446 = _v0;
                                                                                                                                                                                                                                                        													_t507 = _v36 - _a4 + _t446;
                                                                                                                                                                                                                                                        													__eflags = _t507;
                                                                                                                                                                                                                                                        													memcpy(_t551 + _a12 * 2, _t592 + _t446 * 2 + _a4 * 2, _t507 + _t507 + 2);
                                                                                                                                                                                                                                                        													_t552 = _t392;
                                                                                                                                                                                                                                                        													goto L47;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t394 =  *_t445;
                                                                                                                                                                                                                                                        													_t594 = _t310;
                                                                                                                                                                                                                                                        													_v32 = _t550;
                                                                                                                                                                                                                                                        													memcpy(_t310, _t394, _v0 + _v0);
                                                                                                                                                                                                                                                        													_t554 = _t594 + _v0 * 2;
                                                                                                                                                                                                                                                        													memcpy(_t554, _a8, _a12 + _a12);
                                                                                                                                                                                                                                                        													memcpy(_t554 + _a12 * 2, _t394 + _v0 * 2 + _a4 * 2, _v36 - _a4 + _v0 + _v36 - _a4 + _v0 + 2);
                                                                                                                                                                                                                                                        													_t620 = _t620 + 0x24;
                                                                                                                                                                                                                                                        													_t409 = _v32;
                                                                                                                                                                                                                                                        													_t552 = _t594;
                                                                                                                                                                                                                                                        													_t592 = _v40;
                                                                                                                                                                                                                                                        													_t130 = _t409 + 2; // 0x13
                                                                                                                                                                                                                                                        													_t332 = _t409 + _t130;
                                                                                                                                                                                                                                                        													__eflags = _t332 - 0x1000;
                                                                                                                                                                                                                                                        													if(_t332 < 0x1000) {
                                                                                                                                                                                                                                                        														L45:
                                                                                                                                                                                                                                                        														_push(_t332);
                                                                                                                                                                                                                                                        														_push(_t394);
                                                                                                                                                                                                                                                        														L00BEF6C6();
                                                                                                                                                                                                                                                        														L47:
                                                                                                                                                                                                                                                        														 *_t592 = _t552;
                                                                                                                                                                                                                                                        														return _t592;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t373 =  *((intOrPtr*)(_t394 - 4));
                                                                                                                                                                                                                                                        														__eflags = _t394 + 0xfffffffc - _t373 - 0x20;
                                                                                                                                                                                                                                                        														if(_t394 + 0xfffffffc - _t373 >= 0x20) {
                                                                                                                                                                                                                                                        															L49:
                                                                                                                                                                                                                                                        															__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															_push(_t611);
                                                                                                                                                                                                                                                        															_t612 = _t620;
                                                                                                                                                                                                                                                        															_push(_t373);
                                                                                                                                                                                                                                                        															_push(_t531);
                                                                                                                                                                                                                                                        															_push(_t568);
                                                                                                                                                                                                                                                        															_t621 = _t620 - 0x18;
                                                                                                                                                                                                                                                        															_t259 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        															_t486 = _v96;
                                                                                                                                                                                                                                                        															_v120 = _t259 ^ _t612;
                                                                                                                                                                                                                                                        															_t261 =  *(_t409 + 0x10);
                                                                                                                                                                                                                                                        															_t533 = _t261 - _t486;
                                                                                                                                                                                                                                                        															__eflags = _t533;
                                                                                                                                                                                                                                                        															if(__eflags < 0) {
                                                                                                                                                                                                                                                        																E00BBDAC0(_t409, __eflags);
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																_push(_t612);
                                                                                                                                                                                                                                                        																_t613 = _t621;
                                                                                                                                                                                                                                                        																_push(_t373);
                                                                                                                                                                                                                                                        																_push(_t533);
                                                                                                                                                                                                                                                        																_push(_t568);
                                                                                                                                                                                                                                                        																_t622 = _t621 - 0x14;
                                                                                                                                                                                                                                                        																_t487 =  *(_t409 + 0x10);
                                                                                                                                                                                                                                                        																_t570 = _v136;
                                                                                                                                                                                                                                                        																_t374 = 0x7fffffff;
                                                                                                                                                                                                                                                        																__eflags = 0x7fffffff - _t487 - _t570;
                                                                                                                                                                                                                                                        																if(0x7fffffff - _t487 < _t570) {
                                                                                                                                                                                                                                                        																	E00BBA890();
                                                                                                                                                                                                                                                        																	goto L82;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t536 =  *(_t409 + 0x14);
                                                                                                                                                                                                                                                        																	_t573 = _t570 + _t487;
                                                                                                                                                                                                                                                        																	_v44 = _t487;
                                                                                                                                                                                                                                                        																	_v52 = _t409;
                                                                                                                                                                                                                                                        																	_v56 = _t573;
                                                                                                                                                                                                                                                        																	_t272 = _t573 | 0x0000000f;
                                                                                                                                                                                                                                                        																	__eflags = _t272;
                                                                                                                                                                                                                                                        																	if(_t272 >= 0) {
                                                                                                                                                                                                                                                        																		_t428 = _t536 >> 1;
                                                                                                                                                                                                                                                        																		_t429 = _t428 + _t536;
                                                                                                                                                                                                                                                        																		__eflags = _t272 - _t429;
                                                                                                                                                                                                                                                        																		_t430 =  >=  ? _t272 : _t429;
                                                                                                                                                                                                                                                        																		__eflags = _t536 - (_t428 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        																		_t374 =  <=  ?  >=  ? _t272 : _t429 : 0x7fffffff;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_v48 = _t536;
                                                                                                                                                                                                                                                        																	_t537 = _v8;
                                                                                                                                                                                                                                                        																	_t208 = _t374 + 1; // 0x80000000
                                                                                                                                                                                                                                                        																	_t378 = _v52;
                                                                                                                                                                                                                                                        																	_t274 = E00BBD730(_t208);
                                                                                                                                                                                                                                                        																	__eflags = _v48 - 0x10;
                                                                                                                                                                                                                                                        																	_v40 = _t274;
                                                                                                                                                                                                                                                        																	 *((intOrPtr*)(_t378 + 0x10)) = _v56;
                                                                                                                                                                                                                                                        																	 *((intOrPtr*)(_t378 + 0x14)) = _t374;
                                                                                                                                                                                                                                                        																	if(_v48 < 0x10) {
                                                                                                                                                                                                                                                        																		memcpy(_t274, _t378, _t537);
                                                                                                                                                                                                                                                        																		_t576 = _v40 + _t537;
                                                                                                                                                                                                                                                        																		memcpy(_t576, _v0, _a4);
                                                                                                                                                                                                                                                        																		_t278 = _v4;
                                                                                                                                                                                                                                                        																		_t423 = _v44 - _t278 + _t537 + 1;
                                                                                                                                                                                                                                                        																		__eflags = _t423;
                                                                                                                                                                                                                                                        																		_t578 = _v40;
                                                                                                                                                                                                                                                        																		memcpy(_t576 + _a4, _t378 + _t537 + _t278, _t423);
                                                                                                                                                                                                                                                        																		goto L80;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t380 =  *_t378;
                                                                                                                                                                                                                                                        																		memcpy(_t274, _t380, _t537);
                                                                                                                                                                                                                                                        																		_t581 = _t274 + _t537;
                                                                                                                                                                                                                                                        																		memcpy(_t581, _v0, _a4);
                                                                                                                                                                                                                                                        																		_t285 = _v4;
                                                                                                                                                                                                                                                        																		_t570 = _t581 + _a4;
                                                                                                                                                                                                                                                        																		_t533 = _t380 + _t537 + _t285;
                                                                                                                                                                                                                                                        																		memcpy(_t570, _t533, _v44 - _t285 + _t537 + 1);
                                                                                                                                                                                                                                                        																		_t622 = _t622 + 0x24;
                                                                                                                                                                                                                                                        																		_t493 = _v48;
                                                                                                                                                                                                                                                        																		_t221 = _t493 + 1; // 0x11
                                                                                                                                                                                                                                                        																		_t409 = _t221;
                                                                                                                                                                                                                                                        																		__eflags = _t409 - 0x1000;
                                                                                                                                                                                                                                                        																		if(_t409 < 0x1000) {
                                                                                                                                                                                                                                                        																			L78:
                                                                                                                                                                                                                                                        																			_push(_t409);
                                                                                                                                                                                                                                                        																			_push(_t380);
                                                                                                                                                                                                                                                        																			L00BEF6C6();
                                                                                                                                                                                                                                                        																			_t578 = _v40;
                                                                                                                                                                                                                                                        																			_t378 = _v52;
                                                                                                                                                                                                                                                        																			L80:
                                                                                                                                                                                                                                                        																			 *_t378 = _t578;
                                                                                                                                                                                                                                                        																			return _t378;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t288 =  *(_t380 - 4);
                                                                                                                                                                                                                                                        																			_t374 = _t380 + 0xfffffffc - _t288;
                                                                                                                                                                                                                                                        																			__eflags = _t374 - 0x20;
                                                                                                                                                                                                                                                        																			if(_t374 >= 0x20) {
                                                                                                                                                                                                                                                        																				L82:
                                                                                                                                                                                                                                                        																				__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				_push(_t613);
                                                                                                                                                                                                                                                        																				_t614 = _t622;
                                                                                                                                                                                                                                                        																				_push(_t374);
                                                                                                                                                                                                                                                        																				_push(_t533);
                                                                                                                                                                                                                                                        																				_push(_t570);
                                                                                                                                                                                                                                                        																				_t623 = _t622 - 8;
                                                                                                                                                                                                                                                        																				_t571 = _t409;
                                                                                                                                                                                                                                                        																				_t410 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        																				_t266 = _v168;
                                                                                                                                                                                                                                                        																				_v192 = _t410 ^ _t614;
                                                                                                                                                                                                                                                        																				_t375 =  *((intOrPtr*)(_t571 + 0x14));
                                                                                                                                                                                                                                                        																				_t412 =  *((intOrPtr*)(_t571 + 0x10));
                                                                                                                                                                                                                                                        																				__eflags = _t375 - _t412 - _t266;
                                                                                                                                                                                                                                                        																				_t490 = _v164;
                                                                                                                                                                                                                                                        																				if(_t375 - _t412 >= _t266) {
                                                                                                                                                                                                                                                        																					_t534 = _t412 + _t266;
                                                                                                                                                                                                                                                        																					__eflags = _t375 - 0x10;
                                                                                                                                                                                                                                                        																					_t376 = _t571;
                                                                                                                                                                                                                                                        																					 *((intOrPtr*)(_t571 + 0x10)) = _t534;
                                                                                                                                                                                                                                                        																					if(_t375 >= 0x10) {
                                                                                                                                                                                                                                                        																						_t376 =  *_t571;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					memset(_t412 + _t376, _t490, _t266);
                                                                                                                                                                                                                                                        																					 *((char*)(_t376 + _t534)) = 0;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_v208 = _v48;
                                                                                                                                                                                                                                                        																					_v204 = _t266;
                                                                                                                                                                                                                                                        																					 *(_t623 - 0x10) = _t266;
                                                                                                                                                                                                                                                        																					_v200 = _t490;
                                                                                                                                                                                                                                                        																					_t571 = E00BC7330(_t571);
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				__eflags = _v44 ^ _t614;
                                                                                                                                                                                                                                                        																				E00BEECB0(_v44 ^ _t614, _t490);
                                                                                                                                                                                                                                                        																				return _t571;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t494 = _t493 + 0x24;
                                                                                                                                                                                                                                                        																				__eflags = _t494;
                                                                                                                                                                                                                                                        																				_t380 = _t288;
                                                                                                                                                                                                                                                        																				_t409 = _t494;
                                                                                                                                                                                                                                                        																				goto L78;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t383 = _v8;
                                                                                                                                                                                                                                                        																_t582 = _v0;
                                                                                                                                                                                                                                                        																__eflags = _t533 - _t383;
                                                                                                                                                                                                                                                        																_t384 =  <  ? _t533 : _t383;
                                                                                                                                                                                                                                                        																__eflags = _t384 - _t582;
                                                                                                                                                                                                                                                        																if(_t384 != _t582) {
                                                                                                                                                                                                                                                        																	_t543 = _t533 - _t384 + 1;
                                                                                                                                                                                                                                                        																	_t583 = _t582 - _t384;
                                                                                                                                                                                                                                                        																	__eflags = _t583;
                                                                                                                                                                                                                                                        																	if(_t583 >= 0) {
                                                                                                                                                                                                                                                        																		_t497 =  *(_t409 + 0x14);
                                                                                                                                                                                                                                                        																		_v44 = _t497;
                                                                                                                                                                                                                                                        																		_t498 = _t497 - _t261;
                                                                                                                                                                                                                                                        																		__eflags = _t583 - _t497 - _t261;
                                                                                                                                                                                                                                                        																		if(_t583 <= _t497 - _t261) {
                                                                                                                                                                                                                                                        																			__eflags = _v44 - 0x10;
                                                                                                                                                                                                                                                        																			 *(_t409 + 0x10) = _t583 + _t261;
                                                                                                                                                                                                                                                        																			_t500 = _t409;
                                                                                                                                                                                                                                                        																			if(_v44 >= 0x10) {
                                                                                                                                                                                                                                                        																				_t500 =  *_t409;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_v44 = _t409;
                                                                                                                                                                                                                                                        																			_v56 = _t500;
                                                                                                                                                                                                                                                        																			_t432 = _v12 + _t500;
                                                                                                                                                                                                                                                        																			_v52 = _t432;
                                                                                                                                                                                                                                                        																			_t385 = _t384 + _t432;
                                                                                                                                                                                                                                                        																			_t434 = _v4;
                                                                                                                                                                                                                                                        																			__eflags = _v0 + _v4 - _v52;
                                                                                                                                                                                                                                                        																			_t486 = _v0;
                                                                                                                                                                                                                                                        																			_v48 = _v0;
                                                                                                                                                                                                                                                        																			if(_v0 + _v4 > _v52) {
                                                                                                                                                                                                                                                        																				_t503 = _t434;
                                                                                                                                                                                                                                                        																				__eflags = _v56 + _t261 - _t503;
                                                                                                                                                                                                                                                        																				_t434 = _t503;
                                                                                                                                                                                                                                                        																				_t486 = _v0;
                                                                                                                                                                                                                                                        																				_v48 = _v0;
                                                                                                                                                                                                                                                        																				if(_v56 + _t261 >= _t503) {
                                                                                                                                                                                                                                                        																					_t486 = 0;
                                                                                                                                                                                                                                                        																					_t547 = _t385 - _t434;
                                                                                                                                                                                                                                                        																					__eflags = _t547;
                                                                                                                                                                                                                                                        																					_t548 =  <=  ? 0 : _t547;
                                                                                                                                                                                                                                                        																					_v48 =  <=  ? 0 : _t547;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t387 = _t434;
                                                                                                                                                                                                                                                        																			memmove(_t385 + _t583, _t385, _t543);
                                                                                                                                                                                                                                                        																			_t544 = _v48;
                                                                                                                                                                                                                                                        																			memmove(_v52, _t387, _t544);
                                                                                                                                                                                                                                                        																			_t621 = _t621 + 0x18;
                                                                                                                                                                                                                                                        																			memcpy(_v52 + _t544, _t387 + _t583 + _t544, _v0 - _t544);
                                                                                                                                                                                                                                                        																			goto L56;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_v160 = _v40;
                                                                                                                                                                                                                                                        																			_v152 = _t384;
                                                                                                                                                                                                                                                        																			_v164 = _t583;
                                                                                                                                                                                                                                                        																			_v144 = _v0;
                                                                                                                                                                                                                                                        																			_v148 = _v4;
                                                                                                                                                                                                                                                        																			_t300 = _v12;
                                                                                                                                                                                                                                                        																			_v156 = _t300;
                                                                                                                                                                                                                                                        																			L71();
                                                                                                                                                                                                                                                        																			E00BEECB0(_v36 ^ _t612, _t498);
                                                                                                                                                                                                                                                        																			_t295 = _t300;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		 *(_t409 + 0x10) = _t583 + _t261;
                                                                                                                                                                                                                                                        																		_t587 = _t409;
                                                                                                                                                                                                                                                        																		__eflags =  *(_t409 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        																		if( *(_t409 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        																			_t587 =  *_t409;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_v44 = _t409;
                                                                                                                                                                                                                                                        																		_t588 = _t587 + _t486;
                                                                                                                                                                                                                                                        																		memmove(_t588, _v4, _v0);
                                                                                                                                                                                                                                                        																		_t621 = _t621 + 0xc;
                                                                                                                                                                                                                                                        																		_push(_t543);
                                                                                                                                                                                                                                                        																		_push(_t384 + _t588);
                                                                                                                                                                                                                                                        																		_push(_t588 + _v0);
                                                                                                                                                                                                                                                        																		goto L55;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	__eflags =  *(_t409 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        																	_t305 = _t409;
                                                                                                                                                                                                                                                        																	if( *(_t409 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        																		_t305 =  *_t409;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_v44 = _t409;
                                                                                                                                                                                                                                                        																	_t306 = _t305 + _t486;
                                                                                                                                                                                                                                                        																	__eflags = _t306;
                                                                                                                                                                                                                                                        																	_push(_t582);
                                                                                                                                                                                                                                                        																	_push(_v4);
                                                                                                                                                                                                                                                        																	_push(_t306);
                                                                                                                                                                                                                                                        																	L55:
                                                                                                                                                                                                                                                        																	memmove();
                                                                                                                                                                                                                                                        																	L56:
                                                                                                                                                                                                                                                        																	__eflags = _v36 ^ _t612;
                                                                                                                                                                                                                                                        																	E00BEECB0(_v36 ^ _t612, _t486);
                                                                                                                                                                                                                                                        																	_t295 = _v44;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																return _t295;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t457 = _t409 + _t409 + 0x25;
                                                                                                                                                                                                                                                        															__eflags = _t457;
                                                                                                                                                                                                                                                        															_t332 = _t457;
                                                                                                                                                                                                                                                        															goto L45;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t595 = _v0;
                                                                                                                                                                                                                                                        											_t555 = _a8;
                                                                                                                                                                                                                                                        											_t514 = _a4;
                                                                                                                                                                                                                                                        											__eflags = _t372 - _t595;
                                                                                                                                                                                                                                                        											_t596 =  <  ? _t372 : _t595;
                                                                                                                                                                                                                                                        											__eflags = _t596 - _t555;
                                                                                                                                                                                                                                                        											if(_t596 != _t555) {
                                                                                                                                                                                                                                                        												_t400 = _t372 - _t596 + 1;
                                                                                                                                                                                                                                                        												_t556 = _t555 - _t596;
                                                                                                                                                                                                                                                        												__eflags = _t556;
                                                                                                                                                                                                                                                        												if(_t556 >= 0) {
                                                                                                                                                                                                                                                        													_t515 =  *(_t409 + 0x14);
                                                                                                                                                                                                                                                        													_v36 = _t515;
                                                                                                                                                                                                                                                        													_t516 = _t515 - _t254;
                                                                                                                                                                                                                                                        													__eflags = _t556 - _t515 - _t254;
                                                                                                                                                                                                                                                        													if(_t556 <= _t515 - _t254) {
                                                                                                                                                                                                                                                        														__eflags = _v36 - 8;
                                                                                                                                                                                                                                                        														_v40 = _t556;
                                                                                                                                                                                                                                                        														 *(_t409 + 0x10) = _t556 + _t254;
                                                                                                                                                                                                                                                        														_t518 = _t409;
                                                                                                                                                                                                                                                        														if(_v36 >= 8) {
                                                                                                                                                                                                                                                        															_t518 =  *_t409;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_v36 = _t409;
                                                                                                                                                                                                                                                        														_v44 = _t518;
                                                                                                                                                                                                                                                        														_t557 = _a8;
                                                                                                                                                                                                                                                        														_t519 = _t518 + _v4 * 2;
                                                                                                                                                                                                                                                        														_t597 = _a4;
                                                                                                                                                                                                                                                        														_v52 = _t519;
                                                                                                                                                                                                                                                        														_v48 = _t519 + _t596 * 2;
                                                                                                                                                                                                                                                        														__eflags = _t597 + _t557 * 2 - _t519;
                                                                                                                                                                                                                                                        														_t514 = _v48;
                                                                                                                                                                                                                                                        														_t599 = _t557;
                                                                                                                                                                                                                                                        														if(_t597 + _t557 * 2 > _t519) {
                                                                                                                                                                                                                                                        															_t466 = _v44;
                                                                                                                                                                                                                                                        															_t599 = _t557;
                                                                                                                                                                                                                                                        															__eflags = _t466 + _t254 * 2 - _a4;
                                                                                                                                                                                                                                                        															if(_t466 + _t254 * 2 >= _a4) {
                                                                                                                                                                                                                                                        																_t347 = _a4;
                                                                                                                                                                                                                                                        																__eflags = _t514 - _t347;
                                                                                                                                                                                                                                                        																_t599 =  >  ? _t514 - _t347 >> 1 : 0;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														memmove(_t514 + _v40 * 2, _t514, _t400 + _t400);
                                                                                                                                                                                                                                                        														_t402 = _v52;
                                                                                                                                                                                                                                                        														memmove(_t402, _a4, _t599 + _t599);
                                                                                                                                                                                                                                                        														_t619 = _t619 + 0x18;
                                                                                                                                                                                                                                                        														memcpy(_t402 + _t599 * 2, _a4 + _v40 * 2 + _t599 * 2, _t557 - _t599 + _t557 - _t599);
                                                                                                                                                                                                                                                        														goto L23;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_v96 = _v32;
                                                                                                                                                                                                                                                        														_v88 = _t596;
                                                                                                                                                                                                                                                        														 *(_t619 - 0x18) = _t556;
                                                                                                                                                                                                                                                        														_v80 = _a8;
                                                                                                                                                                                                                                                        														_v84 = _a4;
                                                                                                                                                                                                                                                        														_t351 = _v4;
                                                                                                                                                                                                                                                        														_v92 = _t351;
                                                                                                                                                                                                                                                        														L38();
                                                                                                                                                                                                                                                        														E00BEECB0(_v28 ^ _t610, _t516);
                                                                                                                                                                                                                                                        														_t346 = _t351;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t353 = _t409;
                                                                                                                                                                                                                                                        													 *(_t409 + 0x10) = _t556 + _t254;
                                                                                                                                                                                                                                                        													__eflags =  *(_t409 + 0x14) - 8;
                                                                                                                                                                                                                                                        													if( *(_t409 + 0x14) >= 8) {
                                                                                                                                                                                                                                                        														_t353 =  *_t409;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v36 = _t409;
                                                                                                                                                                                                                                                        													_t562 = _t353 + _v4 * 2;
                                                                                                                                                                                                                                                        													memmove(_t562, _t514, _a8 + _a8);
                                                                                                                                                                                                                                                        													_t619 = _t619 + 0xc;
                                                                                                                                                                                                                                                        													_push(_t400 + _t400);
                                                                                                                                                                                                                                                        													_push(_t562 + _t596 * 2);
                                                                                                                                                                                                                                                        													_push(_t562 + _a8 * 2);
                                                                                                                                                                                                                                                        													goto L22;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags =  *(_t409 + 0x14) - 8;
                                                                                                                                                                                                                                                        												_t359 = _t409;
                                                                                                                                                                                                                                                        												if( *(_t409 + 0x14) >= 8) {
                                                                                                                                                                                                                                                        													_t359 =  *_t409;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v36 = _t409;
                                                                                                                                                                                                                                                        												_t563 = _t555 + _t555;
                                                                                                                                                                                                                                                        												__eflags = _t563;
                                                                                                                                                                                                                                                        												_push(_t563);
                                                                                                                                                                                                                                                        												_push(_t514);
                                                                                                                                                                                                                                                        												_push(_t359 + _v4 * 2);
                                                                                                                                                                                                                                                        												L22:
                                                                                                                                                                                                                                                        												memmove();
                                                                                                                                                                                                                                                        												L23:
                                                                                                                                                                                                                                                        												__eflags = _v28 ^ _t610;
                                                                                                                                                                                                                                                        												E00BEECB0(_v28 ^ _t610, _t514);
                                                                                                                                                                                                                                                        												_t346 = _v36;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											return _t346;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t251 = _t251 + 0x24;
                                                                                                                                                                                                                                                        										__eflags = _t251;
                                                                                                                                                                                                                                                        										_t527 = _t409;
                                                                                                                                                                                                                                                        										_t484 = _t251;
                                                                                                                                                                                                                                                        										goto L15;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t605 = _t368;
                                                                                                                                                                                                                                                        								_t408 = _t526 + 0x24;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































































































































































                                                                                                                                                                                                                                                        0x00bc6b70
                                                                                                                                                                                                                                                        0x00bc6b74
                                                                                                                                                                                                                                                        0x00bc6b76
                                                                                                                                                                                                                                                        0x00bc6b79
                                                                                                                                                                                                                                                        0x00bc6b7c
                                                                                                                                                                                                                                                        0x00bc6b84
                                                                                                                                                                                                                                                        0x00bc6b8d
                                                                                                                                                                                                                                                        0x00bc6c3e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6b93
                                                                                                                                                                                                                                                        0x00bc6b93
                                                                                                                                                                                                                                                        0x00bc6b96
                                                                                                                                                                                                                                                        0x00bc6b98
                                                                                                                                                                                                                                                        0x00bc6b9b
                                                                                                                                                                                                                                                        0x00bc6ba0
                                                                                                                                                                                                                                                        0x00bc6ba3
                                                                                                                                                                                                                                                        0x00bc6bb0
                                                                                                                                                                                                                                                        0x00bc6bba
                                                                                                                                                                                                                                                        0x00bc6bbf
                                                                                                                                                                                                                                                        0x00bc6bbf
                                                                                                                                                                                                                                                        0x00bc6bc5
                                                                                                                                                                                                                                                        0x00bc6bc9
                                                                                                                                                                                                                                                        0x00bc6bce
                                                                                                                                                                                                                                                        0x00bc6bd4
                                                                                                                                                                                                                                                        0x00bc6bd7
                                                                                                                                                                                                                                                        0x00bc6bda
                                                                                                                                                                                                                                                        0x00bc6c20
                                                                                                                                                                                                                                                        0x00bc6c20
                                                                                                                                                                                                                                                        0x00bc6c24
                                                                                                                                                                                                                                                        0x00bc6c26
                                                                                                                                                                                                                                                        0x00bc6c28
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6bdc
                                                                                                                                                                                                                                                        0x00bc6bdf
                                                                                                                                                                                                                                                        0x00bc6be4
                                                                                                                                                                                                                                                        0x00bc6be7
                                                                                                                                                                                                                                                        0x00bc6bec
                                                                                                                                                                                                                                                        0x00bc6bef
                                                                                                                                                                                                                                                        0x00bc6bf8
                                                                                                                                                                                                                                                        0x00bc6c0e
                                                                                                                                                                                                                                                        0x00bc6c0e
                                                                                                                                                                                                                                                        0x00bc6c0f
                                                                                                                                                                                                                                                        0x00bc6c10
                                                                                                                                                                                                                                                        0x00bc6c18
                                                                                                                                                                                                                                                        0x00bc6c30
                                                                                                                                                                                                                                                        0x00bc6c30
                                                                                                                                                                                                                                                        0x00bc6c3b
                                                                                                                                                                                                                                                        0x00bc6bfa
                                                                                                                                                                                                                                                        0x00bc6bfa
                                                                                                                                                                                                                                                        0x00bc6c00
                                                                                                                                                                                                                                                        0x00bc6c05
                                                                                                                                                                                                                                                        0x00bc6c43
                                                                                                                                                                                                                                                        0x00bc6c43
                                                                                                                                                                                                                                                        0x00bc6c49
                                                                                                                                                                                                                                                        0x00bc6c4a
                                                                                                                                                                                                                                                        0x00bc6c4b
                                                                                                                                                                                                                                                        0x00bc6c4c
                                                                                                                                                                                                                                                        0x00bc6c4d
                                                                                                                                                                                                                                                        0x00bc6c4e
                                                                                                                                                                                                                                                        0x00bc6c4f
                                                                                                                                                                                                                                                        0x00bc6c51
                                                                                                                                                                                                                                                        0x00bc6c53
                                                                                                                                                                                                                                                        0x00bc6c54
                                                                                                                                                                                                                                                        0x00bc6c58
                                                                                                                                                                                                                                                        0x00bc6c5a
                                                                                                                                                                                                                                                        0x00bc6c60
                                                                                                                                                                                                                                                        0x00bc6c65
                                                                                                                                                                                                                                                        0x00bc6c68
                                                                                                                                                                                                                                                        0x00bc6c6b
                                                                                                                                                                                                                                                        0x00bc6c6b
                                                                                                                                                                                                                                                        0x00bc6c6e
                                                                                                                                                                                                                                                        0x00bc6c74
                                                                                                                                                                                                                                                        0x00bc6c8a
                                                                                                                                                                                                                                                        0x00bc6c8a
                                                                                                                                                                                                                                                        0x00bc6c8b
                                                                                                                                                                                                                                                        0x00bc6c8c
                                                                                                                                                                                                                                                        0x00bc6c94
                                                                                                                                                                                                                                                        0x00bc6c9e
                                                                                                                                                                                                                                                        0x00bc6c76
                                                                                                                                                                                                                                                        0x00bc6c76
                                                                                                                                                                                                                                                        0x00bc6c7c
                                                                                                                                                                                                                                                        0x00bc6c7e
                                                                                                                                                                                                                                                        0x00bc6c81
                                                                                                                                                                                                                                                        0x00bc6c9f
                                                                                                                                                                                                                                                        0x00bc6ca5
                                                                                                                                                                                                                                                        0x00bc6ca6
                                                                                                                                                                                                                                                        0x00bc6ca7
                                                                                                                                                                                                                                                        0x00bc6ca8
                                                                                                                                                                                                                                                        0x00bc6ca9
                                                                                                                                                                                                                                                        0x00bc6caa
                                                                                                                                                                                                                                                        0x00bc6cab
                                                                                                                                                                                                                                                        0x00bc6cac
                                                                                                                                                                                                                                                        0x00bc6cad
                                                                                                                                                                                                                                                        0x00bc6cae
                                                                                                                                                                                                                                                        0x00bc6caf
                                                                                                                                                                                                                                                        0x00bc6cb0
                                                                                                                                                                                                                                                        0x00bc6cb1
                                                                                                                                                                                                                                                        0x00bc6cb3
                                                                                                                                                                                                                                                        0x00bc6cb4
                                                                                                                                                                                                                                                        0x00bc6cb5
                                                                                                                                                                                                                                                        0x00bc6cb6
                                                                                                                                                                                                                                                        0x00bc6cb9
                                                                                                                                                                                                                                                        0x00bc6cc0
                                                                                                                                                                                                                                                        0x00bc6cc3
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6ccb
                                                                                                                                                                                                                                                        0x00bc6e42
                                                                                                                                                                                                                                                        0x00bc6e47
                                                                                                                                                                                                                                                        0x00bc6e48
                                                                                                                                                                                                                                                        0x00bc6e49
                                                                                                                                                                                                                                                        0x00bc6e4a
                                                                                                                                                                                                                                                        0x00bc6e4b
                                                                                                                                                                                                                                                        0x00bc6e4c
                                                                                                                                                                                                                                                        0x00bc6e4d
                                                                                                                                                                                                                                                        0x00bc6e4e
                                                                                                                                                                                                                                                        0x00bc6e4f
                                                                                                                                                                                                                                                        0x00bc6e50
                                                                                                                                                                                                                                                        0x00bc6e51
                                                                                                                                                                                                                                                        0x00bc6e53
                                                                                                                                                                                                                                                        0x00bc6e54
                                                                                                                                                                                                                                                        0x00bc6e55
                                                                                                                                                                                                                                                        0x00bc6e56
                                                                                                                                                                                                                                                        0x00bc6e59
                                                                                                                                                                                                                                                        0x00bc6e5c
                                                                                                                                                                                                                                                        0x00bc6e64
                                                                                                                                                                                                                                                        0x00bc6e6b
                                                                                                                                                                                                                                                        0x00bc6e6d
                                                                                                                                                                                                                                                        0x00bc6fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e75
                                                                                                                                                                                                                                                        0x00bc6e78
                                                                                                                                                                                                                                                        0x00bc6e7b
                                                                                                                                                                                                                                                        0x00bc6e80
                                                                                                                                                                                                                                                        0x00bc6e83
                                                                                                                                                                                                                                                        0x00bc6e86
                                                                                                                                                                                                                                                        0x00bc6e8b
                                                                                                                                                                                                                                                        0x00bc6e99
                                                                                                                                                                                                                                                        0x00bc6e9d
                                                                                                                                                                                                                                                        0x00bc6e9f
                                                                                                                                                                                                                                                        0x00bc6ea1
                                                                                                                                                                                                                                                        0x00bc6ea4
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea9
                                                                                                                                                                                                                                                        0x00bc6eab
                                                                                                                                                                                                                                                        0x00bc6eae
                                                                                                                                                                                                                                                        0x00bc6eb4
                                                                                                                                                                                                                                                        0x00bc6ebc
                                                                                                                                                                                                                                                        0x00bc6ebf
                                                                                                                                                                                                                                                        0x00bc6ec2
                                                                                                                                                                                                                                                        0x00bc6ec4
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6f62
                                                                                                                                                                                                                                                        0x00bc6f66
                                                                                                                                                                                                                                                        0x00bc6f68
                                                                                                                                                                                                                                                        0x00bc6f73
                                                                                                                                                                                                                                                        0x00bc6f80
                                                                                                                                                                                                                                                        0x00bc6f8b
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6fab
                                                                                                                                                                                                                                                        0x00bc6fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ed7
                                                                                                                                                                                                                                                        0x00bc6ed9
                                                                                                                                                                                                                                                        0x00bc6edc
                                                                                                                                                                                                                                                        0x00bc6ee7
                                                                                                                                                                                                                                                        0x00bc6ef4
                                                                                                                                                                                                                                                        0x00bc6f1f
                                                                                                                                                                                                                                                        0x00bc6f24
                                                                                                                                                                                                                                                        0x00bc6f27
                                                                                                                                                                                                                                                        0x00bc6f2a
                                                                                                                                                                                                                                                        0x00bc6f2c
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f33
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f51
                                                                                                                                                                                                                                                        0x00bc6f52
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fc0
                                                                                                                                                                                                                                                        0x00bc6f3a
                                                                                                                                                                                                                                                        0x00bc6f3c
                                                                                                                                                                                                                                                        0x00bc6f44
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fce
                                                                                                                                                                                                                                                        0x00bc6fcf
                                                                                                                                                                                                                                                        0x00bc6fd0
                                                                                                                                                                                                                                                        0x00bc6fd1
                                                                                                                                                                                                                                                        0x00bc6fd3
                                                                                                                                                                                                                                                        0x00bc6fd4
                                                                                                                                                                                                                                                        0x00bc6fd5
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7153
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7155
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ff9
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc6ffe
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7021
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc6f49
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd4
                                                                                                                                                                                                                                                        0x00bc6cd7
                                                                                                                                                                                                                                                        0x00bc6cda
                                                                                                                                                                                                                                                        0x00bc6cdc
                                                                                                                                                                                                                                                        0x00bc6cdf
                                                                                                                                                                                                                                                        0x00bc6ce1
                                                                                                                                                                                                                                                        0x00bc6d1c
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1f
                                                                                                                                                                                                                                                        0x00bc6d5a
                                                                                                                                                                                                                                                        0x00bc6d5d
                                                                                                                                                                                                                                                        0x00bc6d60
                                                                                                                                                                                                                                                        0x00bc6d62
                                                                                                                                                                                                                                                        0x00bc6d64
                                                                                                                                                                                                                                                        0x00bc6da4
                                                                                                                                                                                                                                                        0x00bc6dab
                                                                                                                                                                                                                                                        0x00bc6dae
                                                                                                                                                                                                                                                        0x00bc6db1
                                                                                                                                                                                                                                                        0x00bc6db3
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db7
                                                                                                                                                                                                                                                        0x00bc6dbd
                                                                                                                                                                                                                                                        0x00bc6dc0
                                                                                                                                                                                                                                                        0x00bc6dc3
                                                                                                                                                                                                                                                        0x00bc6dc9
                                                                                                                                                                                                                                                        0x00bc6dcc
                                                                                                                                                                                                                                                        0x00bc6dcf
                                                                                                                                                                                                                                                        0x00bc6dd5
                                                                                                                                                                                                                                                        0x00bc6dd7
                                                                                                                                                                                                                                                        0x00bc6dda
                                                                                                                                                                                                                                                        0x00bc6ddc
                                                                                                                                                                                                                                                        0x00bc6dde
                                                                                                                                                                                                                                                        0x00bc6de1
                                                                                                                                                                                                                                                        0x00bc6de6
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6deb
                                                                                                                                                                                                                                                        0x00bc6df6
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6e06
                                                                                                                                                                                                                                                        0x00bc6e16
                                                                                                                                                                                                                                                        0x00bc6e1a
                                                                                                                                                                                                                                                        0x00bc6e1f
                                                                                                                                                                                                                                                        0x00bc6e38
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d66
                                                                                                                                                                                                                                                        0x00bc6d6c
                                                                                                                                                                                                                                                        0x00bc6d73
                                                                                                                                                                                                                                                        0x00bc6d77
                                                                                                                                                                                                                                                        0x00bc6d7a
                                                                                                                                                                                                                                                        0x00bc6d81
                                                                                                                                                                                                                                                        0x00bc6d85
                                                                                                                                                                                                                                                        0x00bc6d88
                                                                                                                                                                                                                                                        0x00bc6d8c
                                                                                                                                                                                                                                                        0x00bc6d98
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d21
                                                                                                                                                                                                                                                        0x00bc6d23
                                                                                                                                                                                                                                                        0x00bc6d25
                                                                                                                                                                                                                                                        0x00bc6d28
                                                                                                                                                                                                                                                        0x00bc6d2c
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d30
                                                                                                                                                                                                                                                        0x00bc6d36
                                                                                                                                                                                                                                                        0x00bc6d42
                                                                                                                                                                                                                                                        0x00bc6d47
                                                                                                                                                                                                                                                        0x00bc6d55
                                                                                                                                                                                                                                                        0x00bc6d56
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce7
                                                                                                                                                                                                                                                        0x00bc6ce9
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ced
                                                                                                                                                                                                                                                        0x00bc6cf3
                                                                                                                                                                                                                                                        0x00bc6cf3
                                                                                                                                                                                                                                                        0x00bc6cf8
                                                                                                                                                                                                                                                        0x00bc6cf9
                                                                                                                                                                                                                                                        0x00bc6cfa
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6d00
                                                                                                                                                                                                                                                        0x00bc6d06
                                                                                                                                                                                                                                                        0x00bc6d08
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c86
                                                                                                                                                                                                                                                        0x00bc6c88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6c88
                                                                                                                                                                                                                                                        0x00bc6c81
                                                                                                                                                                                                                                                        0x00bc6c07
                                                                                                                                                                                                                                                        0x00bc6c0a
                                                                                                                                                                                                                                                        0x00bc6c0c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6c0c
                                                                                                                                                                                                                                                        0x00bc6c05
                                                                                                                                                                                                                                                        0x00bc6bf8
                                                                                                                                                                                                                                                        0x00bc6bda

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,7FFFFFFF,?,80000000,?,00BC6B58,?,?,00BC800E,?), ref: 00BC6BE7
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(7FFFFFFF,?,?,?,80000000,?,00BC6B58,?,?,00BC800E,?), ref: 00BC6C10
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,80000000,?,00BC6B58,?,?,00BC800E,?), ref: 00BC6C28
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,00BC6B58,?,?,00BC800E,?), ref: 00BC6C43
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: c699f92655e7ad52f7039987300e005058f1722f9437646cc60d389721bf6773
                                                                                                                                                                                                                                                        • Instruction ID: fc7512d2b207862260ccea7f802dd649e069211123ed0779e26deba4e72acf48
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c699f92655e7ad52f7039987300e005058f1722f9437646cc60d389721bf6773
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CC21E272A00115AFCB18DE68DC8497FB3EAEBC5320724477DE865E7390DA709D4287E1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 86%
                                                                                                                                                                                                                                                        			E00BCA600(intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t54;
                                                                                                                                                                                                                                                        				intOrPtr* _t59;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t40 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t59 = _a4;
                                                                                                                                                                                                                                                        				_v24 = _t40 ^ _t87;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v32.LowPart = 0;
                                                                                                                                                                                                                                                        				QueryPerformanceCounter( &_v32);
                                                                                                                                                                                                                                                        				_t84 = _v32.LowPart;
                                                                                                                                                                                                                                                        				_t86 = _v28;
                                                                                                                                                                                                                                                        				asm("sbb ecx, esi");
                                                                                                                                                                                                                                                        				if(0x7bd05af6 < _t84) {
                                                                                                                                                                                                                                                        					_v40 =  *0xbfb498;
                                                                                                                                                                                                                                                        					_v36 =  *0xbfb49c;
                                                                                                                                                                                                                                                        					_t46 = E00BEF5D0(_t84, _t86,  *0xbfb498,  *0xbfb49c);
                                                                                                                                                                                                                                                        					_v60 = _t46;
                                                                                                                                                                                                                                                        					asm("sbb esi, ebx");
                                                                                                                                                                                                                                                        					_v60 = _v60 * 0xf4240;
                                                                                                                                                                                                                                                        					_t83 = ((_t84 - _t46 * _v56) * 0xf4240 >> 0x20) + _t86 * 0xf4240;
                                                                                                                                                                                                                                                        					_t53 = E00BEF5D0((_t84 - _t46 * _v56) * 0xf4240, _t83, _v56, _v52) + _v76;
                                                                                                                                                                                                                                                        					asm("adc edx, ebx");
                                                                                                                                                                                                                                                        					_t59 = _a4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t83 = _t84 * 0xf4240 >> 0x20;
                                                                                                                                                                                                                                                        					_t53 = E00BEF5D0(_t84 * 0xf4240, _t86 * 0xf4240 + _t83,  *0xbfb498,  *0xbfb49c);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t54 = E00BC8A40(0, 0, _t53, _t83);
                                                                                                                                                                                                                                                        				 *(_t59 + 4) = _t83;
                                                                                                                                                                                                                                                        				 *_t59 = _t54;
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t87, _t83);
                                                                                                                                                                                                                                                        				return _t59;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bca60c
                                                                                                                                                                                                                                                        0x00bca611
                                                                                                                                                                                                                                                        0x00bca616
                                                                                                                                                                                                                                                        0x00bca61e
                                                                                                                                                                                                                                                        0x00bca626
                                                                                                                                                                                                                                                        0x00bca62f
                                                                                                                                                                                                                                                        0x00bca635
                                                                                                                                                                                                                                                        0x00bca639
                                                                                                                                                                                                                                                        0x00bca649
                                                                                                                                                                                                                                                        0x00bca64b
                                                                                                                                                                                                                                                        0x00bca67e
                                                                                                                                                                                                                                                        0x00bca682
                                                                                                                                                                                                                                                        0x00bca68a
                                                                                                                                                                                                                                                        0x00bca693
                                                                                                                                                                                                                                                        0x00bca6ba
                                                                                                                                                                                                                                                        0x00bca6c0
                                                                                                                                                                                                                                                        0x00bca6d5
                                                                                                                                                                                                                                                        0x00bca6e6
                                                                                                                                                                                                                                                        0x00bca6ea
                                                                                                                                                                                                                                                        0x00bca6ec
                                                                                                                                                                                                                                                        0x00bca64d
                                                                                                                                                                                                                                                        0x00bca654
                                                                                                                                                                                                                                                        0x00bca66c
                                                                                                                                                                                                                                                        0x00bca66c
                                                                                                                                                                                                                                                        0x00bca6f5
                                                                                                                                                                                                                                                        0x00bca6fd
                                                                                                                                                                                                                                                        0x00bca700
                                                                                                                                                                                                                                                        0x00bca708
                                                                                                                                                                                                                                                        0x00bca716

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BCA62F
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA66C
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA68A
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA6E1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@$CounterPerformanceQuery
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 374826692-0
                                                                                                                                                                                                                                                        • Opcode ID: b71564a2cc0912419465b28128c0541e4e4c042420e36d1e8a4ceb0cc9d8ef7e
                                                                                                                                                                                                                                                        • Instruction ID: 2b0d8825dd54368896f1b9cd4e9d08de74fc0789290baa55599b542a4a2cb1b5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b71564a2cc0912419465b28128c0541e4e4c042420e36d1e8a4ceb0cc9d8ef7e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4F318171604304AFC708DF59DD85A3BBBE9EBC8714F04883DF94987362EB3098449B92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 38%
                                                                                                                                                                                                                                                        			E00BE61F0(void* __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed short _v26;
                                                                                                                                                                                                                                                        				void* _v30;
                                                                                                                                                                                                                                                        				char _v31;
                                                                                                                                                                                                                                                        				void _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				void _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				int _t29;
                                                                                                                                                                                                                                                        				signed short _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				char* _t36;
                                                                                                                                                                                                                                                        				intOrPtr _t37;
                                                                                                                                                                                                                                                        				char* _t38;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				DWORD* _t46;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t47 = __ecx;
                                                                                                                                                                                                                                                        				_t46 =  &_v40;
                                                                                                                                                                                                                                                        				_v20 = _t26 ^ _t48;
                                                                                                                                                                                                                                                        				_t29 = ReadProcessMemory( *(__ecx + 0x10),  *(__ecx + 4),  &_v36, 0x10, _t46);
                                                                                                                                                                                                                                                        				_t41 = 0;
                                                                                                                                                                                                                                                        				if(_t29 != 0 && _v40 == 0x10 && _v36 == 0xb8) {
                                                                                                                                                                                                                                                        					if(_v31 != 0xba) {
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						_t41 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t32 = _v26 & 0x0000ffff;
                                                                                                                                                                                                                                                        						_t33 = _t32 & 0x0000ffff;
                                                                                                                                                                                                                                                        						if(_t32 == 0x12ff || _t33 == 0xd2ff) {
                                                                                                                                                                                                                                                        							if(_v24 != 0xc2) {
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_t33 != 0xd2ff) {
                                                                                                                                                                                                                                                        									if(ReadProcessMemory( *(_t47 + 0x10), _v30,  &_v44, 4, _t46) == 0 || _v40 != 4) {
                                                                                                                                                                                                                                                        										goto L14;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t36 =  &_v48;
                                                                                                                                                                                                                                                        										__imp__GetModuleHandleExW(6, _v44, _t36);
                                                                                                                                                                                                                                                        										if(_t36 == 0) {
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t37 =  *((intOrPtr*)(_t47 + 0xc));
                                                                                                                                                                                                                                                        											if(_t37 == 0) {
                                                                                                                                                                                                                                                        												_t38 =  &_v52;
                                                                                                                                                                                                                                                        												__imp__GetModuleHandleExW(6,  *((intOrPtr*)(_t47 + 4)), _t38);
                                                                                                                                                                                                                                                        												if(_t38 == 0 || _v48 != _v52) {
                                                                                                                                                                                                                                                        													goto L14;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L8;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_v52 = _t37;
                                                                                                                                                                                                                                                        												if(_v48 == _t37) {
                                                                                                                                                                                                                                                        													goto L8;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L14;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L8:
                                                                                                                                                                                                                                                        									asm("movsd xmm0, [ebp-0x20]");
                                                                                                                                                                                                                                                        									asm("movsd xmm1, [ebp-0x18]");
                                                                                                                                                                                                                                                        									_t41 = 1;
                                                                                                                                                                                                                                                        									asm("movsd [eax+0x8], xmm1");
                                                                                                                                                                                                                                                        									asm("movsd [eax], xmm0");
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t48, _t45);
                                                                                                                                                                                                                                                        				return _t41;
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00be61f9
                                                                                                                                                                                                                                                        0x00be61fe
                                                                                                                                                                                                                                                        0x00be6200
                                                                                                                                                                                                                                                        0x00be6205
                                                                                                                                                                                                                                                        0x00be6215
                                                                                                                                                                                                                                                        0x00be621b
                                                                                                                                                                                                                                                        0x00be621f
                                                                                                                                                                                                                                                        0x00be623d
                                                                                                                                                                                                                                                        0x00be62ba
                                                                                                                                                                                                                                                        0x00be62ba
                                                                                                                                                                                                                                                        0x00be623f
                                                                                                                                                                                                                                                        0x00be623f
                                                                                                                                                                                                                                                        0x00be6248
                                                                                                                                                                                                                                                        0x00be624b
                                                                                                                                                                                                                                                        0x00be6258
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be625a
                                                                                                                                                                                                                                                        0x00be625f
                                                                                                                                                                                                                                                        0x00be6290
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6298
                                                                                                                                                                                                                                                        0x00be6298
                                                                                                                                                                                                                                                        0x00be62a1
                                                                                                                                                                                                                                                        0x00be62a9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62ab
                                                                                                                                                                                                                                                        0x00be62ab
                                                                                                                                                                                                                                                        0x00be62b0
                                                                                                                                                                                                                                                        0x00be62d2
                                                                                                                                                                                                                                                        0x00be62db
                                                                                                                                                                                                                                                        0x00be62e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62ed
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62ed
                                                                                                                                                                                                                                                        0x00be62b2
                                                                                                                                                                                                                                                        0x00be62b2
                                                                                                                                                                                                                                                        0x00be62b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62b8
                                                                                                                                                                                                                                                        0x00be62b0
                                                                                                                                                                                                                                                        0x00be62a9
                                                                                                                                                                                                                                                        0x00be6261
                                                                                                                                                                                                                                                        0x00be6261
                                                                                                                                                                                                                                                        0x00be6264
                                                                                                                                                                                                                                                        0x00be6269
                                                                                                                                                                                                                                                        0x00be626e
                                                                                                                                                                                                                                                        0x00be6270
                                                                                                                                                                                                                                                        0x00be6275
                                                                                                                                                                                                                                                        0x00be6275
                                                                                                                                                                                                                                                        0x00be625f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be624b
                                                                                                                                                                                                                                                        0x00be623d
                                                                                                                                                                                                                                                        0x00be62c1
                                                                                                                                                                                                                                                        0x00be62cf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNEL32(?,?,?,00000010,?), ref: 00BE6215
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNEL32(?,?,?,00000004,?), ref: 00BE6288
                                                                                                                                                                                                                                                        • GetModuleHandleExW.KERNEL32(00000006,?,?), ref: 00BE62A1
                                                                                                                                                                                                                                                        • GetModuleHandleExW.KERNEL32(00000006,?,?), ref: 00BE62DB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleMemoryModuleProcessRead
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2283701994-0
                                                                                                                                                                                                                                                        • Opcode ID: 4e63df575365f34f7ff0d49e6e3bd016a38bded5a5aeada13e99dc38e502a3b2
                                                                                                                                                                                                                                                        • Instruction ID: b89e5523819945b9d5b5efb71ae021414fe1531e4e9ef2d09db503c843b88fec
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4e63df575365f34f7ff0d49e6e3bd016a38bded5a5aeada13e99dc38e502a3b2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ED319231A002499ADF20CFE6CC44AFEB7F5FF29390F0041AEE611E6190CB61D844DB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE2ED0(void* __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v36;
                                                                                                                                                                                                                                                        				struct _ACL* _v40;
                                                                                                                                                                                                                                                        				int _v44;
                                                                                                                                                                                                                                                        				int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				long _t32;
                                                                                                                                                                                                                                                        				struct _ACL* _t39;
                                                                                                                                                                                                                                                        				int _t40;
                                                                                                                                                                                                                                                        				char* _t42;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				long _t44;
                                                                                                                                                                                                                                                        				long _t52;
                                                                                                                                                                                                                                                        				LPVOID* _t53;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _t55;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t43 = __ecx;
                                                                                                                                                                                                                                                        				_t51 = 0x10;
                                                                                                                                                                                                                                                        				_v20 = _t29 ^ _t57;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_v36 = 0;
                                                                                                                                                                                                                                                        				_t32 = E00BE2FE0(__ecx, 0x10,  &_v32,  &_v36);
                                                                                                                                                                                                                                                        				_t52 = _t32;
                                                                                                                                                                                                                                                        				if(_t32 == 0) {
                                                                                                                                                                                                                                                        					_t55 = _v36;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_t51 =  &_v44;
                                                                                                                                                                                                                                                        					if(GetSecurityDescriptorSacl(_t55,  &_v44,  &_v40,  &_v48) == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t52 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t39 = _v40;
                                                                                                                                                                                                                                                        						_v56 = _t55;
                                                                                                                                                                                                                                                        						_v60 = _t43;
                                                                                                                                                                                                                                                        						if(_t39->AceCount != 0) {
                                                                                                                                                                                                                                                        							_t44 = 0;
                                                                                                                                                                                                                                                        							_t53 =  &_v52;
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								if(GetAce(_t39, _t44, _t53) == 0) {
                                                                                                                                                                                                                                                        									goto L5;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t42 = _v52;
                                                                                                                                                                                                                                                        									if( *_t42 != 0x11) {
                                                                                                                                                                                                                                                        										goto L5;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										 *(_t42 + 4) =  *(_t42 + 4) | 0x00000006;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L9;
                                                                                                                                                                                                                                                        								L5:
                                                                                                                                                                                                                                                        								_t39 = _v40;
                                                                                                                                                                                                                                                        								_t44 = _t44 + 1;
                                                                                                                                                                                                                                                        							} while (_t44 < (_t39->AceCount & 0x0000ffff));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t40 = SetKernelObjectSecurity(_v60, 0x10, _v56);
                                                                                                                                                                                                                                                        						_t52 = 0;
                                                                                                                                                                                                                                                        						if(_t40 == 0) {
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC3010( &_v32);
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t57, _t51);
                                                                                                                                                                                                                                                        				return _t52;
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00be2ed9
                                                                                                                                                                                                                                                        0x00be2ede
                                                                                                                                                                                                                                                        0x00be2ee3
                                                                                                                                                                                                                                                        0x00be2eea
                                                                                                                                                                                                                                                        0x00be2ef0
                                                                                                                                                                                                                                                        0x00be2ef7
                                                                                                                                                                                                                                                        0x00be2efe
                                                                                                                                                                                                                                                        0x00be2f05
                                                                                                                                                                                                                                                        0x00be2f0e
                                                                                                                                                                                                                                                        0x00be2f16
                                                                                                                                                                                                                                                        0x00be2f1a
                                                                                                                                                                                                                                                        0x00be2f38
                                                                                                                                                                                                                                                        0x00be2f3e
                                                                                                                                                                                                                                                        0x00be2f45
                                                                                                                                                                                                                                                        0x00be2f4c
                                                                                                                                                                                                                                                        0x00be2f56
                                                                                                                                                                                                                                                        0x00be2f65
                                                                                                                                                                                                                                                        0x00be2fc9
                                                                                                                                                                                                                                                        0x00be2fcf
                                                                                                                                                                                                                                                        0x00be2f67
                                                                                                                                                                                                                                                        0x00be2f67
                                                                                                                                                                                                                                                        0x00be2f6a
                                                                                                                                                                                                                                                        0x00be2f6d
                                                                                                                                                                                                                                                        0x00be2f75
                                                                                                                                                                                                                                                        0x00be2f7d
                                                                                                                                                                                                                                                        0x00be2f7f
                                                                                                                                                                                                                                                        0x00be2f9c
                                                                                                                                                                                                                                                        0x00be2fa3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be2fa5
                                                                                                                                                                                                                                                        0x00be2fa5
                                                                                                                                                                                                                                                        0x00be2fab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be2fad
                                                                                                                                                                                                                                                        0x00be2fad
                                                                                                                                                                                                                                                        0x00be2fad
                                                                                                                                                                                                                                                        0x00be2fab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be2f90
                                                                                                                                                                                                                                                        0x00be2f90
                                                                                                                                                                                                                                                        0x00be2f93
                                                                                                                                                                                                                                                        0x00be2f98
                                                                                                                                                                                                                                                        0x00be2f9c
                                                                                                                                                                                                                                                        0x00be2fb1
                                                                                                                                                                                                                                                        0x00be2fb9
                                                                                                                                                                                                                                                        0x00be2fbf
                                                                                                                                                                                                                                                        0x00be2fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be2fc3
                                                                                                                                                                                                                                                        0x00be2f65
                                                                                                                                                                                                                                                        0x00be2f1f
                                                                                                                                                                                                                                                        0x00be2f29
                                                                                                                                                                                                                                                        0x00be2f37

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2FE0: GetKernelObjectSecurity.ADVAPI32(00000000,00000004,00000000,00000000,?), ref: 00BE3008
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2FE0: GetLastError.KERNEL32 ref: 00BE300E
                                                                                                                                                                                                                                                        • GetSecurityDescriptorSacl.ADVAPI32(00000000,00000000,00000000,?), ref: 00BE2F5D
                                                                                                                                                                                                                                                        • GetAce.ADVAPI32(00000000,00000000,?), ref: 00BE2F9F
                                                                                                                                                                                                                                                        • SetKernelObjectSecurity.ADVAPI32(?,00000010,?), ref: 00BE2FB9
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE2FC9
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Security$ErrorKernelLastObject$DescriptorSacl
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3863332142-0
                                                                                                                                                                                                                                                        • Opcode ID: e345c91c48533e81429b836ef887e1e76f5e2a292dfe8a024ba5b4f66e1eeb8c
                                                                                                                                                                                                                                                        • Instruction ID: 4fb75ab6d5d5d2aae366a8103444b48a251c9bd2bca6296ac694117b4530ce00
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e345c91c48533e81429b836ef887e1e76f5e2a292dfe8a024ba5b4f66e1eeb8c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 433128719002599FDB00CFA6DC99BEEBBF9EF48304F144459E801BB280DBB59D45CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BD7E10(int** __ecx, signed short _a4, wchar_t* _a8, int _a12, int _a16, int _a20) {
                                                                                                                                                                                                                                                        				int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				WCHAR* _t35;
                                                                                                                                                                                                                                                        				int _t37;
                                                                                                                                                                                                                                                        				int _t38;
                                                                                                                                                                                                                                                        				int _t39;
                                                                                                                                                                                                                                                        				int _t44;
                                                                                                                                                                                                                                                        				int* _t45;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				void* _t52;
                                                                                                                                                                                                                                                        				int _t57;
                                                                                                                                                                                                                                                        				int** _t59;
                                                                                                                                                                                                                                                        				int* _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t35 = _a8;
                                                                                                                                                                                                                                                        				_t45 = 0;
                                                                                                                                                                                                                                                        				if(_t35 != 0 &&  *_t35 != 0) {
                                                                                                                                                                                                                                                        					_t59 = __ecx;
                                                                                                                                                                                                                                                        					_t37 = lstrlenW(_t35);
                                                                                                                                                                                                                                                        					_t61 =  *_t59;
                                                                                                                                                                                                                                                        					if(_t59[1] - _t61 >= 0x1c) {
                                                                                                                                                                                                                                                        						_t61[1] = 0;
                                                                                                                                                                                                                                                        						 *_t61 = 0;
                                                                                                                                                                                                                                                        						_t61[3] = 0;
                                                                                                                                                                                                                                                        						_t61[2] = 0;
                                                                                                                                                                                                                                                        						_t61[5] = 0;
                                                                                                                                                                                                                                                        						_t61[4] = 0;
                                                                                                                                                                                                                                                        						_t61[6] = 0;
                                                                                                                                                                                                                                                        						 *_t59 =  &(( *_t59)[7]);
                                                                                                                                                                                                                                                        						 *_t61 = 5;
                                                                                                                                                                                                                                                        						_t61[2] = _a20;
                                                                                                                                                                                                                                                        						_t61[1] = _a4 & 0x0000ffff;
                                                                                                                                                                                                                                                        						if(_t61 != 0) {
                                                                                                                                                                                                                                                        							_v24 = _t37;
                                                                                                                                                                                                                                                        							_t38 = wcslen(_a8);
                                                                                                                                                                                                                                                        							_t50 = _t59[1];
                                                                                                                                                                                                                                                        							_v20 = _t38;
                                                                                                                                                                                                                                                        							_t39 = _t38 + _t38 + 2;
                                                                                                                                                                                                                                                        							if(_t50 -  *_t59 >= _t39) {
                                                                                                                                                                                                                                                        								_t57 = _t39;
                                                                                                                                                                                                                                                        								_t52 = _t50 - _v20 + _v20 + 0xfffffffe;
                                                                                                                                                                                                                                                        								_t59[1] = _t52;
                                                                                                                                                                                                                                                        								if((_t52 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        									_v20 = _t57;
                                                                                                                                                                                                                                                        									DebugBreak();
                                                                                                                                                                                                                                                        									_t57 = _v20;
                                                                                                                                                                                                                                                        									_t52 = _t59[1];
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								memcpy(_t52, _a8, _t57);
                                                                                                                                                                                                                                                        								_t44 = _t59[1] - _t61;
                                                                                                                                                                                                                                                        								if(_t44 != 0) {
                                                                                                                                                                                                                                                        									_t45 = _t61;
                                                                                                                                                                                                                                                        									_t61[3] = _t44;
                                                                                                                                                                                                                                                        									_t61[4] = _v24;
                                                                                                                                                                                                                                                        									_t61[5] = _a12;
                                                                                                                                                                                                                                                        									_t61[6] = _a16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t45;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bd7e19
                                                                                                                                                                                                                                                        0x00bd7e1c
                                                                                                                                                                                                                                                        0x00bd7e20
                                                                                                                                                                                                                                                        0x00bd7e28
                                                                                                                                                                                                                                                        0x00bd7e2b
                                                                                                                                                                                                                                                        0x00bd7e31
                                                                                                                                                                                                                                                        0x00bd7e3b
                                                                                                                                                                                                                                                        0x00bd7e50
                                                                                                                                                                                                                                                        0x00bd7e57
                                                                                                                                                                                                                                                        0x00bd7e5d
                                                                                                                                                                                                                                                        0x00bd7e64
                                                                                                                                                                                                                                                        0x00bd7e6b
                                                                                                                                                                                                                                                        0x00bd7e72
                                                                                                                                                                                                                                                        0x00bd7e79
                                                                                                                                                                                                                                                        0x00bd7e80
                                                                                                                                                                                                                                                        0x00bd7e85
                                                                                                                                                                                                                                                        0x00bd7e8b
                                                                                                                                                                                                                                                        0x00bd7e8e
                                                                                                                                                                                                                                                        0x00bd7e92
                                                                                                                                                                                                                                                        0x00bd7e94
                                                                                                                                                                                                                                                        0x00bd7e9a
                                                                                                                                                                                                                                                        0x00bd7ea3
                                                                                                                                                                                                                                                        0x00bd7ea6
                                                                                                                                                                                                                                                        0x00bd7ea9
                                                                                                                                                                                                                                                        0x00bd7eb3
                                                                                                                                                                                                                                                        0x00bd7eb5
                                                                                                                                                                                                                                                        0x00bd7ebe
                                                                                                                                                                                                                                                        0x00bd7ec4
                                                                                                                                                                                                                                                        0x00bd7ec7
                                                                                                                                                                                                                                                        0x00bd7ec9
                                                                                                                                                                                                                                                        0x00bd7ecc
                                                                                                                                                                                                                                                        0x00bd7ed2
                                                                                                                                                                                                                                                        0x00bd7ed5
                                                                                                                                                                                                                                                        0x00bd7ed5
                                                                                                                                                                                                                                                        0x00bd7edd
                                                                                                                                                                                                                                                        0x00bd7ee8
                                                                                                                                                                                                                                                        0x00bd7eea
                                                                                                                                                                                                                                                        0x00bd7ef9
                                                                                                                                                                                                                                                        0x00bd7efb
                                                                                                                                                                                                                                                        0x00bd7efe
                                                                                                                                                                                                                                                        0x00bd7f01
                                                                                                                                                                                                                                                        0x00bd7f04
                                                                                                                                                                                                                                                        0x00bd7f04
                                                                                                                                                                                                                                                        0x00bd7eea
                                                                                                                                                                                                                                                        0x00bd7eb3
                                                                                                                                                                                                                                                        0x00bd7e92
                                                                                                                                                                                                                                                        0x00bd7e3b
                                                                                                                                                                                                                                                        0x00bd7e46

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?,?,00000003), ref: 00BD7E2B
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BD7E9A
                                                                                                                                                                                                                                                        • DebugBreak.KERNEL32 ref: 00BD7ECC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BD7EDD
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: BreakDebuglstrlenmemcpywcslen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3736189699-0
                                                                                                                                                                                                                                                        • Opcode ID: 78fd262a07ce3832a5c4f9441991cfe82684f5ef7342c9f08fc26462336e2172
                                                                                                                                                                                                                                                        • Instruction ID: e8c89bba07834ea0f127f67636e45775d826f9d4322bca2e581332adf8ad4fbe
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 78fd262a07ce3832a5c4f9441991cfe82684f5ef7342c9f08fc26462336e2172
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 103129B1900A069FDB14CF64D9447AAFBF4FF44311F108A6AD85547750EB75E914CBD0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BD65C0(void* __eax, void* __ebx, void* __ecx, intOrPtr* __edx, void* __edi, void* __esi, char* _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				intOrPtr* _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				intOrPtr _v80;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				signed int _v104;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				intOrPtr _v112;
                                                                                                                                                                                                                                                        				long _v116;
                                                                                                                                                                                                                                                        				char _v132;
                                                                                                                                                                                                                                                        				char _v136;
                                                                                                                                                                                                                                                        				char _v140;
                                                                                                                                                                                                                                                        				signed int _v144;
                                                                                                                                                                                                                                                        				intOrPtr _v148;
                                                                                                                                                                                                                                                        				intOrPtr _v152;
                                                                                                                                                                                                                                                        				intOrPtr _v156;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v160;
                                                                                                                                                                                                                                                        				intOrPtr _v164;
                                                                                                                                                                                                                                                        				signed int _v168;
                                                                                                                                                                                                                                                        				intOrPtr* _v172;
                                                                                                                                                                                                                                                        				intOrPtr _v184;
                                                                                                                                                                                                                                                        				intOrPtr _v208;
                                                                                                                                                                                                                                                        				intOrPtr _v212;
                                                                                                                                                                                                                                                        				intOrPtr _t162;
                                                                                                                                                                                                                                                        				signed int _t163;
                                                                                                                                                                                                                                                        				signed int _t165;
                                                                                                                                                                                                                                                        				intOrPtr _t168;
                                                                                                                                                                                                                                                        				intOrPtr* _t170;
                                                                                                                                                                                                                                                        				intOrPtr* _t172;
                                                                                                                                                                                                                                                        				intOrPtr* _t177;
                                                                                                                                                                                                                                                        				signed int _t179;
                                                                                                                                                                                                                                                        				signed int _t180;
                                                                                                                                                                                                                                                        				signed int _t181;
                                                                                                                                                                                                                                                        				signed int _t185;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t190;
                                                                                                                                                                                                                                                        				signed int _t193;
                                                                                                                                                                                                                                                        				char* _t195;
                                                                                                                                                                                                                                                        				signed int _t199;
                                                                                                                                                                                                                                                        				intOrPtr _t206;
                                                                                                                                                                                                                                                        				intOrPtr* _t210;
                                                                                                                                                                                                                                                        				intOrPtr _t212;
                                                                                                                                                                                                                                                        				intOrPtr* _t213;
                                                                                                                                                                                                                                                        				intOrPtr* _t214;
                                                                                                                                                                                                                                                        				void* _t216;
                                                                                                                                                                                                                                                        				intOrPtr _t222;
                                                                                                                                                                                                                                                        				intOrPtr* _t224;
                                                                                                                                                                                                                                                        				signed int _t233;
                                                                                                                                                                                                                                                        				intOrPtr _t235;
                                                                                                                                                                                                                                                        				intOrPtr _t239;
                                                                                                                                                                                                                                                        				signed int* _t240;
                                                                                                                                                                                                                                                        				signed int _t242;
                                                                                                                                                                                                                                                        				intOrPtr _t246;
                                                                                                                                                                                                                                                        				signed int _t248;
                                                                                                                                                                                                                                                        				char* _t254;
                                                                                                                                                                                                                                                        				intOrPtr _t259;
                                                                                                                                                                                                                                                        				void* _t264;
                                                                                                                                                                                                                                                        				intOrPtr _t265;
                                                                                                                                                                                                                                                        				intOrPtr _t266;
                                                                                                                                                                                                                                                        				signed int _t268;
                                                                                                                                                                                                                                                        				signed int _t270;
                                                                                                                                                                                                                                                        				intOrPtr _t272;
                                                                                                                                                                                                                                                        				intOrPtr _t274;
                                                                                                                                                                                                                                                        				intOrPtr _t275;
                                                                                                                                                                                                                                                        				intOrPtr* _t277;
                                                                                                                                                                                                                                                        				intOrPtr _t278;
                                                                                                                                                                                                                                                        				intOrPtr* _t283;
                                                                                                                                                                                                                                                        				intOrPtr* _t284;
                                                                                                                                                                                                                                                        				signed int _t285;
                                                                                                                                                                                                                                                        				intOrPtr* _t287;
                                                                                                                                                                                                                                                        				signed int _t288;
                                                                                                                                                                                                                                                        				intOrPtr* _t290;
                                                                                                                                                                                                                                                        				signed int _t291;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t293;
                                                                                                                                                                                                                                                        				signed int _t294;
                                                                                                                                                                                                                                                        				signed int _t297;
                                                                                                                                                                                                                                                        				void* _t299;
                                                                                                                                                                                                                                                        				signed int _t303;
                                                                                                                                                                                                                                                        				void* _t304;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t210 = _a4;
                                                                                                                                                                                                                                                        				_t283 = __edx;
                                                                                                                                                                                                                                                        				_t274 =  *_t210;
                                                                                                                                                                                                                                                        				_t2 = _t210 + 4; // 0x5f8bd04d
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t2)) = _t274;
                                                                                                                                                                                                                                                        				_t3 = _t210 + 4; // 0x5f8bd04d
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t210 + 4)) =  *_t3;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 4)) =  *((intOrPtr*)(__ecx + 4)) - 1;
                                                                                                                                                                                                                                                        				_t7 = _t210 + 0x54; // 0xbc7d8bff
                                                                                                                                                                                                                                                        				_t162 =  *_t7;
                                                                                                                                                                                                                                                        				if(_t162 >= 0x10) {
                                                                                                                                                                                                                                                        					_t16 = _t210 + 0x40; // 0xfe49e9ff
                                                                                                                                                                                                                                                        					_t222 =  *_t16;
                                                                                                                                                                                                                                                        					_t17 = _t162 + 1; // 0xbc7d8c00
                                                                                                                                                                                                                                                        					_t264 = _t17;
                                                                                                                                                                                                                                                        					__eflags = _t264 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t264 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t265 =  *((intOrPtr*)(_t222 - 4));
                                                                                                                                                                                                                                                        						_t224 = _t222 + 0xfffffffc - _t265;
                                                                                                                                                                                                                                                        						_v20 = _t265;
                                                                                                                                                                                                                                                        						__eflags = _t224 - 0x20;
                                                                                                                                                                                                                                                        						if(_t224 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t222 = _v20;
                                                                                                                                                                                                                                                        							_t264 = _t162 + 0x24;
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_push(_t264);
                                                                                                                                                                                                                                                        						_push(_t222);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t303 = _t303 + 8;
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t210 + 0x50)) = 0;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t210 + 0x54)) = 0xf;
                                                                                                                                                                                                                                                        					 *((char*)(_t210 + 0x40)) = 0;
                                                                                                                                                                                                                                                        					_t11 = _t210 + 0x3c; // 0xfffe7585
                                                                                                                                                                                                                                                        					_t206 =  *_t11;
                                                                                                                                                                                                                                                        					if(_t206 >= 0x10) {
                                                                                                                                                                                                                                                        						_t18 = _t210 + 0x28; // 0xfe7d08e8
                                                                                                                                                                                                                                                        						_t259 =  *_t18;
                                                                                                                                                                                                                                                        						_t19 = _t206 + 1; // 0xfffe7586
                                                                                                                                                                                                                                                        						_t272 = _t19;
                                                                                                                                                                                                                                                        						__eflags = _t272 - 0x1000;
                                                                                                                                                                                                                                                        						if(_t272 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t265 =  *((intOrPtr*)(_t259 - 4));
                                                                                                                                                                                                                                                        							_t224 = _t259 + 0xfffffffc - _t265;
                                                                                                                                                                                                                                                        							_v20 = _t265;
                                                                                                                                                                                                                                                        							__eflags = _t224 - 0x20;
                                                                                                                                                                                                                                                        							if(_t224 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t297 = _t303;
                                                                                                                                                                                                                                                        								_push(_t210);
                                                                                                                                                                                                                                                        								_push(_t274);
                                                                                                                                                                                                                                                        								_push(_t283);
                                                                                                                                                                                                                                                        								_t304 = _t303 - 0x98;
                                                                                                                                                                                                                                                        								_t163 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t275 = _t265;
                                                                                                                                                                                                                                                        								_t284 = _t224;
                                                                                                                                                                                                                                                        								_v40 = _t163 ^ _t297;
                                                                                                                                                                                                                                                        								_t165 = GetModuleHandleW( &M00BF146A);
                                                                                                                                                                                                                                                        								__eflags = _t165;
                                                                                                                                                                                                                                                        								if(_t165 == 0) {
                                                                                                                                                                                                                                                        									_t285 = 7;
                                                                                                                                                                                                                                                        									goto L23;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v168 = _t165;
                                                                                                                                                                                                                                                        									_t168 =  *_t284;
                                                                                                                                                                                                                                                        									_v152 =  *((intOrPtr*)(_t168 + 0x28));
                                                                                                                                                                                                                                                        									_v160 = LoadLibraryW( *(_t168 + 0x2c));
                                                                                                                                                                                                                                                        									_t170 = E00BCB910();
                                                                                                                                                                                                                                                        									_t212 =  *_t170;
                                                                                                                                                                                                                                                        									__eflags =  *((intOrPtr*)(_t170 + 0x58)) - 1;
                                                                                                                                                                                                                                                        									_v156 = _t275;
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t170 + 0x58)) != 1) {
                                                                                                                                                                                                                                                        										_push(0x1c);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										_t304 = _t304 + 4;
                                                                                                                                                                                                                                                        										_t277 = _t170;
                                                                                                                                                                                                                                                        										__eflags = _t212 - 5;
                                                                                                                                                                                                                                                        										 *_t277 = 0xbf1540;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t277 + 0xc)) = 0;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t277 + 0x10)) =  *((intOrPtr*)( *_t284));
                                                                                                                                                                                                                                                        										 *((char*)(_t277 + 0x14)) =  *((intOrPtr*)(_t284 + 0xd));
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t277 + 0x18)) = 0;
                                                                                                                                                                                                                                                        										if(_t212 >= 5) {
                                                                                                                                                                                                                                                        											 *_t277 = 0xbf1510;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__eflags = _t212 - 7;
                                                                                                                                                                                                                                                        										if(_t212 < 7) {
                                                                                                                                                                                                                                                        											_push(0x1c);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											_t304 = _t304 + 4;
                                                                                                                                                                                                                                                        											_t277 = _t170;
                                                                                                                                                                                                                                                        											__eflags = _t212 - 5;
                                                                                                                                                                                                                                                        											 *_t277 = 0xbf1540;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t277 + 0xc)) = 0;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t277 + 0x10)) =  *((intOrPtr*)( *_t284));
                                                                                                                                                                                                                                                        											 *((char*)(_t277 + 0x14)) =  *((intOrPtr*)(_t284 + 0xd));
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t277 + 0x18)) = 0;
                                                                                                                                                                                                                                                        											if(_t212 < 5) {
                                                                                                                                                                                                                                                        												 *_t277 = 0xbf14e0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												 *_t277 = 0xbf14b0;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_push(0x1c);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											_t304 = _t304 + 4;
                                                                                                                                                                                                                                                        											_t277 = _t170;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t277 + 0xc)) = 0;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t277 + 0x10)) =  *((intOrPtr*)( *_t284));
                                                                                                                                                                                                                                                        											 *((char*)(_t277 + 0x14)) =  *((intOrPtr*)(_t284 + 0xd));
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t277 + 0x18)) = 0;
                                                                                                                                                                                                                                                        											 *_t277 = 0xbf1480;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t213 =  *((intOrPtr*)(_t284 + 4));
                                                                                                                                                                                                                                                        									_t172 =  *_t213;
                                                                                                                                                                                                                                                        									__eflags = _t172 - _t213;
                                                                                                                                                                                                                                                        									if(_t172 != _t213) {
                                                                                                                                                                                                                                                        										_t266 = _t172;
                                                                                                                                                                                                                                                        										_v148 = _t213;
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											_t267 = _t266 + 8;
                                                                                                                                                                                                                                                        											_v172 = _t172;
                                                                                                                                                                                                                                                        											E00BD5A10( &_v108, _t266 + 8);
                                                                                                                                                                                                                                                        											_v112 = 7;
                                                                                                                                                                                                                                                        											_v116 = 0;
                                                                                                                                                                                                                                                        											_v132 = 0;
                                                                                                                                                                                                                                                        											E00BBA740( &_v132,  &M00BF146A);
                                                                                                                                                                                                                                                        											_t175 = _v116;
                                                                                                                                                                                                                                                        											__eflags = _v84 - _t175;
                                                                                                                                                                                                                                                        											if(_v84 != _t175) {
                                                                                                                                                                                                                                                        												_v140 = 0;
                                                                                                                                                                                                                                                        												_v144 = 2;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags = _t175;
                                                                                                                                                                                                                                                        												if(_t175 == 0) {
                                                                                                                                                                                                                                                        													L37:
                                                                                                                                                                                                                                                        													__eflags = _v108 - 1;
                                                                                                                                                                                                                                                        													if(_v108 != 1) {
                                                                                                                                                                                                                                                        														goto L49;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t193 = _v28;
                                                                                                                                                                                                                                                        														__eflags = _t193;
                                                                                                                                                                                                                                                        														if(_t193 != 0) {
                                                                                                                                                                                                                                                        															L43:
                                                                                                                                                                                                                                                        															_t246 = _a4;
                                                                                                                                                                                                                                                        															_t290 = _v56;
                                                                                                                                                                                                                                                        															_t216 =  &_v52;
                                                                                                                                                                                                                                                        															_t267 = _v0 -  *((intOrPtr*)(_t246 + 4));
                                                                                                                                                                                                                                                        															_t248 =  *(_t246 + 0xc) << 6;
                                                                                                                                                                                                                                                        															__eflags = _v32 - 0xf;
                                                                                                                                                                                                                                                        															if(_v32 > 0xf) {
                                                                                                                                                                                                                                                        																_t216 = _v52;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_v140 = _t216;
                                                                                                                                                                                                                                                        															__eflags = _t290 - 0xf;
                                                                                                                                                                                                                                                        															_t291 =  &_v76;
                                                                                                                                                                                                                                                        															_v164 = _v156 + _t248 + 0x10;
                                                                                                                                                                                                                                                        															if(_t290 > 0xf) {
                                                                                                                                                                                                                                                        																_t291 = _v76;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															__eflags =  *((intOrPtr*)( *_t277 + 4))(_v168, _v152, _t291, _v140, _t193, _v164, _t267, 0);
                                                                                                                                                                                                                                                        															if(__eflags < 0) {
                                                                                                                                                                                                                                                        																_t175 = E00BEB570(_t267, __eflags, _t194);
                                                                                                                                                                                                                                                        																_t304 = _t304 + 4;
                                                                                                                                                                                                                                                        																SetLastError(_t175);
                                                                                                                                                                                                                                                        																_v144 = 0x28;
                                                                                                                                                                                                                                                        																_v140 = 0;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t195 = _a4;
                                                                                                                                                                                                                                                        																_t267 = _t195;
                                                                                                                                                                                                                                                        																 *((intOrPtr*)(0xbfb514 + _v104 * 4)) = _v156 + ( *(_t195 + 0xc) << 6) + 0x10;
                                                                                                                                                                                                                                                        																 *((intOrPtr*)(_t267 + 0xc)) =  *((intOrPtr*)(_t267 + 0xc)) + 1;
                                                                                                                                                                                                                                                        																 *((intOrPtr*)(_t267 + 4)) =  *((intOrPtr*)(_t267 + 4)) + 0x40;
                                                                                                                                                                                                                                                        																_t175 = 1;
                                                                                                                                                                                                                                                        																_v140 = 1;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															__eflags = _v32 - 0xf;
                                                                                                                                                                                                                                                        															_t199 =  &_v52;
                                                                                                                                                                                                                                                        															if(_v32 > 0xf) {
                                                                                                                                                                                                                                                        																_t199 = _v52;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t267 =  *_t277;
                                                                                                                                                                                                                                                        															_t293 = _v160;
                                                                                                                                                                                                                                                        															__eflags =  *((intOrPtr*)( *_t277 + 8))(_t293, _t199,  &_v136);
                                                                                                                                                                                                                                                        															if(__eflags < 0) {
                                                                                                                                                                                                                                                        																_t175 = E00BEB570(_t267, __eflags, _t200);
                                                                                                                                                                                                                                                        																_t304 = _t304 + 4;
                                                                                                                                                                                                                                                        																SetLastError(_t175);
                                                                                                                                                                                                                                                        																_v144 = 0x29;
                                                                                                                                                                                                                                                        																_v140 = 0;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t193 = _v136 - _t293 + _v152;
                                                                                                                                                                                                                                                        																__eflags = _t193;
                                                                                                                                                                                                                                                        																_v28 = _t193;
                                                                                                                                                                                                                                                        																goto L43;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													__eflags = _v112 - 7;
                                                                                                                                                                                                                                                        													_t254 =  &_v132;
                                                                                                                                                                                                                                                        													if(_v112 > 7) {
                                                                                                                                                                                                                                                        														_t254 = _v132;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags = _v80 - 7;
                                                                                                                                                                                                                                                        													_t267 =  &_v100;
                                                                                                                                                                                                                                                        													if(_v80 > 7) {
                                                                                                                                                                                                                                                        														_t267 = _v100;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t294 = 0;
                                                                                                                                                                                                                                                        													__eflags = 0;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														__eflags = ( *(_t267 + _t294 * 2) & 0x0000ffff) -  *((intOrPtr*)(_t254 + _t294 * 2));
                                                                                                                                                                                                                                                        														if(( *(_t267 + _t294 * 2) & 0x0000ffff) !=  *((intOrPtr*)(_t254 + _t294 * 2))) {
                                                                                                                                                                                                                                                        															break;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t294 = _t294 + 1;
                                                                                                                                                                                                                                                        														__eflags = _t175 - _t294;
                                                                                                                                                                                                                                                        														if(_t175 != _t294) {
                                                                                                                                                                                                                                                        															continue;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															goto L37;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L50;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L49:
                                                                                                                                                                                                                                                        													_v140 = 0;
                                                                                                                                                                                                                                                        													_v144 = 2;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L50:
                                                                                                                                                                                                                                                        												_t213 = _v148;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BBDF30(_t175,  &_v132, _t267);
                                                                                                                                                                                                                                                        											_t177 = _v32;
                                                                                                                                                                                                                                                        											__eflags = _t177 - 0x10;
                                                                                                                                                                                                                                                        											if(_t177 >= 0x10) {
                                                                                                                                                                                                                                                        												_t233 = _v52;
                                                                                                                                                                                                                                                        												_t287 = _t177 + 1;
                                                                                                                                                                                                                                                        												__eflags = _t287 - 0x1000;
                                                                                                                                                                                                                                                        												if(_t287 >= 0x1000) {
                                                                                                                                                                                                                                                        													_t268 =  *(_t233 - 4);
                                                                                                                                                                                                                                                        													_t235 = _t233 + 0xfffffffc - _t268;
                                                                                                                                                                                                                                                        													__eflags = _t235 - 0x20;
                                                                                                                                                                                                                                                        													if(_t235 >= 0x20) {
                                                                                                                                                                                                                                                        														goto L68;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t233 = _t268;
                                                                                                                                                                                                                                                        														_t287 = _t177 + 0x24;
                                                                                                                                                                                                                                                        														goto L57;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L57:
                                                                                                                                                                                                                                                        													_push(_t287);
                                                                                                                                                                                                                                                        													_push(_t233);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t304 = _t304 + 8;
                                                                                                                                                                                                                                                        													goto L52;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L52:
                                                                                                                                                                                                                                                        												_v36 = 0;
                                                                                                                                                                                                                                                        												_v32 = 0xf;
                                                                                                                                                                                                                                                        												_v52 = 0;
                                                                                                                                                                                                                                                        												_t177 = _v56;
                                                                                                                                                                                                                                                        												__eflags = _t177 - 0x10;
                                                                                                                                                                                                                                                        												if(_t177 >= 0x10) {
                                                                                                                                                                                                                                                        													_t242 = _v76;
                                                                                                                                                                                                                                                        													_t287 = _t177 + 1;
                                                                                                                                                                                                                                                        													__eflags = _t287 - 0x1000;
                                                                                                                                                                                                                                                        													if(_t287 >= 0x1000) {
                                                                                                                                                                                                                                                        														_t268 =  *(_t242 - 4);
                                                                                                                                                                                                                                                        														_t235 = _t242 + 0xfffffffc - _t268;
                                                                                                                                                                                                                                                        														__eflags = _t235 - 0x20;
                                                                                                                                                                                                                                                        														if(_t235 >= 0x20) {
                                                                                                                                                                                                                                                        															L68:
                                                                                                                                                                                                                                                        															__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															_push(_t297);
                                                                                                                                                                                                                                                        															_t299 = _t304;
                                                                                                                                                                                                                                                        															_push(_t213);
                                                                                                                                                                                                                                                        															_push(_t277);
                                                                                                                                                                                                                                                        															_push(_t287);
                                                                                                                                                                                                                                                        															_t278 =  *((intOrPtr*)(_t268 + 4));
                                                                                                                                                                                                                                                        															_t288 = _t268;
                                                                                                                                                                                                                                                        															_v208 = _t235;
                                                                                                                                                                                                                                                        															_push(0x5c);
                                                                                                                                                                                                                                                        															L00BEF6BA();
                                                                                                                                                                                                                                                        															__eflags = _t288;
                                                                                                                                                                                                                                                        															_v212 = _t278;
                                                                                                                                                                                                                                                        															_t214 = _t177;
                                                                                                                                                                                                                                                        															_t237 =  ==  ? _t177 : _t288;
                                                                                                                                                                                                                                                        															_t279 =  ==  ? _t177 : _t278;
                                                                                                                                                                                                                                                        															 *_t177 =  ==  ? _t177 : _t288;
                                                                                                                                                                                                                                                        															_t147 = _t177 + 8; // 0x8
                                                                                                                                                                                                                                                        															 *((intOrPtr*)(_t177 + 4)) =  ==  ? _t177 : _t278;
                                                                                                                                                                                                                                                        															E00BD5A10(_t147, _v184);
                                                                                                                                                                                                                                                        															_t239 = _v208;
                                                                                                                                                                                                                                                        															_t179 =  *(_t239 + 4);
                                                                                                                                                                                                                                                        															__eflags = _t179 - 0x2c8590a;
                                                                                                                                                                                                                                                        															if(_t179 == 0x2c8590a) {
                                                                                                                                                                                                                                                        																_push("list<T> too long");
                                                                                                                                                                                                                                                        																L00BEF798();
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																_push(_t299);
                                                                                                                                                                                                                                                        																_t180 =  *0xbfb5c0;
                                                                                                                                                                                                                                                        																__eflags = _t180;
                                                                                                                                                                                                                                                        																if(_t180 == 0) {
                                                                                                                                                                                                                                                        																	_t181 =  *0xbfb5bc;
                                                                                                                                                                                                                                                        																	__eflags = _t181;
                                                                                                                                                                                                                                                        																	if(_t181 == 0) {
                                                                                                                                                                                                                                                        																		__eflags = 0;
                                                                                                                                                                                                                                                        																		return 0;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_push(0);
                                                                                                                                                                                                                                                        																		_t180 = E00BE3CE0(8 +  *_t181 * 4, 0);
                                                                                                                                                                                                                                                        																		_t240 =  *0xbfb5bc;
                                                                                                                                                                                                                                                        																		 *0xbfb5c0 = _t180;
                                                                                                                                                                                                                                                        																		 *_t180 = _t240;
                                                                                                                                                                                                                                                        																		__eflags =  *_t240;
                                                                                                                                                                                                                                                        																		if( *_t240 > 0) {
                                                                                                                                                                                                                                                        																			_t270 = 0;
                                                                                                                                                                                                                                                        																			__eflags = 0;
                                                                                                                                                                                                                                                        																			asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        																			do {
                                                                                                                                                                                                                                                        																				 *((intOrPtr*)(_t180 + 4 + _t270 * 4)) = 0;
                                                                                                                                                                                                                                                        																				_t270 = _t270 + 1;
                                                                                                                                                                                                                                                        																				__eflags = _t270 -  *_t240;
                                                                                                                                                                                                                                                        																			} while (_t270 <  *_t240);
                                                                                                                                                                                                                                                        																			return _t180;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		goto L73;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	L73:
                                                                                                                                                                                                                                                        																	return _t180;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t185 = _t179 + 1;
                                                                                                                                                                                                                                                        																__eflags = _t185;
                                                                                                                                                                                                                                                        																 *(_t239 + 4) = _t185;
                                                                                                                                                                                                                                                        																 *((intOrPtr*)(_t288 + 4)) = _t214;
                                                                                                                                                                                                                                                        																 *_v32 = _t214;
                                                                                                                                                                                                                                                        																return _t185;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t177 = _t177 + 0x24;
                                                                                                                                                                                                                                                        															_t242 = _t268;
                                                                                                                                                                                                                                                        															_t287 = _t177;
                                                                                                                                                                                                                                                        															goto L59;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L59:
                                                                                                                                                                                                                                                        														_push(_t287);
                                                                                                                                                                                                                                                        														_push(_t242);
                                                                                                                                                                                                                                                        														L00BEF6C6();
                                                                                                                                                                                                                                                        														_t304 = _t304 + 8;
                                                                                                                                                                                                                                                        														goto L53;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L53:
                                                                                                                                                                                                                                                        													_v60 = 0;
                                                                                                                                                                                                                                                        													_v56 = 0xf;
                                                                                                                                                                                                                                                        													_v76 = 0;
                                                                                                                                                                                                                                                        													E00BBDF30(_t177,  &_v100, _t268);
                                                                                                                                                                                                                                                        													__eflags = _v140;
                                                                                                                                                                                                                                                        													if(_v140 == 0) {
                                                                                                                                                                                                                                                        														_t285 = _v144;
                                                                                                                                                                                                                                                        														goto L21;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L54;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L80;
                                                                                                                                                                                                                                                        											L54:
                                                                                                                                                                                                                                                        											_t285 = 0;
                                                                                                                                                                                                                                                        											_t266 =  *_v172;
                                                                                                                                                                                                                                                        											__eflags = _t266 - _t213;
                                                                                                                                                                                                                                                        											_t172 = _t266;
                                                                                                                                                                                                                                                        										} while (_t266 != _t213);
                                                                                                                                                                                                                                                        										goto L21;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t285 = 0;
                                                                                                                                                                                                                                                        										__eflags = 0;
                                                                                                                                                                                                                                                        										L21:
                                                                                                                                                                                                                                                        										 *((intOrPtr*)( *_t277))(1);
                                                                                                                                                                                                                                                        										_t190 = _v160;
                                                                                                                                                                                                                                                        										__eflags = _t190;
                                                                                                                                                                                                                                                        										if(_t190 != 0) {
                                                                                                                                                                                                                                                        											FreeLibrary(_t190);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L23:
                                                                                                                                                                                                                                                        										__eflags = _v24 ^ _t297;
                                                                                                                                                                                                                                                        										E00BEECB0(_v24 ^ _t297, _t265);
                                                                                                                                                                                                                                                        										return _t285;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t259 = _v20;
                                                                                                                                                                                                                                                        								_t272 = _t206;
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							_push(_t272);
                                                                                                                                                                                                                                                        							_push(_t259);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t303 = _t303 + 8;
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t12 = _t210 + 0x10; // 0xbd620b
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t210 + 0x38)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t210 + 0x3c)) = 0xf;
                                                                                                                                                                                                                                                        						 *((char*)(_t210 + 0x28)) = 0;
                                                                                                                                                                                                                                                        						E00BBDF30(_t206, _t12, _t272);
                                                                                                                                                                                                                                                        						_push(0x5c);
                                                                                                                                                                                                                                                        						_push(_t210);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						 *_t283 = _t274;
                                                                                                                                                                                                                                                        						return _t283;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L80:
                                                                                                                                                                                                                                                        			}


























































































                                                                                                                                                                                                                                                        0x00bd65c7
                                                                                                                                                                                                                                                        0x00bd65ca
                                                                                                                                                                                                                                                        0x00bd65cc
                                                                                                                                                                                                                                                        0x00bd65ce
                                                                                                                                                                                                                                                        0x00bd65d1
                                                                                                                                                                                                                                                        0x00bd65d5
                                                                                                                                                                                                                                                        0x00bd65d8
                                                                                                                                                                                                                                                        0x00bd65db
                                                                                                                                                                                                                                                        0x00bd65de
                                                                                                                                                                                                                                                        0x00bd65de
                                                                                                                                                                                                                                                        0x00bd65e4
                                                                                                                                                                                                                                                        0x00bd6631
                                                                                                                                                                                                                                                        0x00bd6631
                                                                                                                                                                                                                                                        0x00bd6634
                                                                                                                                                                                                                                                        0x00bd6634
                                                                                                                                                                                                                                                        0x00bd6637
                                                                                                                                                                                                                                                        0x00bd663d
                                                                                                                                                                                                                                                        0x00bd6665
                                                                                                                                                                                                                                                        0x00bd666b
                                                                                                                                                                                                                                                        0x00bd666d
                                                                                                                                                                                                                                                        0x00bd6670
                                                                                                                                                                                                                                                        0x00bd6673
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6675
                                                                                                                                                                                                                                                        0x00bd6675
                                                                                                                                                                                                                                                        0x00bd667b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd667b
                                                                                                                                                                                                                                                        0x00bd663f
                                                                                                                                                                                                                                                        0x00bd663f
                                                                                                                                                                                                                                                        0x00bd663f
                                                                                                                                                                                                                                                        0x00bd6640
                                                                                                                                                                                                                                                        0x00bd6641
                                                                                                                                                                                                                                                        0x00bd6646
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6646
                                                                                                                                                                                                                                                        0x00bd65e6
                                                                                                                                                                                                                                                        0x00bd65e6
                                                                                                                                                                                                                                                        0x00bd65e6
                                                                                                                                                                                                                                                        0x00bd65ed
                                                                                                                                                                                                                                                        0x00bd65f4
                                                                                                                                                                                                                                                        0x00bd65f8
                                                                                                                                                                                                                                                        0x00bd65f8
                                                                                                                                                                                                                                                        0x00bd65fe
                                                                                                                                                                                                                                                        0x00bd664b
                                                                                                                                                                                                                                                        0x00bd664b
                                                                                                                                                                                                                                                        0x00bd664e
                                                                                                                                                                                                                                                        0x00bd664e
                                                                                                                                                                                                                                                        0x00bd6651
                                                                                                                                                                                                                                                        0x00bd6657
                                                                                                                                                                                                                                                        0x00bd667f
                                                                                                                                                                                                                                                        0x00bd6685
                                                                                                                                                                                                                                                        0x00bd6687
                                                                                                                                                                                                                                                        0x00bd668a
                                                                                                                                                                                                                                                        0x00bd668d
                                                                                                                                                                                                                                                        0x00bd6699
                                                                                                                                                                                                                                                        0x00bd6699
                                                                                                                                                                                                                                                        0x00bd669f
                                                                                                                                                                                                                                                        0x00bd66a1
                                                                                                                                                                                                                                                        0x00bd66a3
                                                                                                                                                                                                                                                        0x00bd66a4
                                                                                                                                                                                                                                                        0x00bd66a5
                                                                                                                                                                                                                                                        0x00bd66a6
                                                                                                                                                                                                                                                        0x00bd66ac
                                                                                                                                                                                                                                                        0x00bd66b1
                                                                                                                                                                                                                                                        0x00bd66b3
                                                                                                                                                                                                                                                        0x00bd66b7
                                                                                                                                                                                                                                                        0x00bd66bf
                                                                                                                                                                                                                                                        0x00bd66c5
                                                                                                                                                                                                                                                        0x00bd66c7
                                                                                                                                                                                                                                                        0x00bd6734
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd66c9
                                                                                                                                                                                                                                                        0x00bd66c9
                                                                                                                                                                                                                                                        0x00bd66cf
                                                                                                                                                                                                                                                        0x00bd66d4
                                                                                                                                                                                                                                                        0x00bd66e3
                                                                                                                                                                                                                                                        0x00bd66e9
                                                                                                                                                                                                                                                        0x00bd66ee
                                                                                                                                                                                                                                                        0x00bd66f0
                                                                                                                                                                                                                                                        0x00bd66f4
                                                                                                                                                                                                                                                        0x00bd66fa
                                                                                                                                                                                                                                                        0x00bd673b
                                                                                                                                                                                                                                                        0x00bd673d
                                                                                                                                                                                                                                                        0x00bd6742
                                                                                                                                                                                                                                                        0x00bd6747
                                                                                                                                                                                                                                                        0x00bd674c
                                                                                                                                                                                                                                                        0x00bd6751
                                                                                                                                                                                                                                                        0x00bd6757
                                                                                                                                                                                                                                                        0x00bd675e
                                                                                                                                                                                                                                                        0x00bd6761
                                                                                                                                                                                                                                                        0x00bd6764
                                                                                                                                                                                                                                                        0x00bd676b
                                                                                                                                                                                                                                                        0x00bd676d
                                                                                                                                                                                                                                                        0x00bd676d
                                                                                                                                                                                                                                                        0x00bd66fc
                                                                                                                                                                                                                                                        0x00bd66fc
                                                                                                                                                                                                                                                        0x00bd66ff
                                                                                                                                                                                                                                                        0x00bd67ae
                                                                                                                                                                                                                                                        0x00bd67b0
                                                                                                                                                                                                                                                        0x00bd67b5
                                                                                                                                                                                                                                                        0x00bd67ba
                                                                                                                                                                                                                                                        0x00bd67bf
                                                                                                                                                                                                                                                        0x00bd67c4
                                                                                                                                                                                                                                                        0x00bd67ca
                                                                                                                                                                                                                                                        0x00bd67d1
                                                                                                                                                                                                                                                        0x00bd67d4
                                                                                                                                                                                                                                                        0x00bd67d7
                                                                                                                                                                                                                                                        0x00bd67de
                                                                                                                                                                                                                                                        0x00bd67e8
                                                                                                                                                                                                                                                        0x00bd67e0
                                                                                                                                                                                                                                                        0x00bd67e0
                                                                                                                                                                                                                                                        0x00bd67e0
                                                                                                                                                                                                                                                        0x00bd6705
                                                                                                                                                                                                                                                        0x00bd6705
                                                                                                                                                                                                                                                        0x00bd6707
                                                                                                                                                                                                                                                        0x00bd670c
                                                                                                                                                                                                                                                        0x00bd6711
                                                                                                                                                                                                                                                        0x00bd6718
                                                                                                                                                                                                                                                        0x00bd671f
                                                                                                                                                                                                                                                        0x00bd6722
                                                                                                                                                                                                                                                        0x00bd6725
                                                                                                                                                                                                                                                        0x00bd672c
                                                                                                                                                                                                                                                        0x00bd672c
                                                                                                                                                                                                                                                        0x00bd66ff
                                                                                                                                                                                                                                                        0x00bd6773
                                                                                                                                                                                                                                                        0x00bd6776
                                                                                                                                                                                                                                                        0x00bd6778
                                                                                                                                                                                                                                                        0x00bd677a
                                                                                                                                                                                                                                                        0x00bd67f0
                                                                                                                                                                                                                                                        0x00bd67f2
                                                                                                                                                                                                                                                        0x00bd6800
                                                                                                                                                                                                                                                        0x00bd6800
                                                                                                                                                                                                                                                        0x00bd6806
                                                                                                                                                                                                                                                        0x00bd680c
                                                                                                                                                                                                                                                        0x00bd6811
                                                                                                                                                                                                                                                        0x00bd6818
                                                                                                                                                                                                                                                        0x00bd681f
                                                                                                                                                                                                                                                        0x00bd682d
                                                                                                                                                                                                                                                        0x00bd6832
                                                                                                                                                                                                                                                        0x00bd6835
                                                                                                                                                                                                                                                        0x00bd6838
                                                                                                                                                                                                                                                        0x00bd6a72
                                                                                                                                                                                                                                                        0x00bd6a7c
                                                                                                                                                                                                                                                        0x00bd683e
                                                                                                                                                                                                                                                        0x00bd683e
                                                                                                                                                                                                                                                        0x00bd6840
                                                                                                                                                                                                                                                        0x00bd6873
                                                                                                                                                                                                                                                        0x00bd6873
                                                                                                                                                                                                                                                        0x00bd6877
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd687d
                                                                                                                                                                                                                                                        0x00bd687d
                                                                                                                                                                                                                                                        0x00bd6880
                                                                                                                                                                                                                                                        0x00bd6882
                                                                                                                                                                                                                                                        0x00bd68b9
                                                                                                                                                                                                                                                        0x00bd68bc
                                                                                                                                                                                                                                                        0x00bd68bf
                                                                                                                                                                                                                                                        0x00bd68c2
                                                                                                                                                                                                                                                        0x00bd68c5
                                                                                                                                                                                                                                                        0x00bd68cb
                                                                                                                                                                                                                                                        0x00bd68ce
                                                                                                                                                                                                                                                        0x00bd68d2
                                                                                                                                                                                                                                                        0x00bd68d4
                                                                                                                                                                                                                                                        0x00bd68d4
                                                                                                                                                                                                                                                        0x00bd68d7
                                                                                                                                                                                                                                                        0x00bd68e3
                                                                                                                                                                                                                                                        0x00bd68e6
                                                                                                                                                                                                                                                        0x00bd68ed
                                                                                                                                                                                                                                                        0x00bd68f3
                                                                                                                                                                                                                                                        0x00bd68f5
                                                                                                                                                                                                                                                        0x00bd68f5
                                                                                                                                                                                                                                                        0x00bd691c
                                                                                                                                                                                                                                                        0x00bd691e
                                                                                                                                                                                                                                                        0x00bd6a21
                                                                                                                                                                                                                                                        0x00bd6a26
                                                                                                                                                                                                                                                        0x00bd6a2a
                                                                                                                                                                                                                                                        0x00bd6a30
                                                                                                                                                                                                                                                        0x00bd6a3a
                                                                                                                                                                                                                                                        0x00bd6924
                                                                                                                                                                                                                                                        0x00bd6924
                                                                                                                                                                                                                                                        0x00bd692d
                                                                                                                                                                                                                                                        0x00bd693c
                                                                                                                                                                                                                                                        0x00bd6943
                                                                                                                                                                                                                                                        0x00bd6946
                                                                                                                                                                                                                                                        0x00bd694a
                                                                                                                                                                                                                                                        0x00bd694c
                                                                                                                                                                                                                                                        0x00bd694c
                                                                                                                                                                                                                                                        0x00bd6884
                                                                                                                                                                                                                                                        0x00bd6884
                                                                                                                                                                                                                                                        0x00bd6888
                                                                                                                                                                                                                                                        0x00bd688b
                                                                                                                                                                                                                                                        0x00bd688d
                                                                                                                                                                                                                                                        0x00bd688d
                                                                                                                                                                                                                                                        0x00bd6890
                                                                                                                                                                                                                                                        0x00bd6899
                                                                                                                                                                                                                                                        0x00bd68a3
                                                                                                                                                                                                                                                        0x00bd68a5
                                                                                                                                                                                                                                                        0x00bd6a4a
                                                                                                                                                                                                                                                        0x00bd6a4f
                                                                                                                                                                                                                                                        0x00bd6a53
                                                                                                                                                                                                                                                        0x00bd6a59
                                                                                                                                                                                                                                                        0x00bd6a63
                                                                                                                                                                                                                                                        0x00bd68ab
                                                                                                                                                                                                                                                        0x00bd68b0
                                                                                                                                                                                                                                                        0x00bd68b0
                                                                                                                                                                                                                                                        0x00bd68b6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd68b6
                                                                                                                                                                                                                                                        0x00bd68a5
                                                                                                                                                                                                                                                        0x00bd6882
                                                                                                                                                                                                                                                        0x00bd6842
                                                                                                                                                                                                                                                        0x00bd6842
                                                                                                                                                                                                                                                        0x00bd6846
                                                                                                                                                                                                                                                        0x00bd6849
                                                                                                                                                                                                                                                        0x00bd684b
                                                                                                                                                                                                                                                        0x00bd684b
                                                                                                                                                                                                                                                        0x00bd684e
                                                                                                                                                                                                                                                        0x00bd6852
                                                                                                                                                                                                                                                        0x00bd6855
                                                                                                                                                                                                                                                        0x00bd6857
                                                                                                                                                                                                                                                        0x00bd6857
                                                                                                                                                                                                                                                        0x00bd685a
                                                                                                                                                                                                                                                        0x00bd685a
                                                                                                                                                                                                                                                        0x00bd6860
                                                                                                                                                                                                                                                        0x00bd6864
                                                                                                                                                                                                                                                        0x00bd6868
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd686e
                                                                                                                                                                                                                                                        0x00bd686f
                                                                                                                                                                                                                                                        0x00bd6871
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6871
                                                                                                                                                                                                                                                        0x00bd6960
                                                                                                                                                                                                                                                        0x00bd6960
                                                                                                                                                                                                                                                        0x00bd696a
                                                                                                                                                                                                                                                        0x00bd696a
                                                                                                                                                                                                                                                        0x00bd6974
                                                                                                                                                                                                                                                        0x00bd6974
                                                                                                                                                                                                                                                        0x00bd6974
                                                                                                                                                                                                                                                        0x00bd697d
                                                                                                                                                                                                                                                        0x00bd6982
                                                                                                                                                                                                                                                        0x00bd6985
                                                                                                                                                                                                                                                        0x00bd6988
                                                                                                                                                                                                                                                        0x00bd69e4
                                                                                                                                                                                                                                                        0x00bd69e7
                                                                                                                                                                                                                                                        0x00bd69ea
                                                                                                                                                                                                                                                        0x00bd69f0
                                                                                                                                                                                                                                                        0x00bd6a96
                                                                                                                                                                                                                                                        0x00bd6a9c
                                                                                                                                                                                                                                                        0x00bd6a9e
                                                                                                                                                                                                                                                        0x00bd6aa1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6aa3
                                                                                                                                                                                                                                                        0x00bd6aa6
                                                                                                                                                                                                                                                        0x00bd6aa8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6aa8
                                                                                                                                                                                                                                                        0x00bd69f6
                                                                                                                                                                                                                                                        0x00bd69f6
                                                                                                                                                                                                                                                        0x00bd69f6
                                                                                                                                                                                                                                                        0x00bd69f7
                                                                                                                                                                                                                                                        0x00bd69f8
                                                                                                                                                                                                                                                        0x00bd69fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd69fd
                                                                                                                                                                                                                                                        0x00bd698a
                                                                                                                                                                                                                                                        0x00bd698a
                                                                                                                                                                                                                                                        0x00bd698a
                                                                                                                                                                                                                                                        0x00bd6991
                                                                                                                                                                                                                                                        0x00bd6998
                                                                                                                                                                                                                                                        0x00bd699c
                                                                                                                                                                                                                                                        0x00bd699f
                                                                                                                                                                                                                                                        0x00bd69a2
                                                                                                                                                                                                                                                        0x00bd6a02
                                                                                                                                                                                                                                                        0x00bd6a05
                                                                                                                                                                                                                                                        0x00bd6a08
                                                                                                                                                                                                                                                        0x00bd6a0e
                                                                                                                                                                                                                                                        0x00bd6aaf
                                                                                                                                                                                                                                                        0x00bd6ab5
                                                                                                                                                                                                                                                        0x00bd6ab7
                                                                                                                                                                                                                                                        0x00bd6aba
                                                                                                                                                                                                                                                        0x00bd6ac8
                                                                                                                                                                                                                                                        0x00bd6ac8
                                                                                                                                                                                                                                                        0x00bd6ace
                                                                                                                                                                                                                                                        0x00bd6acf
                                                                                                                                                                                                                                                        0x00bd6ad0
                                                                                                                                                                                                                                                        0x00bd6ad1
                                                                                                                                                                                                                                                        0x00bd6ad3
                                                                                                                                                                                                                                                        0x00bd6ad4
                                                                                                                                                                                                                                                        0x00bd6ad5
                                                                                                                                                                                                                                                        0x00bd6ad9
                                                                                                                                                                                                                                                        0x00bd6adc
                                                                                                                                                                                                                                                        0x00bd6ade
                                                                                                                                                                                                                                                        0x00bd6ae1
                                                                                                                                                                                                                                                        0x00bd6ae3
                                                                                                                                                                                                                                                        0x00bd6aee
                                                                                                                                                                                                                                                        0x00bd6af2
                                                                                                                                                                                                                                                        0x00bd6af5
                                                                                                                                                                                                                                                        0x00bd6af7
                                                                                                                                                                                                                                                        0x00bd6afa
                                                                                                                                                                                                                                                        0x00bd6afd
                                                                                                                                                                                                                                                        0x00bd6aff
                                                                                                                                                                                                                                                        0x00bd6b02
                                                                                                                                                                                                                                                        0x00bd6b05
                                                                                                                                                                                                                                                        0x00bd6b0a
                                                                                                                                                                                                                                                        0x00bd6b0d
                                                                                                                                                                                                                                                        0x00bd6b10
                                                                                                                                                                                                                                                        0x00bd6b15
                                                                                                                                                                                                                                                        0x00bd6b2b
                                                                                                                                                                                                                                                        0x00bd6b30
                                                                                                                                                                                                                                                        0x00bd6b35
                                                                                                                                                                                                                                                        0x00bd6b36
                                                                                                                                                                                                                                                        0x00bd6b37
                                                                                                                                                                                                                                                        0x00bd6b38
                                                                                                                                                                                                                                                        0x00bd6b39
                                                                                                                                                                                                                                                        0x00bd6b3a
                                                                                                                                                                                                                                                        0x00bd6b3b
                                                                                                                                                                                                                                                        0x00bd6b3c
                                                                                                                                                                                                                                                        0x00bd6b3d
                                                                                                                                                                                                                                                        0x00bd6b3e
                                                                                                                                                                                                                                                        0x00bd6b3f
                                                                                                                                                                                                                                                        0x00bd6b40
                                                                                                                                                                                                                                                        0x00bd6b43
                                                                                                                                                                                                                                                        0x00bd6b48
                                                                                                                                                                                                                                                        0x00bd6b4a
                                                                                                                                                                                                                                                        0x00bd6b4e
                                                                                                                                                                                                                                                        0x00bd6b53
                                                                                                                                                                                                                                                        0x00bd6b55
                                                                                                                                                                                                                                                        0x00bd6b9f
                                                                                                                                                                                                                                                        0x00bd6ba2
                                                                                                                                                                                                                                                        0x00bd6b57
                                                                                                                                                                                                                                                        0x00bd6b60
                                                                                                                                                                                                                                                        0x00bd6b65
                                                                                                                                                                                                                                                        0x00bd6b6d
                                                                                                                                                                                                                                                        0x00bd6b73
                                                                                                                                                                                                                                                        0x00bd6b78
                                                                                                                                                                                                                                                        0x00bd6b7a
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b7f
                                                                                                                                                                                                                                                        0x00bd6b7f
                                                                                                                                                                                                                                                        0x00bd6b81
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b98
                                                                                                                                                                                                                                                        0x00bd6b99
                                                                                                                                                                                                                                                        0x00bd6b99
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b18
                                                                                                                                                                                                                                                        0x00bd6b1e
                                                                                                                                                                                                                                                        0x00bd6b21
                                                                                                                                                                                                                                                        0x00bd6b2a
                                                                                                                                                                                                                                                        0x00bd6b2a
                                                                                                                                                                                                                                                        0x00bd6abc
                                                                                                                                                                                                                                                        0x00bd6abc
                                                                                                                                                                                                                                                        0x00bd6abf
                                                                                                                                                                                                                                                        0x00bd6ac1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6ac1
                                                                                                                                                                                                                                                        0x00bd6a14
                                                                                                                                                                                                                                                        0x00bd6a14
                                                                                                                                                                                                                                                        0x00bd6a14
                                                                                                                                                                                                                                                        0x00bd6a15
                                                                                                                                                                                                                                                        0x00bd6a16
                                                                                                                                                                                                                                                        0x00bd6a1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6a1b
                                                                                                                                                                                                                                                        0x00bd69a4
                                                                                                                                                                                                                                                        0x00bd69a4
                                                                                                                                                                                                                                                        0x00bd69a7
                                                                                                                                                                                                                                                        0x00bd69ae
                                                                                                                                                                                                                                                        0x00bd69b5
                                                                                                                                                                                                                                                        0x00bd69b9
                                                                                                                                                                                                                                                        0x00bd69be
                                                                                                                                                                                                                                                        0x00bd69c5
                                                                                                                                                                                                                                                        0x00bd6a8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd69c5
                                                                                                                                                                                                                                                        0x00bd69a2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd69cb
                                                                                                                                                                                                                                                        0x00bd69d1
                                                                                                                                                                                                                                                        0x00bd69d3
                                                                                                                                                                                                                                                        0x00bd69d5
                                                                                                                                                                                                                                                        0x00bd69d7
                                                                                                                                                                                                                                                        0x00bd69d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd677c
                                                                                                                                                                                                                                                        0x00bd677c
                                                                                                                                                                                                                                                        0x00bd677c
                                                                                                                                                                                                                                                        0x00bd677e
                                                                                                                                                                                                                                                        0x00bd6784
                                                                                                                                                                                                                                                        0x00bd6786
                                                                                                                                                                                                                                                        0x00bd678c
                                                                                                                                                                                                                                                        0x00bd678e
                                                                                                                                                                                                                                                        0x00bd6791
                                                                                                                                                                                                                                                        0x00bd6791
                                                                                                                                                                                                                                                        0x00bd6797
                                                                                                                                                                                                                                                        0x00bd679a
                                                                                                                                                                                                                                                        0x00bd679c
                                                                                                                                                                                                                                                        0x00bd67ad
                                                                                                                                                                                                                                                        0x00bd67ad
                                                                                                                                                                                                                                                        0x00bd677a
                                                                                                                                                                                                                                                        0x00bd668f
                                                                                                                                                                                                                                                        0x00bd668f
                                                                                                                                                                                                                                                        0x00bd6695
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6695
                                                                                                                                                                                                                                                        0x00bd6659
                                                                                                                                                                                                                                                        0x00bd6659
                                                                                                                                                                                                                                                        0x00bd6659
                                                                                                                                                                                                                                                        0x00bd665a
                                                                                                                                                                                                                                                        0x00bd665b
                                                                                                                                                                                                                                                        0x00bd6660
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6660
                                                                                                                                                                                                                                                        0x00bd6600
                                                                                                                                                                                                                                                        0x00bd6600
                                                                                                                                                                                                                                                        0x00bd6600
                                                                                                                                                                                                                                                        0x00bd6603
                                                                                                                                                                                                                                                        0x00bd660a
                                                                                                                                                                                                                                                        0x00bd6611
                                                                                                                                                                                                                                                        0x00bd6615
                                                                                                                                                                                                                                                        0x00bd661a
                                                                                                                                                                                                                                                        0x00bd661c
                                                                                                                                                                                                                                                        0x00bd661d
                                                                                                                                                                                                                                                        0x00bd6625
                                                                                                                                                                                                                                                        0x00bd6630
                                                                                                                                                                                                                                                        0x00bd6630
                                                                                                                                                                                                                                                        0x00bd65fe
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00BD61FB,0000005C,?,?,00BD61FB,?,?,?,?,?,00000000), ref: 00BD661D
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,BC7D8BDB,?,4DD80977,?,?,?,00BD61FB,?,?,?,?,?,00000000), ref: 00BD6641
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,FFFE7561,00BD61FB,?,?,?,?,?,00000000), ref: 00BD665B
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,4DD80977,?,?,?,00BD61FB,?,?,?,?,?,00000000), ref: 00BD6699
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 417036301-0
                                                                                                                                                                                                                                                        • Opcode ID: 813842588f0d017056c10e2291e4eb0ae59d1cfe14bba950093cf9a5caef72e1
                                                                                                                                                                                                                                                        • Instruction ID: 7e5317752058846e64e858322234faa0108ddc7efc5cb577674d2aceaef93051
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 813842588f0d017056c10e2291e4eb0ae59d1cfe14bba950093cf9a5caef72e1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2821A2715001009FDB08DF18D8D4B6ABBE6FF95314F1486AAE8068F39AE771D884CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BCBE80(void** __edx, void* _a4, intOrPtr _a8, intOrPtr _a12, char _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				void** _t34;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				_t27 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t48 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t27 ^ _t49;
                                                                                                                                                                                                                                                        				if(_t48 != 0) {
                                                                                                                                                                                                                                                        					_t46 =  &_v56;
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					if(E00BCBDF0(_t48,  &_v56) == 0) {
                                                                                                                                                                                                                                                        						_t47 = _v56;
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t47 = _v56;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_t46 = _a12;
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						_v48 = _a12;
                                                                                                                                                                                                                                                        						_v52 = _a16;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v24 = E00BE7750(_a8);
                                                                                                                                                                                                                                                        						_t34 =  &_v60;
                                                                                                                                                                                                                                                        						_t45 =  &_v52;
                                                                                                                                                                                                                                                        						_t40 = _t45;
                                                                                                                                                                                                                                                        						__imp__SetEntriesInAclW(1, _t45,  *_t47, _t34);
                                                                                                                                                                                                                                                        						if(_t34 != 0) {
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							_t38 = 0;
                                                                                                                                                                                                                                                        							if(_t47 != 0) {
                                                                                                                                                                                                                                                        								goto L9;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_v52 = _v60;
                                                                                                                                                                                                                                                        							_t38 = _t40 & 0xffffff00 | SetTokenInformation(_t48, 6, _t40, 4) != 0x00000000;
                                                                                                                                                                                                                                                        							LocalFree(_v60);
                                                                                                                                                                                                                                                        							if(_t47 != 0) {
                                                                                                                                                                                                                                                        								L9:
                                                                                                                                                                                                                                                        								free(_t47);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t38 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t49, _t46);
                                                                                                                                                                                                                                                        				return _t38;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bcbe80
                                                                                                                                                                                                                                                        0x00bcbe89
                                                                                                                                                                                                                                                        0x00bcbe8e
                                                                                                                                                                                                                                                        0x00bcbe95
                                                                                                                                                                                                                                                        0x00bcbe98
                                                                                                                                                                                                                                                        0x00bcbeb0
                                                                                                                                                                                                                                                        0x00bcbeb5
                                                                                                                                                                                                                                                        0x00bcbec3
                                                                                                                                                                                                                                                        0x00bcbf4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbec9
                                                                                                                                                                                                                                                        0x00bcbec9
                                                                                                                                                                                                                                                        0x00bcbecc
                                                                                                                                                                                                                                                        0x00bcbed6
                                                                                                                                                                                                                                                        0x00bcbede
                                                                                                                                                                                                                                                        0x00bcbee5
                                                                                                                                                                                                                                                        0x00bcbee8
                                                                                                                                                                                                                                                        0x00bcbeeb
                                                                                                                                                                                                                                                        0x00bcbef2
                                                                                                                                                                                                                                                        0x00bcbef9
                                                                                                                                                                                                                                                        0x00bcbf00
                                                                                                                                                                                                                                                        0x00bcbf0c
                                                                                                                                                                                                                                                        0x00bcbf0f
                                                                                                                                                                                                                                                        0x00bcbf12
                                                                                                                                                                                                                                                        0x00bcbf17
                                                                                                                                                                                                                                                        0x00bcbf1c
                                                                                                                                                                                                                                                        0x00bcbf24
                                                                                                                                                                                                                                                        0x00bcbf52
                                                                                                                                                                                                                                                        0x00bcbf52
                                                                                                                                                                                                                                                        0x00bcbf56
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbf26
                                                                                                                                                                                                                                                        0x00bcbf29
                                                                                                                                                                                                                                                        0x00bcbf3a
                                                                                                                                                                                                                                                        0x00bcbf40
                                                                                                                                                                                                                                                        0x00bcbf48
                                                                                                                                                                                                                                                        0x00bcbf5c
                                                                                                                                                                                                                                                        0x00bcbf5d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbf4a
                                                                                                                                                                                                                                                        0x00bcbf48
                                                                                                                                                                                                                                                        0x00bcbf24
                                                                                                                                                                                                                                                        0x00bcbe9a
                                                                                                                                                                                                                                                        0x00bcbe9a
                                                                                                                                                                                                                                                        0x00bcbe9a
                                                                                                                                                                                                                                                        0x00bcbea1
                                                                                                                                                                                                                                                        0x00bcbeaf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SetEntriesInAclW.ADVAPI32(00000001,?,?,?), ref: 00BCBF1C
                                                                                                                                                                                                                                                        • SetTokenInformation.ADVAPI32(?,00000006,?,00000004,?,?), ref: 00BCBF32
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?,?,?), ref: 00BCBF40
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BCBF5D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: EntriesFreeInformationLocalTokenfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1466841064-0
                                                                                                                                                                                                                                                        • Opcode ID: a145a6b8b968723434bf4ff195a93dff49884b43fb2cbbe47f984cd761f23b00
                                                                                                                                                                                                                                                        • Instruction ID: bbe7a09ebf2c204fc592df68ee8dc2d2079c86f4502f4bdb78c3822d58b6e034
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a145a6b8b968723434bf4ff195a93dff49884b43fb2cbbe47f984cd761f23b00
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AE21F6B1A01209ABDB00DFA5E885FEEBBB9FF48714F104069E919A7340DB715908CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 68%
                                                                                                                                                                                                                                                        			E00BEA1A0(intOrPtr __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t26;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				signed int* _t35;
                                                                                                                                                                                                                                                        				signed char _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t42;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t42 = _a4;
                                                                                                                                                                                                                                                        				if(_t42 == 0) {
                                                                                                                                                                                                                                                        					return 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t26 = __ecx + 0xc;
                                                                                                                                                                                                                                                        				_t44 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t26;
                                                                                                                                                                                                                                                        				EnterCriticalSection(_t26);
                                                                                                                                                                                                                                                        				_t35 =  *(_t44 + 4);
                                                                                                                                                                                                                                                        				_t27 =  *_t35;
                                                                                                                                                                                                                                                        				if(_t35 == _t27) {
                                                                                                                                                                                                                                                        					_v20 = 1;
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_v24);
                                                                                                                                                                                                                                                        					return _v20 & 0x00000001;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v28 = _t44;
                                                                                                                                                                                                                                                        				_t33 = _v28;
                                                                                                                                                                                                                                                        				_v20 = 1;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t27 + 8)) == _t42) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t45 =  *_t27;
                                                                                                                                                                                                                                                        					 *( *(_t27 + 4)) = _t45;
                                                                                                                                                                                                                                                        					 *( *_t27 + 4) =  *(_t27 + 4);
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t33 + 8)) =  *((intOrPtr*)(_t33 + 8)) - 1;
                                                                                                                                                                                                                                                        					L00BEF6C6();
                                                                                                                                                                                                                                                        					_t46 = _t46 + 8;
                                                                                                                                                                                                                                                        					_t42 = _a4;
                                                                                                                                                                                                                                                        					__imp__UnregisterWaitEx( *((intOrPtr*)(_t27 + 0xc)), 0xffffffff, _t27, 0x10);
                                                                                                                                                                                                                                                        					_t39 = _v20 & (_t27 & 0xffffff00 | _t27 != 0x00000000);
                                                                                                                                                                                                                                                        					_t27 = _t45;
                                                                                                                                                                                                                                                        					_v20 = _t39;
                                                                                                                                                                                                                                                        					_t35 =  *(_t33 + 4);
                                                                                                                                                                                                                                                        					if(_t35 != _t27) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t27 + 8)) != _t42) {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							_t27 =  *_t27;
                                                                                                                                                                                                                                                        							if(_t35 == _t27) {
                                                                                                                                                                                                                                                        								goto L10;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L4;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bea1a9
                                                                                                                                                                                                                                                        0x00bea1ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea22f
                                                                                                                                                                                                                                                        0x00bea1b0
                                                                                                                                                                                                                                                        0x00bea1b3
                                                                                                                                                                                                                                                        0x00bea1b5
                                                                                                                                                                                                                                                        0x00bea1b9
                                                                                                                                                                                                                                                        0x00bea1bf
                                                                                                                                                                                                                                                        0x00bea1c2
                                                                                                                                                                                                                                                        0x00bea1c6
                                                                                                                                                                                                                                                        0x00bea235
                                                                                                                                                                                                                                                        0x00bea238
                                                                                                                                                                                                                                                        0x00bea241
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea247
                                                                                                                                                                                                                                                        0x00bea1c8
                                                                                                                                                                                                                                                        0x00bea1cd
                                                                                                                                                                                                                                                        0x00bea1d0
                                                                                                                                                                                                                                                        0x00bea1d6
                                                                                                                                                                                                                                                        0x00bea1eb
                                                                                                                                                                                                                                                        0x00bea1ee
                                                                                                                                                                                                                                                        0x00bea1f3
                                                                                                                                                                                                                                                        0x00bea1fa
                                                                                                                                                                                                                                                        0x00bea1fd
                                                                                                                                                                                                                                                        0x00bea203
                                                                                                                                                                                                                                                        0x00bea208
                                                                                                                                                                                                                                                        0x00bea20e
                                                                                                                                                                                                                                                        0x00bea211
                                                                                                                                                                                                                                                        0x00bea21f
                                                                                                                                                                                                                                                        0x00bea221
                                                                                                                                                                                                                                                        0x00bea223
                                                                                                                                                                                                                                                        0x00bea226
                                                                                                                                                                                                                                                        0x00bea22b
                                                                                                                                                                                                                                                        0x00bea1e6
                                                                                                                                                                                                                                                        0x00bea1e9
                                                                                                                                                                                                                                                        0x00bea1e0
                                                                                                                                                                                                                                                        0x00bea1e0
                                                                                                                                                                                                                                                        0x00bea1e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea1e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea1e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea22d
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 00BEA1B9
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,00000010), ref: 00BEA203
                                                                                                                                                                                                                                                        • UnregisterWaitEx.KERNEL32(?,000000FF), ref: 00BEA211
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 00BEA241
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$??3@EnterLeaveUnregisterWait
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2393515925-0
                                                                                                                                                                                                                                                        • Opcode ID: 531a490d149890035a5073d4ca44e5c535e0afd5db3f3f7ecd86781b61add66c
                                                                                                                                                                                                                                                        • Instruction ID: 32ce39c2e189d5ba6b563ca51eccd04a9ced2a314f702a06fb35fdbb1ca6bb2b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 531a490d149890035a5073d4ca44e5c535e0afd5db3f3f7ecd86781b61add66c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C4218435A00215CFCB00CF55D8849BAB7F9FF4A310B25C1AAE905AB361D772ED45DBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BCD670(intOrPtr* __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr _v4;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				char _v16;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				intOrPtr _t25;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				intOrPtr* _t34;
                                                                                                                                                                                                                                                        				intOrPtr* _t36;
                                                                                                                                                                                                                                                        				intOrPtr* _t43;
                                                                                                                                                                                                                                                        				intOrPtr* _t58;
                                                                                                                                                                                                                                                        				long* _t60;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = _t64 - 8;
                                                                                                                                                                                                                                                        				_t23 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t58 = __ecx;
                                                                                                                                                                                                                                                        				_v12 = _t23 ^ _t62;
                                                                                                                                                                                                                                                        				 *__ecx = 0xbf1250;
                                                                                                                                                                                                                                                        				_t25 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				_t41 = _t25 + 1;
                                                                                                                                                                                                                                                        				if(_t25 + 1 >= 2) {
                                                                                                                                                                                                                                                        					__eax = PostQueuedCompletionStatus(__eax, 0, 5, 0);
                                                                                                                                                                                                                                                        					__eax =  *(__esi + 0xc);
                                                                                                                                                                                                                                                        					__ecx = __eax + 1;
                                                                                                                                                                                                                                                        					if(__ecx < 2 || __eax != 0x102) {
                                                                                                                                                                                                                                                        						__ecx =  *(__esi + 0x10);
                                                                                                                                                                                                                                                        						 *(__esi + 0x10) = 0;
                                                                                                                                                                                                                                                        						if(__ecx != 0) {
                                                                                                                                                                                                                                                        							__eax =  *__ecx;
                                                                                                                                                                                                                                                        							__eax =  *((intOrPtr*)( *__ecx + 8))(1);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eax = __esi + 0x1c;
                                                                                                                                                                                                                                                        						DeleteCriticalSection(__esi + 0x1c);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t50 =  &_v16;
                                                                                                                                                                                                                                                        				E00BCE590(_t58 + 0x14,  &_v16,  *((intOrPtr*)( *((intOrPtr*)(_t58 + 0x14)))),  *((intOrPtr*)(_t58 + 0x14)));
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				_push( *((intOrPtr*)(_t58 + 0x14)));
                                                                                                                                                                                                                                                        				L00BEF6C6();
                                                                                                                                                                                                                                                        				_t67 = _t65 + 0x10;
                                                                                                                                                                                                                                                        				_t43 =  *((intOrPtr*)(_t58 + 0x10));
                                                                                                                                                                                                                                                        				if(_t43 != 0) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t43 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				_t25 = E00BEECB0(_v12 ^ _t62, _t50);
                                                                                                                                                                                                                                                        				_t41 = _t58 + 4;
                                                                                                                                                                                                                                                        				_t65 = _t67 + 8;
                                                                                                                                                                                                                                                        				_pop(_t58);
                                                                                                                                                                                                                                                        				_pop(_t62);
                                                                                                                                                                                                                                                        				_push(_t62);
                                                                                                                                                                                                                                                        				_push(_t58);
                                                                                                                                                                                                                                                        				_push(_t25);
                                                                                                                                                                                                                                                        				_t31 =  *_t41 + 1;
                                                                                                                                                                                                                                                        				if(_t31 >= 2) {
                                                                                                                                                                                                                                                        					_t60 = _t41;
                                                                                                                                                                                                                                                        					_t32 = E00BC50B0();
                                                                                                                                                                                                                                                        					_v24 =  *_t60;
                                                                                                                                                                                                                                                        					_t34 = E00BCAB90();
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t34 + 8))(_v24, _t60, _v4, _t32);
                                                                                                                                                                                                                                                        					_t36 = E00BCAB90();
                                                                                                                                                                                                                                                        					_t31 =  *((intOrPtr*)( *_t36))( *_t60);
                                                                                                                                                                                                                                                        					 *_t60 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t31;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bcd674
                                                                                                                                                                                                                                                        0x00bcd677
                                                                                                                                                                                                                                                        0x00bcd67c
                                                                                                                                                                                                                                                        0x00bcd680
                                                                                                                                                                                                                                                        0x00bcd683
                                                                                                                                                                                                                                                        0x00bcd689
                                                                                                                                                                                                                                                        0x00bcd68c
                                                                                                                                                                                                                                                        0x00bcd692
                                                                                                                                                                                                                                                        0x00bcd69b
                                                                                                                                                                                                                                                        0x00bcd6a1
                                                                                                                                                                                                                                                        0x00bcd6a4
                                                                                                                                                                                                                                                        0x00bcd6aa
                                                                                                                                                                                                                                                        0x00bcd6bf
                                                                                                                                                                                                                                                        0x00bcd6c2
                                                                                                                                                                                                                                                        0x00bcd6cb
                                                                                                                                                                                                                                                        0x00bcd728
                                                                                                                                                                                                                                                        0x00bcd72c
                                                                                                                                                                                                                                                        0x00bcd72c
                                                                                                                                                                                                                                                        0x00bcd6cd
                                                                                                                                                                                                                                                        0x00bcd6d1
                                                                                                                                                                                                                                                        0x00bcd6d1
                                                                                                                                                                                                                                                        0x00bcd6aa
                                                                                                                                                                                                                                                        0x00bcd6dd
                                                                                                                                                                                                                                                        0x00bcd6e3
                                                                                                                                                                                                                                                        0x00bcd6eb
                                                                                                                                                                                                                                                        0x00bcd6ed
                                                                                                                                                                                                                                                        0x00bcd6f0
                                                                                                                                                                                                                                                        0x00bcd6f5
                                                                                                                                                                                                                                                        0x00bcd6f8
                                                                                                                                                                                                                                                        0x00bcd6fd
                                                                                                                                                                                                                                                        0x00bcd735
                                                                                                                                                                                                                                                        0x00bcd735
                                                                                                                                                                                                                                                        0x00bcd702
                                                                                                                                                                                                                                                        0x00bcd70a
                                                                                                                                                                                                                                                        0x00bcd717
                                                                                                                                                                                                                                                        0x00bcd71c
                                                                                                                                                                                                                                                        0x00bcd71e
                                                                                                                                                                                                                                                        0x00bcd721
                                                                                                                                                                                                                                                        0x00bcd722
                                                                                                                                                                                                                                                        0x00bc51b0
                                                                                                                                                                                                                                                        0x00bc51b5
                                                                                                                                                                                                                                                        0x00bc51b6
                                                                                                                                                                                                                                                        0x00bc51b9
                                                                                                                                                                                                                                                        0x00bc51bd
                                                                                                                                                                                                                                                        0x00bc51c7
                                                                                                                                                                                                                                                        0x00bc51c9
                                                                                                                                                                                                                                                        0x00bc51d5
                                                                                                                                                                                                                                                        0x00bc51d8
                                                                                                                                                                                                                                                        0x00bc51e7
                                                                                                                                                                                                                                                        0x00bc51ec
                                                                                                                                                                                                                                                        0x00bc51f6
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51c6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000005,00000000), ref: 00BCD69B
                                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,000003E8), ref: 00BCD6B2
                                                                                                                                                                                                                                                        • DeleteCriticalSection.KERNEL32(?), ref: 00BCD6D1
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000014,00000014), ref: 00BCD6F0
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@CompletionCriticalDeleteObjectPostQueuedSectionSingleStatusWait
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1678056248-0
                                                                                                                                                                                                                                                        • Opcode ID: 467d68f165a6f4b0e5eade8517afd149e915d3c8656c62031277a44360a37227
                                                                                                                                                                                                                                                        • Instruction ID: 54a486c2ccc5b79096c065699bf520d79788999f19250b76efc6c3aa74be8bd1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 467d68f165a6f4b0e5eade8517afd149e915d3c8656c62031277a44360a37227
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 06216A706007049FC728DF60DC9AF6AB7F5AF00705F5048ACE54A9B6A1EF72A948CB94
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE9630(void** __ecx, void* __edx, void* __eflags, CHAR* _a4, void* _a8, long _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t15;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t22;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t30;
                                                                                                                                                                                                                                                        				void** _t33;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t28 = __edx;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t33 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t34;
                                                                                                                                                                                                                                                        				_t12 = E00BCB550(__ecx);
                                                                                                                                                                                                                                                        				_t29 = 8;
                                                                                                                                                                                                                                                        				if(_t12 != 0) {
                                                                                                                                                                                                                                                        					_t15 = LoadLibraryW( *(__ecx + 0x2c));
                                                                                                                                                                                                                                                        					if(_t15 == 0) {
                                                                                                                                                                                                                                                        						_t29 = 0x37;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t30 = _t15;
                                                                                                                                                                                                                                                        						_t22 = GetProcAddress(_t15, _a4);
                                                                                                                                                                                                                                                        						FreeLibrary(_t30);
                                                                                                                                                                                                                                                        						if(_t22 == 0) {
                                                                                                                                                                                                                                                        							_t29 = 0x38;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(WriteProcessMemory( *_t33, _t22 - _t30 + _t33[0xa], _a8, _a12,  &_v24) == 0) {
                                                                                                                                                                                                                                                        								_t29 = 0x39;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t29 =  ==  ? 0 : 0x3a;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t34, _t28);
                                                                                                                                                                                                                                                        				return _t29;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00be9630
                                                                                                                                                                                                                                                        0x00be9639
                                                                                                                                                                                                                                                        0x00be963e
                                                                                                                                                                                                                                                        0x00be9642
                                                                                                                                                                                                                                                        0x00be9645
                                                                                                                                                                                                                                                        0x00be964a
                                                                                                                                                                                                                                                        0x00be9651
                                                                                                                                                                                                                                                        0x00be9656
                                                                                                                                                                                                                                                        0x00be965e
                                                                                                                                                                                                                                                        0x00be96a7
                                                                                                                                                                                                                                                        0x00be9660
                                                                                                                                                                                                                                                        0x00be9660
                                                                                                                                                                                                                                                        0x00be966c
                                                                                                                                                                                                                                                        0x00be966f
                                                                                                                                                                                                                                                        0x00be9677
                                                                                                                                                                                                                                                        0x00be96c2
                                                                                                                                                                                                                                                        0x00be9679
                                                                                                                                                                                                                                                        0x00be9696
                                                                                                                                                                                                                                                        0x00be96c9
                                                                                                                                                                                                                                                        0x00be9698
                                                                                                                                                                                                                                                        0x00be96a2
                                                                                                                                                                                                                                                        0x00be96a2
                                                                                                                                                                                                                                                        0x00be9696
                                                                                                                                                                                                                                                        0x00be9677
                                                                                                                                                                                                                                                        0x00be965e
                                                                                                                                                                                                                                                        0x00be96b1
                                                                                                                                                                                                                                                        0x00be96bf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(?), ref: 00BE9656
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,?), ref: 00BE9666
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(00000000), ref: 00BE966F
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNEL32(?,00000000,?,?,?), ref: 00BE968E
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadMemoryProcProcessWrite
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1038025411-0
                                                                                                                                                                                                                                                        • Opcode ID: 1d3b8bc9917b015998b91218d88b9d6c4ff48bc213482bc61454d661ef015d9f
                                                                                                                                                                                                                                                        • Instruction ID: 6f44ede7aa3d2c09f14b55e0cd39fc26b63497b6a41958e9bf0dce2bda343a4b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1d3b8bc9917b015998b91218d88b9d6c4ff48bc213482bc61454d661ef015d9f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3E119A72B002489FDB109F66DC88E7B7BEAEB84351B2804AAE84587250DF76CD19C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCCD90(void* __ecx) {
                                                                                                                                                                                                                                                        				void* _t9;
                                                                                                                                                                                                                                                        				intOrPtr _t26;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 = __ecx;
                                                                                                                                                                                                                                                        				_t9 = 8;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 4)) + 1 <= 1 &&  *((intOrPtr*)(__ecx + 0x10)) == 0) {
                                                                                                                                                                                                                                                        					InitializeCriticalSection(__ecx + 0x1c);
                                                                                                                                                                                                                                                        					E00BC5200(CreateIoCompletionPort(0xffffffff, 0, 0, 0), _t29 + 4, _t11);
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t29 + 4)) + 1 < 2) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						return 0x3b;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BC5200(CreateEventW(0, 1, 0, 0), _t29 + 8, _t16);
                                                                                                                                                                                                                                                        					E00BC5200(CreateThread(0, 0, E00BCCE30, _t29, 0, 0), _t29 + 0xc, _t18);
                                                                                                                                                                                                                                                        					_t26 =  *((intOrPtr*)(_t29 + 0xc));
                                                                                                                                                                                                                                                        					if(_t26 == 0xffffffff) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t9 = 0;
                                                                                                                                                                                                                                                        					if(_t26 == 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t9;
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00bccd95
                                                                                                                                                                                                                                                        0x00bccd9a
                                                                                                                                                                                                                                                        0x00bccda3
                                                                                                                                                                                                                                                        0x00bccdaf
                                                                                                                                                                                                                                                        0x00bccdc7
                                                                                                                                                                                                                                                        0x00bccdd3
                                                                                                                                                                                                                                                        0x00bcce1f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcce1f
                                                                                                                                                                                                                                                        0x00bccde9
                                                                                                                                                                                                                                                        0x00bcce08
                                                                                                                                                                                                                                                        0x00bcce0d
                                                                                                                                                                                                                                                        0x00bcce13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcce15
                                                                                                                                                                                                                                                        0x00bcce19
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcce19
                                                                                                                                                                                                                                                        0x00bcce1e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • InitializeCriticalSection.KERNEL32(?), ref: 00BCCDAF
                                                                                                                                                                                                                                                        • CreateIoCompletionPort.KERNEL32(000000FF,00000000,00000000,00000000), ref: 00BCCDBD
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • CreateEventW.KERNEL32(00000000,00000001,00000000,00000000,00000000), ref: 00BCCDE0
                                                                                                                                                                                                                                                        • CreateThread.KERNEL32 ref: 00BCCDFF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Create$ErrorLast$CompletionCriticalEventHandleInitializePortSectionThreadVerifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2213475342-0
                                                                                                                                                                                                                                                        • Opcode ID: 0785563d343303cf49b2d1d3adfbcceb21a696f92f4b3e5aa617047b14915023
                                                                                                                                                                                                                                                        • Instruction ID: 17d2341cd6c9a5249e361140497cf89521ac3d76a2ca5f228d00ed60180651e7
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0785563d343303cf49b2d1d3adfbcceb21a696f92f4b3e5aa617047b14915023
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F111C4313407016BE6349AA4CC0AF577BD9DB85B60F60458CF32AAB5D1CEA0F455C6A4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 87%
                                                                                                                                                                                                                                                        			E00BE58B0(void* __eax, void* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _t14;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				intOrPtr* _t18;
                                                                                                                                                                                                                                                        				intOrPtr* _t20;
                                                                                                                                                                                                                                                        				intOrPtr _t24;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t26;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t28 = __ecx;
                                                                                                                                                                                                                                                        				_t26 = __ecx + 4;
                                                                                                                                                                                                                                                        				EnterCriticalSection(_t26);
                                                                                                                                                                                                                                                        				_t20 =  *((intOrPtr*)(_t28 + 0x1c));
                                                                                                                                                                                                                                                        				_t14 =  *_t20;
                                                                                                                                                                                                                                                        				if(_t20 == _t14) {
                                                                                                                                                                                                                                                        					_t17 = 0;
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_t26);
                                                                                                                                                                                                                                                        					return _t17;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t24 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t26;
                                                                                                                                                                                                                                                        				asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t27 =  *((intOrPtr*)(_t14 + 8));
                                                                                                                                                                                                                                                        					_t18 =  *_t14;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t27 + 0x1c)) == _t24) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t14 = _t18;
                                                                                                                                                                                                                                                        					if(_t20 != _t18) {
                                                                                                                                                                                                                                                        						continue;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t17 = 0;
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t26 = _v20;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *((intOrPtr*)(_t14 + 4)))) = _t18;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t14 + 4)) =  *((intOrPtr*)(_t14 + 4));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t28 + 0x20)) =  *((intOrPtr*)(_t28 + 0x20)) - 1;
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				_push(_t14);
                                                                                                                                                                                                                                                        				L00BEF6C6();
                                                                                                                                                                                                                                                        				_t29 = _t29 + 8;
                                                                                                                                                                                                                                                        				_t17 = 1;
                                                                                                                                                                                                                                                        				__eflags = _t27;
                                                                                                                                                                                                                                                        				if(__eflags != 0) {
                                                                                                                                                                                                                                                        					E00BE9180(_t27, __eflags);
                                                                                                                                                                                                                                                        					_push(_t27);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t29 = _t29 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L5;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00be58b7
                                                                                                                                                                                                                                                        0x00be58b9
                                                                                                                                                                                                                                                        0x00be58bd
                                                                                                                                                                                                                                                        0x00be58c3
                                                                                                                                                                                                                                                        0x00be58c6
                                                                                                                                                                                                                                                        0x00be58ca
                                                                                                                                                                                                                                                        0x00be5908
                                                                                                                                                                                                                                                        0x00be58f5
                                                                                                                                                                                                                                                        0x00be58f6
                                                                                                                                                                                                                                                        0x00be5905
                                                                                                                                                                                                                                                        0x00be5905
                                                                                                                                                                                                                                                        0x00be58cc
                                                                                                                                                                                                                                                        0x00be58cf
                                                                                                                                                                                                                                                        0x00be58d2
                                                                                                                                                                                                                                                        0x00be58e0
                                                                                                                                                                                                                                                        0x00be58e0
                                                                                                                                                                                                                                                        0x00be58e3
                                                                                                                                                                                                                                                        0x00be58e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be58ec
                                                                                                                                                                                                                                                        0x00be58ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be58f0
                                                                                                                                                                                                                                                        0x00be58f2
                                                                                                                                                                                                                                                        0x00be58f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be58f2
                                                                                                                                                                                                                                                        0x00be590f
                                                                                                                                                                                                                                                        0x00be5916
                                                                                                                                                                                                                                                        0x00be5919
                                                                                                                                                                                                                                                        0x00be591c
                                                                                                                                                                                                                                                        0x00be591e
                                                                                                                                                                                                                                                        0x00be591f
                                                                                                                                                                                                                                                        0x00be5924
                                                                                                                                                                                                                                                        0x00be5927
                                                                                                                                                                                                                                                        0x00be5929
                                                                                                                                                                                                                                                        0x00be592b
                                                                                                                                                                                                                                                        0x00be592f
                                                                                                                                                                                                                                                        0x00be5934
                                                                                                                                                                                                                                                        0x00be5935
                                                                                                                                                                                                                                                        0x00be593a
                                                                                                                                                                                                                                                        0x00be593a
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,00BCF071,00000000,?,?,00BCCFC5), ref: 00BE58BD
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?,?,?,00BCF071,00000000,?,?,00BCCFC5), ref: 00BE58F6
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,0000000C,?,?,00BCF071,00000000,?,?,00BCCFC5), ref: 00BE591F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?,00BCCFC5), ref: 00BE5935
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@CriticalSection$EnterLeave
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2389133793-0
                                                                                                                                                                                                                                                        • Opcode ID: 70f1025fe5b8e33ea13f3f8a2db8e09048a912135edfbcd1c486f642226e6d5c
                                                                                                                                                                                                                                                        • Instruction ID: 7b9214e0eabf1da3f3e8f0f9252959b2eea08e758996b4f4328571312345a642
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 70f1025fe5b8e33ea13f3f8a2db8e09048a912135edfbcd1c486f642226e6d5c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B2118276600244DFC7209F56DC8497AB7F5FF8A31475881BEE90A5B311DB31E806DBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCBDF0(void* __ecx, void** __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				long _t19;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				void** _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t25 = __edx;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t28;
                                                                                                                                                                                                                                                        				if(__ecx == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t18 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t26 = __edx;
                                                                                                                                                                                                                                                        					_t27 = __ecx;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					GetTokenInformation(__ecx, 6, 0, 0,  &_v24);
                                                                                                                                                                                                                                                        					_t19 = _v24;
                                                                                                                                                                                                                                                        					if(_t19 == 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t16 = malloc(_t19);
                                                                                                                                                                                                                                                        						_t23 =  *_t26;
                                                                                                                                                                                                                                                        						 *_t26 = _t16;
                                                                                                                                                                                                                                                        						if(_t23 != 0) {
                                                                                                                                                                                                                                                        							free(_t23);
                                                                                                                                                                                                                                                        							_t19 = _v24;
                                                                                                                                                                                                                                                        							_t16 =  *_t26;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t18 = _t19 & 0xffffff00 | GetTokenInformation(_t27, 6, _t16, _t19,  &_v24) != 0x00000000;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t28, _t25);
                                                                                                                                                                                                                                                        				return _t18;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bcbdf0
                                                                                                                                                                                                                                                        0x00bcbdf9
                                                                                                                                                                                                                                                        0x00bcbe02
                                                                                                                                                                                                                                                        0x00bcbe05
                                                                                                                                                                                                                                                        0x00bcbe61
                                                                                                                                                                                                                                                        0x00bcbe61
                                                                                                                                                                                                                                                        0x00bcbe07
                                                                                                                                                                                                                                                        0x00bcbe07
                                                                                                                                                                                                                                                        0x00bcbe09
                                                                                                                                                                                                                                                        0x00bcbe0e
                                                                                                                                                                                                                                                        0x00bcbe1d
                                                                                                                                                                                                                                                        0x00bcbe23
                                                                                                                                                                                                                                                        0x00bcbe28
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbe2a
                                                                                                                                                                                                                                                        0x00bcbe2b
                                                                                                                                                                                                                                                        0x00bcbe34
                                                                                                                                                                                                                                                        0x00bcbe36
                                                                                                                                                                                                                                                        0x00bcbe3a
                                                                                                                                                                                                                                                        0x00bcbe3d
                                                                                                                                                                                                                                                        0x00bcbe46
                                                                                                                                                                                                                                                        0x00bcbe49
                                                                                                                                                                                                                                                        0x00bcbe49
                                                                                                                                                                                                                                                        0x00bcbe5c
                                                                                                                                                                                                                                                        0x00bcbe5c
                                                                                                                                                                                                                                                        0x00bcbe28
                                                                                                                                                                                                                                                        0x00bcbe68
                                                                                                                                                                                                                                                        0x00bcbe76

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000006,00000000,00000000,?), ref: 00BCBE1D
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000000,?,00000006,00000000,00000000,?), ref: 00BCBE2B
                                                                                                                                                                                                                                                        • free.MOZGLUE ref: 00BCBE3D
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000006,00000000,00000000,?), ref: 00BCBE54
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: InformationToken$freemalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2792205195-0
                                                                                                                                                                                                                                                        • Opcode ID: ef571290b045436ae6d1beaa8fdbaec4faeadab918b87ec8a17e443626e4b6d8
                                                                                                                                                                                                                                                        • Instruction ID: ea0dbb58732343e91e8641e4a41fbebd337f8d3034db21f3e7638ea7a481a7a7
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ef571290b045436ae6d1beaa8fdbaec4faeadab918b87ec8a17e443626e4b6d8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 870121B564020A9BDB24DFA5DC86FBF77ACEF04745F10042DFA06A7290DB61AD18C661
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 91%
                                                                                                                                                                                                                                                        			E00BE2FE0(void* __ecx, long __edx, struct _SECURITY_DESCRIPTOR** _a4, struct _SECURITY_DESCRIPTOR** _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				long _t14;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _t16;
                                                                                                                                                                                                                                                        				int _t17;
                                                                                                                                                                                                                                                        				long _t21;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR** _t22;
                                                                                                                                                                                                                                                        				long _t30;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 = __edx;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t30 = __edx;
                                                                                                                                                                                                                                                        				_t31 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t32;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				GetKernelObjectSecurity(__ecx, __edx, 0, 0,  &_v24);
                                                                                                                                                                                                                                                        				_t14 = GetLastError();
                                                                                                                                                                                                                                                        				_t21 = _t14;
                                                                                                                                                                                                                                                        				if(_t14 == 0x7a) {
                                                                                                                                                                                                                                                        					_t22 = _a4;
                                                                                                                                                                                                                                                        					_t29 = _v24;
                                                                                                                                                                                                                                                        					E00BE3400(_t22, _v24);
                                                                                                                                                                                                                                                        					_t16 =  *_t22;
                                                                                                                                                                                                                                                        					 *_a8 = _t16;
                                                                                                                                                                                                                                                        					_t17 = GetKernelObjectSecurity(_t31, _t30, _t16, _v24,  &_v24);
                                                                                                                                                                                                                                                        					_t21 = 0;
                                                                                                                                                                                                                                                        					if(_t17 == 0) {
                                                                                                                                                                                                                                                        						_t21 = GetLastError();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t32, _t29);
                                                                                                                                                                                                                                                        				return _t21;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00be2fe0
                                                                                                                                                                                                                                                        0x00be2fe9
                                                                                                                                                                                                                                                        0x00be2fee
                                                                                                                                                                                                                                                        0x00be2ff0
                                                                                                                                                                                                                                                        0x00be2ff4
                                                                                                                                                                                                                                                        0x00be2ffa
                                                                                                                                                                                                                                                        0x00be3008
                                                                                                                                                                                                                                                        0x00be300e
                                                                                                                                                                                                                                                        0x00be3014
                                                                                                                                                                                                                                                        0x00be3019
                                                                                                                                                                                                                                                        0x00be302f
                                                                                                                                                                                                                                                        0x00be3032
                                                                                                                                                                                                                                                        0x00be3037
                                                                                                                                                                                                                                                        0x00be303c
                                                                                                                                                                                                                                                        0x00be3041
                                                                                                                                                                                                                                                        0x00be304d
                                                                                                                                                                                                                                                        0x00be3053
                                                                                                                                                                                                                                                        0x00be3057
                                                                                                                                                                                                                                                        0x00be305f
                                                                                                                                                                                                                                                        0x00be305f
                                                                                                                                                                                                                                                        0x00be3057
                                                                                                                                                                                                                                                        0x00be3020
                                                                                                                                                                                                                                                        0x00be302e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetKernelObjectSecurity.ADVAPI32(00000000,00000004,00000000,00000000,?), ref: 00BE3008
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE300E
                                                                                                                                                                                                                                                        • GetKernelObjectSecurity.ADVAPI32(00000000,00000004,00000000,00000000,00000000), ref: 00BE304D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE3059
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorKernelLastObjectSecurity
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 617647591-0
                                                                                                                                                                                                                                                        • Opcode ID: b9a8b349f76745a395b87ead5c3f559e84576fc1acd846767652c79f605e53fe
                                                                                                                                                                                                                                                        • Instruction ID: 047857a364e2877f5db8920513ec011e0e36858d45b762a1344bd84b5e0f02b9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b9a8b349f76745a395b87ead5c3f559e84576fc1acd846767652c79f605e53fe
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 56011B75600209AFDB149FA5DC89BBF77B8EF49710F100469E906A7351DF70AE04CAA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBC5E0(void* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _t11;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				WCHAR* _t15;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				intOrPtr _t23;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx)) = 0xbf0310;
                                                                                                                                                                                                                                                        				_t24 = __ecx;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 5)) == 0) {
                                                                                                                                                                                                                                                        					_t14 =  *(__ecx + 0x20);
                                                                                                                                                                                                                                                        					if(_t14 + 1 >= 2) {
                                                                                                                                                                                                                                                        						CloseHandle(_t14);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *(_t24 + 0x20) = 0;
                                                                                                                                                                                                                                                        					_t15 = _t24 + 8;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t24 + 0x1c)) >= 8) {
                                                                                                                                                                                                                                                        						_t15 =  *_t15;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					DeleteFileW(_t15);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t11 =  *(_t24 + 0x20);
                                                                                                                                                                                                                                                        				_t23 = _a4;
                                                                                                                                                                                                                                                        				if(_t11 + 1 >= 2) {
                                                                                                                                                                                                                                                        					_t11 = CloseHandle(_t11);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BBDF30(_t11, _t24 + 8, _t22);
                                                                                                                                                                                                                                                        				if(_t23 != 0) {
                                                                                                                                                                                                                                                        					free(_t24);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t24;
                                                                                                                                                                                                                                                        			}









                                                                                                                                                                                                                                                        0x00bbc5e5
                                                                                                                                                                                                                                                        0x00bbc5eb
                                                                                                                                                                                                                                                        0x00bbc5f1
                                                                                                                                                                                                                                                        0x00bbc5f3
                                                                                                                                                                                                                                                        0x00bbc5fc
                                                                                                                                                                                                                                                        0x00bbc5ff
                                                                                                                                                                                                                                                        0x00bbc5ff
                                                                                                                                                                                                                                                        0x00bbc605
                                                                                                                                                                                                                                                        0x00bbc60c
                                                                                                                                                                                                                                                        0x00bbc613
                                                                                                                                                                                                                                                        0x00bbc615
                                                                                                                                                                                                                                                        0x00bbc615
                                                                                                                                                                                                                                                        0x00bbc618
                                                                                                                                                                                                                                                        0x00bbc618
                                                                                                                                                                                                                                                        0x00bbc61e
                                                                                                                                                                                                                                                        0x00bbc621
                                                                                                                                                                                                                                                        0x00bbc62a
                                                                                                                                                                                                                                                        0x00bbc62d
                                                                                                                                                                                                                                                        0x00bbc62d
                                                                                                                                                                                                                                                        0x00bbc636
                                                                                                                                                                                                                                                        0x00bbc63d
                                                                                                                                                                                                                                                        0x00bbc640
                                                                                                                                                                                                                                                        0x00bbc646
                                                                                                                                                                                                                                                        0x00bbc64e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseHandle$DeleteFilefree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 897839937-0
                                                                                                                                                                                                                                                        • Opcode ID: abd0217541ed1e32a23a8f365cc801bc398d0254f104073336893c40e0198f6f
                                                                                                                                                                                                                                                        • Instruction ID: 4474634b0489124ee3d995911008791f6cd98e4a30c5386926e3949d1d5ea624
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: abd0217541ed1e32a23a8f365cc801bc398d0254f104073336893c40e0198f6f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6801DC354002049FC724CF28D84CDA7BBE9FF49329B0054ACE54B87A20EFB1E949CB98
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                                                                                                                        			E00BC5F20(long* __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr* _t8;
                                                                                                                                                                                                                                                        				long* _t9;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 = __imp___errno;
                                                                                                                                                                                                                                                        				_t9 = __ecx;
                                                                                                                                                                                                                                                        				 *__ecx =  *( *_t8());
                                                                                                                                                                                                                                                        				 *( *_t8()) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t9 + 4)) = GetLastError();
                                                                                                                                                                                                                                                        				SetLastError(0);
                                                                                                                                                                                                                                                        				return _t9;
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bc5f25
                                                                                                                                                                                                                                                        0x00bc5f2b
                                                                                                                                                                                                                                                        0x00bc5f31
                                                                                                                                                                                                                                                        0x00bc5f35
                                                                                                                                                                                                                                                        0x00bc5f41
                                                                                                                                                                                                                                                        0x00bc5f46
                                                                                                                                                                                                                                                        0x00bc5f51

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0(00BF0324,?,?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F2D
                                                                                                                                                                                                                                                        • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F33
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F3B
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000,?,00BC206A,00000002,00000001,00000000,00BF0324,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC5F46
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast_errno
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3939687465-0
                                                                                                                                                                                                                                                        • Opcode ID: 623b2c6fc2e6d75be0ed49997023a25c88d2a031a18c2d71303e538381c57ec0
                                                                                                                                                                                                                                                        • Instruction ID: 2c8334b079bd615d671f34be4bfc8c27c24ebdd5199353f9a2fc6595722c0f19
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 623b2c6fc2e6d75be0ed49997023a25c88d2a031a18c2d71303e538381c57ec0
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60E0EC352483149FC3106FAAEC08755BBE8EF95612F0104E7E945C3360DEB19800CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BDE110(intOrPtr __ecx, intOrPtr _a4, intOrPtr _a8, signed short* _a12, WCHAR* _a16, intOrPtr* _a20, intOrPtr* _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				WCHAR* _v520;
                                                                                                                                                                                                                                                        				WCHAR* _v524;
                                                                                                                                                                                                                                                        				LPWSTR* _v532;
                                                                                                                                                                                                                                                        				short _v536;
                                                                                                                                                                                                                                                        				short _v540;
                                                                                                                                                                                                                                                        				WCHAR* _v544;
                                                                                                                                                                                                                                                        				WCHAR* _v548;
                                                                                                                                                                                                                                                        				WCHAR* _v564;
                                                                                                                                                                                                                                                        				WCHAR* _v568;
                                                                                                                                                                                                                                                        				WCHAR* _v572;
                                                                                                                                                                                                                                                        				WCHAR* _v588;
                                                                                                                                                                                                                                                        				intOrPtr _v592;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				WCHAR* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				WCHAR* _t103;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				WCHAR* _t105;
                                                                                                                                                                                                                                                        				intOrPtr _t111;
                                                                                                                                                                                                                                                        				WCHAR* _t112;
                                                                                                                                                                                                                                                        				long _t113;
                                                                                                                                                                                                                                                        				WCHAR* _t116;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        				void* _t120;
                                                                                                                                                                                                                                                        				void* _t123;
                                                                                                                                                                                                                                                        				short _t124;
                                                                                                                                                                                                                                                        				intOrPtr _t125;
                                                                                                                                                                                                                                                        				intOrPtr* _t126;
                                                                                                                                                                                                                                                        				signed short* _t127;
                                                                                                                                                                                                                                                        				signed int _t128;
                                                                                                                                                                                                                                                        				signed short* _t130;
                                                                                                                                                                                                                                                        				signed short* _t131;
                                                                                                                                                                                                                                                        				signed int _t132;
                                                                                                                                                                                                                                                        				long _t134;
                                                                                                                                                                                                                                                        				WCHAR* _t139;
                                                                                                                                                                                                                                                        				WCHAR* _t140;
                                                                                                                                                                                                                                                        				intOrPtr _t141;
                                                                                                                                                                                                                                                        				WCHAR* _t145;
                                                                                                                                                                                                                                                        				signed short* _t148;
                                                                                                                                                                                                                                                        				LPWSTR* _t153;
                                                                                                                                                                                                                                                        				intOrPtr* _t158;
                                                                                                                                                                                                                                                        				signed short* _t160;
                                                                                                                                                                                                                                                        				intOrPtr* _t161;
                                                                                                                                                                                                                                                        				signed int _t164;
                                                                                                                                                                                                                                                        				signed int _t166;
                                                                                                                                                                                                                                                        				void* _t167;
                                                                                                                                                                                                                                                        				void* _t168;
                                                                                                                                                                                                                                                        				void* _t177;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t95 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t158 = _a24;
                                                                                                                                                                                                                                                        				_v20 = _t95 ^ _t166;
                                                                                                                                                                                                                                                        				if( *_t158 != 0x10) {
                                                                                                                                                                                                                                                        					_t124 = 0;
                                                                                                                                                                                                                                                        					L29:
                                                                                                                                                                                                                                                        					E00BEECB0(_v20 ^ _t166, _t157);
                                                                                                                                                                                                                                                        					return _t124;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t99 = _a8;
                                                                                                                                                                                                                                                        				_v568 = 7;
                                                                                                                                                                                                                                                        				_v572 = 0;
                                                                                                                                                                                                                                                        				_v588 = 0;
                                                                                                                                                                                                                                                        				_t160 = _a12;
                                                                                                                                                                                                                                                        				_v592 = __ecx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_a8 + 0x10)) != 0) {
                                                                                                                                                                                                                                                        					E00BDE650( &_v588, _t99);
                                                                                                                                                                                                                                                        					L21:
                                                                                                                                                                                                                                                        					_t101 = _v572;
                                                                                                                                                                                                                                                        					if(_v568 <= 7) {
                                                                                                                                                                                                                                                        						_t139 =  &_v588;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t139 = _v588;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t125 = _a4;
                                                                                                                                                                                                                                                        					_t102 = E00BC7470(_t139, _t101, 0, L"\\\\", 2);
                                                                                                                                                                                                                                                        					_t168 = _t167 + 0x14;
                                                                                                                                                                                                                                                        					if(_t102 != 0) {
                                                                                                                                                                                                                                                        						_t103 = _v572;
                                                                                                                                                                                                                                                        						__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        						if(_v568 <= 7) {
                                                                                                                                                                                                                                                        							_t140 =  &_v588;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t140 = _v588;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t104 = E00BC7470(_t140, _t103, 0, L":\\", 2);
                                                                                                                                                                                                                                                        						_t168 = _t168 + 0x14;
                                                                                                                                                                                                                                                        						__eflags = _t104 - 1;
                                                                                                                                                                                                                                                        						if(_t104 == 1) {
                                                                                                                                                                                                                                                        							goto L25;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t111 = _a8;
                                                                                                                                                                                                                                                        							__eflags =  *(_t111 + 0x10);
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							if( *(_t111 + 0x10) != 0) {
                                                                                                                                                                                                                                                        								L43:
                                                                                                                                                                                                                                                        								_t112 = _a16;
                                                                                                                                                                                                                                                        								__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        								if(_v568 <= 7) {
                                                                                                                                                                                                                                                        									_t145 =  &_v588;
                                                                                                                                                                                                                                                        									__eflags = _t112[0xa] - 7;
                                                                                                                                                                                                                                                        									if(_t112[0xa] <= 7) {
                                                                                                                                                                                                                                                        										L48:
                                                                                                                                                                                                                                                        										_t157 =  &_v564;
                                                                                                                                                                                                                                                        										_t113 = SearchPathW(_t112, _t145, 0, 0x104,  &_v540,  &_v564);
                                                                                                                                                                                                                                                        										L49:
                                                                                                                                                                                                                                                        										_t109 = _t113 - 1;
                                                                                                                                                                                                                                                        										__eflags = _t113 - 1 - 0x102;
                                                                                                                                                                                                                                                        										if(_t113 - 1 <= 0x102) {
                                                                                                                                                                                                                                                        											E00BBA740( &_v588,  &_v540);
                                                                                                                                                                                                                                                        											goto L25;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t125 + 0x10)) = 2;
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L47:
                                                                                                                                                                                                                                                        									_t112 =  *_t112;
                                                                                                                                                                                                                                                        									goto L48;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t145 = _v588;
                                                                                                                                                                                                                                                        								__eflags = _t112[0xa] - 7;
                                                                                                                                                                                                                                                        								if(_t112[0xa] > 7) {
                                                                                                                                                                                                                                                        									goto L47;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L48;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        							if(_v568 <= 7) {
                                                                                                                                                                                                                                                        								_t116 =  &_v588;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t116 = _v588;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t157 =  &_v540;
                                                                                                                                                                                                                                                        							_t113 = SearchPathW(0, _t116, 0, 0x104,  &_v540,  &_v564);
                                                                                                                                                                                                                                                        							__eflags = _t113;
                                                                                                                                                                                                                                                        							if(_t113 != 0) {
                                                                                                                                                                                                                                                        								goto L49;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L43;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L25:
                                                                                                                                                                                                                                                        						_t161 = _a20;
                                                                                                                                                                                                                                                        						_t141 = _v592;
                                                                                                                                                                                                                                                        						_t126 = _t158;
                                                                                                                                                                                                                                                        						_t159 =  &_v588;
                                                                                                                                                                                                                                                        						_t105 =  &_v588;
                                                                                                                                                                                                                                                        						if(_v568 > 7) {
                                                                                                                                                                                                                                                        							_t105 = _v588;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v564 = _t105;
                                                                                                                                                                                                                                                        						_v540 = 1;
                                                                                                                                                                                                                                                        						_v536 = 1;
                                                                                                                                                                                                                                                        						_v532 =  &_v564;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_a4 + 0x10)) = E00BDFA90(_t157, E00BE5950( *((intOrPtr*)(_t141 + 0x10)), 0xd,  &_v540),  *((intOrPtr*)(_a4 + 4)), _t159, _a12, _t161,  *((intOrPtr*)(_t126 + 4)));
                                                                                                                                                                                                                                                        						L28:
                                                                                                                                                                                                                                                        						E00BBDF30(_t109,  &_v588, _t157);
                                                                                                                                                                                                                                                        						_t124 = 1;
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v524 = 0;
                                                                                                                                                                                                                                                        				_t148 = _t160;
                                                                                                                                                                                                                                                        				_v520 = 7;
                                                                                                                                                                                                                                                        				_v540 = 0;
                                                                                                                                                                                                                                                        				_t157 = _t160[8];
                                                                                                                                                                                                                                                        				if(_t160[0xa] > 7) {
                                                                                                                                                                                                                                                        					_t148 =  *_t160;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t164 =  *_t148 & 0x0000ffff;
                                                                                                                                                                                                                                                        				if(_t164 != 0x22) {
                                                                                                                                                                                                                                                        					__eflags = _t157;
                                                                                                                                                                                                                                                        					if(_t157 == 0) {
                                                                                                                                                                                                                                                        						L18:
                                                                                                                                                                                                                                                        						_t118 = E00BDE650( &_v540, _a12);
                                                                                                                                                                                                                                                        						goto L19;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t164 - 0x20;
                                                                                                                                                                                                                                                        					_t127 = _t148;
                                                                                                                                                                                                                                                        					if(_t164 == 0x20) {
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						_t128 = _t127 - _t148;
                                                                                                                                                                                                                                                        						__eflags = _t128 - 0xfffffffe;
                                                                                                                                                                                                                                                        						if(_t128 != 0xfffffffe) {
                                                                                                                                                                                                                                                        							_t165 =  &_v564;
                                                                                                                                                                                                                                                        							_v544 = 7;
                                                                                                                                                                                                                                                        							_v548 = 0;
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							_t153 =  &_v564;
                                                                                                                                                                                                                                                        							_push(_t128 >> 1);
                                                                                                                                                                                                                                                        							_push(0);
                                                                                                                                                                                                                                                        							goto L39;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t157 = _t157 - 1;
                                                                                                                                                                                                                                                        					_t130 = _t148;
                                                                                                                                                                                                                                                        					asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						__eflags = _t157;
                                                                                                                                                                                                                                                        						if(_t157 == 0) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t157 = _t157 - 1;
                                                                                                                                                                                                                                                        						__eflags = _t130[1] - 0x20;
                                                                                                                                                                                                                                                        						_t130 =  &(_t130[1]);
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L17;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L18;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(_t157 < 2) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_v548 = 0;
                                                                                                                                                                                                                                                        						_v544 = 0;
                                                                                                                                                                                                                                                        						_t118 = E00BC1CE0( &_v564, _a12);
                                                                                                                                                                                                                                                        						L20:
                                                                                                                                                                                                                                                        						_t120 = E00BBDF30(E00BBDF30(_t118,  &_v540, _t157),  &_v588, _t157);
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [ebp-0x220]");
                                                                                                                                                                                                                                                        						asm("movsd xmm2, [ebp-0x230]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [ebp-0x228]");
                                                                                                                                                                                                                                                        						_v548 = 0;
                                                                                                                                                                                                                                                        						_v544 = 7;
                                                                                                                                                                                                                                                        						_v564 = 0;
                                                                                                                                                                                                                                                        						asm("movsd [ebp-0x238], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd [ebp-0x240], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [ebp-0x248], xmm2");
                                                                                                                                                                                                                                                        						E00BBDF30(_t120,  &_v564, _t157);
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t157 = _t157 - 1;
                                                                                                                                                                                                                                                        					_t131 = _t148;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					while(_t157 != 0) {
                                                                                                                                                                                                                                                        						_t157 = _t157 - 1;
                                                                                                                                                                                                                                                        						_t177 = _t131[1] - 0x22;
                                                                                                                                                                                                                                                        						_t131 =  &(_t131[1]);
                                                                                                                                                                                                                                                        						if(_t177 != 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t132 = _t131 - _t148;
                                                                                                                                                                                                                                                        						if(_t132 != 0xfffffffe) {
                                                                                                                                                                                                                                                        							_t165 =  &_v564;
                                                                                                                                                                                                                                                        							_v544 = 7;
                                                                                                                                                                                                                                                        							_v548 = 0;
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							_t134 = (_t132 >> 1) - 1;
                                                                                                                                                                                                                                                        							__eflags = _t134;
                                                                                                                                                                                                                                                        							_t153 =  &_v564;
                                                                                                                                                                                                                                                        							_push(_t134);
                                                                                                                                                                                                                                                        							_push(1);
                                                                                                                                                                                                                                                        							L39:
                                                                                                                                                                                                                                                        							_push(_a12);
                                                                                                                                                                                                                                                        							_t123 = E00BBDF30(E00BC30B0(_t153),  &_v540, _t157);
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x220]");
                                                                                                                                                                                                                                                        							asm("movsd xmm2, [ebp-0x230]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x228]");
                                                                                                                                                                                                                                                        							_v548 = 0;
                                                                                                                                                                                                                                                        							_v544 = 7;
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x208], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x210], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x218], xmm2");
                                                                                                                                                                                                                                                        							_t118 = E00BBDF30(_t123, _t165, _t157);
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x208]");
                                                                                                                                                                                                                                                        							asm("movsd xmm2, [ebp-0x218]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x210]");
                                                                                                                                                                                                                                                        							_v524 = 0;
                                                                                                                                                                                                                                                        							_v520 = 7;
                                                                                                                                                                                                                                                        							_v540 = 0;
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x220], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x228], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x230], xmm2");
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















































                                                                                                                                                                                                                                                        0x00bde11c
                                                                                                                                                                                                                                                        0x00bde121
                                                                                                                                                                                                                                                        0x00bde126
                                                                                                                                                                                                                                                        0x00bde12c
                                                                                                                                                                                                                                                        0x00bde1f1
                                                                                                                                                                                                                                                        0x00bde3b0
                                                                                                                                                                                                                                                        0x00bde3b5
                                                                                                                                                                                                                                                        0x00bde3c6
                                                                                                                                                                                                                                                        0x00bde3c6
                                                                                                                                                                                                                                                        0x00bde132
                                                                                                                                                                                                                                                        0x00bde135
                                                                                                                                                                                                                                                        0x00bde13f
                                                                                                                                                                                                                                                        0x00bde149
                                                                                                                                                                                                                                                        0x00bde152
                                                                                                                                                                                                                                                        0x00bde155
                                                                                                                                                                                                                                                        0x00bde15f
                                                                                                                                                                                                                                                        0x00bde4f3
                                                                                                                                                                                                                                                        0x00bde2f3
                                                                                                                                                                                                                                                        0x00bde2f3
                                                                                                                                                                                                                                                        0x00bde300
                                                                                                                                                                                                                                                        0x00bde30a
                                                                                                                                                                                                                                                        0x00bde302
                                                                                                                                                                                                                                                        0x00bde302
                                                                                                                                                                                                                                                        0x00bde302
                                                                                                                                                                                                                                                        0x00bde310
                                                                                                                                                                                                                                                        0x00bde31e
                                                                                                                                                                                                                                                        0x00bde323
                                                                                                                                                                                                                                                        0x00bde328
                                                                                                                                                                                                                                                        0x00bde3c9
                                                                                                                                                                                                                                                        0x00bde3cf
                                                                                                                                                                                                                                                        0x00bde3d6
                                                                                                                                                                                                                                                        0x00bde3e0
                                                                                                                                                                                                                                                        0x00bde3d8
                                                                                                                                                                                                                                                        0x00bde3d8
                                                                                                                                                                                                                                                        0x00bde3d8
                                                                                                                                                                                                                                                        0x00bde3f1
                                                                                                                                                                                                                                                        0x00bde3f6
                                                                                                                                                                                                                                                        0x00bde3f9
                                                                                                                                                                                                                                                        0x00bde3fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde402
                                                                                                                                                                                                                                                        0x00bde402
                                                                                                                                                                                                                                                        0x00bde405
                                                                                                                                                                                                                                                        0x00bde409
                                                                                                                                                                                                                                                        0x00bde413
                                                                                                                                                                                                                                                        0x00bde525
                                                                                                                                                                                                                                                        0x00bde525
                                                                                                                                                                                                                                                        0x00bde528
                                                                                                                                                                                                                                                        0x00bde52f
                                                                                                                                                                                                                                                        0x00bde53f
                                                                                                                                                                                                                                                        0x00bde545
                                                                                                                                                                                                                                                        0x00bde549
                                                                                                                                                                                                                                                        0x00bde54d
                                                                                                                                                                                                                                                        0x00bde54d
                                                                                                                                                                                                                                                        0x00bde564
                                                                                                                                                                                                                                                        0x00bde56a
                                                                                                                                                                                                                                                        0x00bde56a
                                                                                                                                                                                                                                                        0x00bde56b
                                                                                                                                                                                                                                                        0x00bde570
                                                                                                                                                                                                                                                        0x00bde58b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde58b
                                                                                                                                                                                                                                                        0x00bde572
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde572
                                                                                                                                                                                                                                                        0x00bde54b
                                                                                                                                                                                                                                                        0x00bde54b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde54b
                                                                                                                                                                                                                                                        0x00bde531
                                                                                                                                                                                                                                                        0x00bde537
                                                                                                                                                                                                                                                        0x00bde53b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde53d
                                                                                                                                                                                                                                                        0x00bde419
                                                                                                                                                                                                                                                        0x00bde420
                                                                                                                                                                                                                                                        0x00bde4fd
                                                                                                                                                                                                                                                        0x00bde426
                                                                                                                                                                                                                                                        0x00bde426
                                                                                                                                                                                                                                                        0x00bde426
                                                                                                                                                                                                                                                        0x00bde509
                                                                                                                                                                                                                                                        0x00bde51b
                                                                                                                                                                                                                                                        0x00bde521
                                                                                                                                                                                                                                                        0x00bde523
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde523
                                                                                                                                                                                                                                                        0x00bde32e
                                                                                                                                                                                                                                                        0x00bde32e
                                                                                                                                                                                                                                                        0x00bde32e
                                                                                                                                                                                                                                                        0x00bde338
                                                                                                                                                                                                                                                        0x00bde33e
                                                                                                                                                                                                                                                        0x00bde340
                                                                                                                                                                                                                                                        0x00bde346
                                                                                                                                                                                                                                                        0x00bde348
                                                                                                                                                                                                                                                        0x00bde34a
                                                                                                                                                                                                                                                        0x00bde34a
                                                                                                                                                                                                                                                        0x00bde350
                                                                                                                                                                                                                                                        0x00bde35c
                                                                                                                                                                                                                                                        0x00bde366
                                                                                                                                                                                                                                                        0x00bde370
                                                                                                                                                                                                                                                        0x00bde3a0
                                                                                                                                                                                                                                                        0x00bde3a3
                                                                                                                                                                                                                                                        0x00bde3a9
                                                                                                                                                                                                                                                        0x00bde3ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde3ae
                                                                                                                                                                                                                                                        0x00bde328
                                                                                                                                                                                                                                                        0x00bde16a
                                                                                                                                                                                                                                                        0x00bde174
                                                                                                                                                                                                                                                        0x00bde176
                                                                                                                                                                                                                                                        0x00bde17c
                                                                                                                                                                                                                                                        0x00bde185
                                                                                                                                                                                                                                                        0x00bde18c
                                                                                                                                                                                                                                                        0x00bde18e
                                                                                                                                                                                                                                                        0x00bde18e
                                                                                                                                                                                                                                                        0x00bde190
                                                                                                                                                                                                                                                        0x00bde197
                                                                                                                                                                                                                                                        0x00bde1f8
                                                                                                                                                                                                                                                        0x00bde1fa
                                                                                                                                                                                                                                                        0x00bde22a
                                                                                                                                                                                                                                                        0x00bde233
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde233
                                                                                                                                                                                                                                                        0x00bde1fc
                                                                                                                                                                                                                                                        0x00bde200
                                                                                                                                                                                                                                                        0x00bde202
                                                                                                                                                                                                                                                        0x00bde21f
                                                                                                                                                                                                                                                        0x00bde21f
                                                                                                                                                                                                                                                        0x00bde221
                                                                                                                                                                                                                                                        0x00bde224
                                                                                                                                                                                                                                                        0x00bde431
                                                                                                                                                                                                                                                        0x00bde439
                                                                                                                                                                                                                                                        0x00bde43f
                                                                                                                                                                                                                                                        0x00bde449
                                                                                                                                                                                                                                                        0x00bde452
                                                                                                                                                                                                                                                        0x00bde454
                                                                                                                                                                                                                                                        0x00bde455
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde455
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde224
                                                                                                                                                                                                                                                        0x00bde204
                                                                                                                                                                                                                                                        0x00bde205
                                                                                                                                                                                                                                                        0x00bde207
                                                                                                                                                                                                                                                        0x00bde210
                                                                                                                                                                                                                                                        0x00bde210
                                                                                                                                                                                                                                                        0x00bde212
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde214
                                                                                                                                                                                                                                                        0x00bde215
                                                                                                                                                                                                                                                        0x00bde21a
                                                                                                                                                                                                                                                        0x00bde21d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde21d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde199
                                                                                                                                                                                                                                                        0x00bde19c
                                                                                                                                                                                                                                                        0x00bde1ca
                                                                                                                                                                                                                                                        0x00bde1ca
                                                                                                                                                                                                                                                        0x00bde1d4
                                                                                                                                                                                                                                                        0x00bde1e7
                                                                                                                                                                                                                                                        0x00bde285
                                                                                                                                                                                                                                                        0x00bde296
                                                                                                                                                                                                                                                        0x00bde29b
                                                                                                                                                                                                                                                        0x00bde2a3
                                                                                                                                                                                                                                                        0x00bde2ab
                                                                                                                                                                                                                                                        0x00bde2b9
                                                                                                                                                                                                                                                        0x00bde2c3
                                                                                                                                                                                                                                                        0x00bde2cd
                                                                                                                                                                                                                                                        0x00bde2d6
                                                                                                                                                                                                                                                        0x00bde2de
                                                                                                                                                                                                                                                        0x00bde2e6
                                                                                                                                                                                                                                                        0x00bde2ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde2ee
                                                                                                                                                                                                                                                        0x00bde19e
                                                                                                                                                                                                                                                        0x00bde19f
                                                                                                                                                                                                                                                        0x00bde1a1
                                                                                                                                                                                                                                                        0x00bde1b0
                                                                                                                                                                                                                                                        0x00bde1b4
                                                                                                                                                                                                                                                        0x00bde1b5
                                                                                                                                                                                                                                                        0x00bde1ba
                                                                                                                                                                                                                                                        0x00bde1bd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde1bf
                                                                                                                                                                                                                                                        0x00bde1c4
                                                                                                                                                                                                                                                        0x00bde45b
                                                                                                                                                                                                                                                        0x00bde461
                                                                                                                                                                                                                                                        0x00bde467
                                                                                                                                                                                                                                                        0x00bde471
                                                                                                                                                                                                                                                        0x00bde47a
                                                                                                                                                                                                                                                        0x00bde47a
                                                                                                                                                                                                                                                        0x00bde47b
                                                                                                                                                                                                                                                        0x00bde47d
                                                                                                                                                                                                                                                        0x00bde47e
                                                                                                                                                                                                                                                        0x00bde480
                                                                                                                                                                                                                                                        0x00bde480
                                                                                                                                                                                                                                                        0x00bde48e
                                                                                                                                                                                                                                                        0x00bde493
                                                                                                                                                                                                                                                        0x00bde49b
                                                                                                                                                                                                                                                        0x00bde4a3
                                                                                                                                                                                                                                                        0x00bde4ad
                                                                                                                                                                                                                                                        0x00bde4b7
                                                                                                                                                                                                                                                        0x00bde4c1
                                                                                                                                                                                                                                                        0x00bde4ca
                                                                                                                                                                                                                                                        0x00bde4d2
                                                                                                                                                                                                                                                        0x00bde4da
                                                                                                                                                                                                                                                        0x00bde4e2
                                                                                                                                                                                                                                                        0x00bde238
                                                                                                                                                                                                                                                        0x00bde238
                                                                                                                                                                                                                                                        0x00bde240
                                                                                                                                                                                                                                                        0x00bde248
                                                                                                                                                                                                                                                        0x00bde250
                                                                                                                                                                                                                                                        0x00bde25a
                                                                                                                                                                                                                                                        0x00bde264
                                                                                                                                                                                                                                                        0x00bde26d
                                                                                                                                                                                                                                                        0x00bde275
                                                                                                                                                                                                                                                        0x00bde27d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde27d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde1c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde1b0

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SearchPathW.KERNEL32(00000000,00000000,00000000,00000104,00000000,00000000), ref: 00BDE51B
                                                                                                                                                                                                                                                        • SearchPathW.KERNEL32(00000007,00000000,00000000,00000104,00000000,00000000), ref: 00BDE564
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: PathSearch
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2203818243-3916222277
                                                                                                                                                                                                                                                        • Opcode ID: a9575a1256e12e18aff170a10264efc733d215f6f92b19f67f28e13794faf9c8
                                                                                                                                                                                                                                                        • Instruction ID: 18df7dc2e93dbbaa61f39e465005c88aab3f53065ad871c78cad6f1dac859d81
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a9575a1256e12e18aff170a10264efc733d215f6f92b19f67f28e13794faf9c8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C1C14A709106289ADB24EF14CC99BEEB3B5FF14318F4046DAE4196B291EB759F84CF90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 98%
                                                                                                                                                                                                                                                        			E00BCEDF0(intOrPtr* __eax, intOrPtr* __ecx, intOrPtr* __edx, char _a4, intOrPtr* _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr* _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _t98;
                                                                                                                                                                                                                                                        				intOrPtr* _t99;
                                                                                                                                                                                                                                                        				intOrPtr _t115;
                                                                                                                                                                                                                                                        				intOrPtr _t116;
                                                                                                                                                                                                                                                        				intOrPtr* _t120;
                                                                                                                                                                                                                                                        				intOrPtr* _t127;
                                                                                                                                                                                                                                                        				intOrPtr* _t128;
                                                                                                                                                                                                                                                        				intOrPtr* _t131;
                                                                                                                                                                                                                                                        				char* _t133;
                                                                                                                                                                                                                                                        				intOrPtr _t138;
                                                                                                                                                                                                                                                        				intOrPtr* _t143;
                                                                                                                                                                                                                                                        				intOrPtr _t149;
                                                                                                                                                                                                                                                        				intOrPtr _t150;
                                                                                                                                                                                                                                                        				intOrPtr _t155;
                                                                                                                                                                                                                                                        				intOrPtr* _t158;
                                                                                                                                                                                                                                                        				intOrPtr* _t159;
                                                                                                                                                                                                                                                        				intOrPtr* _t160;
                                                                                                                                                                                                                                                        				intOrPtr* _t162;
                                                                                                                                                                                                                                                        				intOrPtr _t163;
                                                                                                                                                                                                                                                        				intOrPtr* _t164;
                                                                                                                                                                                                                                                        				intOrPtr* _t165;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 4)) >= 0xccccccb) {
                                                                                                                                                                                                                                                        					_push("map/set<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					L34:
                                                                                                                                                                                                                                                        					E00BCE9D0(_t158, _t160);
                                                                                                                                                                                                                                                        					_t131 = _t160;
                                                                                                                                                                                                                                                        					L22:
                                                                                                                                                                                                                                                        					 *((char*)( *((intOrPtr*)(_t131 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        					 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t131 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        					E00BCE990(_t158,  *((intOrPtr*)( *((intOrPtr*)(_t131 + 4)) + 4)));
                                                                                                                                                                                                                                                        					_t149 = _t131;
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					_t162 =  *((intOrPtr*)(_t149 + 4));
                                                                                                                                                                                                                                                        					if( *((char*)(_t162 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						 *((char*)( *((intOrPtr*)( *_t158 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        						_t98 = _v28;
                                                                                                                                                                                                                                                        						 *_t98 = _t128;
                                                                                                                                                                                                                                                        						return _t98;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t31 = _t149 + 4; // 0x4
                                                                                                                                                                                                                                                        					_t99 = _t31;
                                                                                                                                                                                                                                                        					_t133 = _t162 + 0xc;
                                                                                                                                                                                                                                                        					_v20 = _t158;
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t159 =  *((intOrPtr*)(_t162 + 4));
                                                                                                                                                                                                                                                        						_v24 = _t149;
                                                                                                                                                                                                                                                        						_t150 =  *_t159;
                                                                                                                                                                                                                                                        						if(_t162 == _t150) {
                                                                                                                                                                                                                                                        							goto L29;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if( *((char*)(_t150 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        							_t138 = _v24;
                                                                                                                                                                                                                                                        							if(_t138 ==  *_t162) {
                                                                                                                                                                                                                                                        								E00BCE9D0(_v20, _t162);
                                                                                                                                                                                                                                                        								_t138 = _t162;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t163 = _t138;
                                                                                                                                                                                                                                                        							 *((char*)( *((intOrPtr*)(_t138 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        							 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t138 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        							E00BCE990(_v20,  *((intOrPtr*)( *((intOrPtr*)(_t138 + 4)) + 4)));
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							_t149 = _t163;
                                                                                                                                                                                                                                                        							L15:
                                                                                                                                                                                                                                                        							_t162 =  *((intOrPtr*)(_t149 + 4));
                                                                                                                                                                                                                                                        							_t158 = _v20;
                                                                                                                                                                                                                                                        							_t43 = _t149 + 4; // 0xccccccf
                                                                                                                                                                                                                                                        							_t99 = _t43;
                                                                                                                                                                                                                                                        							_t45 = _t162 + 0xc; // 0xcccccd7
                                                                                                                                                                                                                                                        							_t133 = _t45;
                                                                                                                                                                                                                                                        							if( *((char*)(_t162 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						 *_t133 = 1;
                                                                                                                                                                                                                                                        						 *((char*)(_t150 + 0xc)) = 1;
                                                                                                                                                                                                                                                        						 *((char*)( *((intOrPtr*)( *_t99 + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        						_t149 =  *((intOrPtr*)( *_t99 + 4));
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        						L29:
                                                                                                                                                                                                                                                        						_t150 =  *((intOrPtr*)(_t159 + 8));
                                                                                                                                                                                                                                                        						if( *((char*)(_t150 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v24 ==  *((intOrPtr*)(_t162 + 8))) {
                                                                                                                                                                                                                                                        							E00BCE990(_v20, _t162);
                                                                                                                                                                                                                                                        							_v24 = _t162;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t163 = _v24;
                                                                                                                                                                                                                                                        						 *((char*)( *((intOrPtr*)(_t163 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        						 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t163 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        						E00BCE9D0(_v20,  *((intOrPtr*)( *((intOrPtr*)(_t163 + 4)) + 4)));
                                                                                                                                                                                                                                                        						goto L19;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t164 = _a8;
                                                                                                                                                                                                                                                        				_t158 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t155 =  *__ecx;
                                                                                                                                                                                                                                                        				_t128 = __eax;
                                                                                                                                                                                                                                                        				 *__eax = _t155;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 8)) = _t155;
                                                                                                                                                                                                                                                        				 *((short*)(__eax + 0xc)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x10)) =  *_a12;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 4)) =  *((intOrPtr*)(__ecx + 4)) + 1;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) = _t164;
                                                                                                                                                                                                                                                        				if(_t155 == _t164) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t164 + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *__ecx)) = __eax;
                                                                                                                                                                                                                                                        					_t115 =  *__ecx;
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t115 + 8)) = _t128;
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t160 =  *((intOrPtr*)(_t128 + 4));
                                                                                                                                                                                                                                                        					if( *((char*)(_t160 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        						_t143 =  *((intOrPtr*)(_t160 + 4));
                                                                                                                                                                                                                                                        						_t116 =  *_t143;
                                                                                                                                                                                                                                                        						if(_t160 == _t116) {
                                                                                                                                                                                                                                                        							_t116 =  *((intOrPtr*)(_t143 + 8));
                                                                                                                                                                                                                                                        							if( *((char*)(_t116 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        								L9:
                                                                                                                                                                                                                                                        								 *((char*)(_t160 + 0xc)) = 1;
                                                                                                                                                                                                                                                        								 *((char*)(_t116 + 0xc)) = 1;
                                                                                                                                                                                                                                                        								 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t128 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        								_t149 =  *((intOrPtr*)( *((intOrPtr*)(_t128 + 4)) + 4));
                                                                                                                                                                                                                                                        								goto L10;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t120 = _t128;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t160 + 8)) == _t128) {
                                                                                                                                                                                                                                                        								E00BCE990(_t158, _t160);
                                                                                                                                                                                                                                                        								_t120 = _t160;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t165 = _t120;
                                                                                                                                                                                                                                                        							 *((char*)( *((intOrPtr*)(_t120 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        							 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t165 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        							E00BCE9D0(_t158,  *((intOrPtr*)( *((intOrPtr*)(_t165 + 4)) + 4)));
                                                                                                                                                                                                                                                        							_t149 = _t165;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if( *((char*)(_t116 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        							_t131 = _t128;
                                                                                                                                                                                                                                                        							if( *_t160 == _t128) {
                                                                                                                                                                                                                                                        								goto L34;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_a4 != 0) {
                                                                                                                                                                                                                                                        					 *_t164 = __eax;
                                                                                                                                                                                                                                                        					_t127 =  *__ecx;
                                                                                                                                                                                                                                                        					if( *_t127 == _t164) {
                                                                                                                                                                                                                                                        						 *_t127 = __eax;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t164 + 8)) = __eax;
                                                                                                                                                                                                                                                        				_t115 =  *__ecx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t115 + 8)) != _t164) {
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L4;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00bcee00
                                                                                                                                                                                                                                                        0x00bcee03
                                                                                                                                                                                                                                                        0x00bcf008
                                                                                                                                                                                                                                                        0x00bcf00d
                                                                                                                                                                                                                                                        0x00bcf012
                                                                                                                                                                                                                                                        0x00bcf016
                                                                                                                                                                                                                                                        0x00bcf01b
                                                                                                                                                                                                                                                        0x00bcef3f
                                                                                                                                                                                                                                                        0x00bcef44
                                                                                                                                                                                                                                                        0x00bcef4e
                                                                                                                                                                                                                                                        0x00bcef5a
                                                                                                                                                                                                                                                        0x00bcef5f
                                                                                                                                                                                                                                                        0x00bceea2
                                                                                                                                                                                                                                                        0x00bceea2
                                                                                                                                                                                                                                                        0x00bceea9
                                                                                                                                                                                                                                                        0x00bcee5d
                                                                                                                                                                                                                                                        0x00bcee62
                                                                                                                                                                                                                                                        0x00bcee66
                                                                                                                                                                                                                                                        0x00bcee69
                                                                                                                                                                                                                                                        0x00bcee72
                                                                                                                                                                                                                                                        0x00bcee72
                                                                                                                                                                                                                                                        0x00bceeab
                                                                                                                                                                                                                                                        0x00bceeab
                                                                                                                                                                                                                                                        0x00bceeae
                                                                                                                                                                                                                                                        0x00bceeb1
                                                                                                                                                                                                                                                        0x00bceeb4
                                                                                                                                                                                                                                                        0x00bceeb4
                                                                                                                                                                                                                                                        0x00bceeb7
                                                                                                                                                                                                                                                        0x00bceeba
                                                                                                                                                                                                                                                        0x00bceebe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bceec8
                                                                                                                                                                                                                                                        0x00bceef7
                                                                                                                                                                                                                                                        0x00bceefc
                                                                                                                                                                                                                                                        0x00bcf027
                                                                                                                                                                                                                                                        0x00bcf02c
                                                                                                                                                                                                                                                        0x00bcf02c
                                                                                                                                                                                                                                                        0x00bcef05
                                                                                                                                                                                                                                                        0x00bcef07
                                                                                                                                                                                                                                                        0x00bcef11
                                                                                                                                                                                                                                                        0x00bcef1e
                                                                                                                                                                                                                                                        0x00bcef23
                                                                                                                                                                                                                                                        0x00bcef23
                                                                                                                                                                                                                                                        0x00bceedf
                                                                                                                                                                                                                                                        0x00bceedf
                                                                                                                                                                                                                                                        0x00bceee2
                                                                                                                                                                                                                                                        0x00bceee5
                                                                                                                                                                                                                                                        0x00bceee5
                                                                                                                                                                                                                                                        0x00bceeec
                                                                                                                                                                                                                                                        0x00bceeec
                                                                                                                                                                                                                                                        0x00bceeef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bceef5
                                                                                                                                                                                                                                                        0x00bceeca
                                                                                                                                                                                                                                                        0x00bceeca
                                                                                                                                                                                                                                                        0x00bceecd
                                                                                                                                                                                                                                                        0x00bceed6
                                                                                                                                                                                                                                                        0x00bceedc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcefbf
                                                                                                                                                                                                                                                        0x00bcefbf
                                                                                                                                                                                                                                                        0x00bcefc6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcefd2
                                                                                                                                                                                                                                                        0x00bcefd9
                                                                                                                                                                                                                                                        0x00bcefde
                                                                                                                                                                                                                                                        0x00bcefde
                                                                                                                                                                                                                                                        0x00bcefe1
                                                                                                                                                                                                                                                        0x00bcefea
                                                                                                                                                                                                                                                        0x00bceff4
                                                                                                                                                                                                                                                        0x00bceffe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bceffe
                                                                                                                                                                                                                                                        0x00bceeb4
                                                                                                                                                                                                                                                        0x00bcee09
                                                                                                                                                                                                                                                        0x00bcee0c
                                                                                                                                                                                                                                                        0x00bcee0e
                                                                                                                                                                                                                                                        0x00bcee10
                                                                                                                                                                                                                                                        0x00bcee18
                                                                                                                                                                                                                                                        0x00bcee1d
                                                                                                                                                                                                                                                        0x00bcee1f
                                                                                                                                                                                                                                                        0x00bcee21
                                                                                                                                                                                                                                                        0x00bcee24
                                                                                                                                                                                                                                                        0x00bcee2c
                                                                                                                                                                                                                                                        0x00bcee2f
                                                                                                                                                                                                                                                        0x00bcee34
                                                                                                                                                                                                                                                        0x00bcee37
                                                                                                                                                                                                                                                        0x00bcef27
                                                                                                                                                                                                                                                        0x00bcef2c
                                                                                                                                                                                                                                                        0x00bcef2e
                                                                                                                                                                                                                                                        0x00bcee51
                                                                                                                                                                                                                                                        0x00bcee51
                                                                                                                                                                                                                                                        0x00bcee54
                                                                                                                                                                                                                                                        0x00bcee54
                                                                                                                                                                                                                                                        0x00bcee5b
                                                                                                                                                                                                                                                        0x00bcee73
                                                                                                                                                                                                                                                        0x00bcee76
                                                                                                                                                                                                                                                        0x00bcee7a
                                                                                                                                                                                                                                                        0x00bcef79
                                                                                                                                                                                                                                                        0x00bcef80
                                                                                                                                                                                                                                                        0x00bcee8a
                                                                                                                                                                                                                                                        0x00bcee8a
                                                                                                                                                                                                                                                        0x00bcee8e
                                                                                                                                                                                                                                                        0x00bcee98
                                                                                                                                                                                                                                                        0x00bcee9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcee9f
                                                                                                                                                                                                                                                        0x00bcef89
                                                                                                                                                                                                                                                        0x00bcef8b
                                                                                                                                                                                                                                                        0x00bcef91
                                                                                                                                                                                                                                                        0x00bcef96
                                                                                                                                                                                                                                                        0x00bcef96
                                                                                                                                                                                                                                                        0x00bcef98
                                                                                                                                                                                                                                                        0x00bcef9f
                                                                                                                                                                                                                                                        0x00bcefa9
                                                                                                                                                                                                                                                        0x00bcefb3
                                                                                                                                                                                                                                                        0x00bcefb8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcefb8
                                                                                                                                                                                                                                                        0x00bcee84
                                                                                                                                                                                                                                                        0x00bcef37
                                                                                                                                                                                                                                                        0x00bcef39
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcef39
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcee84
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcee5b
                                                                                                                                                                                                                                                        0x00bcee41
                                                                                                                                                                                                                                                        0x00bcef66
                                                                                                                                                                                                                                                        0x00bcef68
                                                                                                                                                                                                                                                        0x00bcef6c
                                                                                                                                                                                                                                                        0x00bcef72
                                                                                                                                                                                                                                                        0x00bcef72
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcef6c
                                                                                                                                                                                                                                                        0x00bcee47
                                                                                                                                                                                                                                                        0x00bcee4a
                                                                                                                                                                                                                                                        0x00bcee4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,4DD80977,?), ref: 00BCEE10
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,?,4DD80977,?), ref: 00BCF00D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: map/set<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-1285458680
                                                                                                                                                                                                                                                        • Opcode ID: 9b95f52d76888a24bb7a817997f0947483ca9d29e6c5d65da8a24a15581a8e0b
                                                                                                                                                                                                                                                        • Instruction ID: 653f78cf3bae09b4b2e6dcdaaf4cc1a65432ddd022917a3117512b1ca909bc5c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9b95f52d76888a24bb7a817997f0947483ca9d29e6c5d65da8a24a15581a8e0b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E1810134600282CFD751CB09C184F2AFBE2AB49324F29C4DDD8A98B362C7B5EC41CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BCF4B0(intOrPtr* __eax, void* __ebx, intOrPtr* __ecx, intOrPtr* __edx, void* __edi, void* __esi, char _a4, intOrPtr* _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				intOrPtr* _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				intOrPtr* _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _t63;
                                                                                                                                                                                                                                                        				intOrPtr* _t67;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t87;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t91;
                                                                                                                                                                                                                                                        				intOrPtr _t93;
                                                                                                                                                                                                                                                        				char* _t94;
                                                                                                                                                                                                                                                        				intOrPtr* _t102;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				intOrPtr* _t112;
                                                                                                                                                                                                                                                        				intOrPtr* _t115;
                                                                                                                                                                                                                                                        				intOrPtr* _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t63 = __eax;
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 4)) >= 0xccccccb) {
                                                                                                                                                                                                                                                        					_push("map/set<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t90 = __ecx - 1;
                                                                                                                                                                                                                                                        					if(_t90 <= 8) {
                                                                                                                                                                                                                                                        						return  *((intOrPtr*)(__edx + 0x50 + (_t90 + _t90 * 2) * 4));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t115 = _a8;
                                                                                                                                                                                                                                                        					_push(0x14);
                                                                                                                                                                                                                                                        					L00BEF6BA();
                                                                                                                                                                                                                                                        					_t91 =  *__ecx;
                                                                                                                                                                                                                                                        					 *__eax = _t91;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__eax + 8)) = _t91;
                                                                                                                                                                                                                                                        					 *((short*)(__eax + 0xc)) = 0;
                                                                                                                                                                                                                                                        					_t7 = _t63 + 4; // 0x4
                                                                                                                                                                                                                                                        					_t87 = _t7;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__eax + 0x10)) =  *_a12;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) =  *((intOrPtr*)(__ecx + 4)) + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__eax + 4)) = _t115;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					if(_t91 == _t115) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t115 + 4)) = __eax;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *__ecx)) = __eax;
                                                                                                                                                                                                                                                        						_t93 =  *__ecx;
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_a4 == 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t115 + 8)) = __eax;
                                                                                                                                                                                                                                                        							_t93 =  *__ecx;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t93 + 8)) == _t115) {
                                                                                                                                                                                                                                                        								L6:
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t93 + 8)) = _t63;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *_t115 = __eax;
                                                                                                                                                                                                                                                        							_t102 =  *__ecx;
                                                                                                                                                                                                                                                        							if( *_t102 == _t115) {
                                                                                                                                                                                                                                                        								 *_t102 = __eax;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t116 =  *_t87;
                                                                                                                                                                                                                                                        					_v24 = _t63;
                                                                                                                                                                                                                                                        					if( *((char*)(_t116 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        						_t67 = _v24;
                                                                                                                                                                                                                                                        						_t24 = _t116 + 0xc; // 0xd
                                                                                                                                                                                                                                                        						_t94 = _t24;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t112 =  *((intOrPtr*)(_t116 + 4));
                                                                                                                                                                                                                                                        							_t105 =  *_t112;
                                                                                                                                                                                                                                                        							if(_t116 == _t105) {
                                                                                                                                                                                                                                                        								_t105 =  *((intOrPtr*)(_t112 + 8));
                                                                                                                                                                                                                                                        								if( *((char*)(_t105 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t67 ==  *((intOrPtr*)(_t116 + 8))) {
                                                                                                                                                                                                                                                        										E00BCE990(_v20, _t116);
                                                                                                                                                                                                                                                        										_t67 = _t116;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t118 = _t67;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)(_t67 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        									E00BCE9D0(_v20,  *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)));
                                                                                                                                                                                                                                                        									goto L22;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if( *((char*)(_t105 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        									if(_t67 ==  *_t116) {
                                                                                                                                                                                                                                                        										E00BCE9D0(_v20, _t116);
                                                                                                                                                                                                                                                        										_t67 = _t116;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t118 = _t67;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)(_t67 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        									E00BCE990(_v20,  *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)));
                                                                                                                                                                                                                                                        									L22:
                                                                                                                                                                                                                                                        									_t67 = _t118;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L12:
                                                                                                                                                                                                                                                        									 *_t94 = 1;
                                                                                                                                                                                                                                                        									 *((char*)(_t105 + 0xc)) = 1;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)( *_t87 + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        									_t67 =  *((intOrPtr*)( *_t87 + 4));
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t116 =  *((intOrPtr*)(_t67 + 4));
                                                                                                                                                                                                                                                        							_t32 = _t67 + 4; // 0x4
                                                                                                                                                                                                                                                        							_t87 = _t32;
                                                                                                                                                                                                                                                        							_t34 = _t116 + 0xc; // 0xc
                                                                                                                                                                                                                                                        							_t94 = _t34;
                                                                                                                                                                                                                                                        						} while ( *((char*)(_t116 + 0xc)) == 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *((char*)( *((intOrPtr*)( *_v20 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        					_t84 = _v28;
                                                                                                                                                                                                                                                        					 *_t84 = _v24;
                                                                                                                                                                                                                                                        					return _t84;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bcf4b0
                                                                                                                                                                                                                                                        0x00bcf4c0
                                                                                                                                                                                                                                                        0x00bcf4c3
                                                                                                                                                                                                                                                        0x00bcf618
                                                                                                                                                                                                                                                        0x00bcf61d
                                                                                                                                                                                                                                                        0x00bcf622
                                                                                                                                                                                                                                                        0x00bcf623
                                                                                                                                                                                                                                                        0x00bcf624
                                                                                                                                                                                                                                                        0x00bcf625
                                                                                                                                                                                                                                                        0x00bcf626
                                                                                                                                                                                                                                                        0x00bcf627
                                                                                                                                                                                                                                                        0x00bcf628
                                                                                                                                                                                                                                                        0x00bcf629
                                                                                                                                                                                                                                                        0x00bcf62a
                                                                                                                                                                                                                                                        0x00bcf62b
                                                                                                                                                                                                                                                        0x00bcf62c
                                                                                                                                                                                                                                                        0x00bcf62d
                                                                                                                                                                                                                                                        0x00bcf62e
                                                                                                                                                                                                                                                        0x00bcf62f
                                                                                                                                                                                                                                                        0x00bcf630
                                                                                                                                                                                                                                                        0x00bcf636
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf63b
                                                                                                                                                                                                                                                        0x00bcf63f
                                                                                                                                                                                                                                                        0x00bcf4c9
                                                                                                                                                                                                                                                        0x00bcf4cc
                                                                                                                                                                                                                                                        0x00bcf4d1
                                                                                                                                                                                                                                                        0x00bcf4d3
                                                                                                                                                                                                                                                        0x00bcf4db
                                                                                                                                                                                                                                                        0x00bcf4dd
                                                                                                                                                                                                                                                        0x00bcf4df
                                                                                                                                                                                                                                                        0x00bcf4e2
                                                                                                                                                                                                                                                        0x00bcf4ea
                                                                                                                                                                                                                                                        0x00bcf4ea
                                                                                                                                                                                                                                                        0x00bcf4ed
                                                                                                                                                                                                                                                        0x00bcf4f0
                                                                                                                                                                                                                                                        0x00bcf4f5
                                                                                                                                                                                                                                                        0x00bcf4f8
                                                                                                                                                                                                                                                        0x00bcf4fb
                                                                                                                                                                                                                                                        0x00bcf513
                                                                                                                                                                                                                                                        0x00bcf518
                                                                                                                                                                                                                                                        0x00bcf51a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf4fd
                                                                                                                                                                                                                                                        0x00bcf501
                                                                                                                                                                                                                                                        0x00bcf605
                                                                                                                                                                                                                                                        0x00bcf608
                                                                                                                                                                                                                                                        0x00bcf60d
                                                                                                                                                                                                                                                        0x00bcf51c
                                                                                                                                                                                                                                                        0x00bcf51c
                                                                                                                                                                                                                                                        0x00bcf51c
                                                                                                                                                                                                                                                        0x00bcf507
                                                                                                                                                                                                                                                        0x00bcf507
                                                                                                                                                                                                                                                        0x00bcf509
                                                                                                                                                                                                                                                        0x00bcf50d
                                                                                                                                                                                                                                                        0x00bcf50f
                                                                                                                                                                                                                                                        0x00bcf50f
                                                                                                                                                                                                                                                        0x00bcf50d
                                                                                                                                                                                                                                                        0x00bcf501
                                                                                                                                                                                                                                                        0x00bcf51f
                                                                                                                                                                                                                                                        0x00bcf521
                                                                                                                                                                                                                                                        0x00bcf528
                                                                                                                                                                                                                                                        0x00bcf546
                                                                                                                                                                                                                                                        0x00bcf549
                                                                                                                                                                                                                                                        0x00bcf549
                                                                                                                                                                                                                                                        0x00bcf550
                                                                                                                                                                                                                                                        0x00bcf550
                                                                                                                                                                                                                                                        0x00bcf553
                                                                                                                                                                                                                                                        0x00bcf557
                                                                                                                                                                                                                                                        0x00bcf590
                                                                                                                                                                                                                                                        0x00bcf597
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf599
                                                                                                                                                                                                                                                        0x00bcf59c
                                                                                                                                                                                                                                                        0x00bcf5a3
                                                                                                                                                                                                                                                        0x00bcf5a8
                                                                                                                                                                                                                                                        0x00bcf5a8
                                                                                                                                                                                                                                                        0x00bcf5aa
                                                                                                                                                                                                                                                        0x00bcf5b2
                                                                                                                                                                                                                                                        0x00bcf5bc
                                                                                                                                                                                                                                                        0x00bcf5c6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf5c6
                                                                                                                                                                                                                                                        0x00bcf559
                                                                                                                                                                                                                                                        0x00bcf55d
                                                                                                                                                                                                                                                        0x00bcf5cf
                                                                                                                                                                                                                                                        0x00bcf5d6
                                                                                                                                                                                                                                                        0x00bcf5db
                                                                                                                                                                                                                                                        0x00bcf5db
                                                                                                                                                                                                                                                        0x00bcf5dd
                                                                                                                                                                                                                                                        0x00bcf5e5
                                                                                                                                                                                                                                                        0x00bcf5ef
                                                                                                                                                                                                                                                        0x00bcf5f9
                                                                                                                                                                                                                                                        0x00bcf5fe
                                                                                                                                                                                                                                                        0x00bcf5fe
                                                                                                                                                                                                                                                        0x00bcf55f
                                                                                                                                                                                                                                                        0x00bcf55f
                                                                                                                                                                                                                                                        0x00bcf55f
                                                                                                                                                                                                                                                        0x00bcf562
                                                                                                                                                                                                                                                        0x00bcf56b
                                                                                                                                                                                                                                                        0x00bcf571
                                                                                                                                                                                                                                                        0x00bcf571
                                                                                                                                                                                                                                                        0x00bcf55d
                                                                                                                                                                                                                                                        0x00bcf574
                                                                                                                                                                                                                                                        0x00bcf577
                                                                                                                                                                                                                                                        0x00bcf577
                                                                                                                                                                                                                                                        0x00bcf57e
                                                                                                                                                                                                                                                        0x00bcf57e
                                                                                                                                                                                                                                                        0x00bcf57e
                                                                                                                                                                                                                                                        0x00bcf583
                                                                                                                                                                                                                                                        0x00bcf535
                                                                                                                                                                                                                                                        0x00bcf539
                                                                                                                                                                                                                                                        0x00bcf53c
                                                                                                                                                                                                                                                        0x00bcf545
                                                                                                                                                                                                                                                        0x00bcf545

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,00000001,?,?,?,00BCC606,?,?,00BCC58A), ref: 00BCF4D3
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,00000001,?,?,?,00BCC606,?,?,00BCC58A), ref: 00BCF61D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: map/set<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-1285458680
                                                                                                                                                                                                                                                        • Opcode ID: 1d844e1884a4cc77508d31121a0dea50583ef3536b479f4b87624ac609c7ee7a
                                                                                                                                                                                                                                                        • Instruction ID: 2365ee2dd98fc48a44666829c181fd8e98b7656308412ea58d73bb239170046c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1d844e1884a4cc77508d31121a0dea50583ef3536b479f4b87624ac609c7ee7a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 395133746002568FCB11CF18C088F6ABBE2EB59314F29C4EDD9598B362C771EC41CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BE0D10(char* __edx, intOrPtr _a4, intOrPtr* _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20, signed int _a24, intOrPtr _a28, intOrPtr _a32, HANDLE* _a36, signed int* _a40, intOrPtr _a44) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				long _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				void* _v112;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				void* _t52;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        				signed int _t64;
                                                                                                                                                                                                                                                        				signed int* _t66;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __edx;
                                                                                                                                                                                                                                                        				_t54 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t66 = _a40;
                                                                                                                                                                                                                                                        				_v24 = _t54 ^ _t67;
                                                                                                                                                                                                                                                        				if(_a4 != 3 || _a32 != 0) {
                                                                                                                                                                                                                                                        					 *_t66 = 0xc0000022;
                                                                                                                                                                                                                                                        					_t52 = 0;
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t64 = _a24;
                                                                                                                                                                                                                                                        					asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        					_t53 =  &_v80;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_v64 = 0;
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        					E00BE5CE0(_a12, _a16, _a20, _t53,  &_v48, 0);
                                                                                                                                                                                                                                                        					_v28 = _t64;
                                                                                                                                                                                                                                                        					_v84 =  *_a8;
                                                                                                                                                                                                                                                        					 *_a36 = 0;
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					E00BEB3D0("NtCreateKey",  &_v32);
                                                                                                                                                                                                                                                        					__eflags = _t64 & 0x02000000;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						_t62 =  &_v28;
                                                                                                                                                                                                                                                        						_t46 = E00BE0F80( &_v80,  &_v28, __eflags);
                                                                                                                                                                                                                                                        						__eflags = _t46;
                                                                                                                                                                                                                                                        						if(_t46 < 0) {
                                                                                                                                                                                                                                                        							_t47 = 0xc0000022;
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_t52 = 1;
                                                                                                                                                                                                                                                        							 *_t66 = _t47;
                                                                                                                                                                                                                                                        							L3:
                                                                                                                                                                                                                                                        							E00BEECB0(_v24 ^ _t67, _t62);
                                                                                                                                                                                                                                                        							return _t52;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t64 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v36 = 0xffffffff;
                                                                                                                                                                                                                                                        					_t62 =  &_v36;
                                                                                                                                                                                                                                                        					_t47 = _v32( &_v36, _t64, _t53, _a28, 0, 0, _a44);
                                                                                                                                                                                                                                                        					__eflags = _t47;
                                                                                                                                                                                                                                                        					if(_t47 >= 0) {
                                                                                                                                                                                                                                                        						__eflags = DuplicateHandle(GetCurrentProcess(), _v64, _v112, _a36, 0, 0, 3);
                                                                                                                                                                                                                                                        						_t47 =  !=  ? 0 : 0xc0000022;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00be0d10
                                                                                                                                                                                                                                                        0x00be0d1c
                                                                                                                                                                                                                                                        0x00be0d25
                                                                                                                                                                                                                                                        0x00be0d2d
                                                                                                                                                                                                                                                        0x00be0d31
                                                                                                                                                                                                                                                        0x00be0d39
                                                                                                                                                                                                                                                        0x00be0d3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be0d56
                                                                                                                                                                                                                                                        0x00be0d56
                                                                                                                                                                                                                                                        0x00be0d5f
                                                                                                                                                                                                                                                        0x00be0d62
                                                                                                                                                                                                                                                        0x00be0d66
                                                                                                                                                                                                                                                        0x00be0d6e
                                                                                                                                                                                                                                                        0x00be0d76
                                                                                                                                                                                                                                                        0x00be0d7e
                                                                                                                                                                                                                                                        0x00be0d8a
                                                                                                                                                                                                                                                        0x00be0d98
                                                                                                                                                                                                                                                        0x00be0da5
                                                                                                                                                                                                                                                        0x00be0da9
                                                                                                                                                                                                                                                        0x00be0db0
                                                                                                                                                                                                                                                        0x00be0dba
                                                                                                                                                                                                                                                        0x00be0dc8
                                                                                                                                                                                                                                                        0x00be0dd0
                                                                                                                                                                                                                                                        0x00be0dd6
                                                                                                                                                                                                                                                        0x00be0e33
                                                                                                                                                                                                                                                        0x00be0e37
                                                                                                                                                                                                                                                        0x00be0e3c
                                                                                                                                                                                                                                                        0x00be0e3e
                                                                                                                                                                                                                                                        0x00be0e46
                                                                                                                                                                                                                                                        0x00be0e26
                                                                                                                                                                                                                                                        0x00be0e26
                                                                                                                                                                                                                                                        0x00be0e28
                                                                                                                                                                                                                                                        0x00be0d41
                                                                                                                                                                                                                                                        0x00be0d47
                                                                                                                                                                                                                                                        0x00be0d55
                                                                                                                                                                                                                                                        0x00be0d55
                                                                                                                                                                                                                                                        0x00be0e40
                                                                                                                                                                                                                                                        0x00be0e40
                                                                                                                                                                                                                                                        0x00be0dde
                                                                                                                                                                                                                                                        0x00be0de6
                                                                                                                                                                                                                                                        0x00be0df3
                                                                                                                                                                                                                                                        0x00be0df7
                                                                                                                                                                                                                                                        0x00be0df9
                                                                                                                                                                                                                                                        0x00be0e1c
                                                                                                                                                                                                                                                        0x00be0e23
                                                                                                                                                                                                                                                        0x00be0e23
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be0df9

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE0DFF
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,FFFFFFFF,?,?,00000000,00000000,00000003), ref: 00BE0E14
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CurrentDuplicateHandleProcess
                                                                                                                                                                                                                                                        • String ID: NtCreateKey
                                                                                                                                                                                                                                                        • API String ID: 1009649615-1315030288
                                                                                                                                                                                                                                                        • Opcode ID: ef7e311363e6f77d289213ba6c18a3f9070e3ccb5c657fdc9188ce5135f770e4
                                                                                                                                                                                                                                                        • Instruction ID: 185b6c496ce6e601fa03ba5348d1d757b0bb5be632930977635a027e74d1e066
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ef7e311363e6f77d289213ba6c18a3f9070e3ccb5c657fdc9188ce5135f770e4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 54312570604345AFD710DF55CC85BABB7E8EF89314F104A68F99497290E7B0E844CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BE0E50(intOrPtr _a4, void** _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20, signed int _a24, HANDLE* _a28, intOrPtr* _a32) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				long _v60;
                                                                                                                                                                                                                                                        				long _v64;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t40;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				intOrPtr* _t64;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t64 = (_t62 & 0xfffffff0) - 0x40;
                                                                                                                                                                                                                                                        				_t47 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t55 = _a32;
                                                                                                                                                                                                                                                        				_v24 = _t47 ^ _t61;
                                                                                                                                                                                                                                                        				if(_a4 != 3) {
                                                                                                                                                                                                                                                        					 *_t55 = 0xc0000022;
                                                                                                                                                                                                                                                        					_t45 = 0;
                                                                                                                                                                                                                                                        					__eflags = 0;
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t61, _t55);
                                                                                                                                                                                                                                                        					return _t45;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t56 = _a24;
                                                                                                                                                                                                                                                        				_t55 = _a12;
                                                                                                                                                                                                                                                        				asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        				_t46 = _t64;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v60 = 0;
                                                                                                                                                                                                                                                        				_v64 = 0;
                                                                                                                                                                                                                                                        				asm("movaps [esp], xmm0");
                                                                                                                                                                                                                                                        				E00BE5CE0(_a12, _a16, _a20, _t46,  &_v48, 0);
                                                                                                                                                                                                                                                        				_t59 =  *_a8;
                                                                                                                                                                                                                                                        				_v28 = _t56;
                                                                                                                                                                                                                                                        				 *_a28 = 0;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenKey",  &_v32);
                                                                                                                                                                                                                                                        				_t67 = _t64 + 0x20;
                                                                                                                                                                                                                                                        				if((_t56 & 0x02000000) != 0) {
                                                                                                                                                                                                                                                        					_t55 =  &_v28;
                                                                                                                                                                                                                                                        					_t39 = E00BE0F80(_t67,  &_v28, __eflags);
                                                                                                                                                                                                                                                        					__eflags = _t39;
                                                                                                                                                                                                                                                        					if(_t39 < 0) {
                                                                                                                                                                                                                                                        						_t40 = 0xc0000022;
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t45 = 1;
                                                                                                                                                                                                                                                        						 *_a32 = _t40;
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t56 = _v28;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v36 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t40 = _v32( &_v36, _t56, _t46);
                                                                                                                                                                                                                                                        				if(_t40 >= 0) {
                                                                                                                                                                                                                                                        					DuplicateHandle(GetCurrentProcess(), _v48, _t59, _a28, 0, 0, 3);
                                                                                                                                                                                                                                                        					_t40 =  !=  ? 0 : 0xc0000022;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L4;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00be0e59
                                                                                                                                                                                                                                                        0x00be0e5c
                                                                                                                                                                                                                                                        0x00be0e65
                                                                                                                                                                                                                                                        0x00be0e6d
                                                                                                                                                                                                                                                        0x00be0e71
                                                                                                                                                                                                                                                        0x00be0f3d
                                                                                                                                                                                                                                                        0x00be0f43
                                                                                                                                                                                                                                                        0x00be0f43
                                                                                                                                                                                                                                                        0x00be0f45
                                                                                                                                                                                                                                                        0x00be0f4b
                                                                                                                                                                                                                                                        0x00be0f59
                                                                                                                                                                                                                                                        0x00be0f59
                                                                                                                                                                                                                                                        0x00be0e77
                                                                                                                                                                                                                                                        0x00be0e80
                                                                                                                                                                                                                                                        0x00be0e83
                                                                                                                                                                                                                                                        0x00be0e8a
                                                                                                                                                                                                                                                        0x00be0e8c
                                                                                                                                                                                                                                                        0x00be0e94
                                                                                                                                                                                                                                                        0x00be0e9c
                                                                                                                                                                                                                                                        0x00be0ea4
                                                                                                                                                                                                                                                        0x00be0eac
                                                                                                                                                                                                                                                        0x00be0eb7
                                                                                                                                                                                                                                                        0x00be0ec2
                                                                                                                                                                                                                                                        0x00be0ec7
                                                                                                                                                                                                                                                        0x00be0ecb
                                                                                                                                                                                                                                                        0x00be0ed5
                                                                                                                                                                                                                                                        0x00be0ee3
                                                                                                                                                                                                                                                        0x00be0ee8
                                                                                                                                                                                                                                                        0x00be0ef1
                                                                                                                                                                                                                                                        0x00be0f5c
                                                                                                                                                                                                                                                        0x00be0f60
                                                                                                                                                                                                                                                        0x00be0f65
                                                                                                                                                                                                                                                        0x00be0f67
                                                                                                                                                                                                                                                        0x00be0f6f
                                                                                                                                                                                                                                                        0x00be0f34
                                                                                                                                                                                                                                                        0x00be0f37
                                                                                                                                                                                                                                                        0x00be0f39
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be0f39
                                                                                                                                                                                                                                                        0x00be0f69
                                                                                                                                                                                                                                                        0x00be0f69
                                                                                                                                                                                                                                                        0x00be0ef7
                                                                                                                                                                                                                                                        0x00be0f02
                                                                                                                                                                                                                                                        0x00be0f08
                                                                                                                                                                                                                                                        0x00be0f22
                                                                                                                                                                                                                                                        0x00be0f31
                                                                                                                                                                                                                                                        0x00be0f31
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5CE0: GetModuleHandleW.KERNEL32(ntdll.dll,?,00000000,?,?,00BE33B2,?,00000000,00000000,?,?,00000000), ref: 00BE5CF7
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5CE0: GetProcAddress.KERNEL32(00000000,RtlInitUnicodeString), ref: 00BE5D03
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE0F10
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,FFFFFFFF,?,?,00000000,00000000,00000003), ref: 00BE0F22
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleProc$CurrentDuplicateModuleProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenKey
                                                                                                                                                                                                                                                        • API String ID: 3653702758-2794788694
                                                                                                                                                                                                                                                        • Opcode ID: 2aa078fac4303a1f1d808733107ffb894d82d54f36e647a9d4c3d6640699c289
                                                                                                                                                                                                                                                        • Instruction ID: 4ca3fbde7f0279750433968a1db1a60d7b0e11f1877328ecf4d623ea4fe6d667
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2aa078fac4303a1f1d808733107ffb894d82d54f36e647a9d4c3d6640699c289
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 54317C71604344AFDB10DF25DC85BABBBE8EF88328F500A58F855A7380DB74E954CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 64%
                                                                                                                                                                                                                                                        			E00BD5D30(void* __ebx, void* __ecx, void* __eflags, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v72;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				signed int _v120;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				signed int _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				signed int _t75;
                                                                                                                                                                                                                                                        				intOrPtr* _t77;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				signed int* _t95;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				intOrPtr _t102;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t107;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				signed int _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __ebx;
                                                                                                                                                                                                                                                        				_t70 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t95 =  &_v68;
                                                                                                                                                                                                                                                        				_v16 = _t70 ^ _t106;
                                                                                                                                                                                                                                                        				_v72 = 7;
                                                                                                                                                                                                                                                        				_v76 = 0;
                                                                                                                                                                                                                                                        				_v92 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0xf;
                                                                                                                                                                                                                                                        				_v52 = 0;
                                                                                                                                                                                                                                                        				_v68 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0xf;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v100 = 5;
                                                                                                                                                                                                                                                        				E00BBA740( &_v92, _a4);
                                                                                                                                                                                                                                                        				E00BBD9B0(_t95, L"@ntdll.dll");
                                                                                                                                                                                                                                                        				_v20 = 1;
                                                                                                                                                                                                                                                        				_push( &_v100);
                                                                                                                                                                                                                                                        				E00BD6AD0( &_v100, __ebx, __ecx + 4,  *((intOrPtr*)(__ecx + 4)), _t95, __ecx + 4);
                                                                                                                                                                                                                                                        				_t110 = _t108 - 0x58 + 4;
                                                                                                                                                                                                                                                        				_t48 = _v24;
                                                                                                                                                                                                                                                        				if(_t48 >= 0x10) {
                                                                                                                                                                                                                                                        					_t75 = _v44;
                                                                                                                                                                                                                                                        					_t29 = _t48 + 1; // 0x10
                                                                                                                                                                                                                                                        					_t102 = _t29;
                                                                                                                                                                                                                                                        					__eflags = _t102 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t102 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t90 =  *(_t75 - 4);
                                                                                                                                                                                                                                                        						_t77 = _t75 + 0xfffffffc - _t90;
                                                                                                                                                                                                                                                        						__eflags = _t77 - 0x20;
                                                                                                                                                                                                                                                        						if(_t77 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t75 = _t90;
                                                                                                                                                                                                                                                        							_t102 = _t48 + 0x24;
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_push(_t102);
                                                                                                                                                                                                                                                        						_push(_t75);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t110 = _t110 + 8;
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v24 = 0xf;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_t61 = _v48;
                                                                                                                                                                                                                                                        					if(_t61 >= 0x10) {
                                                                                                                                                                                                                                                        						_t84 = _v68;
                                                                                                                                                                                                                                                        						_t31 = _t61 + 1; // 0x10
                                                                                                                                                                                                                                                        						_t102 = _t31;
                                                                                                                                                                                                                                                        						__eflags = _t102 - 0x1000;
                                                                                                                                                                                                                                                        						if(_t102 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t90 =  *(_t84 - 4);
                                                                                                                                                                                                                                                        							_t77 = _t84 + 0xfffffffc - _t90;
                                                                                                                                                                                                                                                        							__eflags = _t77 - 0x20;
                                                                                                                                                                                                                                                        							if(_t77 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t106);
                                                                                                                                                                                                                                                        								_t107 = _t110;
                                                                                                                                                                                                                                                        								_push(_t65);
                                                                                                                                                                                                                                                        								_push(_t95);
                                                                                                                                                                                                                                                        								_push(_t102);
                                                                                                                                                                                                                                                        								_t111 = _t110 - 0xc;
                                                                                                                                                                                                                                                        								_t49 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_t66 = 0;
                                                                                                                                                                                                                                                        								_v120 = _t49 ^ _t107;
                                                                                                                                                                                                                                                        								__eflags =  *(_t77 + 8);
                                                                                                                                                                                                                                                        								if(__eflags != 0) {
                                                                                                                                                                                                                                                        									_t103 = _t77;
                                                                                                                                                                                                                                                        									_t51 = E00BD5F40(_t77, __eflags);
                                                                                                                                                                                                                                                        									_t96 = _t51;
                                                                                                                                                                                                                                                        									_push(_t51);
                                                                                                                                                                                                                                                        									L00BEF6CC();
                                                                                                                                                                                                                                                        									_t52 = E00BD6040(_t77, _t51, _t96);
                                                                                                                                                                                                                                                        									_t90 = _t51;
                                                                                                                                                                                                                                                        									_t113 = _t111 + 8;
                                                                                                                                                                                                                                                        									_t66 = 0x26;
                                                                                                                                                                                                                                                        									__eflags = _t52;
                                                                                                                                                                                                                                                        									if(_t52 != 0) {
                                                                                                                                                                                                                                                        										_t66 = 0x27;
                                                                                                                                                                                                                                                        										_v32 = _t90;
                                                                                                                                                                                                                                                        										_t56 = E00BEB4E0( *((intOrPtr*)( *_t103)), _t90, _t96,  &_v28);
                                                                                                                                                                                                                                                        										_t113 = _t113 + 0x10;
                                                                                                                                                                                                                                                        										__eflags = _t56;
                                                                                                                                                                                                                                                        										if(_t56 != 0) {
                                                                                                                                                                                                                                                        											__eflags = _t96;
                                                                                                                                                                                                                                                        											_t93 = 0 | _t96 != 0x00000000;
                                                                                                                                                                                                                                                        											_t57 = E00BD6270(_t103, _t96 != 0);
                                                                                                                                                                                                                                                        											_t66 = _t57;
                                                                                                                                                                                                                                                        											__eflags = _t57;
                                                                                                                                                                                                                                                        											if(__eflags == 0) {
                                                                                                                                                                                                                                                        												 *0xbfb5bc = _v28;
                                                                                                                                                                                                                                                        												_t66 = E00BE9630( *_t103, _t93, __eflags, "g_interceptions", "true", 4);
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t90 = _v32;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_push(_t90);
                                                                                                                                                                                                                                                        									L00BEF6D2();
                                                                                                                                                                                                                                                        									_t111 = _t113 + 4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v24 ^ _t107;
                                                                                                                                                                                                                                                        								E00BEECB0(_v24 ^ _t107, _t90);
                                                                                                                                                                                                                                                        								return _t66;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t61 = _t61 + 0x24;
                                                                                                                                                                                                                                                        								_t84 = _t90;
                                                                                                                                                                                                                                                        								_t102 = _t61;
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							_push(_t102);
                                                                                                                                                                                                                                                        							_push(_t84);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t110 = _t110 + 8;
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_v52 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0xf;
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						E00BBDF30(_t61,  &_v92, _t90);
                                                                                                                                                                                                                                                        						E00BEECB0(_v16 ^ _t106, _t90);
                                                                                                                                                                                                                                                        						return 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}










































                                                                                                                                                                                                                                                        0x00bd5d30
                                                                                                                                                                                                                                                        0x00bd5d3a
                                                                                                                                                                                                                                                        0x00bd5d43
                                                                                                                                                                                                                                                        0x00bd5d48
                                                                                                                                                                                                                                                        0x00bd5d4e
                                                                                                                                                                                                                                                        0x00bd5d55
                                                                                                                                                                                                                                                        0x00bd5d5c
                                                                                                                                                                                                                                                        0x00bd5d62
                                                                                                                                                                                                                                                        0x00bd5d69
                                                                                                                                                                                                                                                        0x00bd5d70
                                                                                                                                                                                                                                                        0x00bd5d74
                                                                                                                                                                                                                                                        0x00bd5d7b
                                                                                                                                                                                                                                                        0x00bd5d82
                                                                                                                                                                                                                                                        0x00bd5d86
                                                                                                                                                                                                                                                        0x00bd5d8e
                                                                                                                                                                                                                                                        0x00bd5d9a
                                                                                                                                                                                                                                                        0x00bd5d9f
                                                                                                                                                                                                                                                        0x00bd5db1
                                                                                                                                                                                                                                                        0x00bd5db2
                                                                                                                                                                                                                                                        0x00bd5db7
                                                                                                                                                                                                                                                        0x00bd5dba
                                                                                                                                                                                                                                                        0x00bd5dc0
                                                                                                                                                                                                                                                        0x00bd5e0b
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e11
                                                                                                                                                                                                                                                        0x00bd5e17
                                                                                                                                                                                                                                                        0x00bd5e3f
                                                                                                                                                                                                                                                        0x00bd5e45
                                                                                                                                                                                                                                                        0x00bd5e47
                                                                                                                                                                                                                                                        0x00bd5e4a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e4c
                                                                                                                                                                                                                                                        0x00bd5e4f
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e1a
                                                                                                                                                                                                                                                        0x00bd5e1b
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc9
                                                                                                                                                                                                                                                        0x00bd5dd0
                                                                                                                                                                                                                                                        0x00bd5dd4
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5e25
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e2b
                                                                                                                                                                                                                                                        0x00bd5e31
                                                                                                                                                                                                                                                        0x00bd5e55
                                                                                                                                                                                                                                                        0x00bd5e5b
                                                                                                                                                                                                                                                        0x00bd5e5d
                                                                                                                                                                                                                                                        0x00bd5e60
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e71
                                                                                                                                                                                                                                                        0x00bd5e72
                                                                                                                                                                                                                                                        0x00bd5e73
                                                                                                                                                                                                                                                        0x00bd5e74
                                                                                                                                                                                                                                                        0x00bd5e75
                                                                                                                                                                                                                                                        0x00bd5e76
                                                                                                                                                                                                                                                        0x00bd5e77
                                                                                                                                                                                                                                                        0x00bd5e78
                                                                                                                                                                                                                                                        0x00bd5e79
                                                                                                                                                                                                                                                        0x00bd5e7a
                                                                                                                                                                                                                                                        0x00bd5e7b
                                                                                                                                                                                                                                                        0x00bd5e7c
                                                                                                                                                                                                                                                        0x00bd5e7d
                                                                                                                                                                                                                                                        0x00bd5e7e
                                                                                                                                                                                                                                                        0x00bd5e7f
                                                                                                                                                                                                                                                        0x00bd5e80
                                                                                                                                                                                                                                                        0x00bd5e81
                                                                                                                                                                                                                                                        0x00bd5e83
                                                                                                                                                                                                                                                        0x00bd5e84
                                                                                                                                                                                                                                                        0x00bd5e85
                                                                                                                                                                                                                                                        0x00bd5e86
                                                                                                                                                                                                                                                        0x00bd5e89
                                                                                                                                                                                                                                                        0x00bd5e8e
                                                                                                                                                                                                                                                        0x00bd5e92
                                                                                                                                                                                                                                                        0x00bd5e95
                                                                                                                                                                                                                                                        0x00bd5e99
                                                                                                                                                                                                                                                        0x00bd5eaf
                                                                                                                                                                                                                                                        0x00bd5eb1
                                                                                                                                                                                                                                                        0x00bd5eb6
                                                                                                                                                                                                                                                        0x00bd5eb8
                                                                                                                                                                                                                                                        0x00bd5eb9
                                                                                                                                                                                                                                                        0x00bd5ec8
                                                                                                                                                                                                                                                        0x00bd5ecd
                                                                                                                                                                                                                                                        0x00bd5ecf
                                                                                                                                                                                                                                                        0x00bd5ed2
                                                                                                                                                                                                                                                        0x00bd5ed7
                                                                                                                                                                                                                                                        0x00bd5ed9
                                                                                                                                                                                                                                                        0x00bd5ee0
                                                                                                                                                                                                                                                        0x00bd5ee7
                                                                                                                                                                                                                                                        0x00bd5eed
                                                                                                                                                                                                                                                        0x00bd5ef2
                                                                                                                                                                                                                                                        0x00bd5ef5
                                                                                                                                                                                                                                                        0x00bd5ef7
                                                                                                                                                                                                                                                        0x00bd5f09
                                                                                                                                                                                                                                                        0x00bd5f0d
                                                                                                                                                                                                                                                        0x00bd5f10
                                                                                                                                                                                                                                                        0x00bd5f15
                                                                                                                                                                                                                                                        0x00bd5f17
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5f1e
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5efc
                                                                                                                                                                                                                                                        0x00bd5efd
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5e9e
                                                                                                                                                                                                                                                        0x00bd5ea0
                                                                                                                                                                                                                                                        0x00bd5eae
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e65
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e34
                                                                                                                                                                                                                                                        0x00bd5e35
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddf
                                                                                                                                                                                                                                                        0x00bd5de6
                                                                                                                                                                                                                                                        0x00bd5ded
                                                                                                                                                                                                                                                        0x00bd5df1
                                                                                                                                                                                                                                                        0x00bd5dfb
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5dda

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BBD9C9
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: memmove.NTDLL(?,?,00000000), ref: 00BBD9E9
                                                                                                                                                                                                                                                          • Part of subcall function 00BD6AD0: ??2@YAPAXI@Z.MOZGLUE(0000005C), ref: 00BD6AE3
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5E1B
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memmove$??2@??3@strlenwcslen
                                                                                                                                                                                                                                                        • String ID: @ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 886192309-536421688
                                                                                                                                                                                                                                                        • Opcode ID: 00049fb7d967e936ec36ccce811cad8713bc0efc9864cabdf699b74e0cf7e6a7
                                                                                                                                                                                                                                                        • Instruction ID: 91f4108d666e3fef95b9188ed9218fc6866f312b7582f090d9400245c1c9bd72
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 00049fb7d967e936ec36ccce811cad8713bc0efc9864cabdf699b74e0cf7e6a7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B031A071D002588BEF24DF94C898BEEFBB2BF54318F144569D4067B381DB755948CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE8CB0(char* __edx, void* __eflags, intOrPtr _a4, void** _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				long _v68;
                                                                                                                                                                                                                                                        				void* _v88;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t50 = __edx;
                                                                                                                                                                                                                                                        				_t27 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t27 ^ _t56;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtCreateEvent",  &_v28);
                                                                                                                                                                                                                                                        				_t54 = 0;
                                                                                                                                                                                                                                                        				if(_a4 == 3) {
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_t31 = E00BE8A40( &_v32, __edx);
                                                                                                                                                                                                                                                        					_t54 = _t31;
                                                                                                                                                                                                                                                        					if(_t31 == 0) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_t42 =  &_v64;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						E00BE5CE0(_a12, 0x40, _v32, _t42,  &_v40, 0);
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_t38 = _v28( &_v68, 0x1f0003, _t42, _a16, 0 | _a20 != 0x00000000);
                                                                                                                                                                                                                                                        						_t53 = _v88;
                                                                                                                                                                                                                                                        						_t54 = _t38;
                                                                                                                                                                                                                                                        						if(_t53 != 0) {
                                                                                                                                                                                                                                                        							DuplicateHandle(GetCurrentProcess(), _t53,  *_a8, _a24, 0, 0, 3);
                                                                                                                                                                                                                                                        							_t54 =  ==  ? 0xc0000022 : _t54;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t56, _t50);
                                                                                                                                                                                                                                                        				return _t54;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00be8cb0
                                                                                                                                                                                                                                                        0x00be8cbc
                                                                                                                                                                                                                                                        0x00be8cc6
                                                                                                                                                                                                                                                        0x00be8cce
                                                                                                                                                                                                                                                        0x00be8cdc
                                                                                                                                                                                                                                                        0x00be8ce4
                                                                                                                                                                                                                                                        0x00be8ce9
                                                                                                                                                                                                                                                        0x00be8d04
                                                                                                                                                                                                                                                        0x00be8d0c
                                                                                                                                                                                                                                                        0x00be8d11
                                                                                                                                                                                                                                                        0x00be8d15
                                                                                                                                                                                                                                                        0x00be8d20
                                                                                                                                                                                                                                                        0x00be8d23
                                                                                                                                                                                                                                                        0x00be8d2b
                                                                                                                                                                                                                                                        0x00be8d33
                                                                                                                                                                                                                                                        0x00be8d3b
                                                                                                                                                                                                                                                        0x00be8d47
                                                                                                                                                                                                                                                        0x00be8d4b
                                                                                                                                                                                                                                                        0x00be8d5b
                                                                                                                                                                                                                                                        0x00be8d67
                                                                                                                                                                                                                                                        0x00be8d7f
                                                                                                                                                                                                                                                        0x00be8d83
                                                                                                                                                                                                                                                        0x00be8d87
                                                                                                                                                                                                                                                        0x00be8d8b
                                                                                                                                                                                                                                                        0x00be8da8
                                                                                                                                                                                                                                                        0x00be8db5
                                                                                                                                                                                                                                                        0x00be8db5
                                                                                                                                                                                                                                                        0x00be8d8b
                                                                                                                                                                                                                                                        0x00be8d15
                                                                                                                                                                                                                                                        0x00be8cf1
                                                                                                                                                                                                                                                        0x00be8cff

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BE8D96
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000003), ref: 00BE8DA8
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtCreateEvent
                                                                                                                                                                                                                                                        • API String ID: 3554645133-2762184696
                                                                                                                                                                                                                                                        • Opcode ID: 4ff418c092eed7e0ac1da9a60d44e4ed473da1110830e1390e3a1054699e3038
                                                                                                                                                                                                                                                        • Instruction ID: 2c0e3c246764a9153e0815263cf3fc03d5bbea935d58e62f9f49c78af2405de1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4ff418c092eed7e0ac1da9a60d44e4ed473da1110830e1390e3a1054699e3038
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1131ACB1504345AFD7108F25CC85B6BB7E8EF88764F10091CF959A7380EB70EA14CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BCAE90(void* __ecx, char* __edx, char _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				intOrPtr _v216;
                                                                                                                                                                                                                                                        				char _v232;
                                                                                                                                                                                                                                                        				char _v233;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				intOrPtr _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				intOrPtr* _t58;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t51 = __edx;
                                                                                                                                                                                                                                                        				_t58 = (_t56 & 0xfffffff8) - 0xe0;
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t22 = _t21 ^ _t55;
                                                                                                                                                                                                                                                        				_v24 = _t21 ^ _t55;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 5)) != 0) {
                                                                                                                                                                                                                                                        					 *_t58 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        					E00BC8120(_t22,  *((intOrPtr*)(__ecx + 0x10)));
                                                                                                                                                                                                                                                        					_t53 = __ecx + 0x14;
                                                                                                                                                                                                                                                        					E00BCB330(__ecx + 0x14,  &_v212,  &_a4);
                                                                                                                                                                                                                                                        					_t59 = _t58 + 4;
                                                                                                                                                                                                                                                        					_t54 = _v212;
                                                                                                                                                                                                                                                        					if(_t54 ==  *((intOrPtr*)(__ecx + 0x18))) {
                                                                                                                                                                                                                                                        						_push( &_v232);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v232);
                                                                                                                                                                                                                                                        						_t59 = _t59 + 4;
                                                                                                                                                                                                                                                        						_push("false");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc", 0xbf);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esi+0xc]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [esi+0x14]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x8], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x10], xmm1");
                                                                                                                                                                                                                                                        					_v216 =  *((intOrPtr*)(_t54 + 0x1c));
                                                                                                                                                                                                                                                        					if(_v232 != _a8) {
                                                                                                                                                                                                                                                        						_push( &_v232);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v232);
                                                                                                                                                                                                                                                        						_push( &_v233);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v233);
                                                                                                                                                                                                                                                        						_t59 = _t59 + 8;
                                                                                                                                                                                                                                                        						_push("false");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc", 0xc7);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t51 =  &_v208;
                                                                                                                                                                                                                                                        					E00BCB3A0(_t53,  &_v208, _t54);
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive( *((intOrPtr*)(_t59 + 4)));
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v28 ^ _t55, _t51);
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bcae90
                                                                                                                                                                                                                                                        0x00bcae99
                                                                                                                                                                                                                                                        0x00bcae9f
                                                                                                                                                                                                                                                        0x00bcaea4
                                                                                                                                                                                                                                                        0x00bcaea6
                                                                                                                                                                                                                                                        0x00bcaeb1
                                                                                                                                                                                                                                                        0x00bcaed0
                                                                                                                                                                                                                                                        0x00bcaed3
                                                                                                                                                                                                                                                        0x00bcaed8
                                                                                                                                                                                                                                                        0x00bcaee5
                                                                                                                                                                                                                                                        0x00bcaeea
                                                                                                                                                                                                                                                        0x00bcaeed
                                                                                                                                                                                                                                                        0x00bcaef4
                                                                                                                                                                                                                                                        0x00bcaefa
                                                                                                                                                                                                                                                        0x00bcaefb
                                                                                                                                                                                                                                                        0x00bcaf00
                                                                                                                                                                                                                                                        0x00bcaf09
                                                                                                                                                                                                                                                        0x00bcaf18
                                                                                                                                                                                                                                                        0x00bcaf1f
                                                                                                                                                                                                                                                        0x00bcaf1f
                                                                                                                                                                                                                                                        0x00bcaf24
                                                                                                                                                                                                                                                        0x00bcaf29
                                                                                                                                                                                                                                                        0x00bcaf31
                                                                                                                                                                                                                                                        0x00bcaf3a
                                                                                                                                                                                                                                                        0x00bcaf40
                                                                                                                                                                                                                                                        0x00bcaf48
                                                                                                                                                                                                                                                        0x00bcaf4e
                                                                                                                                                                                                                                                        0x00bcaf4f
                                                                                                                                                                                                                                                        0x00bcaf5b
                                                                                                                                                                                                                                                        0x00bcaf5c
                                                                                                                                                                                                                                                        0x00bcaf61
                                                                                                                                                                                                                                                        0x00bcaf6a
                                                                                                                                                                                                                                                        0x00bcaf79
                                                                                                                                                                                                                                                        0x00bcaf80
                                                                                                                                                                                                                                                        0x00bcaf80
                                                                                                                                                                                                                                                        0x00bcaf85
                                                                                                                                                                                                                                                        0x00bcaf8c
                                                                                                                                                                                                                                                        0x00bcaf97
                                                                                                                                                                                                                                                        0x00bcaf97
                                                                                                                                                                                                                                                        0x00bcaec8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BCAF97
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ExclusiveLockRelease
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc$false
                                                                                                                                                                                                                                                        • API String ID: 1766480654-175217558
                                                                                                                                                                                                                                                        • Opcode ID: d014d8590ac8b41392fdb96cc74188aa26294425e1a1b5038733a56443140d22
                                                                                                                                                                                                                                                        • Instruction ID: 04de03f0fe4ddcda842399527b774aeffbc75e61b2ffde2fc9ce3f6309d8ef0a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d014d8590ac8b41392fdb96cc74188aa26294425e1a1b5038733a56443140d22
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 122173756043499BD714EF20D882EABB7E5EF85344F00496EF89657252DB70E608C692
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE8DC0(char* __edx, void* __eflags, intOrPtr _a4, void** _a8, intOrPtr* _a12, intOrPtr _a16, HANDLE* _a20) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				long _v68;
                                                                                                                                                                                                                                                        				void* _v80;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 = __edx;
                                                                                                                                                                                                                                                        				_t24 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v24 = _t24 ^ _t50;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenEvent",  &_v28);
                                                                                                                                                                                                                                                        				_t48 = 0;
                                                                                                                                                                                                                                                        				if(_a4 == 3) {
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_t28 = E00BE8A40( &_v32, __edx);
                                                                                                                                                                                                                                                        					_t48 = _t28;
                                                                                                                                                                                                                                                        					if(_t28 == 0) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_t46 =  &_v64;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						E00BE5CE0(_a12, 0x40, _v32, _t46,  &_v40, 0);
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_t34 = _v28( &_v68, _a16, _t46);
                                                                                                                                                                                                                                                        						_t47 = _v80;
                                                                                                                                                                                                                                                        						_t48 = _t34;
                                                                                                                                                                                                                                                        						if(_t47 != 0) {
                                                                                                                                                                                                                                                        							DuplicateHandle(GetCurrentProcess(), _t47,  *_a8, _a20, 0, 0, 3);
                                                                                                                                                                                                                                                        							_t48 =  ==  ? 0xc0000022 : _t48;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t50, _t44);
                                                                                                                                                                                                                                                        				return _t48;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00be8dc0
                                                                                                                                                                                                                                                        0x00be8dcc
                                                                                                                                                                                                                                                        0x00be8dd6
                                                                                                                                                                                                                                                        0x00be8dde
                                                                                                                                                                                                                                                        0x00be8dec
                                                                                                                                                                                                                                                        0x00be8df4
                                                                                                                                                                                                                                                        0x00be8df9
                                                                                                                                                                                                                                                        0x00be8e14
                                                                                                                                                                                                                                                        0x00be8e1c
                                                                                                                                                                                                                                                        0x00be8e21
                                                                                                                                                                                                                                                        0x00be8e25
                                                                                                                                                                                                                                                        0x00be8e2d
                                                                                                                                                                                                                                                        0x00be8e30
                                                                                                                                                                                                                                                        0x00be8e34
                                                                                                                                                                                                                                                        0x00be8e3c
                                                                                                                                                                                                                                                        0x00be8e44
                                                                                                                                                                                                                                                        0x00be8e4c
                                                                                                                                                                                                                                                        0x00be8e58
                                                                                                                                                                                                                                                        0x00be8e68
                                                                                                                                                                                                                                                        0x00be8e70
                                                                                                                                                                                                                                                        0x00be8e7f
                                                                                                                                                                                                                                                        0x00be8e83
                                                                                                                                                                                                                                                        0x00be8e87
                                                                                                                                                                                                                                                        0x00be8e8b
                                                                                                                                                                                                                                                        0x00be8ea8
                                                                                                                                                                                                                                                        0x00be8eb5
                                                                                                                                                                                                                                                        0x00be8eb5
                                                                                                                                                                                                                                                        0x00be8e8b
                                                                                                                                                                                                                                                        0x00be8e25
                                                                                                                                                                                                                                                        0x00be8e01
                                                                                                                                                                                                                                                        0x00be8e0f

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE8E96
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000003), ref: 00BE8EA8
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenEvent
                                                                                                                                                                                                                                                        • API String ID: 3554645133-1784489079
                                                                                                                                                                                                                                                        • Opcode ID: fe6ac781ffbbe86afa26e87f5422881f47d14ff6d20652f99226247e44fec15e
                                                                                                                                                                                                                                                        • Instruction ID: 9516c32c0df43d654881f48fce321a111c23081fc804308547250ff444018a1d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fe6ac781ffbbe86afa26e87f5422881f47d14ff6d20652f99226247e44fec15e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E0219FB1504384AFD7109F25CC49B9BBBE8EF88724F40495CF959A7280EB70EA04CB96
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 34%
                                                                                                                                                                                                                                                        			E00BC4830(void* __edx, void* _a4, signed short _a8) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v88;
                                                                                                                                                                                                                                                        				intOrPtr _v92;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				void* _v112;
                                                                                                                                                                                                                                                        				signed int _v116;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				signed short _t58;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				intOrPtr* _t69;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				void _t96;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				void* _t107;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				unsigned int _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				signed int _t112;
                                                                                                                                                                                                                                                        				char* _t116;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				char* _t121;
                                                                                                                                                                                                                                                        				intOrPtr _t122;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				signed int* _t133;
                                                                                                                                                                                                                                                        				short _t140;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t109 = __edx;
                                                                                                                                                                                                                                                        				_t129 = _t128 - 0x1c;
                                                                                                                                                                                                                                                        				_t55 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v12 = _t55 ^ _t125;
                                                                                                                                                                                                                                                        				if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v12 ^ _t125, _t109);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t58 = _a8;
                                                                                                                                                                                                                                                        					if(_t58 != 0 &&  *_t58 != 0) {
                                                                                                                                                                                                                                                        						_t108 = 0;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t140 =  *((short*)(_t58 + 2 + _t108 * 2));
                                                                                                                                                                                                                                                        							_t108 = _t108 + 1;
                                                                                                                                                                                                                                                        						} while (_t140 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t116 =  &_v36;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t116, _t58, 0);
                                                                                                                                                                                                                                                        					_t129 = _t129 + 0xc;
                                                                                                                                                                                                                                                        					_t60 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t60 != 0) {
                                                                                                                                                                                                                                                        						_t107 = _a4;
                                                                                                                                                                                                                                                        						if(_v16 > 0xf) {
                                                                                                                                                                                                                                                        							_t116 = _v36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t60("Broker ALLOWED", _t107, _t116, 0, 0);
                                                                                                                                                                                                                                                        						_t129 = _t129 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t61 = _v16;
                                                                                                                                                                                                                                                        					if(_t61 >= 0x10) {
                                                                                                                                                                                                                                                        						_t88 = _v36;
                                                                                                                                                                                                                                                        						_t117 = _t61 + 1;
                                                                                                                                                                                                                                                        						if(_t117 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t109 =  *((intOrPtr*)(_t88 - 4));
                                                                                                                                                                                                                                                        							if(_t88 + 0xfffffffc - _t109 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t125);
                                                                                                                                                                                                                                                        								_t126 = _t129;
                                                                                                                                                                                                                                                        								_push(_t117);
                                                                                                                                                                                                                                                        								_t131 = _t129 - 0x34;
                                                                                                                                                                                                                                                        								_t62 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_v48 = _t62 ^ _t126;
                                                                                                                                                                                                                                                        								if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									return E00BEECB0(_v16 ^ _t126, _t109);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t93 = _a8 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t65 = _a4;
                                                                                                                                                                                                                                                        									_v44 = 7;
                                                                                                                                                                                                                                                        									_v48 = 0;
                                                                                                                                                                                                                                                        									_v64 = 0;
                                                                                                                                                                                                                                                        									_t110 = _t93 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t120 = _t110 >> 1;
                                                                                                                                                                                                                                                        									if(_t110 > 0xf) {
                                                                                                                                                                                                                                                        										_t133 = _t131 - 0xc;
                                                                                                                                                                                                                                                        										_v104 = _v40;
                                                                                                                                                                                                                                                        										_v100 = _t65;
                                                                                                                                                                                                                                                        										 *_t133 = _t120;
                                                                                                                                                                                                                                                        										E00BBA7D0(_t82,  &_v64, _t111, _t120);
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v48 = _t120;
                                                                                                                                                                                                                                                        										_t109 =  &_v64;
                                                                                                                                                                                                                                                        										memcpy( &_v64, _t65, _t93 & 0x0000fffe);
                                                                                                                                                                                                                                                        										_t133 = _t131 + 0xc;
                                                                                                                                                                                                                                                        										 *((short*)(_t126 + _t120 * 2 - 0x38)) = 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t67 = _v48;
                                                                                                                                                                                                                                                        									if(_v44 <= 7) {
                                                                                                                                                                                                                                                        										_t96 =  &_v64;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t96 = _v64;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t121 =  &_v40;
                                                                                                                                                                                                                                                        									E00BC7CE0(_t121, _t96, _t67);
                                                                                                                                                                                                                                                        									_t131 =  &(_t133[3]);
                                                                                                                                                                                                                                                        									_t69 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        									if(_t69 != 0) {
                                                                                                                                                                                                                                                        										_t105 = _v0;
                                                                                                                                                                                                                                                        										if(_v20 > 0xf) {
                                                                                                                                                                                                                                                        											_t121 = _v40;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *_t69("Broker ALLOWED", _t105, _t121, 0, 0);
                                                                                                                                                                                                                                                        										_t131 = _t131 + 0x14;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t70 = _v20;
                                                                                                                                                                                                                                                        									if(_t70 >= 0x10) {
                                                                                                                                                                                                                                                        										_t97 = _v40;
                                                                                                                                                                                                                                                        										_t122 = _t70 + 1;
                                                                                                                                                                                                                                                        										if(_t122 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t109 =  *((intOrPtr*)(_t97 - 4));
                                                                                                                                                                                                                                                        											if(_t97 + 0xfffffffc - _t109 >= 0x20) {
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t126);
                                                                                                                                                                                                                                                        												_push(_t82);
                                                                                                                                                                                                                                                        												_push(_t111);
                                                                                                                                                                                                                                                        												_push(_t122);
                                                                                                                                                                                                                                                        												_push(_t70);
                                                                                                                                                                                                                                                        												_t71 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        												_t72 = _t71 ^ _t131;
                                                                                                                                                                                                                                                        												_v116 = _t72;
                                                                                                                                                                                                                                                        												_push(_t72);
                                                                                                                                                                                                                                                        												_push(0x18);
                                                                                                                                                                                                                                                        												L00BEF6BA();
                                                                                                                                                                                                                                                        												_t112 = _t72;
                                                                                                                                                                                                                                                        												E00BC4BB0(_t72, E00BC4B80, E00BC4BA0);
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t112 + 0x10)) = _v92;
                                                                                                                                                                                                                                                        												 *_t131 = _t112;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t112 + 0x14)) = _v88;
                                                                                                                                                                                                                                                        												E00BC4BE0(_t131);
                                                                                                                                                                                                                                                        												return E00BEECB0(_v116 ^ _t131, _t109);
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t70 = _t70 + 0x24;
                                                                                                                                                                                                                                                        												_t97 = _t109;
                                                                                                                                                                                                                                                        												_t122 = _t70;
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L30:
                                                                                                                                                                                                                                                        											_push(_t122);
                                                                                                                                                                                                                                                        											_push(_t97);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t131 = _t131 + 8;
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_v24 = 0;
                                                                                                                                                                                                                                                        										_v20 = 0xf;
                                                                                                                                                                                                                                                        										_v40 = 0;
                                                                                                                                                                                                                                                        										E00BBDF30(_t70,  &_v64, _t109);
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t88 = _t109;
                                                                                                                                                                                                                                                        								_t117 = _t61 + 0x24;
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_push(_t117);
                                                                                                                                                                                                                                                        							_push(_t88);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t129 = _t129 + 8;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
























































                                                                                                                                                                                                                                                        0x00bc4830
                                                                                                                                                                                                                                                        0x00bc4834
                                                                                                                                                                                                                                                        0x00bc4837
                                                                                                                                                                                                                                                        0x00bc483e
                                                                                                                                                                                                                                                        0x00bc4848
                                                                                                                                                                                                                                                        0x00bc48a6
                                                                                                                                                                                                                                                        0x00bc48b5
                                                                                                                                                                                                                                                        0x00bc484a
                                                                                                                                                                                                                                                        0x00bc484a
                                                                                                                                                                                                                                                        0x00bc4851
                                                                                                                                                                                                                                                        0x00bc4859
                                                                                                                                                                                                                                                        0x00bc4860
                                                                                                                                                                                                                                                        0x00bc4860
                                                                                                                                                                                                                                                        0x00bc4866
                                                                                                                                                                                                                                                        0x00bc4866
                                                                                                                                                                                                                                                        0x00bc4860
                                                                                                                                                                                                                                                        0x00bc486b
                                                                                                                                                                                                                                                        0x00bc4871
                                                                                                                                                                                                                                                        0x00bc4876
                                                                                                                                                                                                                                                        0x00bc4879
                                                                                                                                                                                                                                                        0x00bc4880
                                                                                                                                                                                                                                                        0x00bc4882
                                                                                                                                                                                                                                                        0x00bc4889
                                                                                                                                                                                                                                                        0x00bc488b
                                                                                                                                                                                                                                                        0x00bc488b
                                                                                                                                                                                                                                                        0x00bc4899
                                                                                                                                                                                                                                                        0x00bc489b
                                                                                                                                                                                                                                                        0x00bc489b
                                                                                                                                                                                                                                                        0x00bc489e
                                                                                                                                                                                                                                                        0x00bc48a4
                                                                                                                                                                                                                                                        0x00bc48b6
                                                                                                                                                                                                                                                        0x00bc48b9
                                                                                                                                                                                                                                                        0x00bc48c2
                                                                                                                                                                                                                                                        0x00bc48d0
                                                                                                                                                                                                                                                        0x00bc48db
                                                                                                                                                                                                                                                        0x00bc48e6
                                                                                                                                                                                                                                                        0x00bc48ec
                                                                                                                                                                                                                                                        0x00bc48ed
                                                                                                                                                                                                                                                        0x00bc48ee
                                                                                                                                                                                                                                                        0x00bc48ef
                                                                                                                                                                                                                                                        0x00bc48f0
                                                                                                                                                                                                                                                        0x00bc48f1
                                                                                                                                                                                                                                                        0x00bc48f3
                                                                                                                                                                                                                                                        0x00bc48f4
                                                                                                                                                                                                                                                        0x00bc48f7
                                                                                                                                                                                                                                                        0x00bc48fe
                                                                                                                                                                                                                                                        0x00bc4908
                                                                                                                                                                                                                                                        0x00bc49be
                                                                                                                                                                                                                                                        0x00bc49cd
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc4912
                                                                                                                                                                                                                                                        0x00bc4915
                                                                                                                                                                                                                                                        0x00bc491c
                                                                                                                                                                                                                                                        0x00bc4923
                                                                                                                                                                                                                                                        0x00bc4929
                                                                                                                                                                                                                                                        0x00bc492e
                                                                                                                                                                                                                                                        0x00bc4934
                                                                                                                                                                                                                                                        0x00bc49e8
                                                                                                                                                                                                                                                        0x00bc49ee
                                                                                                                                                                                                                                                        0x00bc49f5
                                                                                                                                                                                                                                                        0x00bc49f9
                                                                                                                                                                                                                                                        0x00bc49fc
                                                                                                                                                                                                                                                        0x00bc493a
                                                                                                                                                                                                                                                        0x00bc4940
                                                                                                                                                                                                                                                        0x00bc4943
                                                                                                                                                                                                                                                        0x00bc4949
                                                                                                                                                                                                                                                        0x00bc494e
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4958
                                                                                                                                                                                                                                                        0x00bc495f
                                                                                                                                                                                                                                                        0x00bc4966
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4969
                                                                                                                                                                                                                                                        0x00bc496f
                                                                                                                                                                                                                                                        0x00bc4974
                                                                                                                                                                                                                                                        0x00bc4977
                                                                                                                                                                                                                                                        0x00bc497e
                                                                                                                                                                                                                                                        0x00bc4980
                                                                                                                                                                                                                                                        0x00bc4987
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4997
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc499c
                                                                                                                                                                                                                                                        0x00bc49a2
                                                                                                                                                                                                                                                        0x00bc49ce
                                                                                                                                                                                                                                                        0x00bc49d1
                                                                                                                                                                                                                                                        0x00bc49da
                                                                                                                                                                                                                                                        0x00bc4a06
                                                                                                                                                                                                                                                        0x00bc4a11
                                                                                                                                                                                                                                                        0x00bc4a1c
                                                                                                                                                                                                                                                        0x00bc4a22
                                                                                                                                                                                                                                                        0x00bc4a23
                                                                                                                                                                                                                                                        0x00bc4a24
                                                                                                                                                                                                                                                        0x00bc4a25
                                                                                                                                                                                                                                                        0x00bc4a26
                                                                                                                                                                                                                                                        0x00bc4a27
                                                                                                                                                                                                                                                        0x00bc4a28
                                                                                                                                                                                                                                                        0x00bc4a29
                                                                                                                                                                                                                                                        0x00bc4a2a
                                                                                                                                                                                                                                                        0x00bc4a2b
                                                                                                                                                                                                                                                        0x00bc4a2c
                                                                                                                                                                                                                                                        0x00bc4a2d
                                                                                                                                                                                                                                                        0x00bc4a2e
                                                                                                                                                                                                                                                        0x00bc4a2f
                                                                                                                                                                                                                                                        0x00bc4a30
                                                                                                                                                                                                                                                        0x00bc4a33
                                                                                                                                                                                                                                                        0x00bc4a34
                                                                                                                                                                                                                                                        0x00bc4a35
                                                                                                                                                                                                                                                        0x00bc4a36
                                                                                                                                                                                                                                                        0x00bc4a37
                                                                                                                                                                                                                                                        0x00bc4a3f
                                                                                                                                                                                                                                                        0x00bc4a41
                                                                                                                                                                                                                                                        0x00bc4a44
                                                                                                                                                                                                                                                        0x00bc4a47
                                                                                                                                                                                                                                                        0x00bc4a49
                                                                                                                                                                                                                                                        0x00bc4a51
                                                                                                                                                                                                                                                        0x00bc4a5f
                                                                                                                                                                                                                                                        0x00bc4a69
                                                                                                                                                                                                                                                        0x00bc4a6c
                                                                                                                                                                                                                                                        0x00bc4a6e
                                                                                                                                                                                                                                                        0x00bc4a71
                                                                                                                                                                                                                                                        0x00bc4a87
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a16
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dd
                                                                                                                                                                                                                                                        0x00bc49de
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a7
                                                                                                                                                                                                                                                        0x00bc49ae
                                                                                                                                                                                                                                                        0x00bc49b5
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00bc49a2
                                                                                                                                                                                                                                                        0x00bc48dd
                                                                                                                                                                                                                                                        0x00bc48e0
                                                                                                                                                                                                                                                        0x00bc48e2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc48e2
                                                                                                                                                                                                                                                        0x00bc48c4
                                                                                                                                                                                                                                                        0x00bc48c4
                                                                                                                                                                                                                                                        0x00bc48c4
                                                                                                                                                                                                                                                        0x00bc48c5
                                                                                                                                                                                                                                                        0x00bc48c6
                                                                                                                                                                                                                                                        0x00bc48cb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc48cb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc48a4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BC48C6
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC48E6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID: Broker ALLOWED
                                                                                                                                                                                                                                                        • API String ID: 2443766784-3284428901
                                                                                                                                                                                                                                                        • Opcode ID: b4b9b1434d7961e529c08f78bfc8ebd507bf1c8ce0c6a57f000d5d94e17fa66e
                                                                                                                                                                                                                                                        • Instruction ID: aa4798f41ffbe653aa877813419e6c7e018c3319feee907f158a846c40ce6255
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b4b9b1434d7961e529c08f78bfc8ebd507bf1c8ce0c6a57f000d5d94e17fa66e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AD212031E000549FCB28EB64DC69FBE77E5EF01310F4841ACE40AAB191EB74AA84C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 20%
                                                                                                                                                                                                                                                        			E00BC4600(void* __ebx, void* __edx, void* __edi, void* __esi, void* _a4, signed short _a8) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v4;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void _v64;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				signed short _t53;
                                                                                                                                                                                                                                                        				intOrPtr* _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				intOrPtr* _t64;
                                                                                                                                                                                                                                                        				intOrPtr _t65;
                                                                                                                                                                                                                                                        				intOrPtr* _t66;
                                                                                                                                                                                                                                                        				void* _t73;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        				void _t85;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				intOrPtr _t90;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				unsigned int _t95;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				char* _t99;
                                                                                                                                                                                                                                                        				void* _t100;
                                                                                                                                                                                                                                                        				signed int _t103;
                                                                                                                                                                                                                                                        				char* _t104;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				signed int _t112;
                                                                                                                                                                                                                                                        				signed int* _t114;
                                                                                                                                                                                                                                                        				signed int* _t116;
                                                                                                                                                                                                                                                        				short _t122;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t96 = __edi;
                                                                                                                                                                                                                                                        				_t94 = __edx;
                                                                                                                                                                                                                                                        				_t73 = __ebx;
                                                                                                                                                                                                                                                        				_t112 = _t111 - 0x1c;
                                                                                                                                                                                                                                                        				_t50 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v12 = _t50 ^ _t106;
                                                                                                                                                                                                                                                        				if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v12 ^ _t106, _t94);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t53 = _a8;
                                                                                                                                                                                                                                                        					if(_t53 != 0 &&  *_t53 != 0) {
                                                                                                                                                                                                                                                        						_t93 = 0;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t122 =  *((short*)(_t53 + 2 + _t93 * 2));
                                                                                                                                                                                                                                                        							_t93 = _t93 + 1;
                                                                                                                                                                                                                                                        						} while (_t122 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t99 =  &_v36;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t99, _t53, 0);
                                                                                                                                                                                                                                                        					_t112 = _t112 + 0xc;
                                                                                                                                                                                                                                                        					_t55 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t55 != 0) {
                                                                                                                                                                                                                                                        						_t92 = _a4;
                                                                                                                                                                                                                                                        						if(_v16 > 0xf) {
                                                                                                                                                                                                                                                        							_t99 = _v36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t55("BLOCKED", _t92, _t99, 1, 3);
                                                                                                                                                                                                                                                        						_t112 = _t112 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t56 = _v16;
                                                                                                                                                                                                                                                        					if(_t56 >= 0x10) {
                                                                                                                                                                                                                                                        						_t77 = _v36;
                                                                                                                                                                                                                                                        						_t14 = _t56 + 1; // 0xbd7555
                                                                                                                                                                                                                                                        						_t100 = _t14;
                                                                                                                                                                                                                                                        						if(_t100 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t94 =  *((intOrPtr*)(_t77 - 4));
                                                                                                                                                                                                                                                        							if(_t77 + 0xfffffffc - _t94 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t106);
                                                                                                                                                                                                                                                        								_t108 = _t112;
                                                                                                                                                                                                                                                        								_push(_t100);
                                                                                                                                                                                                                                                        								_t114 = _t112 - 0x34;
                                                                                                                                                                                                                                                        								_t57 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        								_v48 = _t57 ^ _t108;
                                                                                                                                                                                                                                                        								if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									return E00BEECB0(_v16 ^ _t108, _t94);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t82 = _a8 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t60 = _a4;
                                                                                                                                                                                                                                                        									_v44 = 7;
                                                                                                                                                                                                                                                        									_v48 = 0;
                                                                                                                                                                                                                                                        									_v64 = 0;
                                                                                                                                                                                                                                                        									_t95 = _t82 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t103 = _t95 >> 1;
                                                                                                                                                                                                                                                        									if(_t95 > 0xf) {
                                                                                                                                                                                                                                                        										_t116 = _t114 - 0xc;
                                                                                                                                                                                                                                                        										_v104 = _v40;
                                                                                                                                                                                                                                                        										_v100 = _t60;
                                                                                                                                                                                                                                                        										 *_t116 = _t103;
                                                                                                                                                                                                                                                        										E00BBA7D0(_t73,  &_v64, _t96, _t103);
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v48 = _t103;
                                                                                                                                                                                                                                                        										_t94 =  &_v64;
                                                                                                                                                                                                                                                        										memcpy( &_v64, _t60, _t82 & 0x0000fffe);
                                                                                                                                                                                                                                                        										_t116 =  &(_t114[3]);
                                                                                                                                                                                                                                                        										 *((short*)(_t108 + _t103 * 2 - 0x38)) = 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t62 = _v48;
                                                                                                                                                                                                                                                        									if(_v44 <= 7) {
                                                                                                                                                                                                                                                        										_t85 =  &_v64;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t85 = _v64;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t104 =  &_v40;
                                                                                                                                                                                                                                                        									E00BC7CE0(_t104, _t85, _t62);
                                                                                                                                                                                                                                                        									_t114 =  &(_t116[3]);
                                                                                                                                                                                                                                                        									_t64 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        									if(_t64 != 0) {
                                                                                                                                                                                                                                                        										_t90 = _v0;
                                                                                                                                                                                                                                                        										if(_v20 > 0xf) {
                                                                                                                                                                                                                                                        											_t104 = _v40;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *_t64("BLOCKED", _t90, _t104, 1, 3);
                                                                                                                                                                                                                                                        										_t114 =  &(_t114[5]);
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t65 = _v20;
                                                                                                                                                                                                                                                        									if(_t65 >= 0x10) {
                                                                                                                                                                                                                                                        										_t86 = _v40;
                                                                                                                                                                                                                                                        										_t105 = _t65 + 1;
                                                                                                                                                                                                                                                        										if(_t105 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t94 =  *((intOrPtr*)(_t86 - 4));
                                                                                                                                                                                                                                                        											if(_t86 + 0xfffffffc - _t94 >= 0x20) {
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t108);
                                                                                                                                                                                                                                                        												_t66 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        												if(_t66 != 0) {
                                                                                                                                                                                                                                                        													return  *_t66("Broker ALLOWED", _v4, _v0, 0, 0);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												return _t66;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t65 = _t65 + 0x24;
                                                                                                                                                                                                                                                        												_t86 = _t94;
                                                                                                                                                                                                                                                        												_t105 = _t65;
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L30:
                                                                                                                                                                                                                                                        											_push(_t105);
                                                                                                                                                                                                                                                        											_push(_t86);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t114 =  &(_t114[2]);
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_v24 = 0;
                                                                                                                                                                                                                                                        										_v20 = 0xf;
                                                                                                                                                                                                                                                        										_v40 = 0;
                                                                                                                                                                                                                                                        										E00BBDF30(_t65,  &_v64, _t94);
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t77 = _t94;
                                                                                                                                                                                                                                                        								_t100 = _t56 + 0x24;
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_push(_t100);
                                                                                                                                                                                                                                                        							_push(_t77);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t112 = _t112 + 8;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
















































                                                                                                                                                                                                                                                        0x00bc4600
                                                                                                                                                                                                                                                        0x00bc4600
                                                                                                                                                                                                                                                        0x00bc4600
                                                                                                                                                                                                                                                        0x00bc4604
                                                                                                                                                                                                                                                        0x00bc4607
                                                                                                                                                                                                                                                        0x00bc460e
                                                                                                                                                                                                                                                        0x00bc4618
                                                                                                                                                                                                                                                        0x00bc4676
                                                                                                                                                                                                                                                        0x00bc4685
                                                                                                                                                                                                                                                        0x00bc461a
                                                                                                                                                                                                                                                        0x00bc461a
                                                                                                                                                                                                                                                        0x00bc4621
                                                                                                                                                                                                                                                        0x00bc4629
                                                                                                                                                                                                                                                        0x00bc4630
                                                                                                                                                                                                                                                        0x00bc4630
                                                                                                                                                                                                                                                        0x00bc4636
                                                                                                                                                                                                                                                        0x00bc4636
                                                                                                                                                                                                                                                        0x00bc4630
                                                                                                                                                                                                                                                        0x00bc463b
                                                                                                                                                                                                                                                        0x00bc4641
                                                                                                                                                                                                                                                        0x00bc4646
                                                                                                                                                                                                                                                        0x00bc4649
                                                                                                                                                                                                                                                        0x00bc4650
                                                                                                                                                                                                                                                        0x00bc4652
                                                                                                                                                                                                                                                        0x00bc4659
                                                                                                                                                                                                                                                        0x00bc465b
                                                                                                                                                                                                                                                        0x00bc465b
                                                                                                                                                                                                                                                        0x00bc4669
                                                                                                                                                                                                                                                        0x00bc466b
                                                                                                                                                                                                                                                        0x00bc466b
                                                                                                                                                                                                                                                        0x00bc466e
                                                                                                                                                                                                                                                        0x00bc4674
                                                                                                                                                                                                                                                        0x00bc4686
                                                                                                                                                                                                                                                        0x00bc4689
                                                                                                                                                                                                                                                        0x00bc4689
                                                                                                                                                                                                                                                        0x00bc4692
                                                                                                                                                                                                                                                        0x00bc46a0
                                                                                                                                                                                                                                                        0x00bc46ab
                                                                                                                                                                                                                                                        0x00bc46b6
                                                                                                                                                                                                                                                        0x00bc46bc
                                                                                                                                                                                                                                                        0x00bc46bd
                                                                                                                                                                                                                                                        0x00bc46be
                                                                                                                                                                                                                                                        0x00bc46bf
                                                                                                                                                                                                                                                        0x00bc46c0
                                                                                                                                                                                                                                                        0x00bc46c1
                                                                                                                                                                                                                                                        0x00bc46c3
                                                                                                                                                                                                                                                        0x00bc46c4
                                                                                                                                                                                                                                                        0x00bc46c7
                                                                                                                                                                                                                                                        0x00bc46ce
                                                                                                                                                                                                                                                        0x00bc46d8
                                                                                                                                                                                                                                                        0x00bc478e
                                                                                                                                                                                                                                                        0x00bc479d
                                                                                                                                                                                                                                                        0x00bc46de
                                                                                                                                                                                                                                                        0x00bc46de
                                                                                                                                                                                                                                                        0x00bc46e2
                                                                                                                                                                                                                                                        0x00bc46e5
                                                                                                                                                                                                                                                        0x00bc46ec
                                                                                                                                                                                                                                                        0x00bc46f3
                                                                                                                                                                                                                                                        0x00bc46f9
                                                                                                                                                                                                                                                        0x00bc46fe
                                                                                                                                                                                                                                                        0x00bc4704
                                                                                                                                                                                                                                                        0x00bc47b8
                                                                                                                                                                                                                                                        0x00bc47be
                                                                                                                                                                                                                                                        0x00bc47c5
                                                                                                                                                                                                                                                        0x00bc47c9
                                                                                                                                                                                                                                                        0x00bc47cc
                                                                                                                                                                                                                                                        0x00bc470a
                                                                                                                                                                                                                                                        0x00bc4710
                                                                                                                                                                                                                                                        0x00bc4713
                                                                                                                                                                                                                                                        0x00bc4719
                                                                                                                                                                                                                                                        0x00bc471e
                                                                                                                                                                                                                                                        0x00bc4721
                                                                                                                                                                                                                                                        0x00bc4721
                                                                                                                                                                                                                                                        0x00bc4728
                                                                                                                                                                                                                                                        0x00bc472f
                                                                                                                                                                                                                                                        0x00bc4736
                                                                                                                                                                                                                                                        0x00bc4731
                                                                                                                                                                                                                                                        0x00bc4731
                                                                                                                                                                                                                                                        0x00bc4731
                                                                                                                                                                                                                                                        0x00bc4739
                                                                                                                                                                                                                                                        0x00bc473f
                                                                                                                                                                                                                                                        0x00bc4744
                                                                                                                                                                                                                                                        0x00bc4747
                                                                                                                                                                                                                                                        0x00bc474e
                                                                                                                                                                                                                                                        0x00bc4750
                                                                                                                                                                                                                                                        0x00bc4757
                                                                                                                                                                                                                                                        0x00bc4759
                                                                                                                                                                                                                                                        0x00bc4759
                                                                                                                                                                                                                                                        0x00bc4767
                                                                                                                                                                                                                                                        0x00bc4769
                                                                                                                                                                                                                                                        0x00bc4769
                                                                                                                                                                                                                                                        0x00bc476c
                                                                                                                                                                                                                                                        0x00bc4772
                                                                                                                                                                                                                                                        0x00bc479e
                                                                                                                                                                                                                                                        0x00bc47a1
                                                                                                                                                                                                                                                        0x00bc47aa
                                                                                                                                                                                                                                                        0x00bc47d6
                                                                                                                                                                                                                                                        0x00bc47e1
                                                                                                                                                                                                                                                        0x00bc47ec
                                                                                                                                                                                                                                                        0x00bc47f2
                                                                                                                                                                                                                                                        0x00bc47f3
                                                                                                                                                                                                                                                        0x00bc47f4
                                                                                                                                                                                                                                                        0x00bc47f5
                                                                                                                                                                                                                                                        0x00bc47f6
                                                                                                                                                                                                                                                        0x00bc47f7
                                                                                                                                                                                                                                                        0x00bc47f8
                                                                                                                                                                                                                                                        0x00bc47f9
                                                                                                                                                                                                                                                        0x00bc47fa
                                                                                                                                                                                                                                                        0x00bc47fb
                                                                                                                                                                                                                                                        0x00bc47fc
                                                                                                                                                                                                                                                        0x00bc47fd
                                                                                                                                                                                                                                                        0x00bc47fe
                                                                                                                                                                                                                                                        0x00bc47ff
                                                                                                                                                                                                                                                        0x00bc4800
                                                                                                                                                                                                                                                        0x00bc4803
                                                                                                                                                                                                                                                        0x00bc480a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc481d
                                                                                                                                                                                                                                                        0x00bc4821
                                                                                                                                                                                                                                                        0x00bc47e3
                                                                                                                                                                                                                                                        0x00bc47e3
                                                                                                                                                                                                                                                        0x00bc47e6
                                                                                                                                                                                                                                                        0x00bc47e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc47e8
                                                                                                                                                                                                                                                        0x00bc47ac
                                                                                                                                                                                                                                                        0x00bc47ac
                                                                                                                                                                                                                                                        0x00bc47ac
                                                                                                                                                                                                                                                        0x00bc47ad
                                                                                                                                                                                                                                                        0x00bc47ae
                                                                                                                                                                                                                                                        0x00bc47b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc47b3
                                                                                                                                                                                                                                                        0x00bc4774
                                                                                                                                                                                                                                                        0x00bc4774
                                                                                                                                                                                                                                                        0x00bc4777
                                                                                                                                                                                                                                                        0x00bc477e
                                                                                                                                                                                                                                                        0x00bc4785
                                                                                                                                                                                                                                                        0x00bc4789
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4789
                                                                                                                                                                                                                                                        0x00bc4772
                                                                                                                                                                                                                                                        0x00bc46ad
                                                                                                                                                                                                                                                        0x00bc46b0
                                                                                                                                                                                                                                                        0x00bc46b2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc46b2
                                                                                                                                                                                                                                                        0x00bc4694
                                                                                                                                                                                                                                                        0x00bc4694
                                                                                                                                                                                                                                                        0x00bc4694
                                                                                                                                                                                                                                                        0x00bc4695
                                                                                                                                                                                                                                                        0x00bc4696
                                                                                                                                                                                                                                                        0x00bc469b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc469b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4674

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,00BD7530,?,?,?,?,?,00000000,?,00BD7554,CreateNamedPipeW,?), ref: 00BC4696
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,00000000,?,00BD7554,CreateNamedPipeW,?), ref: 00BC46B6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID: BLOCKED
                                                                                                                                                                                                                                                        • API String ID: 2443766784-3843036570
                                                                                                                                                                                                                                                        • Opcode ID: 22e773cd2866521325a52870d0dfb3027c6826ad64f9f9bcf6f4e8f6391322ce
                                                                                                                                                                                                                                                        • Instruction ID: 2d2f469995c616e514955af2752ece29f294fab9776da7eebd605082dbb597b9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 22e773cd2866521325a52870d0dfb3027c6826ad64f9f9bcf6f4e8f6391322ce
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B021F6719000149FCB28EF64DC65FBD77F5EB06350F4841ECE40A9B195EB75AA84C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 92%
                                                                                                                                                                                                                                                        			E00BD5E80(intOrPtr* __ecx, intOrPtr __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				intOrPtr _t12;
                                                                                                                                                                                                                                                        				intOrPtr _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t18;
                                                                                                                                                                                                                                                        				intOrPtr _t21;
                                                                                                                                                                                                                                                        				intOrPtr _t30;
                                                                                                                                                                                                                                                        				intOrPtr _t34;
                                                                                                                                                                                                                                                        				intOrPtr* _t35;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 = __edx;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t21 = 0;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t36;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 8)) != 0) {
                                                                                                                                                                                                                                                        					_t35 = __ecx;
                                                                                                                                                                                                                                                        					_t12 = E00BD5F40(__ecx, __eflags);
                                                                                                                                                                                                                                                        					_t34 = _t12;
                                                                                                                                                                                                                                                        					_push(_t12);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t13 = E00BD6040(__ecx, _t12, _t34);
                                                                                                                                                                                                                                                        					_t30 = _t12;
                                                                                                                                                                                                                                                        					_t39 = _t37 + 8;
                                                                                                                                                                                                                                                        					_t21 = 0x26;
                                                                                                                                                                                                                                                        					__eflags = _t13;
                                                                                                                                                                                                                                                        					if(_t13 != 0) {
                                                                                                                                                                                                                                                        						_t21 = 0x27;
                                                                                                                                                                                                                                                        						_v28 = _t30;
                                                                                                                                                                                                                                                        						_t17 = E00BEB4E0( *((intOrPtr*)( *__ecx)), _t30, _t34,  &_v24);
                                                                                                                                                                                                                                                        						_t39 = _t39 + 0x10;
                                                                                                                                                                                                                                                        						__eflags = _t17;
                                                                                                                                                                                                                                                        						if(_t17 != 0) {
                                                                                                                                                                                                                                                        							__eflags = _t34;
                                                                                                                                                                                                                                                        							_t33 = 0 | _t34 != 0x00000000;
                                                                                                                                                                                                                                                        							_t18 = E00BD6270(_t35, _t34 != 0);
                                                                                                                                                                                                                                                        							_t21 = _t18;
                                                                                                                                                                                                                                                        							__eflags = _t18;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								 *0xbfb5bc = _v24;
                                                                                                                                                                                                                                                        								_t21 = E00BE9630( *_t35, _t33, __eflags, "g_interceptions", "true", 4);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t30 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t30);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t36, _t30);
                                                                                                                                                                                                                                                        				return _t21;
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00bd5e80
                                                                                                                                                                                                                                                        0x00bd5e89
                                                                                                                                                                                                                                                        0x00bd5e8e
                                                                                                                                                                                                                                                        0x00bd5e92
                                                                                                                                                                                                                                                        0x00bd5e99
                                                                                                                                                                                                                                                        0x00bd5eaf
                                                                                                                                                                                                                                                        0x00bd5eb1
                                                                                                                                                                                                                                                        0x00bd5eb6
                                                                                                                                                                                                                                                        0x00bd5eb8
                                                                                                                                                                                                                                                        0x00bd5eb9
                                                                                                                                                                                                                                                        0x00bd5ec8
                                                                                                                                                                                                                                                        0x00bd5ecd
                                                                                                                                                                                                                                                        0x00bd5ecf
                                                                                                                                                                                                                                                        0x00bd5ed2
                                                                                                                                                                                                                                                        0x00bd5ed7
                                                                                                                                                                                                                                                        0x00bd5ed9
                                                                                                                                                                                                                                                        0x00bd5ee0
                                                                                                                                                                                                                                                        0x00bd5ee7
                                                                                                                                                                                                                                                        0x00bd5eed
                                                                                                                                                                                                                                                        0x00bd5ef2
                                                                                                                                                                                                                                                        0x00bd5ef5
                                                                                                                                                                                                                                                        0x00bd5ef7
                                                                                                                                                                                                                                                        0x00bd5f09
                                                                                                                                                                                                                                                        0x00bd5f0d
                                                                                                                                                                                                                                                        0x00bd5f10
                                                                                                                                                                                                                                                        0x00bd5f15
                                                                                                                                                                                                                                                        0x00bd5f17
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5f1e
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5efc
                                                                                                                                                                                                                                                        0x00bd5efd
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5ea0
                                                                                                                                                                                                                                                        0x00bd5eae

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000000,?,?,?), ref: 00BD5EB9
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,?,?), ref: 00BD5EFD
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@
                                                                                                                                                                                                                                                        • String ID: g_interceptions
                                                                                                                                                                                                                                                        • API String ID: 1936579350-660308268
                                                                                                                                                                                                                                                        • Opcode ID: 86085a12283769b3994f19c7c6f5634a08a6a6c2b2ed9fbc7ec7f5c9099b39bd
                                                                                                                                                                                                                                                        • Instruction ID: ab8034f6753ff6cb208888e027cd73e8c248674ed7fb200cc37e0f5870b5b5bf
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 86085a12283769b3994f19c7c6f5634a08a6a6c2b2ed9fbc7ec7f5c9099b39bd
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0911D3B0B002065BDB20BB65D882A7BB3E5DB84304F1044BAE9459B352FE659D09C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF850(void* __eflags, void** _a4, intOrPtr _a8, char _a12, HANDLE* _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				long _v60;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				long _v68;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				void** _t36;
                                                                                                                                                                                                                                                        				char _t43;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t43 = _a12;
                                                                                                                                                                                                                                                        				_t36 = _a4;
                                                                                                                                                                                                                                                        				_v24 = _t26 ^ _t47;
                                                                                                                                                                                                                                                        				 *_a16 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenProcess",  &_v28);
                                                                                                                                                                                                                                                        				_t45 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_t36[1] == _t43) {
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_v36 = 0;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v52 = 0x18;
                                                                                                                                                                                                                                                        					_v64 = _t43;
                                                                                                                                                                                                                                                        					_v68 = 0;
                                                                                                                                                                                                                                                        					_t42 =  &_v52;
                                                                                                                                                                                                                                                        					_t33 = _v28( &_v68, _a8,  &_v52,  &_v64);
                                                                                                                                                                                                                                                        					_t45 = _t33;
                                                                                                                                                                                                                                                        					if(_t33 >= 0 && DuplicateHandle(GetCurrentProcess(), _v84,  *_t36, _a16, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        						_t45 = 0xc0000022;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v24 ^ _t47, _t42);
                                                                                                                                                                                                                                                        				return _t45;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bdf85c
                                                                                                                                                                                                                                                        0x00bdf864
                                                                                                                                                                                                                                                        0x00bdf867
                                                                                                                                                                                                                                                        0x00bdf86c
                                                                                                                                                                                                                                                        0x00bdf874
                                                                                                                                                                                                                                                        0x00bdf87a
                                                                                                                                                                                                                                                        0x00bdf888
                                                                                                                                                                                                                                                        0x00bdf893
                                                                                                                                                                                                                                                        0x00bdf898
                                                                                                                                                                                                                                                        0x00bdf8a9
                                                                                                                                                                                                                                                        0x00bdf8b1
                                                                                                                                                                                                                                                        0x00bdf8b9
                                                                                                                                                                                                                                                        0x00bdf8c1
                                                                                                                                                                                                                                                        0x00bdf8c9
                                                                                                                                                                                                                                                        0x00bdf8d1
                                                                                                                                                                                                                                                        0x00bdf8d9
                                                                                                                                                                                                                                                        0x00bdf8e1
                                                                                                                                                                                                                                                        0x00bdf8e5
                                                                                                                                                                                                                                                        0x00bdf8ed
                                                                                                                                                                                                                                                        0x00bdf8f5
                                                                                                                                                                                                                                                        0x00bdf8f9
                                                                                                                                                                                                                                                        0x00bdf8fd
                                                                                                                                                                                                                                                        0x00bdf921
                                                                                                                                                                                                                                                        0x00bdf921
                                                                                                                                                                                                                                                        0x00bdf8fd
                                                                                                                                                                                                                                                        0x00bdf92c
                                                                                                                                                                                                                                                        0x00bdf93a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDF905
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,00BDE049,00000000,00000000,00000003), ref: 00BDF917
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenProcess
                                                                                                                                                                                                                                                        • API String ID: 3554645133-3690168757
                                                                                                                                                                                                                                                        • Opcode ID: 5baa060401d788ddd2aa3baedc8276e968f52e84a3118913d45322bb584e6c59
                                                                                                                                                                                                                                                        • Instruction ID: 8b7ce3c0ba21ba84676fd1ac07ce2c0939da291948d0c14d757a41c139970102
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5baa060401d788ddd2aa3baedc8276e968f52e84a3118913d45322bb584e6c59
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 23214AB1508305AFE700CF11D859B5BBBE8EF84718F00895DF9885B390DB74E908CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF770(void* __eflags, void** _a4, intOrPtr _a8, intOrPtr _a12, HANDLE* _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				long _v68;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void** _t37;
                                                                                                                                                                                                                                                        				void* _t47;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t37 = _a4;
                                                                                                                                                                                                                                                        				_v24 = _t26 ^ _t48;
                                                                                                                                                                                                                                                        				 *_a16 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenThread",  &_v28);
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v36 = 0;
                                                                                                                                                                                                                                                        				_v40 = 0;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_v52 = 0x18;
                                                                                                                                                                                                                                                        				_t43 =  &_v68;
                                                                                                                                                                                                                                                        				_v68 = 0;
                                                                                                                                                                                                                                                        				_v64 = _t37[1];
                                                                                                                                                                                                                                                        				_v60 = _a12;
                                                                                                                                                                                                                                                        				_t32 = _v28( &_v68, _a8,  &_v52,  &_v64);
                                                                                                                                                                                                                                                        				_t47 = _t32;
                                                                                                                                                                                                                                                        				if(_t32 >= 0 && DuplicateHandle(GetCurrentProcess(), _v84,  *_t37, _a16, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        					_t47 = 0xc0000022;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v40 ^ _t48, _t43);
                                                                                                                                                                                                                                                        				return _t47;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bdf77c
                                                                                                                                                                                                                                                        0x00bdf784
                                                                                                                                                                                                                                                        0x00bdf78f
                                                                                                                                                                                                                                                        0x00bdf797
                                                                                                                                                                                                                                                        0x00bdf79d
                                                                                                                                                                                                                                                        0x00bdf7ab
                                                                                                                                                                                                                                                        0x00bdf7b3
                                                                                                                                                                                                                                                        0x00bdf7bb
                                                                                                                                                                                                                                                        0x00bdf7c3
                                                                                                                                                                                                                                                        0x00bdf7cb
                                                                                                                                                                                                                                                        0x00bdf7d3
                                                                                                                                                                                                                                                        0x00bdf7db
                                                                                                                                                                                                                                                        0x00bdf7e7
                                                                                                                                                                                                                                                        0x00bdf7ee
                                                                                                                                                                                                                                                        0x00bdf7f6
                                                                                                                                                                                                                                                        0x00bdf7fe
                                                                                                                                                                                                                                                        0x00bdf806
                                                                                                                                                                                                                                                        0x00bdf80a
                                                                                                                                                                                                                                                        0x00bdf80e
                                                                                                                                                                                                                                                        0x00bdf832
                                                                                                                                                                                                                                                        0x00bdf832
                                                                                                                                                                                                                                                        0x00bdf83d
                                                                                                                                                                                                                                                        0x00bdf84b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDF816
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,00BDDFF9,00000000,00000000,00000003), ref: 00BDF828
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenThread
                                                                                                                                                                                                                                                        • API String ID: 3554645133-3080875385
                                                                                                                                                                                                                                                        • Opcode ID: 09f0425dce0115b54ce1bbe706c89f2b03ed07bbcbe2d13ae8a3021d9785cdbb
                                                                                                                                                                                                                                                        • Instruction ID: a5c494a7038da9f9dae2ca1333746879e6d3926c1f5228f09312a1accc180adb
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 09f0425dce0115b54ce1bbe706c89f2b03ed07bbcbe2d13ae8a3021d9785cdbb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7A213C71508305AFD700CF21D859B5BBBE8EB88718F00895DF9949B390DB75E909CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BD2620(void* __edx, intOrPtr _a4, void** _a8, void* _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr* _a32) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t41 = __edx;
                                                                                                                                                                                                                                                        				_t34 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t42 = _a32;
                                                                                                                                                                                                                                                        				_v20 = _t34 ^ _t45;
                                                                                                                                                                                                                                                        				if(_a4 != 3) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					 *_t42 = 0xc0000022;
                                                                                                                                                                                                                                                        					_t31 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					E00BEB3D0("NtSetInformationFile",  &_v24);
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					if(DuplicateHandle( *_a8, _a12, GetCurrentProcess(),  &_v28, 0, 0, 2) != 0) {
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						E00BC5200(_v28,  &_v32, _v28);
                                                                                                                                                                                                                                                        						 *_t42 = _v24(_v28, _a28, _a16, _a20, _a24);
                                                                                                                                                                                                                                                        						E00BC51B0(_t29,  &_v32);
                                                                                                                                                                                                                                                        						_t31 = 1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t45, _t41);
                                                                                                                                                                                                                                                        				return _t31;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bd2620
                                                                                                                                                                                                                                                        0x00bd2629
                                                                                                                                                                                                                                                        0x00bd2632
                                                                                                                                                                                                                                                        0x00bd263a
                                                                                                                                                                                                                                                        0x00bd263d
                                                                                                                                                                                                                                                        0x00bd2682
                                                                                                                                                                                                                                                        0x00bd2682
                                                                                                                                                                                                                                                        0x00bd2688
                                                                                                                                                                                                                                                        0x00bd263f
                                                                                                                                                                                                                                                        0x00bd2648
                                                                                                                                                                                                                                                        0x00bd2655
                                                                                                                                                                                                                                                        0x00bd265d
                                                                                                                                                                                                                                                        0x00bd2680
                                                                                                                                                                                                                                                        0x00bd26a7
                                                                                                                                                                                                                                                        0x00bd26b1
                                                                                                                                                                                                                                                        0x00bd26c8
                                                                                                                                                                                                                                                        0x00bd26ca
                                                                                                                                                                                                                                                        0x00bd26cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2680
                                                                                                                                                                                                                                                        0x00bd268f
                                                                                                                                                                                                                                                        0x00bd269d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD2664
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000002), ref: 00BD2678
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtSetInformationFile
                                                                                                                                                                                                                                                        • API String ID: 3554645133-1659534519
                                                                                                                                                                                                                                                        • Opcode ID: 202ba6e10eb179a773aefd62e42ed8fa3d254f9e40b543f68a749d0e703e2478
                                                                                                                                                                                                                                                        • Instruction ID: 965139d5dd8504971b44388749634e7034dc86811d7b6f45f0a68ed412a03432
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 202ba6e10eb179a773aefd62e42ed8fa3d254f9e40b543f68a749d0e703e2478
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 28111A70A0020AABDF109FA0CC46BBFBBB8EF14314F100459FA1567381DB74A9158BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BD9F80(void* __edx, void* _a4, signed char _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				struct _MEMORY_BASIC_INFORMATION _v52;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				long _t32;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t28 = __edx;
                                                                                                                                                                                                                                                        				_t13 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t13 ^ _t38;
                                                                                                                                                                                                                                                        				if((_a8 & 0x00000040) != 0) {
                                                                                                                                                                                                                                                        					E00BE5CC0( &_v24,  &_v24);
                                                                                                                                                                                                                                                        					_t37 = (_v24 << 0x0000000a & 0x00fffc00) + 0x00080000 & 0x01ff0000;
                                                                                                                                                                                                                                                        					if(_t37 == 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t24 = 0;
                                                                                                                                                                                                                                                        					while(VirtualQueryEx(_a4, _t24,  &_v52, 0x1c) != 0) {
                                                                                                                                                                                                                                                        						_t32 =  <  ? _t37 - _t24 : _v52.RegionSize + 0x0000ffff & 0xffff0000;
                                                                                                                                                                                                                                                        						if(_t24 != 0 && _v52.State == 0x10000) {
                                                                                                                                                                                                                                                        							VirtualAllocEx(_a4, _t24, _t32, 0x2000, 1);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t24 = _t24 + _t32;
                                                                                                                                                                                                                                                        						if(_t24 >= _t37) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t38, _t28);
                                                                                                                                                                                                                                                        				return 1;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bd9f80
                                                                                                                                                                                                                                                        0x00bd9f89
                                                                                                                                                                                                                                                        0x00bd9f94
                                                                                                                                                                                                                                                        0x00bd9f97
                                                                                                                                                                                                                                                        0x00bd9fb1
                                                                                                                                                                                                                                                        0x00bd9fcb
                                                                                                                                                                                                                                                        0x00bd9fd1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9fd3
                                                                                                                                                                                                                                                        0x00bd9fe6
                                                                                                                                                                                                                                                        0x00bda010
                                                                                                                                                                                                                                                        0x00bda015
                                                                                                                                                                                                                                                        0x00bda02c
                                                                                                                                                                                                                                                        0x00bda02c
                                                                                                                                                                                                                                                        0x00bd9fe0
                                                                                                                                                                                                                                                        0x00bd9fe4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9fe4
                                                                                                                                                                                                                                                        0x00bd9fe6
                                                                                                                                                                                                                                                        0x00bd9f99
                                                                                                                                                                                                                                                        0x00bd9f9e
                                                                                                                                                                                                                                                        0x00bd9fac

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualQueryEx.KERNEL32(?,00000000,?,0000001C), ref: 00BD9FF0
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNEL32(?,00000000,?,00002000,00000001), ref: 00BDA02C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Virtual$AllocQuery
                                                                                                                                                                                                                                                        • String ID: @
                                                                                                                                                                                                                                                        • API String ID: 31662377-2766056989
                                                                                                                                                                                                                                                        • Opcode ID: 98ef1798c2fa89775239ce944d91702ce326b4c9563ef2c7e45db2b523a10df1
                                                                                                                                                                                                                                                        • Instruction ID: aef1137aa48fbfc04bea52e0aed2bfb4dd63c07fa4f9456b93ebf26937e0da3b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 98ef1798c2fa89775239ce944d91702ce326b4c9563ef2c7e45db2b523a10df1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 611127B2E042196BDB208BA5EC84BBE76E8EB40344F1A0076F908A7340EB75AD44C794
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 92%
                                                                                                                                                                                                                                                        			E00BD2E00(void* __ecx, signed int __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				signed int _t17;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t27 = __edx;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t20 = 1;
                                                                                                                                                                                                                                                        				_v20 = _t9 ^ _t31;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 4)) != 0) {
                                                                                                                                                                                                                                                        					_t11 = E00BD2D00(__ecx);
                                                                                                                                                                                                                                                        					_t21 = _t11;
                                                                                                                                                                                                                                                        					_t12 = _t11 & 0xfffffffc;
                                                                                                                                                                                                                                                        					_push(_t12);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t30 = _t12;
                                                                                                                                                                                                                                                        					_t27 = _t12;
                                                                                                                                                                                                                                                        					_t13 = E00BD2EB0(__ecx, _t12, _t21);
                                                                                                                                                                                                                                                        					_t34 = _t32 + 8;
                                                                                                                                                                                                                                                        					__eflags = _t13;
                                                                                                                                                                                                                                                        					if(_t13 == 0) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t20 = 0;
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t29 = _a4;
                                                                                                                                                                                                                                                        						_t17 = E00BEB4E0( *_a4, _t30, _t21,  &_v24);
                                                                                                                                                                                                                                                        						_t34 = _t34 + 0x10;
                                                                                                                                                                                                                                                        						__eflags = _t17;
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *0xbfb504 = _v24;
                                                                                                                                                                                                                                                        							_t19 = E00BE9630(_t29, _t27, __eflags, "g_handles_to_close", "true", 4);
                                                                                                                                                                                                                                                        							__eflags = _t19;
                                                                                                                                                                                                                                                        							_t20 = _t21 & 0xffffff00 | _t19 == 0x00000000;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t30);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t31, _t27);
                                                                                                                                                                                                                                                        				return _t20;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bd2e00
                                                                                                                                                                                                                                                        0x00bd2e09
                                                                                                                                                                                                                                                        0x00bd2e0e
                                                                                                                                                                                                                                                        0x00bd2e12
                                                                                                                                                                                                                                                        0x00bd2e19
                                                                                                                                                                                                                                                        0x00bd2e33
                                                                                                                                                                                                                                                        0x00bd2e38
                                                                                                                                                                                                                                                        0x00bd2e3a
                                                                                                                                                                                                                                                        0x00bd2e3d
                                                                                                                                                                                                                                                        0x00bd2e3e
                                                                                                                                                                                                                                                        0x00bd2e46
                                                                                                                                                                                                                                                        0x00bd2e4a
                                                                                                                                                                                                                                                        0x00bd2e4d
                                                                                                                                                                                                                                                        0x00bd2e52
                                                                                                                                                                                                                                                        0x00bd2e55
                                                                                                                                                                                                                                                        0x00bd2e57
                                                                                                                                                                                                                                                        0x00bd2e92
                                                                                                                                                                                                                                                        0x00bd2e92
                                                                                                                                                                                                                                                        0x00bd2e92
                                                                                                                                                                                                                                                        0x00bd2e59
                                                                                                                                                                                                                                                        0x00bd2e59
                                                                                                                                                                                                                                                        0x00bd2e64
                                                                                                                                                                                                                                                        0x00bd2e69
                                                                                                                                                                                                                                                        0x00bd2e6c
                                                                                                                                                                                                                                                        0x00bd2e6e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2e70
                                                                                                                                                                                                                                                        0x00bd2e75
                                                                                                                                                                                                                                                        0x00bd2e86
                                                                                                                                                                                                                                                        0x00bd2e8b
                                                                                                                                                                                                                                                        0x00bd2e8d
                                                                                                                                                                                                                                                        0x00bd2e8d
                                                                                                                                                                                                                                                        0x00bd2e6e
                                                                                                                                                                                                                                                        0x00bd2e94
                                                                                                                                                                                                                                                        0x00bd2e95
                                                                                                                                                                                                                                                        0x00bd2e9a
                                                                                                                                                                                                                                                        0x00bd2e20
                                                                                                                                                                                                                                                        0x00bd2e2e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000000), ref: 00BD2E3E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,00BE56B0,00000000), ref: 00BD2E95
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@
                                                                                                                                                                                                                                                        • String ID: g_handles_to_close
                                                                                                                                                                                                                                                        • API String ID: 1936579350-346153173
                                                                                                                                                                                                                                                        • Opcode ID: d07a2efec0d5f1abf0db4ac4554add5df31c89b139c16a55dec71832f36d0d48
                                                                                                                                                                                                                                                        • Instruction ID: 06bb9f71db8b068321c4109ed323ef176381901fce8b8e7938d6dfe96e823293
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d07a2efec0d5f1abf0db4ac4554add5df31c89b139c16a55dec71832f36d0d48
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F101E5B1A002495BDA00AB759C4297BB7E9DF61354F0404B7FD0597392FB36DD09C2A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 52%
                                                                                                                                                                                                                                                        			E00BCAFC0(void* __ecx, char* __edx, char _a4) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v204;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				intOrPtr _v212;
                                                                                                                                                                                                                                                        				char _v228;
                                                                                                                                                                                                                                                        				char _v229;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				intOrPtr _t23;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t38 = __edx;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v16 = _t16 ^ _t42;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 5)) == 0 || E00BCA300(__ecx + 8) != 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return E00BEECB0(_v16 ^ _t42, _t38);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t41 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        					E00BC8120(_t19, _t41);
                                                                                                                                                                                                                                                        					_t38 =  &_v208;
                                                                                                                                                                                                                                                        					E00BCB330(__ecx + 0x14,  &_v208,  &_a4);
                                                                                                                                                                                                                                                        					_t23 = _v208;
                                                                                                                                                                                                                                                        					if(_t23 !=  *((intOrPtr*)(__ecx + 0x18))) {
                                                                                                                                                                                                                                                        						_v212 =  *((intOrPtr*)(_t23 + 0x1c));
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [eax+0xc]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [eax+0x14]");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0x10], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0x8], xmm0");
                                                                                                                                                                                                                                                        						_push( &_v228);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v228);
                                                                                                                                                                                                                                                        						_push( &_v229);
                                                                                                                                                                                                                                                        						E00BBEB70( &_v229);
                                                                                                                                                                                                                                                        						_push("false");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v204, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc", 0xe1);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive(_t41);
                                                                                                                                                                                                                                                        					goto L2;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bcafc0
                                                                                                                                                                                                                                                        0x00bcafce
                                                                                                                                                                                                                                                        0x00bcafd5
                                                                                                                                                                                                                                                        0x00bcafe0
                                                                                                                                                                                                                                                        0x00bcaff0
                                                                                                                                                                                                                                                        0x00bcb004
                                                                                                                                                                                                                                                        0x00bcb007
                                                                                                                                                                                                                                                        0x00bcb007
                                                                                                                                                                                                                                                        0x00bcb00c
                                                                                                                                                                                                                                                        0x00bcb017
                                                                                                                                                                                                                                                        0x00bcb01c
                                                                                                                                                                                                                                                        0x00bcb024
                                                                                                                                                                                                                                                        0x00bcb02b
                                                                                                                                                                                                                                                        0x00bcb030
                                                                                                                                                                                                                                                        0x00bcb034
                                                                                                                                                                                                                                                        0x00bcb039
                                                                                                                                                                                                                                                        0x00bcb042
                                                                                                                                                                                                                                                        0x00bcb048
                                                                                                                                                                                                                                                        0x00bcb04e
                                                                                                                                                                                                                                                        0x00bcb04f
                                                                                                                                                                                                                                                        0x00bcb05b
                                                                                                                                                                                                                                                        0x00bcb05c
                                                                                                                                                                                                                                                        0x00bcb06a
                                                                                                                                                                                                                                                        0x00bcb079
                                                                                                                                                                                                                                                        0x00bcb080
                                                                                                                                                                                                                                                        0x00bcb080
                                                                                                                                                                                                                                                        0x00bcb086
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb086

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BCA300: TlsGetValue.KERNEL32 ref: 00BCA30D
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BCB086
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • false, xrefs: 00BCB06A
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc, xrefs: 00BCB074
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ExclusiveLockReleaseValue
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/win/scoped_handle_verifier.cc$false
                                                                                                                                                                                                                                                        • API String ID: 3065551114-175217558
                                                                                                                                                                                                                                                        • Opcode ID: 4392ae8b5ca19f87bc2b72a86f1a71a209e36c511b65cac2c4b2d9812ed483b0
                                                                                                                                                                                                                                                        • Instruction ID: 1cfeb91470bb5cd8d4698c8f78ca0921e26af532833070faae5c408564c530a6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4392ae8b5ca19f87bc2b72a86f1a71a209e36c511b65cac2c4b2d9812ed483b0
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0511F3716007459BC714EF20D842EAFB7E9AF85314F00496DF4559B152EB30E649C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF9E0(long* __edx, void* __eflags, void** _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, HANDLE* _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void** _t28;
                                                                                                                                                                                                                                                        				HANDLE* _t34;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t33 = __edx;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t34 = _a20;
                                                                                                                                                                                                                                                        				_v20 = _t16 ^ _t36;
                                                                                                                                                                                                                                                        				 *_t34 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenProcessTokenEx",  &_v24);
                                                                                                                                                                                                                                                        				_t35 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_a8 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t28 = _a4;
                                                                                                                                                                                                                                                        					_t33 =  &_v28;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t21 = _v24( *_t28, _a12, _a16,  &_v28);
                                                                                                                                                                                                                                                        					_t35 = _t21;
                                                                                                                                                                                                                                                        					if(_t21 >= 0) {
                                                                                                                                                                                                                                                        						_v32 = _v28;
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _v32,  *_t28, _t34, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        							_t35 = 0xc0000022;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t36, _t33);
                                                                                                                                                                                                                                                        				return _t35;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bdf9e0
                                                                                                                                                                                                                                                        0x00bdf9e9
                                                                                                                                                                                                                                                        0x00bdf9ee
                                                                                                                                                                                                                                                        0x00bdf9f6
                                                                                                                                                                                                                                                        0x00bdf9fc
                                                                                                                                                                                                                                                        0x00bdfa02
                                                                                                                                                                                                                                                        0x00bdfa0f
                                                                                                                                                                                                                                                        0x00bdfa17
                                                                                                                                                                                                                                                        0x00bdfa1f
                                                                                                                                                                                                                                                        0x00bdfa35
                                                                                                                                                                                                                                                        0x00bdfa3e
                                                                                                                                                                                                                                                        0x00bdfa41
                                                                                                                                                                                                                                                        0x00bdfa4d
                                                                                                                                                                                                                                                        0x00bdfa50
                                                                                                                                                                                                                                                        0x00bdfa54
                                                                                                                                                                                                                                                        0x00bdfa5b
                                                                                                                                                                                                                                                        0x00bdfa78
                                                                                                                                                                                                                                                        0x00bdfa7a
                                                                                                                                                                                                                                                        0x00bdfa7a
                                                                                                                                                                                                                                                        0x00bdfa78
                                                                                                                                                                                                                                                        0x00bdfa54
                                                                                                                                                                                                                                                        0x00bdfa26
                                                                                                                                                                                                                                                        0x00bdfa34

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDFA5E
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000003,?,?,00000000,00000000,00000003), ref: 00BDFA70
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenProcessTokenEx
                                                                                                                                                                                                                                                        • API String ID: 3554645133-2578970931
                                                                                                                                                                                                                                                        • Opcode ID: 29b02774ce9d0464753a2681026e6ae7ad63d0254fb61f7cbf25d43f82fec3d1
                                                                                                                                                                                                                                                        • Instruction ID: 1d1df1f60eb7f7cfa1ed182b9dfc17b8abb533186de55d421c64e843da6cb156
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 29b02774ce9d0464753a2681026e6ae7ad63d0254fb61f7cbf25d43f82fec3d1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC1130B1A0020AAFDB10DFA5DC89BBF7BB8EF44714F100565F915A7381EB70AD148BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BC4130(intOrPtr __eax, void* __ecx, intOrPtr __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed char* _v16;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				intOrPtr _t52;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t54;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        				intOrPtr* _t58;
                                                                                                                                                                                                                                                        				signed char* _t61;
                                                                                                                                                                                                                                                        				short* _t68;
                                                                                                                                                                                                                                                        				intOrPtr _t69;
                                                                                                                                                                                                                                                        				signed char* _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t73;
                                                                                                                                                                                                                                                        				intOrPtr _t75;
                                                                                                                                                                                                                                                        				intOrPtr* _t76;
                                                                                                                                                                                                                                                        				intOrPtr _t78;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t86;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				intOrPtr* _t91;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t73 = __edx;
                                                                                                                                                                                                                                                        				_t58 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0x24);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t90 = _t89 + 4;
                                                                                                                                                                                                                                                        				_t64 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t66 =  ==  ? __eax : _t58;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t58;
                                                                                                                                                                                                                                                        				_t68 =  *_a4;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x18)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ecx+0x10]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x18], xmm0");
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ecx]");
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [ecx+0x8]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x10], xmm1");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x8], xmm0");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t68 + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t68 + 0x14)) = 7;
                                                                                                                                                                                                                                                        				 *_t68 = 0;
                                                                                                                                                                                                                                                        				 *((char*)(__eax + 0x20)) = 0;
                                                                                                                                                                                                                                                        				_t69 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t69 == 0x71c71c6) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t58);
                                                                                                                                                                                                                                                        					_push(__ecx);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_t91 = _t90 - 0x10;
                                                                                                                                                                                                                                                        					_v48 = _t69;
                                                                                                                                                                                                                                                        					_t70 = _v16;
                                                                                                                                                                                                                                                        					_t84 = _t70[0x10];
                                                                                                                                                                                                                                                        					if(_t70[0x14] > 7) {
                                                                                                                                                                                                                                                        						_t70 =  *_t70;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *_t91 = _t73;
                                                                                                                                                                                                                                                        					if((_t84 & 0x7fffffff) != 0) {
                                                                                                                                                                                                                                                        						_t82 = _t84 + _t84;
                                                                                                                                                                                                                                                        						_t57 = 0x811c9dc5;
                                                                                                                                                                                                                                                        						_t61 = _t70;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t87 =  *_t61 & 0x000000ff;
                                                                                                                                                                                                                                                        							_t61 =  &(_t61[1]);
                                                                                                                                                                                                                                                        							_t57 = (_t87 ^ _t57) * 0x1000193;
                                                                                                                                                                                                                                                        							_t82 = _t82 - 1;
                                                                                                                                                                                                                                                        						} while (_t82 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t78 = _v48;
                                                                                                                                                                                                                                                        					_t50 = 0x811c9dc5 &  *(_t78 + 0x18);
                                                                                                                                                                                                                                                        					_v44 =  *((intOrPtr*)(_t78 + 4));
                                                                                                                                                                                                                                                        					_t75 =  *((intOrPtr*)(_t78 + 0xc));
                                                                                                                                                                                                                                                        					_t86 =  *((intOrPtr*)(_t75 + _t50 * 8));
                                                                                                                                                                                                                                                        					_v48 = _t75;
                                                                                                                                                                                                                                                        					_v40 = _t50 + _t50 + 1;
                                                                                                                                                                                                                                                        					_t76 = _t86;
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t52 = _t86;
                                                                                                                                                                                                                                                        						if(_t86 != _v44) {
                                                                                                                                                                                                                                                        							_t52 =  *((intOrPtr*)( *((intOrPtr*)(_v48 + _v40 * 4))));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t52 == _t76) {
                                                                                                                                                                                                                                                        							L27:
                                                                                                                                                                                                                                                        							_t53 =  *_t91;
                                                                                                                                                                                                                                                        							 *_t53 = _v44;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t76 + 0x18)) != _t84) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								_t76 =  *_t76;
                                                                                                                                                                                                                                                        								continue;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t76 + 0x1c)) <= 7) {
                                                                                                                                                                                                                                                        									_t54 = _t76 + 8;
                                                                                                                                                                                                                                                        									if(_t84 == 0) {
                                                                                                                                                                                                                                                        										goto L26;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L20;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t54 =  *((intOrPtr*)(_t76 + 8));
                                                                                                                                                                                                                                                        									if(_t84 != 0) {
                                                                                                                                                                                                                                                        										L20:
                                                                                                                                                                                                                                                        										_t80 = 0;
                                                                                                                                                                                                                                                        										while(( *(_t54 + _t80 * 2) & 0x0000ffff) ==  *((intOrPtr*)(_t70 + _t80 * 2))) {
                                                                                                                                                                                                                                                        											_t80 = _t80 + 1;
                                                                                                                                                                                                                                                        											if(_t84 != _t80) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t81 = 0;
                                                                                                                                                                                                                                                        												asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        												while(( *(_t70 + _t81 * 2) & 0x0000ffff) ==  *((intOrPtr*)(_t54 + _t81 * 2))) {
                                                                                                                                                                                                                                                        													_t81 = _t81 + 1;
                                                                                                                                                                                                                                                        													if(_t84 != _t81) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L26;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L27;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L28;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L11;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L26:
                                                                                                                                                                                                                                                        										_t53 =  *_t91;
                                                                                                                                                                                                                                                        										 *_t53 = _t76;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L28:
                                                                                                                                                                                                                                                        						return _t53;
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t69 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t58 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L29:
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bc4130
                                                                                                                                                                                                                                                        0x00bc4136
                                                                                                                                                                                                                                                        0x00bc413d
                                                                                                                                                                                                                                                        0x00bc413f
                                                                                                                                                                                                                                                        0x00bc4144
                                                                                                                                                                                                                                                        0x00bc414b
                                                                                                                                                                                                                                                        0x00bc414e
                                                                                                                                                                                                                                                        0x00bc4152
                                                                                                                                                                                                                                                        0x00bc4155
                                                                                                                                                                                                                                                        0x00bc415b
                                                                                                                                                                                                                                                        0x00bc415d
                                                                                                                                                                                                                                                        0x00bc4164
                                                                                                                                                                                                                                                        0x00bc416b
                                                                                                                                                                                                                                                        0x00bc4170
                                                                                                                                                                                                                                                        0x00bc4175
                                                                                                                                                                                                                                                        0x00bc4179
                                                                                                                                                                                                                                                        0x00bc417e
                                                                                                                                                                                                                                                        0x00bc4183
                                                                                                                                                                                                                                                        0x00bc4188
                                                                                                                                                                                                                                                        0x00bc418f
                                                                                                                                                                                                                                                        0x00bc4196
                                                                                                                                                                                                                                                        0x00bc419b
                                                                                                                                                                                                                                                        0x00bc419f
                                                                                                                                                                                                                                                        0x00bc41a8
                                                                                                                                                                                                                                                        0x00bc41b8
                                                                                                                                                                                                                                                        0x00bc41bd
                                                                                                                                                                                                                                                        0x00bc41c2
                                                                                                                                                                                                                                                        0x00bc41c3
                                                                                                                                                                                                                                                        0x00bc41c4
                                                                                                                                                                                                                                                        0x00bc41c5
                                                                                                                                                                                                                                                        0x00bc41c6
                                                                                                                                                                                                                                                        0x00bc41c7
                                                                                                                                                                                                                                                        0x00bc41c8
                                                                                                                                                                                                                                                        0x00bc41c9
                                                                                                                                                                                                                                                        0x00bc41ca
                                                                                                                                                                                                                                                        0x00bc41cb
                                                                                                                                                                                                                                                        0x00bc41cc
                                                                                                                                                                                                                                                        0x00bc41cd
                                                                                                                                                                                                                                                        0x00bc41ce
                                                                                                                                                                                                                                                        0x00bc41cf
                                                                                                                                                                                                                                                        0x00bc41d1
                                                                                                                                                                                                                                                        0x00bc41d2
                                                                                                                                                                                                                                                        0x00bc41d3
                                                                                                                                                                                                                                                        0x00bc41d4
                                                                                                                                                                                                                                                        0x00bc41d7
                                                                                                                                                                                                                                                        0x00bc41db
                                                                                                                                                                                                                                                        0x00bc41df
                                                                                                                                                                                                                                                        0x00bc41e6
                                                                                                                                                                                                                                                        0x00bc41e8
                                                                                                                                                                                                                                                        0x00bc41e8
                                                                                                                                                                                                                                                        0x00bc41f0
                                                                                                                                                                                                                                                        0x00bc41f3
                                                                                                                                                                                                                                                        0x00bc41f5
                                                                                                                                                                                                                                                        0x00bc41f8
                                                                                                                                                                                                                                                        0x00bc41fd
                                                                                                                                                                                                                                                        0x00bc4200
                                                                                                                                                                                                                                                        0x00bc4200
                                                                                                                                                                                                                                                        0x00bc4203
                                                                                                                                                                                                                                                        0x00bc4206
                                                                                                                                                                                                                                                        0x00bc420c
                                                                                                                                                                                                                                                        0x00bc420c
                                                                                                                                                                                                                                                        0x00bc420f
                                                                                                                                                                                                                                                        0x00bc4216
                                                                                                                                                                                                                                                        0x00bc421d
                                                                                                                                                                                                                                                        0x00bc4220
                                                                                                                                                                                                                                                        0x00bc4224
                                                                                                                                                                                                                                                        0x00bc4227
                                                                                                                                                                                                                                                        0x00bc422a
                                                                                                                                                                                                                                                        0x00bc4232
                                                                                                                                                                                                                                                        0x00bc4236
                                                                                                                                                                                                                                                        0x00bc4242
                                                                                                                                                                                                                                                        0x00bc4246
                                                                                                                                                                                                                                                        0x00bc4248
                                                                                                                                                                                                                                                        0x00bc4255
                                                                                                                                                                                                                                                        0x00bc4255
                                                                                                                                                                                                                                                        0x00bc4259
                                                                                                                                                                                                                                                        0x00bc42b6
                                                                                                                                                                                                                                                        0x00bc42b6
                                                                                                                                                                                                                                                        0x00bc42bd
                                                                                                                                                                                                                                                        0x00bc425b
                                                                                                                                                                                                                                                        0x00bc425e
                                                                                                                                                                                                                                                        0x00bc4240
                                                                                                                                                                                                                                                        0x00bc4240
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4260
                                                                                                                                                                                                                                                        0x00bc4264
                                                                                                                                                                                                                                                        0x00bc4270
                                                                                                                                                                                                                                                        0x00bc4275
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4266
                                                                                                                                                                                                                                                        0x00bc4266
                                                                                                                                                                                                                                                        0x00bc426b
                                                                                                                                                                                                                                                        0x00bc4277
                                                                                                                                                                                                                                                        0x00bc4277
                                                                                                                                                                                                                                                        0x00bc4280
                                                                                                                                                                                                                                                        0x00bc428a
                                                                                                                                                                                                                                                        0x00bc428d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc428f
                                                                                                                                                                                                                                                        0x00bc428f
                                                                                                                                                                                                                                                        0x00bc4291
                                                                                                                                                                                                                                                        0x00bc42a0
                                                                                                                                                                                                                                                        0x00bc42aa
                                                                                                                                                                                                                                                        0x00bc42ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc42ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc42a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc428d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc426d
                                                                                                                                                                                                                                                        0x00bc42af
                                                                                                                                                                                                                                                        0x00bc42af
                                                                                                                                                                                                                                                        0x00bc42b2
                                                                                                                                                                                                                                                        0x00bc42b2
                                                                                                                                                                                                                                                        0x00bc426b
                                                                                                                                                                                                                                                        0x00bc4264
                                                                                                                                                                                                                                                        0x00bc425e
                                                                                                                                                                                                                                                        0x00bc42bf
                                                                                                                                                                                                                                                        0x00bc42c6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc42c6
                                                                                                                                                                                                                                                        0x00bc41aa
                                                                                                                                                                                                                                                        0x00bc41ab
                                                                                                                                                                                                                                                        0x00bc41ae
                                                                                                                                                                                                                                                        0x00bc41b1
                                                                                                                                                                                                                                                        0x00bc41b7
                                                                                                                                                                                                                                                        0x00bc41b7
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000024,?,?,00000000,?,00BC410B,?,?,?,00000000,00000000), ref: 00BC413F
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?,?,?,00000000,00000000), ref: 00BC41BD
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: a93cd89b59799ce93cdeffb93f185cccec6954bb2a62633a31fee93e4fa4ef0a
                                                                                                                                                                                                                                                        • Instruction ID: 585bb057d6e6d576e3d9d9ce7e6e0a3c26e9a9d24b02e15751af3008a9d0a32c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a93cd89b59799ce93cdeffb93f185cccec6954bb2a62633a31fee93e4fa4ef0a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 191139B1500B049FD709CF28D465B22BBE5FF8A718F2182ADE5094F262D7B2D842CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 48%
                                                                                                                                                                                                                                                        			E00BCB1E0(intOrPtr __eax, void* __ecx, void* __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				intOrPtr* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				intOrPtr _t35;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				intOrPtr _t50;
                                                                                                                                                                                                                                                        				intOrPtr* _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				intOrPtr* _t59;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				intOrPtr _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t69;
                                                                                                                                                                                                                                                        				signed int _t75;
                                                                                                                                                                                                                                                        				void* _t76;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t59 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_t34 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x20);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t55 = _t59;
                                                                                                                                                                                                                                                        				_t77 = _t76 + 4;
                                                                                                                                                                                                                                                        				_t40 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t60 = _a4;
                                                                                                                                                                                                                                                        				_t42 =  ==  ? __eax : _t59;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t59;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 8)) =  *_t60;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x1c)) =  *((intOrPtr*)(_t60 + 0x14));
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [edi+0x4]");
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [edi+0xc]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x14], xmm1");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0xc], xmm0");
                                                                                                                                                                                                                                                        				_t46 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t46 == 0x7fffffe) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					asm("movss xmm0, [ecx+0x8]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [0xbf0f38]");
                                                                                                                                                                                                                                                        					asm("movss xmm2, [ecx+0x1c]");
                                                                                                                                                                                                                                                        					asm("orpd xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("orpd xmm2, xmm1");
                                                                                                                                                                                                                                                        					asm("subsd xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("subsd xmm2, xmm1");
                                                                                                                                                                                                                                                        					asm("cvtsd2ss xmm0, xmm0");
                                                                                                                                                                                                                                                        					asm("xorps xmm1, xmm1");
                                                                                                                                                                                                                                                        					asm("cvtsd2ss xmm1, xmm2");
                                                                                                                                                                                                                                                        					asm("divss xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("ucomiss xmm0, [ecx]");
                                                                                                                                                                                                                                                        					if(__eflags <= 0) {
                                                                                                                                                                                                                                                        						return __eax;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t56 =  *(_t46 + 0x1c);
                                                                                                                                                                                                                                                        						_t67 = _t46;
                                                                                                                                                                                                                                                        						__eflags = _t56 - 0x1fffffff;
                                                                                                                                                                                                                                                        						_t24 = 0 | _t56 - 0x1fffffff > 0x00000000;
                                                                                                                                                                                                                                                        						__eflags = _t56 - 0x200;
                                                                                                                                                                                                                                                        						_t48 =  >=  ? _t24 : 3;
                                                                                                                                                                                                                                                        						_t57 = _t56 << ( >=  ? _t24 : 3);
                                                                                                                                                                                                                                                        						E00BC3300(_t67, _t56 << ( >=  ? _t24 : 3));
                                                                                                                                                                                                                                                        						_t50 = _t67;
                                                                                                                                                                                                                                                        						_pop(_t68);
                                                                                                                                                                                                                                                        						_pop(_t74);
                                                                                                                                                                                                                                                        						_t75 = _t77;
                                                                                                                                                                                                                                                        						_push(_t34);
                                                                                                                                                                                                                                                        						_push(_t60);
                                                                                                                                                                                                                                                        						_t78 = _t77 - 0xc;
                                                                                                                                                                                                                                                        						_t26 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        						_v40 = _t26 ^ _t75;
                                                                                                                                                                                                                                                        						_t28 =  *((intOrPtr*)(_t50 + 4));
                                                                                                                                                                                                                                                        						_t61 =  *_t28;
                                                                                                                                                                                                                                                        						__eflags = _t61 - _t28;
                                                                                                                                                                                                                                                        						if(_t61 != _t28) {
                                                                                                                                                                                                                                                        							_t35 =  *((intOrPtr*)(_t28 + 4));
                                                                                                                                                                                                                                                        							_t69 = _t50;
                                                                                                                                                                                                                                                        							_t29 = _t61 + 8;
                                                                                                                                                                                                                                                        							_t57 =  &_v36;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								E00BCB0B0(_t50, _t57, _t29, _t61);
                                                                                                                                                                                                                                                        								_t78 = _t78 + 8;
                                                                                                                                                                                                                                                        								__eflags = _t61 - _t35;
                                                                                                                                                                                                                                                        								if(_t61 == _t35) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t50 = _t69;
                                                                                                                                                                                                                                                        								_t57 =  &_v36;
                                                                                                                                                                                                                                                        								_t61 =  *((intOrPtr*)( *((intOrPtr*)(_t69 + 4))));
                                                                                                                                                                                                                                                        								_t29 = _t61 + 8;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						__eflags = _v28 ^ _t75;
                                                                                                                                                                                                                                                        						return E00BEECB0(_v28 ^ _t75, _t57);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t46 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t55 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00bcb1e6
                                                                                                                                                                                                                                                        0x00bcb1eb
                                                                                                                                                                                                                                                        0x00bcb1ed
                                                                                                                                                                                                                                                        0x00bcb1ef
                                                                                                                                                                                                                                                        0x00bcb1f4
                                                                                                                                                                                                                                                        0x00bcb1f6
                                                                                                                                                                                                                                                        0x00bcb1fd
                                                                                                                                                                                                                                                        0x00bcb200
                                                                                                                                                                                                                                                        0x00bcb204
                                                                                                                                                                                                                                                        0x00bcb207
                                                                                                                                                                                                                                                        0x00bcb20a
                                                                                                                                                                                                                                                        0x00bcb20f
                                                                                                                                                                                                                                                        0x00bcb215
                                                                                                                                                                                                                                                        0x00bcb21a
                                                                                                                                                                                                                                                        0x00bcb21f
                                                                                                                                                                                                                                                        0x00bcb224
                                                                                                                                                                                                                                                        0x00bcb229
                                                                                                                                                                                                                                                        0x00bcb22e
                                                                                                                                                                                                                                                        0x00bcb237
                                                                                                                                                                                                                                                        0x00bcb247
                                                                                                                                                                                                                                                        0x00bcb24c
                                                                                                                                                                                                                                                        0x00bcb251
                                                                                                                                                                                                                                                        0x00bcb252
                                                                                                                                                                                                                                                        0x00bcb253
                                                                                                                                                                                                                                                        0x00bcb254
                                                                                                                                                                                                                                                        0x00bcb255
                                                                                                                                                                                                                                                        0x00bcb256
                                                                                                                                                                                                                                                        0x00bcb257
                                                                                                                                                                                                                                                        0x00bcb258
                                                                                                                                                                                                                                                        0x00bcb259
                                                                                                                                                                                                                                                        0x00bcb25a
                                                                                                                                                                                                                                                        0x00bcb25b
                                                                                                                                                                                                                                                        0x00bcb25c
                                                                                                                                                                                                                                                        0x00bcb25d
                                                                                                                                                                                                                                                        0x00bcb25e
                                                                                                                                                                                                                                                        0x00bcb25f
                                                                                                                                                                                                                                                        0x00bcb263
                                                                                                                                                                                                                                                        0x00bcb264
                                                                                                                                                                                                                                                        0x00bcb269
                                                                                                                                                                                                                                                        0x00bcb271
                                                                                                                                                                                                                                                        0x00bcb276
                                                                                                                                                                                                                                                        0x00bcb27a
                                                                                                                                                                                                                                                        0x00bcb27e
                                                                                                                                                                                                                                                        0x00bcb282
                                                                                                                                                                                                                                                        0x00bcb286
                                                                                                                                                                                                                                                        0x00bcb28a
                                                                                                                                                                                                                                                        0x00bcb28d
                                                                                                                                                                                                                                                        0x00bcb291
                                                                                                                                                                                                                                                        0x00bcb295
                                                                                                                                                                                                                                                        0x00bcb298
                                                                                                                                                                                                                                                        0x00bcb2cc
                                                                                                                                                                                                                                                        0x00bcb29a
                                                                                                                                                                                                                                                        0x00bcb29a
                                                                                                                                                                                                                                                        0x00bcb29f
                                                                                                                                                                                                                                                        0x00bcb2a6
                                                                                                                                                                                                                                                        0x00bcb2ac
                                                                                                                                                                                                                                                        0x00bcb2af
                                                                                                                                                                                                                                                        0x00bcb2b5
                                                                                                                                                                                                                                                        0x00bcb2b8
                                                                                                                                                                                                                                                        0x00bcb2bc
                                                                                                                                                                                                                                                        0x00bcb2c1
                                                                                                                                                                                                                                                        0x00bcb2c3
                                                                                                                                                                                                                                                        0x00bcb2c4
                                                                                                                                                                                                                                                        0x00bcb2d1
                                                                                                                                                                                                                                                        0x00bcb2d3
                                                                                                                                                                                                                                                        0x00bcb2d4
                                                                                                                                                                                                                                                        0x00bcb2d6
                                                                                                                                                                                                                                                        0x00bcb2d9
                                                                                                                                                                                                                                                        0x00bcb2e0
                                                                                                                                                                                                                                                        0x00bcb2e3
                                                                                                                                                                                                                                                        0x00bcb2e6
                                                                                                                                                                                                                                                        0x00bcb2e8
                                                                                                                                                                                                                                                        0x00bcb2ea
                                                                                                                                                                                                                                                        0x00bcb2fe
                                                                                                                                                                                                                                                        0x00bcb301
                                                                                                                                                                                                                                                        0x00bcb303
                                                                                                                                                                                                                                                        0x00bcb306
                                                                                                                                                                                                                                                        0x00bcb309
                                                                                                                                                                                                                                                        0x00bcb30b
                                                                                                                                                                                                                                                        0x00bcb310
                                                                                                                                                                                                                                                        0x00bcb313
                                                                                                                                                                                                                                                        0x00bcb315
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb31a
                                                                                                                                                                                                                                                        0x00bcb31c
                                                                                                                                                                                                                                                        0x00bcb31f
                                                                                                                                                                                                                                                        0x00bcb321
                                                                                                                                                                                                                                                        0x00bcb321
                                                                                                                                                                                                                                                        0x00bcb309
                                                                                                                                                                                                                                                        0x00bcb2ec
                                                                                                                                                                                                                                                        0x00bcb2ef
                                                                                                                                                                                                                                                        0x00bcb2fd
                                                                                                                                                                                                                                                        0x00bcb2fd
                                                                                                                                                                                                                                                        0x00bcb239
                                                                                                                                                                                                                                                        0x00bcb23a
                                                                                                                                                                                                                                                        0x00bcb23d
                                                                                                                                                                                                                                                        0x00bcb240
                                                                                                                                                                                                                                                        0x00bcb246
                                                                                                                                                                                                                                                        0x00bcb246

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000020,?,?,00000000,?,00BCAE01,?), ref: 00BCB1EF
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?), ref: 00BCB24C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 86c40797d60711486276fd4439cc062169ecc3392055f109efd1924c2a3f7690
                                                                                                                                                                                                                                                        • Instruction ID: b009d856005ab16400ac5535299bfa9ae21bcaf202a1b5aec99c486b72a5c702
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 86c40797d60711486276fd4439cc062169ecc3392055f109efd1924c2a3f7690
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B4017CB1A00A059FC708CF19D555925FBE6EFC9350719C2AEE90E8B762DB70EC01CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF940(void* __edx, void* __eflags, void** _a4, intOrPtr _a8, intOrPtr _a12, HANDLE* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _t15;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void** _t27;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				HANDLE* _t33;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t32 = __edx;
                                                                                                                                                                                                                                                        				_t15 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t33 = _a16;
                                                                                                                                                                                                                                                        				_v20 = _t15 ^ _t35;
                                                                                                                                                                                                                                                        				 *_t33 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtOpenProcessToken",  &_v24);
                                                                                                                                                                                                                                                        				_t34 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_a8 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t27 = _a4;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t20 = _v24( *_t27, _a12,  &_v28);
                                                                                                                                                                                                                                                        					_t34 = _t20;
                                                                                                                                                                                                                                                        					if(_t20 >= 0) {
                                                                                                                                                                                                                                                        						_v32 = _v28;
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _v32,  *_t27, _t33, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        							_t34 = 0xc0000022;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t35, _t32);
                                                                                                                                                                                                                                                        				return _t34;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bdf940
                                                                                                                                                                                                                                                        0x00bdf949
                                                                                                                                                                                                                                                        0x00bdf94e
                                                                                                                                                                                                                                                        0x00bdf956
                                                                                                                                                                                                                                                        0x00bdf95c
                                                                                                                                                                                                                                                        0x00bdf962
                                                                                                                                                                                                                                                        0x00bdf96f
                                                                                                                                                                                                                                                        0x00bdf977
                                                                                                                                                                                                                                                        0x00bdf97f
                                                                                                                                                                                                                                                        0x00bdf995
                                                                                                                                                                                                                                                        0x00bdf99e
                                                                                                                                                                                                                                                        0x00bdf9a9
                                                                                                                                                                                                                                                        0x00bdf9ac
                                                                                                                                                                                                                                                        0x00bdf9b0
                                                                                                                                                                                                                                                        0x00bdf9b7
                                                                                                                                                                                                                                                        0x00bdf9d4
                                                                                                                                                                                                                                                        0x00bdf9d6
                                                                                                                                                                                                                                                        0x00bdf9d6
                                                                                                                                                                                                                                                        0x00bdf9d4
                                                                                                                                                                                                                                                        0x00bdf9b0
                                                                                                                                                                                                                                                        0x00bdf986
                                                                                                                                                                                                                                                        0x00bdf994

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDF9BA
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000003,?,?,00000000,00000000,00000003), ref: 00BDF9CC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenProcessToken
                                                                                                                                                                                                                                                        • API String ID: 3554645133-3329886552
                                                                                                                                                                                                                                                        • Opcode ID: 477945fd10f835f66bacf82f1482a9613b7b2479b341bd3429bd97f37feab042
                                                                                                                                                                                                                                                        • Instruction ID: 2607c3763e546242c2ac362382dc9076192eedda54495294615d6d79213ac992
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 477945fd10f835f66bacf82f1482a9613b7b2479b341bd3429bd97f37feab042
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 631142B1E0420AABDB109F65DC99BBFBBF8EF04314F100455E915A7381EB74AD148BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BE7D70(void* __edx, void* __eflags, intOrPtr _a4, void** _a8, intOrPtr* _a12, HANDLE* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 = __edx;
                                                                                                                                                                                                                                                        				_t13 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v20 = _t13 ^ _t33;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtCreateSection",  &_v24);
                                                                                                                                                                                                                                                        				_t32 = 0;
                                                                                                                                                                                                                                                        				if(_a4 == 3) {
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t20 = _v24( &_v28, 0xf, 0, 0, 0x10, 0x1000000,  *_a12);
                                                                                                                                                                                                                                                        					_t31 = _v28;
                                                                                                                                                                                                                                                        					_t32 = _t20;
                                                                                                                                                                                                                                                        					if(_t31 != 0) {
                                                                                                                                                                                                                                                        						DuplicateHandle(GetCurrentProcess(), _t31,  *_a8, _a16, 0, 0, 3);
                                                                                                                                                                                                                                                        						_t32 =  ==  ? 0xc0000022 : _t32;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v20 ^ _t33, _t29);
                                                                                                                                                                                                                                                        				return _t32;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00be7d70
                                                                                                                                                                                                                                                        0x00be7d79
                                                                                                                                                                                                                                                        0x00be7d83
                                                                                                                                                                                                                                                        0x00be7d89
                                                                                                                                                                                                                                                        0x00be7d96
                                                                                                                                                                                                                                                        0x00be7d9e
                                                                                                                                                                                                                                                        0x00be7da3
                                                                                                                                                                                                                                                        0x00be7da8
                                                                                                                                                                                                                                                        0x00be7dc2
                                                                                                                                                                                                                                                        0x00be7dc5
                                                                                                                                                                                                                                                        0x00be7dc8
                                                                                                                                                                                                                                                        0x00be7dcc
                                                                                                                                                                                                                                                        0x00be7de5
                                                                                                                                                                                                                                                        0x00be7df2
                                                                                                                                                                                                                                                        0x00be7df2
                                                                                                                                                                                                                                                        0x00be7dcc
                                                                                                                                                                                                                                                        0x00be7dfa
                                                                                                                                                                                                                                                        0x00be7e08

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE7DD3
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,00000000,00000000,00000000,00000003), ref: 00BE7DE5
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtCreateSection
                                                                                                                                                                                                                                                        • API String ID: 3554645133-2666417024
                                                                                                                                                                                                                                                        • Opcode ID: 3237a62c0b69f81ed7cbdd688eee60de25e6df2f9a8391cdc9b6ae57fc3c82d5
                                                                                                                                                                                                                                                        • Instruction ID: 8a839a7da870f91fc779a4884c2ebf562318d6583e962d5dcbe1019c4b198704
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3237a62c0b69f81ed7cbdd688eee60de25e6df2f9a8391cdc9b6ae57fc3c82d5
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 151130B1A40209ABDB20DFA5DC46FAF77B8EF48710F100468FA05AB280DF70AD1487A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BCE4F0(void* __ecx, void* __edx, char _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED** _t21;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t24;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 = __edx;
                                                                                                                                                                                                                                                        				_t36 = (_t34 & 0xfffffff8) - 0xc0;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t31 = __ecx;
                                                                                                                                                                                                                                                        				_t21 =  &_a4;
                                                                                                                                                                                                                                                        				_v24 = _t9 ^ _t33;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 0xc)) + 1 <= 1) {
                                                                                                                                                                                                                                                        					_push("job_thread_.IsValid()");
                                                                                                                                                                                                                                                        					E00BC1FF0(_t36, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc", 0x2d3);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(PostQueuedCompletionStatus( *(_t31 + 4), 0, 4,  *_t21) == 0) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *( *_t21) + 4))(1);
                                                                                                                                                                                                                                                        					_t24 =  *_t21;
                                                                                                                                                                                                                                                        					_t32 = 1;
                                                                                                                                                                                                                                                        					if(_t24 != 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t24->Internal + 8))(1);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *_t21 = 0;
                                                                                                                                                                                                                                                        					_t32 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_v28 ^ _t33, _t29);
                                                                                                                                                                                                                                                        				return _t32;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bce4f0
                                                                                                                                                                                                                                                        0x00bce4f9
                                                                                                                                                                                                                                                        0x00bce4ff
                                                                                                                                                                                                                                                        0x00bce504
                                                                                                                                                                                                                                                        0x00bce506
                                                                                                                                                                                                                                                        0x00bce50b
                                                                                                                                                                                                                                                        0x00bce519
                                                                                                                                                                                                                                                        0x00bce51f
                                                                                                                                                                                                                                                        0x00bce52e
                                                                                                                                                                                                                                                        0x00bce535
                                                                                                                                                                                                                                                        0x00bce535
                                                                                                                                                                                                                                                        0x00bce54b
                                                                                                                                                                                                                                                        0x00bce575
                                                                                                                                                                                                                                                        0x00bce578
                                                                                                                                                                                                                                                        0x00bce57a
                                                                                                                                                                                                                                                        0x00bce581
                                                                                                                                                                                                                                                        0x00bce587
                                                                                                                                                                                                                                                        0x00bce587
                                                                                                                                                                                                                                                        0x00bce54d
                                                                                                                                                                                                                                                        0x00bce54d
                                                                                                                                                                                                                                                        0x00bce553
                                                                                                                                                                                                                                                        0x00bce553
                                                                                                                                                                                                                                                        0x00bce55e
                                                                                                                                                                                                                                                        0x00bce56c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000004,?), ref: 00BCE543
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc, xrefs: 00BCE529
                                                                                                                                                                                                                                                        • job_thread_.IsValid(), xrefs: 00BCE51F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??1?$basic_streambuf@CompletionD@std@@@std@@PostQueuedStatusU?$char_traits@
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc$job_thread_.IsValid()
                                                                                                                                                                                                                                                        • API String ID: 2399711458-3255009386
                                                                                                                                                                                                                                                        • Opcode ID: 6acec4094936c90cb865b500b2ee4778d9506614ec9b0954d5ff43174bf00634
                                                                                                                                                                                                                                                        • Instruction ID: 803ee21687cb8fcffee11522c9bafc3644fe8b7a99c4bb9fd20c5b31a1b9600b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6acec4094936c90cb865b500b2ee4778d9506614ec9b0954d5ff43174bf00634
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CC11E1317002009FD7209B68DC96F6A77E5EF84B14F0444ADE62A8B2D1CF71EC05C792
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00BEACA1,\??\,00000004,00000001,?,00BEACA1,00BCFF01), ref: 00BEA2C7
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00000005), ref: 00BEA312
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _wcsnicmp
                                                                                                                                                                                                                                                        • String ID: \??\
                                                                                                                                                                                                                                                        • API String ID: 1886669725-3047946824
                                                                                                                                                                                                                                                        • Opcode ID: 1df7411586f941eaeadf43f144c69e5eff6ecb1e61de6aa05b93921292072673
                                                                                                                                                                                                                                                        • Instruction ID: 180514a2dc542b9d6d373b9a37cf0166b83d421a7a1e2a90762dfad8c9a4b60d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1df7411586f941eaeadf43f144c69e5eff6ecb1e61de6aa05b93921292072673
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9911E570E007049BCB20DF68DC459ABB7F8EF04304F400D6DEA1667240EB30A558CB96
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BD6AD0(intOrPtr __eax, void* __ebx, intOrPtr __ecx, void* __edx, void* __edi, void* __esi, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t19;
                                                                                                                                                                                                                                                        				signed int** _t20;
                                                                                                                                                                                                                                                        				intOrPtr _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t27;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				signed int* _t34;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				intOrPtr* _t40;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t17 = __eax;
                                                                                                                                                                                                                                                        				_t40 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x5c);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_v24 = _t40;
                                                                                                                                                                                                                                                        				_t27 = __eax;
                                                                                                                                                                                                                                                        				_t31 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t41 =  ==  ? __eax : _t40;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t5 = _t17 + 8; // 0x8
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t40;
                                                                                                                                                                                                                                                        				E00BD5A10(_t5, _a4);
                                                                                                                                                                                                                                                        				_t33 = _v20;
                                                                                                                                                                                                                                                        				_t19 =  *((intOrPtr*)(_t33 + 4));
                                                                                                                                                                                                                                                        				if(_t19 == 0x2c8590a) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t20 =  *0xbfb5c0;
                                                                                                                                                                                                                                                        					if(_t20 == 0) {
                                                                                                                                                                                                                                                        						_t21 =  *0xbfb5bc;
                                                                                                                                                                                                                                                        						if( *0xbfb5bc == 0) {
                                                                                                                                                                                                                                                        							return 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_push(0);
                                                                                                                                                                                                                                                        							_t20 = E00BE3CE0(8 +  *_t21 * 4, 0);
                                                                                                                                                                                                                                                        							_t34 =  *0xbfb5bc;
                                                                                                                                                                                                                                                        							 *0xbfb5c0 = _t20;
                                                                                                                                                                                                                                                        							 *_t20 = _t34;
                                                                                                                                                                                                                                                        							if( *_t34 > 0) {
                                                                                                                                                                                                                                                        								_t38 = 0;
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t20 + 4 + _t38 * 4)) = 0;
                                                                                                                                                                                                                                                        									_t38 = _t38 + 1;
                                                                                                                                                                                                                                                        								} while (_t38 <  *_t34);
                                                                                                                                                                                                                                                        								return _t20;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						return _t20;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t25 = _t19 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t33 + 4)) = _t25;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = _t27;
                                                                                                                                                                                                                                                        					 *_v24 = _t27;
                                                                                                                                                                                                                                                        					return _t25;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bd6ad0
                                                                                                                                                                                                                                                        0x00bd6ad9
                                                                                                                                                                                                                                                        0x00bd6ade
                                                                                                                                                                                                                                                        0x00bd6ae1
                                                                                                                                                                                                                                                        0x00bd6ae3
                                                                                                                                                                                                                                                        0x00bd6af2
                                                                                                                                                                                                                                                        0x00bd6af5
                                                                                                                                                                                                                                                        0x00bd6af7
                                                                                                                                                                                                                                                        0x00bd6afa
                                                                                                                                                                                                                                                        0x00bd6afd
                                                                                                                                                                                                                                                        0x00bd6aff
                                                                                                                                                                                                                                                        0x00bd6b02
                                                                                                                                                                                                                                                        0x00bd6b05
                                                                                                                                                                                                                                                        0x00bd6b0a
                                                                                                                                                                                                                                                        0x00bd6b0d
                                                                                                                                                                                                                                                        0x00bd6b15
                                                                                                                                                                                                                                                        0x00bd6b2b
                                                                                                                                                                                                                                                        0x00bd6b30
                                                                                                                                                                                                                                                        0x00bd6b35
                                                                                                                                                                                                                                                        0x00bd6b36
                                                                                                                                                                                                                                                        0x00bd6b37
                                                                                                                                                                                                                                                        0x00bd6b38
                                                                                                                                                                                                                                                        0x00bd6b39
                                                                                                                                                                                                                                                        0x00bd6b3a
                                                                                                                                                                                                                                                        0x00bd6b3b
                                                                                                                                                                                                                                                        0x00bd6b3c
                                                                                                                                                                                                                                                        0x00bd6b3d
                                                                                                                                                                                                                                                        0x00bd6b3e
                                                                                                                                                                                                                                                        0x00bd6b3f
                                                                                                                                                                                                                                                        0x00bd6b43
                                                                                                                                                                                                                                                        0x00bd6b4a
                                                                                                                                                                                                                                                        0x00bd6b4e
                                                                                                                                                                                                                                                        0x00bd6b55
                                                                                                                                                                                                                                                        0x00bd6ba2
                                                                                                                                                                                                                                                        0x00bd6b57
                                                                                                                                                                                                                                                        0x00bd6b60
                                                                                                                                                                                                                                                        0x00bd6b65
                                                                                                                                                                                                                                                        0x00bd6b6d
                                                                                                                                                                                                                                                        0x00bd6b73
                                                                                                                                                                                                                                                        0x00bd6b78
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b7f
                                                                                                                                                                                                                                                        0x00bd6b81
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b98
                                                                                                                                                                                                                                                        0x00bd6b99
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b18
                                                                                                                                                                                                                                                        0x00bd6b1e
                                                                                                                                                                                                                                                        0x00bd6b21
                                                                                                                                                                                                                                                        0x00bd6b2a
                                                                                                                                                                                                                                                        0x00bd6b2a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000005C), ref: 00BD6AE3
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long), ref: 00BD6B30
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: c954d6beecc7593f92b49b0bfda570144601c497877bbf19847343e93e290460
                                                                                                                                                                                                                                                        • Instruction ID: fdba575caccd2247ce3285957d03fd77d643f54ddce82480f60d294213121015
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c954d6beecc7593f92b49b0bfda570144601c497877bbf19847343e93e290460
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8B0181B1A002189FC704EF59C88586AFBF5EF8831075585AAD80D9B311E771AD05CBE1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BD9570(intOrPtr __eax, void* __ecx, intOrPtr __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				intOrPtr _t28;
                                                                                                                                                                                                                                                        				intOrPtr* _t33;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        				intOrPtr _t42;
                                                                                                                                                                                                                                                        				signed int _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				intOrPtr* _t57;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t51 = __edx;
                                                                                                                                                                                                                                                        				_t33 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t61 = _t60 + 4;
                                                                                                                                                                                                                                                        				_t37 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t39 =  ==  ? __eax : _t33;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t33;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 8)) =  *_a4;
                                                                                                                                                                                                                                                        				_t42 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t42 == 0x15555554) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t59 = _t61;
                                                                                                                                                                                                                                                        					_push(_t33);
                                                                                                                                                                                                                                                        					_push(__ecx);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_t24 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        					_t43 = _v16;
                                                                                                                                                                                                                                                        					_v40 = _t24 ^ _t61;
                                                                                                                                                                                                                                                        					if(_t43 <= 0x3f) {
                                                                                                                                                                                                                                                        						_t51 =  *0xbfb688;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t51 + _t43 * 4)) == 0) {
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t28 =  *0xbfb688;
                                                                                                                                                                                                                                                        							_t46 =  *((intOrPtr*)(_t51 + _t43 * 4));
                                                                                                                                                                                                                                                        							_t51 =  *((intOrPtr*)(_t51 + 0x100));
                                                                                                                                                                                                                                                        							_t34 = 0;
                                                                                                                                                                                                                                                        							if(_t46 <= _t51 &&  *0xbfb684 >= _t51) {
                                                                                                                                                                                                                                                        								_t53 = _a4;
                                                                                                                                                                                                                                                        								_t51 =  *_t53;
                                                                                                                                                                                                                                                        								if(_t51 == 0) {
                                                                                                                                                                                                                                                        									L13:
                                                                                                                                                                                                                                                        									_v28 = _t28 + _t46;
                                                                                                                                                                                                                                                        									E00BD81D0( &_v36, 0, 1);
                                                                                                                                                                                                                                                        									if(E00BD81E0( &_v36, _t51, 4, _t53 + 4,  *_t53) != 1) {
                                                                                                                                                                                                                                                        										goto L4;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t34 = _t34 & 0xffffff00 | E00BD1C50( &_v36) == 0x00000003;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t57 = _t53 + 4;
                                                                                                                                                                                                                                                        									asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        									while( *_t57 != 0) {
                                                                                                                                                                                                                                                        										_t57 = _t57 + 8;
                                                                                                                                                                                                                                                        										_t51 = _t51 - 1;
                                                                                                                                                                                                                                                        										if(_t51 != 0) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L13;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L5;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t34 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					E00BEECB0(_v24 ^ _t59, _t51);
                                                                                                                                                                                                                                                        					return _t34;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t42 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t33 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bd9570
                                                                                                                                                                                                                                                        0x00bd9576
                                                                                                                                                                                                                                                        0x00bd957d
                                                                                                                                                                                                                                                        0x00bd957f
                                                                                                                                                                                                                                                        0x00bd9584
                                                                                                                                                                                                                                                        0x00bd958b
                                                                                                                                                                                                                                                        0x00bd958e
                                                                                                                                                                                                                                                        0x00bd9592
                                                                                                                                                                                                                                                        0x00bd9595
                                                                                                                                                                                                                                                        0x00bd959d
                                                                                                                                                                                                                                                        0x00bd95a0
                                                                                                                                                                                                                                                        0x00bd95a9
                                                                                                                                                                                                                                                        0x00bd95b9
                                                                                                                                                                                                                                                        0x00bd95be
                                                                                                                                                                                                                                                        0x00bd95c3
                                                                                                                                                                                                                                                        0x00bd95c4
                                                                                                                                                                                                                                                        0x00bd95c5
                                                                                                                                                                                                                                                        0x00bd95c6
                                                                                                                                                                                                                                                        0x00bd95c7
                                                                                                                                                                                                                                                        0x00bd95c8
                                                                                                                                                                                                                                                        0x00bd95c9
                                                                                                                                                                                                                                                        0x00bd95ca
                                                                                                                                                                                                                                                        0x00bd95cb
                                                                                                                                                                                                                                                        0x00bd95cc
                                                                                                                                                                                                                                                        0x00bd95cd
                                                                                                                                                                                                                                                        0x00bd95ce
                                                                                                                                                                                                                                                        0x00bd95cf
                                                                                                                                                                                                                                                        0x00bd95d1
                                                                                                                                                                                                                                                        0x00bd95d3
                                                                                                                                                                                                                                                        0x00bd95d4
                                                                                                                                                                                                                                                        0x00bd95d5
                                                                                                                                                                                                                                                        0x00bd95d9
                                                                                                                                                                                                                                                        0x00bd95de
                                                                                                                                                                                                                                                        0x00bd95e6
                                                                                                                                                                                                                                                        0x00bd95e9
                                                                                                                                                                                                                                                        0x00bd9601
                                                                                                                                                                                                                                                        0x00bd960b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd960d
                                                                                                                                                                                                                                                        0x00bd960d
                                                                                                                                                                                                                                                        0x00bd9612
                                                                                                                                                                                                                                                        0x00bd9615
                                                                                                                                                                                                                                                        0x00bd961b
                                                                                                                                                                                                                                                        0x00bd961f
                                                                                                                                                                                                                                                        0x00bd9629
                                                                                                                                                                                                                                                        0x00bd962c
                                                                                                                                                                                                                                                        0x00bd9630
                                                                                                                                                                                                                                                        0x00bd964b
                                                                                                                                                                                                                                                        0x00bd9650
                                                                                                                                                                                                                                                        0x00bd9659
                                                                                                                                                                                                                                                        0x00bd9670
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9676
                                                                                                                                                                                                                                                        0x00bd9681
                                                                                                                                                                                                                                                        0x00bd9681
                                                                                                                                                                                                                                                        0x00bd9632
                                                                                                                                                                                                                                                        0x00bd9632
                                                                                                                                                                                                                                                        0x00bd9635
                                                                                                                                                                                                                                                        0x00bd9640
                                                                                                                                                                                                                                                        0x00bd9645
                                                                                                                                                                                                                                                        0x00bd9648
                                                                                                                                                                                                                                                        0x00bd9649
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9649
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9640
                                                                                                                                                                                                                                                        0x00bd9630
                                                                                                                                                                                                                                                        0x00bd961f
                                                                                                                                                                                                                                                        0x00bd95eb
                                                                                                                                                                                                                                                        0x00bd95eb
                                                                                                                                                                                                                                                        0x00bd95eb
                                                                                                                                                                                                                                                        0x00bd95eb
                                                                                                                                                                                                                                                        0x00bd95ed
                                                                                                                                                                                                                                                        0x00bd95f2
                                                                                                                                                                                                                                                        0x00bd9600
                                                                                                                                                                                                                                                        0x00bd95ab
                                                                                                                                                                                                                                                        0x00bd95ac
                                                                                                                                                                                                                                                        0x00bd95af
                                                                                                                                                                                                                                                        0x00bd95b2
                                                                                                                                                                                                                                                        0x00bd95b8
                                                                                                                                                                                                                                                        0x00bd95b8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000000C,?,?,00000000,?,00BE579D,00000000,?,?,?,00000000), ref: 00BD957F
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,00000000,?,?,?,00000000), ref: 00BD95BE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 0ebaca812ac7b0b8e12648c6e63a14f292ffdfa483d2386f65f1e8b521d461aa
                                                                                                                                                                                                                                                        • Instruction ID: dd57f4bcb6e94eb0d9c446aad25d0c3b8e97b3c3c9036dff5e1f22ef0369ecbc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0ebaca812ac7b0b8e12648c6e63a14f292ffdfa483d2386f65f1e8b521d461aa
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 01F0BEB1604604AFD70CDF1CE495A25BBE6EB8871471181BEE90EC7762DB71AC00CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 67%
                                                                                                                                                                                                                                                        			E00BD9080(intOrPtr __eax, void* __ecx, intOrPtr* __edx, void* _a4) {
                                                                                                                                                                                                                                                        				intOrPtr* _v0;
                                                                                                                                                                                                                                                        				intOrPtr* _v16;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr* _t31;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				intOrPtr* _t35;
                                                                                                                                                                                                                                                        				char _t38;
                                                                                                                                                                                                                                                        				intOrPtr _t40;
                                                                                                                                                                                                                                                        				intOrPtr* _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				intOrPtr* _t51;
                                                                                                                                                                                                                                                        				intOrPtr _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr* _t61;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t41 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0x10);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t65 = _t64 + 4;
                                                                                                                                                                                                                                                        				_t47 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t49 =  ==  ? __eax : _t41;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t41;
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ecx]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x8], xmm0");
                                                                                                                                                                                                                                                        				_t51 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t51 == 0xffffffe) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t41);
                                                                                                                                                                                                                                                        					_push(__ecx);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_push(__eax);
                                                                                                                                                                                                                                                        					_t59 =  *_t51;
                                                                                                                                                                                                                                                        					_t61 = __edx;
                                                                                                                                                                                                                                                        					_t31 = _v16;
                                                                                                                                                                                                                                                        					_v40 = _t51;
                                                                                                                                                                                                                                                        					_t56 =  *((intOrPtr*)(_t59 + 4));
                                                                                                                                                                                                                                                        					if( *((char*)(_t56 + 0xd)) != 0) {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_push(0x1c);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t42 = _t31;
                                                                                                                                                                                                                                                        						_t33 =  *_v24;
                                                                                                                                                                                                                                                        						 *_t42 = _t33;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 4)) = _t33;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 8)) = _t33;
                                                                                                                                                                                                                                                        						 *((short*)(_t42 + 0xc)) = 0;
                                                                                                                                                                                                                                                        						_t35 =  *_v0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x10)) = _t35;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x18)) = 0;
                                                                                                                                                                                                                                                        						_push(0xc);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						 *_t35 = _t35;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t35 + 4)) = _t35;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x14)) = _t35;
                                                                                                                                                                                                                                                        						_t29 = _t42 + 0x10; // 0x10
                                                                                                                                                                                                                                                        						E00BD9190(_v24, _t61, _t59, _t29, _t42);
                                                                                                                                                                                                                                                        						_t65 = _t65 + 0x14;
                                                                                                                                                                                                                                                        						_t38 = 1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t53 =  *_t31;
                                                                                                                                                                                                                                                        						_t40 = _t59;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t40 =  >=  ? _t56 : _t40;
                                                                                                                                                                                                                                                        							_t56 =  *((intOrPtr*)(_t56 + (0 |  *((intOrPtr*)(_t56 + 0x10)) - _t53 < 0x00000000) * 8));
                                                                                                                                                                                                                                                        						} while ( *((char*)(_t56 + 0xd)) == 0);
                                                                                                                                                                                                                                                        						if(_t40 == _t59) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(_t53 <  *((intOrPtr*)(_t40 + 0x10))) {
                                                                                                                                                                                                                                                        								_t59 = _t40;
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *__edx = _t40;
                                                                                                                                                                                                                                                        								_t38 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *((char*)(_t61 + 4)) = _t38;
                                                                                                                                                                                                                                                        					return _t61;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t51 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t41 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bd9086
                                                                                                                                                                                                                                                        0x00bd908d
                                                                                                                                                                                                                                                        0x00bd908f
                                                                                                                                                                                                                                                        0x00bd9094
                                                                                                                                                                                                                                                        0x00bd909b
                                                                                                                                                                                                                                                        0x00bd909e
                                                                                                                                                                                                                                                        0x00bd90a2
                                                                                                                                                                                                                                                        0x00bd90a5
                                                                                                                                                                                                                                                        0x00bd90ab
                                                                                                                                                                                                                                                        0x00bd90af
                                                                                                                                                                                                                                                        0x00bd90b4
                                                                                                                                                                                                                                                        0x00bd90bd
                                                                                                                                                                                                                                                        0x00bd90cd
                                                                                                                                                                                                                                                        0x00bd90d2
                                                                                                                                                                                                                                                        0x00bd90d7
                                                                                                                                                                                                                                                        0x00bd90d8
                                                                                                                                                                                                                                                        0x00bd90d9
                                                                                                                                                                                                                                                        0x00bd90da
                                                                                                                                                                                                                                                        0x00bd90db
                                                                                                                                                                                                                                                        0x00bd90dc
                                                                                                                                                                                                                                                        0x00bd90dd
                                                                                                                                                                                                                                                        0x00bd90de
                                                                                                                                                                                                                                                        0x00bd90df
                                                                                                                                                                                                                                                        0x00bd90e3
                                                                                                                                                                                                                                                        0x00bd90e4
                                                                                                                                                                                                                                                        0x00bd90e5
                                                                                                                                                                                                                                                        0x00bd90e6
                                                                                                                                                                                                                                                        0x00bd90e7
                                                                                                                                                                                                                                                        0x00bd90e9
                                                                                                                                                                                                                                                        0x00bd90eb
                                                                                                                                                                                                                                                        0x00bd90ee
                                                                                                                                                                                                                                                        0x00bd90f1
                                                                                                                                                                                                                                                        0x00bd90f8
                                                                                                                                                                                                                                                        0x00bd9130
                                                                                                                                                                                                                                                        0x00bd9130
                                                                                                                                                                                                                                                        0x00bd9132
                                                                                                                                                                                                                                                        0x00bd913a
                                                                                                                                                                                                                                                        0x00bd913f
                                                                                                                                                                                                                                                        0x00bd9141
                                                                                                                                                                                                                                                        0x00bd9143
                                                                                                                                                                                                                                                        0x00bd9146
                                                                                                                                                                                                                                                        0x00bd914c
                                                                                                                                                                                                                                                        0x00bd9152
                                                                                                                                                                                                                                                        0x00bd9154
                                                                                                                                                                                                                                                        0x00bd9157
                                                                                                                                                                                                                                                        0x00bd915e
                                                                                                                                                                                                                                                        0x00bd9160
                                                                                                                                                                                                                                                        0x00bd916b
                                                                                                                                                                                                                                                        0x00bd916d
                                                                                                                                                                                                                                                        0x00bd9170
                                                                                                                                                                                                                                                        0x00bd9176
                                                                                                                                                                                                                                                        0x00bd917b
                                                                                                                                                                                                                                                        0x00bd9180
                                                                                                                                                                                                                                                        0x00bd9183
                                                                                                                                                                                                                                                        0x00bd90fa
                                                                                                                                                                                                                                                        0x00bd90fa
                                                                                                                                                                                                                                                        0x00bd90fc
                                                                                                                                                                                                                                                        0x00bd9100
                                                                                                                                                                                                                                                        0x00bd9108
                                                                                                                                                                                                                                                        0x00bd910b
                                                                                                                                                                                                                                                        0x00bd910e
                                                                                                                                                                                                                                                        0x00bd9116
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9118
                                                                                                                                                                                                                                                        0x00bd911b
                                                                                                                                                                                                                                                        0x00bd912e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd911d
                                                                                                                                                                                                                                                        0x00bd911d
                                                                                                                                                                                                                                                        0x00bd911f
                                                                                                                                                                                                                                                        0x00bd911f
                                                                                                                                                                                                                                                        0x00bd911b
                                                                                                                                                                                                                                                        0x00bd9116
                                                                                                                                                                                                                                                        0x00bd9121
                                                                                                                                                                                                                                                        0x00bd912d
                                                                                                                                                                                                                                                        0x00bd90bf
                                                                                                                                                                                                                                                        0x00bd90c0
                                                                                                                                                                                                                                                        0x00bd90c3
                                                                                                                                                                                                                                                        0x00bd90c6
                                                                                                                                                                                                                                                        0x00bd90cc
                                                                                                                                                                                                                                                        0x00bd90cc

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000010,?,00000003,00000000,?,00BD83EA,?,?,00000003,00000003,00000003), ref: 00BD908F
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?,?,00000003,00000003,00000003), ref: 00BD90D2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: a1cc017f8ffb0ee318e781e5b5e6704ffdefb9a80a05af161caaf644cc2577a8
                                                                                                                                                                                                                                                        • Instruction ID: e19c1fb6ba6f84d0a22b2741b61d6bd75c80477e488237db56feea336a7a35c4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a1cc017f8ffb0ee318e781e5b5e6704ffdefb9a80a05af161caaf644cc2577a8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FBF0B4B1600A086FCB0CDF29D495925F7E9FF8971071182BEE91E87362E7709C00C790
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BE70E0(intOrPtr __eax, void* __ebx, void* __ecx, void* __edx, void* __edi, void* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				intOrPtr* _t30;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t41 = _a4;
                                                                                                                                                                                                                                                        				_t34 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t36 =  ==  ? __eax : _t30;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t30;
                                                                                                                                                                                                                                                        				 *_t41 = 0;
                                                                                                                                                                                                                                                        				 *(__eax + 8) =  *_t41;
                                                                                                                                                                                                                                                        				_t38 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        				if(_t38 == 0x15555554) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					 *(_t38 + 4) = 0;
                                                                                                                                                                                                                                                        					 *_t38 = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0xc) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 8) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x14) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x10) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x1c) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x18) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x24) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x20) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x2c) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x28) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x34) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x30) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x3c) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x38) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x40) = 0;
                                                                                                                                                                                                                                                        					CopySid(0x44, _t38, _v16);
                                                                                                                                                                                                                                                        					return _t38;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *(__ecx + 4) = _t38 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t30 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00be70e6
                                                                                                                                                                                                                                                        0x00be70ed
                                                                                                                                                                                                                                                        0x00be70ef
                                                                                                                                                                                                                                                        0x00be70fb
                                                                                                                                                                                                                                                        0x00be70fe
                                                                                                                                                                                                                                                        0x00be7101
                                                                                                                                                                                                                                                        0x00be7105
                                                                                                                                                                                                                                                        0x00be7108
                                                                                                                                                                                                                                                        0x00be710d
                                                                                                                                                                                                                                                        0x00be7113
                                                                                                                                                                                                                                                        0x00be7116
                                                                                                                                                                                                                                                        0x00be711f
                                                                                                                                                                                                                                                        0x00be712f
                                                                                                                                                                                                                                                        0x00be7134
                                                                                                                                                                                                                                                        0x00be7139
                                                                                                                                                                                                                                                        0x00be713a
                                                                                                                                                                                                                                                        0x00be713b
                                                                                                                                                                                                                                                        0x00be713c
                                                                                                                                                                                                                                                        0x00be713d
                                                                                                                                                                                                                                                        0x00be713e
                                                                                                                                                                                                                                                        0x00be713f
                                                                                                                                                                                                                                                        0x00be7143
                                                                                                                                                                                                                                                        0x00be7149
                                                                                                                                                                                                                                                        0x00be7150
                                                                                                                                                                                                                                                        0x00be7156
                                                                                                                                                                                                                                                        0x00be715d
                                                                                                                                                                                                                                                        0x00be7164
                                                                                                                                                                                                                                                        0x00be716b
                                                                                                                                                                                                                                                        0x00be7172
                                                                                                                                                                                                                                                        0x00be7179
                                                                                                                                                                                                                                                        0x00be7180
                                                                                                                                                                                                                                                        0x00be7187
                                                                                                                                                                                                                                                        0x00be718e
                                                                                                                                                                                                                                                        0x00be7195
                                                                                                                                                                                                                                                        0x00be719c
                                                                                                                                                                                                                                                        0x00be71a3
                                                                                                                                                                                                                                                        0x00be71aa
                                                                                                                                                                                                                                                        0x00be71b1
                                                                                                                                                                                                                                                        0x00be71b8
                                                                                                                                                                                                                                                        0x00be71c3
                                                                                                                                                                                                                                                        0x00be71cd
                                                                                                                                                                                                                                                        0x00be7121
                                                                                                                                                                                                                                                        0x00be7122
                                                                                                                                                                                                                                                        0x00be7125
                                                                                                                                                                                                                                                        0x00be7128
                                                                                                                                                                                                                                                        0x00be712e
                                                                                                                                                                                                                                                        0x00be712e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000000C,?,00000000,00000000,?,00BE6BCA,00000400,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000), ref: 00BE70EF
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,00000400,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE7134
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 7cee21695a9daaa36c8d7d9e389c30c4f75d6b66a411161637c19dd209291406
                                                                                                                                                                                                                                                        • Instruction ID: b74490a0b7ea5e8c3dc30e195f66e7268c78bf56f227585d8c930df94f610a35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7cee21695a9daaa36c8d7d9e389c30c4f75d6b66a411161637c19dd209291406
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4AF090B1604204AFD70C9F1DD495A25BBEAEB89310B5181BEE50DCB751D7709C00CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BEB3D0(CHAR* _a4, _Unknown_base(*)()** _a8) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t11;
                                                                                                                                                                                                                                                        				CHAR* _t14;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t15;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()** _t23;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_v12 = _t8 ^ _t24;
                                                                                                                                                                                                                                                        				if( *0xbfb6d8 == 0) {
                                                                                                                                                                                                                                                        					_t11 = GetModuleHandleW(L"ntdll.dll");
                                                                                                                                                                                                                                                        					_v20 = 0xbf0f50;
                                                                                                                                                                                                                                                        					_v16 = _t11;
                                                                                                                                                                                                                                                        					if(E00BCAB00( &_v20) == 0) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("lock cmpxchg [0xbfb6d8], esi");
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t23 = _a8;
                                                                                                                                                                                                                                                        				_t14 = _a4;
                                                                                                                                                                                                                                                        				if( *0xbfb6d8 == 0) {
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t15 = GetProcAddress( *0xbfb6d8, _t14);
                                                                                                                                                                                                                                                        				 *_t23 = _t15;
                                                                                                                                                                                                                                                        				if(_t15 == 0) {
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v12 ^ _t24, _t21);
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00beb3d7
                                                                                                                                                                                                                                                        0x00beb3de
                                                                                                                                                                                                                                                        0x00beb3e8
                                                                                                                                                                                                                                                        0x00beb424
                                                                                                                                                                                                                                                        0x00beb42d
                                                                                                                                                                                                                                                        0x00beb436
                                                                                                                                                                                                                                                        0x00beb440
                                                                                                                                                                                                                                                        0x00beb442
                                                                                                                                                                                                                                                        0x00beb442
                                                                                                                                                                                                                                                        0x00beb445
                                                                                                                                                                                                                                                        0x00beb445
                                                                                                                                                                                                                                                        0x00beb3f0
                                                                                                                                                                                                                                                        0x00beb3f3
                                                                                                                                                                                                                                                        0x00beb3f8
                                                                                                                                                                                                                                                        0x00beb3fa
                                                                                                                                                                                                                                                        0x00beb3fa
                                                                                                                                                                                                                                                        0x00beb402
                                                                                                                                                                                                                                                        0x00beb40a
                                                                                                                                                                                                                                                        0x00beb40c
                                                                                                                                                                                                                                                        0x00beb40e
                                                                                                                                                                                                                                                        0x00beb40e
                                                                                                                                                                                                                                                        0x00beb41e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,00BE3B27,NtQueryObject,00BFB690), ref: 00BEB424
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-2227199552
                                                                                                                                                                                                                                                        • Opcode ID: 5dbed903086869f8bcdcb7c0ac2eabb7eb93b9eea4708b95a80c3253dfb1327d
                                                                                                                                                                                                                                                        • Instruction ID: a6b23f14a9526e1d189f908dce8f3a19ba6f62b0c7eb4f92c289a725c01b5e99
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5dbed903086869f8bcdcb7c0ac2eabb7eb93b9eea4708b95a80c3253dfb1327d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 71012874A00218AB8B14EF76EC59EBAB7F4EF08314B1048A9EA59D7351EF309944DB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BC5EC0(void* __edx, intOrPtr _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v8;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _t6;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				void* _t15;
                                                                                                                                                                                                                                                        				signed int _t17;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t15 = __edx;
                                                                                                                                                                                                                                                        				_t20 = (_t18 & 0xfffffff8) - 0xc0;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x4dd80977
                                                                                                                                                                                                                                                        				_t6 = _a8;
                                                                                                                                                                                                                                                        				_v16 = _t9 ^ _t17;
                                                                                                                                                                                                                                                        				if(_t6 != 0) {
                                                                                                                                                                                                                                                        					_push(_t6);
                                                                                                                                                                                                                                                        					_push(_a4);
                                                                                                                                                                                                                                                        					L00BEF6EA();
                                                                                                                                                                                                                                                        					if(_t6 == 0) {
                                                                                                                                                                                                                                                        						_push("success");
                                                                                                                                                                                                                                                        						E00BC1FF0(_t20, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/rand_util_win.cc", 0x20);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_v16 ^ _t17, _t15);
                                                                                                                                                                                                                                                        			}











                                                                                                                                                                                                                                                        0x00bc5ec0
                                                                                                                                                                                                                                                        0x00bc5ec7
                                                                                                                                                                                                                                                        0x00bc5ecd
                                                                                                                                                                                                                                                        0x00bc5ed3
                                                                                                                                                                                                                                                        0x00bc5eda
                                                                                                                                                                                                                                                        0x00bc5ee1
                                                                                                                                                                                                                                                        0x00bc5ee3
                                                                                                                                                                                                                                                        0x00bc5ee4
                                                                                                                                                                                                                                                        0x00bc5ee7
                                                                                                                                                                                                                                                        0x00bc5eee
                                                                                                                                                                                                                                                        0x00bc5ef4
                                                                                                                                                                                                                                                        0x00bc5f00
                                                                                                                                                                                                                                                        0x00bc5f07
                                                                                                                                                                                                                                                        0x00bc5f07
                                                                                                                                                                                                                                                        0x00bc5eee
                                                                                                                                                                                                                                                        0x00bc5f1f

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SystemFunction036.ADVAPI32(?,?), ref: 00BC5EE7
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/rand_util_win.cc, xrefs: 00BC5EFB
                                                                                                                                                                                                                                                        • success, xrefs: 00BC5EF4
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??1?$basic_streambuf@D@std@@@std@@Function036SystemU?$char_traits@
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/rand_util_win.cc$success
                                                                                                                                                                                                                                                        • API String ID: 1824317916-2842429395
                                                                                                                                                                                                                                                        • Opcode ID: 673b10c960358f92f21ce4a87e44b0b886fb6dbe05bec2f117a0515f12682cec
                                                                                                                                                                                                                                                        • Instruction ID: 2ed28f7f7f06d7297bc169d95a22dc2b2c498dbf613923591638ff878b710ad4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 673b10c960358f92f21ce4a87e44b0b886fb6dbe05bec2f117a0515f12682cec
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DDF0A7706007049BCA34BB649823FBE7BD9DF48760F0005ADF859572D2DF216908C3D6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE000(intOrPtr* __ecx) {
                                                                                                                                                                                                                                                        				long _t8;
                                                                                                                                                                                                                                                        				signed short _t9;
                                                                                                                                                                                                                                                        				char* _t15;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t15 = __ecx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx)) = 1;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0x10)) = 0;
                                                                                                                                                                                                                                                        				_t8 = GetModuleFileNameW(0, __ecx + 0x14, 0x209);
                                                                                                                                                                                                                                                        				if(_t8 == 0x209 || _t8 == 0) {
                                                                                                                                                                                                                                                        					_t9 = GetLastError();
                                                                                                                                                                                                                                                        					 *((char*)(_t15 + 0x10)) = 1;
                                                                                                                                                                                                                                                        					 *(_t15 + 4) = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t15 + 8)) = 0x29;
                                                                                                                                                                                                                                                        					_t14 =  <=  ? _t9 : _t9 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t15 + 0xc)) =  <=  ? _t9 : _t9 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t15;
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00bbe004
                                                                                                                                                                                                                                                        0x00bbe009
                                                                                                                                                                                                                                                        0x00bbe00f
                                                                                                                                                                                                                                                        0x00bbe01b
                                                                                                                                                                                                                                                        0x00bbe026
                                                                                                                                                                                                                                                        0x00bbe031
                                                                                                                                                                                                                                                        0x00bbe03a
                                                                                                                                                                                                                                                        0x00bbe03e
                                                                                                                                                                                                                                                        0x00bbe045
                                                                                                                                                                                                                                                        0x00bbe054
                                                                                                                                                                                                                                                        0x00bbe057
                                                                                                                                                                                                                                                        0x00bbe057
                                                                                                                                                                                                                                                        0x00bbe030

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,?,00000209,00000000,?,00BB414F), ref: 00BBE01B
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00BB414F), ref: 00BBE031
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h, xrefs: 00BBE03E
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorFileLastModuleName
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h
                                                                                                                                                                                                                                                        • API String ID: 2776309574-603462826
                                                                                                                                                                                                                                                        • Opcode ID: 4f60984b91f5d261f2b79fa8ffe6016e28347934db2d6404eec417a323386bee
                                                                                                                                                                                                                                                        • Instruction ID: abbb228b255eefa9c4e042b2f35a3cd0619c43815b5c682713061ad0dda071be
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4f60984b91f5d261f2b79fa8ffe6016e28347934db2d6404eec417a323386bee
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ECF082701043009FE3145B25CC097B27AD8EF04359F6084AED96BCB6A2DBFAE44587A4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                                                                                                                        			E00BCCB00(intOrPtr* __ecx, intOrPtr _a4, void* _a8) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t65;
                                                                                                                                                                                                                                                        				intOrPtr _t66;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t78;
                                                                                                                                                                                                                                                        				void* _t81;
                                                                                                                                                                                                                                                        				void* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				intOrPtr* _t107;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				intOrPtr _t109;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __ecx;
                                                                                                                                                                                                                                                        				_t41 =  *__ecx;
                                                                                                                                                                                                                                                        				_t105 = _a4 - _t41;
                                                                                                                                                                                                                                                        				_t99 = 1 + ( *((intOrPtr*)(__ecx + 4)) - _t41 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        				_v28 = (_t105 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        				_t45 = ( *((intOrPtr*)(__ecx + 8)) - _t41 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        				_v40 = _t99;
                                                                                                                                                                                                                                                        				_t94 = (( *((intOrPtr*)(__ecx + 8)) - _t41 >> 2) * 0xf0f0f0f1 >> 1) + _t45;
                                                                                                                                                                                                                                                        				_t95 =  <  ? _t99 : _t94;
                                                                                                                                                                                                                                                        				_t96 =  >  ? _t99 :  <  ? _t99 : _t94;
                                                                                                                                                                                                                                                        				_t100 = _a8;
                                                                                                                                                                                                                                                        				_v36 =  >  ? _t99 :  <  ? _t99 : _t94;
                                                                                                                                                                                                                                                        				_t46 = E00BCCC60( >  ? _t99 :  <  ? _t99 : _t94);
                                                                                                                                                                                                                                                        				_v24 = _t46;
                                                                                                                                                                                                                                                        				memcpy(_t105 + _t46, _a8, 0x44);
                                                                                                                                                                                                                                                        				_t78 = _a4;
                                                                                                                                                                                                                                                        				_t111 = _t110 + 0xc;
                                                                                                                                                                                                                                                        				_v32 = _t65;
                                                                                                                                                                                                                                                        				_t66 =  *((intOrPtr*)(_t65 + 4));
                                                                                                                                                                                                                                                        				_v20 =  *_t65;
                                                                                                                                                                                                                                                        				if(_t66 == _t78) {
                                                                                                                                                                                                                                                        					if(_v20 != _t78) {
                                                                                                                                                                                                                                                        						_t81 = _t78 - _v20;
                                                                                                                                                                                                                                                        						_t101 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t67 = _t81;
                                                                                                                                                                                                                                                        							memcpy(_v24 + _t101, _v20 + _t101, 0x44);
                                                                                                                                                                                                                                                        							_t81 = _t67;
                                                                                                                                                                                                                                                        							_t111 = _t111 + 0xc;
                                                                                                                                                                                                                                                        							_t101 = _t101 + 0x44;
                                                                                                                                                                                                                                                        						} while (_t67 != _t101);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(_v20 != _t78) {
                                                                                                                                                                                                                                                        						_t109 = _v24;
                                                                                                                                                                                                                                                        						_t103 = 0;
                                                                                                                                                                                                                                                        						_t70 = _t78 - _v20;
                                                                                                                                                                                                                                                        						asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							memcpy(_t109 + _t103, _v20 + _t103, 0x44);
                                                                                                                                                                                                                                                        							_t111 = _t111 + 0xc;
                                                                                                                                                                                                                                                        							_t103 = _t103 + 0x44;
                                                                                                                                                                                                                                                        						} while (_t70 != _t103);
                                                                                                                                                                                                                                                        						_t78 = _a4;
                                                                                                                                                                                                                                                        						_t66 =  *((intOrPtr*)(_v32 + 4));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t68 = _t66 - _t78;
                                                                                                                                                                                                                                                        					if(_t68 != 0) {
                                                                                                                                                                                                                                                        						_t84 = _v28;
                                                                                                                                                                                                                                                        						_t102 = 0;
                                                                                                                                                                                                                                                        						_t108 = _v24 + (_v28 << 6) + _t84 * 4 + 0x44;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							memcpy(_t108 + _t102, _a4 + _t102, 0x44);
                                                                                                                                                                                                                                                        							_t111 = _t111 + 0xc;
                                                                                                                                                                                                                                                        							_t102 = _t102 + 0x44;
                                                                                                                                                                                                                                                        						} while (_t68 != _t102);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t107 = _v32;
                                                                                                                                                                                                                                                        				E00BCCCC0(_t107, _t100, _v24, _v40, _v36);
                                                                                                                                                                                                                                                        				return (_v28 << 6) + _v28 * 4 +  *_t107;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bccb09
                                                                                                                                                                                                                                                        0x00bccb0b
                                                                                                                                                                                                                                                        0x00bccb16
                                                                                                                                                                                                                                                        0x00bccb38
                                                                                                                                                                                                                                                        0x00bccb39
                                                                                                                                                                                                                                                        0x00bccb3c
                                                                                                                                                                                                                                                        0x00bccb42
                                                                                                                                                                                                                                                        0x00bccb4b
                                                                                                                                                                                                                                                        0x00bccb4f
                                                                                                                                                                                                                                                        0x00bccb56
                                                                                                                                                                                                                                                        0x00bccb59
                                                                                                                                                                                                                                                        0x00bccb5c
                                                                                                                                                                                                                                                        0x00bccb60
                                                                                                                                                                                                                                                        0x00bccb65
                                                                                                                                                                                                                                                        0x00bccb6e
                                                                                                                                                                                                                                                        0x00bccb73
                                                                                                                                                                                                                                                        0x00bccb76
                                                                                                                                                                                                                                                        0x00bccb7b
                                                                                                                                                                                                                                                        0x00bccb7e
                                                                                                                                                                                                                                                        0x00bccb83
                                                                                                                                                                                                                                                        0x00bccb86
                                                                                                                                                                                                                                                        0x00bccc00
                                                                                                                                                                                                                                                        0x00bccc02
                                                                                                                                                                                                                                                        0x00bccc05
                                                                                                                                                                                                                                                        0x00bccc07
                                                                                                                                                                                                                                                        0x00bccc10
                                                                                                                                                                                                                                                        0x00bccc10
                                                                                                                                                                                                                                                        0x00bccc21
                                                                                                                                                                                                                                                        0x00bccc26
                                                                                                                                                                                                                                                        0x00bccc28
                                                                                                                                                                                                                                                        0x00bccc2b
                                                                                                                                                                                                                                                        0x00bccc2e
                                                                                                                                                                                                                                                        0x00bccc10
                                                                                                                                                                                                                                                        0x00bccb88
                                                                                                                                                                                                                                                        0x00bccb8b
                                                                                                                                                                                                                                                        0x00bccb8f
                                                                                                                                                                                                                                                        0x00bccb92
                                                                                                                                                                                                                                                        0x00bccb94
                                                                                                                                                                                                                                                        0x00bccb97
                                                                                                                                                                                                                                                        0x00bccba0
                                                                                                                                                                                                                                                        0x00bccbac
                                                                                                                                                                                                                                                        0x00bccbb1
                                                                                                                                                                                                                                                        0x00bccbb4
                                                                                                                                                                                                                                                        0x00bccbb7
                                                                                                                                                                                                                                                        0x00bccbbe
                                                                                                                                                                                                                                                        0x00bccbc1
                                                                                                                                                                                                                                                        0x00bccbc1
                                                                                                                                                                                                                                                        0x00bccbc4
                                                                                                                                                                                                                                                        0x00bccbc6
                                                                                                                                                                                                                                                        0x00bccbc8
                                                                                                                                                                                                                                                        0x00bccbce
                                                                                                                                                                                                                                                        0x00bccbd8
                                                                                                                                                                                                                                                        0x00bccbe0
                                                                                                                                                                                                                                                        0x00bccbec
                                                                                                                                                                                                                                                        0x00bccbf1
                                                                                                                                                                                                                                                        0x00bccbf4
                                                                                                                                                                                                                                                        0x00bccbf7
                                                                                                                                                                                                                                                        0x00bccbfb
                                                                                                                                                                                                                                                        0x00bccbc6
                                                                                                                                                                                                                                                        0x00bccc32
                                                                                                                                                                                                                                                        0x00bccc40
                                                                                                                                                                                                                                                        0x00bccc59

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BCCC60: ??2@YAPAXI@Z.MOZGLUE(?,?,00BCF3C0,?,?,-00000010,?,00BCE1D4,00000000,00BCC606,00000000,?,?,?,00BE5D82,00BCC606), ref: 00BCCC8A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000044,00000000,?,?,?), ref: 00BCCB6E
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000044,?,?,00000000,?,?,?), ref: 00BCCBAC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,00000044,?,?,00000000,?,?,?), ref: 00BCCBEC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00000044,?,?,00000000,?,?,?), ref: 00BCCC21
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000008.00000002.282492612.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282488349.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282524733.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282531959.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000008.00000002.282537979.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_8_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??2@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3700833809-0
                                                                                                                                                                                                                                                        • Opcode ID: 1e335bec47dc170356b994b58b059aef33008274643da625be5eeb6c8dce9745
                                                                                                                                                                                                                                                        • Instruction ID: 20a533614a531aec6c7d148d6e388dafe7a8b1233119e683a149ea0146f5d75a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1e335bec47dc170356b994b58b059aef33008274643da625be5eeb6c8dce9745
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95417271B001099FCF14DFA8C895EBEBBB6EFD4350F19416DE909AB341D630AE45CA90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000009.00000003.297384756.000000001FEC0000.00000020.00000001.sdmp, Offset: 1FEC0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_9_3_1fec0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: e5facdd0e781a1d68cfe35f4031f6c0ee181e5c4717b23cab98c297a57a51709
                                                                                                                                                                                                                                                        • Instruction ID: 5f1d65dfc01e63d994a383433f1292060f611a8d61d8d97045786dafb1b595ba
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e5facdd0e781a1d68cfe35f4031f6c0ee181e5c4717b23cab98c297a57a51709
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E11127B1A1C3806FD3085A287D46EA63BE8C789334F10472EF958C72D2E67129058367
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000009.00000003.297384756.000000001FEC0000.00000020.00000001.sdmp, Offset: 1FEC0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_9_3_1fec0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: 84c6479ce603cf35fcc375dc2fd0ed4ec718bae2fb9b48267c28025291848240
                                                                                                                                                                                                                                                        • Instruction ID: 9b2b78d63b5c3b1a07e49ac955421da204cdc76e747d79d073c7f89d89c194df
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 84c6479ce603cf35fcc375dc2fd0ed4ec718bae2fb9b48267c28025291848240
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F02191729047169FCB00DE65CD8055ABBA2FFC8325F058B28FDA4A3294C331E955DBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000009.00000003.297384756.000000001FEC0000.00000020.00000001.sdmp, Offset: 1FEC0000, based on PE: false
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_9_3_1fec0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                        • Opcode ID: f1940a496eb639629612ebbb34a1673b2396ea8ee45f2b3337fc86baf21e39ac
                                                                                                                                                                                                                                                        • Instruction ID: 8fac72bc29c17da6cbff316af84185f2dfa6f6452126c1eb7251764742047e3a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f1940a496eb639629612ebbb34a1673b2396ea8ee45f2b3337fc86baf21e39ac
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D81170B1A0420ADBCB008F18DD4199BFBB6FBC8311F10C728E89857658D731E866DBD2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                                        Execution Coverage:3.9%
                                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                        Signature Coverage:0.6%
                                                                                                                                                                                                                                                        Total number of Nodes:2000
                                                                                                                                                                                                                                                        Total number of Limit Nodes:44

                                                                                                                                                                                                                                                        Graph

                                                                                                                                                                                                                                                        execution_graph 22675 bdacb0 22676 bdacd4 22675->22676 22677 bdacd8 22676->22677 22692 bda060 22676->22692 22680 beecb0 5 API calls 22677->22680 22681 bdacea 22680->22681 22683 bdad2e 22686 bdad6b 22683->22686 22718 bc5800 22683->22718 22686->22677 22734 bddb60 22686->22734 22687 bdad5c 22729 bc56b0 22687->22729 22737 bc8120 RtlAcquireSRWLockExclusive 22692->22737 22694 bda094 RtlReleaseSRWLockExclusive 22695 beecb0 5 API calls 22694->22695 22696 bda0a7 22695->22696 22696->22677 22703 bdb170 22696->22703 22697 bda11e 22697->22694 22738 bdb330 22697->22738 22698 bda082 22698->22694 22698->22697 22700 bddb60 2 API calls 22698->22700 22702 bda10e ??3@YAXPAX 22700->22702 22701 bda145 22701->22694 22702->22697 22704 bdb197 GetCurrentProcess DuplicateHandle 22703->22704 22717 bdb1b9 22703->22717 22705 bdb1d4 22704->22705 22704->22717 22743 bca7f0 22705->22743 22708 beecb0 5 API calls 22710 bdb1ca 22708->22710 22709 bc5200 59 API calls 22711 bdb1fc 22709->22711 22710->22683 22748 bc52b0 22711->22748 22717->22708 22819 bc5820 22718->22819 22720 bc5811 22720->22687 22721 bdd930 22720->22721 22722 bef1d0 22721->22722 22723 bdd93f memcpy 22722->22723 22724 bdd982 22723->22724 22727 bdd998 22723->22727 22725 beecb0 5 API calls 22724->22725 22726 bdd98c 22725->22726 22726->22687 22727->22724 22847 bdd9f0 22727->22847 22730 bc56d0 22729->22730 22731 bc56c0 22729->22731 22730->22686 22732 bc5580 10 API calls 22731->22732 22733 bc56c7 UnmapViewOfFile 22732->22733 22733->22730 22735 bddb71 GetModuleHandleW GetProcAddress 22734->22735 22736 bdad8c ??3@YAXPAX 22734->22736 22735->22736 22736->22677 22737->22698 22739 bdb346 22738->22739 22740 bdb3a1 ??3@YAXPAX 22739->22740 22741 bddb60 2 API calls 22739->22741 22740->22701 22742 bdb395 ??3@YAXPAX 22741->22742 22742->22740 22787 bca7b0 22743->22787 22746 beecb0 5 API calls 22747 bca832 22746->22747 22747->22709 22749 bc5309 22748->22749 22774 bc52dc 22748->22774 22751 bee547 __Init_thread_header 5 API calls 22749->22751 22759 bc5335 22749->22759 22749->22774 22750 bc51b0 56 API calls 22752 bc52f0 22750->22752 22753 bc541f 22751->22753 22754 beecb0 5 API calls 22752->22754 22755 bc542f GetModuleHandleW GetProcAddress 22753->22755 22753->22759 22756 bc52ff 22754->22756 22757 bee599 __Init_thread_footer 4 API calls 22755->22757 22775 bc5100 22756->22775 22757->22759 22759->22774 22799 bc5460 GetCurrentProcess DuplicateHandle 22759->22799 22761 bc538c 22804 bc5260 22761->22804 22762 bc1ff0 7 API calls 22764 bc5385 22762->22764 22766 bc20c0 8 API calls 22764->22766 22766->22761 22767 bc5200 59 API calls 22768 bc53be 22767->22768 22769 bc5260 GetHandleVerifier 22768->22769 22770 bc53dc 22769->22770 22771 bc5200 59 API calls 22770->22771 22772 bc53e4 22771->22772 22773 bc51b0 56 API calls 22772->22773 22773->22774 22774->22750 22776 bc5260 GetHandleVerifier 22775->22776 22777 bc5117 22776->22777 22778 bc5200 59 API calls 22777->22778 22779 bc511f 22778->22779 22780 bc5780 22779->22780 22781 bc5100 60 API calls 22780->22781 22782 bc57a7 22781->22782 22808 bc56e0 22782->22808 22784 bc57b0 22785 beecb0 5 API calls 22784->22785 22786 bc57c7 22785->22786 22786->22717 22790 bc5ec0 22787->22790 22791 bc5f0c 22790->22791 22792 bc5ee3 SystemFunction036 22790->22792 22794 beecb0 5 API calls 22791->22794 22792->22791 22793 bc5ef0 22792->22793 22795 bc1ff0 7 API calls 22793->22795 22796 bc5f1a 22794->22796 22797 bc5f05 22795->22797 22796->22746 22798 bc20c0 8 API calls 22797->22798 22798->22791 22800 bc549f 22799->22800 22801 bc5496 CloseHandle 22799->22801 22802 beecb0 5 API calls 22800->22802 22801->22800 22803 bc5368 22802->22803 22803->22761 22803->22762 22805 bc5298 22804->22805 22806 bc5277 22804->22806 22805->22767 22807 bc527e GetHandleVerifier 22806->22807 22807->22805 22809 bc5100 60 API calls 22808->22809 22811 bc5707 22809->22811 22810 bc5726 22813 beecb0 5 API calls 22810->22813 22811->22810 22812 bc2290 30 API calls 22811->22812 22814 bc5759 22812->22814 22815 bc573b 22813->22815 22814->22810 22816 bc2030 10 API calls 22814->22816 22815->22784 22817 bc5773 22816->22817 22818 bc20c0 8 API calls 22817->22818 22818->22810 22820 bc583c 22819->22820 22823 bc5879 22820->22823 22827 bc5160 22820->22827 22822 bc5863 22822->22823 22836 bc5620 22822->22836 22824 beecb0 5 API calls 22823->22824 22826 bc588c 22824->22826 22826->22720 22829 bc5173 22827->22829 22828 bc5199 22828->22822 22829->22828 22830 bc54d0 MapViewOfFile 22829->22830 22831 bc554c MapViewOfFile 22830->22831 22832 bc5516 VirtualQuery 22830->22832 22831->22832 22833 bc552a 22831->22833 22832->22833 22834 beecb0 5 API calls 22833->22834 22835 bc5540 22834->22835 22835->22822 22839 bc5580 22836->22839 22838 bc565a 22838->22823 22840 bc55a0 22839->22840 22841 bc55a2 22839->22841 22840->22838 22842 bee547 __Init_thread_header 5 API calls 22841->22842 22843 bc55ac 22842->22843 22843->22840 22844 bc55b8 ??2@YAPAXI 22843->22844 22845 bee599 __Init_thread_footer 4 API calls 22844->22845 22846 bc55d1 22845->22846 22846->22838 22848 bdd9fc 22847->22848 22849 bdd9fe GetModuleHandleW GetProcAddress 22847->22849 22848->22724 22849->22724 21381 bbeba0 21382 bbebcb 21381->21382 21383 bbec3e 21382->21383 21384 bbec31 RtlDuplicateUnicodeString 21382->21384 21385 bbec4e RtlQueryPerformanceCounter RtlRunOnceExecuteOnce 21383->21385 21384->21383 21384->21385 21386 bbecab 21385->21386 21387 bbecff LdrLoadDll 21386->21387 21388 bbed1a 21387->21388 21389 bbed70 18 API calls 21388->21389 21390 bbed3b 21389->21390 21391 beecb0 5 API calls 21390->21391 21392 bbed46 21391->21392 23251 bc8ea0 23252 bc8eaf 23251->23252 23253 bc8ee2 23251->23253 23260 bc4fd0 23252->23260 23256 bc8ec0 ??2@YAPAXI 23267 bc8d00 23256->23267 23261 bc4ff9 23260->23261 23264 bc500e 23260->23264 23262 beecb0 5 API calls 23261->23262 23263 bc5004 23262->23263 23263->23253 23263->23256 23264->23261 23289 bc8800 23264->23289 23297 bc87f0 Sleep 23264->23297 23331 bc8110 23267->23331 23269 bc8d1a ??2@YAPAXI ??2@YAPAXI ??2@YAPAXI ??2@YAPAXI 23270 bbd9b0 13 API calls 23269->23270 23271 bc8de7 23270->23271 23332 bc8120 RtlAcquireSRWLockExclusive 23271->23332 23273 bc8df4 23274 bbd9b0 13 API calls 23273->23274 23275 bc8e1b 23274->23275 23333 bc9270 23275->23333 23278 bc8e38 RtlReleaseSRWLockExclusive 23279 beecb0 5 API calls 23278->23279 23281 bc8e49 23279->23281 23280 bc8e61 ??3@YAXPAX 23280->23278 23284 bc5080 23281->23284 23282 bc8e7a 23282->23280 23283 bc8e83 _invalid_parameter_noinfo_noreturn 23285 bc508f 23284->23285 23286 bc5096 23284->23286 23285->23286 23396 bc4a30 ??2@YAPAXI 23285->23396 23286->23253 23290 bc8827 23289->23290 23298 bc8a40 23290->23298 23292 bc889d 23294 beecb0 5 API calls 23292->23294 23293 bc8839 23293->23292 23296 bc8876 Sleep 23293->23296 23295 bc88a8 23294->23295 23295->23264 23296->23293 23297->23264 23299 bc8af9 23298->23299 23301 bc8a7d 23298->23301 23300 bc8af7 23299->23300 23302 bc8be0 30 API calls 23299->23302 23303 beecb0 5 API calls 23300->23303 23301->23300 23314 bc8be0 23301->23314 23305 bc8b99 23302->23305 23306 bc8b7b 23303->23306 23305->23300 23308 bc2030 10 API calls 23305->23308 23306->23293 23310 bc8bc6 23308->23310 23309 bc2030 10 API calls 23311 bc8af0 23309->23311 23312 bc20c0 8 API calls 23310->23312 23313 bc20c0 8 API calls 23311->23313 23312->23300 23313->23300 23315 bbc880 3 API calls 23314->23315 23316 bc8c10 23315->23316 23317 bbc940 13 API calls 23316->23317 23318 bc8c17 23317->23318 23319 bbc940 13 API calls 23318->23319 23320 bc8c25 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J 23319->23320 23321 bbc940 13 API calls 23320->23321 23322 bc8c42 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J 23321->23322 23323 bbc940 13 API calls 23322->23323 23324 bc8c5c ??2@YAPAXI 23323->23324 23325 bbd7f0 12 API calls 23324->23325 23326 bc8c77 23325->23326 23327 bbd690 2 API calls 23326->23327 23328 bc8ca4 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE ??1ios_base@std@@UAE 23327->23328 23329 beecb0 5 API calls 23328->23329 23330 bc8acf 23329->23330 23330->23300 23330->23309 23331->23269 23332->23273 23334 bc928f ??2@YAPAXI 23333->23334 23335 bc9304 23333->23335 23342 bc93b0 23334->23342 23339 bc9324 23335->23339 23366 bc9360 23335->23366 23338 bc8e27 23338->23278 23338->23280 23338->23282 23338->23283 23339->23334 23340 bc9360 memcmp 23339->23340 23341 bc933d 23340->23341 23341->23334 23341->23338 23343 bc93e1 23342->23343 23364 bc93d4 23342->23364 23344 bc93ed 23343->23344 23345 bc942f 23343->23345 23347 bc944e 23344->23347 23348 bc93f1 23344->23348 23346 bc9360 memcmp 23345->23346 23349 bc93fd 23346->23349 23350 bc9360 memcmp 23347->23350 23351 bc9360 memcmp 23348->23351 23353 bc951f 23349->23353 23349->23364 23361 bc945b 23350->23361 23351->23349 23374 bc96b0 23353->23374 23354 bc9418 23355 beecb0 5 API calls 23354->23355 23358 bc9425 23355->23358 23357 bc947e 23359 bc9360 memcmp 23357->23359 23357->23364 23358->23338 23363 bc94a8 23359->23363 23360 bc952d 23361->23357 23362 bc9360 memcmp 23361->23362 23362->23357 23363->23353 23363->23364 23365 bc9360 memcmp 23363->23365 23364->23360 23369 bc9550 23364->23369 23365->23349 23367 bc9372 memcmp 23366->23367 23367->23335 23370 bc95bf 23369->23370 23373 bc9566 23369->23373 23390 bc97d0 23370->23390 23372 bc95c6 ?_Xlength_error@std@@YAXPBD 23372->23373 23373->23354 23375 bc96d7 23374->23375 23379 bc96f5 23374->23379 23377 bc9360 memcmp 23375->23377 23375->23379 23376 bc9760 23378 bc9550 4 API calls 23376->23378 23377->23375 23380 bc9740 23378->23380 23379->23376 23381 bc9360 memcmp 23379->23381 23383 beecb0 5 API calls 23380->23383 23382 bc971f 23381->23382 23382->23376 23387 bc9723 23382->23387 23384 bc974d 23383->23384 23384->23360 23385 bc972e ??3@YAXPAX 23385->23380 23386 bc9792 ??3@YAXPAX 23386->23385 23387->23385 23387->23386 23388 bc97c9 _invalid_parameter_noinfo_noreturn 23387->23388 23389 bc97c0 23387->23389 23389->23386 23391 bc97ee 23390->23391 23392 bc97df ??3@YAXPAX 23390->23392 23393 bc97fc ??3@YAXPAX 23391->23393 23394 bc981e _invalid_parameter_noinfo_noreturn 23391->23394 23395 bc9815 23391->23395 23392->23372 23393->23392 23395->23393 23397 bc4a64 23396->23397 23398 beecb0 5 API calls 23397->23398 23399 bc4a80 23398->23399 23399->23253 23558 bcae90 23559 bcaecb 23558->23559 23560 bcaeb3 23558->23560 23577 bc8120 RtlAcquireSRWLockExclusive 23559->23577 23561 beecb0 5 API calls 23560->23561 23563 bcaec1 23561->23563 23564 bcaed8 23578 bcb330 23564->23578 23566 bcaf85 23581 bcb3a0 23566->23581 23568 bcaeea 23569 bcaf24 23568->23569 23571 bc1ff0 7 API calls 23568->23571 23569->23566 23574 bc1ff0 7 API calls 23569->23574 23570 bcaf91 RtlReleaseSRWLockExclusive 23570->23560 23572 bcaf1d 23571->23572 23573 bc20c0 8 API calls 23572->23573 23573->23569 23575 bcaf7e 23574->23575 23576 bc20c0 8 API calls 23575->23576 23576->23566 23577->23564 23585 bc4fb0 23578->23585 23582 bc4fb0 2 API calls 23581->23582 23584 bcb3bc ??3@YAXPAX 23582->23584 23584->23570 23588 bc8130 23585->23588 23589 bc8186 23588->23589 23591 bc4fbe 23588->23591 23590 bc8280 _byteswap_ulong _byteswap_ulong 23589->23590 23590->23590 23590->23591 23591->23568 21413 bd9690 21414 bd96ae 21413->21414 21418 bd96cf 21414->21418 21419 be3980 memcpy 21414->21419 21415 beecb0 5 API calls 21417 bd96e8 21415->21417 21418->21415 21419->21418 27745 bcad80 27746 bcadbb GetCurrentThreadId 27745->27746 27747 bcada3 27745->27747 27760 bc8120 RtlAcquireSRWLockExclusive 27746->27760 27748 beecb0 5 API calls 27747->27748 27750 bcadb1 27748->27750 27751 bcadcf 27761 bcb1e0 ??2@YAPAXI 27751->27761 27755 bcae80 RtlReleaseSRWLockExclusive 27755->27747 27756 bcae1a 27756->27755 27757 bc1ff0 7 API calls 27756->27757 27758 bcae79 27757->27758 27759 bc20c0 8 API calls 27758->27759 27759->27755 27760->27751 27762 bcae01 27761->27762 27763 bcb247 ?_Xlength_error@std@@YAXPBD 27761->27763 27764 bcb0b0 27762->27764 27765 bc4fb0 2 API calls 27764->27765 27766 bcb0c9 27765->27766 27767 bcb10c ??3@YAXPAX 27766->27767 27769 bcb138 27766->27769 27768 bcb19c 27767->27768 27768->27756 27771 bcb260 27769->27771 27772 bcb2ca 27771->27772 27773 bcb29a 27771->27773 27772->27768 27774 bc3300 14 API calls 27773->27774 27775 bcb2c1 27774->27775 27776 bcb0b0 17 API calls 27775->27776 21420 bd07e0 21421 bd0853 21420->21421 21422 bd09d1 21421->21422 21434 bc46c0 21421->21434 21424 bd087c 21424->21422 21450 be3830 21424->21450 21428 bd09ab 21428->21422 21485 be4060 21428->21485 21430 bd0903 21430->21428 21464 bd0a70 21430->21464 21435 bc478e 21434->21435 21436 bc46de 21434->21436 21437 beecb0 5 API calls 21435->21437 21438 bc47b8 21436->21438 21439 bc470a memcpy 21436->21439 21441 bc4798 21437->21441 21440 bba7d0 6 API calls 21438->21440 21442 bc4728 21439->21442 21440->21442 21441->21424 21508 bc7ce0 21442->21508 21444 bc4774 21445 bbdf30 2 API calls 21444->21445 21445->21435 21446 bc47ac ??3@YAXPAX 21446->21444 21448 bc47ec _invalid_parameter_noinfo_noreturn 21449 bc47e3 21449->21446 21657 be3790 21450->21657 21453 be3d30 21664 be3850 21453->21664 21455 be3d89 21457 be3d8f RtlFreeHeap 21455->21457 21463 be3dac 21455->21463 21456 be3d6e 21456->21455 21456->21463 21670 be3ce0 21456->21670 21457->21463 21461 be3dfa 21461->21455 21676 be3980 memcpy 21461->21676 21463->21430 21688 be6680 21464->21688 21466 bd0a95 21467 beecb0 5 API calls 21466->21467 21469 bd099a 21467->21469 21468 bd0a8c 21468->21466 21693 bd17c0 21468->21693 21469->21428 21492 bc48f0 21469->21492 21472 bd17c0 2 API calls 21473 bd0b04 21472->21473 21473->21466 21474 bd17c0 2 API calls 21473->21474 21475 bd0b21 21474->21475 21475->21466 21476 bd17c0 2 API calls 21475->21476 21477 bd0b37 21476->21477 21477->21466 21478 bd17c0 2 API calls 21477->21478 21479 bd0b4d 21478->21479 21479->21466 21480 bd17c0 2 API calls 21479->21480 21481 bd0b63 21480->21481 21481->21466 21482 bd17c0 2 API calls 21481->21482 21483 bd0b79 21482->21483 21483->21466 21697 be67f0 21483->21697 21486 be407c 21485->21486 21487 be4091 NtFreeVirtualMemory 21485->21487 21488 be40b0 21486->21488 21489 be4080 RtlFreeHeap 21486->21489 21487->21488 21490 beecb0 5 API calls 21488->21490 21489->21488 21491 be40ba 21490->21491 21491->21422 21493 bc49be 21492->21493 21494 bc490e 21492->21494 21495 beecb0 5 API calls 21493->21495 21496 bc49e8 21494->21496 21497 bc493a memcpy 21494->21497 21498 bc49c8 21495->21498 21500 bba7d0 6 API calls 21496->21500 21499 bc4958 21497->21499 21498->21428 21501 bc7ce0 45 API calls 21499->21501 21500->21499 21505 bc4974 21501->21505 21502 bc49a4 21503 bbdf30 2 API calls 21502->21503 21503->21493 21504 bc49dc ??3@YAXPAX 21504->21502 21505->21502 21505->21504 21506 bc4a1c _invalid_parameter_noinfo_noreturn 21505->21506 21507 bc4a13 21505->21507 21507->21504 21511 bc7a80 21508->21511 21510 bc4744 21510->21444 21510->21446 21510->21448 21510->21449 21512 bc7aa1 21511->21512 21513 bc7aa8 21512->21513 21514 bc7adb 21512->21514 21533 bc7fe0 21513->21533 21518 bc7ae5 21514->21518 21544 bc72a0 21514->21544 21521 bc7c2b 21518->21521 21522 bc7b2e 21518->21522 21519 beecb0 5 API calls 21520 bc7ad3 21519->21520 21520->21510 21523 bc72a0 15 API calls 21521->21523 21524 beecb0 5 API calls 21522->21524 21523->21521 21526 bc7b49 21524->21526 21525 bc7f7c 21525->21510 21526->21525 21552 bbd730 21526->21552 21528 bc7f8f memcpy 21529 bc7fc9 ??3@YAXPAX 21528->21529 21530 bc7fb1 21528->21530 21529->21525 21531 bc7fda _invalid_parameter_noinfo_noreturn 21530->21531 21532 bc7fc1 21530->21532 21532->21529 21557 bc7d60 21533->21557 21538 bc8041 21539 beecb0 5 API calls 21538->21539 21543 bc7ac6 21539->21543 21540 bc8061 ??3@YAXPAX 21540->21538 21541 bc807a 21541->21540 21542 bc8083 _invalid_parameter_noinfo_noreturn 21543->21519 21545 bc72ca 21544->21545 21546 bc7301 memset 21544->21546 21643 bc7330 21545->21643 21549 bc72e9 21546->21549 21550 beecb0 5 API calls 21549->21550 21551 bc72f5 21550->21551 21551->21518 21553 bbd74f moz_xmalloc 21552->21553 21554 bbd73d 21552->21554 21553->21528 21555 bbd773 21554->21555 21556 bbd741 moz_xmalloc 21554->21556 21555->21528 21556->21528 21580 bc6b00 21557->21580 21559 bc7d8a 21560 bc7d8e 21559->21560 21589 bc5f80 21559->21589 21562 bc6fd0 21560->21562 21563 bc7147 21562->21563 21564 bc6ff3 21562->21564 21641 bbdac0 ?_Xout_of_range@std@@YAXPBD 21563->21641 21566 bc706a 21564->21566 21568 bc7002 21564->21568 21569 bc703c memmove 21564->21569 21571 bc7076 21566->21571 21578 bc70b4 memmove memmove memcpy 21566->21578 21572 bc7016 memmove 21568->21572 21569->21572 21628 bc7150 21571->21628 21573 beecb0 5 API calls 21572->21573 21576 bc7028 21573->21576 21576->21538 21576->21540 21576->21541 21576->21542 21578->21563 21579 beecb0 5 API calls 21579->21576 21581 bc6b1f 21580->21581 21587 bc6b32 21580->21587 21584 bc6b45 21581->21584 21585 bc6b28 21581->21585 21581->21587 21582 beecb0 5 API calls 21583 bc6b3c 21582->21583 21583->21559 21595 bc6b70 21584->21595 21585->21587 21608 bc6c50 memcpy 21585->21608 21587->21582 21590 bc5fc6 21589->21590 21592 bc5fa0 21589->21592 21614 bc5ff0 21590->21614 21593 beecb0 5 API calls 21592->21593 21594 bc5fbd 21593->21594 21594->21559 21596 bc6c3e 21595->21596 21598 bc6b93 21595->21598 21613 bba890 ?_Xlength_error@std@@YAXPBD 21596->21613 21600 bbd730 2 API calls 21598->21600 21599 bc6c43 _invalid_parameter_noinfo_noreturn 21601 bc6bce 21600->21601 21602 bc6bdc memcpy 21601->21602 21603 bc6c1d memcpy 21601->21603 21605 bc6c0e ??3@YAXPAX 21602->21605 21606 bc6bfa 21602->21606 21604 bc6c30 21603->21604 21604->21587 21605->21604 21606->21599 21607 bc6c07 21606->21607 21607->21605 21609 bc6c8a ??3@YAXPAX 21608->21609 21610 bc6c76 21608->21610 21609->21587 21611 bc6c9f _invalid_parameter_noinfo_noreturn 21610->21611 21612 bc6c83 21610->21612 21612->21609 21615 bc6015 21614->21615 21616 bc60e0 21614->21616 21618 bbd730 2 API calls 21615->21618 21627 bba890 ?_Xlength_error@std@@YAXPBD 21616->21627 21620 bc604f 21618->21620 21619 bc60e5 _invalid_parameter_noinfo_noreturn 21621 bc605b memcpy 21620->21621 21622 bc60a3 memcpy 21620->21622 21623 bc608c 21621->21623 21624 bc609c ??3@YAXPAX 21621->21624 21625 bc60d2 21622->21625 21623->21619 21623->21624 21624->21625 21625->21592 21629 bc7291 21628->21629 21631 bc7173 21628->21631 21642 bba890 ?_Xlength_error@std@@YAXPBD 21629->21642 21633 bbd730 2 API calls 21631->21633 21632 bc7296 _invalid_parameter_noinfo_noreturn 21634 bc71bb 21633->21634 21635 bc71cd memcpy memcpy memcpy 21634->21635 21636 bc7241 memcpy memcpy memcpy 21634->21636 21637 bc722f ??3@YAXPAX 21635->21637 21638 bc721b 21635->21638 21639 bc70a1 21636->21639 21637->21639 21638->21632 21640 bc7228 21638->21640 21639->21579 21640->21637 21644 bc73e6 21643->21644 21645 bc7353 21643->21645 21656 bba890 ?_Xlength_error@std@@YAXPBD 21644->21656 21647 bbd730 2 API calls 21645->21647 21649 bc7396 21647->21649 21648 bc73eb memcpy memset 21650 bc7429 21648->21650 21651 bc7442 ??3@YAXPAX 21648->21651 21649->21648 21652 bc73a7 memcpy memset 21649->21652 21653 bc745d _invalid_parameter_noinfo_noreturn 21650->21653 21654 bc7439 21650->21654 21655 bc73d5 21651->21655 21652->21655 21654->21651 21655->21549 21658 be37be NtMapViewOfSection 21657->21658 21659 be37ac 21657->21659 21658->21659 21660 be37f4 21658->21660 21661 beecb0 5 API calls 21659->21661 21660->21659 21663 be3807 NtUnmapViewOfSection 21660->21663 21662 bd08cd 21661->21662 21662->21422 21662->21453 21663->21659 21665 be385c 21664->21665 21666 be3868 RtlCreateHeap 21664->21666 21665->21456 21667 be387e 21666->21667 21668 be3895 21666->21668 21667->21665 21669 be388c RtlDestroyHeap 21667->21669 21668->21456 21669->21665 21677 be46e0 21670->21677 21673 be3cc0 21674 be3cda 21673->21674 21675 be3ccb RtlFreeHeap 21673->21675 21674->21461 21675->21674 21676->21455 21678 be46ff 21677->21678 21679 be4721 21677->21679 21682 be3850 2 API calls 21678->21682 21687 be477a 21678->21687 21680 be4730 NtAllocateVirtualMemory 21679->21680 21685 be475e NtAllocateVirtualMemory 21679->21685 21680->21679 21680->21687 21681 beecb0 5 API calls 21683 be3cf1 21681->21683 21684 be470a 21682->21684 21683->21673 21686 be470e RtlAllocateHeap 21684->21686 21684->21687 21685->21687 21686->21687 21687->21681 21706 be66d0 21688->21706 21691 beecb0 5 API calls 21692 be66bb 21691->21692 21692->21468 21694 bd0ae9 21693->21694 21695 bd1804 21693->21695 21694->21466 21694->21472 21695->21694 21712 bd18e0 21695->21712 21698 be6818 21697->21698 21701 be6909 21697->21701 21699 be6937 SignalObjectAndWait 21698->21699 21703 be6847 21698->21703 21699->21701 21699->21703 21700 beecb0 5 API calls 21702 be6977 21700->21702 21701->21700 21702->21466 21703->21701 21704 be6910 WaitForSingleObject 21703->21704 21705 be6890 WaitForSingleObject 21703->21705 21704->21701 21704->21703 21705->21703 21707 be6780 21706->21707 21711 be66f5 21706->21711 21709 beecb0 5 API calls 21707->21709 21708 be6770 WaitForSingleObject 21708->21707 21708->21711 21710 be66a0 21709->21710 21710->21691 21711->21707 21711->21708 21713 bd18fc memcpy 21712->21713 21714 bd18f1 memcpy 21712->21714 21715 bd18f6 21713->21715 21714->21715 21715->21694 21821 be99d0 21867 be2e40 21821->21867 21824 be9a13 RevertToSelf 21827 be9a3c 21824->21827 21828 be9a2a GetCurrentProcess TerminateProcess 21824->21828 21825 be9a01 GetCurrentProcess TerminateProcess 21825->21824 21879 be9ca0 RegOpenKeyExW 21827->21879 21828->21827 21831 be9a4e GetCurrentProcess TerminateProcess 21832 be9a60 RegDisablePredefinedCache 21831->21832 21834 be9a7c GetUserDefaultLangID GetUserDefaultLCID GetUserDefaultLocaleName 21832->21834 21835 be9a6a GetCurrentProcess TerminateProcess 21832->21835 21833 be9ca0 7 API calls 21836 be9be9 21833->21836 21837 be9af7 GetCurrentProcess TerminateProcess 21834->21837 21840 be9b09 21834->21840 21835->21834 21836->21831 21838 be9ca0 7 API calls 21836->21838 21837->21840 21839 be9bfb 21838->21839 21839->21831 21842 be9c03 21839->21842 21841 be9b91 21840->21841 21933 bd3f70 21840->21933 21843 be9bc9 21841->21843 21884 bd97a0 21841->21884 21842->21832 21847 beecb0 5 API calls 21843->21847 21850 be9bd7 21847->21850 21852 be9bb7 GetCurrentProcess TerminateProcess 21852->21843 21853 be9b4f EnumSystemLocalesEx 21856 be9b76 21853->21856 21857 be9b64 21853->21857 21854 be9b35 21954 bd43c0 GetCurrentProcess GetProcessHandleCount 21854->21954 21860 bd3fd0 65 API calls 21856->21860 21989 bd5880 21857->21989 21861 be9b7f GetCurrentProcess TerminateProcess 21860->21861 21861->21841 21865 be9b6d HeapDestroy 21865->21854 21866 be9b4d 21866->21841 21868 be2e71 GetCurrentProcess OpenProcessToken 21867->21868 21878 be2e5d 21867->21878 21869 be2e8b GetLastError 21868->21869 21870 be2e95 21868->21870 21869->21878 21996 bc5200 21870->21996 21871 beecb0 5 API calls 21872 be2e67 21871->21872 21872->21824 21872->21825 21878->21871 21880 be9cdd RegCloseKey 21879->21880 21881 be9cc9 21879->21881 21880->21881 21882 beecb0 5 API calls 21881->21882 21883 be9a46 21882->21883 21883->21831 21883->21833 21885 bd97dc 21884->21885 21886 bd97c6 21884->21886 22028 bcbdd0 21885->22028 21888 beecb0 5 API calls 21886->21888 21890 bd97d2 21888->21890 21890->21843 21890->21852 21891 bd97fc 21893 bd9817 21891->21893 21894 bd9801 HeapSetInformation 21891->21894 21892 bd98b5 GetProcAddress 21892->21891 21895 bd98c9 21892->21895 21897 bd9823 21893->21897 22031 be3070 GetCurrentProcess OpenProcessToken 21893->22031 21894->21893 21896 bd9907 GetLastError 21894->21896 21895->21891 21901 bd98d8 GetLastError 21895->21901 21896->21886 21896->21893 21897->21886 21898 bd983f 21897->21898 21899 bd9828 SetProcessDEPPolicy 21897->21899 21898->21886 21903 bd9846 GetProcAddress 21898->21903 21899->21898 21902 bd991b GetLastError 21899->21902 21901->21886 21904 bd98e7 21901->21904 21902->21886 21902->21898 21903->21886 21905 bd985a 21903->21905 21904->21891 21906 bd9867 21905->21906 21909 bd9abd GetLastError 21905->21909 21907 bd9872 21906->21907 21911 bd9ad1 GetLastError 21906->21911 21908 bd987d 21907->21908 21914 bd9ae5 GetLastError 21907->21914 21910 bd98b0 21908->21910 21919 bd98a1 GetLastError 21908->21919 21909->21886 21912 bd9acc 21909->21912 21910->21886 21913 bd99b1 21910->21913 21911->21886 21916 bd9ae0 21911->21916 21912->21911 22042 bd9b70 GetModuleHandleA GetProcAddress 21913->22042 21914->21886 21917 bd9af4 21914->21917 21916->21914 21920 bd9af9 GetLastError 21917->21920 21919->21886 21919->21910 21920->21886 21921 bd99dc 21920->21921 21921->21886 21923 bd9b0d GetLastError 21921->21923 21925 bd9a07 21921->21925 21922 bd9a32 21928 bd9b21 GetLastError 21922->21928 21930 bd9a6d 21922->21930 21923->21886 21923->21925 21924 bd9a76 21926 bd9b70 8 API calls 21924->21926 21925->21886 21925->21922 21927 bd9b35 GetLastError 21925->21927 21929 bd9a7b 21926->21929 21927->21886 21927->21922 21928->21886 21928->21930 21929->21886 21931 bd9aa9 GetLastError 21929->21931 21930->21886 21930->21924 21931->21886 21932 bd9ab8 21931->21932 21932->21886 22139 bd38c0 21933->22139 21935 bd3f8b CreateEventW 21936 bc5200 59 API calls 21935->21936 21937 bd3fbb 21936->21937 21938 bd4210 21937->21938 21939 bd423c 21938->21939 21952 bd425d 21938->21952 22145 bc1ff0 21939->22145 21941 bd426b VirtualFree 21944 beecb0 5 API calls 21941->21944 21942 bd430e wcscmp 21942->21952 21946 bd4291 21944->21946 21945 bc20c0 8 API calls 21945->21952 21946->21853 21946->21854 21947 bba740 13 API calls 21947->21952 21950 bbdf30 free _invalid_parameter_noinfo_noreturn 21950->21952 21951 bc1ff0 7 API calls 21951->21952 21952->21941 21952->21942 21952->21947 21952->21950 21952->21951 21953 bc20c0 8 API calls 21952->21953 22150 bd4930 21952->22150 22158 bd4eb0 21952->22158 21953->21952 21955 bd4402 21954->21955 21956 bd43f1 GetModuleHandleA 21954->21956 21958 beecb0 5 API calls 21955->21958 21956->21955 21957 bd441a ??2@YAPAXI memset 21956->21957 21964 bd4477 21957->21964 21978 bd4463 21957->21978 21959 bd440c 21958->21959 21982 bd3fd0 21959->21982 21960 bd4740 7 API calls 21960->21964 21961 bbdf30 2 API calls 21962 bd446d 21961->21962 22257 bc14c0 21962->22257 21964->21960 21965 bd44e5 memset 21964->21965 21966 bd4726 21964->21966 21968 bd472b _invalid_parameter_noinfo_noreturn 21964->21968 21969 bba740 13 API calls 21964->21969 21970 bd456b ??2@YAPAXI 21964->21970 21971 bd4619 ??2@YAPAXI 21964->21971 21972 bd4731 21964->21972 21973 bd4576 memset memmove 21964->21973 21974 bbdf30 2 API calls 21964->21974 21975 bd45b3 ??3@YAXPAX 21964->21975 21976 bd46d8 SetHandleInformation 21964->21976 21964->21978 22263 bd3070 21964->22263 22279 bd47d0 21964->22279 22283 bd4020 21964->22283 21965->21964 22297 bc14b0 ?_Xlength_error@std@@YAXPBD 21966->22297 21968->21972 21969->21964 21970->21973 21971->21973 21973->21964 21974->21964 21975->21964 21977 bd46e7 CloseHandle 21976->21977 21976->21978 21977->21964 21977->21978 21978->21961 21983 bc51b0 56 API calls 21982->21983 21984 bd3feb 21983->21984 22333 bd31b0 21984->22333 21987 beecb0 5 API calls 21988 bd4011 21987->21988 21988->21861 21988->21866 21990 bcbdd0 67 API calls 21989->21990 21991 bd588c 21990->21991 21992 bd5897 GetProcessHeaps ??2@YAPAXI GetProcessHeaps 21991->21992 21993 bd5933 21991->21993 21994 bd592a ??3@YAXPAX 21992->21994 21995 bd58c9 21992->21995 21993->21856 21993->21865 21994->21993 21995->21994 21997 bc520e GetLastError 21996->21997 21998 bc524f 21996->21998 21999 bc51b0 56 API calls 21997->21999 22003 be2d90 21998->22003 22000 bc5220 21999->22000 22001 bc5246 SetLastError 22000->22001 22002 bc522f GetHandleVerifier 22000->22002 22001->21998 22002->22001 22004 be2e14 22003->22004 22005 be2db2 ConvertStringSidToSidW 22003->22005 22008 beecb0 5 API calls 22004->22008 22006 be2e29 GetLastError 22005->22006 22007 be2dd0 GetLengthSid SetTokenInformation GetLastError LocalFree 22005->22007 22006->22004 22007->22004 22009 be2e1f 22008->22009 22010 bc51b0 22009->22010 22011 bc51bf 22010->22011 22012 bc51c7 22010->22012 22011->21878 22013 bc51ce GetHandleVerifier 22012->22013 22014 bc51ea GetHandleVerifier 22013->22014 22016 bcad40 22014->22016 22017 bcad5d 22016->22017 22018 bcad4e FindCloseChangeNotification 22016->22018 22024 bca330 TlsGetValue 22017->22024 22019 bcad55 22018->22019 22019->22011 22022 bca330 52 API calls 22023 bcad7a 22022->22023 22023->22019 22025 bca35f 22024->22025 22026 bca34b CloseHandle 22024->22026 22025->22026 22027 bca060 51 API calls 22025->22027 22026->22022 22027->22026 22047 bcb820 22028->22047 22032 be309c GetLastError 22031->22032 22033 be30b7 22031->22033 22034 be30a4 22032->22034 22035 bc5200 59 API calls 22033->22035 22036 beecb0 5 API calls 22034->22036 22037 be30cc 22035->22037 22038 be30ae 22036->22038 22092 be2ed0 22037->22092 22038->21897 22041 bc51b0 56 API calls 22041->22034 22043 bd9b9d GetCurrentProcess 22042->22043 22044 bd9bb0 22042->22044 22043->22044 22045 beecb0 5 API calls 22044->22045 22046 bd99b6 22045->22046 22046->21920 22046->21921 22048 bcb868 22047->22048 22049 bcb853 22047->22049 22050 bee547 __Init_thread_header 5 API calls 22048->22050 22051 beecb0 5 API calls 22049->22051 22053 bcb872 22050->22053 22052 bcb85d GetModuleHandleA 22051->22052 22052->21891 22052->21892 22053->22049 22054 bcb87e memset GetVersionExW GetProductInfo ??2@YAPAXI 22053->22054 22061 bcb920 22054->22061 22059 bee599 __Init_thread_footer 4 API calls 22060 bcb906 22059->22060 22060->22049 22062 bcb960 22061->22062 22069 bcb951 22061->22069 22064 bee547 __Init_thread_header 5 API calls 22062->22064 22063 beecb0 5 API calls 22065 bcb8e9 22063->22065 22066 bcb96a 22064->22066 22070 bcb9f0 GetCurrentProcess IsWow64Process 22065->22070 22067 bcb976 GetNativeSystemInfo 22066->22067 22066->22069 22068 bee599 __Init_thread_footer 4 API calls 22067->22068 22068->22069 22069->22063 22071 bcba52 22070->22071 22072 bc7ce0 45 API calls 22071->22072 22073 bcbaa9 22072->22073 22074 bbdf30 2 API calls 22073->22074 22075 bcbad9 22074->22075 22076 bcbc56 22075->22076 22080 bcbaec 22075->22080 22077 bcbc63 ??3@YAXPAX 22076->22077 22078 bcbcf0 22076->22078 22079 bcbd13 _invalid_parameter_noinfo_noreturn 22076->22079 22087 bcbb86 22077->22087 22078->22077 22080->22080 22081 bc7ce0 45 API calls 22080->22081 22082 bcbb6c 22081->22082 22084 bcbbfd 22082->22084 22085 bcbb7a 22082->22085 22083 beecb0 5 API calls 22086 bcb8f3 22083->22086 22084->22079 22084->22087 22088 bcbc17 ??3@YAXPAX 22084->22088 22090 bcbcd4 22084->22090 22085->22079 22085->22087 22089 bcbcac ??3@YAXPAX 22085->22089 22091 bcbd0a 22085->22091 22086->22059 22087->22083 22088->22087 22089->22087 22090->22088 22091->22089 22106 be2fe0 GetKernelObjectSecurity GetLastError 22092->22106 22095 be2f1c 22114 bc3010 22095->22114 22096 be2f38 GetSecurityDescriptorSacl 22098 be2fc9 GetLastError 22096->22098 22103 be2f67 22096->22103 22098->22095 22100 be2fb1 SetKernelObjectSecurity 22100->22095 22100->22098 22101 beecb0 5 API calls 22104 be2f2e 22101->22104 22102 be2f9c GetAce 22102->22103 22103->22100 22103->22102 22105 be2fad 22103->22105 22104->22041 22105->22100 22107 be302f 22106->22107 22108 be301b 22106->22108 22120 be3400 22107->22120 22110 beecb0 5 API calls 22108->22110 22111 be2f13 22110->22111 22111->22095 22111->22096 22113 be3059 GetLastError 22113->22108 22115 bc301c 22114->22115 22116 bc3058 22114->22116 22117 bc303a ??3@YAXPAX 22115->22117 22118 bc305b _invalid_parameter_noinfo_noreturn 22115->22118 22119 bc3035 22115->22119 22116->22101 22117->22116 22119->22117 22121 be341f 22120->22121 22122 be3488 22120->22122 22123 be3427 22121->22123 22124 be34b1 22121->22124 22125 be348c memset 22122->22125 22126 be303c GetKernelObjectSecurity 22122->22126 22127 bbd730 2 API calls 22123->22127 22138 bc14b0 ?_Xlength_error@std@@YAXPBD 22124->22138 22125->22126 22126->22108 22126->22113 22130 be3449 memset memmove 22127->22130 22132 be34c0 22130->22132 22133 be34f7 22132->22133 22135 be34cf 22132->22135 22133->22126 22134 be34ed ??3@YAXPAX 22134->22133 22135->22134 22136 be350d _invalid_parameter_noinfo_noreturn 22135->22136 22137 be34e8 22135->22137 22137->22134 22140 bd38cd 22139->22140 22141 bd38da 22140->22141 22142 bd38f7 ??2@YAPAXI 22140->22142 22143 bd38de ??2@YAPAXI 22141->22143 22144 bd391a 22141->22144 22142->21935 22143->21935 22144->21935 22164 bbc880 22145->22164 22147 bc2010 22167 bc5f20 _errno _errno GetLastError SetLastError 22147->22167 22149 bc2027 22149->21945 22157 bd4956 22150->22157 22154 bd499d 22155 beecb0 5 API calls 22154->22155 22156 bd49ae 22155->22156 22156->21952 22157->22154 22168 bd49e0 22157->22168 22161 bd4ed6 22158->22161 22160 bd4f25 22162 beecb0 5 API calls 22160->22162 22161->22160 22252 bd4f80 22161->22252 22163 bd4f39 22162->22163 22163->21952 22165 bbc891 ??0ios_base@std@@IAE 22164->22165 22166 bbc8a7 ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE 22164->22166 22165->22166 22166->22147 22167->22149 22169 bd38c0 2 API calls 22168->22169 22170 bd49f1 22169->22170 22185 bc1ce0 22170->22185 22174 bd498e 22175 bd4a50 22174->22175 22182 bd4a9b 22175->22182 22183 bd4a74 22175->22183 22177 bd4a84 22178 beecb0 5 API calls 22177->22178 22180 bd4a91 22178->22180 22180->22154 22181 bd4bc9 22182->22183 22184 bd4b3e 22182->22184 22183->22181 22195 bd4c00 22183->22195 22184->22181 22211 bd4d70 22184->22211 22186 bc1cf7 22185->22186 22187 bc1d35 22186->22187 22188 bba8a0 2 API calls 22186->22188 22190 bd3710 22187->22190 22189 bc1d19 memcpy 22188->22189 22189->22187 22191 bd3735 ??2@YAPAXI 22190->22191 22192 bd3753 22190->22192 22191->22174 22193 bd3764 22192->22193 22194 bd3757 ??2@YAPAXI 22192->22194 22193->22174 22194->22174 22196 bd4d53 22195->22196 22201 bd4c1c 22195->22201 22223 bd4e90 22196->22223 22198 bd4d58 ?_Xlength_error@std@@YAXPBD 22203 bd4d70 22198->22203 22199 bd4df8 22200 bd4c00 11 API calls 22199->22200 22202 bd4e1f 22200->22202 22201->22177 22204 beecb0 5 API calls 22202->22204 22203->22199 22205 bd4e3b 22203->22205 22226 bd3770 22205->22226 22214 bd4d95 22211->22214 22212 bd4df8 22213 bd4c00 14 API calls 22212->22213 22215 bd4e1f 22213->22215 22214->22212 22217 bd4e3b 22214->22217 22216 beecb0 5 API calls 22215->22216 22218 bd4e31 22216->22218 22219 bd3770 9 API calls 22217->22219 22218->22181 22220 bd4e55 ??3@YAXPAX 22219->22220 22221 bbdf30 2 API calls 22220->22221 22222 bd4e69 ??3@YAXPAX 22221->22222 22222->22215 22235 bd4860 22223->22235 22227 bd3795 22226->22227 22231 bd379d 22226->22231 22228 bd3829 22227->22228 22227->22231 22234 bd37a1 22231->22234 22242 bd3850 22231->22242 22236 bd3770 9 API calls 22235->22236 22237 bd4885 ??3@YAXPAX 22236->22237 22238 bbdf30 2 API calls 22237->22238 22239 bd4899 22238->22239 22240 beecb0 5 API calls 22239->22240 22241 bd48a3 ??3@YAXPAX 22240->22241 22241->22198 22253 bd5129 ?_Xlength_error@std@@YAXPBD 22252->22253 22254 bd4f99 22252->22254 22255 bd3710 2 API calls 22254->22255 22256 bd4fa9 22255->22256 22256->22160 22258 bc14cc 22257->22258 22259 bc14f6 22257->22259 22260 bc14d8 ??3@YAXPAX 22258->22260 22261 bc150d _invalid_parameter_noinfo_noreturn 22258->22261 22262 bc1506 22258->22262 22259->21955 22260->22259 22262->22260 22264 bd308c 22263->22264 22268 bd309b 22263->22268 22298 beb3d0 22264->22298 22266 bd30b5 malloc 22267 bd30c5 free 22266->22267 22266->22268 22267->22268 22268->22266 22270 bd30f3 22268->22270 22269 bd3147 22271 bd316e 22269->22271 22272 bd3164 free 22269->22272 22270->22269 22273 bd3187 22270->22273 22274 bd3113 memmove 22270->22274 22275 beecb0 5 API calls 22271->22275 22272->22271 22278 bba7d0 6 API calls 22273->22278 22274->22272 22277 bd317d 22275->22277 22277->21964 22278->22269 22280 bd47f0 22279->22280 22280->22280 22281 beecb0 5 API calls 22280->22281 22282 bd4846 22281->22282 22282->21964 22305 bd48e0 wcslen 22283->22305 22285 bd4058 22288 beecb0 5 API calls 22285->22288 22286 bd406a GetCurrentProcessorNumber GetCurrentThread SetThreadAffinityMask 22295 bd4047 22286->22295 22287 bd48e0 wcslen 22287->22295 22289 bd4062 22288->22289 22289->21964 22290 bd40de GetCurrentThread SetThreadAffinityMask 22290->22295 22291 bd41a6 GetCurrentThread SetThreadAffinityMask 22291->22295 22292 bd41d0 CloseHandle 22292->22292 22292->22295 22294 bd4115 DuplicateHandle 22294->22295 22295->22285 22295->22286 22295->22287 22295->22290 22295->22291 22295->22292 22295->22294 22307 bcf210 22295->22307 22315 bcf1b0 22295->22315 22299 beb41f GetModuleHandleW 22298->22299 22300 beb3ea 22298->22300 22299->22300 22301 beb3fb GetProcAddress 22300->22301 22302 beb40e 22301->22302 22303 beecb0 5 API calls 22302->22303 22304 beb419 22303->22304 22304->22268 22306 bd48fd 22305->22306 22306->22295 22308 bcf247 22307->22308 22321 bcf2d0 22308->22321 22310 bcf25c memmove 22311 bcf2a6 memmove 22310->22311 22312 bcf287 22310->22312 22311->22312 22327 bcf330 22312->22327 22316 bcf1bc 22315->22316 22317 bcf1bf 22315->22317 22316->22295 22318 bcf1dd ??3@YAXPAX 22317->22318 22319 bcf1fd _invalid_parameter_noinfo_noreturn 22317->22319 22320 bcf1d8 22317->22320 22318->22316 22320->22318 22322 bcf2dd 22321->22322 22323 bcf304 ??2@YAPAXI 22322->22323 22324 bcf2e7 22322->22324 22323->22310 22325 bcf2eb ??2@YAPAXI 22324->22325 22326 bcf327 22324->22326 22325->22310 22326->22310 22328 bcf33c 22327->22328 22329 bcf295 22327->22329 22330 bcf35a ??3@YAXPAX 22328->22330 22331 bcf355 22328->22331 22332 bcf380 _invalid_parameter_noinfo_noreturn 22328->22332 22329->22295 22330->22329 22331->22330 22334 bd31d2 22333->22334 22338 bd3214 22333->22338 22335 bd31d6 22334->22335 22334->22338 22342 bd3320 22335->22342 22336 bd31e0 22339 beecb0 5 API calls 22336->22339 22338->22336 22352 bd3260 22338->22352 22340 bd3208 ??3@YAXPAX 22339->22340 22340->21987 22343 bd333c 22342->22343 22351 bd3350 22342->22351 22344 beecb0 5 API calls 22343->22344 22345 bd3346 22344->22345 22345->22336 22346 bd3320 9 API calls 22346->22351 22347 bd3770 9 API calls 22348 bd3376 ??3@YAXPAX 22347->22348 22349 bbdf30 2 API calls 22348->22349 22350 bd338b ??3@YAXPAX 22349->22350 22350->22343 22350->22351 22351->22346 22351->22347 22353 bd3280 22352->22353 22354 bd3770 9 API calls 22353->22354 22355 bd32d7 ??3@YAXPAX 22354->22355 22356 bbdf30 2 API calls 22355->22356 22357 bd32eb ??3@YAXPAX 22356->22357 22358 beecb0 5 API calls 22357->22358 22359 bd3305 22358->22359 22359->22338 28433 bcafc0 28434 bcaff0 28433->28434 28435 bcafe2 28433->28435 28437 beecb0 5 API calls 28434->28437 28448 bca300 TlsGetValue 28435->28448 28439 bcaffe 28437->28439 28441 bcb011 28442 bcb330 2 API calls 28441->28442 28444 bcb021 28442->28444 28443 bcb085 RtlReleaseSRWLockExclusive 28443->28434 28444->28443 28445 bc1ff0 7 API calls 28444->28445 28446 bcb07e 28445->28446 28447 bc20c0 8 API calls 28446->28447 28447->28443 28449 bca31c 28448->28449 28449->28434 28450 bc8120 RtlAcquireSRWLockExclusive 28449->28450 28450->28441 21716 bd0bc0 21717 bd0c20 21716->21717 21718 bc46c0 55 API calls 21717->21718 21725 bd0d92 21717->21725 21719 bd0c4c 21718->21719 21720 be3830 7 API calls 21719->21720 21719->21725 21721 bd0c9b 21720->21721 21722 be3d30 13 API calls 21721->21722 21721->21725 21723 bd0ccc 21722->21723 21728 bd0d6c 21723->21728 21730 bd0e30 21723->21730 21724 be4060 7 API calls 21724->21725 21728->21724 21728->21725 21729 bc48f0 55 API calls 21729->21728 21731 be6680 6 API calls 21730->21731 21735 bd0e4c 21731->21735 21732 bd0e55 21733 beecb0 5 API calls 21732->21733 21734 bd0d5b 21733->21734 21734->21728 21734->21729 21735->21732 21747 bd19d0 21735->21747 21738 bd19d0 2 API calls 21739 bd0ec4 21738->21739 21739->21732 21740 bd19d0 2 API calls 21739->21740 21741 bd0ee1 21740->21741 21741->21732 21742 bd19d0 2 API calls 21741->21742 21743 bd0ef7 21742->21743 21743->21732 21744 bd19d0 2 API calls 21743->21744 21745 bd0f0d 21744->21745 21745->21732 21746 be67f0 8 API calls 21745->21746 21746->21732 21748 bd1a14 21747->21748 21750 bd0ea9 21747->21750 21749 bd18e0 2 API calls 21748->21749 21748->21750 21749->21750 21750->21732 21750->21738 21400 bc4510 21401 bba740 13 API calls 21400->21401 21402 bc453f 21401->21402 21403 bee7bc 2 API calls 21402->21403 21404 bc4549 21403->21404 21405 bba740 13 API calls 21404->21405 21406 bc4578 21405->21406 21407 bee7bc 2 API calls 21406->21407 21408 bc4582 21407->21408 21409 bba740 13 API calls 21408->21409 21410 bc45b1 21409->21410 21411 bee7bc 2 API calls 21410->21411 21412 bc45bb 21411->21412 19448 bb1000 GetEnvironmentVariableW 19449 bb1029 19448->19449 19450 bb10a8 SetDllDirectoryW 19448->19450 19452 bb1152 moz_xmalloc 19449->19452 19453 bb1033 moz_xmalloc GetEnvironmentVariableW 19449->19453 19475 bb3dd0 19450->19475 19468 bb118a __p__environ 19452->19468 19469 bb117c memcpy 19452->19469 19455 bb109b free 19453->19455 19456 bb1053 ExpandEnvironmentStringsW 19453->19456 19454 bb10c6 19454->19452 19457 bb11e0 19454->19457 19460 bb10e4 moz_xmalloc 19454->19460 19455->19450 19456->19455 19458 bb1062 19456->19458 19765 beecb0 19457->19765 19458->19452 19459 bb106c moz_xmalloc ExpandEnvironmentStringsW 19458->19459 19461 bb1091 free 19459->19461 19462 bb1085 SetEnvironmentVariableW 19459->19462 19460->19452 19464 bb10f7 19460->19464 19461->19455 19462->19461 19466 bb1100 wcslen moz_xmalloc WideCharToMultiByte 19464->19466 19465 bb11ea 19466->19452 19466->19466 19718 bb1230 ?Now@TimeStamp@mozilla@@CA?AV12@_N ?profiler_init@baseprofiler@mozilla@@YAXPAX ?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPAVProfilingStack@23 19468->19718 19469->19468 19471 bb119c free 19472 bb11d3 free 19471->19472 19473 bb11b3 19471->19473 19472->19457 19473->19472 19474 bb11c9 free 19473->19474 19474->19473 19772 bb5790 19475->19772 19477 bb3ebf 19794 bb2d00 19477->19794 19479 bb3e10 19479->19477 19481 bb3e89 towlower 19479->19481 19480 bb4087 NtQueryInformationProcess 19482 bb40cf 19480->19482 19481->19479 19483 bb41f1 19482->19483 19484 bb40de OpenProcess 19482->19484 19488 bb2bd0 64 API calls 19483->19488 19491 bb41f8 getenv 19483->19491 19485 bb40fa 19484->19485 19486 bb4285 GetLastError 19484->19486 19866 bbdf80 QueryFullProcessImageNameW 19485->19866 19489 bb41d2 19486->19489 19495 bb429b 19486->19495 19487 bb3f28 towlower 19573 bb3ee0 19487->19573 19488->19491 19489->19483 19498 bb41ea CloseHandle 19489->19498 19499 bb432b 19491->19499 19509 bb4213 19491->19509 19493 bb3f48 towlower 19493->19573 19495->19454 19496 bb4118 19871 bbe0d0 19496->19871 19497 bb3f68 towlower 19497->19573 19498->19483 19499->19509 19888 bba900 _putenv 19499->19888 19503 bb3f88 towlower 19503->19573 19504 bb4143 19884 bbe000 GetModuleFileNameW 19504->19884 19505 bb42b2 19507 bb436a GetCurrentProcess 19505->19507 19508 bb42c5 19505->19508 19512 bbdf80 7 API calls 19507->19512 19508->19495 19511 bb4554 19509->19511 19514 bb4446 towlower 19509->19514 19518 bb4462 towlower 19509->19518 19528 bb447e towlower 19509->19528 19540 bb44a2 towlower 19509->19540 19552 bb44c6 towlower 19509->19552 19562 bb44ea towlower 19509->19562 19570 bb450e towlower 19509->19570 19581 bb4532 towlower 19509->19581 19517 bb4886 towlower 19511->19517 19527 bb48a2 towlower 19511->19527 19539 bb48be towlower 19511->19539 19551 bb48e2 towlower 19511->19551 19561 bb4906 towlower 19511->19561 19569 bb492a towlower 19511->19569 19580 bb494e towlower 19511->19580 19583 bb4972 towlower 19511->19583 19586 bb4996 towlower 19511->19586 19593 bb49ba towlower 19511->19593 19601 bb49de towlower 19511->19601 19612 bb4a02 towlower 19511->19612 19624 bb4a26 towlower 19511->19624 19635 bb4a4a towlower 19511->19635 19643 bb4586 19511->19643 19515 bb438e 19512->19515 19513 bb3fa8 towlower 19513->19573 19514->19509 19520 bb4398 19515->19520 19889 bbe060 19515->19889 19517->19511 19518->19509 19519 bbe0d0 19 API calls 19523 bb4177 19519->19523 19520->19489 19533 bb43fc CloseHandle 19520->19533 19521 bb3fc8 towlower 19521->19573 19523->19489 19523->19508 19525 bb4737 19529 bb2bd0 64 API calls 19525->19529 19526 bb45b5 19531 bb46b9 getenv 19526->19531 19532 bb45c3 19526->19532 19527->19511 19528->19509 19534 bb46e5 19529->19534 19530 bb3fe8 towlower 19530->19573 19535 bb47cb 19531->19535 19536 bb46cf _wgetenv 19531->19536 19537 bb477c 19532->19537 19543 bb465e 19532->19543 19544 bb45e3 7 API calls 19532->19544 19533->19489 19828 bb5a40 19534->19828 19535->19536 19538 bb47d4 DebugBreak 19535->19538 19536->19534 19541 bb47df 19536->19541 19537->19543 19937 bee547 EnterCriticalSection 19537->19937 19538->19534 19539->19511 19540->19509 19541->19534 19545 bb47e9 wcstoul GetCurrentProcessId 19541->19545 19542 bb4004 towlower 19542->19573 19895 bb5b30 AttachConsole 19543->19895 19544->19537 19544->19543 19928 bbe460 IsDebuggerPresent 19545->19928 19551->19511 19552->19509 19553 bb4828 19553->19543 19557 bb4838 19553->19557 19554 bb46f5 19558 bb46ff 19554->19558 19838 bb2bd0 19554->19838 19555 bb401c towlower 19555->19573 19914 bb2ef0 19558->19914 19561->19511 19562->19509 19564 bb4034 towlower 19564->19573 19568 bb404c towlower 19568->19573 19569->19511 19570->19509 19573->19480 19573->19487 19573->19493 19573->19497 19573->19503 19573->19513 19573->19521 19573->19530 19573->19534 19573->19542 19573->19555 19573->19564 19573->19568 19576 beecb0 5 API calls 19577 bb4726 19576->19577 19577->19454 19580->19511 19581->19509 19583->19511 19586->19511 19593->19511 19601->19511 19612->19511 19624->19511 19635->19511 19643->19643 19803 bb6c70 19643->19803 19719 bb1288 19718->19719 19720 bb127d 19718->19720 19721 bb131b ?DllBlocklist_Initialize@@YAXI 19719->19721 20891 bb1670 19719->20891 20930 bb1860 19720->20930 19723 bb1760 60 API calls 19721->19723 19725 bb1334 19723->19725 19727 bb14a8 19725->19727 19736 bb13a3 getenv 19725->19736 19726 bb129e 19726->19721 19728 bb12a2 ?DllBlocklist_Initialize@@YAXI 19726->19728 19727->19471 19729 bb148e 19728->19729 19730 bb12c1 19728->19730 20922 bebc30 19729->20922 20895 bb1760 19730->20895 19735 bb149b 20965 bb16a0 19735->20965 19738 bb13bf 19736->19738 19741 bb13f3 19738->19741 19742 bb13d9 19738->19742 19743 bb1670 _stricmp 19738->19743 20933 bebd40 19741->20933 19742->19741 19746 bb1670 _stricmp 19742->19746 19745 bb13d1 19743->19745 19745->19742 19749 bb14c9 19745->19749 19747 bb13eb 19746->19747 19747->19741 19751 bb14d5 19747->19751 19748 bb1412 19752 bb14ce 19748->19752 19756 bb1421 19748->19756 19749->19752 20974 bb1980 19749->20974 19759 bebd40 89 API calls 19751->19759 19757 bb16a0 10 API calls 19752->19757 19753 beecb0 5 API calls 19754 bb1311 19753->19754 19754->19471 20941 bb19e0 19756->20941 19761 bb1519 19757->19761 19764 bb12de ?profiler_shutdown@baseprofiler@mozilla@ 19759->19764 19761->19764 19762 bb1582 19763 bb16a0 10 API calls 19762->19763 19763->19761 19764->19753 19766 beecbb IsProcessorFeaturePresent 19765->19766 19767 beecb9 19765->19767 19769 bef05f 19766->19769 19767->19465 21286 bef144 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 19769->21286 19771 bef142 19771->19465 19773 bb5a25 19772->19773 19774 bb57aa 19772->19774 19773->19479 19774->19773 19775 bb57f6 towlower 19774->19775 19776 bb580e towlower 19774->19776 19777 bb5826 towlower 19774->19777 19778 bb583e towlower 19774->19778 19779 bb585e towlower 19774->19779 19780 bb587c 19774->19780 19775->19774 19776->19774 19777->19774 19778->19774 19779->19774 19781 bb5a2d exit 19780->19781 19782 bb58bf towlower 19780->19782 19782->19781 19783 bb58d6 19782->19783 19783->19781 19784 bb58e3 towlower 19783->19784 19784->19781 19785 bb58fa 19784->19785 19785->19781 19786 bb5907 towlower 19785->19786 19786->19781 19787 bb591e 19786->19787 19787->19781 19788 bb592b towlower 19787->19788 19788->19781 19789 bb5942 19788->19789 19789->19781 19790 bb594f towlower 19789->19790 19790->19781 19793 bb5966 19790->19793 19791 bb59b8 19791->19773 19791->19781 19792 bb59ea towlower 19792->19793 19793->19781 19793->19791 19793->19792 19795 bba640 10 API calls 19794->19795 19796 bb2d36 19795->19796 20089 bba740 wcslen 19796->20089 19799 bb2d6a 19801 beecb0 5 API calls 19799->19801 19800 bb2d60 free 19800->19799 19802 bb2dc5 19801->19802 19802->19573 20115 bb6950 19803->20115 19806 bb6ca1 GetModuleHandleW 19807 bb6cb8 19806->19807 19808 bb6e39 19807->19808 20122 bb6f60 19807->20122 19811 bb6cf5 19811->19808 19813 bb6d49 19811->19813 19814 bb6cfd QueryPerformanceCounter 19811->19814 19817 bb6e4c 19813->19817 19818 bb6d56 19813->19818 19816 bb6d34 19814->19816 19820 beecb0 5 API calls 19816->19820 19817->19808 19819 bb6e54 QueryPerformanceCounter 19817->19819 20130 bb70c0 19818->20130 19819->19808 19823 bb45a4 19820->19823 19823->19525 19823->19526 19829 bb5a63 19828->19829 19837 bb5a83 19828->19837 19830 bb6950 7 API calls 19829->19830 19831 bb5a6d 19830->19831 19833 bb5a7d 19831->19833 19831->19837 20251 bb7160 19831->20251 19832 beecb0 5 API calls 19834 bb5a91 19832->19834 19833->19837 20259 bb6b60 19833->20259 19834->19554 19837->19832 19839 bb2d00 24 API calls 19838->19839 19840 bb2bf9 19839->19840 20273 bb2dd0 19840->20273 19843 bb2d00 24 API calls 19844 bb2c15 19843->19844 20280 bb71b0 19844->20280 19847 bb2c93 19849 bb2ef0 3 API calls 19847->19849 19848 bb2c37 20294 bba900 _putenv 19848->20294 19851 bb2c9f 19849->19851 20291 bb2e50 RegisterEventSourceW 19851->20291 19852 bb2c41 moz_xmalloc CreateToolhelp32Snapshot _beginthreadex 19854 bb2c8a 19852->19854 19855 bb2cc4 CloseHandle 19852->19855 20295 bba960 19854->20295 19857 bba960 2 API calls 19855->19857 19856 bb2ca6 19859 bb2ef0 3 API calls 19856->19859 19860 bb2cdc 19857->19860 19861 bb2caf 19859->19861 19862 bb2ef0 3 API calls 19860->19862 19863 beecb0 5 API calls 19861->19863 19864 bb2ce8 19862->19864 19865 bb2cbd 19863->19865 19864->19851 19864->19856 19865->19558 19867 bbdfba 19866->19867 19868 bbdfcc GetLastError 19866->19868 19869 beecb0 5 API calls 19867->19869 19868->19867 19870 bb410a 19869->19870 19870->19495 19870->19496 19872 bbe11d 19871->19872 19873 bbe1ed 19871->19873 19874 bbe12c RtlInitUnicodeString NtOpenFile 19872->19874 19875 bbe1a5 19872->19875 19879 beecb0 5 API calls 19873->19879 19876 bbe1de 19874->19876 19877 bbe19b 19874->19877 19875->19876 19878 bbe1ae CreateFileW 19875->19878 19876->19873 19883 bbe1e6 CloseHandle 19876->19883 20300 bbe290 19877->20300 19878->19877 19881 bbe254 GetLastError 19878->19881 19880 bb4132 19879->19880 19880->19504 19880->19505 19881->19876 19883->19873 19885 bbe028 19884->19885 19886 bbe031 GetLastError 19884->19886 19885->19886 19887 bb414f 19885->19887 19886->19887 19887->19508 19887->19519 19888->19509 19890 bbe079 19889->19890 19891 bbe08f 19889->19891 19892 beecb0 5 API calls 19890->19892 19891->19890 19894 bbe0a1 RtlInitUnicodeString RtlInitUnicodeString RtlEqualUnicodeString 19891->19894 19893 bbe085 19892->19893 19893->19520 19894->19890 19896 bb5b43 __acrt_iob_func 19895->19896 19897 bb466e 19895->19897 20311 bb7720 _fileno 19896->20311 19897->19554 19903 bba640 19897->19903 19904 bba653 19903->19904 19905 bba65f moz_xmalloc memset 19904->19905 19909 bba703 GetLastError 19904->19909 19910 bba692 moz_xmalloc memset wcscpy_s 19904->19910 19909->19904 19909->19910 19915 bb2eff 19914->19915 20318 bbdf30 19915->20318 19918 bbdf30 2 API calls 19919 bb2f24 19918->19919 19920 bbdf30 2 API calls 19919->19920 19921 bb2f2c 19920->19921 19922 bbdf30 2 API calls 19921->19922 19923 bb2f34 19922->19923 19924 bbdf30 2 API calls 19923->19924 19925 bb2f3c 19924->19925 19926 bb2f4a 19925->19926 19927 bb2f43 RegCloseKey 19925->19927 19926->19576 19927->19926 19929 bbe47f _dup _fdopen 19928->19929 19930 bbe4b1 19928->19930 19941 bee55b 19937->19941 19938 bee560 LeaveCriticalSection 19938->19553 19941->19938 20323 bee5e3 19941->20323 20090 bba76a memmove 20089->20090 20091 bba7a1 20089->20091 20094 bba78b 20090->20094 20097 bba7d0 20091->20097 20095 beecb0 5 API calls 20094->20095 20096 bb2d55 20095->20096 20096->19799 20096->19800 20098 bba86a 20097->20098 20099 bba7e7 20097->20099 20114 bba890 ?_Xlength_error@std@@YAXPBD 20098->20114 20107 bba8a0 20099->20107 20102 bba81d memcpy 20103 bba848 20102->20103 20105 bba853 20102->20105 20103->20094 20104 bba85e free 20104->20103 20105->20104 20106 bba885 _invalid_parameter_noinfo_noreturn 20105->20106 20108 bba8aa 20107->20108 20109 bba8b3 20108->20109 20112 bba8d1 moz_xmalloc 20108->20112 20110 bba8f2 20109->20110 20111 bba8b7 moz_xmalloc 20109->20111 20110->20102 20111->20102 20112->20102 20116 bb69a0 20115->20116 20117 bb696b RegCreateKeyExW 20115->20117 20119 beecb0 5 API calls 20116->20119 20117->20116 20118 bb6996 20117->20118 20118->20116 20120 bb69fe RegCloseKey 20118->20120 20121 bb69bf 20119->20121 20120->20116 20121->19806 20121->19808 20123 bb6f8b 20122->20123 20124 bb6f73 20122->20124 20163 bb7260 20123->20163 20169 bb7330 20124->20169 20131 bb70eb 20130->20131 20132 bb70d3 20130->20132 20210 bb7530 20131->20210 20133 bb7330 12 API calls 20132->20133 20135 bb70dd 20133->20135 20137 bb73b0 25 API calls 20135->20137 20137->20131 20138 bb7110 20139 bb713b 20138->20139 20140 bb7123 20138->20140 20142 bb7530 6 API calls 20139->20142 20141 bb7330 12 API calls 20140->20141 20146 bb6fb0 20216 bb6a30 20146->20216 20150 bb6ff4 20152 beecb0 5 API calls 20150->20152 20154 bb6e14 20152->20154 20154->19808 20155 bb7070 20154->20155 20156 bb709e 20155->20156 20157 bb7086 20155->20157 20164 bb7288 RegQueryValueExW 20163->20164 20165 bb7286 20163->20165 20166 bb72a3 20164->20166 20165->20164 20167 beecb0 5 API calls 20166->20167 20168 bb6cd5 20167->20168 20168->19808 20168->19811 20168->20146 20170 bb736e 20169->20170 20171 bb7346 20169->20171 20172 beecb0 5 API calls 20170->20172 20173 bb7358 20171->20173 20174 bb737f memmove 20171->20174 20175 bb6f7d 20172->20175 20177 bba7d0 6 API calls 20173->20177 20174->20170 20178 bb73b0 20175->20178 20177->20170 20179 bb73da memmove 20178->20179 20180 bb7413 20178->20180 20183 bb73fd 20179->20183 20186 bbe810 20180->20186 20184 beecb0 5 API calls 20183->20184 20185 bb7407 20184->20185 20185->20123 20187 bbe931 20186->20187 20190 bbe833 20186->20190 20209 bba890 ?_Xlength_error@std@@YAXPBD 20187->20209 20189 bbe936 _invalid_parameter_noinfo_noreturn 20192 bbe940 RtlAcquireSRWLockExclusive 20189->20192 20191 bba8a0 2 API calls 20190->20191 20193 bbe87a 20191->20193 20194 bbe98c 20192->20194 20195 bbe9d2 WideCharToMultiByte 20192->20195 20196 bbe888 memcpy memcpy 20193->20196 20197 bbe8e5 memcpy memcpy 20193->20197 20198 bbeb12 RtlReleaseSRWLockExclusive 20194->20198 20199 bbea07 WriteFile 20195->20199 20208 bbe9a0 20195->20208 20200 bbe91a 20196->20200 20201 bbe8c7 free 20196->20201 20202 bbe8d7 20197->20202 20198->20183 20199->20208 20200->20189 20200->20201 20201->20202 20202->20183 20204 bbe9a7 WriteFile 20204->20208 20205 bbea34 WriteFile 20205->20208 20206 bbeaa4 _ltoa strlen WriteFile 20206->20208 20207 bbeaf4 WriteFile 20207->20208 20208->20195 20208->20198 20208->20204 20208->20205 20208->20206 20208->20207 20211 bb755b 20210->20211 20212 bb755d RegQueryValueExW 20210->20212 20211->20212 20213 bb7579 20212->20213 20214 beecb0 5 API calls 20213->20214 20215 bb6d61 20214->20215 20215->19808 20215->20138 20217 bb6950 7 API calls 20216->20217 20218 bb6a53 20217->20218 20219 bb70c0 30 API calls 20218->20219 20224 bb6a75 20218->20224 20221 bb6a65 20219->20221 20220 beecb0 5 API calls 20222 bb6a9e 20220->20222 20223 bb7110 30 API calls 20221->20223 20221->20224 20222->20150 20225 bb6b10 20222->20225 20223->20224 20224->20220 20226 bb6b3a 20225->20226 20232 bb6b23 20225->20232 20228 bb7330 12 API calls 20226->20228 20229 bb6b44 20228->20229 20231 bb73b0 25 API calls 20229->20231 20231->20232 20241 bb74d0 20232->20241 20242 bb74df 20241->20242 20243 bb74e1 RegDeleteValueW 20241->20243 20242->20243 20244 bb6b30 20243->20244 20244->20150 20252 bb7191 20251->20252 20253 bb7176 20251->20253 20255 bb7330 12 API calls 20252->20255 20267 bb7440 20253->20267 20257 bb719b 20255->20257 20258 bb73b0 25 API calls 20257->20258 20258->20253 20260 bb6b8b 20259->20260 20261 bb6b73 20259->20261 20263 bb7440 6 API calls 20260->20263 20262 bb7330 12 API calls 20261->20262 20264 bb6b7d 20262->20264 20265 bb6b9e 20263->20265 20266 bb73b0 25 API calls 20264->20266 20265->19837 20266->20260 20268 bb746f 20267->20268 20269 bb7471 RegSetValueExW 20267->20269 20268->20269 20270 bb7487 20269->20270 20271 beecb0 5 API calls 20270->20271 20272 bb7187 20271->20272 20272->19833 20274 bb6950 7 API calls 20273->20274 20275 bb2dee 20274->20275 20276 bb2df4 20275->20276 20277 bb6b60 30 API calls 20275->20277 20278 beecb0 5 API calls 20276->20278 20277->20276 20279 bb2c07 20278->20279 20279->19843 20281 bb6950 7 API calls 20280->20281 20282 bb71cf 20281->20282 20283 bb7223 20282->20283 20285 bb7330 12 API calls 20282->20285 20286 bb71d5 20282->20286 20284 bb7260 6 API calls 20283->20284 20284->20286 20288 bb7215 20285->20288 20287 beecb0 5 API calls 20286->20287 20289 bb2c23 20287->20289 20290 bb73b0 25 API calls 20288->20290 20289->19847 20289->19848 20290->20283 20292 bb2e6c 7 API calls 20291->20292 20293 bb2ee0 20291->20293 20292->20293 20293->19856 20294->19852 20296 bba98c 20295->20296 20297 bba970 20295->20297 20296->19847 20298 bba97b CloseHandle 20297->20298 20299 bba982 free 20297->20299 20298->20299 20299->20296 20301 bbe2d8 20300->20301 20302 bbe365 GetFileInformationByHandleEx 20300->20302 20303 bbe3bc GetFileInformationByHandle 20301->20303 20304 bbe2e8 6 API calls 20301->20304 20302->20303 20307 bbe378 20302->20307 20303->20307 20308 bbe42f GetLastError 20303->20308 20305 bbe35a 20304->20305 20306 bbe3b1 20304->20306 20305->20302 20306->20303 20309 beecb0 5 API calls 20307->20309 20308->20307 20310 bbe3a9 20309->20310 20310->19876 20312 bb773c 20311->20312 20313 bb7764 freopen 20311->20313 20319 bb2f1c 20318->20319 20320 bbdf54 20318->20320 20319->19918 20321 bbdf5f free 20320->20321 20322 bbdf7a _invalid_parameter_noinfo_noreturn 20320->20322 20321->20319 20324 bee61c LeaveCriticalSection WaitForSingleObjectEx EnterCriticalSection 20323->20324 20325 bee5f0 20323->20325 20324->20325 20325->19941 20892 bb1679 20891->20892 20893 bb1696 20892->20893 20894 bb1680 _stricmp 20892->20894 20893->19726 20894->19726 20896 bb17ef 20895->20896 20897 bb1783 20895->20897 20899 beecb0 5 API calls 20896->20899 20979 bb18c0 20897->20979 20901 bb12c8 20899->20901 20901->19727 20914 bb15a0 20901->20914 20902 bb1806 20905 bb16a0 10 API calls 20902->20905 20903 bb1796 strdup 20903->20902 20904 bb17a4 20903->20904 20986 bb2000 20904->20986 20907 bb1810 20905->20907 20907->20896 20909 bb1843 20910 bb16a0 10 API calls 20909->20910 20911 bb184d 20910->20911 20913 bb17e5 free 20911->20913 20912 bb17de 20912->20913 20913->20896 20915 bb15b7 20914->20915 20921 bb15f4 20914->20921 20916 bebc30 92 API calls 20915->20916 20919 bb15d9 20915->20919 20916->20919 20917 beecb0 5 API calls 20918 bb1610 20917->20918 20918->19764 20920 bebd40 89 API calls 20919->20920 20919->20921 20920->20921 20921->20917 20923 bebc57 20922->20923 20924 bb1493 20922->20924 20925 bee547 __Init_thread_header 5 API calls 20923->20925 20924->19730 20924->19735 20926 bebc61 20925->20926 20926->20924 21070 bebc90 20926->21070 20929 bee599 __Init_thread_footer 4 API calls 20929->20924 20931 bb1879 20930->20931 20932 bb1871 ?ensureCapacitySlow@ProfilingStack@baseprofiler@mozilla@ 20930->20932 20931->19719 20932->20931 20934 bebd8a 20933->20934 20935 bebd60 20933->20935 20934->19748 20936 bee547 __Init_thread_header 5 API calls 20935->20936 20937 bebd6a 20936->20937 20937->20934 21273 bebda0 20937->21273 20940 bee599 __Init_thread_footer 4 API calls 20940->20934 20942 bb1a1a 20941->20942 20943 bb19fa 20941->20943 20942->19764 20943->20942 20944 bb1c20 20943->20944 20945 bb1a32 tolower 20943->20945 20948 bb1a48 tolower 20943->20948 20950 bb1a5e tolower 20943->20950 20951 bb1a74 tolower 20943->20951 20952 bb1a8a tolower 20943->20952 20953 bb1aa6 20943->20953 20944->20942 20946 bb1c3e exit 20944->20946 20945->20943 21278 bee7bc 20946->21278 20948->20943 20950->20943 20951->20943 20952->20943 20953->20946 20954 bb1add tolower 20953->20954 20954->20946 20955 bb1aef 20954->20955 20955->20946 20956 bb1afb tolower 20955->20956 20956->20946 20957 bb1b0d 20956->20957 20957->20946 20958 bb1b19 tolower 20957->20958 20958->20946 20959 bb1b2b 20958->20959 20959->20946 20960 bb1b37 tolower 20959->20960 20960->20946 20961 bb1b49 20960->20961 20961->20946 20962 bb1b55 tolower 20961->20962 20962->20946 20964 bb1b67 20962->20964 20963 bb1bf3 tolower 20963->20964 20964->20944 20964->20946 20964->20963 20966 bb16b0 20965->20966 20967 bb16cb __stdio_common_vsnprintf_s MultiByteToWideChar LoadLibraryW 20966->20967 20968 bb173e 20967->20968 20969 bb1716 GetProcAddress 20967->20969 20972 beecb0 5 API calls 20968->20972 20970 bb1728 20969->20970 20971 bb1737 FreeLibrary 20969->20971 20970->20971 20971->20968 20973 bb14a5 20972->20973 20973->19727 21285 bb18b0 20974->21285 20976 bb19a0 __stdio_common_vsprintf 20977 beecb0 5 API calls 20976->20977 20978 bb153c strdup _putenv 20977->20978 20978->19741 20978->19762 21015 bb1920 20979->21015 20982 bb18e9 WideCharToMultiByte 20983 bb1905 20982->20983 20984 beecb0 5 API calls 20983->20984 20985 bb1792 20984->20985 20985->20902 20985->20903 20987 bb2383 20986->20987 20988 bb2024 strrchr 20986->20988 20990 beecb0 5 API calls 20987->20990 20988->20987 20989 bb2037 malloc memcpy 20988->20989 20992 bb2072 20989->20992 21000 bb239a 20989->21000 20991 bb17ae 20990->20991 20991->20909 20991->20912 20994 bb20a9 memcpy getenv 20992->20994 20992->21000 21005 bb234e 20992->21005 20993 bb2415 fclose 20993->21005 20997 bb2454 strlen 20994->20997 20998 bb2114 MultiByteToWideChar _wfopen 20994->20998 20995 bb23f2 FreeLibrary 20999 bb2408 free 20995->20999 20995->21000 20996 bb2379 free 20996->20987 21002 bb217c 20997->21002 21001 bb214d fgets 20998->21001 20998->21005 20999->21000 21000->20993 21000->20995 21001->21002 21003 bb232a fclose GetProcAddress 21001->21003 21002->20993 21006 bb2190 strlen 21002->21006 21007 bb225c fgets 21002->21007 21009 bb21f5 strcpy MultiByteToWideChar 21002->21009 21010 bb2286 6 API calls 21002->21010 21004 bb249e 21003->21004 21003->21005 21005->20987 21005->20996 21006->21002 21006->21007 21007->21006 21008 bb2276 21007->21008 21008->21003 21011 bb227b 21009->21011 21012 bb222c LoadLibraryExW 21009->21012 21010->21002 21011->21012 21020 bb1d50 21011->21020 21012->21000 21013 bb223f moz_xmalloc 21012->21013 21013->21007 21016 bb192f wcscpy_s 21015->21016 21017 bb194e GetModuleFileNameW 21015->21017 21018 bb18e5 21016->21018 21017->21018 21019 bb1964 21017->21019 21018->20982 21018->20983 21019->21016 21021 bb1d6e 21020->21021 21022 bb1e24 21020->21022 21047 bb1f30 21021->21047 21024 beecb0 5 API calls 21022->21024 21026 bb1e2e 21024->21026 21026->21011 21027 bb1d7b CreateFileW 21027->21022 21029 bb1da0 CreateFileMappingA 21027->21029 21028 bb1e36 21030 beecb0 5 API calls 21028->21030 21031 bb1e1d CloseHandle 21029->21031 21032 bb1dbc MapViewOfFile 21029->21032 21033 bb1e40 21030->21033 21031->21022 21034 bb1e16 CloseHandle 21032->21034 21039 bb1dd2 21032->21039 21035 bb1e68 CreateFileW 21033->21035 21036 bb1e96 21033->21036 21034->21031 21035->21036 21037 bb1e86 21035->21037 21036->21011 21059 bb1c70 21037->21059 21038 bb1e0f UnmapViewOfFile 21038->21034 21039->21038 21041 bb1e02 21039->21041 21043 bb1e4e 21039->21043 21050 bb1f70 21041->21050 21058 bb1f0e GetCurrentProcess TerminateProcess 21043->21058 21048 bb1f48 GetModuleHandleW GetProcAddress 21047->21048 21049 bb1d73 21047->21049 21048->21049 21049->21027 21049->21028 21051 bb1f89 21050->21051 21052 bb1fb6 21050->21052 21053 bb1f92 21051->21053 21054 bb1fc7 GetModuleHandleW GetProcAddress 21051->21054 21055 beecb0 5 API calls 21052->21055 21053->21052 21056 bb1f9c GetCurrentProcess 21053->21056 21054->21052 21054->21056 21057 bb1e09 21055->21057 21056->21052 21057->21038 21068 bef1d0 21059->21068 21062 bb1ccf 21064 bb1cd7 ReadFile 21062->21064 21066 bb1cf5 SetFilePointerEx 21062->21066 21063 bb1d2c 21065 beecb0 5 API calls 21063->21065 21064->21062 21064->21066 21067 bb1d3a CloseHandle 21065->21067 21066->21063 21067->21036 21069 bb1c83 SetFilePointerEx 21068->21069 21069->21062 21069->21063 21079 bebe20 getenv 21070->21079 21073 bebd09 21077 beecb0 5 API calls 21073->21077 21074 bebcb1 21075 bebcca InitOnceExecuteOnce 21074->21075 21076 bebcba LoadLibraryW 21074->21076 21075->21073 21076->21075 21078 bebc72 21077->21078 21078->20929 21080 bebe5a 21079->21080 21089 bebe44 21079->21089 21082 bebe82 LoadLibraryW 21080->21082 21083 bebe91 InitOnceExecuteOnce 21080->21083 21082->21083 21084 bebed8 21083->21084 21083->21089 21086 bebee2 InitOnceExecuteOnce 21084->21086 21084->21089 21085 bebe49 21087 beecb0 5 API calls 21085->21087 21086->21089 21088 bebca7 ?IsWin32kLockedDown@mozilla@ 21087->21088 21088->21073 21088->21074 21089->21085 21090 bcab40 21089->21090 21091 bcab4d 21090->21091 21093 bcac30 GetModuleHandleW GetProcAddress 21091->21093 21094 bcac4b 21093->21094 21103 bcacd0 21094->21103 21098 bcac98 21099 bcacc1 RtlReleaseSRWLockExclusive 21098->21099 21100 bcacbb 21098->21100 21101 bcaca5 ??2@YAPAXI 21098->21101 21099->21091 21100->21099 21112 bcabb0 21101->21112 21104 bcac8f 21103->21104 21105 bcacf1 21103->21105 21111 bc8120 RtlAcquireSRWLockExclusive 21104->21111 21106 bee547 __Init_thread_header 5 API calls 21105->21106 21107 bcacfb 21106->21107 21107->21104 21108 bcad07 ??2@YAPAXI 21107->21108 21109 bcad1a 21108->21109 21110 bee599 __Init_thread_footer 4 API calls 21109->21110 21110->21104 21111->21098 21119 bca370 21112->21119 21115 bcacd0 10 API calls 21116 bcabcf ??2@YAPAXI 21115->21116 21122 bc3300 21116->21122 21143 bc9f00 21119->21143 21123 bc3339 21122->21123 21124 bc3327 21122->21124 21240 bc3370 21123->21240 21125 bc332f 21124->21125 21126 bc336b 21124->21126 21235 bc34f0 21125->21235 21251 bc14b0 ?_Xlength_error@std@@YAXPBD 21126->21251 21131 beecb0 5 API calls 21133 bc3363 21131->21133 21133->21100 21144 bc9f2b TlsGetValue 21143->21144 21145 bc9f36 21143->21145 21144->21145 21146 bc9f3b 21144->21146 21167 bca060 21145->21167 21192 bca290 21146->21192 21150 bc9f56 RtlReleaseSRWLockExclusive 21152 bc9fe4 21150->21152 21165 bc9fad 21150->21165 21200 bc2290 21152->21200 21154 beecb0 5 API calls 21157 bc9fd0 21154->21157 21156 bc2290 30 API calls 21158 bca032 21156->21158 21157->21115 21160 bc2030 10 API calls 21158->21160 21166 bc9fc2 21158->21166 21162 bca04f 21160->21162 21164 bc20c0 8 API calls 21162->21164 21164->21166 21165->21156 21165->21166 21166->21154 21168 bca08b 21167->21168 21169 bca0c4 TlsGetValue 21167->21169 21170 bca3a0 TlsAlloc 21168->21170 21171 bca0d2 memset TlsSetValue ??2@YAPAXI memcpy TlsSetValue 21169->21171 21190 bca095 21169->21190 21170->21190 21172 beecb0 IsProcessorFeaturePresent SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 21171->21172 21174 bca12f 21172->21174 21173 bbc880 ??0ios_base@std@@IAE ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE 21173->21190 21174->21146 21175 bbc940 13 API calls 21175->21190 21176 bca3a0 TlsAlloc 21176->21190 21177 bbc940 13 API calls 21178 bca161 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H 21177->21178 21179 bbc940 13 API calls 21178->21179 21181 bca17a ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H 21179->21181 21180 bc1ff0 7 API calls 21180->21190 21183 bbc940 13 API calls 21181->21183 21182 bca3c0 TlsFree 21182->21190 21184 bca18e ??2@YAPAXI 21183->21184 21185 bbd7f0 12 API calls 21184->21185 21186 bca1a9 21185->21186 21187 bbd690 free _invalid_parameter_noinfo_noreturn 21186->21187 21188 bca1d9 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE ??1ios_base@std@@UAE 21187->21188 21189 bc2030 10 API calls 21188->21189 21189->21190 21190->21169 21190->21173 21190->21175 21190->21176 21190->21177 21190->21180 21190->21182 21191 bc20c0 8 API calls 21190->21191 21191->21190 21193 bca2b1 21192->21193 21199 bc9f40 RtlAcquireSRWLockExclusive 21192->21199 21194 bee547 __Init_thread_header 5 API calls 21193->21194 21195 bca2bb 21194->21195 21196 bca2c7 ??2@YAPAXI 21195->21196 21195->21199 21197 bca2da 21196->21197 21198 bee599 __Init_thread_footer EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 21197->21198 21198->21199 21199->21150 21201 bbc880 ??0ios_base@std@@IAE ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE 21200->21201 21202 bc22c0 21201->21202 21203 bbc940 13 API calls 21202->21203 21204 bc22c7 21203->21204 21205 bbc940 13 API calls 21204->21205 21206 bc22d5 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H 21205->21206 21207 bbc940 13 API calls 21206->21207 21208 bc22ef ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H 21207->21208 21209 bbc940 13 API calls 21208->21209 21210 bc2306 ??2@YAPAXI 21209->21210 21211 bbd7f0 12 API calls 21210->21211 21212 bc2321 21211->21212 21213 bbd690 free _invalid_parameter_noinfo_noreturn 21212->21213 21214 bc234e ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE ??1ios_base@std@@UAE 21213->21214 21252 bc3560 21235->21252 21237 bc350c 21258 bc35c0 21237->21258 21241 bc342b 21240->21241 21244 bc334d 21240->21244 21242 bc343a 21241->21242 21243 bc34e2 21241->21243 21245 bc347e 21242->21245 21247 bc3471 ??3@YAXPAX 21242->21247 21248 bc34e7 _invalid_parameter_noinfo_noreturn 21242->21248 21272 bc14b0 ?_Xlength_error@std@@YAXPBD 21243->21272 21244->21131 21264 bc3620 21245->21264 21247->21245 21253 bc356b 21252->21253 21254 bc3576 21253->21254 21255 bc3592 ??2@YAPAXI 21253->21255 21256 bc357a ??2@YAPAXI 21254->21256 21257 bc35b3 21254->21257 21255->21237 21256->21237 21257->21237 21259 bc3524 21258->21259 21261 bc35e7 21258->21261 21259->21123 21260 bc3605 ??3@YAXPAX 21260->21259 21261->21260 21262 bc3600 21261->21262 21262->21260 21265 bc363d 21264->21265 21266 bc3650 21264->21266 21267 bc365f 21265->21267 21268 bc3647 21265->21268 21266->21244 21270 bc14b0 ?_Xlength_error@std@@YAXPBD 21267->21270 21269 bc3560 ??2@YAPAXI ??2@YAPAXI 21268->21269 21269->21266 21274 bebe20 89 API calls 21273->21274 21277 bebdb7 21274->21277 21275 beecb0 5 API calls 21276 bebd7b 21275->21276 21276->20940 21277->21275 21281 bee7d1 21278->21281 21282 bee7ee _crt_atexit 21281->21282 21283 bee7f5 _register_onexit_function 21281->21283 21284 bb1c67 21282->21284 21283->21284 21284->19764 21285->20976 21286->19771 21393 bb6160 GetModuleHandleExW 21394 bb61bf 21393->21394 21395 bb6185 21393->21395 21398 beecb0 5 API calls 21394->21398 21395->21394 21396 bb618c GetModuleHandleW 21395->21396 21396->21394 21397 bb619b RtlRunOnceExecuteOnce 21396->21397 21397->21394 21399 bb61c9 21398->21399 21287 bbee50 NtMapViewOfSection 21288 bbefc9 21287->21288 21289 bbeea6 21287->21289 21291 beecb0 5 API calls 21288->21291 21289->21288 21290 bbeeae NtQueryVirtualMemory 21289->21290 21296 bbeeca 21290->21296 21323 bbefbb NtUnmapViewOfSection 21290->21323 21292 bbefd7 21291->21292 21294 bbf0c0 RtlCompareUnicodeString 21294->21296 21298 bbf19a 21294->21298 21295 bbf0fe 21295->21288 21297 bbf111 RtlDuplicateUnicodeString 21295->21297 21296->21288 21296->21294 21296->21295 21296->21323 21301 bbf132 21297->21301 21299 bbf285 memset RtlGetVersion 21298->21299 21322 bbf2be 21298->21322 21299->21322 21341 bbf365 21299->21341 21300 bbf45b RtlAcquireSRWLockExclusive 21302 bbf473 21300->21302 21303 bbf487 RtlEqualUnicodeString 21300->21303 21304 bbf183 21301->21304 21305 bbf30b 21301->21305 21311 bbf4bd RtlAllocateHeap 21302->21311 21312 bbf4e7 RtlReleaseSRWLockExclusive 21302->21312 21306 bbf480 21303->21306 21309 bbf229 21304->21309 21342 bc0c00 21304->21342 21305->21309 21310 bbf311 RtlFreeUnicodeString 21305->21310 21306->21302 21306->21303 21308 bbf4a5 21306->21308 21308->21312 21309->21288 21314 bbf237 RtlFreeUnicodeString 21309->21314 21310->21309 21311->21308 21311->21312 21315 bbf703 21312->21315 21316 bbf4fc RtlRunOnceExecuteOnce 21312->21316 21313 bbf21f 21346 bbed70 21313->21346 21314->21288 21315->21288 21318 bbfafc 21315->21318 21319 bbfb12 21315->21319 21316->21295 21324 bbf523 21316->21324 21318->21295 21318->21323 21320 bbfb61 RtlFreeUnicodeString 21319->21320 21321 bbfb74 RtlDuplicateUnicodeString 21319->21321 21319->21323 21320->21321 21321->21323 21322->21295 21340 bbfc79 RtlCompareMemory 21322->21340 21322->21341 21323->21288 21324->21315 21325 bbf70a 21324->21325 21326 bbf610 21324->21326 21328 bbf94c 21325->21328 21329 bbfa31 21325->21329 21333 bbf683 21325->21333 21326->21324 21327 bba080 3 API calls 21326->21327 21326->21333 21327->21326 21335 bbf93d 21328->21335 21338 bbf9a5 21328->21338 21330 bbface 21329->21330 21331 bbfac4 free 21329->21331 21330->21315 21334 bbfae0 free 21330->21334 21331->21330 21332 bb8170 2 API calls 21332->21335 21333->21325 21333->21332 21334->21315 21335->21328 21336 bb8170 2 API calls 21335->21336 21337 bbf996 21336->21337 21337->21338 21338->21329 21339 bbfa01 memcpy 21338->21339 21339->21329 21340->21341 21341->21295 21341->21300 21343 bc0c21 21342->21343 21344 bc0c49 RtlQueryPerformanceCounter 21343->21344 21345 bc0ccc 21344->21345 21345->21313 21355 bc0700 RtlQueryPerformanceCounter 21346->21355 21347 bbed8f 21348 bbede2 RtlFreeHeap 21347->21348 21349 bbedf7 21347->21349 21348->21349 21350 bbedfd RtlFreeUnicodeString 21349->21350 21351 bbee13 21349->21351 21350->21351 21352 bbee19 RtlFreeUnicodeString 21351->21352 21353 bbee2f 21351->21353 21352->21353 21353->21309 21359 bc0733 21355->21359 21356 bc09bb RtlAcquireSRWLockShared 21360 bc09d7 RtlReleaseSRWLockShared 21356->21360 21357 bc07c8 RtlCaptureStackBackTrace 21361 bc07ea 21357->21361 21369 bc0846 21357->21369 21358 bc078f memset 21358->21357 21359->21356 21359->21357 21359->21358 21374 bc0d40 21359->21374 21364 beecb0 5 API calls 21360->21364 21362 bc0800 21361->21362 21365 bc0d40 2 API calls 21361->21365 21366 bc080e memset 21362->21366 21362->21369 21368 bc09ec 21364->21368 21365->21362 21366->21369 21368->21347 21369->21356 21370 bc086c 21369->21370 21371 bc08ab RtlFreeHeap 21369->21371 21370->21356 21372 bc0878 RtlReAllocateHeap 21370->21372 21371->21356 21373 bc089e 21372->21373 21373->21356 21375 bc0d50 21374->21375 21376 bc0df6 RtlAllocateHeap 21375->21376 21377 bc0d5b 21375->21377 21379 bc0e5f RtlReAllocateHeap 21375->21379 21380 bc0781 21375->21380 21376->21380 21377->21379 21377->21380 21379->21380 21380->21356 21380->21358 21751 bd0f50 21752 bd0f72 21751->21752 21753 bc46c0 55 API calls 21752->21753 21763 bd1012 21752->21763 21756 bd0f9b 21753->21756 21754 beecb0 5 API calls 21755 bd1020 21754->21755 21757 be3830 7 API calls 21756->21757 21756->21763 21758 bd0fcb 21757->21758 21759 be3d30 13 API calls 21758->21759 21758->21763 21762 bd0ff4 21759->21762 21760 bd1002 21761 be4060 7 API calls 21760->21761 21760->21763 21761->21763 21762->21760 21767 bd10c0 21762->21767 21763->21754 21766 bc48f0 55 API calls 21766->21760 21768 be6680 6 API calls 21767->21768 21770 bd10dc 21768->21770 21769 beecb0 5 API calls 21771 bd1088 21769->21771 21781 bd10e5 21770->21781 21782 bd1ac0 21770->21782 21771->21760 21771->21766 21774 bd1ac0 2 API calls 21775 bd1153 21774->21775 21776 bd1ac0 2 API calls 21775->21776 21775->21781 21777 bd1174 21776->21777 21778 be67f0 8 API calls 21777->21778 21777->21781 21779 bd118d 21778->21779 21779->21781 21786 bd1bb0 21779->21786 21781->21769 21783 bd1b04 21782->21783 21785 bd1138 21782->21785 21784 bd18e0 2 API calls 21783->21784 21783->21785 21784->21785 21785->21774 21785->21781 21787 bd1bf3 21786->21787 21788 bd18e0 2 API calls 21787->21788 21789 bd1c10 21788->21789 21789->21781 21790 bd1340 21791 bd13aa 21790->21791 21792 be3830 7 API calls 21791->21792 21794 bd15ab 21791->21794 21793 bd13ed 21792->21793 21793->21794 21795 be3d30 13 API calls 21793->21795 21797 bd14c4 21795->21797 21796 be4060 7 API calls 21796->21794 21799 bd1562 21797->21799 21800 bd1650 21797->21800 21799->21794 21799->21796 21801 be6680 6 API calls 21800->21801 21802 bd166c 21801->21802 21803 bd1675 21802->21803 21805 bd19d0 2 API calls 21802->21805 21804 beecb0 5 API calls 21803->21804 21806 bd167f 21804->21806 21807 bd16c1 21805->21807 21806->21799 21807->21803 21808 bd19d0 2 API calls 21807->21808 21809 bd16e7 21808->21809 21809->21803 21810 bd19d0 2 API calls 21809->21810 21811 bd170d 21810->21811 21811->21803 21812 bd19d0 2 API calls 21811->21812 21813 bd172c 21812->21813 21813->21803 21814 bd19d0 2 API calls 21813->21814 21815 bd1746 21814->21815 21815->21803 21816 be67f0 8 API calls 21815->21816 21817 bd175a 21816->21817 21817->21803 21818 bd1bb0 2 API calls 21817->21818 21819 bd1778 21818->21819 21819->21803 21820 bd1bb0 2 API calls 21819->21820 21820->21803

                                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                                        C-Code - Quality: 91%
                                                                                                                                                                                                                                                        			E00BB3DD0(void* __eflags, int* _a4, WCHAR** _a8, WCHAR** _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed char _v1059;
                                                                                                                                                                                                                                                        				struct _STARTUPINFOW _v1104;
                                                                                                                                                                                                                                                        				signed int _v1112;
                                                                                                                                                                                                                                                        				char _v1124;
                                                                                                                                                                                                                                                        				signed int _v1128;
                                                                                                                                                                                                                                                        				signed int _v1132;
                                                                                                                                                                                                                                                        				long _v1136;
                                                                                                                                                                                                                                                        				int _v2168;
                                                                                                                                                                                                                                                        				char _v2180;
                                                                                                                                                                                                                                                        				long _v2184;
                                                                                                                                                                                                                                                        				signed int _v2188;
                                                                                                                                                                                                                                                        				void* _v2192;
                                                                                                                                                                                                                                                        				long _v2196;
                                                                                                                                                                                                                                                        				int _v2200;
                                                                                                                                                                                                                                                        				signed char _v2208;
                                                                                                                                                                                                                                                        				char _v2220;
                                                                                                                                                                                                                                                        				signed int _v2224;
                                                                                                                                                                                                                                                        				void* _v2228;
                                                                                                                                                                                                                                                        				long _v2232;
                                                                                                                                                                                                                                                        				char _v2376;
                                                                                                                                                                                                                                                        				char _v2392;
                                                                                                                                                                                                                                                        				char _v2396;
                                                                                                                                                                                                                                                        				void* _v2408;
                                                                                                                                                                                                                                                        				char _v2412;
                                                                                                                                                                                                                                                        				char _v2424;
                                                                                                                                                                                                                                                        				char _v2428;
                                                                                                                                                                                                                                                        				char _v2432;
                                                                                                                                                                                                                                                        				char _v2440;
                                                                                                                                                                                                                                                        				void* _v2452;
                                                                                                                                                                                                                                                        				int _v2456;
                                                                                                                                                                                                                                                        				char _v2459;
                                                                                                                                                                                                                                                        				char _v2460;
                                                                                                                                                                                                                                                        				struct _PROCESS_INFORMATION _v2480;
                                                                                                                                                                                                                                                        				long _v2484;
                                                                                                                                                                                                                                                        				void* _v2488;
                                                                                                                                                                                                                                                        				WCHAR* _v2492;
                                                                                                                                                                                                                                                        				signed int _v2496;
                                                                                                                                                                                                                                                        				int _v2500;
                                                                                                                                                                                                                                                        				signed int _v2504;
                                                                                                                                                                                                                                                        				signed short _v2512;
                                                                                                                                                                                                                                                        				long _v2516;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				signed int _t424;
                                                                                                                                                                                                                                                        				signed short _t429;
                                                                                                                                                                                                                                                        				void _t432;
                                                                                                                                                                                                                                                        				signed int _t434;
                                                                                                                                                                                                                                                        				void* _t435;
                                                                                                                                                                                                                                                        				signed short _t436;
                                                                                                                                                                                                                                                        				char* _t442;
                                                                                                                                                                                                                                                        				signed short _t444;
                                                                                                                                                                                                                                                        				int _t445;
                                                                                                                                                                                                                                                        				wchar_t* _t453;
                                                                                                                                                                                                                                                        				signed int _t454;
                                                                                                                                                                                                                                                        				signed short _t457;
                                                                                                                                                                                                                                                        				intOrPtr _t458;
                                                                                                                                                                                                                                                        				signed short _t460;
                                                                                                                                                                                                                                                        				void* _t461;
                                                                                                                                                                                                                                                        				long _t463;
                                                                                                                                                                                                                                                        				long* _t464;
                                                                                                                                                                                                                                                        				signed short _t465;
                                                                                                                                                                                                                                                        				signed short _t466;
                                                                                                                                                                                                                                                        				WCHAR* _t477;
                                                                                                                                                                                                                                                        				void* _t481;
                                                                                                                                                                                                                                                        				void* _t484;
                                                                                                                                                                                                                                                        				void* _t485;
                                                                                                                                                                                                                                                        				void* _t486;
                                                                                                                                                                                                                                                        				void* _t493;
                                                                                                                                                                                                                                                        				long _t494;
                                                                                                                                                                                                                                                        				signed short _t505;
                                                                                                                                                                                                                                                        				int _t506;
                                                                                                                                                                                                                                                        				void* _t507;
                                                                                                                                                                                                                                                        				long _t508;
                                                                                                                                                                                                                                                        				signed short _t510;
                                                                                                                                                                                                                                                        				signed short _t516;
                                                                                                                                                                                                                                                        				int _t518;
                                                                                                                                                                                                                                                        				int _t522;
                                                                                                                                                                                                                                                        				int* _t524;
                                                                                                                                                                                                                                                        				signed short _t528;
                                                                                                                                                                                                                                                        				long _t530;
                                                                                                                                                                                                                                                        				signed short _t531;
                                                                                                                                                                                                                                                        				long _t533;
                                                                                                                                                                                                                                                        				signed short _t534;
                                                                                                                                                                                                                                                        				long _t536;
                                                                                                                                                                                                                                                        				signed short _t537;
                                                                                                                                                                                                                                                        				long _t539;
                                                                                                                                                                                                                                                        				signed short _t540;
                                                                                                                                                                                                                                                        				long _t542;
                                                                                                                                                                                                                                                        				signed short _t543;
                                                                                                                                                                                                                                                        				long _t545;
                                                                                                                                                                                                                                                        				signed short _t546;
                                                                                                                                                                                                                                                        				long _t548;
                                                                                                                                                                                                                                                        				signed short _t549;
                                                                                                                                                                                                                                                        				long _t551;
                                                                                                                                                                                                                                                        				signed short _t552;
                                                                                                                                                                                                                                                        				long _t554;
                                                                                                                                                                                                                                                        				signed short _t555;
                                                                                                                                                                                                                                                        				long _t557;
                                                                                                                                                                                                                                                        				signed short _t558;
                                                                                                                                                                                                                                                        				long _t560;
                                                                                                                                                                                                                                                        				signed short _t561;
                                                                                                                                                                                                                                                        				long _t563;
                                                                                                                                                                                                                                                        				signed short _t564;
                                                                                                                                                                                                                                                        				signed short* _t565;
                                                                                                                                                                                                                                                        				signed short _t569;
                                                                                                                                                                                                                                                        				short _t571;
                                                                                                                                                                                                                                                        				signed short _t572;
                                                                                                                                                                                                                                                        				long _t574;
                                                                                                                                                                                                                                                        				signed short _t575;
                                                                                                                                                                                                                                                        				long _t577;
                                                                                                                                                                                                                                                        				signed short _t578;
                                                                                                                                                                                                                                                        				long _t580;
                                                                                                                                                                                                                                                        				signed short _t581;
                                                                                                                                                                                                                                                        				long _t583;
                                                                                                                                                                                                                                                        				signed short _t584;
                                                                                                                                                                                                                                                        				long _t586;
                                                                                                                                                                                                                                                        				signed short _t587;
                                                                                                                                                                                                                                                        				long _t589;
                                                                                                                                                                                                                                                        				signed short _t590;
                                                                                                                                                                                                                                                        				long _t592;
                                                                                                                                                                                                                                                        				signed short _t593;
                                                                                                                                                                                                                                                        				long _t595;
                                                                                                                                                                                                                                                        				signed short _t596;
                                                                                                                                                                                                                                                        				long _t598;
                                                                                                                                                                                                                                                        				signed short _t599;
                                                                                                                                                                                                                                                        				long _t601;
                                                                                                                                                                                                                                                        				signed short _t602;
                                                                                                                                                                                                                                                        				long _t604;
                                                                                                                                                                                                                                                        				signed short _t605;
                                                                                                                                                                                                                                                        				long _t607;
                                                                                                                                                                                                                                                        				signed short _t608;
                                                                                                                                                                                                                                                        				long _t610;
                                                                                                                                                                                                                                                        				signed short _t611;
                                                                                                                                                                                                                                                        				long _t613;
                                                                                                                                                                                                                                                        				signed short _t614;
                                                                                                                                                                                                                                                        				long _t616;
                                                                                                                                                                                                                                                        				signed short _t617;
                                                                                                                                                                                                                                                        				long _t619;
                                                                                                                                                                                                                                                        				signed short _t620;
                                                                                                                                                                                                                                                        				long _t622;
                                                                                                                                                                                                                                                        				signed short _t623;
                                                                                                                                                                                                                                                        				long _t625;
                                                                                                                                                                                                                                                        				signed short _t626;
                                                                                                                                                                                                                                                        				long _t628;
                                                                                                                                                                                                                                                        				signed short _t629;
                                                                                                                                                                                                                                                        				long _t631;
                                                                                                                                                                                                                                                        				signed short _t632;
                                                                                                                                                                                                                                                        				long _t634;
                                                                                                                                                                                                                                                        				signed short _t635;
                                                                                                                                                                                                                                                        				long _t637;
                                                                                                                                                                                                                                                        				signed short _t638;
                                                                                                                                                                                                                                                        				long _t640;
                                                                                                                                                                                                                                                        				signed short _t641;
                                                                                                                                                                                                                                                        				long _t643;
                                                                                                                                                                                                                                                        				signed short _t644;
                                                                                                                                                                                                                                                        				long _t646;
                                                                                                                                                                                                                                                        				signed short _t647;
                                                                                                                                                                                                                                                        				long _t649;
                                                                                                                                                                                                                                                        				signed short _t650;
                                                                                                                                                                                                                                                        				long _t652;
                                                                                                                                                                                                                                                        				signed short _t653;
                                                                                                                                                                                                                                                        				long _t655;
                                                                                                                                                                                                                                                        				signed short _t656;
                                                                                                                                                                                                                                                        				long _t658;
                                                                                                                                                                                                                                                        				signed short _t659;
                                                                                                                                                                                                                                                        				long _t661;
                                                                                                                                                                                                                                                        				signed short _t662;
                                                                                                                                                                                                                                                        				long _t664;
                                                                                                                                                                                                                                                        				signed short _t665;
                                                                                                                                                                                                                                                        				long _t667;
                                                                                                                                                                                                                                                        				signed short _t668;
                                                                                                                                                                                                                                                        				long _t670;
                                                                                                                                                                                                                                                        				signed short _t671;
                                                                                                                                                                                                                                                        				long _t673;
                                                                                                                                                                                                                                                        				signed short _t674;
                                                                                                                                                                                                                                                        				signed short _t676;
                                                                                                                                                                                                                                                        				signed short _t677;
                                                                                                                                                                                                                                                        				void* _t682;
                                                                                                                                                                                                                                                        				void* _t683;
                                                                                                                                                                                                                                                        				void* _t684;
                                                                                                                                                                                                                                                        				void* _t685;
                                                                                                                                                                                                                                                        				longlong _t686;
                                                                                                                                                                                                                                                        				signed short _t692;
                                                                                                                                                                                                                                                        				signed short _t693;
                                                                                                                                                                                                                                                        				long _t695;
                                                                                                                                                                                                                                                        				signed short _t696;
                                                                                                                                                                                                                                                        				long _t698;
                                                                                                                                                                                                                                                        				signed short _t699;
                                                                                                                                                                                                                                                        				long _t701;
                                                                                                                                                                                                                                                        				signed short _t702;
                                                                                                                                                                                                                                                        				long _t704;
                                                                                                                                                                                                                                                        				signed short _t705;
                                                                                                                                                                                                                                                        				long _t707;
                                                                                                                                                                                                                                                        				signed short _t708;
                                                                                                                                                                                                                                                        				long _t710;
                                                                                                                                                                                                                                                        				signed short _t711;
                                                                                                                                                                                                                                                        				long _t713;
                                                                                                                                                                                                                                                        				signed short _t714;
                                                                                                                                                                                                                                                        				long _t716;
                                                                                                                                                                                                                                                        				signed short _t717;
                                                                                                                                                                                                                                                        				long _t719;
                                                                                                                                                                                                                                                        				signed short _t720;
                                                                                                                                                                                                                                                        				long _t722;
                                                                                                                                                                                                                                                        				signed short _t723;
                                                                                                                                                                                                                                                        				long _t725;
                                                                                                                                                                                                                                                        				signed short _t726;
                                                                                                                                                                                                                                                        				long _t728;
                                                                                                                                                                                                                                                        				signed short _t729;
                                                                                                                                                                                                                                                        				long _t731;
                                                                                                                                                                                                                                                        				signed short _t732;
                                                                                                                                                                                                                                                        				long _t734;
                                                                                                                                                                                                                                                        				signed short _t735;
                                                                                                                                                                                                                                                        				signed short _t737;
                                                                                                                                                                                                                                                        				long _t739;
                                                                                                                                                                                                                                                        				signed short _t740;
                                                                                                                                                                                                                                                        				long _t742;
                                                                                                                                                                                                                                                        				signed short _t743;
                                                                                                                                                                                                                                                        				long _t745;
                                                                                                                                                                                                                                                        				signed short _t746;
                                                                                                                                                                                                                                                        				long _t748;
                                                                                                                                                                                                                                                        				signed short _t749;
                                                                                                                                                                                                                                                        				long _t751;
                                                                                                                                                                                                                                                        				signed short _t752;
                                                                                                                                                                                                                                                        				long _t754;
                                                                                                                                                                                                                                                        				signed short _t755;
                                                                                                                                                                                                                                                        				long _t757;
                                                                                                                                                                                                                                                        				signed short _t758;
                                                                                                                                                                                                                                                        				long _t760;
                                                                                                                                                                                                                                                        				short _t761;
                                                                                                                                                                                                                                                        				void* _t766;
                                                                                                                                                                                                                                                        				signed int _t768;
                                                                                                                                                                                                                                                        				void* _t770;
                                                                                                                                                                                                                                                        				signed char _t783;
                                                                                                                                                                                                                                                        				signed char _t784;
                                                                                                                                                                                                                                                        				signed int _t786;
                                                                                                                                                                                                                                                        				signed short _t787;
                                                                                                                                                                                                                                                        				long _t789;
                                                                                                                                                                                                                                                        				signed short _t790;
                                                                                                                                                                                                                                                        				long _t792;
                                                                                                                                                                                                                                                        				signed short _t793;
                                                                                                                                                                                                                                                        				long _t795;
                                                                                                                                                                                                                                                        				signed short _t796;
                                                                                                                                                                                                                                                        				long _t798;
                                                                                                                                                                                                                                                        				signed short _t799;
                                                                                                                                                                                                                                                        				long _t801;
                                                                                                                                                                                                                                                        				signed short _t802;
                                                                                                                                                                                                                                                        				long _t804;
                                                                                                                                                                                                                                                        				signed short _t805;
                                                                                                                                                                                                                                                        				long _t807;
                                                                                                                                                                                                                                                        				signed short _t808;
                                                                                                                                                                                                                                                        				long _t810;
                                                                                                                                                                                                                                                        				signed short _t811;
                                                                                                                                                                                                                                                        				long _t813;
                                                                                                                                                                                                                                                        				signed short _t814;
                                                                                                                                                                                                                                                        				long _t816;
                                                                                                                                                                                                                                                        				signed short _t817;
                                                                                                                                                                                                                                                        				long _t819;
                                                                                                                                                                                                                                                        				signed int _t820;
                                                                                                                                                                                                                                                        				long _t822;
                                                                                                                                                                                                                                                        				short _t824;
                                                                                                                                                                                                                                                        				WCHAR** _t825;
                                                                                                                                                                                                                                                        				void* _t826;
                                                                                                                                                                                                                                                        				long _t827;
                                                                                                                                                                                                                                                        				signed int _t828;
                                                                                                                                                                                                                                                        				long* _t829;
                                                                                                                                                                                                                                                        				signed short _t830;
                                                                                                                                                                                                                                                        				int _t831;
                                                                                                                                                                                                                                                        				void* _t832;
                                                                                                                                                                                                                                                        				void* _t835;
                                                                                                                                                                                                                                                        				void* _t836;
                                                                                                                                                                                                                                                        				void* _t838;
                                                                                                                                                                                                                                                        				void* _t840;
                                                                                                                                                                                                                                                        				signed short* _t841;
                                                                                                                                                                                                                                                        				void* _t843;
                                                                                                                                                                                                                                                        				void* _t845;
                                                                                                                                                                                                                                                        				void* _t846;
                                                                                                                                                                                                                                                        				long _t850;
                                                                                                                                                                                                                                                        				signed int _t861;
                                                                                                                                                                                                                                                        				intOrPtr _t862;
                                                                                                                                                                                                                                                        				int _t879;
                                                                                                                                                                                                                                                        				DWORD* _t881;
                                                                                                                                                                                                                                                        				WCHAR** _t894;
                                                                                                                                                                                                                                                        				WCHAR** _t897;
                                                                                                                                                                                                                                                        				signed int _t917;
                                                                                                                                                                                                                                                        				signed int _t922;
                                                                                                                                                                                                                                                        				signed int _t923;
                                                                                                                                                                                                                                                        				signed int _t940;
                                                                                                                                                                                                                                                        				signed int _t941;
                                                                                                                                                                                                                                                        				int _t944;
                                                                                                                                                                                                                                                        				int* _t945;
                                                                                                                                                                                                                                                        				signed short* _t946;
                                                                                                                                                                                                                                                        				void* _t948;
                                                                                                                                                                                                                                                        				signed short _t950;
                                                                                                                                                                                                                                                        				signed short* _t951;
                                                                                                                                                                                                                                                        				signed short* _t952;
                                                                                                                                                                                                                                                        				signed short* _t953;
                                                                                                                                                                                                                                                        				short* _t954;
                                                                                                                                                                                                                                                        				intOrPtr* _t955;
                                                                                                                                                                                                                                                        				void* _t957;
                                                                                                                                                                                                                                                        				void* _t961;
                                                                                                                                                                                                                                                        				void* _t963;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA* _t964;
                                                                                                                                                                                                                                                        				WCHAR* _t966;
                                                                                                                                                                                                                                                        				void* _t968;
                                                                                                                                                                                                                                                        				void* _t969;
                                                                                                                                                                                                                                                        				void* _t972;
                                                                                                                                                                                                                                                        				signed short* _t974;
                                                                                                                                                                                                                                                        				signed short* _t976;
                                                                                                                                                                                                                                                        				short* _t977;
                                                                                                                                                                                                                                                        				void* _t978;
                                                                                                                                                                                                                                                        				short* _t979;
                                                                                                                                                                                                                                                        				signed int _t980;
                                                                                                                                                                                                                                                        				signed int _t981;
                                                                                                                                                                                                                                                        				void* _t984;
                                                                                                                                                                                                                                                        				void* _t985;
                                                                                                                                                                                                                                                        				void* _t986;
                                                                                                                                                                                                                                                        				void* _t993;
                                                                                                                                                                                                                                                        				void* _t994;
                                                                                                                                                                                                                                                        				void* _t995;
                                                                                                                                                                                                                                                        				short _t1007;
                                                                                                                                                                                                                                                        				WCHAR* _t1010;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t424 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t940 = _a12;
                                                                                                                                                                                                                                                        				asm("movq xmm0, [0xbf01a0]");
                                                                                                                                                                                                                                                        				_t924 = _t940;
                                                                                                                                                                                                                                                        				_v24 = _t424 ^ _t980;
                                                                                                                                                                                                                                                        				asm("movq [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        				E00BB5790(_t826, _a8, _t940,  &_v2432);
                                                                                                                                                                                                                                                        				_t984 = (_t981 & 0xfffffff0) - 0x9b0 + 4;
                                                                                                                                                                                                                                                        				 *0xbfa768 = _a16;
                                                                                                                                                                                                                                                        				_v2480.hThread = _t940 + 4;
                                                                                                                                                                                                                                                        				_t429 =  *(_t940 + 4);
                                                                                                                                                                                                                                                        				if(_t429 == 0) {
                                                                                                                                                                                                                                                        					L11:
                                                                                                                                                                                                                                                        					E00BB2D00( &_v2376, _t924, _t1010); // executed
                                                                                                                                                                                                                                                        					_t432 =  *(_v2480.hThread);
                                                                                                                                                                                                                                                        					if(_t432 == 0) {
                                                                                                                                                                                                                                                        						L40:
                                                                                                                                                                                                                                                        						asm("pxor xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v1104.dwYCountChars = 0;
                                                                                                                                                                                                                                                        						_v1104.dwXCountChars = 0;
                                                                                                                                                                                                                                                        						asm("movdqa [esp+0x580], xmm0");
                                                                                                                                                                                                                                                        						_t434 = NtQueryInformationProcess(0xffffffff, 0,  &(_v1104.dwX), 0x18,  &_v2184);
                                                                                                                                                                                                                                                        						_t941 = _t434;
                                                                                                                                                                                                                                                        						if(_t434 < 0) {
                                                                                                                                                                                                                                                        							_t827 = "/builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h";
                                                                                                                                                                                                                                                        							__eflags = _t941;
                                                                                                                                                                                                                                                        							if(_t941 >= 0) {
                                                                                                                                                                                                                                                        								L42:
                                                                                                                                                                                                                                                        								_t435 = OpenProcess(0x1000, 0, _t827);
                                                                                                                                                                                                                                                        								_t963 = _t435;
                                                                                                                                                                                                                                                        								_v2408 = _t435;
                                                                                                                                                                                                                                                        								if(_t435 == 0) {
                                                                                                                                                                                                                                                        									_t436 = GetLastError();
                                                                                                                                                                                                                                                        									__eflags = _t436 - 0x57;
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										_t850 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        										_t827 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        										_v2496 = 0x58;
                                                                                                                                                                                                                                                        										__eflags = _t436;
                                                                                                                                                                                                                                                        										_t941 =  <=  ? _t436 : _t436 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        										L65:
                                                                                                                                                                                                                                                        										_v2504 = _t850 & 0xffffff00;
                                                                                                                                                                                                                                                        										L69:
                                                                                                                                                                                                                                                        										_v2500 = 1;
                                                                                                                                                                                                                                                        										L50:
                                                                                                                                                                                                                                                        										_t82 = _t963 + 1; // 0x1
                                                                                                                                                                                                                                                        										if(_t82 >= 2) {
                                                                                                                                                                                                                                                        											CloseHandle(_t963);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										if(_v2500 != 0) {
                                                                                                                                                                                                                                                        											L59:
                                                                                                                                                                                                                                                        											_v1104.cb = _t827 & 0x000000ff | _v2504;
                                                                                                                                                                                                                                                        											_v1104.lpReserved = _v2496;
                                                                                                                                                                                                                                                        											_v1104.lpDesktop = _t941;
                                                                                                                                                                                                                                                        											E00BB2BD0( &_v1104, _t924, __eflags);
                                                                                                                                                                                                                                                        											_t828 = 0;
                                                                                                                                                                                                                                                        											goto L54;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t828 = _t827 & 0xffffff00 | _t827 == 0x00000000;
                                                                                                                                                                                                                                                        											L54:
                                                                                                                                                                                                                                                        											_t442 = getenv("MOZ_LAUNCHER_PROCESS");
                                                                                                                                                                                                                                                        											_t985 = _t984 + 4;
                                                                                                                                                                                                                                                        											if(_t442 != 0) {
                                                                                                                                                                                                                                                        												__eflags =  *_t442;
                                                                                                                                                                                                                                                        												if(__eflags != 0) {
                                                                                                                                                                                                                                                        													E00BBA900("MOZ_LAUNCHER_PROCESS=");
                                                                                                                                                                                                                                                        													_t828 = 1;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t444 =  *_v2492;
                                                                                                                                                                                                                                                        											if(_t444 == 0) {
                                                                                                                                                                                                                                                        												L99:
                                                                                                                                                                                                                                                        												__eflags = _t828;
                                                                                                                                                                                                                                                        												if(__eflags == 0) {
                                                                                                                                                                                                                                                        													_t445 = 0;
                                                                                                                                                                                                                                                        													__eflags = 0;
                                                                                                                                                                                                                                                        													_t944 = 1;
                                                                                                                                                                                                                                                        													goto L103;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L100;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t977 =  &(_a12[4]);
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													if(( *_t444 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t957 =  ==  ? _t444 + 4 : _t444 + 2;
                                                                                                                                                                                                                                                        													_t737 =  *(_t444 + 2 + (0 |  *((short*)(_t444 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t737 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t739 = towlower(_t737 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t739 != 0x6c) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t740 =  *(_t957 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t740 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t742 = towlower(_t740 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t742 != 0x61) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t743 =  *(_t957 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t743 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t745 = towlower(_t743 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t745 != 0x75) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t746 =  *(_t957 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t746 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t748 = towlower(_t746 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t748 != 0x6e) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t749 =  *(_t957 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t749 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t751 = towlower(_t749 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t751 != 0x63) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t752 =  *(_t957 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t752 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t754 = towlower(_t752 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t754 != 0x68) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t755 =  *(_t957 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t755 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t757 = towlower(_t755 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t757 != 0x65) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t758 =  *(_t957 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t758 == 0) {
                                                                                                                                                                                                                                                        														goto L78;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t760 = towlower(_t758 & 0x0000ffff);
                                                                                                                                                                                                                                                        													_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        													if(_t760 == 0x72 &&  *((short*)(_t957 + 0x10)) == 0) {
                                                                                                                                                                                                                                                        														do {
                                                                                                                                                                                                                                                        															_t761 =  *_t977;
                                                                                                                                                                                                                                                        															 *(_t977 - 4) = _t761;
                                                                                                                                                                                                                                                        															_t977 =  &(_t977[2]);
                                                                                                                                                                                                                                                        														} while (_t761 != 0);
                                                                                                                                                                                                                                                        														 *_a8 =  *_a8 - 1;
                                                                                                                                                                                                                                                        														L100:
                                                                                                                                                                                                                                                        														_t829 = _a12;
                                                                                                                                                                                                                                                        														_t944 = 0;
                                                                                                                                                                                                                                                        														_t692 =  *_v2492;
                                                                                                                                                                                                                                                        														if(_t692 == 0) {
                                                                                                                                                                                                                                                        															_t445 = 0;
                                                                                                                                                                                                                                                        															L104:
                                                                                                                                                                                                                                                        															_t964 =  &_v1104;
                                                                                                                                                                                                                                                        															_t925 = _t964;
                                                                                                                                                                                                                                                        															E00BB6C70( &_v2392, _t925, _t1106, _t944, _t445);
                                                                                                                                                                                                                                                        															_t986 = _t985 + 8;
                                                                                                                                                                                                                                                        															if(_v1104.lpTitle == 1) {
                                                                                                                                                                                                                                                        																E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																goto L116;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															if(_v1104.cb != 0) {
                                                                                                                                                                                                                                                        																_t453 = getenv("MOZ_DEBUG_BROWSER_PROCESS");
                                                                                                                                                                                                                                                        																__eflags = _t453;
                                                                                                                                                                                                                                                        																if(_t453 != 0) {
                                                                                                                                                                                                                                                        																	__eflags =  *_t453;
                                                                                                                                                                                                                                                        																	if( *_t453 == 0) {
                                                                                                                                                                                                                                                        																		goto L115;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	DebugBreak();
                                                                                                                                                                                                                                                        																	goto L116;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L115:
                                                                                                                                                                                                                                                        																__imp___wgetenv(L"MOZ_DEBUG_BROWSER_PAUSE");
                                                                                                                                                                                                                                                        																__eflags = _t453;
                                                                                                                                                                                                                                                        																if(_t453 != 0) {
                                                                                                                                                                                                                                                        																	__eflags =  *_t453;
                                                                                                                                                                                                                                                        																	if( *_t453 != 0) {
                                                                                                                                                                                                                                                        																		_t454 = wcstoul(_t453, 0, 0xa);
                                                                                                                                                                                                                                                        																		_v2516 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        																		E00BBE460();
                                                                                                                                                                                                                                                        																		Sleep(_t454 * 0x3e8);
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L116;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t457 =  *0xbfa798; // 0x0
                                                                                                                                                                                                                                                        															if(_t457 >= 0x3839) {
                                                                                                                                                                                                                                                        																L124:
                                                                                                                                                                                                                                                        																_t861 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        																_t925 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        																_t458 =  *0xbfa774; // 0x0
                                                                                                                                                                                                                                                        																_t862 =  *((intOrPtr*)( *[fs:0x2c] + _t861 * 4));
                                                                                                                                                                                                                                                        																__eflags = _t458 -  *((intOrPtr*)(_t862 + 4));
                                                                                                                                                                                                                                                        																if(_t458 >  *((intOrPtr*)(_t862 + 4))) {
                                                                                                                                                                                                                                                        																	E00BEE547(_t458, 0xbfa774);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags =  *0xbfa774 - 0xffffffff;
                                                                                                                                                                                                                                                        																	if( *0xbfa774 == 0xffffffff) {
                                                                                                                                                                                                                                                        																		E00BBE530();
                                                                                                                                                                                                                                                        																		E00BEE599(0xbfa774);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t460 =  *0xbfa770; // 0x0
                                                                                                                                                                                                                                                        																_t829 = _a12;
                                                                                                                                                                                                                                                        																__eflags = _t460;
                                                                                                                                                                                                                                                        																if(_t460 != 0) {
                                                                                                                                                                                                                                                        																	_v1104.cb = 4;
                                                                                                                                                                                                                                                        																	_t460 =  *_t460(0xa, _t964, 4);
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L110:
                                                                                                                                                                                                                                                        																_t461 = E00BB5B30(_t460);
                                                                                                                                                                                                                                                        																if(_t829 == 0) {
                                                                                                                                                                                                                                                        																	L121:
                                                                                                                                                                                                                                                        																	_v1104.lpTitle = 1;
                                                                                                                                                                                                                                                        																	_v1104.cb = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																	_v1104.lpReserved = 0x109;
                                                                                                                                                                                                                                                        																	_v1104.lpDesktop = 0x80070507;
                                                                                                                                                                                                                                                        																	goto L122;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																E00BBA640(_t461,  &_v1104);
                                                                                                                                                                                                                                                        																_t463 = _v1104.cb;
                                                                                                                                                                                                                                                        																_v1104.cb = 0;
                                                                                                                                                                                                                                                        																if(_t463 == 0) {
                                                                                                                                                                                                                                                        																	goto L121;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																 *_t829 = _t463;
                                                                                                                                                                                                                                                        																_t464 = _t829;
                                                                                                                                                                                                                                                        																_t830 = _t829[1];
                                                                                                                                                                                                                                                        																if(_t830 == 0) {
                                                                                                                                                                                                                                                        																	L353:
                                                                                                                                                                                                                                                        																	_t465 = getenv("MOZ_AUTOMATION");
                                                                                                                                                                                                                                                        																	_t993 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t465;
                                                                                                                                                                                                                                                        																	if(_t465 == 0) {
                                                                                                                                                                                                                                                        																		L355:
                                                                                                                                                                                                                                                        																		_t466 = getenv("MOZ_HEADLESS");
                                                                                                                                                                                                                                                        																		_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																		__eflags = _t466;
                                                                                                                                                                                                                                                        																		if(_t466 == 0) {
                                                                                                                                                                                                                                                        																			_t831 = 0;
                                                                                                                                                                                                                                                        																			L208:
                                                                                                                                                                                                                                                        																			_t946 =  *_v2492;
                                                                                                                                                                                                                                                        																			if(_t946 == 0) {
                                                                                                                                                                                                                                                        																				L242:
                                                                                                                                                                                                                                                        																				_t966 = _a12;
                                                                                                                                                                                                                                                        																				_v2452 = 0;
                                                                                                                                                                                                                                                        																				_t925 =  *_t966;
                                                                                                                                                                                                                                                        																				E00BB37F0( &_v2232,  *_t966, _t831,  &_v2452);
                                                                                                                                                                                                                                                        																				_t994 = _t993 + 8;
                                                                                                                                                                                                                                                        																				if(_v2220 == 1) {
                                                                                                                                                                                                                                                        																					E00BB2BD0( &_v2232, _t925, __eflags);
                                                                                                                                                                                                                                                        																					_t945 = _a4;
                                                                                                                                                                                                                                                        																					_t832 = _v2452;
                                                                                                                                                                                                                                                        																					L282:
                                                                                                                                                                                                                                                        																					_t945[1] = 0;
                                                                                                                                                                                                                                                        																					 *_t945 = 0;
                                                                                                                                                                                                                                                        																					L271:
                                                                                                                                                                                                                                                        																					if(_t832 + 1 >= 2) {
                                                                                                                                                                                                                                                        																						CloseHandle(_t832);
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					goto L118;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_v2504 = _t831;
                                                                                                                                                                                                                                                        																				_t832 = _v2452;
                                                                                                                                                                                                                                                        																				if(_t831 != 0 || _v2232 != 1 || _t832 != 0) {
                                                                                                                                                                                                                                                        																					_t925 =  &_v2408;
                                                                                                                                                                                                                                                        																					E00BB5A40( &_v2392,  &_v2408);
                                                                                                                                                                                                                                                        																					if(_v2396 == 1) {
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v2408,  &_v2408, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						goto L282;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t925 =  *_a8;
                                                                                                                                                                                                                                                        																					E00BB3190( &_v2456,  *_a8, _t966);
                                                                                                                                                                                                                                                        																					_t995 = _t994 + 4;
                                                                                                                                                                                                                                                        																					_t477 = _v2456;
                                                                                                                                                                                                                                                        																					_v2492 = _t477;
                                                                                                                                                                                                                                                        																					if(_t477 == 0) {
                                                                                                                                                                                                                                                        																						_v1104.lpTitle = 1;
                                                                                                                                                                                                                                                        																						_v1104.cb = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																						_v1104.lpReserved = 0x134;
                                                                                                                                                                                                                                                        																						_v1104.lpDesktop = 0x80070507;
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						_v2456 = 0;
                                                                                                                                                                                                                                                        																						goto L282;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t925 = _t966;
                                                                                                                                                                                                                                                        																					_v2500 = _t832;
                                                                                                                                                                                                                                                        																					E00BB5BA0( &_v2460, _t966);
                                                                                                                                                                                                                                                        																					_t1163 = _v2459;
                                                                                                                                                                                                                                                        																					if(_v2459 == 0) {
                                                                                                                                                                                                                                                        																						_v1104.lpTitle = 1;
                                                                                                                                                                                                                                                        																						_v1104.cb = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																						_v1104.lpReserved = 0x13b;
                                                                                                                                                                                                                                                        																						_v1104.lpDesktop = 0x80070057;
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						_t832 = _v2500;
                                                                                                                                                                                                                                                        																						_t481 = _v2492;
                                                                                                                                                                                                                                                        																						_v2456 = 0;
                                                                                                                                                                                                                                                        																						_t945[1] = 0;
                                                                                                                                                                                                                                                        																						 *_t945 = 0;
                                                                                                                                                                                                                                                        																						L270:
                                                                                                                                                                                                                                                        																						free(_t481);
                                                                                                                                                                                                                                                        																						goto L271;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_v2196 = 0;
                                                                                                                                                                                                                                                        																					_v2200 = 0;
                                                                                                                                                                                                                                                        																					_v2188 = 0;
                                                                                                                                                                                                                                                        																					_v2184 = 3;
                                                                                                                                                                                                                                                        																					_v2192 =  &_v2180;
                                                                                                                                                                                                                                                        																					_v2168 = 0;
                                                                                                                                                                                                                                                        																					E00BB5DD0( &_v2200, _t925);
                                                                                                                                                                                                                                                        																					_t484 = GetStdHandle(0xfffffff6);
                                                                                                                                                                                                                                                        																					_t485 = GetStdHandle(0xfffffff5);
                                                                                                                                                                                                                                                        																					_t486 = GetStdHandle(0xfffffff4);
                                                                                                                                                                                                                                                        																					_t834 =  &_v2200;
                                                                                                                                                                                                                                                        																					_v2496 = _t484;
                                                                                                                                                                                                                                                        																					_t948 = _t485;
                                                                                                                                                                                                                                                        																					_t968 = _t486;
                                                                                                                                                                                                                                                        																					E00BBE580( &_v2200, _t484);
                                                                                                                                                                                                                                                        																					E00BBE580( &_v2200, _t948);
                                                                                                                                                                                                                                                        																					E00BBE580( &_v2200, _t968);
                                                                                                                                                                                                                                                        																					_t925 =  &_v2424;
                                                                                                                                                                                                                                                        																					E00BB5EC0(_t834,  &_v2424, _t1163,  &_v1104);
                                                                                                                                                                                                                                                        																					_t995 = _t995 + 4;
                                                                                                                                                                                                                                                        																					if(_v2412 == 1) {
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v2424,  &_v2424, __eflags);
                                                                                                                                                                                                                                                        																						_t945 = _a4;
                                                                                                                                                                                                                                                        																						L288:
                                                                                                                                                                                                                                                        																						_t945[1] = 0;
                                                                                                                                                                                                                                                        																						 *_t945 = 0;
                                                                                                                                                                                                                                                        																						L266:
                                                                                                                                                                                                                                                        																						_t969 = _v2168;
                                                                                                                                                                                                                                                        																						_t832 = _v2500;
                                                                                                                                                                                                                                                        																						_v2168 = 0;
                                                                                                                                                                                                                                                        																						if(_t969 != 0) {
                                                                                                                                                                                                                                                        																							__imp__DeleteProcThreadAttributeList(_t969);
                                                                                                                                                                                                                                                        																							free(_t969);
                                                                                                                                                                                                                                                        																							_t995 = _t995 + 4;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t493 = _v2192;
                                                                                                                                                                                                                                                        																						if(_t493 !=  &_v2180) {
                                                                                                                                                                                                                                                        																							free(_t493);
                                                                                                                                                                                                                                                        																							_t995 = _t995 + 4;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t481 = _v2492;
                                                                                                                                                                                                                                                        																						_v2456 = 0;
                                                                                                                                                                                                                                                        																						if(_t481 == 0) {
                                                                                                                                                                                                                                                        																							goto L271;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L270;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t879 = 0;
                                                                                                                                                                                                                                                        																					if(_v2424 == 0) {
                                                                                                                                                                                                                                                        																						_t494 = 0x404;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t494 = 0x80404;
                                                                                                                                                                                                                                                        																						if(_v2188 != 0) {
                                                                                                                                                                                                                                                        																							_v1059 = _v1059 | 0x00000001;
                                                                                                                                                                                                                                                        																							_v1104.hStdInput = _v2496;
                                                                                                                                                                                                                                                        																							_t879 = 1;
                                                                                                                                                                                                                                                        																							_v1104.hStdOutput = _t948;
                                                                                                                                                                                                                                                        																							_v1104.hStdError = _t968;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					asm("pxor xmm0, xmm0");
                                                                                                                                                                                                                                                        																					_t835 = _v2500;
                                                                                                                                                                                                                                                        																					_t945 = _a4;
                                                                                                                                                                                                                                                        																					asm("movdqa [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        																					_t925 =  *_a12;
                                                                                                                                                                                                                                                        																					if(_t835 != 0) {
                                                                                                                                                                                                                                                        																						__eflags = CreateProcessAsUserW(_t835, _t925, _v2492, 0, 0, _t879, _t494, 0, 0,  &_v1104,  &_v2480);
                                                                                                                                                                                                                                                        																						if(__eflags != 0) {
                                                                                                                                                                                                                                                        																							goto L255;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						goto L287;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t518 = CreateProcessW(_t925, _v2492, 0, 0, _t879, _t494, 0, 0,  &_v1104,  &_v2480);
                                                                                                                                                                                                                                                        																						_t1169 = _t518;
                                                                                                                                                                                                                                                        																						if(_t518 == 0) {
                                                                                                                                                                                                                                                        																							L287:
                                                                                                                                                                                                                                                        																							_t516 = GetLastError();
                                                                                                                                                                                                                                                        																							_v1124 = 1;
                                                                                                                                                                                                                                                        																							_v1136 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																							_v1132 = 0x171;
                                                                                                                                                                                                                                                        																							__eflags = _t516;
                                                                                                                                                                                                                                                        																							_t889 =  <=  ? _t516 : _t516 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							_v1128 =  <=  ? _t516 : _t516 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							E00BB2BD0( &_v1136, _t925, _t516);
                                                                                                                                                                                                                                                        																							goto L288;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						L255:
                                                                                                                                                                                                                                                        																						_t836 = _v2480.hProcess;
                                                                                                                                                                                                                                                        																						_t972 = _v2480.hThread;
                                                                                                                                                                                                                                                        																						_t925 =  *_a12;
                                                                                                                                                                                                                                                        																						E00BB27A0( &_v2440,  *_a12, _t1169, _t836, 0);
                                                                                                                                                                                                                                                        																						_t995 = _t995 + 8;
                                                                                                                                                                                                                                                        																						if(_v2428 == 1) {
                                                                                                                                                                                                                                                        																							_t881 =  &_v2440;
                                                                                                                                                                                                                                                        																							L291:
                                                                                                                                                                                                                                                        																							E00BB2BD0(_t881, _t925, __eflags);
                                                                                                                                                                                                                                                        																							TerminateProcess(_t836, 1);
                                                                                                                                                                                                                                                        																							_t945[1] = 0;
                                                                                                                                                                                                                                                        																							 *_t945 = 0;
                                                                                                                                                                                                                                                        																							L262:
                                                                                                                                                                                                                                                        																							if(_t972 + 1 >= 2) {
                                                                                                                                                                                                                                                        																								CloseHandle(_t972);
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							if(_t836 + 1 >= 2) {
                                                                                                                                                                                                                                                        																								CloseHandle(_t836);
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							goto L266;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						if(ResumeThread(_t972) == 0xffffffff) {
                                                                                                                                                                                                                                                        																							_t505 = GetLastError();
                                                                                                                                                                                                                                                        																							_v1124 = 1;
                                                                                                                                                                                                                                                        																							_v1136 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LauncherProcessWin.cpp";
                                                                                                                                                                                                                                                        																							_v1132 = 0x181;
                                                                                                                                                                                                                                                        																							__eflags = _t505;
                                                                                                                                                                                                                                                        																							_t884 =  <=  ? _t505 : _t505 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							_v1128 =  <=  ? _t505 : _t505 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        																							_t881 =  &_v1136;
                                                                                                                                                                                                                                                        																							goto L291;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						if((_v2504 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        																							_t506 = IsDebuggerPresent();
                                                                                                                                                                                                                                                        																							__eflags = _t506 - 1;
                                                                                                                                                                                                                                                        																							_v2504 = 0;
                                                                                                                                                                                                                                                        																							_v2488 = _t506;
                                                                                                                                                                                                                                                        																							_v2484 = 0;
                                                                                                                                                                                                                                                        																							asm("sbb ecx, ecx");
                                                                                                                                                                                                                                                        																							__eflags = _t506;
                                                                                                                                                                                                                                                        																							_v2496 =  !0;
                                                                                                                                                                                                                                                        																							if(_t506 == 0) {
                                                                                                                                                                                                                                                        																								_v2484 = GetTickCount();
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																							_v2496 = _v2496 | 0x00002710;
                                                                                                                                                                                                                                                        																							__eflags = _v2488;
                                                                                                                                                                                                                                                        																							if(_v2488 != 0) {
                                                                                                                                                                                                                                                        																								goto L296;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								L295:
                                                                                                                                                                                                                                                        																								_t510 = GetTickCount() - _v2492;
                                                                                                                                                                                                                                                        																								__eflags = _t510;
                                                                                                                                                                                                                                                        																								_v2512 = _t510;
                                                                                                                                                                                                                                                        																								while(1) {
                                                                                                                                                                                                                                                        																									L296:
                                                                                                                                                                                                                                                        																									_t950 = _v2496 - _v2504;
                                                                                                                                                                                                                                                        																									__eflags = _t950;
                                                                                                                                                                                                                                                        																									if(_t950 <= 0) {
                                                                                                                                                                                                                                                        																										break;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									SetLastError(0);
                                                                                                                                                                                                                                                        																									_t507 =  *0xbfa0f8(_t836, _t950);
                                                                                                                                                                                                                                                        																									__eflags = _t507 - 0xffffffff;
                                                                                                                                                                                                                                                        																									if(_t507 != 0xffffffff) {
                                                                                                                                                                                                                                                        																										break;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									_t508 = GetLastError();
                                                                                                                                                                                                                                                        																									__eflags = _t508 - 0x5bf;
                                                                                                                                                                                                                                                        																									if(_t508 != 0x5bf) {
                                                                                                                                                                                                                                                        																										break;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									Sleep(0xa);
                                                                                                                                                                                                                                                        																									__eflags = _v2496;
                                                                                                                                                                                                                                                        																									if(_v2496 != 0) {
                                                                                                                                                                                                                                                        																										continue;
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																									goto L295;
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																								L301:
                                                                                                                                                                                                                                                        																								_t945 = _a4;
                                                                                                                                                                                                                                                        																								 *_t945 = 0;
                                                                                                                                                                                                                                                        																								L261:
                                                                                                                                                                                                                                                        																								_t945[1] = 1;
                                                                                                                                                                                                                                                        																								goto L262;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						if(WaitForSingleObject(_t836, 0xffffffff) != 0 || GetExitCodeProcess(_t836,  &_v1136) == 0) {
                                                                                                                                                                                                                                                        																							goto L301;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							 *_t945 = _v1136;
                                                                                                                                                                                                                                                        																							goto L261;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t925 =  *_a8;
                                                                                                                                                                                                                                                        																					E00BB2F60( &_v1104,  *_a8, _t966);
                                                                                                                                                                                                                                                        																					__eflags = _v1104.lpTitle - 1;
                                                                                                                                                                                                                                                        																					if(__eflags != 0) {
                                                                                                                                                                                                                                                        																						 *_a4 = 0;
                                                                                                                                                                                                                                                        																						_t522 = 1;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						E00BB2BD0( &_v1104, _t925, __eflags);
                                                                                                                                                                                                                                                        																						_t524 = _a4;
                                                                                                                                                                                                                                                        																						_t524[1] = 0;
                                                                                                                                                                                                                                                        																						 *_t524 = 0;
                                                                                                                                                                                                                                                        																						_t522 = 0;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t945 = _a4;
                                                                                                                                                                                                                                                        																					_t832 = 0;
                                                                                                                                                                                                                                                        																					_t945[1] = _t522;
                                                                                                                                                                                                                                                        																					goto L271;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t974 =  &(_a12[2]);
                                                                                                                                                                                                                                                        																			do {
                                                                                                                                                                                                                                                        																				if(( *_t946 & 0x0000ffff | 0x00000002) == 0x2f) {
                                                                                                                                                                                                                                                        																					__eflags = _t946[1] - 0x2d;
                                                                                                                                                                                                                                                        																					if(_t946[1] == 0x2d) {
                                                                                                                                                                                                                                                        																						_t951 =  &(_t946[2]);
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t951 =  &(_t946[1]);
                                                                                                                                                                                                                                                        																						__eflags = _t951;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t528 =  *_t951 & 0x0000ffff;
                                                                                                                                                                                                                                                        																					__eflags = _t528;
                                                                                                                                                                                                                                                        																					if(_t528 == 0) {
                                                                                                                                                                                                                                                        																						goto L211;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t530 = towlower(_t528 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t530 - 0x6e;
                                                                                                                                                                                                                                                        																						if(_t530 != 0x6e) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t531 = _t951[1] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t531;
                                                                                                                                                                                                                                                        																						if(_t531 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t533 = towlower(_t531 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t533 - 0x6f;
                                                                                                                                                                                                                                                        																						if(_t533 != 0x6f) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t534 = _t951[2] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t534;
                                                                                                                                                                                                                                                        																						if(_t534 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t536 = towlower(_t534 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t536 - 0x2d;
                                                                                                                                                                                                                                                        																						if(_t536 != 0x2d) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t537 = _t951[3] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t537;
                                                                                                                                                                                                                                                        																						if(_t537 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t539 = towlower(_t537 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t539 - 0x64;
                                                                                                                                                                                                                                                        																						if(_t539 != 0x64) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t540 = _t951[4] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t540;
                                                                                                                                                                                                                                                        																						if(_t540 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t542 = towlower(_t540 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t542 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t542 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t543 = _t951[5] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t543;
                                                                                                                                                                                                                                                        																						if(_t543 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t545 = towlower(_t543 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t545 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t545 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t546 = _t951[6] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t546;
                                                                                                                                                                                                                                                        																						if(_t546 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t548 = towlower(_t546 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t548 - 0x6c;
                                                                                                                                                                                                                                                        																						if(_t548 != 0x6c) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t549 = _t951[7] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t549;
                                                                                                                                                                                                                                                        																						if(_t549 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t551 = towlower(_t549 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t551 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t551 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t552 = _t951[8] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t552;
                                                                                                                                                                                                                                                        																						if(_t552 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t554 = towlower(_t552 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t554 - 0x76;
                                                                                                                                                                                                                                                        																						if(_t554 != 0x76) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t555 = _t951[9] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t555;
                                                                                                                                                                                                                                                        																						if(_t555 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t557 = towlower(_t555 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t557 - 0x61;
                                                                                                                                                                                                                                                        																						if(_t557 != 0x61) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t558 = _t951[0xa] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t558;
                                                                                                                                                                                                                                                        																						if(_t558 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t560 = towlower(_t558 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t560 - 0x74;
                                                                                                                                                                                                                                                        																						if(_t560 != 0x74) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t561 = _t951[0xb] & 0x0000ffff;
                                                                                                                                                                                                                                                        																						__eflags = _t561;
                                                                                                                                                                                                                                                        																						if(_t561 == 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						_t563 = towlower(_t561 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t993 = _t993 + 4;
                                                                                                                                                                                                                                                        																						__eflags = _t563 - 0x65;
                                                                                                                                                                                                                                                        																						if(_t563 != 0x65) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						__eflags = _t951[0xc];
                                                                                                                                                                                                                                                        																						if(_t951[0xc] != 0) {
                                                                                                                                                                                                                                                        																							goto L211;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L240;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																						do {
                                                                                                                                                                                                                                                        																							L240:
                                                                                                                                                                                                                                                        																							_t564 =  *_t974;
                                                                                                                                                                                                                                                        																							 *(_t974 - 4) = _t564;
                                                                                                                                                                                                                                                        																							_t974 =  &(_t974[2]);
                                                                                                                                                                                                                                                        																							__eflags = _t564;
                                                                                                                                                                                                                                                        																						} while (_t564 != 0);
                                                                                                                                                                                                                                                        																						_t565 = _a8;
                                                                                                                                                                                                                                                        																						_t831 = _t831 | 0x00000002;
                                                                                                                                                                                                                                                        																						 *_t565 =  *_t565 - 1;
                                                                                                                                                                                                                                                        																						__eflags =  *_t565;
                                                                                                                                                                                                                                                        																						goto L242;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				L211:
                                                                                                                                                                                                                                                        																				_t946 =  *_t974;
                                                                                                                                                                                                                                                        																				_t974 =  &(_t974[2]);
                                                                                                                                                                                                                                                        																			} while (_t946 != 0);
                                                                                                                                                                                                                                                        																			goto L242;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		__eflags =  *_t466;
                                                                                                                                                                                                                                                        																		_t831 = 0;
                                                                                                                                                                                                                                                        																		if( *_t466 != 0) {
                                                                                                                                                                                                                                                        																			L207:
                                                                                                                                                                                                                                                        																			_t831 = 1;
                                                                                                                                                                                                                                                        																			goto L208;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		goto L208;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *_t465;
                                                                                                                                                                                                                                                        																	if( *_t465 != 0) {
                                                                                                                                                                                                                                                        																		goto L207;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L355;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t952 =  &(_t464[4]);
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	if(( *_t830 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																		goto L167;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	if( *(_t830 + 2) != 0x2d) {
                                                                                                                                                                                                                                                        																		_t841 = _t830 + 2;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t841 = _t830 + 4;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t626 =  *_t841 & 0x0000ffff;
                                                                                                                                                                                                                                                        																	if(_t626 != 0) {
                                                                                                                                                                                                                                                        																		_t628 = towlower(_t626 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t628 != 0x77) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t215 =  &(_t841[1]); // 0x344600be
                                                                                                                                                                                                                                                        																		_t629 =  *_t215 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t629 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t631 = towlower(_t629 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t631 != 0x61) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t216 =  &(_t841[2]); // 0xbf3446
                                                                                                                                                                                                                                                        																		_t632 =  *_t216 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t632 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t634 = towlower(_t632 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t634 != 0x69) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t217 =  &(_t841[3]); // 0x214000bf
                                                                                                                                                                                                                                                        																		_t635 =  *_t217 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t635 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t637 = towlower(_t635 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t637 != 0x74) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t218 =  &(_t841[4]); // 0xbf2140
                                                                                                                                                                                                                                                        																		_t638 =  *_t218 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t638 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t640 = towlower(_t638 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t640 != 0x2d) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t219 =  &(_t841[5]); // 0x213800bf
                                                                                                                                                                                                                                                        																		_t641 =  *_t219 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t641 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t643 = towlower(_t641 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t643 != 0x66) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t220 =  &(_t841[6]); // 0xbf2138
                                                                                                                                                                                                                                                        																		_t644 =  *_t220 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t644 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t646 = towlower(_t644 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t646 != 0x6f) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t221 =  &(_t841[7]); // 0x3ac300bf
                                                                                                                                                                                                                                                        																		_t647 =  *_t221 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t647 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t649 = towlower(_t647 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t649 != 0x72) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t222 =  &(_t841[8]); // 0xbf3ac3
                                                                                                                                                                                                                                                        																		_t650 =  *_t222 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t650 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t652 = towlower(_t650 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t652 != 0x2d) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t223 =  &(_t841[9]); // 0x391500bf
                                                                                                                                                                                                                                                        																		_t653 =  *_t223 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t653 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t655 = towlower(_t653 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t655 != 0x62) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t224 =  &(_t841[0xa]); // 0xbf3915
                                                                                                                                                                                                                                                        																		_t656 =  *_t224 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t656 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t658 = towlower(_t656 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t658 != 0x72) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t225 =  &(_t841[0xb]); // 0x202400bf
                                                                                                                                                                                                                                                        																		_t659 =  *_t225 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t659 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t661 = towlower(_t659 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t661 != 0x6f) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t226 =  &(_t841[0xc]); // 0xbf2024
                                                                                                                                                                                                                                                        																		_t662 =  *_t226 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t662 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t664 = towlower(_t662 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t664 != 0x77) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t227 =  &(_t841[0xd]); // 0xbf
                                                                                                                                                                                                                                                        																		_t665 =  *_t227 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t665 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t667 = towlower(_t665 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t667 != 0x73) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t228 =  &(_t841[0xe]); // 0x0
                                                                                                                                                                                                                                                        																		_t668 =  *_t228 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t668 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t670 = towlower(_t668 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t670 != 0x65) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t229 =  &(_t841[0xf]); // 0xa0000
                                                                                                                                                                                                                                                        																		_t671 =  *_t229 & 0x0000ffff;
                                                                                                                                                                                                                                                        																		if(_t671 == 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t673 = towlower(_t671 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																		if(_t673 != 0x72 || _t841[0x10] != 0) {
                                                                                                                                                                                                                                                        																			goto L167;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t674 =  *(_t952 - 8);
                                                                                                                                                                                                                                                        																			 *(_t952 - 0xc) = _t674;
                                                                                                                                                                                                                                                        																			if(_t674 == 0) {
                                                                                                                                                                                                                                                        																				L206:
                                                                                                                                                                                                                                                        																				 *_a8 =  *_a8 - 1;
                                                                                                                                                                                                                                                        																				goto L207;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t676 =  *(_t952 - 4);
                                                                                                                                                                                                                                                        																			 *(_t952 - 8) = _t676;
                                                                                                                                                                                                                                                        																			if(_t676 != 0) {
                                                                                                                                                                                                                                                        																				while(1) {
                                                                                                                                                                                                                                                        																					_t677 =  *_t952;
                                                                                                                                                                                                                                                        																					 *(_t952 - 4) = _t677;
                                                                                                                                                                                                                                                        																					_t952 =  &(_t952[2]);
                                                                                                                                                                                                                                                        																					__eflags = _t677;
                                                                                                                                                                                                                                                        																					if(_t677 == 0) {
                                                                                                                                                                                                                                                        																						goto L206;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			goto L206;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	L167:
                                                                                                                                                                                                                                                        																	_t830 =  *(_t952 - 8);
                                                                                                                                                                                                                                                        																	_t952 =  &(_t952[2]);
                                                                                                                                                                                                                                                        																	__eflags = _t830;
                                                                                                                                                                                                                                                        																} while (_t830 != 0);
                                                                                                                                                                                                                                                        																_t894 = _a12;
                                                                                                                                                                                                                                                        																_t569 =  *_v2492;
                                                                                                                                                                                                                                                        																__eflags = _t569;
                                                                                                                                                                                                                                                        																if(_t569 == 0) {
                                                                                                                                                                                                                                                        																	goto L353;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t953 = _t894 + 8;
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	__eflags = ( *_t569 & 0x0000ffff | 0x00000002) - 0x2f;
                                                                                                                                                                                                                                                        																	if(( *_t569 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t569 + 2)) - 0x2d;
                                                                                                                                                                                                                                                        																	_t840 =  ==  ? _t569 + 4 : _t569 + 2;
                                                                                                                                                                                                                                                        																	_t596 =  *(_t569 + 2 + (0 |  *((short*)(_t569 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t596;
                                                                                                                                                                                                                                                        																	if(_t596 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t598 = towlower(_t596 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t598 - 0x6d;
                                                                                                                                                                                                                                                        																	if(_t598 != 0x6d) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t599 =  *(_t840 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t599;
                                                                                                                                                                                                                                                        																	if(_t599 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t601 = towlower(_t599 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t601 - 0x61;
                                                                                                                                                                                                                                                        																	if(_t601 != 0x61) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t602 =  *(_t840 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t602;
                                                                                                                                                                                                                                                        																	if(_t602 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t604 = towlower(_t602 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t604 - 0x72;
                                                                                                                                                                                                                                                        																	if(_t604 != 0x72) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t605 =  *(_t840 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t605;
                                                                                                                                                                                                                                                        																	if(_t605 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t607 = towlower(_t605 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t607 - 0x69;
                                                                                                                                                                                                                                                        																	if(_t607 != 0x69) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t608 =  *(_t840 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t608;
                                                                                                                                                                                                                                                        																	if(_t608 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t610 = towlower(_t608 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t610 - 0x6f;
                                                                                                                                                                                                                                                        																	if(_t610 != 0x6f) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t611 =  *(_t840 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t611;
                                                                                                                                                                                                                                                        																	if(_t611 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t613 = towlower(_t611 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t613 - 0x6e;
                                                                                                                                                                                                                                                        																	if(_t613 != 0x6e) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t614 =  *(_t840 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t614;
                                                                                                                                                                                                                                                        																	if(_t614 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t616 = towlower(_t614 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t616 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t616 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t617 =  *(_t840 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t617;
                                                                                                                                                                                                                                                        																	if(_t617 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t619 = towlower(_t617 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t619 - 0x74;
                                                                                                                                                                                                                                                        																	if(_t619 != 0x74) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t620 =  *(_t840 + 0x10) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t620;
                                                                                                                                                                                                                                                        																	if(_t620 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t622 = towlower(_t620 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t622 - 0x74;
                                                                                                                                                                                                                                                        																	if(_t622 != 0x74) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t623 =  *(_t840 + 0x12) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t623;
                                                                                                                                                                                                                                                        																	if(_t623 == 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t625 = towlower(_t623 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t625 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t625 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t840 + 0x14));
                                                                                                                                                                                                                                                        																	if( *((short*)(_t840 + 0x14)) != 0) {
                                                                                                                                                                                                                                                        																		goto L307;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L207;
                                                                                                                                                                                                                                                        																	L307:
                                                                                                                                                                                                                                                        																	_t569 =  *_t953;
                                                                                                                                                                                                                                                        																	_t953 =  &(_t953[2]);
                                                                                                                                                                                                                                                        																	__eflags = _t569;
                                                                                                                                                                                                                                                        																} while (_t569 != 0);
                                                                                                                                                                                                                                                        																_t897 = _a12;
                                                                                                                                                                                                                                                        																_t571 =  *_v2492;
                                                                                                                                                                                                                                                        																__eflags = _t571;
                                                                                                                                                                                                                                                        																if(_t571 == 0) {
                                                                                                                                                                                                                                                        																	goto L353;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_t954 = _t897 + 8;
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	__eflags = ( *_t571 & 0x0000ffff | 0x00000002) - 0x2f;
                                                                                                                                                                                                                                                        																	if(( *_t571 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t571 + 2)) - 0x2d;
                                                                                                                                                                                                                                                        																	_t838 =  ==  ? _t571 + 4 : _t571 + 2;
                                                                                                                                                                                                                                                        																	_t572 =  *(_t571 + 2 + (0 |  *((short*)(_t571 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t572;
                                                                                                                                                                                                                                                        																	if(_t572 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t574 = towlower(_t572 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t574 - 0x68;
                                                                                                                                                                                                                                                        																	if(_t574 != 0x68) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t575 =  *(_t838 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t575;
                                                                                                                                                                                                                                                        																	if(_t575 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t577 = towlower(_t575 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t577 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t577 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t578 =  *(_t838 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t578;
                                                                                                                                                                                                                                                        																	if(_t578 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t580 = towlower(_t578 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t580 - 0x61;
                                                                                                                                                                                                                                                        																	if(_t580 != 0x61) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t581 =  *(_t838 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t581;
                                                                                                                                                                                                                                                        																	if(_t581 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t583 = towlower(_t581 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t583 - 0x64;
                                                                                                                                                                                                                                                        																	if(_t583 != 0x64) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t584 =  *(_t838 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t584;
                                                                                                                                                                                                                                                        																	if(_t584 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t586 = towlower(_t584 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t586 - 0x6c;
                                                                                                                                                                                                                                                        																	if(_t586 != 0x6c) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t587 =  *(_t838 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t587;
                                                                                                                                                                                                                                                        																	if(_t587 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t589 = towlower(_t587 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t589 - 0x65;
                                                                                                                                                                                                                                                        																	if(_t589 != 0x65) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t590 =  *(_t838 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t590;
                                                                                                                                                                                                                                                        																	if(_t590 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t592 = towlower(_t590 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t592 - 0x73;
                                                                                                                                                                                                                                                        																	if(_t592 != 0x73) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t593 =  *(_t838 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        																	__eflags = _t593;
                                                                                                                                                                                                                                                        																	if(_t593 == 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t595 = towlower(_t593 & 0x0000ffff);
                                                                                                                                                                                                                                                        																	_t986 = _t986 + 4;
                                                                                                                                                                                                                                                        																	__eflags = _t595 - 0x73;
                                                                                                                                                                                                                                                        																	if(_t595 != 0x73) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	__eflags =  *((short*)(_t838 + 0x10));
                                                                                                                                                                                                                                                        																	if( *((short*)(_t838 + 0x10)) != 0) {
                                                                                                                                                                                                                                                        																		goto L333;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L207;
                                                                                                                                                                                                                                                        																	L333:
                                                                                                                                                                                                                                                        																	_t571 =  *_t954;
                                                                                                                                                                                                                                                        																	_t954 =  &(_t954[2]);
                                                                                                                                                                                                                                                        																	__eflags = _t571;
                                                                                                                                                                                                                                                        																} while (_t571 != 0);
                                                                                                                                                                                                                                                        																goto L353;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t460 =  *0xbfa03c; // 0xffffffff
                                                                                                                                                                                                                                                        															if(_t460 < 0x383a) {
                                                                                                                                                                                                                                                        																goto L110;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															memset( &(_v1104.lpDesktop), 0, 0x94);
                                                                                                                                                                                                                                                        															_t986 = _t986 + 0xc;
                                                                                                                                                                                                                                                        															_t955 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        															_v1104.cb = 0x9c;
                                                                                                                                                                                                                                                        															_v1104.lpReserved = 0xa;
                                                                                                                                                                                                                                                        															_v1104.lpTitle = 0x3839;
                                                                                                                                                                                                                                                        															_t682 =  *_t955(0, 0, 2, 3);
                                                                                                                                                                                                                                                        															_t683 =  *_t955(_t682, _t925, 1, 3);
                                                                                                                                                                                                                                                        															_t684 =  *_t955(_t683, _t925, 4, 3);
                                                                                                                                                                                                                                                        															_t685 =  *_t955(_t684, _t925, 0x20, 3);
                                                                                                                                                                                                                                                        															_t686 =  *_t955(_t685, _t925, 0x10, 3);
                                                                                                                                                                                                                                                        															_push(_t925);
                                                                                                                                                                                                                                                        															if(VerifyVersionInfoA(_t964, 0x37, _t686) != 0) {
                                                                                                                                                                                                                                                        																 *0xbfa798 = 0x3839;
                                                                                                                                                                                                                                                        																goto L124;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t460 =  *0xbfa03c;
                                                                                                                                                                                                                                                        															 *0xbfa03c = 0x3839;
                                                                                                                                                                                                                                                        															goto L110;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t976 =  &(_t829[2]);
                                                                                                                                                                                                                                                        														do {
                                                                                                                                                                                                                                                        															if(( *_t692 & 0x0000ffff | 0x00000002) != 0x2f) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t843 =  ==  ? _t692 + 4 : _t692 + 2;
                                                                                                                                                                                                                                                        															_t693 =  *(_t692 + 2 + (0 |  *((short*)(_t692 + 2)) == 0x0000002d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t693 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t695 = towlower(_t693 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t695 != 0x66) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t696 =  *(_t843 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t696 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t698 = towlower(_t696 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t698 != 0x6f) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t699 =  *(_t843 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t699 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t701 = towlower(_t699 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t701 != 0x72) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t702 =  *(_t843 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t702 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t704 = towlower(_t702 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t704 != 0x63) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t705 =  *(_t843 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t705 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t707 = towlower(_t705 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t707 != 0x65) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t708 =  *(_t843 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t708 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t710 = towlower(_t708 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t710 != 0x2d) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t711 =  *(_t843 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t711 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t713 = towlower(_t711 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t713 != 0x6c) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t714 =  *(_t843 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t714 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t716 = towlower(_t714 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t716 != 0x61) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t717 =  *(_t843 + 0x10) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t717 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t719 = towlower(_t717 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t719 != 0x75) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t720 =  *(_t843 + 0x12) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t720 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t722 = towlower(_t720 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t722 != 0x6e) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t723 =  *(_t843 + 0x14) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t723 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t725 = towlower(_t723 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t725 != 0x63) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t726 =  *(_t843 + 0x16) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t726 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t728 = towlower(_t726 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t728 != 0x68) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t729 =  *(_t843 + 0x18) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t729 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t731 = towlower(_t729 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t731 != 0x65) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t732 =  *(_t843 + 0x1a) & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t732 == 0) {
                                                                                                                                                                                                                                                        																goto L133;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t734 = towlower(_t732 & 0x0000ffff);
                                                                                                                                                                                                                                                        															_t985 = _t985 + 4;
                                                                                                                                                                                                                                                        															if(_t734 == 0x72 &&  *((short*)(_t843 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	_t735 =  *_t976;
                                                                                                                                                                                                                                                        																	 *(_t976 - 4) = _t735;
                                                                                                                                                                                                                                                        																	_t976 =  &(_t976[2]);
                                                                                                                                                                                                                                                        																	_t1106 = _t735;
                                                                                                                                                                                                                                                        																} while (_t735 != 0);
                                                                                                                                                                                                                                                        																 *_a8 =  *_a8 - 1;
                                                                                                                                                                                                                                                        																_t445 = 1;
                                                                                                                                                                                                                                                        																L103:
                                                                                                                                                                                                                                                        																_t829 = _a12;
                                                                                                                                                                                                                                                        																goto L104;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															L133:
                                                                                                                                                                                                                                                        															_t692 =  *_t976;
                                                                                                                                                                                                                                                        															_t976 =  &(_t976[2]);
                                                                                                                                                                                                                                                        															__eflags = _t692;
                                                                                                                                                                                                                                                        														} while (__eflags != 0);
                                                                                                                                                                                                                                                        														_t445 = 0;
                                                                                                                                                                                                                                                        														goto L103;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L78:
                                                                                                                                                                                                                                                        													_t444 =  *_t977;
                                                                                                                                                                                                                                                        													_t977 =  &(_t977[2]);
                                                                                                                                                                                                                                                        													__eflags = _t444;
                                                                                                                                                                                                                                                        												} while (__eflags != 0);
                                                                                                                                                                                                                                                        												goto L99;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L61:
                                                                                                                                                                                                                                                        									_t827 = 0;
                                                                                                                                                                                                                                                        									L49:
                                                                                                                                                                                                                                                        									_v2504 = 0;
                                                                                                                                                                                                                                                        									_v2500 = 0;
                                                                                                                                                                                                                                                        									goto L50;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t924 =  &_v2408;
                                                                                                                                                                                                                                                        								E00BBDF80( &_v1104,  &_v2408);
                                                                                                                                                                                                                                                        								if(_v1104.dwX == 1) {
                                                                                                                                                                                                                                                        									_t766 = _v1104.lpDesktop;
                                                                                                                                                                                                                                                        									_t827 = _v1104.lpReserved;
                                                                                                                                                                                                                                                        									_t941 = _v1104.lpTitle;
                                                                                                                                                                                                                                                        									L68:
                                                                                                                                                                                                                                                        									_v2496 = _t766;
                                                                                                                                                                                                                                                        									_t768 = _t827 & 0xffffff00;
                                                                                                                                                                                                                                                        									__eflags = _t768;
                                                                                                                                                                                                                                                        									_v2504 = _t768;
                                                                                                                                                                                                                                                        									goto L69;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t924 =  &(_v1104.dwY);
                                                                                                                                                                                                                                                        								E00BBE0D0( &_v1136,  &(_v1104.dwY), _v1104.cb);
                                                                                                                                                                                                                                                        								_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        								if(_v1112 == 1) {
                                                                                                                                                                                                                                                        									_t941 = _v1128;
                                                                                                                                                                                                                                                        									__eflags = _t941 - 0xd000003a;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										_t770 = GetCurrentProcess();
                                                                                                                                                                                                                                                        										_t924 =  &_v1136;
                                                                                                                                                                                                                                                        										_v2488 = _t770;
                                                                                                                                                                                                                                                        										_v1136 = _t770;
                                                                                                                                                                                                                                                        										E00BBDF80( &_v2200,  &_v1136);
                                                                                                                                                                                                                                                        										__eflags = _v2184 - 1;
                                                                                                                                                                                                                                                        										if(_v2184 != 1) {
                                                                                                                                                                                                                                                        											_t924 =  &_v2200;
                                                                                                                                                                                                                                                        											_t827 = E00BBE060( &_v1104,  &_v2200);
                                                                                                                                                                                                                                                        											_t941 = 0xd000003a;
                                                                                                                                                                                                                                                        											_v2504 = 0;
                                                                                                                                                                                                                                                        											_v2500 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t827 = _v2196;
                                                                                                                                                                                                                                                        											_t941 = _v2188;
                                                                                                                                                                                                                                                        											_v2496 = _v2192;
                                                                                                                                                                                                                                                        											_v2504 = _t827 & 0xffffff00;
                                                                                                                                                                                                                                                        											_v2500 = 1;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _v2488 + 1 - 2;
                                                                                                                                                                                                                                                        										if(__eflags >= 0) {
                                                                                                                                                                                                                                                        											CloseHandle(_v2488);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L50;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t827 = _v1136;
                                                                                                                                                                                                                                                        									_t850 = _t827;
                                                                                                                                                                                                                                                        									_v2496 = _v1132;
                                                                                                                                                                                                                                                        									goto L65;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								E00BBE000( &_v2200);
                                                                                                                                                                                                                                                        								if(_v2184 == 1) {
                                                                                                                                                                                                                                                        									_t766 = _v2192;
                                                                                                                                                                                                                                                        									_t827 = _v2196;
                                                                                                                                                                                                                                                        									_t941 = _v2188;
                                                                                                                                                                                                                                                        									goto L68;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t924 =  &_v2180;
                                                                                                                                                                                                                                                        								E00BBE0D0( &_v2232,  &_v2180, _v2200);
                                                                                                                                                                                                                                                        								_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        								_t783 = _v2208;
                                                                                                                                                                                                                                                        								if(_t783 == 1) {
                                                                                                                                                                                                                                                        									_t766 = _v2228;
                                                                                                                                                                                                                                                        									_t827 = _v2232;
                                                                                                                                                                                                                                                        									_t941 = _v2224;
                                                                                                                                                                                                                                                        									goto L68;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t784 = _t783 | _v1112;
                                                                                                                                                                                                                                                        								if(_t784 != 0) {
                                                                                                                                                                                                                                                        									goto L61;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									asm("movdqu xmm0, [esp+0x560]");
                                                                                                                                                                                                                                                        									asm("movdqu xmm2, [esp+0x118]");
                                                                                                                                                                                                                                                        									asm("movdqu xmm1, [esp+0x568]");
                                                                                                                                                                                                                                                        									asm("movdqu xmm3, [esp+0x120]");
                                                                                                                                                                                                                                                        									asm("pcmpeqb xmm2, xmm0");
                                                                                                                                                                                                                                                        									asm("pcmpeqb xmm3, xmm1");
                                                                                                                                                                                                                                                        									asm("pand xmm3, xmm2");
                                                                                                                                                                                                                                                        									asm("pmovmskb eax, xmm3");
                                                                                                                                                                                                                                                        									_t827 = _t827 & 0xffffff00 | _t784 == 0x0000ffff;
                                                                                                                                                                                                                                                        									goto L49;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L58:
                                                                                                                                                                                                                                                        							_t941 = _t941 | 0x10000000;
                                                                                                                                                                                                                                                        							_v2496 = 0x492;
                                                                                                                                                                                                                                                        							_t786 = _t827 & 0xffffff00;
                                                                                                                                                                                                                                                        							__eflags = _t786;
                                                                                                                                                                                                                                                        							_v2504 = _t786;
                                                                                                                                                                                                                                                        							goto L59;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t827 = _v1104.dwY;
                                                                                                                                                                                                                                                        						if(_t941 < 0) {
                                                                                                                                                                                                                                                        							goto L58;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L42;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t978 =  &(_a12[2]);
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t917 =  *_t432 & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t917 != 0x2d) {
                                                                                                                                                                                                                                                        								__eflags = _t917 - 0x2f;
                                                                                                                                                                                                                                                        								if(_t917 == 0x2f) {
                                                                                                                                                                                                                                                        									goto L14;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t924 = 0 |  *((short*)(_t432 + 2)) == 0x0000002d;
                                                                                                                                                                                                                                                        							_t845 =  ==  ? _t432 + 4 : _t432 + 2;
                                                                                                                                                                                                                                                        							_t787 =  *(_t432 + 2 + ( *((short*)(_t432 + 2)) == 0x2d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t787 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t789 = towlower(_t787 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t789 != 0x63) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t790 =  *(_t845 + 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t790 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t792 = towlower(_t790 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t792 != 0x6f) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t793 =  *(_t845 + 4) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t793 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t795 = towlower(_t793 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t795 != 0x6e) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t796 =  *(_t845 + 6) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t796 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t798 = towlower(_t796 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t798 != 0x74) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t799 =  *(_t845 + 8) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t799 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t801 = towlower(_t799 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t801 != 0x65) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t802 =  *(_t845 + 0xa) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t802 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t804 = towlower(_t802 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t804 != 0x6e) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t805 =  *(_t845 + 0xc) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t805 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t807 = towlower(_t805 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t807 != 0x74) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t808 =  *(_t845 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t808 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t810 = towlower(_t808 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t810 != 0x70) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t811 =  *(_t845 + 0x10) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t811 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t813 = towlower(_t811 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t813 != 0x72) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t814 =  *(_t845 + 0x12) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t814 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t816 = towlower(_t814 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t816 != 0x6f) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t817 =  *(_t845 + 0x14) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t817 == 0) {
                                                                                                                                                                                                                                                        								goto L39;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t819 = towlower(_t817 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        							if(_t819 == 0x63 &&  *((short*)(_t845 + 0x16)) == 0) {
                                                                                                                                                                                                                                                        								L116:
                                                                                                                                                                                                                                                        								_t925 =  &_v1104;
                                                                                                                                                                                                                                                        								E00BB5A40( &_v2392,  &_v1104); // executed
                                                                                                                                                                                                                                                        								__eflags = _v1104.lpTitle - 1;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									L122:
                                                                                                                                                                                                                                                        									E00BB2BD0( &_v1104, _t925, __eflags); // executed
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t945 = _a4;
                                                                                                                                                                                                                                                        								_t945[1] = 0;
                                                                                                                                                                                                                                                        								 *_t945 = 0;
                                                                                                                                                                                                                                                        								L118:
                                                                                                                                                                                                                                                        								E00BEECB0(E00BB2EF0( &_v2392), _v40 ^ _t980, _t925);
                                                                                                                                                                                                                                                        								return _t945;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L39:
                                                                                                                                                                                                                                                        							_t432 =  *_t978;
                                                                                                                                                                                                                                                        							_t978 = _t978 + 4;
                                                                                                                                                                                                                                                        						} while (_t432 != 0);
                                                                                                                                                                                                                                                        						goto L40;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t846 = _v2480.hThread;
                                                                                                                                                                                                                                                        					_t979 =  &(_a12[4]);
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						if(( *_t429 & 0x0000ffff | 0x00000002) == 0x2f) {
                                                                                                                                                                                                                                                        							_t922 = _t429 + 4;
                                                                                                                                                                                                                                                        							_t924 = 0 |  *((short*)(_t429 + 2)) == 0x0000002d;
                                                                                                                                                                                                                                                        							_t960 =  ==  ? _t922 : _t429 + 2;
                                                                                                                                                                                                                                                        							_t820 =  *(_t429 + 2 + ( *((short*)(_t429 + 2)) == 0x2d) * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							_v2484 =  ==  ? _t922 : _t429 + 2;
                                                                                                                                                                                                                                                        							_t961 = 2;
                                                                                                                                                                                                                                                        							_t923 = _t922 & 0xffffff00 | _t820 != 0x00000000;
                                                                                                                                                                                                                                                        							while((_t923 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        								_t822 = towlower(_t820 & 0x0000ffff);
                                                                                                                                                                                                                                                        								_t984 = _t984 + 4;
                                                                                                                                                                                                                                                        								_t26 = _t961 + 0xbf41f8; // 0x6f006c
                                                                                                                                                                                                                                                        								if(_t822 !=  *_t26) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t820 =  *(_v2484 + _t961) & 0x0000ffff;
                                                                                                                                                                                                                                                        								_t923 = _t923 & 0xffffff00 | _t820 != 0x00000000;
                                                                                                                                                                                                                                                        								_t1007 =  *((short*)(_t961 + L"log-launcher-error"));
                                                                                                                                                                                                                                                        								_t961 = _t961 + 2;
                                                                                                                                                                                                                                                        								if(_t1007 != 0) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(_t820 != 0) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        								L9:
                                                                                                                                                                                                                                                        								_t824 =  *_t979;
                                                                                                                                                                                                                                                        								 *(_t979 - 4) = _t824;
                                                                                                                                                                                                                                                        								_t979 =  &(_t979[2]);
                                                                                                                                                                                                                                                        								if(_t824 != 0) {
                                                                                                                                                                                                                                                        									goto L9;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t825 = _a8;
                                                                                                                                                                                                                                                        									 *_t825 =  *_t825 - 1;
                                                                                                                                                                                                                                                        									_t1010 =  *_t825;
                                                                                                                                                                                                                                                        									 *0xbfa764 = 1;
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t429 =  *(_t846 + 4);
                                                                                                                                                                                                                                                        						_t846 = _t846 + 4;
                                                                                                                                                                                                                                                        						_t979 =  &(_t979[2]);
                                                                                                                                                                                                                                                        						__eflags = _t429;
                                                                                                                                                                                                                                                        					} while (__eflags != 0);
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






































































































































































































































































































































                                                                                                                                                                                                                                                        0x00bb3ddf
                                                                                                                                                                                                                                                        0x00bb3de4
                                                                                                                                                                                                                                                        0x00bb3de7
                                                                                                                                                                                                                                                        0x00bb3df7
                                                                                                                                                                                                                                                        0x00bb3df9
                                                                                                                                                                                                                                                        0x00bb3e04
                                                                                                                                                                                                                                                        0x00bb3e0b
                                                                                                                                                                                                                                                        0x00bb3e10
                                                                                                                                                                                                                                                        0x00bb3e16
                                                                                                                                                                                                                                                        0x00bb3e1c
                                                                                                                                                                                                                                                        0x00bb3e20
                                                                                                                                                                                                                                                        0x00bb3e25
                                                                                                                                                                                                                                                        0x00bb3ed7
                                                                                                                                                                                                                                                        0x00bb3edb
                                                                                                                                                                                                                                                        0x00bb3ee4
                                                                                                                                                                                                                                                        0x00bb3ee8
                                                                                                                                                                                                                                                        0x00bb4087
                                                                                                                                                                                                                                                        0x00bb4087
                                                                                                                                                                                                                                                        0x00bb4092
                                                                                                                                                                                                                                                        0x00bb409d
                                                                                                                                                                                                                                                        0x00bb40af
                                                                                                                                                                                                                                                        0x00bb40c0
                                                                                                                                                                                                                                                        0x00bb40c5
                                                                                                                                                                                                                                                        0x00bb40c9
                                                                                                                                                                                                                                                        0x00bb422c
                                                                                                                                                                                                                                                        0x00bb4231
                                                                                                                                                                                                                                                        0x00bb4233
                                                                                                                                                                                                                                                        0x00bb40de
                                                                                                                                                                                                                                                        0x00bb40e6
                                                                                                                                                                                                                                                        0x00bb40ec
                                                                                                                                                                                                                                                        0x00bb40f0
                                                                                                                                                                                                                                                        0x00bb40f4
                                                                                                                                                                                                                                                        0x00bb4285
                                                                                                                                                                                                                                                        0x00bb428b
                                                                                                                                                                                                                                                        0x00bb428e
                                                                                                                                                                                                                                                        0x00bb4348
                                                                                                                                                                                                                                                        0x00bb434d
                                                                                                                                                                                                                                                        0x00bb4352
                                                                                                                                                                                                                                                        0x00bb4360
                                                                                                                                                                                                                                                        0x00bb4362
                                                                                                                                                                                                                                                        0x00bb42d9
                                                                                                                                                                                                                                                        0x00bb42df
                                                                                                                                                                                                                                                        0x00bb4320
                                                                                                                                                                                                                                                        0x00bb4322
                                                                                                                                                                                                                                                        0x00bb41e2
                                                                                                                                                                                                                                                        0x00bb41e2
                                                                                                                                                                                                                                                        0x00bb41e8
                                                                                                                                                                                                                                                        0x00bb41eb
                                                                                                                                                                                                                                                        0x00bb41eb
                                                                                                                                                                                                                                                        0x00bb41f6
                                                                                                                                                                                                                                                        0x00bb4252
                                                                                                                                                                                                                                                        0x00bb425d
                                                                                                                                                                                                                                                        0x00bb4264
                                                                                                                                                                                                                                                        0x00bb4272
                                                                                                                                                                                                                                                        0x00bb4279
                                                                                                                                                                                                                                                        0x00bb427e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb41f8
                                                                                                                                                                                                                                                        0x00bb41fa
                                                                                                                                                                                                                                                        0x00bb41fd
                                                                                                                                                                                                                                                        0x00bb4202
                                                                                                                                                                                                                                                        0x00bb4208
                                                                                                                                                                                                                                                        0x00bb420d
                                                                                                                                                                                                                                                        0x00bb432b
                                                                                                                                                                                                                                                        0x00bb432e
                                                                                                                                                                                                                                                        0x00bb4339
                                                                                                                                                                                                                                                        0x00bb433e
                                                                                                                                                                                                                                                        0x00bb433e
                                                                                                                                                                                                                                                        0x00bb432e
                                                                                                                                                                                                                                                        0x00bb4217
                                                                                                                                                                                                                                                        0x00bb421b
                                                                                                                                                                                                                                                        0x00bb4567
                                                                                                                                                                                                                                                        0x00bb4567
                                                                                                                                                                                                                                                        0x00bb4569
                                                                                                                                                                                                                                                        0x00bb4586
                                                                                                                                                                                                                                                        0x00bb4586
                                                                                                                                                                                                                                                        0x00bb4588
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4588
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4221
                                                                                                                                                                                                                                                        0x00bb4224
                                                                                                                                                                                                                                                        0x00bb441d
                                                                                                                                                                                                                                                        0x00bb4427
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4439
                                                                                                                                                                                                                                                        0x00bb443c
                                                                                                                                                                                                                                                        0x00bb4444
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb444a
                                                                                                                                                                                                                                                        0x00bb4450
                                                                                                                                                                                                                                                        0x00bb4457
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4459
                                                                                                                                                                                                                                                        0x00bb4460
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4466
                                                                                                                                                                                                                                                        0x00bb446c
                                                                                                                                                                                                                                                        0x00bb4473
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4475
                                                                                                                                                                                                                                                        0x00bb447c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4482
                                                                                                                                                                                                                                                        0x00bb4488
                                                                                                                                                                                                                                                        0x00bb448f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4495
                                                                                                                                                                                                                                                        0x00bb449c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44a6
                                                                                                                                                                                                                                                        0x00bb44ac
                                                                                                                                                                                                                                                        0x00bb44b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44b9
                                                                                                                                                                                                                                                        0x00bb44c0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44ca
                                                                                                                                                                                                                                                        0x00bb44d0
                                                                                                                                                                                                                                                        0x00bb44d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44dd
                                                                                                                                                                                                                                                        0x00bb44e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb44ee
                                                                                                                                                                                                                                                        0x00bb44f4
                                                                                                                                                                                                                                                        0x00bb44fb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4501
                                                                                                                                                                                                                                                        0x00bb4508
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4512
                                                                                                                                                                                                                                                        0x00bb4518
                                                                                                                                                                                                                                                        0x00bb451f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4525
                                                                                                                                                                                                                                                        0x00bb452c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4536
                                                                                                                                                                                                                                                        0x00bb453c
                                                                                                                                                                                                                                                        0x00bb4543
                                                                                                                                                                                                                                                        0x00bb4554
                                                                                                                                                                                                                                                        0x00bb4554
                                                                                                                                                                                                                                                        0x00bb4556
                                                                                                                                                                                                                                                        0x00bb4559
                                                                                                                                                                                                                                                        0x00bb455c
                                                                                                                                                                                                                                                        0x00bb4563
                                                                                                                                                                                                                                                        0x00bb456b
                                                                                                                                                                                                                                                        0x00bb456f
                                                                                                                                                                                                                                                        0x00bb4572
                                                                                                                                                                                                                                                        0x00bb4574
                                                                                                                                                                                                                                                        0x00bb4578
                                                                                                                                                                                                                                                        0x00bb4730
                                                                                                                                                                                                                                                        0x00bb4590
                                                                                                                                                                                                                                                        0x00bb4590
                                                                                                                                                                                                                                                        0x00bb459b
                                                                                                                                                                                                                                                        0x00bb459f
                                                                                                                                                                                                                                                        0x00bb45a4
                                                                                                                                                                                                                                                        0x00bb45af
                                                                                                                                                                                                                                                        0x00bb473e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb473e
                                                                                                                                                                                                                                                        0x00bb45bd
                                                                                                                                                                                                                                                        0x00bb46be
                                                                                                                                                                                                                                                        0x00bb46c7
                                                                                                                                                                                                                                                        0x00bb46c9
                                                                                                                                                                                                                                                        0x00bb47cb
                                                                                                                                                                                                                                                        0x00bb47ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb47d4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb47d4
                                                                                                                                                                                                                                                        0x00bb46cf
                                                                                                                                                                                                                                                        0x00bb46d4
                                                                                                                                                                                                                                                        0x00bb46dd
                                                                                                                                                                                                                                                        0x00bb46df
                                                                                                                                                                                                                                                        0x00bb47df
                                                                                                                                                                                                                                                        0x00bb47e3
                                                                                                                                                                                                                                                        0x00bb47ee
                                                                                                                                                                                                                                                        0x00bb4806
                                                                                                                                                                                                                                                        0x00bb480a
                                                                                                                                                                                                                                                        0x00bb4813
                                                                                                                                                                                                                                                        0x00bb4813
                                                                                                                                                                                                                                                        0x00bb47e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb46df
                                                                                                                                                                                                                                                        0x00bb45c3
                                                                                                                                                                                                                                                        0x00bb45cd
                                                                                                                                                                                                                                                        0x00bb4787
                                                                                                                                                                                                                                                        0x00bb4787
                                                                                                                                                                                                                                                        0x00bb478d
                                                                                                                                                                                                                                                        0x00bb4794
                                                                                                                                                                                                                                                        0x00bb4799
                                                                                                                                                                                                                                                        0x00bb479c
                                                                                                                                                                                                                                                        0x00bb47a2
                                                                                                                                                                                                                                                        0x00bb4823
                                                                                                                                                                                                                                                        0x00bb4828
                                                                                                                                                                                                                                                        0x00bb482b
                                                                                                                                                                                                                                                        0x00bb4832
                                                                                                                                                                                                                                                        0x00bb4838
                                                                                                                                                                                                                                                        0x00bb4842
                                                                                                                                                                                                                                                        0x00bb4847
                                                                                                                                                                                                                                                        0x00bb4847
                                                                                                                                                                                                                                                        0x00bb4832
                                                                                                                                                                                                                                                        0x00bb47a4
                                                                                                                                                                                                                                                        0x00bb47a9
                                                                                                                                                                                                                                                        0x00bb47ac
                                                                                                                                                                                                                                                        0x00bb47ae
                                                                                                                                                                                                                                                        0x00bb47b4
                                                                                                                                                                                                                                                        0x00bb47c4
                                                                                                                                                                                                                                                        0x00bb47c4
                                                                                                                                                                                                                                                        0x00bb4669
                                                                                                                                                                                                                                                        0x00bb4669
                                                                                                                                                                                                                                                        0x00bb4670
                                                                                                                                                                                                                                                        0x00bb4745
                                                                                                                                                                                                                                                        0x00bb4745
                                                                                                                                                                                                                                                        0x00bb474d
                                                                                                                                                                                                                                                        0x00bb4758
                                                                                                                                                                                                                                                        0x00bb4763
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4763
                                                                                                                                                                                                                                                        0x00bb467d
                                                                                                                                                                                                                                                        0x00bb4682
                                                                                                                                                                                                                                                        0x00bb4689
                                                                                                                                                                                                                                                        0x00bb4696
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb469c
                                                                                                                                                                                                                                                        0x00bb469e
                                                                                                                                                                                                                                                        0x00bb46a0
                                                                                                                                                                                                                                                        0x00bb46a5
                                                                                                                                                                                                                                                        0x00bb573e
                                                                                                                                                                                                                                                        0x00bb5743
                                                                                                                                                                                                                                                        0x00bb5749
                                                                                                                                                                                                                                                        0x00bb574c
                                                                                                                                                                                                                                                        0x00bb574e
                                                                                                                                                                                                                                                        0x00bb5759
                                                                                                                                                                                                                                                        0x00bb575e
                                                                                                                                                                                                                                                        0x00bb5764
                                                                                                                                                                                                                                                        0x00bb5767
                                                                                                                                                                                                                                                        0x00bb5769
                                                                                                                                                                                                                                                        0x00bb577e
                                                                                                                                                                                                                                                        0x00bb4cc6
                                                                                                                                                                                                                                                        0x00bb4cca
                                                                                                                                                                                                                                                        0x00bb4cce
                                                                                                                                                                                                                                                        0x00bb4eb4
                                                                                                                                                                                                                                                        0x00bb4eb4
                                                                                                                                                                                                                                                        0x00bb4eb7
                                                                                                                                                                                                                                                        0x00bb4eca
                                                                                                                                                                                                                                                        0x00bb4ece
                                                                                                                                                                                                                                                        0x00bb4ed3
                                                                                                                                                                                                                                                        0x00bb4ede
                                                                                                                                                                                                                                                        0x00bb51dc
                                                                                                                                                                                                                                                        0x00bb51e1
                                                                                                                                                                                                                                                        0x00bb51e4
                                                                                                                                                                                                                                                        0x00bb5238
                                                                                                                                                                                                                                                        0x00bb5238
                                                                                                                                                                                                                                                        0x00bb523f
                                                                                                                                                                                                                                                        0x00bb5182
                                                                                                                                                                                                                                                        0x00bb5188
                                                                                                                                                                                                                                                        0x00bb518f
                                                                                                                                                                                                                                                        0x00bb518f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5188
                                                                                                                                                                                                                                                        0x00bb4ee4
                                                                                                                                                                                                                                                        0x00bb4eea
                                                                                                                                                                                                                                                        0x00bb4eee
                                                                                                                                                                                                                                                        0x00bb4f06
                                                                                                                                                                                                                                                        0x00bb4f0a
                                                                                                                                                                                                                                                        0x00bb4f14
                                                                                                                                                                                                                                                        0x00bb51ee
                                                                                                                                                                                                                                                        0x00bb51f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb51f3
                                                                                                                                                                                                                                                        0x00bb4f21
                                                                                                                                                                                                                                                        0x00bb4f24
                                                                                                                                                                                                                                                        0x00bb4f29
                                                                                                                                                                                                                                                        0x00bb4f2c
                                                                                                                                                                                                                                                        0x00bb4f32
                                                                                                                                                                                                                                                        0x00bb4f36
                                                                                                                                                                                                                                                        0x00bb51ff
                                                                                                                                                                                                                                                        0x00bb5207
                                                                                                                                                                                                                                                        0x00bb5212
                                                                                                                                                                                                                                                        0x00bb521d
                                                                                                                                                                                                                                                        0x00bb5228
                                                                                                                                                                                                                                                        0x00bb522d
                                                                                                                                                                                                                                                        0x00bb5230
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5230
                                                                                                                                                                                                                                                        0x00bb4f40
                                                                                                                                                                                                                                                        0x00bb4f42
                                                                                                                                                                                                                                                        0x00bb4f46
                                                                                                                                                                                                                                                        0x00bb4f4b
                                                                                                                                                                                                                                                        0x00bb4f50
                                                                                                                                                                                                                                                        0x00bb5251
                                                                                                                                                                                                                                                        0x00bb5259
                                                                                                                                                                                                                                                        0x00bb5264
                                                                                                                                                                                                                                                        0x00bb526f
                                                                                                                                                                                                                                                        0x00bb527a
                                                                                                                                                                                                                                                        0x00bb527f
                                                                                                                                                                                                                                                        0x00bb5282
                                                                                                                                                                                                                                                        0x00bb5286
                                                                                                                                                                                                                                                        0x00bb528a
                                                                                                                                                                                                                                                        0x00bb5292
                                                                                                                                                                                                                                                        0x00bb5299
                                                                                                                                                                                                                                                        0x00bb5178
                                                                                                                                                                                                                                                        0x00bb5179
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb517f
                                                                                                                                                                                                                                                        0x00bb4f64
                                                                                                                                                                                                                                                        0x00bb4f6f
                                                                                                                                                                                                                                                        0x00bb4f7a
                                                                                                                                                                                                                                                        0x00bb4f85
                                                                                                                                                                                                                                                        0x00bb4f90
                                                                                                                                                                                                                                                        0x00bb4f97
                                                                                                                                                                                                                                                        0x00bb4fa2
                                                                                                                                                                                                                                                        0x00bb4faf
                                                                                                                                                                                                                                                        0x00bb4fb5
                                                                                                                                                                                                                                                        0x00bb4fbb
                                                                                                                                                                                                                                                        0x00bb4fbd
                                                                                                                                                                                                                                                        0x00bb4fc6
                                                                                                                                                                                                                                                        0x00bb4fca
                                                                                                                                                                                                                                                        0x00bb4fcc
                                                                                                                                                                                                                                                        0x00bb4fd0
                                                                                                                                                                                                                                                        0x00bb4fd9
                                                                                                                                                                                                                                                        0x00bb4fe2
                                                                                                                                                                                                                                                        0x00bb4fee
                                                                                                                                                                                                                                                        0x00bb4ff5
                                                                                                                                                                                                                                                        0x00bb4ffa
                                                                                                                                                                                                                                                        0x00bb5002
                                                                                                                                                                                                                                                        0x00bb52a8
                                                                                                                                                                                                                                                        0x00bb52ad
                                                                                                                                                                                                                                                        0x00bb5328
                                                                                                                                                                                                                                                        0x00bb5328
                                                                                                                                                                                                                                                        0x00bb532f
                                                                                                                                                                                                                                                        0x00bb5127
                                                                                                                                                                                                                                                        0x00bb5127
                                                                                                                                                                                                                                                        0x00bb512e
                                                                                                                                                                                                                                                        0x00bb5132
                                                                                                                                                                                                                                                        0x00bb513f
                                                                                                                                                                                                                                                        0x00bb5142
                                                                                                                                                                                                                                                        0x00bb5149
                                                                                                                                                                                                                                                        0x00bb514f
                                                                                                                                                                                                                                                        0x00bb514f
                                                                                                                                                                                                                                                        0x00bb5152
                                                                                                                                                                                                                                                        0x00bb5162
                                                                                                                                                                                                                                                        0x00bb5441
                                                                                                                                                                                                                                                        0x00bb5447
                                                                                                                                                                                                                                                        0x00bb5447
                                                                                                                                                                                                                                                        0x00bb5168
                                                                                                                                                                                                                                                        0x00bb516c
                                                                                                                                                                                                                                                        0x00bb5176
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5176
                                                                                                                                                                                                                                                        0x00bb5008
                                                                                                                                                                                                                                                        0x00bb500f
                                                                                                                                                                                                                                                        0x00bb52b2
                                                                                                                                                                                                                                                        0x00bb5015
                                                                                                                                                                                                                                                        0x00bb501d
                                                                                                                                                                                                                                                        0x00bb5022
                                                                                                                                                                                                                                                        0x00bb5028
                                                                                                                                                                                                                                                        0x00bb5030
                                                                                                                                                                                                                                                        0x00bb5037
                                                                                                                                                                                                                                                        0x00bb503c
                                                                                                                                                                                                                                                        0x00bb5043
                                                                                                                                                                                                                                                        0x00bb5043
                                                                                                                                                                                                                                                        0x00bb5022
                                                                                                                                                                                                                                                        0x00bb504d
                                                                                                                                                                                                                                                        0x00bb5051
                                                                                                                                                                                                                                                        0x00bb5055
                                                                                                                                                                                                                                                        0x00bb505c
                                                                                                                                                                                                                                                        0x00bb5062
                                                                                                                                                                                                                                                        0x00bb5066
                                                                                                                                                                                                                                                        0x00bb52db
                                                                                                                                                                                                                                                        0x00bb52dd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb506c
                                                                                                                                                                                                                                                        0x00bb5084
                                                                                                                                                                                                                                                        0x00bb508a
                                                                                                                                                                                                                                                        0x00bb508c
                                                                                                                                                                                                                                                        0x00bb52e3
                                                                                                                                                                                                                                                        0x00bb52e3
                                                                                                                                                                                                                                                        0x00bb52ec
                                                                                                                                                                                                                                                        0x00bb52f4
                                                                                                                                                                                                                                                        0x00bb52ff
                                                                                                                                                                                                                                                        0x00bb5310
                                                                                                                                                                                                                                                        0x00bb5312
                                                                                                                                                                                                                                                        0x00bb5315
                                                                                                                                                                                                                                                        0x00bb5323
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5323
                                                                                                                                                                                                                                                        0x00bb5092
                                                                                                                                                                                                                                                        0x00bb5095
                                                                                                                                                                                                                                                        0x00bb5099
                                                                                                                                                                                                                                                        0x00bb50a1
                                                                                                                                                                                                                                                        0x00bb50a6
                                                                                                                                                                                                                                                        0x00bb50ab
                                                                                                                                                                                                                                                        0x00bb50b3
                                                                                                                                                                                                                                                        0x00bb533a
                                                                                                                                                                                                                                                        0x00bb5380
                                                                                                                                                                                                                                                        0x00bb5380
                                                                                                                                                                                                                                                        0x00bb5388
                                                                                                                                                                                                                                                        0x00bb538e
                                                                                                                                                                                                                                                        0x00bb5395
                                                                                                                                                                                                                                                        0x00bb5109
                                                                                                                                                                                                                                                        0x00bb510f
                                                                                                                                                                                                                                                        0x00bb5112
                                                                                                                                                                                                                                                        0x00bb5112
                                                                                                                                                                                                                                                        0x00bb511e
                                                                                                                                                                                                                                                        0x00bb5121
                                                                                                                                                                                                                                                        0x00bb5121
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb511e
                                                                                                                                                                                                                                                        0x00bb50c3
                                                                                                                                                                                                                                                        0x00bb5340
                                                                                                                                                                                                                                                        0x00bb5349
                                                                                                                                                                                                                                                        0x00bb5351
                                                                                                                                                                                                                                                        0x00bb535c
                                                                                                                                                                                                                                                        0x00bb536d
                                                                                                                                                                                                                                                        0x00bb536f
                                                                                                                                                                                                                                                        0x00bb5372
                                                                                                                                                                                                                                                        0x00bb5379
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5379
                                                                                                                                                                                                                                                        0x00bb50ce
                                                                                                                                                                                                                                                        0x00bb53a0
                                                                                                                                                                                                                                                        0x00bb53a6
                                                                                                                                                                                                                                                        0x00bb53ae
                                                                                                                                                                                                                                                        0x00bb53b6
                                                                                                                                                                                                                                                        0x00bb53ba
                                                                                                                                                                                                                                                        0x00bb53c2
                                                                                                                                                                                                                                                        0x00bb53c4
                                                                                                                                                                                                                                                        0x00bb53c8
                                                                                                                                                                                                                                                        0x00bb53cc
                                                                                                                                                                                                                                                        0x00bb53d4
                                                                                                                                                                                                                                                        0x00bb53d4
                                                                                                                                                                                                                                                        0x00bb53d8
                                                                                                                                                                                                                                                        0x00bb53e0
                                                                                                                                                                                                                                                        0x00bb53e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb53e7
                                                                                                                                                                                                                                                        0x00bb53e7
                                                                                                                                                                                                                                                        0x00bb53ed
                                                                                                                                                                                                                                                        0x00bb53ed
                                                                                                                                                                                                                                                        0x00bb53f1
                                                                                                                                                                                                                                                        0x00bb53f5
                                                                                                                                                                                                                                                        0x00bb53f5
                                                                                                                                                                                                                                                        0x00bb53f9
                                                                                                                                                                                                                                                        0x00bb53f9
                                                                                                                                                                                                                                                        0x00bb53fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5401
                                                                                                                                                                                                                                                        0x00bb5409
                                                                                                                                                                                                                                                        0x00bb540f
                                                                                                                                                                                                                                                        0x00bb5412
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5414
                                                                                                                                                                                                                                                        0x00bb541a
                                                                                                                                                                                                                                                        0x00bb541f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5423
                                                                                                                                                                                                                                                        0x00bb5429
                                                                                                                                                                                                                                                        0x00bb542e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5430
                                                                                                                                                                                                                                                        0x00bb5432
                                                                                                                                                                                                                                                        0x00bb5432
                                                                                                                                                                                                                                                        0x00bb5435
                                                                                                                                                                                                                                                        0x00bb5105
                                                                                                                                                                                                                                                        0x00bb5105
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5105
                                                                                                                                                                                                                                                        0x00bb53e5
                                                                                                                                                                                                                                                        0x00bb50df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb50fc
                                                                                                                                                                                                                                                        0x00bb5103
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5103
                                                                                                                                                                                                                                                        0x00bb50df
                                                                                                                                                                                                                                                        0x00bb544f
                                                                                                                                                                                                                                                        0x00bb5459
                                                                                                                                                                                                                                                        0x00bb545c
                                                                                                                                                                                                                                                        0x00bb5464
                                                                                                                                                                                                                                                        0x00bb546c
                                                                                                                                                                                                                                                        0x00bb5491
                                                                                                                                                                                                                                                        0x00bb5497
                                                                                                                                                                                                                                                        0x00bb546e
                                                                                                                                                                                                                                                        0x00bb5475
                                                                                                                                                                                                                                                        0x00bb547a
                                                                                                                                                                                                                                                        0x00bb547d
                                                                                                                                                                                                                                                        0x00bb5484
                                                                                                                                                                                                                                                        0x00bb548a
                                                                                                                                                                                                                                                        0x00bb548a
                                                                                                                                                                                                                                                        0x00bb5499
                                                                                                                                                                                                                                                        0x00bb549c
                                                                                                                                                                                                                                                        0x00bb549e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb549e
                                                                                                                                                                                                                                                        0x00bb4eee
                                                                                                                                                                                                                                                        0x00bb4cd7
                                                                                                                                                                                                                                                        0x00bb4cda
                                                                                                                                                                                                                                                        0x00bb4ce4
                                                                                                                                                                                                                                                        0x00bb4cf4
                                                                                                                                                                                                                                                        0x00bb4cf9
                                                                                                                                                                                                                                                        0x00bb51cd
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4cff
                                                                                                                                                                                                                                                        0x00bb4d02
                                                                                                                                                                                                                                                        0x00bb4d05
                                                                                                                                                                                                                                                        0x00bb4d08
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d0a
                                                                                                                                                                                                                                                        0x00bb4d0e
                                                                                                                                                                                                                                                        0x00bb4d14
                                                                                                                                                                                                                                                        0x00bb4d17
                                                                                                                                                                                                                                                        0x00bb4d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d1d
                                                                                                                                                                                                                                                        0x00bb4d21
                                                                                                                                                                                                                                                        0x00bb4d24
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d2a
                                                                                                                                                                                                                                                        0x00bb4d30
                                                                                                                                                                                                                                                        0x00bb4d33
                                                                                                                                                                                                                                                        0x00bb4d37
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d39
                                                                                                                                                                                                                                                        0x00bb4d3d
                                                                                                                                                                                                                                                        0x00bb4d40
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d46
                                                                                                                                                                                                                                                        0x00bb4d4c
                                                                                                                                                                                                                                                        0x00bb4d4f
                                                                                                                                                                                                                                                        0x00bb4d53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d55
                                                                                                                                                                                                                                                        0x00bb4d59
                                                                                                                                                                                                                                                        0x00bb4d5c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d62
                                                                                                                                                                                                                                                        0x00bb4d68
                                                                                                                                                                                                                                                        0x00bb4d6b
                                                                                                                                                                                                                                                        0x00bb4d6f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d75
                                                                                                                                                                                                                                                        0x00bb4d79
                                                                                                                                                                                                                                                        0x00bb4d7c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d86
                                                                                                                                                                                                                                                        0x00bb4d8c
                                                                                                                                                                                                                                                        0x00bb4d8f
                                                                                                                                                                                                                                                        0x00bb4d93
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4d99
                                                                                                                                                                                                                                                        0x00bb4d9d
                                                                                                                                                                                                                                                        0x00bb4da0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4daa
                                                                                                                                                                                                                                                        0x00bb4db0
                                                                                                                                                                                                                                                        0x00bb4db3
                                                                                                                                                                                                                                                        0x00bb4db7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4dbd
                                                                                                                                                                                                                                                        0x00bb4dc1
                                                                                                                                                                                                                                                        0x00bb4dc4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4dce
                                                                                                                                                                                                                                                        0x00bb4dd4
                                                                                                                                                                                                                                                        0x00bb4dd7
                                                                                                                                                                                                                                                        0x00bb4ddb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4de1
                                                                                                                                                                                                                                                        0x00bb4de5
                                                                                                                                                                                                                                                        0x00bb4de8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4df2
                                                                                                                                                                                                                                                        0x00bb4df8
                                                                                                                                                                                                                                                        0x00bb4dfb
                                                                                                                                                                                                                                                        0x00bb4dff
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e05
                                                                                                                                                                                                                                                        0x00bb4e09
                                                                                                                                                                                                                                                        0x00bb4e0c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e16
                                                                                                                                                                                                                                                        0x00bb4e1c
                                                                                                                                                                                                                                                        0x00bb4e1f
                                                                                                                                                                                                                                                        0x00bb4e23
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e29
                                                                                                                                                                                                                                                        0x00bb4e2d
                                                                                                                                                                                                                                                        0x00bb4e30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e3a
                                                                                                                                                                                                                                                        0x00bb4e40
                                                                                                                                                                                                                                                        0x00bb4e43
                                                                                                                                                                                                                                                        0x00bb4e47
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e4d
                                                                                                                                                                                                                                                        0x00bb4e51
                                                                                                                                                                                                                                                        0x00bb4e54
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e5e
                                                                                                                                                                                                                                                        0x00bb4e64
                                                                                                                                                                                                                                                        0x00bb4e67
                                                                                                                                                                                                                                                        0x00bb4e6b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e71
                                                                                                                                                                                                                                                        0x00bb4e75
                                                                                                                                                                                                                                                        0x00bb4e78
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e82
                                                                                                                                                                                                                                                        0x00bb4e88
                                                                                                                                                                                                                                                        0x00bb4e8b
                                                                                                                                                                                                                                                        0x00bb4e8f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4e95
                                                                                                                                                                                                                                                        0x00bb4e9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ea0
                                                                                                                                                                                                                                                        0x00bb4ea0
                                                                                                                                                                                                                                                        0x00bb4ea0
                                                                                                                                                                                                                                                        0x00bb4ea2
                                                                                                                                                                                                                                                        0x00bb4ea5
                                                                                                                                                                                                                                                        0x00bb4ea8
                                                                                                                                                                                                                                                        0x00bb4ea8
                                                                                                                                                                                                                                                        0x00bb4eac
                                                                                                                                                                                                                                                        0x00bb4eaf
                                                                                                                                                                                                                                                        0x00bb4eb2
                                                                                                                                                                                                                                                        0x00bb4eb2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4eb2
                                                                                                                                                                                                                                                        0x00bb4d08
                                                                                                                                                                                                                                                        0x00bb4ce6
                                                                                                                                                                                                                                                        0x00bb4ce6
                                                                                                                                                                                                                                                        0x00bb4ce8
                                                                                                                                                                                                                                                        0x00bb4ceb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cef
                                                                                                                                                                                                                                                        0x00bb576b
                                                                                                                                                                                                                                                        0x00bb576e
                                                                                                                                                                                                                                                        0x00bb5773
                                                                                                                                                                                                                                                        0x00bb4cc1
                                                                                                                                                                                                                                                        0x00bb4cc1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cc1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5779
                                                                                                                                                                                                                                                        0x00bb5750
                                                                                                                                                                                                                                                        0x00bb5753
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5753
                                                                                                                                                                                                                                                        0x00bb46b1
                                                                                                                                                                                                                                                        0x00bb4a9c
                                                                                                                                                                                                                                                        0x00bb4aa6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4aad
                                                                                                                                                                                                                                                        0x00bb519a
                                                                                                                                                                                                                                                        0x00bb4ab3
                                                                                                                                                                                                                                                        0x00bb4ab3
                                                                                                                                                                                                                                                        0x00bb4ab3
                                                                                                                                                                                                                                                        0x00bb4ab6
                                                                                                                                                                                                                                                        0x00bb4abc
                                                                                                                                                                                                                                                        0x00bb4ac2
                                                                                                                                                                                                                                                        0x00bb4ac4
                                                                                                                                                                                                                                                        0x00bb4acb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4acd
                                                                                                                                                                                                                                                        0x00bb4acd
                                                                                                                                                                                                                                                        0x00bb4ad4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ada
                                                                                                                                                                                                                                                        0x00bb4adc
                                                                                                                                                                                                                                                        0x00bb4ae3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ae5
                                                                                                                                                                                                                                                        0x00bb4ae5
                                                                                                                                                                                                                                                        0x00bb4aec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4af2
                                                                                                                                                                                                                                                        0x00bb4af4
                                                                                                                                                                                                                                                        0x00bb4afb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4afd
                                                                                                                                                                                                                                                        0x00bb4afd
                                                                                                                                                                                                                                                        0x00bb4b04
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b0a
                                                                                                                                                                                                                                                        0x00bb4b0c
                                                                                                                                                                                                                                                        0x00bb4b13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b19
                                                                                                                                                                                                                                                        0x00bb4b19
                                                                                                                                                                                                                                                        0x00bb4b20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b2a
                                                                                                                                                                                                                                                        0x00bb4b2c
                                                                                                                                                                                                                                                        0x00bb4b33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b39
                                                                                                                                                                                                                                                        0x00bb4b39
                                                                                                                                                                                                                                                        0x00bb4b40
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b4a
                                                                                                                                                                                                                                                        0x00bb4b4c
                                                                                                                                                                                                                                                        0x00bb4b53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b59
                                                                                                                                                                                                                                                        0x00bb4b59
                                                                                                                                                                                                                                                        0x00bb4b60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b6a
                                                                                                                                                                                                                                                        0x00bb4b6c
                                                                                                                                                                                                                                                        0x00bb4b73
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b79
                                                                                                                                                                                                                                                        0x00bb4b79
                                                                                                                                                                                                                                                        0x00bb4b80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b8a
                                                                                                                                                                                                                                                        0x00bb4b8c
                                                                                                                                                                                                                                                        0x00bb4b93
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4b99
                                                                                                                                                                                                                                                        0x00bb4b99
                                                                                                                                                                                                                                                        0x00bb4ba0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4baa
                                                                                                                                                                                                                                                        0x00bb4bac
                                                                                                                                                                                                                                                        0x00bb4bb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bb9
                                                                                                                                                                                                                                                        0x00bb4bb9
                                                                                                                                                                                                                                                        0x00bb4bc0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bca
                                                                                                                                                                                                                                                        0x00bb4bcc
                                                                                                                                                                                                                                                        0x00bb4bd3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bd9
                                                                                                                                                                                                                                                        0x00bb4bd9
                                                                                                                                                                                                                                                        0x00bb4be0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bea
                                                                                                                                                                                                                                                        0x00bb4bec
                                                                                                                                                                                                                                                        0x00bb4bf3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4bf9
                                                                                                                                                                                                                                                        0x00bb4bf9
                                                                                                                                                                                                                                                        0x00bb4c00
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c0a
                                                                                                                                                                                                                                                        0x00bb4c0c
                                                                                                                                                                                                                                                        0x00bb4c13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c19
                                                                                                                                                                                                                                                        0x00bb4c19
                                                                                                                                                                                                                                                        0x00bb4c20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c2a
                                                                                                                                                                                                                                                        0x00bb4c2c
                                                                                                                                                                                                                                                        0x00bb4c33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c39
                                                                                                                                                                                                                                                        0x00bb4c39
                                                                                                                                                                                                                                                        0x00bb4c40
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c4a
                                                                                                                                                                                                                                                        0x00bb4c4c
                                                                                                                                                                                                                                                        0x00bb4c53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c59
                                                                                                                                                                                                                                                        0x00bb4c59
                                                                                                                                                                                                                                                        0x00bb4c60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c6a
                                                                                                                                                                                                                                                        0x00bb4c6c
                                                                                                                                                                                                                                                        0x00bb4c73
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c79
                                                                                                                                                                                                                                                        0x00bb4c79
                                                                                                                                                                                                                                                        0x00bb4c80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4c8a
                                                                                                                                                                                                                                                        0x00bb4c8c
                                                                                                                                                                                                                                                        0x00bb4c93
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4ca4
                                                                                                                                                                                                                                                        0x00bb4ca4
                                                                                                                                                                                                                                                        0x00bb4ca9
                                                                                                                                                                                                                                                        0x00bb4cac
                                                                                                                                                                                                                                                        0x00bb4cbc
                                                                                                                                                                                                                                                        0x00bb4cbf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cbf
                                                                                                                                                                                                                                                        0x00bb4cae
                                                                                                                                                                                                                                                        0x00bb4cb1
                                                                                                                                                                                                                                                        0x00bb4cb6
                                                                                                                                                                                                                                                        0x00bb51bb
                                                                                                                                                                                                                                                        0x00bb51bb
                                                                                                                                                                                                                                                        0x00bb51bd
                                                                                                                                                                                                                                                        0x00bb51c0
                                                                                                                                                                                                                                                        0x00bb51c3
                                                                                                                                                                                                                                                        0x00bb51c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb51cb
                                                                                                                                                                                                                                                        0x00bb51bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4cb6
                                                                                                                                                                                                                                                        0x00bb4c93
                                                                                                                                                                                                                                                        0x00bb4a8e
                                                                                                                                                                                                                                                        0x00bb4a8e
                                                                                                                                                                                                                                                        0x00bb4a91
                                                                                                                                                                                                                                                        0x00bb4a94
                                                                                                                                                                                                                                                        0x00bb4a94
                                                                                                                                                                                                                                                        0x00bb51a6
                                                                                                                                                                                                                                                        0x00bb51a9
                                                                                                                                                                                                                                                        0x00bb51ab
                                                                                                                                                                                                                                                        0x00bb51ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb51b3
                                                                                                                                                                                                                                                        0x00bb54b3
                                                                                                                                                                                                                                                        0x00bb54b9
                                                                                                                                                                                                                                                        0x00bb54bd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54c1
                                                                                                                                                                                                                                                        0x00bb54cf
                                                                                                                                                                                                                                                        0x00bb54d2
                                                                                                                                                                                                                                                        0x00bb54d7
                                                                                                                                                                                                                                                        0x00bb54da
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54e0
                                                                                                                                                                                                                                                        0x00bb54e2
                                                                                                                                                                                                                                                        0x00bb54e5
                                                                                                                                                                                                                                                        0x00bb54e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54eb
                                                                                                                                                                                                                                                        0x00bb54ef
                                                                                                                                                                                                                                                        0x00bb54f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54f8
                                                                                                                                                                                                                                                        0x00bb54fa
                                                                                                                                                                                                                                                        0x00bb54fd
                                                                                                                                                                                                                                                        0x00bb5501
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5503
                                                                                                                                                                                                                                                        0x00bb5507
                                                                                                                                                                                                                                                        0x00bb550a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5510
                                                                                                                                                                                                                                                        0x00bb5512
                                                                                                                                                                                                                                                        0x00bb5515
                                                                                                                                                                                                                                                        0x00bb5519
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb551b
                                                                                                                                                                                                                                                        0x00bb551f
                                                                                                                                                                                                                                                        0x00bb5522
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5528
                                                                                                                                                                                                                                                        0x00bb552a
                                                                                                                                                                                                                                                        0x00bb552d
                                                                                                                                                                                                                                                        0x00bb5531
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5537
                                                                                                                                                                                                                                                        0x00bb553b
                                                                                                                                                                                                                                                        0x00bb553e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5548
                                                                                                                                                                                                                                                        0x00bb554a
                                                                                                                                                                                                                                                        0x00bb554d
                                                                                                                                                                                                                                                        0x00bb5551
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5557
                                                                                                                                                                                                                                                        0x00bb555b
                                                                                                                                                                                                                                                        0x00bb555e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5568
                                                                                                                                                                                                                                                        0x00bb556a
                                                                                                                                                                                                                                                        0x00bb556d
                                                                                                                                                                                                                                                        0x00bb5571
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5577
                                                                                                                                                                                                                                                        0x00bb557b
                                                                                                                                                                                                                                                        0x00bb557e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5588
                                                                                                                                                                                                                                                        0x00bb558a
                                                                                                                                                                                                                                                        0x00bb558d
                                                                                                                                                                                                                                                        0x00bb5591
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5597
                                                                                                                                                                                                                                                        0x00bb559b
                                                                                                                                                                                                                                                        0x00bb559e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55a8
                                                                                                                                                                                                                                                        0x00bb55aa
                                                                                                                                                                                                                                                        0x00bb55ad
                                                                                                                                                                                                                                                        0x00bb55b1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55b7
                                                                                                                                                                                                                                                        0x00bb55bb
                                                                                                                                                                                                                                                        0x00bb55be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55c8
                                                                                                                                                                                                                                                        0x00bb55ca
                                                                                                                                                                                                                                                        0x00bb55cd
                                                                                                                                                                                                                                                        0x00bb55d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55d7
                                                                                                                                                                                                                                                        0x00bb55db
                                                                                                                                                                                                                                                        0x00bb55de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55e8
                                                                                                                                                                                                                                                        0x00bb55ea
                                                                                                                                                                                                                                                        0x00bb55ed
                                                                                                                                                                                                                                                        0x00bb55f1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb55f7
                                                                                                                                                                                                                                                        0x00bb55fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb54a6
                                                                                                                                                                                                                                                        0x00bb54a6
                                                                                                                                                                                                                                                        0x00bb54a8
                                                                                                                                                                                                                                                        0x00bb54ab
                                                                                                                                                                                                                                                        0x00bb54ab
                                                                                                                                                                                                                                                        0x00bb560b
                                                                                                                                                                                                                                                        0x00bb560e
                                                                                                                                                                                                                                                        0x00bb5610
                                                                                                                                                                                                                                                        0x00bb5612
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5618
                                                                                                                                                                                                                                                        0x00bb562a
                                                                                                                                                                                                                                                        0x00bb5630
                                                                                                                                                                                                                                                        0x00bb5634
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5638
                                                                                                                                                                                                                                                        0x00bb5646
                                                                                                                                                                                                                                                        0x00bb5649
                                                                                                                                                                                                                                                        0x00bb564e
                                                                                                                                                                                                                                                        0x00bb5651
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5657
                                                                                                                                                                                                                                                        0x00bb5659
                                                                                                                                                                                                                                                        0x00bb565c
                                                                                                                                                                                                                                                        0x00bb5660
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5662
                                                                                                                                                                                                                                                        0x00bb5666
                                                                                                                                                                                                                                                        0x00bb5669
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb566f
                                                                                                                                                                                                                                                        0x00bb5671
                                                                                                                                                                                                                                                        0x00bb5674
                                                                                                                                                                                                                                                        0x00bb5678
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb567a
                                                                                                                                                                                                                                                        0x00bb567e
                                                                                                                                                                                                                                                        0x00bb5681
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5687
                                                                                                                                                                                                                                                        0x00bb5689
                                                                                                                                                                                                                                                        0x00bb568c
                                                                                                                                                                                                                                                        0x00bb5690
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5692
                                                                                                                                                                                                                                                        0x00bb5696
                                                                                                                                                                                                                                                        0x00bb5699
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb569f
                                                                                                                                                                                                                                                        0x00bb56a1
                                                                                                                                                                                                                                                        0x00bb56a4
                                                                                                                                                                                                                                                        0x00bb56a8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ae
                                                                                                                                                                                                                                                        0x00bb56b2
                                                                                                                                                                                                                                                        0x00bb56b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56bf
                                                                                                                                                                                                                                                        0x00bb56c1
                                                                                                                                                                                                                                                        0x00bb56c4
                                                                                                                                                                                                                                                        0x00bb56c8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ce
                                                                                                                                                                                                                                                        0x00bb56d2
                                                                                                                                                                                                                                                        0x00bb56d5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56df
                                                                                                                                                                                                                                                        0x00bb56e1
                                                                                                                                                                                                                                                        0x00bb56e4
                                                                                                                                                                                                                                                        0x00bb56e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ee
                                                                                                                                                                                                                                                        0x00bb56f2
                                                                                                                                                                                                                                                        0x00bb56f5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb56ff
                                                                                                                                                                                                                                                        0x00bb5701
                                                                                                                                                                                                                                                        0x00bb5704
                                                                                                                                                                                                                                                        0x00bb5708
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb570e
                                                                                                                                                                                                                                                        0x00bb5712
                                                                                                                                                                                                                                                        0x00bb5715
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb571f
                                                                                                                                                                                                                                                        0x00bb5721
                                                                                                                                                                                                                                                        0x00bb5724
                                                                                                                                                                                                                                                        0x00bb5728
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb572e
                                                                                                                                                                                                                                                        0x00bb5733
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb561d
                                                                                                                                                                                                                                                        0x00bb561d
                                                                                                                                                                                                                                                        0x00bb561f
                                                                                                                                                                                                                                                        0x00bb5622
                                                                                                                                                                                                                                                        0x00bb5622
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb562a
                                                                                                                                                                                                                                                        0x00bb45d3
                                                                                                                                                                                                                                                        0x00bb45dd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb45f2
                                                                                                                                                                                                                                                        0x00bb45f7
                                                                                                                                                                                                                                                        0x00bb45fa
                                                                                                                                                                                                                                                        0x00bb4600
                                                                                                                                                                                                                                                        0x00bb460b
                                                                                                                                                                                                                                                        0x00bb4616
                                                                                                                                                                                                                                                        0x00bb4629
                                                                                                                                                                                                                                                        0x00bb4631
                                                                                                                                                                                                                                                        0x00bb4639
                                                                                                                                                                                                                                                        0x00bb4641
                                                                                                                                                                                                                                                        0x00bb4649
                                                                                                                                                                                                                                                        0x00bb464b
                                                                                                                                                                                                                                                        0x00bb4658
                                                                                                                                                                                                                                                        0x00bb4781
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4781
                                                                                                                                                                                                                                                        0x00bb4663
                                                                                                                                                                                                                                                        0x00bb4663
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4663
                                                                                                                                                                                                                                                        0x00bb457e
                                                                                                                                                                                                                                                        0x00bb485d
                                                                                                                                                                                                                                                        0x00bb4867
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4879
                                                                                                                                                                                                                                                        0x00bb487c
                                                                                                                                                                                                                                                        0x00bb4884
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb488a
                                                                                                                                                                                                                                                        0x00bb4890
                                                                                                                                                                                                                                                        0x00bb4897
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4899
                                                                                                                                                                                                                                                        0x00bb48a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48a6
                                                                                                                                                                                                                                                        0x00bb48ac
                                                                                                                                                                                                                                                        0x00bb48b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48b5
                                                                                                                                                                                                                                                        0x00bb48bc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48c2
                                                                                                                                                                                                                                                        0x00bb48c8
                                                                                                                                                                                                                                                        0x00bb48cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48d5
                                                                                                                                                                                                                                                        0x00bb48dc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48e6
                                                                                                                                                                                                                                                        0x00bb48ec
                                                                                                                                                                                                                                                        0x00bb48f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb48f9
                                                                                                                                                                                                                                                        0x00bb4900
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb490a
                                                                                                                                                                                                                                                        0x00bb4910
                                                                                                                                                                                                                                                        0x00bb4917
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb491d
                                                                                                                                                                                                                                                        0x00bb4924
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb492e
                                                                                                                                                                                                                                                        0x00bb4934
                                                                                                                                                                                                                                                        0x00bb493b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4941
                                                                                                                                                                                                                                                        0x00bb4948
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4952
                                                                                                                                                                                                                                                        0x00bb4958
                                                                                                                                                                                                                                                        0x00bb495f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4965
                                                                                                                                                                                                                                                        0x00bb496c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4976
                                                                                                                                                                                                                                                        0x00bb497c
                                                                                                                                                                                                                                                        0x00bb4983
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4989
                                                                                                                                                                                                                                                        0x00bb4990
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb499a
                                                                                                                                                                                                                                                        0x00bb49a0
                                                                                                                                                                                                                                                        0x00bb49a7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49ad
                                                                                                                                                                                                                                                        0x00bb49b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49be
                                                                                                                                                                                                                                                        0x00bb49c4
                                                                                                                                                                                                                                                        0x00bb49cb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49d1
                                                                                                                                                                                                                                                        0x00bb49d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49e2
                                                                                                                                                                                                                                                        0x00bb49e8
                                                                                                                                                                                                                                                        0x00bb49ef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb49f5
                                                                                                                                                                                                                                                        0x00bb49fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a06
                                                                                                                                                                                                                                                        0x00bb4a0c
                                                                                                                                                                                                                                                        0x00bb4a13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a19
                                                                                                                                                                                                                                                        0x00bb4a20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a2a
                                                                                                                                                                                                                                                        0x00bb4a30
                                                                                                                                                                                                                                                        0x00bb4a37
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a3d
                                                                                                                                                                                                                                                        0x00bb4a44
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a4e
                                                                                                                                                                                                                                                        0x00bb4a54
                                                                                                                                                                                                                                                        0x00bb4a5b
                                                                                                                                                                                                                                                        0x00bb4a6c
                                                                                                                                                                                                                                                        0x00bb4a6c
                                                                                                                                                                                                                                                        0x00bb4a6e
                                                                                                                                                                                                                                                        0x00bb4a71
                                                                                                                                                                                                                                                        0x00bb4a74
                                                                                                                                                                                                                                                        0x00bb4a74
                                                                                                                                                                                                                                                        0x00bb4a7b
                                                                                                                                                                                                                                                        0x00bb4a7d
                                                                                                                                                                                                                                                        0x00bb458d
                                                                                                                                                                                                                                                        0x00bb458d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb458d
                                                                                                                                                                                                                                                        0x00bb4850
                                                                                                                                                                                                                                                        0x00bb4850
                                                                                                                                                                                                                                                        0x00bb4852
                                                                                                                                                                                                                                                        0x00bb4855
                                                                                                                                                                                                                                                        0x00bb4855
                                                                                                                                                                                                                                                        0x00bb4a87
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4a87
                                                                                                                                                                                                                                                        0x00bb4410
                                                                                                                                                                                                                                                        0x00bb4410
                                                                                                                                                                                                                                                        0x00bb4412
                                                                                                                                                                                                                                                        0x00bb4415
                                                                                                                                                                                                                                                        0x00bb4415
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb441d
                                                                                                                                                                                                                                                        0x00bb421b
                                                                                                                                                                                                                                                        0x00bb41f6
                                                                                                                                                                                                                                                        0x00bb4294
                                                                                                                                                                                                                                                        0x00bb4294
                                                                                                                                                                                                                                                        0x00bb41d2
                                                                                                                                                                                                                                                        0x00bb41d2
                                                                                                                                                                                                                                                        0x00bb41da
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb41da
                                                                                                                                                                                                                                                        0x00bb4101
                                                                                                                                                                                                                                                        0x00bb4105
                                                                                                                                                                                                                                                        0x00bb4112
                                                                                                                                                                                                                                                        0x00bb429b
                                                                                                                                                                                                                                                        0x00bb42a2
                                                                                                                                                                                                                                                        0x00bb42a9
                                                                                                                                                                                                                                                        0x00bb4311
                                                                                                                                                                                                                                                        0x00bb4311
                                                                                                                                                                                                                                                        0x00bb4317
                                                                                                                                                                                                                                                        0x00bb4317
                                                                                                                                                                                                                                                        0x00bb431c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb431c
                                                                                                                                                                                                                                                        0x00bb4118
                                                                                                                                                                                                                                                        0x00bb412d
                                                                                                                                                                                                                                                        0x00bb4132
                                                                                                                                                                                                                                                        0x00bb413d
                                                                                                                                                                                                                                                        0x00bb42b2
                                                                                                                                                                                                                                                        0x00bb42b9
                                                                                                                                                                                                                                                        0x00bb42bf
                                                                                                                                                                                                                                                        0x00bb436a
                                                                                                                                                                                                                                                        0x00bb4377
                                                                                                                                                                                                                                                        0x00bb437e
                                                                                                                                                                                                                                                        0x00bb4382
                                                                                                                                                                                                                                                        0x00bb4389
                                                                                                                                                                                                                                                        0x00bb438e
                                                                                                                                                                                                                                                        0x00bb4396
                                                                                                                                                                                                                                                        0x00bb43cb
                                                                                                                                                                                                                                                        0x00bb43d7
                                                                                                                                                                                                                                                        0x00bb43d9
                                                                                                                                                                                                                                                        0x00bb43de
                                                                                                                                                                                                                                                        0x00bb43e6
                                                                                                                                                                                                                                                        0x00bb4398
                                                                                                                                                                                                                                                        0x00bb439f
                                                                                                                                                                                                                                                        0x00bb43a6
                                                                                                                                                                                                                                                        0x00bb43ad
                                                                                                                                                                                                                                                        0x00bb43b8
                                                                                                                                                                                                                                                        0x00bb43be
                                                                                                                                                                                                                                                        0x00bb43be
                                                                                                                                                                                                                                                        0x00bb43f3
                                                                                                                                                                                                                                                        0x00bb43f6
                                                                                                                                                                                                                                                        0x00bb4400
                                                                                                                                                                                                                                                        0x00bb4400
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb43f6
                                                                                                                                                                                                                                                        0x00bb42c5
                                                                                                                                                                                                                                                        0x00bb42d3
                                                                                                                                                                                                                                                        0x00bb42d5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb42d5
                                                                                                                                                                                                                                                        0x00bb414a
                                                                                                                                                                                                                                                        0x00bb4157
                                                                                                                                                                                                                                                        0x00bb42e5
                                                                                                                                                                                                                                                        0x00bb42ec
                                                                                                                                                                                                                                                        0x00bb42f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb42f3
                                                                                                                                                                                                                                                        0x00bb415d
                                                                                                                                                                                                                                                        0x00bb4172
                                                                                                                                                                                                                                                        0x00bb4177
                                                                                                                                                                                                                                                        0x00bb417a
                                                                                                                                                                                                                                                        0x00bb4183
                                                                                                                                                                                                                                                        0x00bb42fc
                                                                                                                                                                                                                                                        0x00bb4303
                                                                                                                                                                                                                                                        0x00bb430a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb430a
                                                                                                                                                                                                                                                        0x00bb4189
                                                                                                                                                                                                                                                        0x00bb4190
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4196
                                                                                                                                                                                                                                                        0x00bb4196
                                                                                                                                                                                                                                                        0x00bb419f
                                                                                                                                                                                                                                                        0x00bb41a8
                                                                                                                                                                                                                                                        0x00bb41b1
                                                                                                                                                                                                                                                        0x00bb41ba
                                                                                                                                                                                                                                                        0x00bb41be
                                                                                                                                                                                                                                                        0x00bb41c2
                                                                                                                                                                                                                                                        0x00bb41c6
                                                                                                                                                                                                                                                        0x00bb41cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb41cf
                                                                                                                                                                                                                                                        0x00bb4190
                                                                                                                                                                                                                                                        0x00bb4239
                                                                                                                                                                                                                                                        0x00bb423b
                                                                                                                                                                                                                                                        0x00bb4241
                                                                                                                                                                                                                                                        0x00bb4249
                                                                                                                                                                                                                                                        0x00bb4249
                                                                                                                                                                                                                                                        0x00bb424e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb424e
                                                                                                                                                                                                                                                        0x00bb40cf
                                                                                                                                                                                                                                                        0x00bb40d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3eee
                                                                                                                                                                                                                                                        0x00bb3ef7
                                                                                                                                                                                                                                                        0x00bb3efa
                                                                                                                                                                                                                                                        0x00bb3efa
                                                                                                                                                                                                                                                        0x00bb3f01
                                                                                                                                                                                                                                                        0x00bb4070
                                                                                                                                                                                                                                                        0x00bb4074
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4074
                                                                                                                                                                                                                                                        0x00bb3f07
                                                                                                                                                                                                                                                        0x00bb3f14
                                                                                                                                                                                                                                                        0x00bb3f17
                                                                                                                                                                                                                                                        0x00bb3f1a
                                                                                                                                                                                                                                                        0x00bb3f22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f2c
                                                                                                                                                                                                                                                        0x00bb3f2e
                                                                                                                                                                                                                                                        0x00bb3f35
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f3b
                                                                                                                                                                                                                                                        0x00bb3f42
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f4c
                                                                                                                                                                                                                                                        0x00bb3f4e
                                                                                                                                                                                                                                                        0x00bb3f55
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f5b
                                                                                                                                                                                                                                                        0x00bb3f62
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f6c
                                                                                                                                                                                                                                                        0x00bb3f6e
                                                                                                                                                                                                                                                        0x00bb3f75
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f7b
                                                                                                                                                                                                                                                        0x00bb3f82
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f8c
                                                                                                                                                                                                                                                        0x00bb3f8e
                                                                                                                                                                                                                                                        0x00bb3f95
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3f9b
                                                                                                                                                                                                                                                        0x00bb3fa2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fac
                                                                                                                                                                                                                                                        0x00bb3fae
                                                                                                                                                                                                                                                        0x00bb3fb5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fbb
                                                                                                                                                                                                                                                        0x00bb3fc2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fcc
                                                                                                                                                                                                                                                        0x00bb3fce
                                                                                                                                                                                                                                                        0x00bb3fd5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fdb
                                                                                                                                                                                                                                                        0x00bb3fe2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3fec
                                                                                                                                                                                                                                                        0x00bb3fee
                                                                                                                                                                                                                                                        0x00bb3ff5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ffb
                                                                                                                                                                                                                                                        0x00bb4002
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4008
                                                                                                                                                                                                                                                        0x00bb400a
                                                                                                                                                                                                                                                        0x00bb4011
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4013
                                                                                                                                                                                                                                                        0x00bb401a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4020
                                                                                                                                                                                                                                                        0x00bb4022
                                                                                                                                                                                                                                                        0x00bb4029
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb402b
                                                                                                                                                                                                                                                        0x00bb4032
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4038
                                                                                                                                                                                                                                                        0x00bb403a
                                                                                                                                                                                                                                                        0x00bb4041
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4043
                                                                                                                                                                                                                                                        0x00bb404a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb4050
                                                                                                                                                                                                                                                        0x00bb4052
                                                                                                                                                                                                                                                        0x00bb4059
                                                                                                                                                                                                                                                        0x00bb46e5
                                                                                                                                                                                                                                                        0x00bb46e9
                                                                                                                                                                                                                                                        0x00bb46f0
                                                                                                                                                                                                                                                        0x00bb46f5
                                                                                                                                                                                                                                                        0x00bb46fd
                                                                                                                                                                                                                                                        0x00bb476e
                                                                                                                                                                                                                                                        0x00bb4775
                                                                                                                                                                                                                                                        0x00bb4775
                                                                                                                                                                                                                                                        0x00bb46ff
                                                                                                                                                                                                                                                        0x00bb4702
                                                                                                                                                                                                                                                        0x00bb4709
                                                                                                                                                                                                                                                        0x00bb470f
                                                                                                                                                                                                                                                        0x00bb4721
                                                                                                                                                                                                                                                        0x00bb472f
                                                                                                                                                                                                                                                        0x00bb472f
                                                                                                                                                                                                                                                        0x00bb407a
                                                                                                                                                                                                                                                        0x00bb407a
                                                                                                                                                                                                                                                        0x00bb407c
                                                                                                                                                                                                                                                        0x00bb407f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3efa
                                                                                                                                                                                                                                                        0x00bb3e2b
                                                                                                                                                                                                                                                        0x00bb3e2e
                                                                                                                                                                                                                                                        0x00bb3e32
                                                                                                                                                                                                                                                        0x00bb3e51
                                                                                                                                                                                                                                                        0x00bb3e5b
                                                                                                                                                                                                                                                        0x00bb3e67
                                                                                                                                                                                                                                                        0x00bb3e6a
                                                                                                                                                                                                                                                        0x00bb3e6d
                                                                                                                                                                                                                                                        0x00bb3e70
                                                                                                                                                                                                                                                        0x00bb3e75
                                                                                                                                                                                                                                                        0x00bb3e79
                                                                                                                                                                                                                                                        0x00bb3e81
                                                                                                                                                                                                                                                        0x00bb3e84
                                                                                                                                                                                                                                                        0x00bb3e8d
                                                                                                                                                                                                                                                        0x00bb3e93
                                                                                                                                                                                                                                                        0x00bb3e96
                                                                                                                                                                                                                                                        0x00bb3e9d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ea3
                                                                                                                                                                                                                                                        0x00bb3eaa
                                                                                                                                                                                                                                                        0x00bb3ead
                                                                                                                                                                                                                                                        0x00bb3eb5
                                                                                                                                                                                                                                                        0x00bb3eb8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ebd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ebf
                                                                                                                                                                                                                                                        0x00bb3ebf
                                                                                                                                                                                                                                                        0x00bb3ec1
                                                                                                                                                                                                                                                        0x00bb3ec4
                                                                                                                                                                                                                                                        0x00bb3ec9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ecb
                                                                                                                                                                                                                                                        0x00bb3ecb
                                                                                                                                                                                                                                                        0x00bb3ece
                                                                                                                                                                                                                                                        0x00bb3ece
                                                                                                                                                                                                                                                        0x00bb3ed0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3ed0
                                                                                                                                                                                                                                                        0x00bb3ec9
                                                                                                                                                                                                                                                        0x00bb3e84
                                                                                                                                                                                                                                                        0x00bb3e40
                                                                                                                                                                                                                                                        0x00bb3e40
                                                                                                                                                                                                                                                        0x00bb3e43
                                                                                                                                                                                                                                                        0x00bb3e46
                                                                                                                                                                                                                                                        0x00bb3e49
                                                                                                                                                                                                                                                        0x00bb3e49
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3e51

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00BB3E10,?), ref: 00BB57FA
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,00BB3E10,?), ref: 00BB5812
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,00BB3E10,?), ref: 00BB582A
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB3E10,?), ref: 00BB5842
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB3E10,?), ref: 00BB5862
                                                                                                                                                                                                                                                          • Part of subcall function 00BB5790: towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB3E10,?), ref: 00BB58C3
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3E8D
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F2C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F4C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F6C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3F8C
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3FAC
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3FCC
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3FEC
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4008
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4020
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4038
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB4050
                                                                                                                                                                                                                                                        • NtQueryInformationProcess.NTDLL(000000FF,00000000,?,00000018,?), ref: 00BB40C0
                                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00001000,00000000,/builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h), ref: 00BB40E6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: towlower$Process$InformationOpenQuery
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h$/builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h$98$MOZ_AUTOMATION$MOZ_DEBUG_BROWSER_PAUSE$MOZ_DEBUG_BROWSER_PROCESS$MOZ_HEADLESS$MOZ_LAUNCHER_PROCESS$MOZ_LAUNCHER_PROCESS=$W$X
                                                                                                                                                                                                                                                        • API String ID: 4148972019-2594327545
                                                                                                                                                                                                                                                        • Opcode ID: 3da1133b141d4fe613116747acff2d7f9ae736503d654802d7bd24a8abf777c1
                                                                                                                                                                                                                                                        • Instruction ID: 2ffc4ef9453a89591855cad08eb129d7449c270f5aa4d909c40e75e90ff0cdfd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3da1133b141d4fe613116747acff2d7f9ae736503d654802d7bd24a8abf777c1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E4D2EFB49043519BDB309F24D8447F777E4FF40701F8484A9EC898B292EBB4DD96DAA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BBEE50(void* _a4, void* _a8, PVOID* _a12, long _a16, long _a20, struct _GUID _a24, long* _a28, union _SECTION_INHERIT _a32, long _a36, long _a40) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				char _v164;
                                                                                                                                                                                                                                                        				signed short* _v168;
                                                                                                                                                                                                                                                        				signed int _v172;
                                                                                                                                                                                                                                                        				void* _v176;
                                                                                                                                                                                                                                                        				intOrPtr* _v180;
                                                                                                                                                                                                                                                        				signed int _v184;
                                                                                                                                                                                                                                                        				void* _v192;
                                                                                                                                                                                                                                                        				intOrPtr _v196;
                                                                                                                                                                                                                                                        				char _v200;
                                                                                                                                                                                                                                                        				intOrPtr _v204;
                                                                                                                                                                                                                                                        				int _v208;
                                                                                                                                                                                                                                                        				void* _v212;
                                                                                                                                                                                                                                                        				long _v216;
                                                                                                                                                                                                                                                        				long _v220;
                                                                                                                                                                                                                                                        				void* _v224;
                                                                                                                                                                                                                                                        				long _v228;
                                                                                                                                                                                                                                                        				intOrPtr* _v232;
                                                                                                                                                                                                                                                        				char _v248;
                                                                                                                                                                                                                                                        				long _v264;
                                                                                                                                                                                                                                                        				char _v444;
                                                                                                                                                                                                                                                        				signed short* _v448;
                                                                                                                                                                                                                                                        				long _v452;
                                                                                                                                                                                                                                                        				signed short _v456;
                                                                                                                                                                                                                                                        				intOrPtr* _v460;
                                                                                                                                                                                                                                                        				void _v464;
                                                                                                                                                                                                                                                        				signed int _v468;
                                                                                                                                                                                                                                                        				char _v472;
                                                                                                                                                                                                                                                        				void* _v476;
                                                                                                                                                                                                                                                        				char _v480;
                                                                                                                                                                                                                                                        				intOrPtr _v484;
                                                                                                                                                                                                                                                        				long _v488;
                                                                                                                                                                                                                                                        				void* _v492;
                                                                                                                                                                                                                                                        				long _v496;
                                                                                                                                                                                                                                                        				long _v500;
                                                                                                                                                                                                                                                        				char _v504;
                                                                                                                                                                                                                                                        				signed int _v508;
                                                                                                                                                                                                                                                        				char _v512;
                                                                                                                                                                                                                                                        				long _v528;
                                                                                                                                                                                                                                                        				char _v1496;
                                                                                                                                                                                                                                                        				intOrPtr _v1500;
                                                                                                                                                                                                                                                        				signed short _v1504;
                                                                                                                                                                                                                                                        				signed char _v1509;
                                                                                                                                                                                                                                                        				void _v1516;
                                                                                                                                                                                                                                                        				char _v1540;
                                                                                                                                                                                                                                                        				signed short _v1548;
                                                                                                                                                                                                                                                        				signed int _v1550;
                                                                                                                                                                                                                                                        				void* _v1552;
                                                                                                                                                                                                                                                        				signed int _v1564;
                                                                                                                                                                                                                                                        				signed int _v1568;
                                                                                                                                                                                                                                                        				signed short _v1572;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _v1576;
                                                                                                                                                                                                                                                        				signed int _v1580;
                                                                                                                                                                                                                                                        				signed int _v1584;
                                                                                                                                                                                                                                                        				signed short _v1588;
                                                                                                                                                                                                                                                        				signed int _v1592;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _v1596;
                                                                                                                                                                                                                                                        				signed char _v1600;
                                                                                                                                                                                                                                                        				signed short* _v1604;
                                                                                                                                                                                                                                                        				signed char _v1612;
                                                                                                                                                                                                                                                        				signed short* _v1616;
                                                                                                                                                                                                                                                        				signed int _v1620;
                                                                                                                                                                                                                                                        				signed int _v1624;
                                                                                                                                                                                                                                                        				intOrPtr _v1628;
                                                                                                                                                                                                                                                        				signed int _v1632;
                                                                                                                                                                                                                                                        				signed int _v1644;
                                                                                                                                                                                                                                                        				intOrPtr _v1648;
                                                                                                                                                                                                                                                        				long _v1660;
                                                                                                                                                                                                                                                        				intOrPtr _t408;
                                                                                                                                                                                                                                                        				short* _t410;
                                                                                                                                                                                                                                                        				signed short _t412;
                                                                                                                                                                                                                                                        				signed int _t413;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t414;
                                                                                                                                                                                                                                                        				signed int _t419;
                                                                                                                                                                                                                                                        				char _t420;
                                                                                                                                                                                                                                                        				void* _t423;
                                                                                                                                                                                                                                                        				intOrPtr _t424;
                                                                                                                                                                                                                                                        				signed int _t427;
                                                                                                                                                                                                                                                        				signed int _t428;
                                                                                                                                                                                                                                                        				char* _t433;
                                                                                                                                                                                                                                                        				intOrPtr _t434;
                                                                                                                                                                                                                                                        				intOrPtr _t435;
                                                                                                                                                                                                                                                        				signed int _t437;
                                                                                                                                                                                                                                                        				intOrPtr _t441;
                                                                                                                                                                                                                                                        				signed int _t445;
                                                                                                                                                                                                                                                        				signed int _t447;
                                                                                                                                                                                                                                                        				void* _t451;
                                                                                                                                                                                                                                                        				void* _t453;
                                                                                                                                                                                                                                                        				intOrPtr* _t454;
                                                                                                                                                                                                                                                        				signed int _t456;
                                                                                                                                                                                                                                                        				int _t457;
                                                                                                                                                                                                                                                        				int _t459;
                                                                                                                                                                                                                                                        				int _t460;
                                                                                                                                                                                                                                                        				signed int _t466;
                                                                                                                                                                                                                                                        				signed int _t467;
                                                                                                                                                                                                                                                        				void* _t469;
                                                                                                                                                                                                                                                        				signed int _t471;
                                                                                                                                                                                                                                                        				void* _t472;
                                                                                                                                                                                                                                                        				signed int _t474;
                                                                                                                                                                                                                                                        				signed int _t475;
                                                                                                                                                                                                                                                        				signed int _t476;
                                                                                                                                                                                                                                                        				void* _t477;
                                                                                                                                                                                                                                                        				signed int _t479;
                                                                                                                                                                                                                                                        				signed int _t480;
                                                                                                                                                                                                                                                        				signed short _t485;
                                                                                                                                                                                                                                                        				signed short _t486;
                                                                                                                                                                                                                                                        				signed int _t488;
                                                                                                                                                                                                                                                        				void* _t489;
                                                                                                                                                                                                                                                        				signed int _t490;
                                                                                                                                                                                                                                                        				void* _t491;
                                                                                                                                                                                                                                                        				void* _t495;
                                                                                                                                                                                                                                                        				intOrPtr _t498;
                                                                                                                                                                                                                                                        				intOrPtr _t500;
                                                                                                                                                                                                                                                        				signed short _t502;
                                                                                                                                                                                                                                                        				signed int _t503;
                                                                                                                                                                                                                                                        				signed int _t504;
                                                                                                                                                                                                                                                        				signed int _t505;
                                                                                                                                                                                                                                                        				signed short* _t506;
                                                                                                                                                                                                                                                        				signed int _t507;
                                                                                                                                                                                                                                                        				short* _t512;
                                                                                                                                                                                                                                                        				void* _t513;
                                                                                                                                                                                                                                                        				signed int _t514;
                                                                                                                                                                                                                                                        				void* _t515;
                                                                                                                                                                                                                                                        				signed int _t516;
                                                                                                                                                                                                                                                        				signed int _t517;
                                                                                                                                                                                                                                                        				signed int _t518;
                                                                                                                                                                                                                                                        				void* _t519;
                                                                                                                                                                                                                                                        				void* _t521;
                                                                                                                                                                                                                                                        				unsigned int _t522;
                                                                                                                                                                                                                                                        				void* _t524;
                                                                                                                                                                                                                                                        				signed int _t526;
                                                                                                                                                                                                                                                        				void* _t527;
                                                                                                                                                                                                                                                        				void* _t528;
                                                                                                                                                                                                                                                        				intOrPtr _t533;
                                                                                                                                                                                                                                                        				signed int _t535;
                                                                                                                                                                                                                                                        				signed char _t536;
                                                                                                                                                                                                                                                        				signed char _t537;
                                                                                                                                                                                                                                                        				intOrPtr _t538;
                                                                                                                                                                                                                                                        				signed short* _t545;
                                                                                                                                                                                                                                                        				signed int _t547;
                                                                                                                                                                                                                                                        				void* _t558;
                                                                                                                                                                                                                                                        				signed int _t560;
                                                                                                                                                                                                                                                        				char _t562;
                                                                                                                                                                                                                                                        				signed int _t565;
                                                                                                                                                                                                                                                        				signed int _t571;
                                                                                                                                                                                                                                                        				signed int _t572;
                                                                                                                                                                                                                                                        				void* _t574;
                                                                                                                                                                                                                                                        				signed int _t575;
                                                                                                                                                                                                                                                        				signed int _t576;
                                                                                                                                                                                                                                                        				void* _t578;
                                                                                                                                                                                                                                                        				signed int _t581;
                                                                                                                                                                                                                                                        				signed int _t585;
                                                                                                                                                                                                                                                        				signed int _t586;
                                                                                                                                                                                                                                                        				signed int _t587;
                                                                                                                                                                                                                                                        				signed int _t588;
                                                                                                                                                                                                                                                        				signed int _t589;
                                                                                                                                                                                                                                                        				signed int _t594;
                                                                                                                                                                                                                                                        				signed int _t597;
                                                                                                                                                                                                                                                        				signed int _t598;
                                                                                                                                                                                                                                                        				void* _t604;
                                                                                                                                                                                                                                                        				void* _t605;
                                                                                                                                                                                                                                                        				signed int _t607;
                                                                                                                                                                                                                                                        				signed short* _t608;
                                                                                                                                                                                                                                                        				PVOID* _t620;
                                                                                                                                                                                                                                                        				signed int _t624;
                                                                                                                                                                                                                                                        				void* _t625;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t626;
                                                                                                                                                                                                                                                        				signed int _t627;
                                                                                                                                                                                                                                                        				signed int _t629;
                                                                                                                                                                                                                                                        				long _t630;
                                                                                                                                                                                                                                                        				void* _t631;
                                                                                                                                                                                                                                                        				intOrPtr _t632;
                                                                                                                                                                                                                                                        				void* _t634;
                                                                                                                                                                                                                                                        				void* _t635;
                                                                                                                                                                                                                                                        				void* _t636;
                                                                                                                                                                                                                                                        				intOrPtr _t637;
                                                                                                                                                                                                                                                        				signed int _t638;
                                                                                                                                                                                                                                                        				intOrPtr _t639;
                                                                                                                                                                                                                                                        				signed int _t640;
                                                                                                                                                                                                                                                        				signed int _t641;
                                                                                                                                                                                                                                                        				signed int _t642;
                                                                                                                                                                                                                                                        				signed int _t643;
                                                                                                                                                                                                                                                        				signed int _t645;
                                                                                                                                                                                                                                                        				signed int _t646;
                                                                                                                                                                                                                                                        				void* _t647;
                                                                                                                                                                                                                                                        				signed int _t648;
                                                                                                                                                                                                                                                        				signed int _t650;
                                                                                                                                                                                                                                                        				signed int _t651;
                                                                                                                                                                                                                                                        				signed int _t652;
                                                                                                                                                                                                                                                        				signed char _t653;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t654;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t655;
                                                                                                                                                                                                                                                        				signed int _t656;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t657;
                                                                                                                                                                                                                                                        				signed int _t661;
                                                                                                                                                                                                                                                        				void* _t662;
                                                                                                                                                                                                                                                        				signed int _t664;
                                                                                                                                                                                                                                                        				signed int _t668;
                                                                                                                                                                                                                                                        				signed int _t670;
                                                                                                                                                                                                                                                        				void* _t671;
                                                                                                                                                                                                                                                        				intOrPtr* _t672;
                                                                                                                                                                                                                                                        				intOrPtr* _t673;
                                                                                                                                                                                                                                                        				signed int _t678;
                                                                                                                                                                                                                                                        				signed int _t679;
                                                                                                                                                                                                                                                        				signed short* _t680;
                                                                                                                                                                                                                                                        				signed int _t681;
                                                                                                                                                                                                                                                        				void* _t682;
                                                                                                                                                                                                                                                        				signed int _t683;
                                                                                                                                                                                                                                                        				signed int _t684;
                                                                                                                                                                                                                                                        				void* _t686;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t686 = (_t684 & 0xfffffff8) - 0x5e8;
                                                                                                                                                                                                                                                        				_t594 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t647 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t594 ^ _t683;
                                                                                                                                                                                                                                                        				_t596 = _a32;
                                                                                                                                                                                                                                                        				_t620 = _a12;
                                                                                                                                                                                                                                                        				_t404 = NtMapViewOfSection(_a4, _t647, _t620, _a16, _a20, _a24, _a28, _a32, _a36, _a40); // executed
                                                                                                                                                                                                                                                        				_t648 = _t404;
                                                                                                                                                                                                                                                        				if(_t647 != 0xffffffff || _t648 < 0) {
                                                                                                                                                                                                                                                        					L18:
                                                                                                                                                                                                                                                        					E00BEECB0(_t404, _v60 ^ _t683, _t596);
                                                                                                                                                                                                                                                        					return _t648;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(NtQueryVirtualMemory(0xffffffff,  *_t620, 0,  &_v1516, 0x1c, 0) < 0) {
                                                                                                                                                                                                                                                        						L16:
                                                                                                                                                                                                                                                        						_push( *_t620);
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						_t404 = NtUnmapViewOfSection(0xffffffff);
                                                                                                                                                                                                                                                        						_t648 = 0xc0000022;
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if((_v1509 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t408 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        					_t596 =  &_v1496;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t408 + 0x24))( &_v1496,  *_t620);
                                                                                                                                                                                                                                                        					_t533 = _v1500;
                                                                                                                                                                                                                                                        					if(_t533 == 0) {
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t596 = _v1504 & 0x0000ffff;
                                                                                                                                                                                                                                                        					if(_t596 == 0) {
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t597 = _t596 >> 1;
                                                                                                                                                                                                                                                        					_t410 = _t533 + _t597 * 2 - 2;
                                                                                                                                                                                                                                                        					_t512 = _t410;
                                                                                                                                                                                                                                                        					if(_t597 == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t596 = _t512 + 2;
                                                                                                                                                                                                                                                        						_v1564 = _t648;
                                                                                                                                                                                                                                                        						_v1548 = _t596;
                                                                                                                                                                                                                                                        						_t412 = _t410 - _t596 + 2;
                                                                                                                                                                                                                                                        						_t650 = _t412 & 0x0000fffe;
                                                                                                                                                                                                                                                        						_v1552 = _t650;
                                                                                                                                                                                                                                                        						_v1550 = _t650;
                                                                                                                                                                                                                                                        						_v1568 =  *_t620;
                                                                                                                                                                                                                                                        						if(_t650 < 0x20) {
                                                                                                                                                                                                                                                        							L41:
                                                                                                                                                                                                                                                        							_t513 = 0x64;
                                                                                                                                                                                                                                                        							_t651 = 0;
                                                                                                                                                                                                                                                        							asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t624 = (_t513 - _t651 >> 1) + _t651;
                                                                                                                                                                                                                                                        								_t413 = _t624 + _t624 * 2;
                                                                                                                                                                                                                                                        								_v1580 = _t413;
                                                                                                                                                                                                                                                        								_t414 = 0xbf0558 + _t413 * 8;
                                                                                                                                                                                                                                                        								_v1576 = _t414;
                                                                                                                                                                                                                                                        								if(RtlCompareUnicodeString( &_v1552, _t414, 1) == 0) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t68 = _t624 + 1; // 0x65
                                                                                                                                                                                                                                                        								_t513 =  <  ? _t624 : _t513;
                                                                                                                                                                                                                                                        								_t651 =  >=  ? _t68 : _t651;
                                                                                                                                                                                                                                                        								if(_t513 != _t651) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L44:
                                                                                                                                                                                                                                                        								_t404 =  *( *[fs:0x18] + 0x30);
                                                                                                                                                                                                                                                        								if( *( *( *[fs:0x18] + 0x30) + 0x18) == 0) {
                                                                                                                                                                                                                                                        									L185:
                                                                                                                                                                                                                                                        									_t648 = _v1600;
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t516 =  *_a12;
                                                                                                                                                                                                                                                        								_push( &_v212);
                                                                                                                                                                                                                                                        								_t433 =  &_v1540;
                                                                                                                                                                                                                                                        								_push(_t433);
                                                                                                                                                                                                                                                        								_push(1);
                                                                                                                                                                                                                                                        								L00BEF720();
                                                                                                                                                                                                                                                        								_t648 = _v1612;
                                                                                                                                                                                                                                                        								if(_t433 < 0) {
                                                                                                                                                                                                                                                        									_v220 = 0;
                                                                                                                                                                                                                                                        									_v224 = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t434 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        								if(_t434 ==  *((intOrPtr*)( *[fs:0x18] + 0x24)) ||  *0xbfa7d8 == 0) {
                                                                                                                                                                                                                                                        									_t627 = E00BC1490();
                                                                                                                                                                                                                                                        									__eflags = _t627;
                                                                                                                                                                                                                                                        									if(_t627 == 0) {
                                                                                                                                                                                                                                                        										goto L50;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L59;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t437 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        									_t404 =  *( *[fs:0x2c] + _t437 * 4);
                                                                                                                                                                                                                                                        									_t627 =  *( *( *[fs:0x2c] + _t437 * 4) + 8);
                                                                                                                                                                                                                                                        									if(_t627 != 0) {
                                                                                                                                                                                                                                                        										L59:
                                                                                                                                                                                                                                                        										__eflags =  *(_t627 + 0x34);
                                                                                                                                                                                                                                                        										if( *(_t627 + 0x34) == 0) {
                                                                                                                                                                                                                                                        											__eflags =  *(_t627 + 0x30);
                                                                                                                                                                                                                                                        											if( *(_t627 + 0x30) != 0) {
                                                                                                                                                                                                                                                        												_t110 = _t627 + 0x2c; // 0x2c
                                                                                                                                                                                                                                                        												_t657 = _t110;
                                                                                                                                                                                                                                                        												RtlFreeUnicodeString(_t657);
                                                                                                                                                                                                                                                        												 *(_t657 + 4) = 0;
                                                                                                                                                                                                                                                        												 *_t657 = 0;
                                                                                                                                                                                                                                                        												_t648 = _v1616;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											asm("movsd xmm0, [esp+0x588]");
                                                                                                                                                                                                                                                        											asm("movsd [edi+0x2c], xmm0");
                                                                                                                                                                                                                                                        											_v220 = 0;
                                                                                                                                                                                                                                                        											_v224 = 0;
                                                                                                                                                                                                                                                        											 *(_t627 + 0x34) = _t516;
                                                                                                                                                                                                                                                        											__eflags = _v220;
                                                                                                                                                                                                                                                        											if(_v220 != 0) {
                                                                                                                                                                                                                                                        												L62:
                                                                                                                                                                                                                                                        												_t404 =  &_v224;
                                                                                                                                                                                                                                                        												RtlFreeUnicodeString( &_v224);
                                                                                                                                                                                                                                                        												_v224 = 0;
                                                                                                                                                                                                                                                        												_v228 = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L60:
                                                                                                                                                                                                                                                        										_t596 =  &_v224;
                                                                                                                                                                                                                                                        										E00BC0C00( &_v504,  &_v224, _t516, _t648);
                                                                                                                                                                                                                                                        										_t404 = E00BBED70( &_v504); // executed
                                                                                                                                                                                                                                                        										L61:
                                                                                                                                                                                                                                                        										if(_v220 == 0) {
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L62;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L50:
                                                                                                                                                                                                                                                        									_t435 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t435 + 0x20))() == 0) {
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L60;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t535 = _v1580;
                                                                                                                                                                                                                                                        							_t514 = _v1592;
                                                                                                                                                                                                                                                        							__eflags = _t535;
                                                                                                                                                                                                                                                        							if(_t535 == 0) {
                                                                                                                                                                                                                                                        								_t652 = 0;
                                                                                                                                                                                                                                                        								_t596 = 0;
                                                                                                                                                                                                                                                        								__eflags = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t652 = 0;
                                                                                                                                                                                                                                                        								_t596 = 0;
                                                                                                                                                                                                                                                        								__eflags = ( *_t535 & 0x0000ffff) - 0x5a4d;
                                                                                                                                                                                                                                                        								if(( *_t535 & 0x0000ffff) == 0x5a4d) {
                                                                                                                                                                                                                                                        									_t498 =  *((intOrPtr*)(_t535 + 0x3c));
                                                                                                                                                                                                                                                        									_t652 = 0;
                                                                                                                                                                                                                                                        									__eflags =  *(_t535 + _t498) - 0x4550;
                                                                                                                                                                                                                                                        									_t596 = _t535 + _t498;
                                                                                                                                                                                                                                                        									if( *(_t535 + _t498) == 0x4550) {
                                                                                                                                                                                                                                                        										__eflags = ( *(_t596 + 0x18) & 0x0000ffff) - 0x10b;
                                                                                                                                                                                                                                                        										if(( *(_t596 + 0x18) & 0x0000ffff) == 0x10b) {
                                                                                                                                                                                                                                                        											_t500 =  *((intOrPtr*)(_t596 + 0x50));
                                                                                                                                                                                                                                                        											__eflags = _t500 - 0x138;
                                                                                                                                                                                                                                                        											if(_t500 >= 0x138) {
                                                                                                                                                                                                                                                        												_t652 = _t500 + _t535 - 1;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t536 =  *(0xbf0568 + _t514 * 8);
                                                                                                                                                                                                                                                        							__eflags = _t624 - 0x21;
                                                                                                                                                                                                                                                        							_v1584 = _t596;
                                                                                                                                                                                                                                                        							_v1592 = _t652;
                                                                                                                                                                                                                                                        							if(_t624 == 0x21) {
                                                                                                                                                                                                                                                        								L67:
                                                                                                                                                                                                                                                        								_t653 = _t536;
                                                                                                                                                                                                                                                        								memset( &_v464, 0, 0x110);
                                                                                                                                                                                                                                                        								_t686 = _t686 + 0xc;
                                                                                                                                                                                                                                                        								_t419 =  &_v468;
                                                                                                                                                                                                                                                        								_v468 = 0x114;
                                                                                                                                                                                                                                                        								_push(_t419);
                                                                                                                                                                                                                                                        								L00BEF738();
                                                                                                                                                                                                                                                        								__eflags = _t419;
                                                                                                                                                                                                                                                        								if(_t419 < 0) {
                                                                                                                                                                                                                                                        									_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        									_t625 = 0xffffffff;
                                                                                                                                                                                                                                                        									_t537 = _t653;
                                                                                                                                                                                                                                                        									_v1604 = 2;
                                                                                                                                                                                                                                                        									goto L103;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t624 - 0x39;
                                                                                                                                                                                                                                                        								if(_t624 == 0x39) {
                                                                                                                                                                                                                                                        									__eflags = _v468 - 6;
                                                                                                                                                                                                                                                        									if(__eflags > 0) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t537 = _t653;
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										L84:
                                                                                                                                                                                                                                                        										_t652 = _v1596;
                                                                                                                                                                                                                                                        										goto L85;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v464 - 1;
                                                                                                                                                                                                                                                        									if(_v464 > 1) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L84;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t624 - 0x21;
                                                                                                                                                                                                                                                        								_t537 = _t653;
                                                                                                                                                                                                                                                        								if(_t624 != 0x21) {
                                                                                                                                                                                                                                                        									goto L84;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v468 - 6;
                                                                                                                                                                                                                                                        								if(__eflags > 0) {
                                                                                                                                                                                                                                                        									goto L44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(__eflags != 0) {
                                                                                                                                                                                                                                                        									goto L84;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v464 - 2;
                                                                                                                                                                                                                                                        								if(_v464 > 2) {
                                                                                                                                                                                                                                                        									goto L44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L84;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								__eflags = _t624 - 0x60;
                                                                                                                                                                                                                                                        								if(_t624 == 0x60) {
                                                                                                                                                                                                                                                        									__eflags =  *0xbfa538 & 0x00000001;
                                                                                                                                                                                                                                                        									if(( *0xbfa538 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L85:
                                                                                                                                                                                                                                                        									__eflags = _t537 & 0x00000010;
                                                                                                                                                                                                                                                        									if((_t537 & 0x00000010) == 0) {
                                                                                                                                                                                                                                                        										L87:
                                                                                                                                                                                                                                                        										_t640 = _t624 << 3;
                                                                                                                                                                                                                                                        										_t126 = _t640 * 2; // 0x0
                                                                                                                                                                                                                                                        										_t596 =  *(_t640 + _t126 + 0xbf0564);
                                                                                                                                                                                                                                                        										_t129 = _t640 * 2; // 0x80005
                                                                                                                                                                                                                                                        										_t641 =  *(_t640 + _t129 + 0xbf0560);
                                                                                                                                                                                                                                                        										__eflags = (_t641 & _t596) - 0xffffffff;
                                                                                                                                                                                                                                                        										if((_t641 & _t596) == 0xffffffff) {
                                                                                                                                                                                                                                                        											_v1604 = 3;
                                                                                                                                                                                                                                                        											L101:
                                                                                                                                                                                                                                                        											_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        											L102:
                                                                                                                                                                                                                                                        											_t625 = 0xffffffff;
                                                                                                                                                                                                                                                        											L103:
                                                                                                                                                                                                                                                        											_v1600 = _t537;
                                                                                                                                                                                                                                                        											_push(0xbfa7a0);
                                                                                                                                                                                                                                                        											L00BEF708();
                                                                                                                                                                                                                                                        											_t654 =  *0xbfa79c; // 0x0
                                                                                                                                                                                                                                                        											__eflags = _t654;
                                                                                                                                                                                                                                                        											if(_t654 != 0) {
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													_t420 = RtlEqualUnicodeString(_t654, _v1596, 1);
                                                                                                                                                                                                                                                        													__eflags = _t420;
                                                                                                                                                                                                                                                        													if(_t420 == 0) {
                                                                                                                                                                                                                                                        														goto L105;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags =  *(_t654 + 0xc) ^ _t625 |  *(_t654 + 8) ^ _t515;
                                                                                                                                                                                                                                                        													if(( *(_t654 + 0xc) ^ _t625 |  *(_t654 + 8) ^ _t515) != 0) {
                                                                                                                                                                                                                                                        														goto L105;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L113:
                                                                                                                                                                                                                                                        													_push(0xbfa7a0);
                                                                                                                                                                                                                                                        													L00BEF756();
                                                                                                                                                                                                                                                        													__eflags = _v1620 & 0x00000020;
                                                                                                                                                                                                                                                        													if((_v1620 & 0x00000020) == 0) {
                                                                                                                                                                                                                                                        														L181:
                                                                                                                                                                                                                                                        														_t404 = _v1624;
                                                                                                                                                                                                                                                        														__eflags = _t404 - 4;
                                                                                                                                                                                                                                                        														if(_t404 == 4) {
                                                                                                                                                                                                                                                        															goto L185;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _t404 - 1;
                                                                                                                                                                                                                                                        														if(_t404 == 1) {
                                                                                                                                                                                                                                                        															_t424 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        															_t538 =  *[fs:0x18];
                                                                                                                                                                                                                                                        															__eflags = _t424 -  *((intOrPtr*)(_t538 + 0x24));
                                                                                                                                                                                                                                                        															if(_t424 ==  *((intOrPtr*)(_t538 + 0x24))) {
                                                                                                                                                                                                                                                        																L190:
                                                                                                                                                                                                                                                        																_t656 = E00BC1490();
                                                                                                                                                                                                                                                        																__eflags = _t656;
                                                                                                                                                                                                                                                        																if(_t656 == 0) {
                                                                                                                                                                                                                                                        																	L197:
                                                                                                                                                                                                                                                        																	_push( *_a12);
                                                                                                                                                                                                                                                        																	goto L17;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L191:
                                                                                                                                                                                                                                                        																__eflags =  *(_t656 + 0x34);
                                                                                                                                                                                                                                                        																if( *(_t656 + 0x34) == 0) {
                                                                                                                                                                                                                                                        																	__eflags =  *(_t656 + 0x28);
                                                                                                                                                                                                                                                        																	_t364 = _t656 + 0x24; // 0x24
                                                                                                                                                                                                                                                        																	_t626 = _t364;
                                                                                                                                                                                                                                                        																	if( *(_t656 + 0x28) != 0) {
                                                                                                                                                                                                                                                        																		RtlFreeUnicodeString(_t626);
                                                                                                                                                                                                                                                        																		 *(_t626 + 4) = 0;
                                                                                                                                                                                                                                                        																		 *_t626 = 0;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_push(_t626);
                                                                                                                                                                                                                                                        																	_t427 =  &_v1588;
                                                                                                                                                                                                                                                        																	_push(_t427);
                                                                                                                                                                                                                                                        																	_push(1);
                                                                                                                                                                                                                                                        																	L00BEF720();
                                                                                                                                                                                                                                                        																	__eflags = _t427;
                                                                                                                                                                                                                                                        																	if(_t427 < 0) {
                                                                                                                                                                                                                                                        																		 *(_t626 + 4) = 0;
                                                                                                                                                                                                                                                        																		 *_t626 = 0;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	 *((char*)(_t656 + 8)) = 1;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L197;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															__eflags =  *0xbfa7d8;
                                                                                                                                                                                                                                                        															if( *0xbfa7d8 == 0) {
                                                                                                                                                                                                                                                        																goto L190;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t428 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        															_t656 =  *( *((intOrPtr*)( *[fs:0x2c] + _t428 * 4)) + 8);
                                                                                                                                                                                                                                                        															__eflags = _t656;
                                                                                                                                                                                                                                                        															if(_t656 != 0) {
                                                                                                                                                                                                                                                        																goto L191;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L197;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _t404;
                                                                                                                                                                                                                                                        														if(_t404 == 0) {
                                                                                                                                                                                                                                                        															goto L44;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L197;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_push(0);
                                                                                                                                                                                                                                                        													_push(0xbfa7ac);
                                                                                                                                                                                                                                                        													_push(E00BC0120);
                                                                                                                                                                                                                                                        													_push(0xbfa7cc);
                                                                                                                                                                                                                                                        													L00BEF762();
                                                                                                                                                                                                                                                        													__eflags =  *0xbfa7b8 - 2;
                                                                                                                                                                                                                                                        													_t517 = _v1632;
                                                                                                                                                                                                                                                        													if( *0xbfa7b8 != 2) {
                                                                                                                                                                                                                                                        														goto L44;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v1568 = 0xbfa7ac;
                                                                                                                                                                                                                                                        													 *0xbfa7b0( &_v508);
                                                                                                                                                                                                                                                        													_t629 = _v508;
                                                                                                                                                                                                                                                        													__eflags = _t517;
                                                                                                                                                                                                                                                        													_v1568 = _t629;
                                                                                                                                                                                                                                                        													if(_t517 == 0) {
                                                                                                                                                                                                                                                        														_t630 = 0;
                                                                                                                                                                                                                                                        														L180:
                                                                                                                                                                                                                                                        														_v1644 = _t630;
                                                                                                                                                                                                                                                        														goto L181;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t598 = _v1624;
                                                                                                                                                                                                                                                        													_t545 =  &_v1572;
                                                                                                                                                                                                                                                        													_t441 =  *((intOrPtr*)(_v1628 + 0x28));
                                                                                                                                                                                                                                                        													_v512 = _t545;
                                                                                                                                                                                                                                                        													_t518 = _t598 + _t441;
                                                                                                                                                                                                                                                        													_v508 = _t518;
                                                                                                                                                                                                                                                        													_v504 = 5;
                                                                                                                                                                                                                                                        													_v500 = 0;
                                                                                                                                                                                                                                                        													_v496 = 0;
                                                                                                                                                                                                                                                        													_v488 = 0;
                                                                                                                                                                                                                                                        													_v484 = 0x10;
                                                                                                                                                                                                                                                        													_v492 =  &_v480;
                                                                                                                                                                                                                                                        													_v464 = 1;
                                                                                                                                                                                                                                                        													_v460 = _t545;
                                                                                                                                                                                                                                                        													_v452 = 0;
                                                                                                                                                                                                                                                        													_v448 = 2;
                                                                                                                                                                                                                                                        													_v456 =  &_v444;
                                                                                                                                                                                                                                                        													_t547 = 0;
                                                                                                                                                                                                                                                        													_t445 = _t518 / _t629;
                                                                                                                                                                                                                                                        													_t661 = (_t598 + _t441 + 4) / _t629 - _t445 + 1;
                                                                                                                                                                                                                                                        													__eflags = _t661;
                                                                                                                                                                                                                                                        													_v1632 = _t661;
                                                                                                                                                                                                                                                        													if(_t661 == 0) {
                                                                                                                                                                                                                                                        														L139:
                                                                                                                                                                                                                                                        														asm("movups xmm0, [esp+0x470]");
                                                                                                                                                                                                                                                        														_t631 =  &_v480;
                                                                                                                                                                                                                                                        														asm("movups [esp+0x588], xmm0");
                                                                                                                                                                                                                                                        														_v216 = _v496;
                                                                                                                                                                                                                                                        														_t447 = _v488;
                                                                                                                                                                                                                                                        														_v208 = _t447;
                                                                                                                                                                                                                                                        														_v204 = _v484;
                                                                                                                                                                                                                                                        														_t604 = _v492;
                                                                                                                                                                                                                                                        														__eflags = _t604 - _t631;
                                                                                                                                                                                                                                                        														if(_t604 == _t631) {
                                                                                                                                                                                                                                                        															_t605 =  &_v200;
                                                                                                                                                                                                                                                        															__eflags = _t447;
                                                                                                                                                                                                                                                        															_v212 = _t605;
                                                                                                                                                                                                                                                        															if(_t447 <= 0) {
                                                                                                                                                                                                                                                        																L148:
                                                                                                                                                                                                                                                        																_t596 =  &_v444;
                                                                                                                                                                                                                                                        																_v184 = _v464;
                                                                                                                                                                                                                                                        																_v180 = _v460;
                                                                                                                                                                                                                                                        																_v172 = _t547;
                                                                                                                                                                                                                                                        																_v168 = _v448;
                                                                                                                                                                                                                                                        																_t451 = _v456;
                                                                                                                                                                                                                                                        																__eflags = _t451 - _t596;
                                                                                                                                                                                                                                                        																if(_t451 == _t596) {
                                                                                                                                                                                                                                                        																	_t596 =  &_v164;
                                                                                                                                                                                                                                                        																	__eflags = _t547;
                                                                                                                                                                                                                                                        																	_v176 =  &_v164;
                                                                                                                                                                                                                                                        																	if(_t547 <= 0) {
                                                                                                                                                                                                                                                        																		L154:
                                                                                                                                                                                                                                                        																		_v464 = 0;
                                                                                                                                                                                                                                                        																		_v452 = 0;
                                                                                                                                                                                                                                                        																		_t630 = 0;
                                                                                                                                                                                                                                                        																		__eflags = _t547;
                                                                                                                                                                                                                                                        																		if(_t547 == 0) {
                                                                                                                                                                                                                                                        																			L168:
                                                                                                                                                                                                                                                        																			_t547 = 0;
                                                                                                                                                                                                                                                        																			__eflags = 0;
                                                                                                                                                                                                                                                        																			L169:
                                                                                                                                                                                                                                                        																			_t662 = _v176;
                                                                                                                                                                                                                                                        																			__eflags = _t547;
                                                                                                                                                                                                                                                        																			if(_t547 == 0) {
                                                                                                                                                                                                                                                        																				L176:
                                                                                                                                                                                                                                                        																				_v172 = 0;
                                                                                                                                                                                                                                                        																				__eflags = _t662 -  &_v164;
                                                                                                                                                                                                                                                        																				if(_t662 !=  &_v164) {
                                                                                                                                                                                                                                                        																					free(_t662);
                                                                                                                                                                                                                                                        																					_t686 = _t686 + 4;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t453 = _v212;
                                                                                                                                                                                                                                                        																				__eflags = _t453 -  &_v200;
                                                                                                                                                                                                                                                        																				if(_t453 !=  &_v200) {
                                                                                                                                                                                                                                                        																					free(_t453);
                                                                                                                                                                                                                                                        																					_t686 = _t686 + 4;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				goto L180;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t454 = _v180;
                                                                                                                                                                                                                                                        																			_v1644 = _t630;
                                                                                                                                                                                                                                                        																			_t519 = _t662 + _t547 * 8;
                                                                                                                                                                                                                                                        																			_t632 =  *((intOrPtr*)(_t454 + 4));
                                                                                                                                                                                                                                                        																			while(1) {
                                                                                                                                                                                                                                                        																				_t456 =  *((intOrPtr*)( *_t454 + 8))( *((intOrPtr*)(_t662 + 4)), _t632,  *_t662,  &_v512);
                                                                                                                                                                                                                                                        																				__eflags = _t456;
                                                                                                                                                                                                                                                        																				if(_t456 == 0) {
                                                                                                                                                                                                                                                        																					_v528 = 0;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t662 = _t662 + 8;
                                                                                                                                                                                                                                                        																				__eflags = _t662 - _t519;
                                                                                                                                                                                                                                                        																				if(_t662 == _t519) {
                                                                                                                                                                                                                                                        																					break;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t454 = _v196;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t662 = _v192;
                                                                                                                                                                                                                                                        																			_t630 = _v1660;
                                                                                                                                                                                                                                                        																			goto L176;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		__eflags = _v184;
                                                                                                                                                                                                                                                        																		if(_v184 == 0) {
                                                                                                                                                                                                                                                        																			goto L169;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t457 = _v208;
                                                                                                                                                                                                                                                        																		_t633 =  &_v212;
                                                                                                                                                                                                                                                        																		__eflags = _t457 - _v204;
                                                                                                                                                                                                                                                        																		if(_t457 != _v204) {
                                                                                                                                                                                                                                                        																			L159:
                                                                                                                                                                                                                                                        																			 *((char*)(_v212 + _t457)) = 0xe9;
                                                                                                                                                                                                                                                        																			_t459 = _v208 + 1;
                                                                                                                                                                                                                                                        																			_t664 = _v220 + 1;
                                                                                                                                                                                                                                                        																			__eflags = _t664;
                                                                                                                                                                                                                                                        																			_v208 = _t459;
                                                                                                                                                                                                                                                        																			_v220 = _t664;
                                                                                                                                                                                                                                                        																			L160:
                                                                                                                                                                                                                                                        																			_t521 = 0xbc0d2c - _v228;
                                                                                                                                                                                                                                                        																			__eflags = _t459 + 4 - _v204;
                                                                                                                                                                                                                                                        																			if(_t459 + 4 <= _v204) {
                                                                                                                                                                                                                                                        																				L163:
                                                                                                                                                                                                                                                        																				_t634 = _v212;
                                                                                                                                                                                                                                                        																				_t522 = _t521 - _t664;
                                                                                                                                                                                                                                                        																				_t596 = _t522 >> 0x18;
                                                                                                                                                                                                                                                        																				 *(_t634 + _t459) = _t522;
                                                                                                                                                                                                                                                        																				 *(_t634 + _t459 + 1) = _t522;
                                                                                                                                                                                                                                                        																				 *((char*)(_t634 + _t459 + 2)) = _t522 >> 0x10;
                                                                                                                                                                                                                                                        																				 *((char*)(_t634 + _t459 + 3)) = _t522 >> 0x18;
                                                                                                                                                                                                                                                        																				_v208 = _v208 + 4;
                                                                                                                                                                                                                                                        																				_t324 =  &_v220;
                                                                                                                                                                                                                                                        																				 *_t324 = _v220 + 4;
                                                                                                                                                                                                                                                        																				__eflags =  *_t324;
                                                                                                                                                                                                                                                        																				L164:
                                                                                                                                                                                                                                                        																				_t547 = _v172;
                                                                                                                                                                                                                                                        																				_t630 = 0;
                                                                                                                                                                                                                                                        																				__eflags = _t547;
                                                                                                                                                                                                                                                        																				if(_t547 == 0) {
                                                                                                                                                                                                                                                        																					goto L168;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				__eflags = _v184;
                                                                                                                                                                                                                                                        																				if(_v184 != 0) {
                                                                                                                                                                                                                                                        																					_t460 = _v208;
                                                                                                                                                                                                                                                        																					_t630 = 4;
                                                                                                                                                                                                                                                        																					__eflags = _t460;
                                                                                                                                                                                                                                                        																					if(_t460 != 0) {
                                                                                                                                                                                                                                                        																						memcpy(_v216 + _v228, _v212, _t460);
                                                                                                                                                                                                                                                        																						_t686 = _t686 + 0xc;
                                                                                                                                                                                                                                                        																						 *((intOrPtr*)( *_v232))(0xffffffff, 0, 0);
                                                                                                                                                                                                                                                        																						_t547 = _v184;
                                                                                                                                                                                                                                                        																						_v228 = _v228 + _v220;
                                                                                                                                                                                                                                                        																						_v220 = 0;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				goto L169;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t466 = E00BB8170(_t459, _t633, 4);
                                                                                                                                                                                                                                                        																			__eflags = _t466;
                                                                                                                                                                                                                                                        																			if(_t466 == 0) {
                                                                                                                                                                                                                                                        																				_v184 = 0;
                                                                                                                                                                                                                                                        																				goto L164;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t459 = _v208;
                                                                                                                                                                                                                                                        																			goto L163;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t467 = E00BB8170(_t457,  &_v212, 1);
                                                                                                                                                                                                                                                        																		__eflags = _t467;
                                                                                                                                                                                                                                                        																		if(_t467 == 0) {
                                                                                                                                                                                                                                                        																			_v184 = 0;
                                                                                                                                                                                                                                                        																			_t664 = _v220;
                                                                                                                                                                                                                                                        																			_t459 = _v208;
                                                                                                                                                                                                                                                        																			goto L160;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_t457 = _v208;
                                                                                                                                                                                                                                                        																		goto L159;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_t558 = _t451 + _t547 * 8;
                                                                                                                                                                                                                                                        																	_t607 = 0;
                                                                                                                                                                                                                                                        																	__eflags = 0;
                                                                                                                                                                                                                                                        																	do {
                                                                                                                                                                                                                                                        																		_t635 = _t451 + _t607 + 8;
                                                                                                                                                                                                                                                        																		 *((intOrPtr*)(_t686 + _t607 + 0x5cc)) =  *((intOrPtr*)(_t451 + _t607));
                                                                                                                                                                                                                                                        																		 *((intOrPtr*)(_t686 + _t607 + 0x5d0)) =  *((intOrPtr*)(_t451 + _t607 + 4));
                                                                                                                                                                                                                                                        																		_t607 = _t607 + 8;
                                                                                                                                                                                                                                                        																		__eflags = _t635 - _t558;
                                                                                                                                                                                                                                                        																	} while (_t635 < _t558);
                                                                                                                                                                                                                                                        																	_t547 = _v172;
                                                                                                                                                                                                                                                        																	goto L154;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																_v456 = _t596;
                                                                                                                                                                                                                                                        																_v176 = _t451;
                                                                                                                                                                                                                                                        																_v448 = 2;
                                                                                                                                                                                                                                                        																goto L154;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															__eflags = _t447 - 0x20;
                                                                                                                                                                                                                                                        															if(_t447 < 0x20) {
                                                                                                                                                                                                                                                        																L146:
                                                                                                                                                                                                                                                        																_t469 = _t447 - _t631 +  &_v512 + 0x20;
                                                                                                                                                                                                                                                        																_t668 = 0;
                                                                                                                                                                                                                                                        																__eflags = 0;
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	 *((char*)(_t605 + _t668)) =  *(_t631 + _t668) & 0x000000ff;
                                                                                                                                                                                                                                                        																	_t668 = _t668 + 1;
                                                                                                                                                                                                                                                        																	__eflags = _t469 - _t668;
                                                                                                                                                                                                                                                        																} while (_t469 != _t668);
                                                                                                                                                                                                                                                        																goto L148;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t636 = 0;
                                                                                                                                                                                                                                                        															_t670 = _t447 & 0xffffffe0;
                                                                                                                                                                                                                                                        															__eflags = _t670;
                                                                                                                                                                                                                                                        															_t524 = _t686 + _t670 + 0x490;
                                                                                                                                                                                                                                                        															_t605 = _t686 + _t670 + 0x5a8;
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																asm("movups xmm0, [esp+edi+0x490]");
                                                                                                                                                                                                                                                        																asm("movups xmm1, [esp+edi+0x4a0]");
                                                                                                                                                                                                                                                        																asm("movups [esp+edi+0x5a8], xmm0");
                                                                                                                                                                                                                                                        																asm("movups [esp+edi+0x5b8], xmm1");
                                                                                                                                                                                                                                                        																_t636 = _t636 + 0x20;
                                                                                                                                                                                                                                                        																__eflags = _t670 - _t636;
                                                                                                                                                                                                                                                        															} while (_t670 != _t636);
                                                                                                                                                                                                                                                        															__eflags = _t447 - _t670;
                                                                                                                                                                                                                                                        															_t631 = _t524;
                                                                                                                                                                                                                                                        															if(_t447 == _t670) {
                                                                                                                                                                                                                                                        																goto L148;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L146;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_v492 = _t631;
                                                                                                                                                                                                                                                        														_v484 = 0x10;
                                                                                                                                                                                                                                                        														_v212 = _t604;
                                                                                                                                                                                                                                                        														_v488 = 0;
                                                                                                                                                                                                                                                        														goto L148;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t671 = 0;
                                                                                                                                                                                                                                                        													_v1644 = _t629;
                                                                                                                                                                                                                                                        													_t526 = _t445 * _t629;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														_t471 =  *((intOrPtr*)(_v1572 + 8))(_t526, _t629, 0x40,  &_v1564);
                                                                                                                                                                                                                                                        														__eflags = _t471;
                                                                                                                                                                                                                                                        														if(_t471 == 0) {
                                                                                                                                                                                                                                                        															break;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t475 = _v468;
                                                                                                                                                                                                                                                        														_t638 = _v1580;
                                                                                                                                                                                                                                                        														__eflags = _t475 - _v464;
                                                                                                                                                                                                                                                        														if(_t475 != _v464) {
                                                                                                                                                                                                                                                        															L119:
                                                                                                                                                                                                                                                        															_t562 = _v472;
                                                                                                                                                                                                                                                        															_t671 = _t671 + 1;
                                                                                                                                                                                                                                                        															 *((intOrPtr*)(_t562 + _t475 * 8)) = _t638;
                                                                                                                                                                                                                                                        															 *(_t562 + 4 + _t475 * 8) = _t526;
                                                                                                                                                                                                                                                        															_t629 = _v1660;
                                                                                                                                                                                                                                                        															_t526 = _t526 + _t629;
                                                                                                                                                                                                                                                        															_t547 = _v468 + 1;
                                                                                                                                                                                                                                                        															__eflags = _t671 - _v1648;
                                                                                                                                                                                                                                                        															_v468 = _t547;
                                                                                                                                                                                                                                                        															if(_t671 >= _v1648) {
                                                                                                                                                                                                                                                        																goto L139;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															continue;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t476 = E00BBA080( &_v472, 1);
                                                                                                                                                                                                                                                        														__eflags = _t476;
                                                                                                                                                                                                                                                        														if(_t476 != 0) {
                                                                                                                                                                                                                                                        															_t475 = _v468;
                                                                                                                                                                                                                                                        															goto L119;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t565 = _v468;
                                                                                                                                                                                                                                                        														__eflags = _t565;
                                                                                                                                                                                                                                                        														if(_t565 == 0) {
                                                                                                                                                                                                                                                        															L138:
                                                                                                                                                                                                                                                        															_t547 = 0;
                                                                                                                                                                                                                                                        															__eflags = 0;
                                                                                                                                                                                                                                                        															_v468 = 0;
                                                                                                                                                                                                                                                        															goto L139;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t477 = _v476;
                                                                                                                                                                                                                                                        														_t673 = _v472;
                                                                                                                                                                                                                                                        														_t639 =  *((intOrPtr*)(_t477 + 4));
                                                                                                                                                                                                                                                        														_t528 = _t673 + _t565 * 8;
                                                                                                                                                                                                                                                        														while(1) {
                                                                                                                                                                                                                                                        															_t479 =  *((intOrPtr*)( *_t477 + 8))( *((intOrPtr*)(_t673 + 4)), _t639,  *_t673,  &_v248);
                                                                                                                                                                                                                                                        															__eflags = _t479;
                                                                                                                                                                                                                                                        															if(_t479 == 0) {
                                                                                                                                                                                                                                                        																_v264 = 0;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t673 = _t673 + 8;
                                                                                                                                                                                                                                                        															__eflags = _t673 - _t528;
                                                                                                                                                                                                                                                        															if(_t673 == _t528) {
                                                                                                                                                                                                                                                        																goto L138;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t477 = _v492;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L138;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t560 = _v468;
                                                                                                                                                                                                                                                        													_v1580 = 0;
                                                                                                                                                                                                                                                        													__eflags = _t560;
                                                                                                                                                                                                                                                        													if(_t560 == 0) {
                                                                                                                                                                                                                                                        														goto L138;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t472 = _v476;
                                                                                                                                                                                                                                                        													_t672 = _v472;
                                                                                                                                                                                                                                                        													_t637 =  *((intOrPtr*)(_t472 + 4));
                                                                                                                                                                                                                                                        													_t527 = _t672 + _t560 * 8;
                                                                                                                                                                                                                                                        													while(1) {
                                                                                                                                                                                                                                                        														_t474 =  *((intOrPtr*)( *_t472 + 8))( *((intOrPtr*)(_t672 + 4)), _t637,  *_t672,  &_v248);
                                                                                                                                                                                                                                                        														__eflags = _t474;
                                                                                                                                                                                                                                                        														if(_t474 == 0) {
                                                                                                                                                                                                                                                        															_v264 = 0;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t672 = _t672 + 8;
                                                                                                                                                                                                                                                        														__eflags = _t672 - _t527;
                                                                                                                                                                                                                                                        														if(_t672 == _t527) {
                                                                                                                                                                                                                                                        															goto L138;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t472 = _v492;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L138;
                                                                                                                                                                                                                                                        													L105:
                                                                                                                                                                                                                                                        													_t654 =  *(_t654 + 0x10);
                                                                                                                                                                                                                                                        													__eflags = _t654;
                                                                                                                                                                                                                                                        												} while (_t654 != 0);
                                                                                                                                                                                                                                                        												_t655 =  *0xbfa79c; // 0x0
                                                                                                                                                                                                                                                        												L110:
                                                                                                                                                                                                                                                        												_t423 =  *( *( *[fs:0x18] + 0x30) + 0x18);
                                                                                                                                                                                                                                                        												__eflags = _t423;
                                                                                                                                                                                                                                                        												if(_t423 != 0) {
                                                                                                                                                                                                                                                        													_t480 = RtlAllocateHeap(_t423, 0, 0x18);
                                                                                                                                                                                                                                                        													__eflags = _t480;
                                                                                                                                                                                                                                                        													if(_t480 != 0) {
                                                                                                                                                                                                                                                        														_t608 = _v1616;
                                                                                                                                                                                                                                                        														_t596 =  *_t608;
                                                                                                                                                                                                                                                        														 *(_t480 + 4) = _t608[2];
                                                                                                                                                                                                                                                        														 *_t480 =  *_t608;
                                                                                                                                                                                                                                                        														 *(_t480 + 8) = _t515;
                                                                                                                                                                                                                                                        														 *(_t480 + 0xc) = _t625;
                                                                                                                                                                                                                                                        														 *(_t480 + 0x10) = _t655;
                                                                                                                                                                                                                                                        														 *0xbfa79c = _t480;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L113;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t655 = 0;
                                                                                                                                                                                                                                                        											goto L110;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t652;
                                                                                                                                                                                                                                                        										if(_t652 == 0) {
                                                                                                                                                                                                                                                        											_v1604 = 2;
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t537 & 0x00000004;
                                                                                                                                                                                                                                                        										if((_t537 & 0x00000004) != 0) {
                                                                                                                                                                                                                                                        											_t485 = _v1588;
                                                                                                                                                                                                                                                        											_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        											_v1604 = 3;
                                                                                                                                                                                                                                                        											__eflags = _t641 -  *((intOrPtr*)(_t485 + 8));
                                                                                                                                                                                                                                                        											_t625 = 0xffffffff;
                                                                                                                                                                                                                                                        											asm("sbb edx, 0x0");
                                                                                                                                                                                                                                                        											if(_t641 <  *((intOrPtr*)(_t485 + 8))) {
                                                                                                                                                                                                                                                        												goto L44;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L103;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t486 = _v1588;
                                                                                                                                                                                                                                                        										_v1604 = 2;
                                                                                                                                                                                                                                                        										__eflags =  *((intOrPtr*)(_t486 + 0x74)) - 3;
                                                                                                                                                                                                                                                        										if( *((intOrPtr*)(_t486 + 0x74)) < 3) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v1576 = _t641;
                                                                                                                                                                                                                                                        										_t642 = _v1584;
                                                                                                                                                                                                                                                        										_v1572 = _t596;
                                                                                                                                                                                                                                                        										_t596 =  *(_t486 + 0x88);
                                                                                                                                                                                                                                                        										_t488 = _t642 + _t596;
                                                                                                                                                                                                                                                        										__eflags = _t488;
                                                                                                                                                                                                                                                        										if(_t488 == 0) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t596;
                                                                                                                                                                                                                                                        										if(_t596 < 0) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t488 - _t652;
                                                                                                                                                                                                                                                        										if(_t488 > _t652) {
                                                                                                                                                                                                                                                        											goto L101;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v1600 = _t537;
                                                                                                                                                                                                                                                        										_t571 =  *(_t488 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        										__eflags = _t571;
                                                                                                                                                                                                                                                        										if(_t571 == 0) {
                                                                                                                                                                                                                                                        											L98:
                                                                                                                                                                                                                                                        											_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        											L199:
                                                                                                                                                                                                                                                        											_t537 = _v1600;
                                                                                                                                                                                                                                                        											goto L102;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t596 = _t642 + _t596 + ( *(_t488 + 0xc) & 0x0000ffff) * 8 + 0x14;
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											__eflags =  *((short*)(_t596 - 4)) - 0x10;
                                                                                                                                                                                                                                                        											if( *((short*)(_t596 - 4)) == 0x10) {
                                                                                                                                                                                                                                                        												break;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t596 = _t596 + 8;
                                                                                                                                                                                                                                                        											_t571 = _t571 - 1;
                                                                                                                                                                                                                                                        											__eflags = _t571;
                                                                                                                                                                                                                                                        											if(_t571 != 0) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L98;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t572 =  *_t596;
                                                                                                                                                                                                                                                        										_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        										__eflags = _t572;
                                                                                                                                                                                                                                                        										if(_t572 < 0) {
                                                                                                                                                                                                                                                        											_t574 = (_t572 & 0x7fffffff) + _t488;
                                                                                                                                                                                                                                                        											__eflags = _t574 - _t642;
                                                                                                                                                                                                                                                        											_t611 =  <  ? 0 : _t574;
                                                                                                                                                                                                                                                        											__eflags = _t574 - _v1596;
                                                                                                                                                                                                                                                        											_t596 =  >  ? 0 :  <  ? 0 : _t574;
                                                                                                                                                                                                                                                        											_t575 =  *(_t596 + 0xe) & 0x0000ffff;
                                                                                                                                                                                                                                                        											__eflags = _t575;
                                                                                                                                                                                                                                                        											if(_t575 == 0) {
                                                                                                                                                                                                                                                        												L204:
                                                                                                                                                                                                                                                        												_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        												L207:
                                                                                                                                                                                                                                                        												_t537 = _v1600;
                                                                                                                                                                                                                                                        												_t625 = 0xffffffff;
                                                                                                                                                                                                                                                        												_v1604 = 2;
                                                                                                                                                                                                                                                        												goto L103;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t596 = _t596 + 0x14 + ( *(_t596 + 0xc) & 0x0000ffff) * 8;
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												__eflags =  *((short*)(_t596 - 4)) - 1;
                                                                                                                                                                                                                                                        												if( *((short*)(_t596 - 4)) == 1) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t596 = _t596 + 8;
                                                                                                                                                                                                                                                        												_t575 = _t575 - 1;
                                                                                                                                                                                                                                                        												__eflags = _t575;
                                                                                                                                                                                                                                                        												if(_t575 != 0) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L204;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t576 =  *_t596;
                                                                                                                                                                                                                                                        											_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        											__eflags = _t576;
                                                                                                                                                                                                                                                        											if(_t576 >= 0) {
                                                                                                                                                                                                                                                        												goto L207;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        											_t578 = (_t576 & 0x7fffffff) + _t488;
                                                                                                                                                                                                                                                        											__eflags = _t578 - _v1584;
                                                                                                                                                                                                                                                        											_t613 =  <  ? 0 : _t578;
                                                                                                                                                                                                                                                        											__eflags = _t578 - _v1596;
                                                                                                                                                                                                                                                        											_t596 =  >  ? 0 :  <  ? 0 : _t578;
                                                                                                                                                                                                                                                        											__eflags = ( *(_t596 + 0xc) & 0x0000ffff) +  *(_t596 + 0xe);
                                                                                                                                                                                                                                                        											if(( *(_t596 + 0xc) & 0x0000ffff) +  *(_t596 + 0xe) != 0) {
                                                                                                                                                                                                                                                        												_t581 =  *(_t596 + 0x14);
                                                                                                                                                                                                                                                        												__eflags = _t581;
                                                                                                                                                                                                                                                        												if(_t581 < 0) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t678 = _v1584;
                                                                                                                                                                                                                                                        												_t489 = _t488 + _t581;
                                                                                                                                                                                                                                                        												_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        												__eflags = _t489 - _t678;
                                                                                                                                                                                                                                                        												_t615 =  <  ? 0 : _t489;
                                                                                                                                                                                                                                                        												__eflags = _t489 - _v1596;
                                                                                                                                                                                                                                                        												_t596 =  >  ? 0 :  <  ? 0 : _t489;
                                                                                                                                                                                                                                                        												_t490 =  *( >  ? 0 :  <  ? 0 : _t489);
                                                                                                                                                                                                                                                        												_t679 = _t678 + _t490;
                                                                                                                                                                                                                                                        												__eflags = _t679;
                                                                                                                                                                                                                                                        												if(_t679 == 0) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t490;
                                                                                                                                                                                                                                                        												if(_t490 < 0) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _t679 - _v1596;
                                                                                                                                                                                                                                                        												if(_t679 > _v1596) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t643 =  *_t679 & 0x0000ffff;
                                                                                                                                                                                                                                                        												_t515 = 0xffffffff;
                                                                                                                                                                                                                                                        												__eflags = _t643 - 0x26;
                                                                                                                                                                                                                                                        												if(_t643 < 0x26) {
                                                                                                                                                                                                                                                        													goto L207;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												asm("movsd xmm1, [0xbf0ee0]");
                                                                                                                                                                                                                                                        												asm("movsd xmm0, [0xbf0ee8]");
                                                                                                                                                                                                                                                        												asm("movsd xmm2, [0xbf0ed8]");
                                                                                                                                                                                                                                                        												_t491 = _t679 + 6;
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x480], xmm1");
                                                                                                                                                                                                                                                        												asm("movsd xmm1, [0xbf0ed0]");
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x488], xmm0");
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x478], xmm2");
                                                                                                                                                                                                                                                        												asm("movsd [esp+0x470], xmm1");
                                                                                                                                                                                                                                                        												__imp__RtlCompareMemory(_t491,  &_v472, 0x10);
                                                                                                                                                                                                                                                        												__eflags = _t491 - 0x10;
                                                                                                                                                                                                                                                        												if(_t491 != 0x10) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags =  *((short*)(2 + _t679)) - 0x34;
                                                                                                                                                                                                                                                        												if( *((short*)(2 + _t679)) != 0x34) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t495 = (0x00000002 - _t679 & 0x00000003) + 0x26;
                                                                                                                                                                                                                                                        												__eflags = 2 - _t643;
                                                                                                                                                                                                                                                        												if(2 >= _t643) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags =  *((intOrPtr*)(2 + _t679)) - 0xfeef04bd;
                                                                                                                                                                                                                                                        												if( *((intOrPtr*)(2 + _t679)) != 0xfeef04bd) {
                                                                                                                                                                                                                                                        													goto L204;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t625 =  *(_t679 + 0xa);
                                                                                                                                                                                                                                                        												_t537 = _v1612;
                                                                                                                                                                                                                                                        												_v1616 = 3;
                                                                                                                                                                                                                                                        												__eflags = _v1588 - 2;
                                                                                                                                                                                                                                                        												_t515 =  *(_t679 + _t495 + 0xc);
                                                                                                                                                                                                                                                        												asm("sbb [esp+0x24], edi");
                                                                                                                                                                                                                                                        												if(_v1588 < 2) {
                                                                                                                                                                                                                                                        													goto L44;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L103;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L207;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L199;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags =  *0xbfa538 & 0x00000001;
                                                                                                                                                                                                                                                        									if(( *0xbfa538 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        										goto L44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L87;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t624 - 0x39;
                                                                                                                                                                                                                                                        								if(_t624 != 0x39) {
                                                                                                                                                                                                                                                        									goto L85;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L67;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t502 = (_t412 & 0x0000ffff) >> 1;
                                                                                                                                                                                                                                                        						if(_t502 == 0) {
                                                                                                                                                                                                                                                        							goto L41;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t585 = _t502 & 0x0000ffff;
                                                                                                                                                                                                                                                        							_v1588 = _t596;
                                                                                                                                                                                                                                                        							_v1576 = _t502;
                                                                                                                                                                                                                                                        							_t596 = 1;
                                                                                                                                                                                                                                                        							_t503 = 0xd;
                                                                                                                                                                                                                                                        							_v1572 = _t650;
                                                                                                                                                                                                                                                        							_v1584 = _t585;
                                                                                                                                                                                                                                                        							_t645 = 0xfffffffc - _t512;
                                                                                                                                                                                                                                                        							_t586 =  ~_t585;
                                                                                                                                                                                                                                                        							asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        							while( *((short*)(_t512 + _t503 * 2 - 0x18)) != 0x2e) {
                                                                                                                                                                                                                                                        								_t682 = _t586 + _t503 + 1;
                                                                                                                                                                                                                                                        								_t645 = _t645 + 0xfffffffe;
                                                                                                                                                                                                                                                        								_t596 = _t596 + 1;
                                                                                                                                                                                                                                                        								_t503 = _t503 + 1;
                                                                                                                                                                                                                                                        								if(_t682 != 0xd) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L30:
                                                                                                                                                                                                                                                        									_t680 = _v1588;
                                                                                                                                                                                                                                                        									_t588 = _v1584;
                                                                                                                                                                                                                                                        									if(_v1572 < 0x28) {
                                                                                                                                                                                                                                                        										goto L41;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t504 = 0;
                                                                                                                                                                                                                                                        										while(_t680[_t504] != 0x2e) {
                                                                                                                                                                                                                                                        											_t504 = _t504 + 1;
                                                                                                                                                                                                                                                        											if(_t588 != _t504) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L41;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t504 - 0x10;
                                                                                                                                                                                                                                                        										if(_t504 < 0x10) {
                                                                                                                                                                                                                                                        											goto L41;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t505 = _t504 & 0x00007fff;
                                                                                                                                                                                                                                                        										__eflags = _t505;
                                                                                                                                                                                                                                                        										if(_t505 != 0) {
                                                                                                                                                                                                                                                        											_t506 =  &(_t680[_t505]);
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												_t589 =  *_t680 & 0x0000ffff;
                                                                                                                                                                                                                                                        												_t60 = _t589 - 0x30; // -20
                                                                                                                                                                                                                                                        												_t596 = _t60;
                                                                                                                                                                                                                                                        												__eflags = _t60 - 0xa;
                                                                                                                                                                                                                                                        												if(_t60 < 0xa) {
                                                                                                                                                                                                                                                        													goto L38;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = (_t589 & 0xffffffdf) + 0xffffffbf - 6;
                                                                                                                                                                                                                                                        												if((_t589 & 0xffffffdf) + 0xffffffbf < 6) {
                                                                                                                                                                                                                                                        													goto L38;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L41;
                                                                                                                                                                                                                                                        												L38:
                                                                                                                                                                                                                                                        												_t680 =  &(_t680[1]);
                                                                                                                                                                                                                                                        												__eflags = _t680 - _t506;
                                                                                                                                                                                                                                                        											} while (_t680 < _t506);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L197;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t40 = _t503 - 0xc; // 0x1
                                                                                                                                                                                                                                                        							_t587 = _t40;
                                                                                                                                                                                                                                                        							__eflags = _v1576 - _t587;
                                                                                                                                                                                                                                                        							if(_v1576 <= _t587) {
                                                                                                                                                                                                                                                        								goto L30;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t681 = 0;
                                                                                                                                                                                                                                                        								__eflags = 0;
                                                                                                                                                                                                                                                        								_v1580 = 0;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									__eflags =  *((short*)(_t512 +  &(2[_t587]))) - 0x2e;
                                                                                                                                                                                                                                                        									if( *((short*)(_t512 +  &(2[_t587]))) == 0x2e) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t587 = _t587 + 1;
                                                                                                                                                                                                                                                        									_t681 = _t681 + 1;
                                                                                                                                                                                                                                                        									_v1580 = _v1580 + 1;
                                                                                                                                                                                                                                                        									_t596 = _t596 + 1;
                                                                                                                                                                                                                                                        									__eflags = _v1576 - _t587;
                                                                                                                                                                                                                                                        									if(_v1576 != _t587) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = (_t596 & 0x0000ffff) - _t503;
                                                                                                                                                                                                                                                        								if((_t596 & 0x0000ffff) != _t503) {
                                                                                                                                                                                                                                                        									goto L30;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t681 & 0x00007fff;
                                                                                                                                                                                                                                                        								if((_t681 & 0x00007fff) != 0) {
                                                                                                                                                                                                                                                        									_t596 = (_v1580 & 0x00007fff) + (_v1580 & 0x00007fff) - _t645;
                                                                                                                                                                                                                                                        									_t646 =  ~_t645;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t507 =  *_t646 & 0x0000ffff;
                                                                                                                                                                                                                                                        										_t52 = _t507 - 0x30; // -35
                                                                                                                                                                                                                                                        										__eflags = _t52 - 0xa;
                                                                                                                                                                                                                                                        										if(_t52 < 0xa) {
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = (_t507 & 0xffffffdf) + 0xffffffbf - 6;
                                                                                                                                                                                                                                                        										if((_t507 & 0xffffffdf) + 0xffffffbf < 6) {
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_t646 = 2 + _t646;
                                                                                                                                                                                                                                                        										__eflags = _t646 - _t596;
                                                                                                                                                                                                                                                        									} while (_t646 < _t596);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L197;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t512 = _t410;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						while( *_t512 != 0x5c) {
                                                                                                                                                                                                                                                        							_t512 = _t512 + 0xfffffffe;
                                                                                                                                                                                                                                                        							if(_t512 >= _t533) {
                                                                                                                                                                                                                                                        								continue;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}























































































































































































































                                                                                                                                                                                                                                                        0x00bbee59
                                                                                                                                                                                                                                                        0x00bbee5f
                                                                                                                                                                                                                                                        0x00bbee65
                                                                                                                                                                                                                                                        0x00bbee76
                                                                                                                                                                                                                                                        0x00bbee7d
                                                                                                                                                                                                                                                        0x00bbee85
                                                                                                                                                                                                                                                        0x00bbee95
                                                                                                                                                                                                                                                        0x00bbee9b
                                                                                                                                                                                                                                                        0x00bbeea0
                                                                                                                                                                                                                                                        0x00bbefc9
                                                                                                                                                                                                                                                        0x00bbefd2
                                                                                                                                                                                                                                                        0x00bbefe0
                                                                                                                                                                                                                                                        0x00bbeeae
                                                                                                                                                                                                                                                        0x00bbeec4
                                                                                                                                                                                                                                                        0x00bbefbb
                                                                                                                                                                                                                                                        0x00bbefbb
                                                                                                                                                                                                                                                        0x00bbefbd
                                                                                                                                                                                                                                                        0x00bbefbf
                                                                                                                                                                                                                                                        0x00bbefc4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefc4
                                                                                                                                                                                                                                                        0x00bbeecf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeed5
                                                                                                                                                                                                                                                        0x00bbeedf
                                                                                                                                                                                                                                                        0x00bbeee6
                                                                                                                                                                                                                                                        0x00bbeee9
                                                                                                                                                                                                                                                        0x00bbeeef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeef5
                                                                                                                                                                                                                                                        0x00bbeefc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef02
                                                                                                                                                                                                                                                        0x00bbef04
                                                                                                                                                                                                                                                        0x00bbef0b
                                                                                                                                                                                                                                                        0x00bbef0d
                                                                                                                                                                                                                                                        0x00bbef2d
                                                                                                                                                                                                                                                        0x00bbef2d
                                                                                                                                                                                                                                                        0x00bbef30
                                                                                                                                                                                                                                                        0x00bbef36
                                                                                                                                                                                                                                                        0x00bbef3a
                                                                                                                                                                                                                                                        0x00bbef3f
                                                                                                                                                                                                                                                        0x00bbef45
                                                                                                                                                                                                                                                        0x00bbef4a
                                                                                                                                                                                                                                                        0x00bbef55
                                                                                                                                                                                                                                                        0x00bbef59
                                                                                                                                                                                                                                                        0x00bbf0b3
                                                                                                                                                                                                                                                        0x00bbf0b3
                                                                                                                                                                                                                                                        0x00bbf0b8
                                                                                                                                                                                                                                                        0x00bbf0ba
                                                                                                                                                                                                                                                        0x00bbf0c0
                                                                                                                                                                                                                                                        0x00bbf0c6
                                                                                                                                                                                                                                                        0x00bbf0c8
                                                                                                                                                                                                                                                        0x00bbf0cb
                                                                                                                                                                                                                                                        0x00bbf0cf
                                                                                                                                                                                                                                                        0x00bbf0d8
                                                                                                                                                                                                                                                        0x00bbf0e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf0f1
                                                                                                                                                                                                                                                        0x00bbf0f4
                                                                                                                                                                                                                                                        0x00bbf0f7
                                                                                                                                                                                                                                                        0x00bbf0fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf0fe
                                                                                                                                                                                                                                                        0x00bbf104
                                                                                                                                                                                                                                                        0x00bbf10b
                                                                                                                                                                                                                                                        0x00bbfb09
                                                                                                                                                                                                                                                        0x00bbfb09
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb09
                                                                                                                                                                                                                                                        0x00bbf114
                                                                                                                                                                                                                                                        0x00bbf11d
                                                                                                                                                                                                                                                        0x00bbf11e
                                                                                                                                                                                                                                                        0x00bbf122
                                                                                                                                                                                                                                                        0x00bbf123
                                                                                                                                                                                                                                                        0x00bbf125
                                                                                                                                                                                                                                                        0x00bbf12a
                                                                                                                                                                                                                                                        0x00bbf130
                                                                                                                                                                                                                                                        0x00bbf132
                                                                                                                                                                                                                                                        0x00bbf13d
                                                                                                                                                                                                                                                        0x00bbf13d
                                                                                                                                                                                                                                                        0x00bbf148
                                                                                                                                                                                                                                                        0x00bbf157
                                                                                                                                                                                                                                                        0x00bbf1f8
                                                                                                                                                                                                                                                        0x00bbf1fa
                                                                                                                                                                                                                                                        0x00bbf1fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf16a
                                                                                                                                                                                                                                                        0x00bbf16a
                                                                                                                                                                                                                                                        0x00bbf176
                                                                                                                                                                                                                                                        0x00bbf179
                                                                                                                                                                                                                                                        0x00bbf181
                                                                                                                                                                                                                                                        0x00bbf1fe
                                                                                                                                                                                                                                                        0x00bbf1fe
                                                                                                                                                                                                                                                        0x00bbf202
                                                                                                                                                                                                                                                        0x00bbf30b
                                                                                                                                                                                                                                                        0x00bbf30f
                                                                                                                                                                                                                                                        0x00bbf311
                                                                                                                                                                                                                                                        0x00bbf311
                                                                                                                                                                                                                                                        0x00bbf315
                                                                                                                                                                                                                                                        0x00bbf31a
                                                                                                                                                                                                                                                        0x00bbf321
                                                                                                                                                                                                                                                        0x00bbf327
                                                                                                                                                                                                                                                        0x00bbf327
                                                                                                                                                                                                                                                        0x00bbf32b
                                                                                                                                                                                                                                                        0x00bbf334
                                                                                                                                                                                                                                                        0x00bbf339
                                                                                                                                                                                                                                                        0x00bbf344
                                                                                                                                                                                                                                                        0x00bbf34f
                                                                                                                                                                                                                                                        0x00bbf352
                                                                                                                                                                                                                                                        0x00bbf35a
                                                                                                                                                                                                                                                        0x00bbf237
                                                                                                                                                                                                                                                        0x00bbf237
                                                                                                                                                                                                                                                        0x00bbf23f
                                                                                                                                                                                                                                                        0x00bbf244
                                                                                                                                                                                                                                                        0x00bbf24f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf360
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf35a
                                                                                                                                                                                                                                                        0x00bbf208
                                                                                                                                                                                                                                                        0x00bbf20f
                                                                                                                                                                                                                                                        0x00bbf21a
                                                                                                                                                                                                                                                        0x00bbf224
                                                                                                                                                                                                                                                        0x00bbf229
                                                                                                                                                                                                                                                        0x00bbf231
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf231
                                                                                                                                                                                                                                                        0x00bbf183
                                                                                                                                                                                                                                                        0x00bbf183
                                                                                                                                                                                                                                                        0x00bbf192
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf198
                                                                                                                                                                                                                                                        0x00bbf157
                                                                                                                                                                                                                                                        0x00bbf19a
                                                                                                                                                                                                                                                        0x00bbf19e
                                                                                                                                                                                                                                                        0x00bbf1a2
                                                                                                                                                                                                                                                        0x00bbf1a4
                                                                                                                                                                                                                                                        0x00bbf25f
                                                                                                                                                                                                                                                        0x00bbf261
                                                                                                                                                                                                                                                        0x00bbf261
                                                                                                                                                                                                                                                        0x00bbf1aa
                                                                                                                                                                                                                                                        0x00bbf1ad
                                                                                                                                                                                                                                                        0x00bbf1af
                                                                                                                                                                                                                                                        0x00bbf1b4
                                                                                                                                                                                                                                                        0x00bbf1b9
                                                                                                                                                                                                                                                        0x00bbf1bf
                                                                                                                                                                                                                                                        0x00bbf1c2
                                                                                                                                                                                                                                                        0x00bbf1c4
                                                                                                                                                                                                                                                        0x00bbf1cb
                                                                                                                                                                                                                                                        0x00bbf1ce
                                                                                                                                                                                                                                                        0x00bbf1d8
                                                                                                                                                                                                                                                        0x00bbf1dd
                                                                                                                                                                                                                                                        0x00bbf1e3
                                                                                                                                                                                                                                                        0x00bbf1e6
                                                                                                                                                                                                                                                        0x00bbf1eb
                                                                                                                                                                                                                                                        0x00bbf1ed
                                                                                                                                                                                                                                                        0x00bbf1ed
                                                                                                                                                                                                                                                        0x00bbf1eb
                                                                                                                                                                                                                                                        0x00bbf1dd
                                                                                                                                                                                                                                                        0x00bbf1ce
                                                                                                                                                                                                                                                        0x00bbf1b9
                                                                                                                                                                                                                                                        0x00bbf263
                                                                                                                                                                                                                                                        0x00bbf26a
                                                                                                                                                                                                                                                        0x00bbf26d
                                                                                                                                                                                                                                                        0x00bbf271
                                                                                                                                                                                                                                                        0x00bbf275
                                                                                                                                                                                                                                                        0x00bbf285
                                                                                                                                                                                                                                                        0x00bbf285
                                                                                                                                                                                                                                                        0x00bbf296
                                                                                                                                                                                                                                                        0x00bbf29b
                                                                                                                                                                                                                                                        0x00bbf29e
                                                                                                                                                                                                                                                        0x00bbf2a5
                                                                                                                                                                                                                                                        0x00bbf2b0
                                                                                                                                                                                                                                                        0x00bbf2b1
                                                                                                                                                                                                                                                        0x00bbf2b6
                                                                                                                                                                                                                                                        0x00bbf2b8
                                                                                                                                                                                                                                                        0x00bbf365
                                                                                                                                                                                                                                                        0x00bbf36a
                                                                                                                                                                                                                                                        0x00bbf36f
                                                                                                                                                                                                                                                        0x00bbf371
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf371
                                                                                                                                                                                                                                                        0x00bbf2be
                                                                                                                                                                                                                                                        0x00bbf2c1
                                                                                                                                                                                                                                                        0x00bbf37e
                                                                                                                                                                                                                                                        0x00bbf386
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf38c
                                                                                                                                                                                                                                                        0x00bbf38e
                                                                                                                                                                                                                                                        0x00bbf39e
                                                                                                                                                                                                                                                        0x00bbf39e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf39e
                                                                                                                                                                                                                                                        0x00bbf390
                                                                                                                                                                                                                                                        0x00bbf398
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf398
                                                                                                                                                                                                                                                        0x00bbf2c7
                                                                                                                                                                                                                                                        0x00bbf2ca
                                                                                                                                                                                                                                                        0x00bbf2cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf2d2
                                                                                                                                                                                                                                                        0x00bbf2da
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf2e0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf2e6
                                                                                                                                                                                                                                                        0x00bbf2ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf277
                                                                                                                                                                                                                                                        0x00bbf277
                                                                                                                                                                                                                                                        0x00bbf27a
                                                                                                                                                                                                                                                        0x00bbf2f9
                                                                                                                                                                                                                                                        0x00bbf300
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf3a2
                                                                                                                                                                                                                                                        0x00bbf3a2
                                                                                                                                                                                                                                                        0x00bbf3a5
                                                                                                                                                                                                                                                        0x00bbf3b4
                                                                                                                                                                                                                                                        0x00bbf3b4
                                                                                                                                                                                                                                                        0x00bbf3b7
                                                                                                                                                                                                                                                        0x00bbf3b7
                                                                                                                                                                                                                                                        0x00bbf3be
                                                                                                                                                                                                                                                        0x00bbf3be
                                                                                                                                                                                                                                                        0x00bbf3c9
                                                                                                                                                                                                                                                        0x00bbf3cc
                                                                                                                                                                                                                                                        0x00bbf43f
                                                                                                                                                                                                                                                        0x00bbf451
                                                                                                                                                                                                                                                        0x00bbf451
                                                                                                                                                                                                                                                        0x00bbf456
                                                                                                                                                                                                                                                        0x00bbf456
                                                                                                                                                                                                                                                        0x00bbf45b
                                                                                                                                                                                                                                                        0x00bbf45b
                                                                                                                                                                                                                                                        0x00bbf45f
                                                                                                                                                                                                                                                        0x00bbf464
                                                                                                                                                                                                                                                        0x00bbf469
                                                                                                                                                                                                                                                        0x00bbf46f
                                                                                                                                                                                                                                                        0x00bbf471
                                                                                                                                                                                                                                                        0x00bbf487
                                                                                                                                                                                                                                                        0x00bbf48e
                                                                                                                                                                                                                                                        0x00bbf493
                                                                                                                                                                                                                                                        0x00bbf495
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf4a1
                                                                                                                                                                                                                                                        0x00bbf4a3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf4e7
                                                                                                                                                                                                                                                        0x00bbf4e7
                                                                                                                                                                                                                                                        0x00bbf4ec
                                                                                                                                                                                                                                                        0x00bbf4f1
                                                                                                                                                                                                                                                        0x00bbf4f6
                                                                                                                                                                                                                                                        0x00bbfaee
                                                                                                                                                                                                                                                        0x00bbfaee
                                                                                                                                                                                                                                                        0x00bbfaf2
                                                                                                                                                                                                                                                        0x00bbfaf5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfaf7
                                                                                                                                                                                                                                                        0x00bbfafa
                                                                                                                                                                                                                                                        0x00bbfb12
                                                                                                                                                                                                                                                        0x00bbfb17
                                                                                                                                                                                                                                                        0x00bbfb1e
                                                                                                                                                                                                                                                        0x00bbfb21
                                                                                                                                                                                                                                                        0x00bbfb47
                                                                                                                                                                                                                                                        0x00bbfb4c
                                                                                                                                                                                                                                                        0x00bbfb4e
                                                                                                                                                                                                                                                        0x00bbfb50
                                                                                                                                                                                                                                                        0x00bbfb96
                                                                                                                                                                                                                                                        0x00bbfb99
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb99
                                                                                                                                                                                                                                                        0x00bbfb52
                                                                                                                                                                                                                                                        0x00bbfb52
                                                                                                                                                                                                                                                        0x00bbfb56
                                                                                                                                                                                                                                                        0x00bbfb58
                                                                                                                                                                                                                                                        0x00bbfb5c
                                                                                                                                                                                                                                                        0x00bbfb5c
                                                                                                                                                                                                                                                        0x00bbfb5f
                                                                                                                                                                                                                                                        0x00bbfb62
                                                                                                                                                                                                                                                        0x00bbfb67
                                                                                                                                                                                                                                                        0x00bbfb6e
                                                                                                                                                                                                                                                        0x00bbfb6e
                                                                                                                                                                                                                                                        0x00bbfb74
                                                                                                                                                                                                                                                        0x00bbfb75
                                                                                                                                                                                                                                                        0x00bbfb79
                                                                                                                                                                                                                                                        0x00bbfb7a
                                                                                                                                                                                                                                                        0x00bbfb7c
                                                                                                                                                                                                                                                        0x00bbfb81
                                                                                                                                                                                                                                                        0x00bbfb83
                                                                                                                                                                                                                                                        0x00bbfb85
                                                                                                                                                                                                                                                        0x00bbfb8c
                                                                                                                                                                                                                                                        0x00bbfb8c
                                                                                                                                                                                                                                                        0x00bbfb92
                                                                                                                                                                                                                                                        0x00bbfb92
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb56
                                                                                                                                                                                                                                                        0x00bbfb23
                                                                                                                                                                                                                                                        0x00bbfb2a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb2c
                                                                                                                                                                                                                                                        0x00bbfb3b
                                                                                                                                                                                                                                                        0x00bbfb41
                                                                                                                                                                                                                                                        0x00bbfb43
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb45
                                                                                                                                                                                                                                                        0x00bbfafc
                                                                                                                                                                                                                                                        0x00bbfafe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfb04
                                                                                                                                                                                                                                                        0x00bbf4fc
                                                                                                                                                                                                                                                        0x00bbf4fe
                                                                                                                                                                                                                                                        0x00bbf503
                                                                                                                                                                                                                                                        0x00bbf508
                                                                                                                                                                                                                                                        0x00bbf50d
                                                                                                                                                                                                                                                        0x00bbf512
                                                                                                                                                                                                                                                        0x00bbf519
                                                                                                                                                                                                                                                        0x00bbf51d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf52a
                                                                                                                                                                                                                                                        0x00bbf533
                                                                                                                                                                                                                                                        0x00bbf539
                                                                                                                                                                                                                                                        0x00bbf540
                                                                                                                                                                                                                                                        0x00bbf542
                                                                                                                                                                                                                                                        0x00bbf546
                                                                                                                                                                                                                                                        0x00bbf703
                                                                                                                                                                                                                                                        0x00bbfaea
                                                                                                                                                                                                                                                        0x00bbfaea
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfaea
                                                                                                                                                                                                                                                        0x00bbf550
                                                                                                                                                                                                                                                        0x00bbf554
                                                                                                                                                                                                                                                        0x00bbf55f
                                                                                                                                                                                                                                                        0x00bbf562
                                                                                                                                                                                                                                                        0x00bbf569
                                                                                                                                                                                                                                                        0x00bbf572
                                                                                                                                                                                                                                                        0x00bbf579
                                                                                                                                                                                                                                                        0x00bbf584
                                                                                                                                                                                                                                                        0x00bbf58f
                                                                                                                                                                                                                                                        0x00bbf59a
                                                                                                                                                                                                                                                        0x00bbf5a5
                                                                                                                                                                                                                                                        0x00bbf5b0
                                                                                                                                                                                                                                                        0x00bbf5b7
                                                                                                                                                                                                                                                        0x00bbf5bf
                                                                                                                                                                                                                                                        0x00bbf5cd
                                                                                                                                                                                                                                                        0x00bbf5d8
                                                                                                                                                                                                                                                        0x00bbf5e3
                                                                                                                                                                                                                                                        0x00bbf5ec
                                                                                                                                                                                                                                                        0x00bbf5f4
                                                                                                                                                                                                                                                        0x00bbf5f8
                                                                                                                                                                                                                                                        0x00bbf5f8
                                                                                                                                                                                                                                                        0x00bbf5f9
                                                                                                                                                                                                                                                        0x00bbf5fd
                                                                                                                                                                                                                                                        0x00bbf770
                                                                                                                                                                                                                                                        0x00bbf770
                                                                                                                                                                                                                                                        0x00bbf786
                                                                                                                                                                                                                                                        0x00bbf78d
                                                                                                                                                                                                                                                        0x00bbf795
                                                                                                                                                                                                                                                        0x00bbf79c
                                                                                                                                                                                                                                                        0x00bbf7a3
                                                                                                                                                                                                                                                        0x00bbf7aa
                                                                                                                                                                                                                                                        0x00bbf7b1
                                                                                                                                                                                                                                                        0x00bbf7b8
                                                                                                                                                                                                                                                        0x00bbf7ba
                                                                                                                                                                                                                                                        0x00bbf7e2
                                                                                                                                                                                                                                                        0x00bbf7e9
                                                                                                                                                                                                                                                        0x00bbf7eb
                                                                                                                                                                                                                                                        0x00bbf7f2
                                                                                                                                                                                                                                                        0x00bbf856
                                                                                                                                                                                                                                                        0x00bbf85d
                                                                                                                                                                                                                                                        0x00bbf864
                                                                                                                                                                                                                                                        0x00bbf872
                                                                                                                                                                                                                                                        0x00bbf880
                                                                                                                                                                                                                                                        0x00bbf887
                                                                                                                                                                                                                                                        0x00bbf88e
                                                                                                                                                                                                                                                        0x00bbf895
                                                                                                                                                                                                                                                        0x00bbf897
                                                                                                                                                                                                                                                        0x00bbf8b4
                                                                                                                                                                                                                                                        0x00bbf8bb
                                                                                                                                                                                                                                                        0x00bbf8bd
                                                                                                                                                                                                                                                        0x00bbf8c4
                                                                                                                                                                                                                                                        0x00bbf8f2
                                                                                                                                                                                                                                                        0x00bbf8f2
                                                                                                                                                                                                                                                        0x00bbf8fa
                                                                                                                                                                                                                                                        0x00bbf905
                                                                                                                                                                                                                                                        0x00bbf907
                                                                                                                                                                                                                                                        0x00bbf909
                                                                                                                                                                                                                                                        0x00bbfa53
                                                                                                                                                                                                                                                        0x00bbfa53
                                                                                                                                                                                                                                                        0x00bbfa53
                                                                                                                                                                                                                                                        0x00bbfa55
                                                                                                                                                                                                                                                        0x00bbfa55
                                                                                                                                                                                                                                                        0x00bbfa5c
                                                                                                                                                                                                                                                        0x00bbfa5e
                                                                                                                                                                                                                                                        0x00bbfaae
                                                                                                                                                                                                                                                        0x00bbfab5
                                                                                                                                                                                                                                                        0x00bbfac0
                                                                                                                                                                                                                                                        0x00bbfac2
                                                                                                                                                                                                                                                        0x00bbfac5
                                                                                                                                                                                                                                                        0x00bbfacb
                                                                                                                                                                                                                                                        0x00bbfacb
                                                                                                                                                                                                                                                        0x00bbface
                                                                                                                                                                                                                                                        0x00bbfadc
                                                                                                                                                                                                                                                        0x00bbfade
                                                                                                                                                                                                                                                        0x00bbfae1
                                                                                                                                                                                                                                                        0x00bbfae7
                                                                                                                                                                                                                                                        0x00bbfae7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfade
                                                                                                                                                                                                                                                        0x00bbfa60
                                                                                                                                                                                                                                                        0x00bbfa67
                                                                                                                                                                                                                                                        0x00bbfa6b
                                                                                                                                                                                                                                                        0x00bbfa6e
                                                                                                                                                                                                                                                        0x00bbfa71
                                                                                                                                                                                                                                                        0x00bbfa81
                                                                                                                                                                                                                                                        0x00bbfa84
                                                                                                                                                                                                                                                        0x00bbfa86
                                                                                                                                                                                                                                                        0x00bbfa88
                                                                                                                                                                                                                                                        0x00bbfa88
                                                                                                                                                                                                                                                        0x00bbfa93
                                                                                                                                                                                                                                                        0x00bbfa96
                                                                                                                                                                                                                                                        0x00bbfa98
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfa9a
                                                                                                                                                                                                                                                        0x00bbfa9a
                                                                                                                                                                                                                                                        0x00bbfaa3
                                                                                                                                                                                                                                                        0x00bbfaaa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfaaa
                                                                                                                                                                                                                                                        0x00bbf90f
                                                                                                                                                                                                                                                        0x00bbf917
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf91d
                                                                                                                                                                                                                                                        0x00bbf924
                                                                                                                                                                                                                                                        0x00bbf92b
                                                                                                                                                                                                                                                        0x00bbf932
                                                                                                                                                                                                                                                        0x00bbf94c
                                                                                                                                                                                                                                                        0x00bbf953
                                                                                                                                                                                                                                                        0x00bbf965
                                                                                                                                                                                                                                                        0x00bbf966
                                                                                                                                                                                                                                                        0x00bbf966
                                                                                                                                                                                                                                                        0x00bbf967
                                                                                                                                                                                                                                                        0x00bbf96e
                                                                                                                                                                                                                                                        0x00bbf975
                                                                                                                                                                                                                                                        0x00bbf97d
                                                                                                                                                                                                                                                        0x00bbf984
                                                                                                                                                                                                                                                        0x00bbf98b
                                                                                                                                                                                                                                                        0x00bbf9a5
                                                                                                                                                                                                                                                        0x00bbf9a5
                                                                                                                                                                                                                                                        0x00bbf9ac
                                                                                                                                                                                                                                                        0x00bbf9b5
                                                                                                                                                                                                                                                        0x00bbf9b8
                                                                                                                                                                                                                                                        0x00bbf9bb
                                                                                                                                                                                                                                                        0x00bbf9bf
                                                                                                                                                                                                                                                        0x00bbf9c3
                                                                                                                                                                                                                                                        0x00bbf9c7
                                                                                                                                                                                                                                                        0x00bbf9cf
                                                                                                                                                                                                                                                        0x00bbf9cf
                                                                                                                                                                                                                                                        0x00bbf9cf
                                                                                                                                                                                                                                                        0x00bbf9d7
                                                                                                                                                                                                                                                        0x00bbf9d7
                                                                                                                                                                                                                                                        0x00bbf9de
                                                                                                                                                                                                                                                        0x00bbf9e3
                                                                                                                                                                                                                                                        0x00bbf9e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf9e7
                                                                                                                                                                                                                                                        0x00bbf9ef
                                                                                                                                                                                                                                                        0x00bbf9f1
                                                                                                                                                                                                                                                        0x00bbf9f8
                                                                                                                                                                                                                                                        0x00bbf9fd
                                                                                                                                                                                                                                                        0x00bbf9ff
                                                                                                                                                                                                                                                        0x00bbfa18
                                                                                                                                                                                                                                                        0x00bbfa1d
                                                                                                                                                                                                                                                        0x00bbfa2f
                                                                                                                                                                                                                                                        0x00bbfa38
                                                                                                                                                                                                                                                        0x00bbfa3f
                                                                                                                                                                                                                                                        0x00bbfa46
                                                                                                                                                                                                                                                        0x00bbfa46
                                                                                                                                                                                                                                                        0x00bbf9ff
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf9ef
                                                                                                                                                                                                                                                        0x00bbf991
                                                                                                                                                                                                                                                        0x00bbf996
                                                                                                                                                                                                                                                        0x00bbf998
                                                                                                                                                                                                                                                        0x00bbfd4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd4b
                                                                                                                                                                                                                                                        0x00bbf99e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf99e
                                                                                                                                                                                                                                                        0x00bbf938
                                                                                                                                                                                                                                                        0x00bbf93d
                                                                                                                                                                                                                                                        0x00bbf93f
                                                                                                                                                                                                                                                        0x00bbfd30
                                                                                                                                                                                                                                                        0x00bbfd38
                                                                                                                                                                                                                                                        0x00bbfd3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd3f
                                                                                                                                                                                                                                                        0x00bbf945
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf945
                                                                                                                                                                                                                                                        0x00bbf8c6
                                                                                                                                                                                                                                                        0x00bbf8c9
                                                                                                                                                                                                                                                        0x00bbf8c9
                                                                                                                                                                                                                                                        0x00bbf8cb
                                                                                                                                                                                                                                                        0x00bbf8ce
                                                                                                                                                                                                                                                        0x00bbf8d2
                                                                                                                                                                                                                                                        0x00bbf8dd
                                                                                                                                                                                                                                                        0x00bbf8e4
                                                                                                                                                                                                                                                        0x00bbf8e7
                                                                                                                                                                                                                                                        0x00bbf8e7
                                                                                                                                                                                                                                                        0x00bbf8eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf8eb
                                                                                                                                                                                                                                                        0x00bbf899
                                                                                                                                                                                                                                                        0x00bbf8a0
                                                                                                                                                                                                                                                        0x00bbf8a7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf8a7
                                                                                                                                                                                                                                                        0x00bbf7f4
                                                                                                                                                                                                                                                        0x00bbf7f7
                                                                                                                                                                                                                                                        0x00bbf83b
                                                                                                                                                                                                                                                        0x00bbf844
                                                                                                                                                                                                                                                        0x00bbf848
                                                                                                                                                                                                                                                        0x00bbf848
                                                                                                                                                                                                                                                        0x00bbf84a
                                                                                                                                                                                                                                                        0x00bbf84e
                                                                                                                                                                                                                                                        0x00bbf851
                                                                                                                                                                                                                                                        0x00bbf852
                                                                                                                                                                                                                                                        0x00bbf852
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf84a
                                                                                                                                                                                                                                                        0x00bbf7fb
                                                                                                                                                                                                                                                        0x00bbf7fd
                                                                                                                                                                                                                                                        0x00bbf7fd
                                                                                                                                                                                                                                                        0x00bbf800
                                                                                                                                                                                                                                                        0x00bbf807
                                                                                                                                                                                                                                                        0x00bbf80e
                                                                                                                                                                                                                                                        0x00bbf80e
                                                                                                                                                                                                                                                        0x00bbf816
                                                                                                                                                                                                                                                        0x00bbf81e
                                                                                                                                                                                                                                                        0x00bbf826
                                                                                                                                                                                                                                                        0x00bbf82e
                                                                                                                                                                                                                                                        0x00bbf831
                                                                                                                                                                                                                                                        0x00bbf831
                                                                                                                                                                                                                                                        0x00bbf835
                                                                                                                                                                                                                                                        0x00bbf837
                                                                                                                                                                                                                                                        0x00bbf839
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf839
                                                                                                                                                                                                                                                        0x00bbf7bc
                                                                                                                                                                                                                                                        0x00bbf7c3
                                                                                                                                                                                                                                                        0x00bbf7ce
                                                                                                                                                                                                                                                        0x00bbf7d5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf7d5
                                                                                                                                                                                                                                                        0x00bbf605
                                                                                                                                                                                                                                                        0x00bbf607
                                                                                                                                                                                                                                                        0x00bbf60b
                                                                                                                                                                                                                                                        0x00bbf645
                                                                                                                                                                                                                                                        0x00bbf652
                                                                                                                                                                                                                                                        0x00bbf655
                                                                                                                                                                                                                                                        0x00bbf657
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf65d
                                                                                                                                                                                                                                                        0x00bbf664
                                                                                                                                                                                                                                                        0x00bbf668
                                                                                                                                                                                                                                                        0x00bbf66f
                                                                                                                                                                                                                                                        0x00bbf617
                                                                                                                                                                                                                                                        0x00bbf617
                                                                                                                                                                                                                                                        0x00bbf61e
                                                                                                                                                                                                                                                        0x00bbf61f
                                                                                                                                                                                                                                                        0x00bbf622
                                                                                                                                                                                                                                                        0x00bbf626
                                                                                                                                                                                                                                                        0x00bbf631
                                                                                                                                                                                                                                                        0x00bbf633
                                                                                                                                                                                                                                                        0x00bbf634
                                                                                                                                                                                                                                                        0x00bbf638
                                                                                                                                                                                                                                                        0x00bbf63f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf63f
                                                                                                                                                                                                                                                        0x00bbf67a
                                                                                                                                                                                                                                                        0x00bbf67f
                                                                                                                                                                                                                                                        0x00bbf681
                                                                                                                                                                                                                                                        0x00bbf610
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf610
                                                                                                                                                                                                                                                        0x00bbf683
                                                                                                                                                                                                                                                        0x00bbf68a
                                                                                                                                                                                                                                                        0x00bbf68c
                                                                                                                                                                                                                                                        0x00bbf763
                                                                                                                                                                                                                                                        0x00bbf763
                                                                                                                                                                                                                                                        0x00bbf763
                                                                                                                                                                                                                                                        0x00bbf765
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf765
                                                                                                                                                                                                                                                        0x00bbf692
                                                                                                                                                                                                                                                        0x00bbf699
                                                                                                                                                                                                                                                        0x00bbf6a0
                                                                                                                                                                                                                                                        0x00bbf6a3
                                                                                                                                                                                                                                                        0x00bbf6a6
                                                                                                                                                                                                                                                        0x00bbf6b6
                                                                                                                                                                                                                                                        0x00bbf6b9
                                                                                                                                                                                                                                                        0x00bbf6bb
                                                                                                                                                                                                                                                        0x00bbf6bd
                                                                                                                                                                                                                                                        0x00bbf6bd
                                                                                                                                                                                                                                                        0x00bbf6c8
                                                                                                                                                                                                                                                        0x00bbf6cb
                                                                                                                                                                                                                                                        0x00bbf6cd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf6d3
                                                                                                                                                                                                                                                        0x00bbf6d3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf6a6
                                                                                                                                                                                                                                                        0x00bbf70a
                                                                                                                                                                                                                                                        0x00bbf711
                                                                                                                                                                                                                                                        0x00bbf719
                                                                                                                                                                                                                                                        0x00bbf71b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf71d
                                                                                                                                                                                                                                                        0x00bbf724
                                                                                                                                                                                                                                                        0x00bbf72b
                                                                                                                                                                                                                                                        0x00bbf72e
                                                                                                                                                                                                                                                        0x00bbf731
                                                                                                                                                                                                                                                        0x00bbf741
                                                                                                                                                                                                                                                        0x00bbf744
                                                                                                                                                                                                                                                        0x00bbf746
                                                                                                                                                                                                                                                        0x00bbf748
                                                                                                                                                                                                                                                        0x00bbf748
                                                                                                                                                                                                                                                        0x00bbf753
                                                                                                                                                                                                                                                        0x00bbf756
                                                                                                                                                                                                                                                        0x00bbf758
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf75a
                                                                                                                                                                                                                                                        0x00bbf75a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf480
                                                                                                                                                                                                                                                        0x00bbf480
                                                                                                                                                                                                                                                        0x00bbf483
                                                                                                                                                                                                                                                        0x00bbf483
                                                                                                                                                                                                                                                        0x00bbf4a7
                                                                                                                                                                                                                                                        0x00bbf4ad
                                                                                                                                                                                                                                                        0x00bbf4b6
                                                                                                                                                                                                                                                        0x00bbf4b9
                                                                                                                                                                                                                                                        0x00bbf4bb
                                                                                                                                                                                                                                                        0x00bbf4c2
                                                                                                                                                                                                                                                        0x00bbf4c7
                                                                                                                                                                                                                                                        0x00bbf4c9
                                                                                                                                                                                                                                                        0x00bbf4cb
                                                                                                                                                                                                                                                        0x00bbf4d2
                                                                                                                                                                                                                                                        0x00bbf4d4
                                                                                                                                                                                                                                                        0x00bbf4d7
                                                                                                                                                                                                                                                        0x00bbf4d9
                                                                                                                                                                                                                                                        0x00bbf4dc
                                                                                                                                                                                                                                                        0x00bbf4df
                                                                                                                                                                                                                                                        0x00bbf4e2
                                                                                                                                                                                                                                                        0x00bbf4e2
                                                                                                                                                                                                                                                        0x00bbf4c9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf4bb
                                                                                                                                                                                                                                                        0x00bbf473
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf473
                                                                                                                                                                                                                                                        0x00bbf3ce
                                                                                                                                                                                                                                                        0x00bbf3d0
                                                                                                                                                                                                                                                        0x00bbf449
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf449
                                                                                                                                                                                                                                                        0x00bbf3d2
                                                                                                                                                                                                                                                        0x00bbf3d5
                                                                                                                                                                                                                                                        0x00bbf6dc
                                                                                                                                                                                                                                                        0x00bbf6e0
                                                                                                                                                                                                                                                        0x00bbf6e5
                                                                                                                                                                                                                                                        0x00bbf6ed
                                                                                                                                                                                                                                                        0x00bbf6f0
                                                                                                                                                                                                                                                        0x00bbf6f5
                                                                                                                                                                                                                                                        0x00bbf6f8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf6fe
                                                                                                                                                                                                                                                        0x00bbf3db
                                                                                                                                                                                                                                                        0x00bbf3df
                                                                                                                                                                                                                                                        0x00bbf3e7
                                                                                                                                                                                                                                                        0x00bbf3eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf3ed
                                                                                                                                                                                                                                                        0x00bbf3f1
                                                                                                                                                                                                                                                        0x00bbf3f5
                                                                                                                                                                                                                                                        0x00bbf3f9
                                                                                                                                                                                                                                                        0x00bbf401
                                                                                                                                                                                                                                                        0x00bbf401
                                                                                                                                                                                                                                                        0x00bbf403
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf405
                                                                                                                                                                                                                                                        0x00bbf407
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf409
                                                                                                                                                                                                                                                        0x00bbf40b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf40d
                                                                                                                                                                                                                                                        0x00bbf411
                                                                                                                                                                                                                                                        0x00bbf415
                                                                                                                                                                                                                                                        0x00bbf417
                                                                                                                                                                                                                                                        0x00bbf435
                                                                                                                                                                                                                                                        0x00bbf435
                                                                                                                                                                                                                                                        0x00bbfbab
                                                                                                                                                                                                                                                        0x00bbfbab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfbab
                                                                                                                                                                                                                                                        0x00bbf420
                                                                                                                                                                                                                                                        0x00bbf424
                                                                                                                                                                                                                                                        0x00bbf424
                                                                                                                                                                                                                                                        0x00bbf429
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf42f
                                                                                                                                                                                                                                                        0x00bbf432
                                                                                                                                                                                                                                                        0x00bbf432
                                                                                                                                                                                                                                                        0x00bbf433
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf433
                                                                                                                                                                                                                                                        0x00bbfba0
                                                                                                                                                                                                                                                        0x00bbfba2
                                                                                                                                                                                                                                                        0x00bbfba7
                                                                                                                                                                                                                                                        0x00bbfba9
                                                                                                                                                                                                                                                        0x00bbfbbc
                                                                                                                                                                                                                                                        0x00bbfbbe
                                                                                                                                                                                                                                                        0x00bbfbc2
                                                                                                                                                                                                                                                        0x00bbfbc5
                                                                                                                                                                                                                                                        0x00bbfbc9
                                                                                                                                                                                                                                                        0x00bbfbcc
                                                                                                                                                                                                                                                        0x00bbfbd0
                                                                                                                                                                                                                                                        0x00bbfbd2
                                                                                                                                                                                                                                                        0x00bbfbe9
                                                                                                                                                                                                                                                        0x00bbfbe9
                                                                                                                                                                                                                                                        0x00bbfc24
                                                                                                                                                                                                                                                        0x00bbfc24
                                                                                                                                                                                                                                                        0x00bbfc28
                                                                                                                                                                                                                                                        0x00bbfc2d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc2d
                                                                                                                                                                                                                                                        0x00bbfbd8
                                                                                                                                                                                                                                                        0x00bbfbdc
                                                                                                                                                                                                                                                        0x00bbfbdc
                                                                                                                                                                                                                                                        0x00bbfbe1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfbe3
                                                                                                                                                                                                                                                        0x00bbfbe6
                                                                                                                                                                                                                                                        0x00bbfbe6
                                                                                                                                                                                                                                                        0x00bbfbe7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfbe7
                                                                                                                                                                                                                                                        0x00bbfbf0
                                                                                                                                                                                                                                                        0x00bbfbf2
                                                                                                                                                                                                                                                        0x00bbfbf7
                                                                                                                                                                                                                                                        0x00bbfbf9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc03
                                                                                                                                                                                                                                                        0x00bbfc08
                                                                                                                                                                                                                                                        0x00bbfc0a
                                                                                                                                                                                                                                                        0x00bbfc10
                                                                                                                                                                                                                                                        0x00bbfc13
                                                                                                                                                                                                                                                        0x00bbfc17
                                                                                                                                                                                                                                                        0x00bbfc1e
                                                                                                                                                                                                                                                        0x00bbfc22
                                                                                                                                                                                                                                                        0x00bbfc3a
                                                                                                                                                                                                                                                        0x00bbfc3d
                                                                                                                                                                                                                                                        0x00bbfc3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc41
                                                                                                                                                                                                                                                        0x00bbfc45
                                                                                                                                                                                                                                                        0x00bbfc49
                                                                                                                                                                                                                                                        0x00bbfc50
                                                                                                                                                                                                                                                        0x00bbfc52
                                                                                                                                                                                                                                                        0x00bbfc55
                                                                                                                                                                                                                                                        0x00bbfc59
                                                                                                                                                                                                                                                        0x00bbfc5c
                                                                                                                                                                                                                                                        0x00bbfc5e
                                                                                                                                                                                                                                                        0x00bbfc5e
                                                                                                                                                                                                                                                        0x00bbfc60
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc62
                                                                                                                                                                                                                                                        0x00bbfc64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc66
                                                                                                                                                                                                                                                        0x00bbfc6a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc6c
                                                                                                                                                                                                                                                        0x00bbfc6f
                                                                                                                                                                                                                                                        0x00bbfc74
                                                                                                                                                                                                                                                        0x00bbfc77
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc79
                                                                                                                                                                                                                                                        0x00bbfc81
                                                                                                                                                                                                                                                        0x00bbfc89
                                                                                                                                                                                                                                                        0x00bbfc91
                                                                                                                                                                                                                                                        0x00bbfc9b
                                                                                                                                                                                                                                                        0x00bbfca4
                                                                                                                                                                                                                                                        0x00bbfcac
                                                                                                                                                                                                                                                        0x00bbfcb5
                                                                                                                                                                                                                                                        0x00bbfcbe
                                                                                                                                                                                                                                                        0x00bbfccb
                                                                                                                                                                                                                                                        0x00bbfcd1
                                                                                                                                                                                                                                                        0x00bbfcd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfcda
                                                                                                                                                                                                                                                        0x00bbfcdf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfcef
                                                                                                                                                                                                                                                        0x00bbfcf2
                                                                                                                                                                                                                                                        0x00bbfcf4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfcfa
                                                                                                                                                                                                                                                        0x00bbfd01
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd07
                                                                                                                                                                                                                                                        0x00bbfd0f
                                                                                                                                                                                                                                                        0x00bbfd13
                                                                                                                                                                                                                                                        0x00bbfd1b
                                                                                                                                                                                                                                                        0x00bbfd1f
                                                                                                                                                                                                                                                        0x00bbfd21
                                                                                                                                                                                                                                                        0x00bbfd25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfd2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfc22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbfba9
                                                                                                                                                                                                                                                        0x00bbf3a7
                                                                                                                                                                                                                                                        0x00bbf3ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf3ae
                                                                                                                                                                                                                                                        0x00bbf27c
                                                                                                                                                                                                                                                        0x00bbf27f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf27f
                                                                                                                                                                                                                                                        0x00bbf275
                                                                                                                                                                                                                                                        0x00bbef62
                                                                                                                                                                                                                                                        0x00bbef67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef6d
                                                                                                                                                                                                                                                        0x00bbef72
                                                                                                                                                                                                                                                        0x00bbef75
                                                                                                                                                                                                                                                        0x00bbef79
                                                                                                                                                                                                                                                        0x00bbef7d
                                                                                                                                                                                                                                                        0x00bbef81
                                                                                                                                                                                                                                                        0x00bbef86
                                                                                                                                                                                                                                                        0x00bbef8a
                                                                                                                                                                                                                                                        0x00bbef8e
                                                                                                                                                                                                                                                        0x00bbef90
                                                                                                                                                                                                                                                        0x00bbef92
                                                                                                                                                                                                                                                        0x00bbefa0
                                                                                                                                                                                                                                                        0x00bbefa8
                                                                                                                                                                                                                                                        0x00bbefac
                                                                                                                                                                                                                                                        0x00bbefaf
                                                                                                                                                                                                                                                        0x00bbefb0
                                                                                                                                                                                                                                                        0x00bbefb4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefb6
                                                                                                                                                                                                                                                        0x00bbf057
                                                                                                                                                                                                                                                        0x00bbf05d
                                                                                                                                                                                                                                                        0x00bbf061
                                                                                                                                                                                                                                                        0x00bbf065
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf067
                                                                                                                                                                                                                                                        0x00bbf067
                                                                                                                                                                                                                                                        0x00bbf069
                                                                                                                                                                                                                                                        0x00bbf070
                                                                                                                                                                                                                                                        0x00bbf073
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf075
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf075
                                                                                                                                                                                                                                                        0x00bbf073
                                                                                                                                                                                                                                                        0x00bbf077
                                                                                                                                                                                                                                                        0x00bbf07b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf07d
                                                                                                                                                                                                                                                        0x00bbf082
                                                                                                                                                                                                                                                        0x00bbf085
                                                                                                                                                                                                                                                        0x00bbf08b
                                                                                                                                                                                                                                                        0x00bbf09b
                                                                                                                                                                                                                                                        0x00bbf09b
                                                                                                                                                                                                                                                        0x00bbf09e
                                                                                                                                                                                                                                                        0x00bbf09e
                                                                                                                                                                                                                                                        0x00bbf0a1
                                                                                                                                                                                                                                                        0x00bbf0a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf0ad
                                                                                                                                                                                                                                                        0x00bbf0b1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf090
                                                                                                                                                                                                                                                        0x00bbf090
                                                                                                                                                                                                                                                        0x00bbf093
                                                                                                                                                                                                                                                        0x00bbf093
                                                                                                                                                                                                                                                        0x00bbf09b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf085
                                                                                                                                                                                                                                                        0x00bbf065
                                                                                                                                                                                                                                                        0x00bbefb4
                                                                                                                                                                                                                                                        0x00bbefe3
                                                                                                                                                                                                                                                        0x00bbefe3
                                                                                                                                                                                                                                                        0x00bbefe6
                                                                                                                                                                                                                                                        0x00bbefeb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefed
                                                                                                                                                                                                                                                        0x00bbefed
                                                                                                                                                                                                                                                        0x00bbefed
                                                                                                                                                                                                                                                        0x00bbefef
                                                                                                                                                                                                                                                        0x00bbeff7
                                                                                                                                                                                                                                                        0x00bbeff7
                                                                                                                                                                                                                                                        0x00bbeffd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbefff
                                                                                                                                                                                                                                                        0x00bbf000
                                                                                                                                                                                                                                                        0x00bbf001
                                                                                                                                                                                                                                                        0x00bbf005
                                                                                                                                                                                                                                                        0x00bbf006
                                                                                                                                                                                                                                                        0x00bbf00b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf00d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf00d
                                                                                                                                                                                                                                                        0x00bbf00b
                                                                                                                                                                                                                                                        0x00bbf012
                                                                                                                                                                                                                                                        0x00bbf014
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf016
                                                                                                                                                                                                                                                        0x00bbf01c
                                                                                                                                                                                                                                                        0x00bbf02e
                                                                                                                                                                                                                                                        0x00bbf030
                                                                                                                                                                                                                                                        0x00bbf03f
                                                                                                                                                                                                                                                        0x00bbf03f
                                                                                                                                                                                                                                                        0x00bbf042
                                                                                                                                                                                                                                                        0x00bbf045
                                                                                                                                                                                                                                                        0x00bbf049
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf051
                                                                                                                                                                                                                                                        0x00bbf055
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf034
                                                                                                                                                                                                                                                        0x00bbf034
                                                                                                                                                                                                                                                        0x00bbf037
                                                                                                                                                                                                                                                        0x00bbf037
                                                                                                                                                                                                                                                        0x00bbf03f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbf01c
                                                                                                                                                                                                                                                        0x00bbefeb
                                                                                                                                                                                                                                                        0x00bbef0f
                                                                                                                                                                                                                                                        0x00bbef0f
                                                                                                                                                                                                                                                        0x00bbef11
                                                                                                                                                                                                                                                        0x00bbef20
                                                                                                                                                                                                                                                        0x00bbef26
                                                                                                                                                                                                                                                        0x00bbef2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbef20
                                                                                                                                                                                                                                                        0x00bbef0d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,?,?,?,?,?,?,?), ref: 00BBEE95
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(000000FF,?,00000000,?,0000001C,00000000), ref: 00BBEEBD
                                                                                                                                                                                                                                                        • NtUnmapViewOfSection.NTDLL(000000FF,?), ref: 00BBEFBF
                                                                                                                                                                                                                                                        • RtlCompareUnicodeString.NTDLL(?,?,00000001), ref: 00BBF0E2
                                                                                                                                                                                                                                                        • RtlDuplicateUnicodeString.NTDLL(00000001,?,?), ref: 00BBF125
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?), ref: 00BBF23F
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBF296
                                                                                                                                                                                                                                                        • RtlGetVersion.NTDLL ref: 00BBF2B1
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(0000002C,00000001,?,?,00BFA7A0,00000000,?,00000001,?), ref: 00BBF315
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(00BFA7A0), ref: 00BBF464
                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL ref: 00BBF4C2
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BBF4EC
                                                                                                                                                                                                                                                        • RtlRunOnceExecuteOnce.NTDLL ref: 00BBF50D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: StringUnicode$ExclusiveFreeLockOnceSectionView$AcquireAllocateCompareDuplicateExecuteHeapMemoryQueryReleaseUnmapVersionVirtualmemset
                                                                                                                                                                                                                                                        • String ID: $(
                                                                                                                                                                                                                                                        • API String ID: 1388105969-55695022
                                                                                                                                                                                                                                                        • Opcode ID: 67712137365409dbf425d4ddeda909d14189e24eb24966743002fd578c06623e
                                                                                                                                                                                                                                                        • Instruction ID: 4c5cbfc0e95cfb11ec9d89332575d4313f440b1e3d11b9dc760f4aa26b0fc129
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 67712137365409dbf425d4ddeda909d14189e24eb24966743002fd578c06623e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9D928F716087428FD734DF18C884BBBB7E1FF85314F148AADE99997291DBB0A845CB42
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BE99D0(void* __ecx, void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				short _v40;
                                                                                                                                                                                                                                                        				short _v44;
                                                                                                                                                                                                                                                        				short _v48;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v217;
                                                                                                                                                                                                                                                        				char _v221;
                                                                                                                                                                                                                                                        				char _v232;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				int _t21;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				int _t25;
                                                                                                                                                                                                                                                        				int _t28;
                                                                                                                                                                                                                                                        				int _t31;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				void* _t69;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t64 = __edx;
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t69 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t18 ^ _t70;
                                                                                                                                                                                                                                                        				_t20 = E00BE2E40(__edx,  *0xbfa060); // executed
                                                                                                                                                                                                                                                        				if(_t20 != 0) {
                                                                                                                                                                                                                                                        					TerminateProcess(GetCurrentProcess(), 0x1b5e);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t69 + 4)) <= 1) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t69 + 4)) = 2;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t21 = RevertToSelf(); // executed
                                                                                                                                                                                                                                                        				if(_t21 == 0) {
                                                                                                                                                                                                                                                        					TerminateProcess(GetCurrentProcess(), 0x1b5f);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t22 = E00BE9CA0(0x80000002); // executed
                                                                                                                                                                                                                                                        				if(_t22 != 0) {
                                                                                                                                                                                                                                                        					_t23 = E00BE9CA0(0x80000000);
                                                                                                                                                                                                                                                        					__eflags = _t23;
                                                                                                                                                                                                                                                        					if(_t23 == 0) {
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t25 = E00BE9CA0(0x80000003); // executed
                                                                                                                                                                                                                                                        					__eflags = _t25;
                                                                                                                                                                                                                                                        					if(_t25 == 0) {
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L8;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_t25 = TerminateProcess(GetCurrentProcess(), 0x1b60);
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					__imp__RegDisablePredefinedCache();
                                                                                                                                                                                                                                                        					if(_t25 != 0) {
                                                                                                                                                                                                                                                        						TerminateProcess(GetCurrentProcess(), 0x1b61);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					GetUserDefaultLangID();
                                                                                                                                                                                                                                                        					GetUserDefaultLCID();
                                                                                                                                                                                                                                                        					asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_t28 =  &_v208;
                                                                                                                                                                                                                                                        					asm("movaps [esp+0xa0], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x90], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x80], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x70], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x60], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x50], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        					asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        					__imp__GetUserDefaultLocaleName(_t28, 0x55);
                                                                                                                                                                                                                                                        					if(_t28 == 0) {
                                                                                                                                                                                                                                                        						_t28 = TerminateProcess(GetCurrentProcess(), 0x1b65);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v217 = 1;
                                                                                                                                                                                                                                                        					if(E00BD3F60(_t28) == 0) {
                                                                                                                                                                                                                                                        						L21:
                                                                                                                                                                                                                                                        						 *((char*)(_t69 + 8)) = _v217;
                                                                                                                                                                                                                                                        						_t31 =  *0xbfb6c0; // 0x340
                                                                                                                                                                                                                                                        						_t55 =  *0xbfb6c4; // 0x0
                                                                                                                                                                                                                                                        						_t66 = _t31 | _t55;
                                                                                                                                                                                                                                                        						if((_t31 | _t55) != 0) {
                                                                                                                                                                                                                                                        							_t31 = E00BD97A0(_t31, _t55); // executed
                                                                                                                                                                                                                                                        							if(_t31 == 0) {
                                                                                                                                                                                                                                                        								_t31 = TerminateProcess(GetCurrentProcess(), 0x1b63);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						return E00BEECB0(_t31, _v32 ^ _t70, _t66);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						E00BD3F70( &_v216);
                                                                                                                                                                                                                                                        						_t36 = E00BD4210( &_v216, _t64,  &_v217);
                                                                                                                                                                                                                                                        						_t85 = _v221;
                                                                                                                                                                                                                                                        						if(_v221 == 0) {
                                                                                                                                                                                                                                                        							__imp__EnumSystemLocalesEx(E00BC0D30, 1, 0, 0);
                                                                                                                                                                                                                                                        							__eflags = _t36;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								L19:
                                                                                                                                                                                                                                                        								E00BD3FD0( &_v232, __eflags);
                                                                                                                                                                                                                                                        								L20:
                                                                                                                                                                                                                                                        								TerminateProcess(GetCurrentProcess(), 0x1b62);
                                                                                                                                                                                                                                                        								goto L21;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t40 = E00BD5880(_t36);
                                                                                                                                                                                                                                                        							__eflags = _t40;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							HeapDestroy(_t40);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t42 = E00BD43C0( &_v232, _t64);
                                                                                                                                                                                                                                                        						E00BD3FD0( &_v232, _t85);
                                                                                                                                                                                                                                                        						if(_t42 == 0) {
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




























                                                                                                                                                                                                                                                        0x00be99d0
                                                                                                                                                                                                                                                        0x00be99df
                                                                                                                                                                                                                                                        0x00be99e4
                                                                                                                                                                                                                                                        0x00be99e8
                                                                                                                                                                                                                                                        0x00be99f5
                                                                                                                                                                                                                                                        0x00be99ff
                                                                                                                                                                                                                                                        0x00be9a0d
                                                                                                                                                                                                                                                        0x00be9a0d
                                                                                                                                                                                                                                                        0x00be9a17
                                                                                                                                                                                                                                                        0x00be9a19
                                                                                                                                                                                                                                                        0x00be9a19
                                                                                                                                                                                                                                                        0x00be9a20
                                                                                                                                                                                                                                                        0x00be9a28
                                                                                                                                                                                                                                                        0x00be9a36
                                                                                                                                                                                                                                                        0x00be9a36
                                                                                                                                                                                                                                                        0x00be9a41
                                                                                                                                                                                                                                                        0x00be9a48
                                                                                                                                                                                                                                                        0x00be9be4
                                                                                                                                                                                                                                                        0x00be9be9
                                                                                                                                                                                                                                                        0x00be9beb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9bf6
                                                                                                                                                                                                                                                        0x00be9bfb
                                                                                                                                                                                                                                                        0x00be9bfd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9a4e
                                                                                                                                                                                                                                                        0x00be9a4e
                                                                                                                                                                                                                                                        0x00be9a5a
                                                                                                                                                                                                                                                        0x00be9a60
                                                                                                                                                                                                                                                        0x00be9a60
                                                                                                                                                                                                                                                        0x00be9a68
                                                                                                                                                                                                                                                        0x00be9a76
                                                                                                                                                                                                                                                        0x00be9a76
                                                                                                                                                                                                                                                        0x00be9a7c
                                                                                                                                                                                                                                                        0x00be9a82
                                                                                                                                                                                                                                                        0x00be9a88
                                                                                                                                                                                                                                                        0x00be9a8b
                                                                                                                                                                                                                                                        0x00be9a96
                                                                                                                                                                                                                                                        0x00be9aa1
                                                                                                                                                                                                                                                        0x00be9aab
                                                                                                                                                                                                                                                        0x00be9aaf
                                                                                                                                                                                                                                                        0x00be9ab7
                                                                                                                                                                                                                                                        0x00be9abf
                                                                                                                                                                                                                                                        0x00be9ac7
                                                                                                                                                                                                                                                        0x00be9acc
                                                                                                                                                                                                                                                        0x00be9ad1
                                                                                                                                                                                                                                                        0x00be9ad6
                                                                                                                                                                                                                                                        0x00be9adb
                                                                                                                                                                                                                                                        0x00be9ae0
                                                                                                                                                                                                                                                        0x00be9ae5
                                                                                                                                                                                                                                                        0x00be9aed
                                                                                                                                                                                                                                                        0x00be9af5
                                                                                                                                                                                                                                                        0x00be9b03
                                                                                                                                                                                                                                                        0x00be9b03
                                                                                                                                                                                                                                                        0x00be9b09
                                                                                                                                                                                                                                                        0x00be9b15
                                                                                                                                                                                                                                                        0x00be9b91
                                                                                                                                                                                                                                                        0x00be9b95
                                                                                                                                                                                                                                                        0x00be9b98
                                                                                                                                                                                                                                                        0x00be9b9d
                                                                                                                                                                                                                                                        0x00be9ba5
                                                                                                                                                                                                                                                        0x00be9ba7
                                                                                                                                                                                                                                                        0x00be9bab
                                                                                                                                                                                                                                                        0x00be9bb5
                                                                                                                                                                                                                                                        0x00be9bc3
                                                                                                                                                                                                                                                        0x00be9bc3
                                                                                                                                                                                                                                                        0x00be9bb5
                                                                                                                                                                                                                                                        0x00be9bde
                                                                                                                                                                                                                                                        0x00be9b17
                                                                                                                                                                                                                                                        0x00be9b1d
                                                                                                                                                                                                                                                        0x00be9b29
                                                                                                                                                                                                                                                        0x00be9b2e
                                                                                                                                                                                                                                                        0x00be9b33
                                                                                                                                                                                                                                                        0x00be9b5a
                                                                                                                                                                                                                                                        0x00be9b60
                                                                                                                                                                                                                                                        0x00be9b62
                                                                                                                                                                                                                                                        0x00be9b76
                                                                                                                                                                                                                                                        0x00be9b7a
                                                                                                                                                                                                                                                        0x00be9b7f
                                                                                                                                                                                                                                                        0x00be9b8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b8b
                                                                                                                                                                                                                                                        0x00be9b64
                                                                                                                                                                                                                                                        0x00be9b69
                                                                                                                                                                                                                                                        0x00be9b6b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b6e
                                                                                                                                                                                                                                                        0x00be9b6e
                                                                                                                                                                                                                                                        0x00be9b3b
                                                                                                                                                                                                                                                        0x00be9b44
                                                                                                                                                                                                                                                        0x00be9b4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9b4d
                                                                                                                                                                                                                                                        0x00be9b15

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A01
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B5E), ref: 00BE9A0D
                                                                                                                                                                                                                                                        • RevertToSelf.KERNELBASE ref: 00BE9A20
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A2A
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B5F), ref: 00BE9A36
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A4E
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B60), ref: 00BE9A5A
                                                                                                                                                                                                                                                        • RegDisablePredefinedCache.ADVAPI32 ref: 00BE9A60
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9A6A
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B61), ref: 00BE9A76
                                                                                                                                                                                                                                                        • GetUserDefaultLangID.KERNEL32 ref: 00BE9A7C
                                                                                                                                                                                                                                                        • GetUserDefaultLCID.KERNEL32 ref: 00BE9A82
                                                                                                                                                                                                                                                        • GetUserDefaultLocaleName.KERNEL32(?,00000055), ref: 00BE9AED
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9AF7
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B65), ref: 00BE9B03
                                                                                                                                                                                                                                                        • EnumSystemLocalesEx.KERNEL32(?,00000001,00000000,00000000), ref: 00BE9B5A
                                                                                                                                                                                                                                                        • HeapDestroy.KERNEL32(00000000), ref: 00BE9B6E
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9B7F
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B62), ref: 00BE9B8B
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE9BB7
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00001B63), ref: 00BE9BC3
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentTerminate$DefaultUser$CacheDestroyDisableEnumHeapLangLocaleLocalesNamePredefinedRevertSelfSystem
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 623231726-0
                                                                                                                                                                                                                                                        • Opcode ID: 6bd5e85b3ceb1d9a67d0fd83d6810fa8c6474a802527f6a8246eebdc79fd4afc
                                                                                                                                                                                                                                                        • Instruction ID: 5282efd1ece4213a5852badb082672d3373c2d5e3246bb420a41d9d5de7b0dc5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6bd5e85b3ceb1d9a67d0fd83d6810fa8c6474a802527f6a8246eebdc79fd4afc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5751D3705483C19BEB24AB75AC0ABFA77F8EF80301F040599F945932A1EF718549C752
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 85%
                                                                                                                                                                                                                                                        			E00BBEBA0(WCHAR* _a4, long _a8, UNICODE_STRING* _a12, HMODULE* _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				signed int _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v72;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				signed int _v92;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				char _v112;
                                                                                                                                                                                                                                                        				long _v128;
                                                                                                                                                                                                                                                        				char _v132;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				char* _t47;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t51;
                                                                                                                                                                                                                                                        				long _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				intOrPtr _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				char* _t64;
                                                                                                                                                                                                                                                        				HMODULE* _t78;
                                                                                                                                                                                                                                                        				UNICODE_STRING* _t79;
                                                                                                                                                                                                                                                        				long _t80;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t84 = (_t82 & 0xfffffff8) - 0x50;
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t79 = _a12;
                                                                                                                                                                                                                                                        				_v24 = _t41 ^ _t81;
                                                                                                                                                                                                                                                        				_t43 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        				if(_t43 ==  *((intOrPtr*)( *[fs:0x18] + 0x24)) ||  *0xbfa7d8 == 0) {
                                                                                                                                                                                                                                                        					_t44 = E00BC1490();
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t62 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        					_t44 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t62 * 4)) + 8));
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t84 = _t44;
                                                                                                                                                                                                                                                        				_v92 = 0;
                                                                                                                                                                                                                                                        				_v88 = 0;
                                                                                                                                                                                                                                                        				_v84 = 0xc0000001;
                                                                                                                                                                                                                                                        				_v68 = 0;
                                                                                                                                                                                                                                                        				_v72 = 0;
                                                                                                                                                                                                                                                        				_t64 =  &_v80;
                                                                                                                                                                                                                                                        				_v64 =  *((intOrPtr*)( *[fs:0x18] + 0x24));
                                                                                                                                                                                                                                                        				_t47 =  &_v60;
                                                                                                                                                                                                                                                        				if(_t79 == 0) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_push(_t47);
                                                                                                                                                                                                                                                        					_push(_t79);
                                                                                                                                                                                                                                                        					_push(1); // executed
                                                                                                                                                                                                                                                        					L00BEF720(); // executed
                                                                                                                                                                                                                                                        					if(_t47 < 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t78 = _a16;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v52 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v36 = 0;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_v40 = 4;
                                                                                                                                                                                                                                                        				_push(_t64);
                                                                                                                                                                                                                                                        				L00BEF74A();
                                                                                                                                                                                                                                                        				_push(0);
                                                                                                                                                                                                                                                        				_push(0);
                                                                                                                                                                                                                                                        				_push(E00BC0F50);
                                                                                                                                                                                                                                                        				_push(0xbfa7d0);
                                                                                                                                                                                                                                                        				L00BEF762();
                                                                                                                                                                                                                                                        				_t48 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        				if(_t48 !=  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
                                                                                                                                                                                                                                                        					if( *0xbfa7d8 != 0) {
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t49 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t49 * 4)) + 8)) = _t84;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)( *[fs:0x18] + 0x2c)) == 0) {
                                                                                                                                                                                                                                                        							_t60 =  *[fs:0x18];
                                                                                                                                                                                                                                                        							_t48 =  *((intOrPtr*)(_t60 + 0x24));
                                                                                                                                                                                                                                                        							 *0xbfa7d4 =  *((intOrPtr*)(_t60 + 0x24));
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *0xbfa7d8 = 1;
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					E00BC14A0(_t48, _t84);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t51 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        				_t77 =  &_v112;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t51 + 0x14))(_t64,  &_v112, _t79);
                                                                                                                                                                                                                                                        				_t53 = LdrLoadDll(_a4, _a8, _t79, _t78); // executed
                                                                                                                                                                                                                                                        				_v128 = _t53;
                                                                                                                                                                                                                                                        				_t80 = _t53;
                                                                                                                                                                                                                                                        				if(_v132 != 0) {
                                                                                                                                                                                                                                                        					_t57 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        					_t77 =  &_v104;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t57 + 4))( &_v104, _t78);
                                                                                                                                                                                                                                                        					_t80 =  !=  ? 0 : _t80;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t54 = E00BBED70(_t84); // executed
                                                                                                                                                                                                                                                        				E00BEECB0(_t54, _v68 ^ _t81, _t77);
                                                                                                                                                                                                                                                        				return _t80;
                                                                                                                                                                                                                                                        			}










































                                                                                                                                                                                                                                                        0x00bbeba9
                                                                                                                                                                                                                                                        0x00bbebac
                                                                                                                                                                                                                                                        0x00bbebb1
                                                                                                                                                                                                                                                        0x00bbebb6
                                                                                                                                                                                                                                                        0x00bbebba
                                                                                                                                                                                                                                                        0x00bbebc9
                                                                                                                                                                                                                                                        0x00bbebeb
                                                                                                                                                                                                                                                        0x00bbebd4
                                                                                                                                                                                                                                                        0x00bbebd4
                                                                                                                                                                                                                                                        0x00bbebe3
                                                                                                                                                                                                                                                        0x00bbebe3
                                                                                                                                                                                                                                                        0x00bbebf0
                                                                                                                                                                                                                                                        0x00bbebf3
                                                                                                                                                                                                                                                        0x00bbebfb
                                                                                                                                                                                                                                                        0x00bbec00
                                                                                                                                                                                                                                                        0x00bbec08
                                                                                                                                                                                                                                                        0x00bbec10
                                                                                                                                                                                                                                                        0x00bbec18
                                                                                                                                                                                                                                                        0x00bbec27
                                                                                                                                                                                                                                                        0x00bbec2b
                                                                                                                                                                                                                                                        0x00bbec2f
                                                                                                                                                                                                                                                        0x00bbec3e
                                                                                                                                                                                                                                                        0x00bbec3e
                                                                                                                                                                                                                                                        0x00bbec46
                                                                                                                                                                                                                                                        0x00bbec31
                                                                                                                                                                                                                                                        0x00bbec31
                                                                                                                                                                                                                                                        0x00bbec32
                                                                                                                                                                                                                                                        0x00bbec33
                                                                                                                                                                                                                                                        0x00bbec35
                                                                                                                                                                                                                                                        0x00bbec3c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbec3c
                                                                                                                                                                                                                                                        0x00bbec4e
                                                                                                                                                                                                                                                        0x00bbec51
                                                                                                                                                                                                                                                        0x00bbec59
                                                                                                                                                                                                                                                        0x00bbec61
                                                                                                                                                                                                                                                        0x00bbec69
                                                                                                                                                                                                                                                        0x00bbec71
                                                                                                                                                                                                                                                        0x00bbec79
                                                                                                                                                                                                                                                        0x00bbec81
                                                                                                                                                                                                                                                        0x00bbec82
                                                                                                                                                                                                                                                        0x00bbec87
                                                                                                                                                                                                                                                        0x00bbec89
                                                                                                                                                                                                                                                        0x00bbec8b
                                                                                                                                                                                                                                                        0x00bbec90
                                                                                                                                                                                                                                                        0x00bbec95
                                                                                                                                                                                                                                                        0x00bbec9a
                                                                                                                                                                                                                                                        0x00bbeca9
                                                                                                                                                                                                                                                        0x00bbecbb
                                                                                                                                                                                                                                                        0x00bbecd4
                                                                                                                                                                                                                                                        0x00bbecd4
                                                                                                                                                                                                                                                        0x00bbece5
                                                                                                                                                                                                                                                        0x00bbecbd
                                                                                                                                                                                                                                                        0x00bbecc7
                                                                                                                                                                                                                                                        0x00bbed52
                                                                                                                                                                                                                                                        0x00bbed58
                                                                                                                                                                                                                                                        0x00bbed5b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeccd
                                                                                                                                                                                                                                                        0x00bbeccd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeccd
                                                                                                                                                                                                                                                        0x00bbecc7
                                                                                                                                                                                                                                                        0x00bbecab
                                                                                                                                                                                                                                                        0x00bbecab
                                                                                                                                                                                                                                                        0x00bbecad
                                                                                                                                                                                                                                                        0x00bbecad
                                                                                                                                                                                                                                                        0x00bbeceb
                                                                                                                                                                                                                                                        0x00bbecf6
                                                                                                                                                                                                                                                        0x00bbecfc
                                                                                                                                                                                                                                                        0x00bbed07
                                                                                                                                                                                                                                                        0x00bbed0d
                                                                                                                                                                                                                                                        0x00bbed11
                                                                                                                                                                                                                                                        0x00bbed18
                                                                                                                                                                                                                                                        0x00bbed1a
                                                                                                                                                                                                                                                        0x00bbed25
                                                                                                                                                                                                                                                        0x00bbed2a
                                                                                                                                                                                                                                                        0x00bbed31
                                                                                                                                                                                                                                                        0x00bbed31
                                                                                                                                                                                                                                                        0x00bbed36
                                                                                                                                                                                                                                                        0x00bbed41
                                                                                                                                                                                                                                                        0x00bbed4f

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlDuplicateUnicodeString.NTDLL(00000001,?,?), ref: 00BBEC35
                                                                                                                                                                                                                                                        • RtlQueryPerformanceCounter.NTDLL(?), ref: 00BBEC82
                                                                                                                                                                                                                                                        • RtlRunOnceExecuteOnce.NTDLL ref: 00BBEC95
                                                                                                                                                                                                                                                        • LdrLoadDll.NTDLL(?,?,?,?), ref: 00BBED07
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Once$CounterDuplicateExecuteLoadPerformanceQueryStringUnicode
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3243569299-0
                                                                                                                                                                                                                                                        • Opcode ID: 922ba4e99315488b1d7334ba5b360882d259e37f5ffe3e0a8535932dd8443cd3
                                                                                                                                                                                                                                                        • Instruction ID: e83e66234656ec1ee5cae9995d1559f02a98c4255d57625e65268bf5f5e1eea2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 922ba4e99315488b1d7334ba5b360882d259e37f5ffe3e0a8535932dd8443cd3
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4A515BB1604240DFD724DF14D984BAA7BF4EB88714F00489CF95A9B7A1CBB9E944CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                                                                                                                        			E00BE3790() {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				long _t16;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t18 = 1;
                                                                                                                                                                                                                                                        				_v12 = _t9 ^ _t24;
                                                                                                                                                                                                                                                        				_t11 =  *0xbfb68c; // 0x830000
                                                                                                                                                                                                                                                        				if(_t11 == 0) {
                                                                                                                                                                                                                                                        					_v16 = 0;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_t11 = NtMapViewOfSection( *0xbfb618, 0xffffffff,  &_v16, 0, 0, 0,  &_v20, 2, 0, 4); // executed
                                                                                                                                                                                                                                                        					_t18 = 0;
                                                                                                                                                                                                                                                        					if(_t11 >= 0 && _v16 != 0) {
                                                                                                                                                                                                                                                        						asm("lock cmpxchg [0xbfb68c], ecx");
                                                                                                                                                                                                                                                        						if(0 != 0) {
                                                                                                                                                                                                                                                        							NtUnmapViewOfSection(0xffffffff, _v16);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t16 =  *0xbfb68c; // 0x830000
                                                                                                                                                                                                                                                        						_t18 = 1;
                                                                                                                                                                                                                                                        						_t11 = _t16 +  *0xbfb680;
                                                                                                                                                                                                                                                        						 *0xbfb688 = _t16 +  *0xbfb680;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t11, _v12 ^ _t24, _t23);
                                                                                                                                                                                                                                                        				return _t18;
                                                                                                                                                                                                                                                        			}











                                                                                                                                                                                                                                                        0x00be3797
                                                                                                                                                                                                                                                        0x00be379c
                                                                                                                                                                                                                                                        0x00be37a0
                                                                                                                                                                                                                                                        0x00be37a3
                                                                                                                                                                                                                                                        0x00be37aa
                                                                                                                                                                                                                                                        0x00be37be
                                                                                                                                                                                                                                                        0x00be37c5
                                                                                                                                                                                                                                                        0x00be37e8
                                                                                                                                                                                                                                                        0x00be37ee
                                                                                                                                                                                                                                                        0x00be37f2
                                                                                                                                                                                                                                                        0x00be37fd
                                                                                                                                                                                                                                                        0x00be3805
                                                                                                                                                                                                                                                        0x00be380c
                                                                                                                                                                                                                                                        0x00be380c
                                                                                                                                                                                                                                                        0x00be3812
                                                                                                                                                                                                                                                        0x00be3817
                                                                                                                                                                                                                                                        0x00be3819
                                                                                                                                                                                                                                                        0x00be381f
                                                                                                                                                                                                                                                        0x00be381f
                                                                                                                                                                                                                                                        0x00be37f2
                                                                                                                                                                                                                                                        0x00be37b1
                                                                                                                                                                                                                                                        0x00be37bd

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(000000FF,00000000,00000000,00000000,00000000,00000000,00000002,00000000,00000004), ref: 00BE37E8
                                                                                                                                                                                                                                                        • NtUnmapViewOfSection.NTDLL(000000FF,00000000), ref: 00BE380C
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: SectionView$Unmap
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3425566364-0
                                                                                                                                                                                                                                                        • Opcode ID: 2f1329a052a0403d95c9142f10f10d12de93695bbeb2065af1be9a1f90186f4e
                                                                                                                                                                                                                                                        • Instruction ID: 0d70911565c646acc9a62974e828d55d40a270c6ec0ca700ee34e439ad0af89b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2f1329a052a0403d95c9142f10f10d12de93695bbeb2065af1be9a1f90186f4e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E6111BB4A40209BBDB148F66EC45F6AB7E4EB04B10F104268E521D77D0DB70A904DB54
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 438 bb2000-bb201e 439 bb243b-bb2441 438->439 440 bb2024-bb2031 strrchr 438->440 441 bb2383-bb2399 call beecb0 439->441 442 bb2037-bb206c malloc memcpy 440->442 443 bb2446-bb244f 440->443 445 bb239a-bb23c8 442->445 446 bb2072-bb2076 442->446 443->441 450 bb23d7-bb23de 445->450 448 bb2080-bb2091 446->448 448->448 449 bb2093-bb2095 448->449 449->445 451 bb209b-bb20a3 449->451 452 bb23e0-bb23ec 450->452 453 bb2415-bb241f fclose 450->453 454 bb2425-bb2430 451->454 455 bb20a9-bb210e memcpy getenv 451->455 456 bb23f2-bb2406 FreeLibrary 452->456 453->454 457 bb2379-bb2380 free 454->457 458 bb2436 454->458 459 bb2454-bb246e strlen 455->459 460 bb2114-bb2147 MultiByteToWideChar _wfopen 455->460 461 bb2408-bb2413 free 456->461 462 bb23ee-bb23f0 456->462 457->441 458->441 464 bb247e-bb2483 459->464 460->454 463 bb214d-bb2176 fgets 460->463 461->462 462->453 462->456 465 bb232a-bb2348 fclose GetProcAddress 463->465 466 bb217c-bb218a 463->466 469 bb2489-bb2493 464->469 467 bb249e-bb24a1 465->467 468 bb234e-bb235e 465->468 470 bb2190-bb219d strlen 466->470 476 bb2361-bb2377 468->476 471 bb2499 469->471 472 bb21d4-bb21d9 469->472 473 bb225c-bb2270 fgets 470->473 474 bb21a3-bb21aa 470->474 471->473 477 bb21db 472->477 478 bb21e3-bb21ef 472->478 473->470 479 bb2276 473->479 474->473 475 bb21b0-bb21be 474->475 475->469 480 bb21c4-bb21ce 475->480 476->441 476->457 477->478 478->453 481 bb21f5-bb222a strcpy MultiByteToWideChar 478->481 479->465 480->472 482 bb2286-bb2309 memset VerSetConditionMask * 4 VerifyVersionInfoA 480->482 483 bb227b-bb2284 call bb1d50 481->483 484 bb222c-bb2239 LoadLibraryExW 481->484 482->464 487 bb230f-bb231f 482->487 483->484 484->450 485 bb223f-bb225a moz_xmalloc 484->485 485->473 487->477 489 bb2325 487->489 489->478
                                                                                                                                                                                                                                                        C-Code - Quality: 69%
                                                                                                                                                                                                                                                        			E00BB2000(void* __edx, long* _a4, void* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA _v540;
                                                                                                                                                                                                                                                        				intOrPtr _v785;
                                                                                                                                                                                                                                                        				intOrPtr _v788;
                                                                                                                                                                                                                                                        				intOrPtr _v792;
                                                                                                                                                                                                                                                        				intOrPtr _v796;
                                                                                                                                                                                                                                                        				void _v800;
                                                                                                                                                                                                                                                        				char _v1060;
                                                                                                                                                                                                                                                        				void* _v1064;
                                                                                                                                                                                                                                                        				char* _v1068;
                                                                                                                                                                                                                                                        				intOrPtr _v1072;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				char* _t85;
                                                                                                                                                                                                                                                        				char* _t86;
                                                                                                                                                                                                                                                        				int _t88;
                                                                                                                                                                                                                                                        				char* _t91;
                                                                                                                                                                                                                                                        				struct HINSTANCE__** _t93;
                                                                                                                                                                                                                                                        				int _t96;
                                                                                                                                                                                                                                                        				char* _t97;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t102;
                                                                                                                                                                                                                                                        				struct HINSTANCE__** _t103;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				longlong _t107;
                                                                                                                                                                                                                                                        				char* _t117;
                                                                                                                                                                                                                                                        				intOrPtr _t124;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				void* _t126;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				void* _t129;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t131;
                                                                                                                                                                                                                                                        				long* _t132;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				short* _t135;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t136;
                                                                                                                                                                                                                                                        				int _t137;
                                                                                                                                                                                                                                                        				WCHAR* _t139;
                                                                                                                                                                                                                                                        				void* _t142;
                                                                                                                                                                                                                                                        				int _t144;
                                                                                                                                                                                                                                                        				signed int _t145;
                                                                                                                                                                                                                                                        				void* _t146;
                                                                                                                                                                                                                                                        				void* _t147;
                                                                                                                                                                                                                                                        				void* _t149;
                                                                                                                                                                                                                                                        				void* _t150;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				void* _t153;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t128 = __edx;
                                                                                                                                                                                                                                                        				_t77 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t129 = _a8;
                                                                                                                                                                                                                                                        				_t132 = _a4;
                                                                                                                                                                                                                                                        				_t78 = _t77 ^ _t145;
                                                                                                                                                                                                                                                        				_v20 = _t77 ^ _t145;
                                                                                                                                                                                                                                                        				if(_t129 == 0) {
                                                                                                                                                                                                                                                        					 *_t132 = 0;
                                                                                                                                                                                                                                                        					L32:
                                                                                                                                                                                                                                                        					E00BEECB0(_t78, _v20 ^ _t145, _t128);
                                                                                                                                                                                                                                                        					return _t132;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t78 = strrchr(_t129, 0x5c);
                                                                                                                                                                                                                                                        				_t147 = _t146 + 8;
                                                                                                                                                                                                                                                        				if(_t78 == 0) {
                                                                                                                                                                                                                                                        					_t132 = _a4;
                                                                                                                                                                                                                                                        					 *_t132 = 0;
                                                                                                                                                                                                                                                        					goto L32;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t134 = _t78 - _t129;
                                                                                                                                                                                                                                                        				_t4 = _t134 + 9; // 0x9
                                                                                                                                                                                                                                                        				_t5 = _t134 + 1; // 0x1
                                                                                                                                                                                                                                                        				_t82 = malloc(_t4); // executed
                                                                                                                                                                                                                                                        				_t130 = _t82;
                                                                                                                                                                                                                                                        				memcpy(_t82, _t129, _t5);
                                                                                                                                                                                                                                                        				_t149 = _t147 + 0x10;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t130 + _t134 + 5)) = 0x6c6c64;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t130 + _t134 + 1)) = 0x2e6c7578;
                                                                                                                                                                                                                                                        				_t84 =  *_t130;
                                                                                                                                                                                                                                                        				if( *_t130 == 0) {
                                                                                                                                                                                                                                                        					L33:
                                                                                                                                                                                                                                                        					_t85 =  &_v800;
                                                                                                                                                                                                                                                        					_v785 = 0x747369;
                                                                                                                                                                                                                                                        					_v788 = 0x696c2e73;
                                                                                                                                                                                                                                                        					_v792 = 0x62696c74;
                                                                                                                                                                                                                                                        					_v796 = 0x6e65646e;
                                                                                                                                                                                                                                                        					_v800 = 0x65706564;
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					_v1068 = _t85;
                                                                                                                                                                                                                                                        					_t86 = getenv("MOZ_RUN_GTEST");
                                                                                                                                                                                                                                                        					_t150 = _t149 + 4;
                                                                                                                                                                                                                                                        					if(_t86 != 0) {
                                                                                                                                                                                                                                                        						_t69 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        						_t88 = strlen(_t69);
                                                                                                                                                                                                                                                        						_t150 = _t150 + 4;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t145 + _t88 - 0x31c)) = 0x6574672e;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t145 + _t88 - 0x319)) = 0x747365;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t25 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        					_t135 =  &_v540;
                                                                                                                                                                                                                                                        					_t78 = MultiByteToWideChar(0xfde9, 0, _t25, 0xffffffff, _t135, 0x104);
                                                                                                                                                                                                                                                        					__imp___wfopen(_t135, 0xbf412a); // executed
                                                                                                                                                                                                                                                        					_t149 = _t150 + 8;
                                                                                                                                                                                                                                                        					if(_t78 == 0) {
                                                                                                                                                                                                                                                        						L40:
                                                                                                                                                                                                                                                        						_t132 = _a4;
                                                                                                                                                                                                                                                        						 *_t132 = 0;
                                                                                                                                                                                                                                                        						if(_t130 != 0) {
                                                                                                                                                                                                                                                        							goto L31;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t136 = _t78;
                                                                                                                                                                                                                                                        						_t117 =  &_v1060;
                                                                                                                                                                                                                                                        						_v1064 = _t130;
                                                                                                                                                                                                                                                        						 *_v1068 = 0;
                                                                                                                                                                                                                                                        						_t91 = fgets(_t117, 0x104, _t136); // executed
                                                                                                                                                                                                                                                        						_t152 = _t149 + 0xc;
                                                                                                                                                                                                                                                        						if(_t91 == 0) {
                                                                                                                                                                                                                                                        							L28:
                                                                                                                                                                                                                                                        							fclose(_t136); // executed
                                                                                                                                                                                                                                                        							_t149 = _t152 + 4;
                                                                                                                                                                                                                                                        							_t93 =  *0xbfa75c; // 0x4d0a0a0
                                                                                                                                                                                                                                                        							_t78 = GetProcAddress( *_t93, "XRE_GetBootstrap");
                                                                                                                                                                                                                                                        							if(_t78 == 0) {
                                                                                                                                                                                                                                                        								_t132 = _a4;
                                                                                                                                                                                                                                                        								 *_t132 = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v540.dwOSVersionInfoSize = 0;
                                                                                                                                                                                                                                                        								 *_t78( &_v540); // executed
                                                                                                                                                                                                                                                        								_t149 = _t149 + 4;
                                                                                                                                                                                                                                                        								_t132 = _a4;
                                                                                                                                                                                                                                                        								_t78 = _v540.dwOSVersionInfoSize;
                                                                                                                                                                                                                                                        								 *_t132 = _v540.dwOSVersionInfoSize;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t130 = _v1064;
                                                                                                                                                                                                                                                        							if(_t130 != 0) {
                                                                                                                                                                                                                                                        								L31:
                                                                                                                                                                                                                                                        								free(_t130);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L32;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t31 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        						_v1072 = _v1068 - _t31;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t131 = _t136;
                                                                                                                                                                                                                                                        							_t96 = strlen(_t117);
                                                                                                                                                                                                                                                        							_t153 = _t152 + 4;
                                                                                                                                                                                                                                                        							if(_t96 != 0 && _v1060 != 0x23) {
                                                                                                                                                                                                                                                        								_t124 =  *0xbfa760; // 0xa000000
                                                                                                                                                                                                                                                        								_t137 = _t96;
                                                                                                                                                                                                                                                        								if(_t124 > 0x9ffffff) {
                                                                                                                                                                                                                                                        									L46:
                                                                                                                                                                                                                                                        									if(_v1060 != 0x2d697061) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										if( *((char*)(_t137 + _t117 - 1)) != 0xa) {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											if(_t137 + _v1072 > 0x104) {
                                                                                                                                                                                                                                                        												L39:
                                                                                                                                                                                                                                                        												_t78 = fclose(_t131);
                                                                                                                                                                                                                                                        												_t149 = _t153 + 4;
                                                                                                                                                                                                                                                        												_t130 = _v1064;
                                                                                                                                                                                                                                                        												goto L40;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											strcpy(_v1068, _t117);
                                                                                                                                                                                                                                                        											_t153 = _t153 + 8;
                                                                                                                                                                                                                                                        											_t139 =  &_v540;
                                                                                                                                                                                                                                                        											_t41 =  &_v800; // 0x7065645c
                                                                                                                                                                                                                                                        											MultiByteToWideChar(0xfde9, 0, _t41, 0xffffffff, _t139, 0x104);
                                                                                                                                                                                                                                                        											if(_a12 == 1) {
                                                                                                                                                                                                                                                        												E00BB1D50(_t117, _t128, _t131, _t139);
                                                                                                                                                                                                                                                        												_t153 = _t153 + 4;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t102 = LoadLibraryExW(_t139, 0, 8); // executed
                                                                                                                                                                                                                                                        											if(_t102 == 0) {
                                                                                                                                                                                                                                                        												_t103 =  *0xbfa75c; // 0x4d0a0a0
                                                                                                                                                                                                                                                        												if(_t103 == 0) {
                                                                                                                                                                                                                                                        													goto L39;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													FreeLibrary( *_t103);
                                                                                                                                                                                                                                                        													_t125 =  *0xbfa75c; // 0x4d0a0a0
                                                                                                                                                                                                                                                        													_t65 = _t125 + 4; // 0x4d0a098
                                                                                                                                                                                                                                                        													_t103 =  *_t65;
                                                                                                                                                                                                                                                        													 *0xbfa75c = _t103;
                                                                                                                                                                                                                                                        													if(_t125 != 0) {
                                                                                                                                                                                                                                                        														free(_t125);
                                                                                                                                                                                                                                                        														_t153 = _t153 + 4;
                                                                                                                                                                                                                                                        														_t103 =  *0xbfa75c; // 0x4d0a0a0
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} while (_t103 != 0);
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__imp__moz_xmalloc(8);
                                                                                                                                                                                                                                                        												_t153 = _t153 + 4;
                                                                                                                                                                                                                                                        												_t126 =  *0xbfa75c; // 0x4d0a0a0
                                                                                                                                                                                                                                                        												 *0xbfa75c = _t102;
                                                                                                                                                                                                                                                        												 *(_t102 + 4) = _t126;
                                                                                                                                                                                                                                                        												_t102->i = _t102;
                                                                                                                                                                                                                                                        												goto L22;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										 *((char*)(_t145 + _t137 - 0x421)) = 0;
                                                                                                                                                                                                                                                        										goto L18;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L22;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t105 =  *0xbfa038; // 0xffffffff
                                                                                                                                                                                                                                                        								if(_t105 >= 0xa000001) {
                                                                                                                                                                                                                                                        									_t107 = memset( &(_v540.dwBuildNumber), 0, 0x90);
                                                                                                                                                                                                                                                        									_t153 = _t153 + 0xc;
                                                                                                                                                                                                                                                        									_v540.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        									_v540.dwMajorVersion = 0xa;
                                                                                                                                                                                                                                                        									_v540.dwMinorVersion = 0;
                                                                                                                                                                                                                                                        									_v540.wServicePackMajor = 0;
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(0, 0, 2, 3);
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(_t107, _t128, 1, 3);
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(_t107, _t128, 0x20, 3);
                                                                                                                                                                                                                                                        									__imp__VerSetConditionMask(_t107, _t128, 0x10, 3);
                                                                                                                                                                                                                                                        									_push(_t128);
                                                                                                                                                                                                                                                        									if(VerifyVersionInfoA( &_v540, 0x33, _t107) != 0) {
                                                                                                                                                                                                                                                        										 *0xbfa760 = 0xa000000;
                                                                                                                                                                                                                                                        										goto L46;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *0xbfa038 = 0xa000000;
                                                                                                                                                                                                                                                        									if( *((char*)(_t137 + _t117 - 1)) == 0xa) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L16;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							_t136 = _t131;
                                                                                                                                                                                                                                                        							_t97 = fgets(_t117, 0x104, _t131); // executed
                                                                                                                                                                                                                                                        							_t152 = _t153 + 0xc;
                                                                                                                                                                                                                                                        						} while (_t97 != 0);
                                                                                                                                                                                                                                                        						goto L28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t142 = 0;
                                                                                                                                                                                                                                                        				_t127 = _t130;
                                                                                                                                                                                                                                                        				asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        				do {
                                                                                                                                                                                                                                                        					_t143 =  ==  ? _t127 : _t142;
                                                                                                                                                                                                                                                        					_t84 =  *(_t127 + 1) & 0x000000ff;
                                                                                                                                                                                                                                                        					_t142 =  ==  ? _t127 :  ==  ? _t127 : _t142;
                                                                                                                                                                                                                                                        					_t127 = _t127 + 1;
                                                                                                                                                                                                                                                        				} while (_t84 != 0);
                                                                                                                                                                                                                                                        				if(_t142 == 0) {
                                                                                                                                                                                                                                                        					goto L33;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t144 = _t142 - _t130;
                                                                                                                                                                                                                                                        				if(_t144 > 0xf0) {
                                                                                                                                                                                                                                                        					goto L40;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				memcpy( &_v800, _t130, _t144);
                                                                                                                                                                                                                                                        				_t149 = _t149 + 0xc;
                                                                                                                                                                                                                                                        				_t85 = _t145 + _t144 - 0x31b;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t145 + _t144 - 0x31c)) = 0x7065645c;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t145 + _t144 - 0x318)) = 0x65646e65;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t145 + _t144 - 0x314)) = 0x696c746e;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t145 + _t144 - 0x310)) = 0x6c2e7362;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t145 + _t144 - 0x30c)) = 0x747369;
                                                                                                                                                                                                                                                        				goto L8;
                                                                                                                                                                                                                                                        			}





















































                                                                                                                                                                                                                                                        0x00bb2000
                                                                                                                                                                                                                                                        0x00bb200c
                                                                                                                                                                                                                                                        0x00bb2011
                                                                                                                                                                                                                                                        0x00bb2014
                                                                                                                                                                                                                                                        0x00bb2017
                                                                                                                                                                                                                                                        0x00bb201b
                                                                                                                                                                                                                                                        0x00bb201e
                                                                                                                                                                                                                                                        0x00bb243b
                                                                                                                                                                                                                                                        0x00bb2383
                                                                                                                                                                                                                                                        0x00bb2388
                                                                                                                                                                                                                                                        0x00bb2399
                                                                                                                                                                                                                                                        0x00bb2399
                                                                                                                                                                                                                                                        0x00bb2027
                                                                                                                                                                                                                                                        0x00bb202c
                                                                                                                                                                                                                                                        0x00bb2031
                                                                                                                                                                                                                                                        0x00bb2446
                                                                                                                                                                                                                                                        0x00bb2449
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2449
                                                                                                                                                                                                                                                        0x00bb2039
                                                                                                                                                                                                                                                        0x00bb203b
                                                                                                                                                                                                                                                        0x00bb203e
                                                                                                                                                                                                                                                        0x00bb2042
                                                                                                                                                                                                                                                        0x00bb204d
                                                                                                                                                                                                                                                        0x00bb2050
                                                                                                                                                                                                                                                        0x00bb2055
                                                                                                                                                                                                                                                        0x00bb2058
                                                                                                                                                                                                                                                        0x00bb2060
                                                                                                                                                                                                                                                        0x00bb2068
                                                                                                                                                                                                                                                        0x00bb206c
                                                                                                                                                                                                                                                        0x00bb239a
                                                                                                                                                                                                                                                        0x00bb239a
                                                                                                                                                                                                                                                        0x00bb23a0
                                                                                                                                                                                                                                                        0x00bb23aa
                                                                                                                                                                                                                                                        0x00bb23b4
                                                                                                                                                                                                                                                        0x00bb23be
                                                                                                                                                                                                                                                        0x00bb23c8
                                                                                                                                                                                                                                                        0x00bb20f8
                                                                                                                                                                                                                                                        0x00bb20f8
                                                                                                                                                                                                                                                        0x00bb2103
                                                                                                                                                                                                                                                        0x00bb2109
                                                                                                                                                                                                                                                        0x00bb210e
                                                                                                                                                                                                                                                        0x00bb2454
                                                                                                                                                                                                                                                        0x00bb245b
                                                                                                                                                                                                                                                        0x00bb2460
                                                                                                                                                                                                                                                        0x00bb2463
                                                                                                                                                                                                                                                        0x00bb246e
                                                                                                                                                                                                                                                        0x00bb246e
                                                                                                                                                                                                                                                        0x00bb2114
                                                                                                                                                                                                                                                        0x00bb211a
                                                                                                                                                                                                                                                        0x00bb2130
                                                                                                                                                                                                                                                        0x00bb213c
                                                                                                                                                                                                                                                        0x00bb2142
                                                                                                                                                                                                                                                        0x00bb2147
                                                                                                                                                                                                                                                        0x00bb2425
                                                                                                                                                                                                                                                        0x00bb2425
                                                                                                                                                                                                                                                        0x00bb2428
                                                                                                                                                                                                                                                        0x00bb2430
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb214d
                                                                                                                                                                                                                                                        0x00bb214d
                                                                                                                                                                                                                                                        0x00bb2155
                                                                                                                                                                                                                                                        0x00bb215b
                                                                                                                                                                                                                                                        0x00bb2161
                                                                                                                                                                                                                                                        0x00bb216b
                                                                                                                                                                                                                                                        0x00bb2171
                                                                                                                                                                                                                                                        0x00bb2176
                                                                                                                                                                                                                                                        0x00bb232a
                                                                                                                                                                                                                                                        0x00bb232b
                                                                                                                                                                                                                                                        0x00bb2331
                                                                                                                                                                                                                                                        0x00bb2334
                                                                                                                                                                                                                                                        0x00bb2340
                                                                                                                                                                                                                                                        0x00bb2348
                                                                                                                                                                                                                                                        0x00bb249e
                                                                                                                                                                                                                                                        0x00bb24a1
                                                                                                                                                                                                                                                        0x00bb234e
                                                                                                                                                                                                                                                        0x00bb2354
                                                                                                                                                                                                                                                        0x00bb235f
                                                                                                                                                                                                                                                        0x00bb2361
                                                                                                                                                                                                                                                        0x00bb2364
                                                                                                                                                                                                                                                        0x00bb2367
                                                                                                                                                                                                                                                        0x00bb236d
                                                                                                                                                                                                                                                        0x00bb236d
                                                                                                                                                                                                                                                        0x00bb236f
                                                                                                                                                                                                                                                        0x00bb2377
                                                                                                                                                                                                                                                        0x00bb2379
                                                                                                                                                                                                                                                        0x00bb237a
                                                                                                                                                                                                                                                        0x00bb2380
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2377
                                                                                                                                                                                                                                                        0x00bb2182
                                                                                                                                                                                                                                                        0x00bb218a
                                                                                                                                                                                                                                                        0x00bb2190
                                                                                                                                                                                                                                                        0x00bb2190
                                                                                                                                                                                                                                                        0x00bb2193
                                                                                                                                                                                                                                                        0x00bb2198
                                                                                                                                                                                                                                                        0x00bb219d
                                                                                                                                                                                                                                                        0x00bb21b0
                                                                                                                                                                                                                                                        0x00bb21b6
                                                                                                                                                                                                                                                        0x00bb21be
                                                                                                                                                                                                                                                        0x00bb2489
                                                                                                                                                                                                                                                        0x00bb2493
                                                                                                                                                                                                                                                        0x00bb21d4
                                                                                                                                                                                                                                                        0x00bb21d9
                                                                                                                                                                                                                                                        0x00bb21e3
                                                                                                                                                                                                                                                        0x00bb21ef
                                                                                                                                                                                                                                                        0x00bb2415
                                                                                                                                                                                                                                                        0x00bb2416
                                                                                                                                                                                                                                                        0x00bb241c
                                                                                                                                                                                                                                                        0x00bb241f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb241f
                                                                                                                                                                                                                                                        0x00bb21fc
                                                                                                                                                                                                                                                        0x00bb2201
                                                                                                                                                                                                                                                        0x00bb2209
                                                                                                                                                                                                                                                        0x00bb2212
                                                                                                                                                                                                                                                        0x00bb2220
                                                                                                                                                                                                                                                        0x00bb222a
                                                                                                                                                                                                                                                        0x00bb227c
                                                                                                                                                                                                                                                        0x00bb2281
                                                                                                                                                                                                                                                        0x00bb2281
                                                                                                                                                                                                                                                        0x00bb2231
                                                                                                                                                                                                                                                        0x00bb2239
                                                                                                                                                                                                                                                        0x00bb23d7
                                                                                                                                                                                                                                                        0x00bb23de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb23f2
                                                                                                                                                                                                                                                        0x00bb23f4
                                                                                                                                                                                                                                                        0x00bb23f6
                                                                                                                                                                                                                                                        0x00bb23fc
                                                                                                                                                                                                                                                        0x00bb23fc
                                                                                                                                                                                                                                                        0x00bb2401
                                                                                                                                                                                                                                                        0x00bb2406
                                                                                                                                                                                                                                                        0x00bb2409
                                                                                                                                                                                                                                                        0x00bb240b
                                                                                                                                                                                                                                                        0x00bb240e
                                                                                                                                                                                                                                                        0x00bb240e
                                                                                                                                                                                                                                                        0x00bb23ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb223f
                                                                                                                                                                                                                                                        0x00bb2243
                                                                                                                                                                                                                                                        0x00bb2249
                                                                                                                                                                                                                                                        0x00bb224c
                                                                                                                                                                                                                                                        0x00bb2252
                                                                                                                                                                                                                                                        0x00bb2257
                                                                                                                                                                                                                                                        0x00bb225a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb225a
                                                                                                                                                                                                                                                        0x00bb2239
                                                                                                                                                                                                                                                        0x00bb21db
                                                                                                                                                                                                                                                        0x00bb21db
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb21db
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2499
                                                                                                                                                                                                                                                        0x00bb21c4
                                                                                                                                                                                                                                                        0x00bb21ce
                                                                                                                                                                                                                                                        0x00bb2294
                                                                                                                                                                                                                                                        0x00bb2299
                                                                                                                                                                                                                                                        0x00bb229c
                                                                                                                                                                                                                                                        0x00bb22a6
                                                                                                                                                                                                                                                        0x00bb22b0
                                                                                                                                                                                                                                                        0x00bb22ba
                                                                                                                                                                                                                                                        0x00bb22cc
                                                                                                                                                                                                                                                        0x00bb22d8
                                                                                                                                                                                                                                                        0x00bb22e4
                                                                                                                                                                                                                                                        0x00bb22f0
                                                                                                                                                                                                                                                        0x00bb22f6
                                                                                                                                                                                                                                                        0x00bb2309
                                                                                                                                                                                                                                                        0x00bb2483
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2483
                                                                                                                                                                                                                                                        0x00bb2314
                                                                                                                                                                                                                                                        0x00bb231f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2325
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb21ce
                                                                                                                                                                                                                                                        0x00bb225c
                                                                                                                                                                                                                                                        0x00bb225c
                                                                                                                                                                                                                                                        0x00bb2265
                                                                                                                                                                                                                                                        0x00bb226b
                                                                                                                                                                                                                                                        0x00bb226e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2276
                                                                                                                                                                                                                                                        0x00bb2147
                                                                                                                                                                                                                                                        0x00bb2072
                                                                                                                                                                                                                                                        0x00bb2074
                                                                                                                                                                                                                                                        0x00bb2076
                                                                                                                                                                                                                                                        0x00bb2080
                                                                                                                                                                                                                                                        0x00bb2082
                                                                                                                                                                                                                                                        0x00bb2087
                                                                                                                                                                                                                                                        0x00bb208b
                                                                                                                                                                                                                                                        0x00bb208e
                                                                                                                                                                                                                                                        0x00bb208f
                                                                                                                                                                                                                                                        0x00bb2095
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb209b
                                                                                                                                                                                                                                                        0x00bb20a3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb20b2
                                                                                                                                                                                                                                                        0x00bb20b7
                                                                                                                                                                                                                                                        0x00bb20ba
                                                                                                                                                                                                                                                        0x00bb20c1
                                                                                                                                                                                                                                                        0x00bb20cc
                                                                                                                                                                                                                                                        0x00bb20d7
                                                                                                                                                                                                                                                        0x00bb20e2
                                                                                                                                                                                                                                                        0x00bb20ed
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • strrchr.VCRUNTIME140(?,0000005C), ref: 00BB2027
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000009), ref: 00BB2042
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000001), ref: 00BB2050
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,00000000), ref: 00BB20B2
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_RUN_GTEST), ref: 00BB2103
                                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,\dependentlibs.list,000000FF,?,00000104), ref: 00BB2130
                                                                                                                                                                                                                                                        • _wfopen.API-MS-WIN-CRT-STDIO-L1-1-0(?,00BF412A), ref: 00BB213C
                                                                                                                                                                                                                                                        • fgets.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000104,00000000), ref: 00BB216B
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB2193
                                                                                                                                                                                                                                                        • strcpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 00BB21FC
                                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,\dependentlibs.list,000000FF,?,00000104), ref: 00BB2220
                                                                                                                                                                                                                                                        • LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 00BB2231
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000008), ref: 00BB2243
                                                                                                                                                                                                                                                        • fgets.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000104,00000000), ref: 00BB2265
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB2294
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BB22CC
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BB22D8
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BB22E4
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BB22F0
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000033,00000000), ref: 00BB2301
                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 00BB232B
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(04D0A0A0,XRE_GetBootstrap), ref: 00BB2340
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB237A
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(04D0A0A0), ref: 00BB23F4
                                                                                                                                                                                                                                                        • free.MOZGLUE(04D0A0A0), ref: 00BB2409
                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 00BB2416
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(\dependentlibs.list), ref: 00BB245B
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • rrayEvery); /** * Creates a function that checks if **any** of the `predicates` return * truthy when invoked with the arguments it receives. * * @static * @memberOf _ * @since 4.0.0 * @category Util * @param {...(Fu, xrefs: 00BB230F, 00BB247E
                                                                                                                                                                                                                                                        • MOZ_RUN_GTEST, xrefs: 00BB20FE
                                                                                                                                                                                                                                                        • XRE_GetBootstrap, xrefs: 00BB2339
                                                                                                                                                                                                                                                        • xul., xrefs: 00BB2060
                                                                                                                                                                                                                                                        • api-, xrefs: 00BB2489
                                                                                                                                                                                                                                                        • dll, xrefs: 00BB2058
                                                                                                                                                                                                                                                        • \dependentlibs.list, xrefs: 00BB2114, 00BB2128
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ConditionMask$ByteCharLibraryMultiWidefclosefgetsfreememcpystrlen$AddressFreeInfoLoadProcVerifyVersion_wfopengetenvmallocmemsetmoz_xmallocstrcpystrrchr
                                                                                                                                                                                                                                                        • String ID: MOZ_RUN_GTEST$XRE_GetBootstrap$\dependentlibs.list$api-$dll$rrayEvery); /** * Creates a function that checks if **any** of the `predicates` return * truthy when invoked with the arguments it receives. * * @static * @memberOf _ * @since 4.0.0 * @category Util * @param {...(Fu$xul.
                                                                                                                                                                                                                                                        • API String ID: 197452271-583502617
                                                                                                                                                                                                                                                        • Opcode ID: 2f3b4816fcc099731af776f79d9c9accfd05115fe465eeddbe32833789cb3932
                                                                                                                                                                                                                                                        • Instruction ID: 4cc96221f1adaa7e6bc1b704483aa84190db70ac2e8d79af2d2792cb525aac52
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2f3b4816fcc099731af776f79d9c9accfd05115fe465eeddbe32833789cb3932
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BAC192B1A403199FDB219F24DC45BFA7BF8EB04704F0441E8E909AB291DBB49E85CF95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 734 bb1000-bb1027 GetEnvironmentVariableW 735 bb1029-bb102d 734->735 736 bb10a8-bb10c1 SetDllDirectoryW call bb3dd0 734->736 738 bb11f9 735->738 739 bb1033-bb1051 moz_xmalloc GetEnvironmentVariableW 735->739 740 bb10c6-bb10cd 736->740 745 bb1203 738->745 741 bb109b-bb10a5 free 739->741 742 bb1053-bb1060 ExpandEnvironmentStringsW 739->742 743 bb10d3-bb10de 740->743 744 bb11f4-bb11f7 740->744 741->736 742->741 746 bb1062-bb1066 742->746 748 bb120d 743->748 749 bb10e4-bb10f5 moz_xmalloc 743->749 750 bb11e0-bb11f3 call beecb0 744->750 745->748 746->745 747 bb106c-bb1083 moz_xmalloc ExpandEnvironmentStringsW 746->747 751 bb1091-bb1098 free 747->751 752 bb1085-bb108b SetEnvironmentVariableW 747->752 756 bb1217-bb121c 748->756 754 bb1152-bb1163 749->754 755 bb10f7-bb10fc 749->755 751->741 752->751 754->756 759 bb1169-bb117a moz_xmalloc 754->759 758 bb1100-bb1150 wcslen moz_xmalloc WideCharToMultiByte 755->758 756->759 758->754 758->758 760 bb118a-bb1197 __p__environ call bb1230 759->760 761 bb117c-bb1187 memcpy 759->761 763 bb119c-bb11b1 free 760->763 761->760 764 bb11d3-bb11dd free 763->764 765 bb11b3-bb11b9 763->765 764->750 766 bb11c0-bb11c7 765->766 767 bb11c9-bb11cc free 766->767 768 bb11cf-bb11d1 766->768 767->768 768->764 768->766
                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BB1000(signed int _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				short* _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				long _t48;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				wchar_t* _t61;
                                                                                                                                                                                                                                                        				int _t62;
                                                                                                                                                                                                                                                        				char* _t63;
                                                                                                                                                                                                                                                        				WCHAR* _t66;
                                                                                                                                                                                                                                                        				long _t68;
                                                                                                                                                                                                                                                        				WCHAR* _t69;
                                                                                                                                                                                                                                                        				long _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t72;
                                                                                                                                                                                                                                                        				char* _t74;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				long _t90;
                                                                                                                                                                                                                                                        				long _t91;
                                                                                                                                                                                                                                                        				short* _t92;
                                                                                                                                                                                                                                                        				void* _t93;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				void* _t99;
                                                                                                                                                                                                                                                        				void* _t100;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				void* _t107;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t46 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t72 = _a8;
                                                                                                                                                                                                                                                        				_v20 = _t46 ^ _t97;
                                                                                                                                                                                                                                                        				_t48 = GetEnvironmentVariableW(L"PATH", 0, 0);
                                                                                                                                                                                                                                                        				if(_t48 != 0) {
                                                                                                                                                                                                                                                        					_t90 = _t48;
                                                                                                                                                                                                                                                        					_t66 = _t48 + _t90;
                                                                                                                                                                                                                                                        					if(_t66 < 0) {
                                                                                                                                                                                                                                                        						_t66 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t66); // executed
                                                                                                                                                                                                                                                        					_t106 = _t98 + 4;
                                                                                                                                                                                                                                                        					_t96 = _t66;
                                                                                                                                                                                                                                                        					if(_t90 - 1 == GetEnvironmentVariableW(L"PATH", _t66, _t90)) {
                                                                                                                                                                                                                                                        						_t68 = ExpandEnvironmentStringsW(_t96, 0, 0);
                                                                                                                                                                                                                                                        						if(_t68 != 0) {
                                                                                                                                                                                                                                                        							_t91 = _t68;
                                                                                                                                                                                                                                                        							_t69 = _t68 + _t91;
                                                                                                                                                                                                                                                        							if(_t69 < 0) {
                                                                                                                                                                                                                                                        								_t69 = 0xffffffff;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(_t69);
                                                                                                                                                                                                                                                        							_t107 = _t106 + 4;
                                                                                                                                                                                                                                                        							_t77 = _t69;
                                                                                                                                                                                                                                                        							_t70 = ExpandEnvironmentStringsW(_t96, _t69, _t91);
                                                                                                                                                                                                                                                        							_t113 = _t70;
                                                                                                                                                                                                                                                        							if(_t70 != 0) {
                                                                                                                                                                                                                                                        								SetEnvironmentVariableW(L"PATH", _t77);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							free(_t77);
                                                                                                                                                                                                                                                        							_t106 = _t107 + 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					free(_t96);
                                                                                                                                                                                                                                                        					_t98 = _t106 + 4;
                                                                                                                                                                                                                                                        					_t72 = _a8;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__SetDllDirectoryW(0xbf54a2);
                                                                                                                                                                                                                                                        				_t50 = E00BB3DD0(_t113,  &_v28,  &_a4, _t72, 0xbf015c); // executed
                                                                                                                                                                                                                                                        				_t99 = _t98 + 0x10;
                                                                                                                                                                                                                                                        				if(_v24 != 0) {
                                                                                                                                                                                                                                                        					_t92 = _v28;
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t55 = (_a4 + 1) * 4;
                                                                                                                                                                                                                                                        					if(_t55 < 0) {
                                                                                                                                                                                                                                                        						_t55 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t55);
                                                                                                                                                                                                                                                        					_t100 = _t99 + 4;
                                                                                                                                                                                                                                                        					_t87 = _t55;
                                                                                                                                                                                                                                                        					_t56 = _a4;
                                                                                                                                                                                                                                                        					if(_t56 <= 0) {
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						 *(_t87 + _t56 * 4) = 0;
                                                                                                                                                                                                                                                        						_t93 = _t87;
                                                                                                                                                                                                                                                        						_t58 = (_t56 + 1) * 4;
                                                                                                                                                                                                                                                        						if(_t58 < 0) {
                                                                                                                                                                                                                                                        							_t58 = 0xffffffff;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(_t58);
                                                                                                                                                                                                                                                        						_t101 = _t100 + 4;
                                                                                                                                                                                                                                                        						_t88 = _t58;
                                                                                                                                                                                                                                                        						_t59 = _a4;
                                                                                                                                                                                                                                                        						if(_t59 > 0) {
                                                                                                                                                                                                                                                        							_t59 = memcpy(_t88, _t93, _t59 << 2);
                                                                                                                                                                                                                                                        							_t101 = _t101 + 0xc;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__imp____p__environ();
                                                                                                                                                                                                                                                        						_t84 = _t93;
                                                                                                                                                                                                                                                        						_t50 = E00BB1230(_a4, _t93,  *_t59); // executed
                                                                                                                                                                                                                                                        						_v32 = _t50;
                                                                                                                                                                                                                                                        						free(_t93);
                                                                                                                                                                                                                                                        						_t103 = _t101 + 8;
                                                                                                                                                                                                                                                        						_t94 = _a4;
                                                                                                                                                                                                                                                        						if(_t94 == 0) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							free(_t88);
                                                                                                                                                                                                                                                        							_t92 = _v32;
                                                                                                                                                                                                                                                        							L23:
                                                                                                                                                                                                                                                        							E00BEECB0(_t50, _v20 ^ _t97, _t84);
                                                                                                                                                                                                                                                        							return _t92;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								_t50 =  *(_t88 + _t94 * 4 - 4);
                                                                                                                                                                                                                                                        								_t94 = _t94 - 1;
                                                                                                                                                                                                                                                        								if(_t50 != 0) {
                                                                                                                                                                                                                                                        									free(_t50);
                                                                                                                                                                                                                                                        									_t103 = _t103 + 4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} while (_t94 != 0);
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t95 = 0;
                                                                                                                                                                                                                                                        						_v36 = _t87;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t61 =  *(_t72 + _t95 * 4);
                                                                                                                                                                                                                                                        							_v32 = _t61;
                                                                                                                                                                                                                                                        							_t62 = wcslen(_t61);
                                                                                                                                                                                                                                                        							_t89 = _t62;
                                                                                                                                                                                                                                                        							_t63 = _t62 + 2 + _t62 * 2;
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(_t63);
                                                                                                                                                                                                                                                        							_t100 = _t100 + 8;
                                                                                                                                                                                                                                                        							_t74 = _t63;
                                                                                                                                                                                                                                                        							_t21 = _t89 * 2; // 0x1
                                                                                                                                                                                                                                                        							_t87 = _v36;
                                                                                                                                                                                                                                                        							_t74[WideCharToMultiByte(0xfde9, 0, _v32, _t62, _t74, _t62 + _t21 + 1, 0, 0)] = 0;
                                                                                                                                                                                                                                                        							_t56 = _a4;
                                                                                                                                                                                                                                                        							 *(_t87 + _t95 * 4) = _t74;
                                                                                                                                                                                                                                                        							_t72 = _a8;
                                                                                                                                                                                                                                                        							_t95 = _t95 + 1;
                                                                                                                                                                                                                                                        						} while (_t95 < _t56);
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}










































                                                                                                                                                                                                                                                        0x00bb1009
                                                                                                                                                                                                                                                        0x00bb100e
                                                                                                                                                                                                                                                        0x00bb1013
                                                                                                                                                                                                                                                        0x00bb101f
                                                                                                                                                                                                                                                        0x00bb1027
                                                                                                                                                                                                                                                        0x00bb1029
                                                                                                                                                                                                                                                        0x00bb102b
                                                                                                                                                                                                                                                        0x00bb102d
                                                                                                                                                                                                                                                        0x00bb11f9
                                                                                                                                                                                                                                                        0x00bb11f9
                                                                                                                                                                                                                                                        0x00bb1034
                                                                                                                                                                                                                                                        0x00bb103a
                                                                                                                                                                                                                                                        0x00bb103f
                                                                                                                                                                                                                                                        0x00bb1051
                                                                                                                                                                                                                                                        0x00bb1058
                                                                                                                                                                                                                                                        0x00bb1060
                                                                                                                                                                                                                                                        0x00bb1062
                                                                                                                                                                                                                                                        0x00bb1064
                                                                                                                                                                                                                                                        0x00bb1066
                                                                                                                                                                                                                                                        0x00bb1203
                                                                                                                                                                                                                                                        0x00bb1203
                                                                                                                                                                                                                                                        0x00bb106d
                                                                                                                                                                                                                                                        0x00bb1073
                                                                                                                                                                                                                                                        0x00bb1076
                                                                                                                                                                                                                                                        0x00bb107b
                                                                                                                                                                                                                                                        0x00bb1081
                                                                                                                                                                                                                                                        0x00bb1083
                                                                                                                                                                                                                                                        0x00bb108b
                                                                                                                                                                                                                                                        0x00bb108b
                                                                                                                                                                                                                                                        0x00bb1092
                                                                                                                                                                                                                                                        0x00bb1098
                                                                                                                                                                                                                                                        0x00bb1098
                                                                                                                                                                                                                                                        0x00bb1060
                                                                                                                                                                                                                                                        0x00bb109c
                                                                                                                                                                                                                                                        0x00bb10a2
                                                                                                                                                                                                                                                        0x00bb10a5
                                                                                                                                                                                                                                                        0x00bb10a5
                                                                                                                                                                                                                                                        0x00bb10ad
                                                                                                                                                                                                                                                        0x00bb10c1
                                                                                                                                                                                                                                                        0x00bb10c6
                                                                                                                                                                                                                                                        0x00bb10cd
                                                                                                                                                                                                                                                        0x00bb11f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb10d3
                                                                                                                                                                                                                                                        0x00bb10dc
                                                                                                                                                                                                                                                        0x00bb10de
                                                                                                                                                                                                                                                        0x00bb120d
                                                                                                                                                                                                                                                        0x00bb120d
                                                                                                                                                                                                                                                        0x00bb10e5
                                                                                                                                                                                                                                                        0x00bb10eb
                                                                                                                                                                                                                                                        0x00bb10ee
                                                                                                                                                                                                                                                        0x00bb10f0
                                                                                                                                                                                                                                                        0x00bb10f5
                                                                                                                                                                                                                                                        0x00bb1152
                                                                                                                                                                                                                                                        0x00bb1152
                                                                                                                                                                                                                                                        0x00bb115f
                                                                                                                                                                                                                                                        0x00bb1161
                                                                                                                                                                                                                                                        0x00bb1163
                                                                                                                                                                                                                                                        0x00bb1217
                                                                                                                                                                                                                                                        0x00bb1217
                                                                                                                                                                                                                                                        0x00bb116a
                                                                                                                                                                                                                                                        0x00bb1170
                                                                                                                                                                                                                                                        0x00bb1173
                                                                                                                                                                                                                                                        0x00bb1175
                                                                                                                                                                                                                                                        0x00bb117a
                                                                                                                                                                                                                                                        0x00bb1182
                                                                                                                                                                                                                                                        0x00bb1187
                                                                                                                                                                                                                                                        0x00bb1187
                                                                                                                                                                                                                                                        0x00bb118a
                                                                                                                                                                                                                                                        0x00bb1193
                                                                                                                                                                                                                                                        0x00bb1197
                                                                                                                                                                                                                                                        0x00bb119f
                                                                                                                                                                                                                                                        0x00bb11a3
                                                                                                                                                                                                                                                        0x00bb11a9
                                                                                                                                                                                                                                                        0x00bb11ac
                                                                                                                                                                                                                                                        0x00bb11b1
                                                                                                                                                                                                                                                        0x00bb11d3
                                                                                                                                                                                                                                                        0x00bb11d4
                                                                                                                                                                                                                                                        0x00bb11dd
                                                                                                                                                                                                                                                        0x00bb11e0
                                                                                                                                                                                                                                                        0x00bb11e5
                                                                                                                                                                                                                                                        0x00bb11f3
                                                                                                                                                                                                                                                        0x00bb11b3
                                                                                                                                                                                                                                                        0x00bb11c0
                                                                                                                                                                                                                                                        0x00bb11c0
                                                                                                                                                                                                                                                        0x00bb11c4
                                                                                                                                                                                                                                                        0x00bb11c7
                                                                                                                                                                                                                                                        0x00bb11ca
                                                                                                                                                                                                                                                        0x00bb11cc
                                                                                                                                                                                                                                                        0x00bb11cc
                                                                                                                                                                                                                                                        0x00bb11cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb11c0
                                                                                                                                                                                                                                                        0x00bb10f7
                                                                                                                                                                                                                                                        0x00bb10f7
                                                                                                                                                                                                                                                        0x00bb10f9
                                                                                                                                                                                                                                                        0x00bb1100
                                                                                                                                                                                                                                                        0x00bb1100
                                                                                                                                                                                                                                                        0x00bb1103
                                                                                                                                                                                                                                                        0x00bb1107
                                                                                                                                                                                                                                                        0x00bb1110
                                                                                                                                                                                                                                                        0x00bb1112
                                                                                                                                                                                                                                                        0x00bb1117
                                                                                                                                                                                                                                                        0x00bb111d
                                                                                                                                                                                                                                                        0x00bb1120
                                                                                                                                                                                                                                                        0x00bb1122
                                                                                                                                                                                                                                                        0x00bb112d
                                                                                                                                                                                                                                                        0x00bb1140
                                                                                                                                                                                                                                                        0x00bb1144
                                                                                                                                                                                                                                                        0x00bb1147
                                                                                                                                                                                                                                                        0x00bb114a
                                                                                                                                                                                                                                                        0x00bb114d
                                                                                                                                                                                                                                                        0x00bb114e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1100
                                                                                                                                                                                                                                                        0x00bb10f5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetEnvironmentVariableW.KERNEL32(PATH,00000000,00000000), ref: 00BB101F
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB1034
                                                                                                                                                                                                                                                        • GetEnvironmentVariableW.KERNEL32(PATH,00000000,00000000), ref: 00BB1049
                                                                                                                                                                                                                                                        • ExpandEnvironmentStringsW.KERNEL32(00000000,00000000,00000000), ref: 00BB1058
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB106D
                                                                                                                                                                                                                                                        • ExpandEnvironmentStringsW.KERNEL32(00000000,00000000,00000000), ref: 00BB107B
                                                                                                                                                                                                                                                        • SetEnvironmentVariableW.KERNEL32(PATH,00000000), ref: 00BB108B
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB1092
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB109C
                                                                                                                                                                                                                                                        • SetDllDirectoryW.KERNEL32 ref: 00BB10AD
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 00BB10E5
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB1107
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 00BB1117
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,00000001,00000000,00000000), ref: 00BB113A
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF), ref: 00BB116A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,00000000,?), ref: 00BB1182
                                                                                                                                                                                                                                                        • __p__environ.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0 ref: 00BB118A
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB11A3
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB11CA
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB11D4
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Environmentfreemoz_xmalloc$Variable$ExpandStrings$ByteCharDirectoryMultiWide__p__environmemcpywcslen
                                                                                                                                                                                                                                                        • String ID: PATH
                                                                                                                                                                                                                                                        • API String ID: 3928891988-1036084923
                                                                                                                                                                                                                                                        • Opcode ID: fb07a96ef1a759ad0024b98decadcf6a08f21e717c4d56e52d08d4cf2845679a
                                                                                                                                                                                                                                                        • Instruction ID: df28d133b5379c88ad570940b713105f8978533b999a44abafd1dd430882ab35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb07a96ef1a759ad0024b98decadcf6a08f21e717c4d56e52d08d4cf2845679a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A451CDB5A00205ABDB109F6CDC89BBA7BA8EF04750F4405A4FA15EB291DEB1DD04CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 769 bd97a0-bd97c4 770 bd97dc-bd97f6 call bcbdd0 GetModuleHandleA 769->770 771 bd97c6 769->771 777 bd97fc-bd97ff 770->777 778 bd98b5-bd98c3 GetProcAddress 770->778 772 bd97c8-bd97db call beecb0 771->772 779 bd9817-bd981d 777->779 780 bd9801-bd9811 HeapSetInformation 777->780 778->777 781 bd98c9-bd98d2 778->781 783 bd98ec-bd98f4 call be3070 779->783 784 bd9823-bd9826 779->784 780->779 782 bd9907-bd9910 GetLastError 780->782 781->777 790 bd98d8-bd98e1 GetLastError 781->790 782->771 789 bd9916 782->789 783->784 796 bd98fa-bd98fc 783->796 786 bd983f-bd9844 784->786 787 bd9828-bd9839 SetProcessDEPPolicy 784->787 786->772 792 bd9846-bd9854 GetProcAddress 786->792 787->786 791 bd991b-bd9924 GetLastError 787->791 789->779 790->771 794 bd98e7 790->794 791->771 797 bd992a 791->797 792->771 795 bd985a-bd9861 792->795 794->777 798 bd992f-bd9946 795->798 799 bd9867-bd986c 795->799 796->784 800 bd9902 796->800 797->786 806 bd9abd-bd9ac6 GetLastError 798->806 807 bd994c-bd9954 798->807 801 bd995a-bd9967 799->801 802 bd9872-bd9877 799->802 800->771 808 bd996b-bd996d 801->808 803 bd987d-bd9882 802->803 804 bd9981-bd9994 802->804 809 bd99a8-bd99ab 803->809 810 bd9888-bd989b 803->810 816 bd999a-bd99a2 804->816 817 bd9ae5-bd9aee GetLastError 804->817 806->771 814 bd9acc 806->814 807->801 807->802 811 bd9ad1-bd9ada GetLastError 808->811 812 bd9973-bd997b 808->812 809->772 815 bd99b1-bd99bd call bd9b70 809->815 810->809 823 bd98a1-bd98aa GetLastError 810->823 811->771 820 bd9ae0 811->820 812->803 812->804 814->811 824 bd99dc-bd99df 815->824 825 bd99bf-bd99c1 815->825 816->809 816->810 817->771 821 bd9af4 817->821 820->817 827 bd9af9-bd9b02 GetLastError 821->827 823->771 826 bd98b0 823->826 824->772 828 bd99e5-bd99ec 824->828 825->824 829 bd99c3-bd99d6 825->829 826->809 827->771 830 bd9b08 827->830 831 bd99ee-bd9a01 828->831 832 bd9a07-bd9a0a 828->832 829->824 829->827 830->824 831->832 838 bd9b0d-bd9b16 GetLastError 831->838 832->772 834 bd9a10-bd9a17 832->834 836 bd9a19-bd9a2c 834->836 837 bd9a32-bd9a39 834->837 836->837 845 bd9b35-bd9b3e GetLastError 836->845 839 bd9a6d-bd9a70 837->839 840 bd9a3b-bd9a67 837->840 838->771 842 bd9b1c 838->842 839->772 841 bd9a76-bd9a82 call bd9b70 839->841 840->839 849 bd9b21-bd9b2a GetLastError 840->849 841->772 850 bd9a88-bd9a8a 841->850 842->832 845->771 848 bd9b44 845->848 848->837 849->771 851 bd9b30 849->851 850->772 852 bd9a90-bd9aa3 850->852 851->839 852->772 854 bd9aa9-bd9ab2 GetLastError 852->854 854->771 855 bd9ab8 854->855 855->772
                                                                                                                                                                                                                                                        C-Code - Quality: 35%
                                                                                                                                                                                                                                                        			E00BD97A0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* _t69;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t106;
                                                                                                                                                                                                                                                        				signed int _t107;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t94 = _a4;
                                                                                                                                                                                                                                                        				_t96 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t96 ^ _t109;
                                                                                                                                                                                                                                                        				_t105 = _t94 & 0xffe08084 | _a8;
                                                                                                                                                                                                                                                        				if((_t94 & 0xffe08084 | _a8) == 0) {
                                                                                                                                                                                                                                                        					_t69 = E00BCBDD0(); // executed
                                                                                                                                                                                                                                                        					_t108 = _t69;
                                                                                                                                                                                                                                                        					_t70 = GetModuleHandleA("kernel32.dll");
                                                                                                                                                                                                                                                        					_t106 = _t70;
                                                                                                                                                                                                                                                        					if((_t94 & 0x00000200) != 0) {
                                                                                                                                                                                                                                                        						_t70 = GetProcAddress(_t106, "SetDefaultDllDirectories");
                                                                                                                                                                                                                                                        						if(_t70 == 0) {
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t70 =  *_t70(0x1000);
                                                                                                                                                                                                                                                        							if(_t70 != 0) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t70 = GetLastError();
                                                                                                                                                                                                                                                        								if(_t70 != 5) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						if((_t94 & 0x00000020) == 0) {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							if((_t94 & 0x00000400) != 0) {
                                                                                                                                                                                                                                                        								_t70 = E00BE3070();
                                                                                                                                                                                                                                                        								if(_t70 == 5 || _t70 == 0) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								if((_t94 & 0x00000001) == 0) {
                                                                                                                                                                                                                                                        									L9:
                                                                                                                                                                                                                                                        									_t95 = 1;
                                                                                                                                                                                                                                                        									if(_t108 >= 5) {
                                                                                                                                                                                                                                                        										_t70 = GetProcAddress(_t106, "SetProcessMitigationPolicy");
                                                                                                                                                                                                                                                        										if(_t70 == 0) {
                                                                                                                                                                                                                                                        											goto L1;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t107 = _t70;
                                                                                                                                                                                                                                                        											_t73 = _a4;
                                                                                                                                                                                                                                                        											if((_t73 & 0x00000008) != 0) {
                                                                                                                                                                                                                                                        												_v24 = _t73 >> 0x00000001 & 0x00000008 | 0x00000002;
                                                                                                                                                                                                                                                        												_push(4);
                                                                                                                                                                                                                                                        												_push( &_v24);
                                                                                                                                                                                                                                                        												_push(1);
                                                                                                                                                                                                                                                        												if( *_t107() == 0) {
                                                                                                                                                                                                                                                        													if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        														goto L1;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L30;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L30:
                                                                                                                                                                                                                                                        													_t70 = _a4;
                                                                                                                                                                                                                                                        													if((_t70 & 0x00000100) == 0) {
                                                                                                                                                                                                                                                        														goto L13;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L31;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												if((_t73 & 0x00000100) != 0) {
                                                                                                                                                                                                                                                        													L31:
                                                                                                                                                                                                                                                        													_v24 = 3;
                                                                                                                                                                                                                                                        													_t91 =  *_t107(3,  &_v24, 4); // executed
                                                                                                                                                                                                                                                        													if(_t91 == 0) {
                                                                                                                                                                                                                                                        														if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        															goto L1;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															goto L32;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L32:
                                                                                                                                                                                                                                                        														_t70 = _a4;
                                                                                                                                                                                                                                                        														if((_t70 & 0x00000800) == 0) {
                                                                                                                                                                                                                                                        															goto L14;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															goto L33;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L13:
                                                                                                                                                                                                                                                        													if((_t70 & 0x00000800) != 0) {
                                                                                                                                                                                                                                                        														L33:
                                                                                                                                                                                                                                                        														_v24 = 1;
                                                                                                                                                                                                                                                        														_push(4);
                                                                                                                                                                                                                                                        														_push( &_v24);
                                                                                                                                                                                                                                                        														_push(4);
                                                                                                                                                                                                                                                        														if( *_t107() == 0) {
                                                                                                                                                                                                                                                        															if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																goto L1;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																goto L34;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L34:
                                                                                                                                                                                                                                                        															_t70 = _a4;
                                                                                                                                                                                                                                                        															if((_a4 & 0x00001000) != 0) {
                                                                                                                                                                                                                                                        																goto L15;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																goto L35;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L14:
                                                                                                                                                                                                                                                        														if((_t70 & 0x00001000) == 0) {
                                                                                                                                                                                                                                                        															L35:
                                                                                                                                                                                                                                                        															if(_t108 >= 6) {
                                                                                                                                                                                                                                                        																_t70 = E00BD9B70();
                                                                                                                                                                                                                                                        																if((_a4 & 0x00002000) == 0 || _t70 != 0) {
                                                                                                                                                                                                                                                        																	L39:
                                                                                                                                                                                                                                                        																	if(_t108 >= 7) {
                                                                                                                                                                                                                                                        																		if((_a4 & 0x00010000) == 0) {
                                                                                                                                                                                                                                                        																			L42:
                                                                                                                                                                                                                                                        																			if(_t108 >= 8) {
                                                                                                                                                                                                                                                        																				if((_a4 & 0x00020000) == 0) {
                                                                                                                                                                                                                                                        																					L45:
                                                                                                                                                                                                                                                        																					if((_a4 & 0x001c0000) == 0) {
                                                                                                                                                                                                                                                        																						L47:
                                                                                                                                                                                                                                                        																						if(_t108 >= 9) {
                                                                                                                                                                                                                                                        																							_t70 = E00BD9B70();
                                                                                                                                                                                                                                                        																							if((_a4 & 0x00004000) != 0 && _t70 == 0) {
                                                                                                                                                                                                                                                        																								_v24 = 3;
                                                                                                                                                                                                                                                        																								_push(4);
                                                                                                                                                                                                                                                        																								_push( &_v24);
                                                                                                                                                                                                                                                        																								_push(2);
                                                                                                                                                                                                                                                        																								if( *_t107() == 0) {
                                                                                                                                                                                                                                                        																									if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																										goto L1;
                                                                                                                                                                                                                                                        																									} else {
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t105 = _a4;
                                                                                                                                                                                                                                                        																						_t85 = _a4 >> 0x00000012 & 0x00000003;
                                                                                                                                                                                                                                                        																						_t58 = _t85 + 4; // 0x1c0004
                                                                                                                                                                                                                                                        																						_t101 =  <  ? _t85 : _t58;
                                                                                                                                                                                                                                                        																						_t102 =  ==  ? _t85 :  <  ? _t85 : _t58;
                                                                                                                                                                                                                                                        																						_v24 =  ==  ? _t85 :  <  ? _t85 : _t58;
                                                                                                                                                                                                                                                        																						_push(4);
                                                                                                                                                                                                                                                        																						_push( &_v24);
                                                                                                                                                                                                                                                        																						_push(0xa);
                                                                                                                                                                                                                                                        																						if( *_t107() == 0) {
                                                                                                                                                                                                                                                        																							if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																								goto L1;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								goto L47;
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L47;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_v24 = 1;
                                                                                                                                                                                                                                                        																					_push(4);
                                                                                                                                                                                                                                                        																					_push( &_v24);
                                                                                                                                                                                                                                                        																					_push(8);
                                                                                                                                                                                                                                                        																					if( *_t107() == 0) {
                                                                                                                                                                                                                                                        																						if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																							goto L1;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							goto L45;
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						goto L45;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_v24 = 1;
                                                                                                                                                                                                                                                        																			_push(4);
                                                                                                                                                                                                                                                        																			_push( &_v24);
                                                                                                                                                                                                                                                        																			_push(9);
                                                                                                                                                                                                                                                        																			if( *_t107() == 0) {
                                                                                                                                                                                                                                                        																				if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																					goto L1;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					goto L42;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				goto L42;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_v24 = 1;
                                                                                                                                                                                                                                                        																	_push(4);
                                                                                                                                                                                                                                                        																	_push( &_v24);
                                                                                                                                                                                                                                                        																	_push(2);
                                                                                                                                                                                                                                                        																	if( *_t107() == 0) {
                                                                                                                                                                                                                                                        																		if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																			goto L1;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			goto L39;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		goto L39;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L15:
                                                                                                                                                                                                                                                        															_v24 = 1;
                                                                                                                                                                                                                                                        															_push(4);
                                                                                                                                                                                                                                                        															_push( &_v24);
                                                                                                                                                                                                                                                        															_push(6);
                                                                                                                                                                                                                                                        															if( *_t107() != 0) {
                                                                                                                                                                                                                                                        																goto L35;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        																	goto L1;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	goto L35;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t70 = _t94 & 0x00000002 | 0x00000001;
                                                                                                                                                                                                                                                        									__imp__SetProcessDEPPolicy(_t70);
                                                                                                                                                                                                                                                        									if(_t70 == 0) {
                                                                                                                                                                                                                                                        										if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        											goto L1;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L9;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L9;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__imp__HeapSetInformation(0, 1, 0, 0);
                                                                                                                                                                                                                                                        							if(_t70 == 0) {
                                                                                                                                                                                                                                                        								if(GetLastError() != 5) {
                                                                                                                                                                                                                                                        									goto L1;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L6;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t95 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t70, _v20 ^ _t109, _t105);
                                                                                                                                                                                                                                                        				return _t95; // executed
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bd97a9
                                                                                                                                                                                                                                                        0x00bd97ac
                                                                                                                                                                                                                                                        0x00bd97bf
                                                                                                                                                                                                                                                        0x00bd97c2
                                                                                                                                                                                                                                                        0x00bd97c4
                                                                                                                                                                                                                                                        0x00bd97dc
                                                                                                                                                                                                                                                        0x00bd97e1
                                                                                                                                                                                                                                                        0x00bd97e8
                                                                                                                                                                                                                                                        0x00bd97ee
                                                                                                                                                                                                                                                        0x00bd97f6
                                                                                                                                                                                                                                                        0x00bd98bb
                                                                                                                                                                                                                                                        0x00bd98c3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98c9
                                                                                                                                                                                                                                                        0x00bd98ce
                                                                                                                                                                                                                                                        0x00bd98d2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98d8
                                                                                                                                                                                                                                                        0x00bd98d8
                                                                                                                                                                                                                                                        0x00bd98e1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98e7
                                                                                                                                                                                                                                                        0x00bd98e1
                                                                                                                                                                                                                                                        0x00bd98d2
                                                                                                                                                                                                                                                        0x00bd97fc
                                                                                                                                                                                                                                                        0x00bd97fc
                                                                                                                                                                                                                                                        0x00bd97ff
                                                                                                                                                                                                                                                        0x00bd9817
                                                                                                                                                                                                                                                        0x00bd981d
                                                                                                                                                                                                                                                        0x00bd98ec
                                                                                                                                                                                                                                                        0x00bd98f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9902
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9902
                                                                                                                                                                                                                                                        0x00bd9823
                                                                                                                                                                                                                                                        0x00bd9823
                                                                                                                                                                                                                                                        0x00bd9826
                                                                                                                                                                                                                                                        0x00bd983f
                                                                                                                                                                                                                                                        0x00bd983f
                                                                                                                                                                                                                                                        0x00bd9844
                                                                                                                                                                                                                                                        0x00bd984c
                                                                                                                                                                                                                                                        0x00bd9854
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd985a
                                                                                                                                                                                                                                                        0x00bd985a
                                                                                                                                                                                                                                                        0x00bd985c
                                                                                                                                                                                                                                                        0x00bd9861
                                                                                                                                                                                                                                                        0x00bd9937
                                                                                                                                                                                                                                                        0x00bd993d
                                                                                                                                                                                                                                                        0x00bd993f
                                                                                                                                                                                                                                                        0x00bd9940
                                                                                                                                                                                                                                                        0x00bd9946
                                                                                                                                                                                                                                                        0x00bd9ac6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9acc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9acc
                                                                                                                                                                                                                                                        0x00bd994c
                                                                                                                                                                                                                                                        0x00bd994c
                                                                                                                                                                                                                                                        0x00bd994c
                                                                                                                                                                                                                                                        0x00bd9954
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9954
                                                                                                                                                                                                                                                        0x00bd9867
                                                                                                                                                                                                                                                        0x00bd986c
                                                                                                                                                                                                                                                        0x00bd995a
                                                                                                                                                                                                                                                        0x00bd995a
                                                                                                                                                                                                                                                        0x00bd9969
                                                                                                                                                                                                                                                        0x00bd996d
                                                                                                                                                                                                                                                        0x00bd9ada
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9ae0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9ae0
                                                                                                                                                                                                                                                        0x00bd9973
                                                                                                                                                                                                                                                        0x00bd9973
                                                                                                                                                                                                                                                        0x00bd9973
                                                                                                                                                                                                                                                        0x00bd997b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd997b
                                                                                                                                                                                                                                                        0x00bd9872
                                                                                                                                                                                                                                                        0x00bd9872
                                                                                                                                                                                                                                                        0x00bd9877
                                                                                                                                                                                                                                                        0x00bd9981
                                                                                                                                                                                                                                                        0x00bd9981
                                                                                                                                                                                                                                                        0x00bd998b
                                                                                                                                                                                                                                                        0x00bd998d
                                                                                                                                                                                                                                                        0x00bd998e
                                                                                                                                                                                                                                                        0x00bd9994
                                                                                                                                                                                                                                                        0x00bd9aee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9af4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9af4
                                                                                                                                                                                                                                                        0x00bd999a
                                                                                                                                                                                                                                                        0x00bd999a
                                                                                                                                                                                                                                                        0x00bd999a
                                                                                                                                                                                                                                                        0x00bd99a2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd99a2
                                                                                                                                                                                                                                                        0x00bd987d
                                                                                                                                                                                                                                                        0x00bd987d
                                                                                                                                                                                                                                                        0x00bd9882
                                                                                                                                                                                                                                                        0x00bd99a8
                                                                                                                                                                                                                                                        0x00bd99ab
                                                                                                                                                                                                                                                        0x00bd99b1
                                                                                                                                                                                                                                                        0x00bd99bd
                                                                                                                                                                                                                                                        0x00bd99dc
                                                                                                                                                                                                                                                        0x00bd99df
                                                                                                                                                                                                                                                        0x00bd99ec
                                                                                                                                                                                                                                                        0x00bd9a07
                                                                                                                                                                                                                                                        0x00bd9a0a
                                                                                                                                                                                                                                                        0x00bd9a17
                                                                                                                                                                                                                                                        0x00bd9a32
                                                                                                                                                                                                                                                        0x00bd9a39
                                                                                                                                                                                                                                                        0x00bd9a6d
                                                                                                                                                                                                                                                        0x00bd9a70
                                                                                                                                                                                                                                                        0x00bd9a76
                                                                                                                                                                                                                                                        0x00bd9a82
                                                                                                                                                                                                                                                        0x00bd9a90
                                                                                                                                                                                                                                                        0x00bd9a9a
                                                                                                                                                                                                                                                        0x00bd9a9c
                                                                                                                                                                                                                                                        0x00bd9a9d
                                                                                                                                                                                                                                                        0x00bd9aa3
                                                                                                                                                                                                                                                        0x00bd9ab2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9ab8
                                                                                                                                                                                                                                                        0x00bd9ab2
                                                                                                                                                                                                                                                        0x00bd9aa3
                                                                                                                                                                                                                                                        0x00bd9a82
                                                                                                                                                                                                                                                        0x00bd9a3b
                                                                                                                                                                                                                                                        0x00bd9a3b
                                                                                                                                                                                                                                                        0x00bd9a43
                                                                                                                                                                                                                                                        0x00bd9a49
                                                                                                                                                                                                                                                        0x00bd9a4c
                                                                                                                                                                                                                                                        0x00bd9a55
                                                                                                                                                                                                                                                        0x00bd9a5b
                                                                                                                                                                                                                                                        0x00bd9a5e
                                                                                                                                                                                                                                                        0x00bd9a60
                                                                                                                                                                                                                                                        0x00bd9a61
                                                                                                                                                                                                                                                        0x00bd9a67
                                                                                                                                                                                                                                                        0x00bd9b2a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9a67
                                                                                                                                                                                                                                                        0x00bd9a19
                                                                                                                                                                                                                                                        0x00bd9a19
                                                                                                                                                                                                                                                        0x00bd9a23
                                                                                                                                                                                                                                                        0x00bd9a25
                                                                                                                                                                                                                                                        0x00bd9a26
                                                                                                                                                                                                                                                        0x00bd9a2c
                                                                                                                                                                                                                                                        0x00bd9b3e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b44
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b44
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9a2c
                                                                                                                                                                                                                                                        0x00bd9a17
                                                                                                                                                                                                                                                        0x00bd99ee
                                                                                                                                                                                                                                                        0x00bd99ee
                                                                                                                                                                                                                                                        0x00bd99f8
                                                                                                                                                                                                                                                        0x00bd99fa
                                                                                                                                                                                                                                                        0x00bd99fb
                                                                                                                                                                                                                                                        0x00bd9a01
                                                                                                                                                                                                                                                        0x00bd9b16
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b1c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b1c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9a01
                                                                                                                                                                                                                                                        0x00bd99ec
                                                                                                                                                                                                                                                        0x00bd99c3
                                                                                                                                                                                                                                                        0x00bd99c3
                                                                                                                                                                                                                                                        0x00bd99cd
                                                                                                                                                                                                                                                        0x00bd99cf
                                                                                                                                                                                                                                                        0x00bd99d0
                                                                                                                                                                                                                                                        0x00bd99d6
                                                                                                                                                                                                                                                        0x00bd9b02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b08
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9b08
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd99d6
                                                                                                                                                                                                                                                        0x00bd99bd
                                                                                                                                                                                                                                                        0x00bd9888
                                                                                                                                                                                                                                                        0x00bd9888
                                                                                                                                                                                                                                                        0x00bd9888
                                                                                                                                                                                                                                                        0x00bd9892
                                                                                                                                                                                                                                                        0x00bd9894
                                                                                                                                                                                                                                                        0x00bd9895
                                                                                                                                                                                                                                                        0x00bd989b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98a1
                                                                                                                                                                                                                                                        0x00bd98aa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98b0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd98b0
                                                                                                                                                                                                                                                        0x00bd98aa
                                                                                                                                                                                                                                                        0x00bd989b
                                                                                                                                                                                                                                                        0x00bd9882
                                                                                                                                                                                                                                                        0x00bd9877
                                                                                                                                                                                                                                                        0x00bd986c
                                                                                                                                                                                                                                                        0x00bd9861
                                                                                                                                                                                                                                                        0x00bd9854
                                                                                                                                                                                                                                                        0x00bd9828
                                                                                                                                                                                                                                                        0x00bd982d
                                                                                                                                                                                                                                                        0x00bd9831
                                                                                                                                                                                                                                                        0x00bd9839
                                                                                                                                                                                                                                                        0x00bd9924
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd992a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd992a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9839
                                                                                                                                                                                                                                                        0x00bd9826
                                                                                                                                                                                                                                                        0x00bd9801
                                                                                                                                                                                                                                                        0x00bd9809
                                                                                                                                                                                                                                                        0x00bd9811
                                                                                                                                                                                                                                                        0x00bd9910
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9916
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9916
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9811
                                                                                                                                                                                                                                                        0x00bd97ff
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97c6
                                                                                                                                                                                                                                                        0x00bd97cd
                                                                                                                                                                                                                                                        0x00bd97db

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00BD97E8
                                                                                                                                                                                                                                                        • HeapSetInformation.KERNEL32(00000000,00000001,00000000,00000000), ref: 00BD9809
                                                                                                                                                                                                                                                        • SetProcessDEPPolicy.KERNEL32 ref: 00BD9831
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetProcessMitigationPolicy), ref: 00BD984C
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD98A1
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressErrorHandleHeapInformationLastModulePolicyProcProcess
                                                                                                                                                                                                                                                        • String ID: SetDefaultDllDirectories$SetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 1350721561-1152130905
                                                                                                                                                                                                                                                        • Opcode ID: bf622ef17bd0b8595dbc1d373d81a30e58bb3981ec39a55de634b4aeae46e670
                                                                                                                                                                                                                                                        • Instruction ID: cb974b4a9e3231b87d3862c2fb9be517bb4142d1bc6ef14c9a63472d7fca02b8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bf622ef17bd0b8595dbc1d373d81a30e58bb3981ec39a55de634b4aeae46e670
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EF8150716502069AEB209FA5CCC9BBEB6E4EF01B50F540097EA16E72D0FF74CD44CA62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 909 bb1230-bb127b ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z ?profiler_init@baseprofiler@mozilla@@YAXPAX@Z ?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPAVProfilingStack@23@XZ 910 bb1288-bb128b 909->910 911 bb127d-bb1283 call bb1860 909->911 912 bb131b-bb1336 ?DllBlocklist_Initialize@@YAXI@Z call bb1760 910->912 913 bb1291-bb12a0 call bb1670 910->913 911->910 919 bb14a8-bb14ad 912->919 920 bb133c-bb13b9 getenv 912->920 913->912 921 bb12a2-bb12bb ?DllBlocklist_Initialize@@YAXI@Z 913->921 933 bb13bf-bb13c2 920->933 934 bb14b2-bb14b5 920->934 922 bb148e call bebc30 921->922 923 bb12c1-bb12ca call bb1760 921->923 927 bb1493-bb1495 922->927 923->919 931 bb12d0-bb12d9 call bb15a0 923->931 927->923 929 bb149b-bb14a5 call bb16a0 927->929 929->919 939 bb12de-bb12e9 931->939 937 bb13fb-bb1400 933->937 938 bb13c4-bb13d3 call bb1670 933->938 940 bb14bb-bb14be 934->940 941 bb13d9-bb13dc 934->941 942 bb1405-bb141b call bebd40 call bebe10 937->942 938->941 954 bb14c9-bb14cc 938->954 950 bb12ee-bb12f4 939->950 940->938 944 bb14c4 940->944 945 bb13de-bb13ed call bb1670 941->945 946 bb13f3-bb13f5 941->946 969 bb150f 942->969 970 bb1421-bb1458 call bb19e0 942->970 944->941 945->946 958 bb14d5-bb14d8 945->958 946->937 947 bb1572-bb1577 946->947 947->937 957 bb157d 947->957 955 bb12fd-bb131a ?profiler_shutdown@baseprofiler@mozilla@@YAXXZ call beecb0 950->955 956 bb12f6-bb12fa 950->956 960 bb14ce-bb14d3 954->960 961 bb1526-bb1559 call bb1980 strdup _putenv 954->961 956->955 957->942 963 bb14dd-bb14e7 958->963 967 bb1514-bb1521 call bb16a0 960->967 976 bb155b-bb156c 961->976 977 bb1582-bb1599 call bb16a0 961->977 963->963 968 bb14e9-bb150a call bebd40 963->968 981 bb1461-bb147e 967->981 984 bb145f 968->984 969->967 970->984 976->937 976->947 977->981 981->950 986 bb1484-bb1489 981->986 984->981 986->950
                                                                                                                                                                                                                                                        C-Code - Quality: 42%
                                                                                                                                                                                                                                                        			E00BB1230(char* __ecx, char** __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char* _v300;
                                                                                                                                                                                                                                                        				intOrPtr _v304;
                                                                                                                                                                                                                                                        				intOrPtr _v308;
                                                                                                                                                                                                                                                        				char _v312;
                                                                                                                                                                                                                                                        				char _v316;
                                                                                                                                                                                                                                                        				char _v320;
                                                                                                                                                                                                                                                        				char _v324;
                                                                                                                                                                                                                                                        				char _v328;
                                                                                                                                                                                                                                                        				char* _v384;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        				char* _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t51;
                                                                                                                                                                                                                                                        				char* _t58;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				char _t73;
                                                                                                                                                                                                                                                        				int _t80;
                                                                                                                                                                                                                                                        				signed int _t85;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				char* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				intOrPtr* _t102;
                                                                                                                                                                                                                                                        				intOrPtr* _t103;
                                                                                                                                                                                                                                                        				intOrPtr* _t104;
                                                                                                                                                                                                                                                        				intOrPtr* _t105;
                                                                                                                                                                                                                                                        				intOrPtr* _t107;
                                                                                                                                                                                                                                                        				intOrPtr* _t110;
                                                                                                                                                                                                                                                        				intOrPtr _t114;
                                                                                                                                                                                                                                                        				intOrPtr* _t115;
                                                                                                                                                                                                                                                        				char* _t119;
                                                                                                                                                                                                                                                        				char _t120;
                                                                                                                                                                                                                                                        				intOrPtr _t121;
                                                                                                                                                                                                                                                        				char** _t123;
                                                                                                                                                                                                                                                        				void* _t124;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int* _t133;
                                                                                                                                                                                                                                                        				signed int* _t134;
                                                                                                                                                                                                                                                        				intOrPtr* _t137;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t117 = __edx;
                                                                                                                                                                                                                                                        				_t46 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t123 = __edx;
                                                                                                                                                                                                                                                        				_t119 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t46 ^ _t125;
                                                                                                                                                                                                                                                        				__imp__?Now@TimeStamp@mozilla@@CA?AV12@_N@Z( &_v320, 1);
                                                                                                                                                                                                                                                        				_t49 =  &_v324;
                                                                                                                                                                                                                                                        				__imp__?profiler_init@baseprofiler@mozilla@@YAXPAX@Z(_t49); // executed
                                                                                                                                                                                                                                                        				_t130 = (_t126 & 0xfffffff8) - 0x150 + 0xc;
                                                                                                                                                                                                                                                        				__imp__?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPAVProfilingStack@23@XZ();
                                                                                                                                                                                                                                                        				_v328 = _t49;
                                                                                                                                                                                                                                                        				if(_t49 != 0) {
                                                                                                                                                                                                                                                        					_t117 =  &_v328;
                                                                                                                                                                                                                                                        					E00BB1860(_t49,  &_v328);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t119 < 2) {
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					__imp__?DllBlocklist_Initialize@@YAXI@Z( *0xbfa538);
                                                                                                                                                                                                                                                        					_t131 = _t130 + 4;
                                                                                                                                                                                                                                                        					if(E00BB1760(1, _t117) < 0) {
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x20]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [esp+0x28]");
                                                                                                                                                                                                                                                        					_t102 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        					asm("movsd [esp], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x30]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x8], xmm1");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        					_t133 = _t131 - 0x1c;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x2c]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x14], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x1c]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [esp+0x24]");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0xc], xmm1");
                                                                                                                                                                                                                                                        					asm("movsd [esp+0x4], xmm0");
                                                                                                                                                                                                                                                        					 *_t133 = 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t102 + 0x14))();
                                                                                                                                                                                                                                                        					_t103 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t103 + 0x30))();
                                                                                                                                                                                                                                                        					_v316 = _t119;
                                                                                                                                                                                                                                                        					_t58 = getenv("XUL_APP_FILE");
                                                                                                                                                                                                                                                        					_t134 =  &(_t133[1]);
                                                                                                                                                                                                                                                        					_t94 = _t58;
                                                                                                                                                                                                                                                        					if(_t58 != 0) {
                                                                                                                                                                                                                                                        						if( *_t94 != 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							if(_t119 < 2) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								if(_t94 != 0) {
                                                                                                                                                                                                                                                        									L38:
                                                                                                                                                                                                                                                        									_t59 = 0;
                                                                                                                                                                                                                                                        									if( *_t94 == 0) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L18:
                                                                                                                                                                                                                                                        									_v304 = _t59;
                                                                                                                                                                                                                                                        									_v300 = _t94;
                                                                                                                                                                                                                                                        									_t120 = E00BEBD40();
                                                                                                                                                                                                                                                        									_t61 = L00BEBE10();
                                                                                                                                                                                                                                                        									if(_t120 == 0) {
                                                                                                                                                                                                                                                        										_push("Couldn\'t initialize the broker services.\n");
                                                                                                                                                                                                                                                        										L35:
                                                                                                                                                                                                                                                        										E00BB16A0();
                                                                                                                                                                                                                                                        										_t124 = 0xff;
                                                                                                                                                                                                                                                        										L21:
                                                                                                                                                                                                                                                        										_t104 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        										 *((intOrPtr*)( *_t104 + 0xc))();
                                                                                                                                                                                                                                                        										_t105 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        										 *0xbfa534 = 0;
                                                                                                                                                                                                                                                        										if(_t105 != 0) {
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t105 + 4))();
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									asm("movsd xmm0, [0xbf0198]");
                                                                                                                                                                                                                                                        									_v312 = _t120;
                                                                                                                                                                                                                                                        									_v308 = _t61;
                                                                                                                                                                                                                                                        									asm("movsd [esp+0x38], xmm0");
                                                                                                                                                                                                                                                        									E00BB19E0(_t94,  &_v316, _t123, _t120, _t123,  &_v324);
                                                                                                                                                                                                                                                        									_t107 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        									_t117 =  &_v312;
                                                                                                                                                                                                                                                        									_t70 =  *((intOrPtr*)( *_t107 + 0x18))(_v316, _t123,  &_v312);
                                                                                                                                                                                                                                                        									L20:
                                                                                                                                                                                                                                                        									_t124 = _t70;
                                                                                                                                                                                                                                                        									goto L21;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t94 = "browser";
                                                                                                                                                                                                                                                        								_t59 = 0xbf015c;
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t117 = "xpcshell";
                                                                                                                                                                                                                                                        							if(E00BB1670(_t123[1], "xpcshell") != 0) {
                                                                                                                                                                                                                                                        								_t95 = _a4;
                                                                                                                                                                                                                                                        								_t72 = 1;
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									_t123[_t72] =  *(_t123 + 4 + _t72 * 4);
                                                                                                                                                                                                                                                        									_t72 = _t72 + 1;
                                                                                                                                                                                                                                                        								} while (_t119 != _t72);
                                                                                                                                                                                                                                                        								_t73 = E00BEBD40();
                                                                                                                                                                                                                                                        								_t110 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        								_t121 = _t119 - 1;
                                                                                                                                                                                                                                                        								_v312 = _t73;
                                                                                                                                                                                                                                                        								_t117 =  &_v312;
                                                                                                                                                                                                                                                        								_v316 = _t121;
                                                                                                                                                                                                                                                        								_t70 =  *((intOrPtr*)( *_t110 + 0x20))(_t121, _t123, _t95,  &_v312);
                                                                                                                                                                                                                                                        								goto L20;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t119 >= 2) {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_t117 = 0xbf2659;
                                                                                                                                                                                                                                                        							if(E00BB1670(_t123[1], 0xbf2659) != 0) {
                                                                                                                                                                                                                                                        								if(_t119 != 2) {
                                                                                                                                                                                                                                                        									_t94 = _t123[2];
                                                                                                                                                                                                                                                        									_t137 = _t134 - 0xc;
                                                                                                                                                                                                                                                        									_v384 = _t94;
                                                                                                                                                                                                                                                        									 *_t137 =  &_v312;
                                                                                                                                                                                                                                                        									E00BB1980();
                                                                                                                                                                                                                                                        									_t80 = _putenv(strdup( &_v312));
                                                                                                                                                                                                                                                        									_t134 = _t137 + 0x14;
                                                                                                                                                                                                                                                        									if(_t80 != 0) {
                                                                                                                                                                                                                                                        										E00BB16A0("Couldn\'t set %s.\n",  &_v312);
                                                                                                                                                                                                                                                        										_t124 = 0xff;
                                                                                                                                                                                                                                                        										goto L21;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t123[2] =  *_t123;
                                                                                                                                                                                                                                                        									_t123 =  &(_t123[2]);
                                                                                                                                                                                                                                                        									_v316 = _t119 + 0xfffffffe;
                                                                                                                                                                                                                                                        									if(_t94 == 0) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L38;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_push("Incorrect number of arguments passed to -app");
                                                                                                                                                                                                                                                        								goto L35;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t119 <= 1) {
                                                                                                                                                                                                                                                        						goto L17;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L13;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t117 = "contentproc";
                                                                                                                                                                                                                                                        					if(E00BB1670(_t123[1], "contentproc") == 0) {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t85 =  *0xbfa538; // 0x3
                                                                                                                                                                                                                                                        					__imp__?DllBlocklist_Initialize@@YAXI@Z(_t85 | 0x00000001); // executed
                                                                                                                                                                                                                                                        					if( *0xbfb618 != 0) {
                                                                                                                                                                                                                                                        						_t87 = E00BEBC30(); // executed
                                                                                                                                                                                                                                                        						if(_t87 != 0) {
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_push("Failed to initialize the sandbox target services.");
                                                                                                                                                                                                                                                        						E00BB16A0();
                                                                                                                                                                                                                                                        						L25:
                                                                                                                                                                                                                                                        						_t124 = 0xff;
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						_t51 = _v328;
                                                                                                                                                                                                                                                        						if(_t51 != 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t51 + 8)) =  *((intOrPtr*)(_t51 + 8)) - 1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__imp__?profiler_shutdown@baseprofiler@mozilla@@YAXXZ();
                                                                                                                                                                                                                                                        						E00BEECB0(_t51, _v24 ^ _t125, _t117);
                                                                                                                                                                                                                                                        						return _t124;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t88 = E00BB1760(0, _t117); // executed
                                                                                                                                                                                                                                                        					if(_t88 < 0) {
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t114 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        					_t117 = _t119;
                                                                                                                                                                                                                                                        					_t89 = E00BB15A0(_t114, _t119, _t123); // executed
                                                                                                                                                                                                                                                        					_t115 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        					_t124 = _t89;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t115 + 0xc))();
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





















































                                                                                                                                                                                                                                                        0x00bb1230
                                                                                                                                                                                                                                                        0x00bb123f
                                                                                                                                                                                                                                                        0x00bb1244
                                                                                                                                                                                                                                                        0x00bb1246
                                                                                                                                                                                                                                                        0x00bb124a
                                                                                                                                                                                                                                                        0x00bb1258
                                                                                                                                                                                                                                                        0x00bb1261
                                                                                                                                                                                                                                                        0x00bb1266
                                                                                                                                                                                                                                                        0x00bb126c
                                                                                                                                                                                                                                                        0x00bb126f
                                                                                                                                                                                                                                                        0x00bb1277
                                                                                                                                                                                                                                                        0x00bb127b
                                                                                                                                                                                                                                                        0x00bb127d
                                                                                                                                                                                                                                                        0x00bb1283
                                                                                                                                                                                                                                                        0x00bb1283
                                                                                                                                                                                                                                                        0x00bb128b
                                                                                                                                                                                                                                                        0x00bb131b
                                                                                                                                                                                                                                                        0x00bb1321
                                                                                                                                                                                                                                                        0x00bb1327
                                                                                                                                                                                                                                                        0x00bb1336
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb133c
                                                                                                                                                                                                                                                        0x00bb1342
                                                                                                                                                                                                                                                        0x00bb1348
                                                                                                                                                                                                                                                        0x00bb134e
                                                                                                                                                                                                                                                        0x00bb1353
                                                                                                                                                                                                                                                        0x00bb1359
                                                                                                                                                                                                                                                        0x00bb135f
                                                                                                                                                                                                                                                        0x00bb1367
                                                                                                                                                                                                                                                        0x00bb136a
                                                                                                                                                                                                                                                        0x00bb1370
                                                                                                                                                                                                                                                        0x00bb1376
                                                                                                                                                                                                                                                        0x00bb137c
                                                                                                                                                                                                                                                        0x00bb1382
                                                                                                                                                                                                                                                        0x00bb1388
                                                                                                                                                                                                                                                        0x00bb138e
                                                                                                                                                                                                                                                        0x00bb1395
                                                                                                                                                                                                                                                        0x00bb1398
                                                                                                                                                                                                                                                        0x00bb13a0
                                                                                                                                                                                                                                                        0x00bb13a3
                                                                                                                                                                                                                                                        0x00bb13ac
                                                                                                                                                                                                                                                        0x00bb13b2
                                                                                                                                                                                                                                                        0x00bb13b5
                                                                                                                                                                                                                                                        0x00bb13b9
                                                                                                                                                                                                                                                        0x00bb14b5
                                                                                                                                                                                                                                                        0x00bb13d9
                                                                                                                                                                                                                                                        0x00bb13dc
                                                                                                                                                                                                                                                        0x00bb13f3
                                                                                                                                                                                                                                                        0x00bb13f5
                                                                                                                                                                                                                                                        0x00bb1572
                                                                                                                                                                                                                                                        0x00bb1572
                                                                                                                                                                                                                                                        0x00bb1577
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1405
                                                                                                                                                                                                                                                        0x00bb1405
                                                                                                                                                                                                                                                        0x00bb1409
                                                                                                                                                                                                                                                        0x00bb1412
                                                                                                                                                                                                                                                        0x00bb1414
                                                                                                                                                                                                                                                        0x00bb141b
                                                                                                                                                                                                                                                        0x00bb150f
                                                                                                                                                                                                                                                        0x00bb1514
                                                                                                                                                                                                                                                        0x00bb1514
                                                                                                                                                                                                                                                        0x00bb151c
                                                                                                                                                                                                                                                        0x00bb1461
                                                                                                                                                                                                                                                        0x00bb1461
                                                                                                                                                                                                                                                        0x00bb1469
                                                                                                                                                                                                                                                        0x00bb146c
                                                                                                                                                                                                                                                        0x00bb1472
                                                                                                                                                                                                                                                        0x00bb147e
                                                                                                                                                                                                                                                        0x00bb1486
                                                                                                                                                                                                                                                        0x00bb1486
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb147e
                                                                                                                                                                                                                                                        0x00bb1421
                                                                                                                                                                                                                                                        0x00bb1429
                                                                                                                                                                                                                                                        0x00bb142d
                                                                                                                                                                                                                                                        0x00bb143b
                                                                                                                                                                                                                                                        0x00bb1442
                                                                                                                                                                                                                                                        0x00bb144a
                                                                                                                                                                                                                                                        0x00bb1450
                                                                                                                                                                                                                                                        0x00bb145c
                                                                                                                                                                                                                                                        0x00bb145f
                                                                                                                                                                                                                                                        0x00bb145f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb145f
                                                                                                                                                                                                                                                        0x00bb13fb
                                                                                                                                                                                                                                                        0x00bb13fb
                                                                                                                                                                                                                                                        0x00bb1400
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1400
                                                                                                                                                                                                                                                        0x00bb13e1
                                                                                                                                                                                                                                                        0x00bb13ed
                                                                                                                                                                                                                                                        0x00bb14d5
                                                                                                                                                                                                                                                        0x00bb14d8
                                                                                                                                                                                                                                                        0x00bb14dd
                                                                                                                                                                                                                                                        0x00bb14e1
                                                                                                                                                                                                                                                        0x00bb14e4
                                                                                                                                                                                                                                                        0x00bb14e5
                                                                                                                                                                                                                                                        0x00bb14e9
                                                                                                                                                                                                                                                        0x00bb14ee
                                                                                                                                                                                                                                                        0x00bb14f4
                                                                                                                                                                                                                                                        0x00bb14f5
                                                                                                                                                                                                                                                        0x00bb14f9
                                                                                                                                                                                                                                                        0x00bb14fd
                                                                                                                                                                                                                                                        0x00bb1507
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1507
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb13ed
                                                                                                                                                                                                                                                        0x00bb14be
                                                                                                                                                                                                                                                        0x00bb13c4
                                                                                                                                                                                                                                                        0x00bb13c7
                                                                                                                                                                                                                                                        0x00bb13d3
                                                                                                                                                                                                                                                        0x00bb14cc
                                                                                                                                                                                                                                                        0x00bb1526
                                                                                                                                                                                                                                                        0x00bb1529
                                                                                                                                                                                                                                                        0x00bb1530
                                                                                                                                                                                                                                                        0x00bb1534
                                                                                                                                                                                                                                                        0x00bb1537
                                                                                                                                                                                                                                                        0x00bb154e
                                                                                                                                                                                                                                                        0x00bb1554
                                                                                                                                                                                                                                                        0x00bb1559
                                                                                                                                                                                                                                                        0x00bb158c
                                                                                                                                                                                                                                                        0x00bb1594
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1594
                                                                                                                                                                                                                                                        0x00bb1560
                                                                                                                                                                                                                                                        0x00bb1563
                                                                                                                                                                                                                                                        0x00bb1566
                                                                                                                                                                                                                                                        0x00bb156c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb156c
                                                                                                                                                                                                                                                        0x00bb14ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb14ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb13d3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb14c4
                                                                                                                                                                                                                                                        0x00bb13c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1291
                                                                                                                                                                                                                                                        0x00bb1294
                                                                                                                                                                                                                                                        0x00bb12a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb12a2
                                                                                                                                                                                                                                                        0x00bb12ab
                                                                                                                                                                                                                                                        0x00bb12bb
                                                                                                                                                                                                                                                        0x00bb148e
                                                                                                                                                                                                                                                        0x00bb1495
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb149b
                                                                                                                                                                                                                                                        0x00bb14a0
                                                                                                                                                                                                                                                        0x00bb14a8
                                                                                                                                                                                                                                                        0x00bb14a8
                                                                                                                                                                                                                                                        0x00bb12ee
                                                                                                                                                                                                                                                        0x00bb12ee
                                                                                                                                                                                                                                                        0x00bb12f4
                                                                                                                                                                                                                                                        0x00bb12fa
                                                                                                                                                                                                                                                        0x00bb12fa
                                                                                                                                                                                                                                                        0x00bb12fd
                                                                                                                                                                                                                                                        0x00bb130c
                                                                                                                                                                                                                                                        0x00bb131a
                                                                                                                                                                                                                                                        0x00bb131a
                                                                                                                                                                                                                                                        0x00bb12c1
                                                                                                                                                                                                                                                        0x00bb12c3
                                                                                                                                                                                                                                                        0x00bb12ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb12d0
                                                                                                                                                                                                                                                        0x00bb12d6
                                                                                                                                                                                                                                                        0x00bb12d9
                                                                                                                                                                                                                                                        0x00bb12e1
                                                                                                                                                                                                                                                        0x00bb12e7
                                                                                                                                                                                                                                                        0x00bb12eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb12eb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 00BB1258
                                                                                                                                                                                                                                                        • ?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(?), ref: 00BB1266
                                                                                                                                                                                                                                                        • ?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPAVProfilingStack@23@XZ.MOZGLUE ref: 00BB126F
                                                                                                                                                                                                                                                        • ?DllBlocklist_Initialize@@YAXI@Z.MOZGLUE(00000003), ref: 00BB12AB
                                                                                                                                                                                                                                                        • ?profiler_shutdown@baseprofiler@mozilla@@YAXXZ.MOZGLUE ref: 00BB12FD
                                                                                                                                                                                                                                                          • Part of subcall function 00BB1860: ?ensureCapacitySlow@ProfilingStack@baseprofiler@mozilla@@AAEXXZ.MOZGLUE(00000000,?,?,?,00BB1288), ref: 00BB1873
                                                                                                                                                                                                                                                        • ?DllBlocklist_Initialize@@YAXI@Z.MOZGLUE ref: 00BB1321
                                                                                                                                                                                                                                                          • Part of subcall function 00BB1760: strdup.MOZGLUE(?), ref: 00BB1797
                                                                                                                                                                                                                                                          • Part of subcall function 00BB1760: free.MOZGLUE(00000000), ref: 00BB17E6
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(XUL_APP_FILE), ref: 00BB13AC
                                                                                                                                                                                                                                                        • strdup.MOZGLUE(?), ref: 00BB1544
                                                                                                                                                                                                                                                        • _putenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(00000000), ref: 00BB154E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Incorrect number of arguments passed to -app, xrefs: 00BB14CE
                                                                                                                                                                                                                                                        • XUL_APP_FILE, xrefs: 00BB13A7
                                                                                                                                                                                                                                                        • Failed to initialize the sandbox target services., xrefs: 00BB149B
                                                                                                                                                                                                                                                        • Couldn't set %s., xrefs: 00BB1587
                                                                                                                                                                                                                                                        • browser, xrefs: 00BB13FB
                                                                                                                                                                                                                                                        • Couldn't initialize the broker services., xrefs: 00BB150F
                                                                                                                                                                                                                                                        • contentproc, xrefs: 00BB1294
                                                                                                                                                                                                                                                        • xpcshell, xrefs: 00BB13E1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Profiling$Blocklist_Initialize@@strdup$?ensure?profiler_init@baseprofiler@mozilla@@?profiler_shutdown@baseprofiler@mozilla@@AutoCapacityLabel@baseprofiler@mozilla@@Now@ProfilerSlow@Stack@Stack@23@Stack@baseprofiler@mozilla@@Stamp@mozilla@@TimeV12@__putenvfreegetenv
                                                                                                                                                                                                                                                        • String ID: Couldn't initialize the broker services.$Couldn't set %s.$Failed to initialize the sandbox target services.$Incorrect number of arguments passed to -app$XUL_APP_FILE$browser$contentproc$xpcshell
                                                                                                                                                                                                                                                        • API String ID: 4264558517-1743212616
                                                                                                                                                                                                                                                        • Opcode ID: e66a7b7b84471fd417458156ca5bab41fccae56641fd3e3a87c92d91e8faf8e1
                                                                                                                                                                                                                                                        • Instruction ID: b4eabd281711365e4281fefe103e49bea4756757cc83bb838c442bfdbf0b30a8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e66a7b7b84471fd417458156ca5bab41fccae56641fd3e3a87c92d91e8faf8e1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4891CFB1A043048BC720EF28D8959BB77F5EF96344F4049A9E94AC7261EBB1D844CB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BCA060(void* __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v2012;
                                                                                                                                                                                                                                                        				char _v2072;
                                                                                                                                                                                                                                                        				void _v2073;
                                                                                                                                                                                                                                                        				long _v2076;
                                                                                                                                                                                                                                                        				long _v2080;
                                                                                                                                                                                                                                                        				long _v2084;
                                                                                                                                                                                                                                                        				intOrPtr _v2088;
                                                                                                                                                                                                                                                        				char _v2092;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				long _t33;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				intOrPtr* _t65;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				signed int _t88;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t86 = __edx;
                                                                                                                                                                                                                                                        				_t101 = (_t99 & 0xfffffff8) - 0x810;
                                                                                                                                                                                                                                                        				_t31 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v24 = _t31 ^ _t98;
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa054; // 0x6
                                                                                                                                                                                                                                                        				_v2076 = _t33;
                                                                                                                                                                                                                                                        				if(_t33 != 0xffffffff) {
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					_t88 = TlsGetValue(_t33) & 0x00000003;
                                                                                                                                                                                                                                                        					if(_t88 != 0) {
                                                                                                                                                                                                                                                        						_t93 =  &_v2072;
                                                                                                                                                                                                                                                        						E00BBC880( &_v2072, 2, 1);
                                                                                                                                                                                                                                                        						E00BBC940(__eflags, E00BBC940(__eflags,  &_v2072, "GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized"), " (");
                                                                                                                                                                                                                                                        						_t65 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z;
                                                                                                                                                                                                                                                        						 *_t65(_t88);
                                                                                                                                                                                                                                                        						E00BBC940(__eflags,  &_v2072, " vs. ");
                                                                                                                                                                                                                                                        						 *_t65(0);
                                                                                                                                                                                                                                                        						_t41 = E00BBC940(__eflags, _t93, 0xbf3ee8);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t101 = _t101 + 0x24;
                                                                                                                                                                                                                                                        						E00BBD7F0( &_v2084, _t41);
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t101 +  *((intOrPtr*)(_v2092 + 4)) + 8)) = 0xbf0324;
                                                                                                                                                                                                                                                        						_t20 = _v2092 + 4; // 0xbbd0b0
                                                                                                                                                                                                                                                        						_t21 =  *_t20 - 0x50; // 0xbbd060
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t101 +  *_t20 + 4)) = _t21;
                                                                                                                                                                                                                                                        						_v2088 = 0xbf0330;
                                                                                                                                                                                                                                                        						E00BBD690( &_v2084, _t41, 0x18);
                                                                                                                                                                                                                                                        						__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        						__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        						E00BC2030( &_v2092, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0xec, _t41);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t91 =  &_v2076;
                                                                                                                                                                                                                                                        					memset(_t91, 0, 0x800);
                                                                                                                                                                                                                                                        					_t51 = TlsSetValue(_v2080,  &_v2073);
                                                                                                                                                                                                                                                        					_push(0x800); // executed
                                                                                                                                                                                                                                                        					L00BEF6CC(); // executed
                                                                                                                                                                                                                                                        					_t95 = _t51;
                                                                                                                                                                                                                                                        					memcpy(_t51, _t91, 0x800);
                                                                                                                                                                                                                                                        					E00BEECB0(TlsSetValue(_v2080, _t95 | 0x00000003), _v28 ^ _t98, _t86);
                                                                                                                                                                                                                                                        					return _t95;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t92 =  &_v2076;
                                                                                                                                                                                                                                                        				_t58 = E00BCA3A0( &_v2076);
                                                                                                                                                                                                                                                        				_t101 = _t101 + 4;
                                                                                                                                                                                                                                                        				if(_t58 == 0) {
                                                                                                                                                                                                                                                        					_push("PlatformThreadLocalStorage::AllocTLS(&key)");
                                                                                                                                                                                                                                                        					E00BC1FF0( &_v2072, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0xd0);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t113 = _v2080 - 0xffffffff;
                                                                                                                                                                                                                                                        				if(_t113 == 0) {
                                                                                                                                                                                                                                                        					_t60 = E00BCA3A0(_t92);
                                                                                                                                                                                                                                                        					_t110 = _t101 + 4;
                                                                                                                                                                                                                                                        					__eflags = _t60;
                                                                                                                                                                                                                                                        					if(_t60 == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_push("PlatformThreadLocalStorage::AllocTLS(&key) && key != PlatformThreadLocalStorage::TLS_KEY_OUT_OF_INDEXES");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v2076, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0xda);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						E00BCA3C0(0xffffffff);
                                                                                                                                                                                                                                                        						_t101 = _t110 + 4;
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _v2080 - 0xffffffff;
                                                                                                                                                                                                                                                        					if(_v2080 != 0xffffffff) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					asm("lock cmpxchg [0xbfa054], ecx");
                                                                                                                                                                                                                                                        					_t33 = _v2084;
                                                                                                                                                                                                                                                        					if(_t113 != 0) {
                                                                                                                                                                                                                                                        						E00BCA3C0(_t33);
                                                                                                                                                                                                                                                        						_t101 = _t101 + 4;
                                                                                                                                                                                                                                                        						_t33 =  *0xbfa054; // 0x6
                                                                                                                                                                                                                                                        						_v2084 = _t33;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bca060
                                                                                                                                                                                                                                                        0x00bca069
                                                                                                                                                                                                                                                        0x00bca06f
                                                                                                                                                                                                                                                        0x00bca076
                                                                                                                                                                                                                                                        0x00bca07d
                                                                                                                                                                                                                                                        0x00bca085
                                                                                                                                                                                                                                                        0x00bca089
                                                                                                                                                                                                                                                        0x00bca0c4
                                                                                                                                                                                                                                                        0x00bca0cd
                                                                                                                                                                                                                                                        0x00bca0d0
                                                                                                                                                                                                                                                        0x00bca139
                                                                                                                                                                                                                                                        0x00bca143
                                                                                                                                                                                                                                                        0x00bca15c
                                                                                                                                                                                                                                                        0x00bca164
                                                                                                                                                                                                                                                        0x00bca16d
                                                                                                                                                                                                                                                        0x00bca175
                                                                                                                                                                                                                                                        0x00bca181
                                                                                                                                                                                                                                                        0x00bca189
                                                                                                                                                                                                                                                        0x00bca193
                                                                                                                                                                                                                                                        0x00bca198
                                                                                                                                                                                                                                                        0x00bca1a4
                                                                                                                                                                                                                                                        0x00bca1b4
                                                                                                                                                                                                                                                        0x00bca1c0
                                                                                                                                                                                                                                                        0x00bca1c3
                                                                                                                                                                                                                                                        0x00bca1c6
                                                                                                                                                                                                                                                        0x00bca1cc
                                                                                                                                                                                                                                                        0x00bca1d4
                                                                                                                                                                                                                                                        0x00bca1db
                                                                                                                                                                                                                                                        0x00bca1e3
                                                                                                                                                                                                                                                        0x00bca1fa
                                                                                                                                                                                                                                                        0x00bca201
                                                                                                                                                                                                                                                        0x00bca201
                                                                                                                                                                                                                                                        0x00bca0d2
                                                                                                                                                                                                                                                        0x00bca0de
                                                                                                                                                                                                                                                        0x00bca0f5
                                                                                                                                                                                                                                                        0x00bca0f7
                                                                                                                                                                                                                                                        0x00bca0fc
                                                                                                                                                                                                                                                        0x00bca104
                                                                                                                                                                                                                                                        0x00bca10d
                                                                                                                                                                                                                                                        0x00bca12a
                                                                                                                                                                                                                                                        0x00bca138
                                                                                                                                                                                                                                                        0x00bca138
                                                                                                                                                                                                                                                        0x00bca08b
                                                                                                                                                                                                                                                        0x00bca090
                                                                                                                                                                                                                                                        0x00bca095
                                                                                                                                                                                                                                                        0x00bca09a
                                                                                                                                                                                                                                                        0x00bca211
                                                                                                                                                                                                                                                        0x00bca220
                                                                                                                                                                                                                                                        0x00bca227
                                                                                                                                                                                                                                                        0x00bca227
                                                                                                                                                                                                                                                        0x00bca0a4
                                                                                                                                                                                                                                                        0x00bca0a7
                                                                                                                                                                                                                                                        0x00bca232
                                                                                                                                                                                                                                                        0x00bca237
                                                                                                                                                                                                                                                        0x00bca23a
                                                                                                                                                                                                                                                        0x00bca23c
                                                                                                                                                                                                                                                        0x00bca245
                                                                                                                                                                                                                                                        0x00bca24b
                                                                                                                                                                                                                                                        0x00bca25a
                                                                                                                                                                                                                                                        0x00bca261
                                                                                                                                                                                                                                                        0x00bca266
                                                                                                                                                                                                                                                        0x00bca268
                                                                                                                                                                                                                                                        0x00bca26d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca270
                                                                                                                                                                                                                                                        0x00bca23e
                                                                                                                                                                                                                                                        0x00bca243
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca0ad
                                                                                                                                                                                                                                                        0x00bca0ad
                                                                                                                                                                                                                                                        0x00bca0b2
                                                                                                                                                                                                                                                        0x00bca0ba
                                                                                                                                                                                                                                                        0x00bca0be
                                                                                                                                                                                                                                                        0x00bca27a
                                                                                                                                                                                                                                                        0x00bca27f
                                                                                                                                                                                                                                                        0x00bca282
                                                                                                                                                                                                                                                        0x00bca287
                                                                                                                                                                                                                                                        0x00bca287
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca0be

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • TlsGetValue.KERNEL32(00000006), ref: 00BCA0C5
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BCA0DE
                                                                                                                                                                                                                                                        • TlsSetValue.KERNEL32(?,?), ref: 00BCA0F5
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000800), ref: 00BCA0FC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000800), ref: 00BCA10D
                                                                                                                                                                                                                                                        • TlsSetValue.KERNEL32(?,00000000), ref: 00BCA11F
                                                                                                                                                                                                                                                          • Part of subcall function 00BCA3A0: TlsAlloc.KERNEL32(?,00BCA095,?), ref: 00BCA3A3
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(00000000,?,?,00000002,00000001), ref: 00BCA16D
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(00000000,?,?,?,?,00000002,00000001), ref: 00BCA181
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BCA193
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BCA1DB
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BCA1E3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • PlatformThreadLocalStorage::AllocTLS(&key) && key != PlatformThreadLocalStorage::TLS_KEY_OUT_OF_INDEXES, xrefs: 00BCA24B
                                                                                                                                                                                                                                                        • PlatformThreadLocalStorage::AllocTLS(&key), xrefs: 00BCA211
                                                                                                                                                                                                                                                        • vs. , xrefs: 00BCA16F
                                                                                                                                                                                                                                                        • GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized, xrefs: 00BCA148
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc, xrefs: 00BCA1F5, 00BCA21B, 00BCA255
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@Value$??2@??6?$basic_ostream@V01@$??1?$basic_streambuf@??1ios_base@std@@Allocmemcpymemset
                                                                                                                                                                                                                                                        • String ID: vs. $/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc$GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized$PlatformThreadLocalStorage::AllocTLS(&key)$PlatformThreadLocalStorage::AllocTLS(&key) && key != PlatformThreadLocalStorage::TLS_KEY_OUT_OF_INDEXES
                                                                                                                                                                                                                                                        • API String ID: 2252309073-2247040611
                                                                                                                                                                                                                                                        • Opcode ID: 33d48ef5891c70f56af7b6e23f4e62c8253961dc7073f2041562d30a378a7c4b
                                                                                                                                                                                                                                                        • Instruction ID: b64c0b55e29efe85565913c0e0dc6ab3112c62c31a1d36cd0c6849e50ecc1d34
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33d48ef5891c70f56af7b6e23f4e62c8253961dc7073f2041562d30a378a7c4b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7A512471B04304ABD610AB249C46F7F77D5AB84B68F0045ACF989672E2DF70AD09C797
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        C-Code - Quality: 84%
                                                                                                                                                                                                                                                        			E00BB2E50(void** __ecx) {
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				void* _t12;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void _t15;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void** _t23;
                                                                                                                                                                                                                                                        				long _t24;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t23 = __ecx;
                                                                                                                                                                                                                                                        				_t12 = RegisterEventSourceW(0, L"Firefox"); // executed
                                                                                                                                                                                                                                                        				if(_t12 != 0) {
                                                                                                                                                                                                                                                        					_v28 = _t12;
                                                                                                                                                                                                                                                        					_t13 = strlen( *_t23);
                                                                                                                                                                                                                                                        					_t2 = _t13 + 8; // 0x8
                                                                                                                                                                                                                                                        					_t24 = _t2;
                                                                                                                                                                                                                                                        					_v24 = _t13;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t24);
                                                                                                                                                                                                                                                        					_t21 = _t13;
                                                                                                                                                                                                                                                        					memset(_t13, 0, _t24);
                                                                                                                                                                                                                                                        					_t15 = _t23[2];
                                                                                                                                                                                                                                                        					 *_t21 = _t15;
                                                                                                                                                                                                                                                        					_v20 = _t15;
                                                                                                                                                                                                                                                        					 *(_t21 + 4) = _t23[1];
                                                                                                                                                                                                                                                        					_t8 = _t21 + 8; // 0x8
                                                                                                                                                                                                                                                        					memcpy(_t8,  *_t23, _v24);
                                                                                                                                                                                                                                                        					_t25 = _v28;
                                                                                                                                                                                                                                                        					ReportEventW(_t25, 1, 0, _v20, 0, 0, _t24, 0, _t21);
                                                                                                                                                                                                                                                        					free(_t21);
                                                                                                                                                                                                                                                        					return DeregisterEventSource(_t25);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t12;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bb2e59
                                                                                                                                                                                                                                                        0x00bb2e62
                                                                                                                                                                                                                                                        0x00bb2e6a
                                                                                                                                                                                                                                                        0x00bb2e6e
                                                                                                                                                                                                                                                        0x00bb2e71
                                                                                                                                                                                                                                                        0x00bb2e79
                                                                                                                                                                                                                                                        0x00bb2e79
                                                                                                                                                                                                                                                        0x00bb2e7c
                                                                                                                                                                                                                                                        0x00bb2e80
                                                                                                                                                                                                                                                        0x00bb2e89
                                                                                                                                                                                                                                                        0x00bb2e8f
                                                                                                                                                                                                                                                        0x00bb2e97
                                                                                                                                                                                                                                                        0x00bb2e9a
                                                                                                                                                                                                                                                        0x00bb2e9c
                                                                                                                                                                                                                                                        0x00bb2ea2
                                                                                                                                                                                                                                                        0x00bb2ea5
                                                                                                                                                                                                                                                        0x00bb2eae
                                                                                                                                                                                                                                                        0x00bb2ec5
                                                                                                                                                                                                                                                        0x00bb2ec9
                                                                                                                                                                                                                                                        0x00bb2ed0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2eda
                                                                                                                                                                                                                                                        0x00bb2ee7

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegisterEventSourceW.ADVAPI32(00000000,Firefox), ref: 00BB2E62
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB2E71
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000008), ref: 00BB2E80
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB2E8F
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000008,?,?), ref: 00BB2EAE
                                                                                                                                                                                                                                                        • ReportEventW.ADVAPI32(?,00000001,00000000,?,00000000,00000000,00000008,00000000,00000000), ref: 00BB2EC9
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB2ED0
                                                                                                                                                                                                                                                        • DeregisterEventSource.ADVAPI32(?), ref: 00BB2EDA
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Event$Source$DeregisterRegisterReportfreememcpymemsetmoz_xmallocstrlen
                                                                                                                                                                                                                                                        • String ID: Firefox
                                                                                                                                                                                                                                                        • API String ID: 495472538-3930541253
                                                                                                                                                                                                                                                        • Opcode ID: 8115a05500281ac52acc10809d9e6e6fccf0c5ff383d1b95d6f5adca9efa9fcf
                                                                                                                                                                                                                                                        • Instruction ID: 489107cc021bba1149633f1558dd49e966859cc04afc6b1fcb97edb9cb1f9ae6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8115a05500281ac52acc10809d9e6e6fccf0c5ff383d1b95d6f5adca9efa9fcf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F117376900215BBDB109BA5EC4AFAB7BB8EF04710F144021FA08AB251EB71A914CBE5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1039 bba640-bba651 1040 bba653-bba659 1039->1040 1041 bba65f-bba679 moz_xmalloc memset 1040->1041 1042 bba6e2-bba6e7 1040->1042 1043 bba67b-bba68a GetModuleFileNameW 1041->1043 1044 bba6ec-bba6f6 free 1041->1044 1042->1041 1045 bba6f8-bba701 1043->1045 1046 bba68c-bba690 1043->1046 1044->1043 1047 bba6cc-bba6e1 free 1045->1047 1048 bba703-bba714 GetLastError 1046->1048 1049 bba692-bba697 1046->1049 1048->1040 1050 bba71a 1048->1050 1051 bba71f-bba724 1049->1051 1052 bba69d-bba6c5 moz_xmalloc memset wcscpy_s 1049->1052 1050->1049 1051->1052 1053 bba729-bba73c free 1052->1053 1054 bba6c7-bba6ca 1052->1054 1053->1047 1054->1047
                                                                                                                                                                                                                                                        C-Code - Quality: 62%
                                                                                                                                                                                                                                                        			E00BBA640(void* __eax, int* __ecx) {
                                                                                                                                                                                                                                                        				int* _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				long _t12;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				int _t16;
                                                                                                                                                                                                                                                        				WCHAR* _t17;
                                                                                                                                                                                                                                                        				long _t18;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				long _t21;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				int* _t23;
                                                                                                                                                                                                                                                        				int _t25;
                                                                                                                                                                                                                                                        				long _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t10 = __eax;
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_t21 = 0x104;
                                                                                                                                                                                                                                                        				_t22 = 0;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t26 = _t21;
                                                                                                                                                                                                                                                        					_t16 = _t21 + _t21;
                                                                                                                                                                                                                                                        					if(_t16 < 0) {
                                                                                                                                                                                                                                                        						_t16 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t16); // executed
                                                                                                                                                                                                                                                        					_t17 = _t10;
                                                                                                                                                                                                                                                        					memset(_t10, 0, _t16);
                                                                                                                                                                                                                                                        					_t28 = _t28 + 0x10;
                                                                                                                                                                                                                                                        					if(_t22 != 0) {
                                                                                                                                                                                                                                                        						free(_t22);
                                                                                                                                                                                                                                                        						_t28 = _t28 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v24 = _t17;
                                                                                                                                                                                                                                                        					_t12 = GetModuleFileNameW(0, _t17, _t26);
                                                                                                                                                                                                                                                        					if(_t12 == 0) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t18 = _t12;
                                                                                                                                                                                                                                                        					if(_t12 == _t26) {
                                                                                                                                                                                                                                                        						_t10 = GetLastError();
                                                                                                                                                                                                                                                        						_t22 = _v24;
                                                                                                                                                                                                                                                        						_t21 = _t26 + _t26;
                                                                                                                                                                                                                                                        						_t18 = _t26;
                                                                                                                                                                                                                                                        						if(_t10 == 0x7a) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t19 = _t18 + 1;
                                                                                                                                                                                                                                                        					_t25 = _t19 + _t19;
                                                                                                                                                                                                                                                        					if(_t25 < 0) {
                                                                                                                                                                                                                                                        						_t25 = 0xffffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t25); // executed
                                                                                                                                                                                                                                                        					_t27 = _t10;
                                                                                                                                                                                                                                                        					_t14 = memset(_t10, 0, _t25);
                                                                                                                                                                                                                                                        					__imp__wcscpy_s(_t27, _t19, _v24);
                                                                                                                                                                                                                                                        					_t28 = _t28 + 0x1c;
                                                                                                                                                                                                                                                        					if(_t14 != 0) {
                                                                                                                                                                                                                                                        						_t23 = _v20;
                                                                                                                                                                                                                                                        						 *_t23 = 0;
                                                                                                                                                                                                                                                        						free(_t27);
                                                                                                                                                                                                                                                        						_t28 = _t28 + 4;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t23 = _v20;
                                                                                                                                                                                                                                                        						 *_t23 = _t27;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					free(_v24);
                                                                                                                                                                                                                                                        					return _t23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t23 = _v20;
                                                                                                                                                                                                                                                        				 *_t23 = 0;
                                                                                                                                                                                                                                                        				goto L8;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bba640
                                                                                                                                                                                                                                                        0x00bba649
                                                                                                                                                                                                                                                        0x00bba64c
                                                                                                                                                                                                                                                        0x00bba651
                                                                                                                                                                                                                                                        0x00bba653
                                                                                                                                                                                                                                                        0x00bba655
                                                                                                                                                                                                                                                        0x00bba657
                                                                                                                                                                                                                                                        0x00bba659
                                                                                                                                                                                                                                                        0x00bba6e2
                                                                                                                                                                                                                                                        0x00bba6e2
                                                                                                                                                                                                                                                        0x00bba660
                                                                                                                                                                                                                                                        0x00bba66a
                                                                                                                                                                                                                                                        0x00bba66f
                                                                                                                                                                                                                                                        0x00bba674
                                                                                                                                                                                                                                                        0x00bba679
                                                                                                                                                                                                                                                        0x00bba6ed
                                                                                                                                                                                                                                                        0x00bba6f3
                                                                                                                                                                                                                                                        0x00bba6f3
                                                                                                                                                                                                                                                        0x00bba67c
                                                                                                                                                                                                                                                        0x00bba682
                                                                                                                                                                                                                                                        0x00bba68a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba68c
                                                                                                                                                                                                                                                        0x00bba690
                                                                                                                                                                                                                                                        0x00bba703
                                                                                                                                                                                                                                                        0x00bba709
                                                                                                                                                                                                                                                        0x00bba70c
                                                                                                                                                                                                                                                        0x00bba712
                                                                                                                                                                                                                                                        0x00bba714
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba71a
                                                                                                                                                                                                                                                        0x00bba692
                                                                                                                                                                                                                                                        0x00bba695
                                                                                                                                                                                                                                                        0x00bba697
                                                                                                                                                                                                                                                        0x00bba71f
                                                                                                                                                                                                                                                        0x00bba71f
                                                                                                                                                                                                                                                        0x00bba69e
                                                                                                                                                                                                                                                        0x00bba6a7
                                                                                                                                                                                                                                                        0x00bba6ad
                                                                                                                                                                                                                                                        0x00bba6ba
                                                                                                                                                                                                                                                        0x00bba6c0
                                                                                                                                                                                                                                                        0x00bba6c5
                                                                                                                                                                                                                                                        0x00bba729
                                                                                                                                                                                                                                                        0x00bba72c
                                                                                                                                                                                                                                                        0x00bba733
                                                                                                                                                                                                                                                        0x00bba739
                                                                                                                                                                                                                                                        0x00bba6c7
                                                                                                                                                                                                                                                        0x00bba6c7
                                                                                                                                                                                                                                                        0x00bba6ca
                                                                                                                                                                                                                                                        0x00bba6ca
                                                                                                                                                                                                                                                        0x00bba6cc
                                                                                                                                                                                                                                                        0x00bba6cf
                                                                                                                                                                                                                                                        0x00bba6e1
                                                                                                                                                                                                                                                        0x00bba6e1
                                                                                                                                                                                                                                                        0x00bba6f8
                                                                                                                                                                                                                                                        0x00bba6fb
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,00BB2D36,?,00BB3EE0), ref: 00BBA660
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBA66F
                                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA682
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA69E
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBA6AD
                                                                                                                                                                                                                                                        • wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000105,?,?,?,?,?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6BA
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6CF
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6ED
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA703
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00BB2D36), ref: 00BBA733
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$memsetmoz_xmalloc$ErrorFileLastModuleNamewcscpy_s
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2246558024-0
                                                                                                                                                                                                                                                        • Opcode ID: 7157a0f538fdd02a2b60892b942b4c96a790cf706ccabdb894722f5f07c68f01
                                                                                                                                                                                                                                                        • Instruction ID: 3bdf9023a7518ccb4b5bcd0de4dab02a88a2b17dbb9229c2acea8f3aad065779
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7157a0f538fdd02a2b60892b942b4c96a790cf706ccabdb894722f5f07c68f01
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9121F1B2D002069BD7101B65AC88BBF7BB8EF44725F280061E806A3291EBB15D19C7A7
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1055 bebe20-bebe42 getenv 1056 bebe5a-bebe80 1055->1056 1057 bebe44 call bcab40 1055->1057 1059 bebe82-bebe8c LoadLibraryW 1056->1059 1060 bebe91-bebed2 InitOnceExecuteOnce 1056->1060 1062 bebe49-bebe59 call beecb0 1057->1062 1059->1060 1060->1057 1061 bebed8-bebedc 1060->1061 1061->1057 1063 bebee2-bebf1d InitOnceExecuteOnce 1061->1063 1063->1057 1065 bebf23-bebf27 1063->1065 1065->1062 1067 bebf2d 1065->1067 1067->1057
                                                                                                                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                                                                                                                        			E00BEBE20() {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				short _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				char* _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				short _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t25;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				WCHAR* _t31;
                                                                                                                                                                                                                                                        				char* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t23 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t23 ^ _t33;
                                                                                                                                                                                                                                                        				_t25 = getenv("MOZ_ENABLE_HANDLE_VERIFIER");
                                                                                                                                                                                                                                                        				if(_t25 != 0) {
                                                                                                                                                                                                                                                        					asm("movaps xmm0, [0xbf1e50]");
                                                                                                                                                                                                                                                        					asm("movups [ebp-0x28], xmm0");
                                                                                                                                                                                                                                                        					_v28 = 0x64002e;
                                                                                                                                                                                                                                                        					_v24 = 0x6c006c;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					if( *0xbfb710 == 0) {
                                                                                                                                                                                                                                                        						_t25 = LoadLibraryW( &_v44);
                                                                                                                                                                                                                                                        						 *0xbfb710 = _t25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t32 =  &_v48;
                                                                                                                                                                                                                                                        					_t31 =  &_v44;
                                                                                                                                                                                                                                                        					_v44 = 0xbfb75c;
                                                                                                                                                                                                                                                        					_v40 = 0xbfb6dc;
                                                                                                                                                                                                                                                        					_v36 = "CloseHandle";
                                                                                                                                                                                                                                                        					_v32 = E00BEBF40;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					__imp__InitOnceExecuteOnce(0xbfb760, 0xbebfa0, _t31, _t32);
                                                                                                                                                                                                                                                        					if(_t25 != 0 && _v48 != 0) {
                                                                                                                                                                                                                                                        						_v44 = 0xbfb764;
                                                                                                                                                                                                                                                        						_v40 = 0xbfb6dc;
                                                                                                                                                                                                                                                        						_v36 = "DuplicateHandle";
                                                                                                                                                                                                                                                        						_v32 = E00BEBF60;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						__imp__InitOnceExecuteOnce(0xbfb768, 0xbebfa0, _t31, _t32);
                                                                                                                                                                                                                                                        						if(_t25 == 0) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v48 != 0) {
                                                                                                                                                                                                                                                        							L2:
                                                                                                                                                                                                                                                        							return E00BEECB0(_t25, _v16 ^ _t33, _t30);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BCAB40(); // executed
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00bebe28
                                                                                                                                                                                                                                                        0x00bebe2f
                                                                                                                                                                                                                                                        0x00bebe37
                                                                                                                                                                                                                                                        0x00bebe42
                                                                                                                                                                                                                                                        0x00bebe5a
                                                                                                                                                                                                                                                        0x00bebe68
                                                                                                                                                                                                                                                        0x00bebe6c
                                                                                                                                                                                                                                                        0x00bebe73
                                                                                                                                                                                                                                                        0x00bebe7a
                                                                                                                                                                                                                                                        0x00bebe80
                                                                                                                                                                                                                                                        0x00bebe86
                                                                                                                                                                                                                                                        0x00bebe8c
                                                                                                                                                                                                                                                        0x00bebe8c
                                                                                                                                                                                                                                                        0x00bebe91
                                                                                                                                                                                                                                                        0x00bebe94
                                                                                                                                                                                                                                                        0x00bebe97
                                                                                                                                                                                                                                                        0x00bebe9e
                                                                                                                                                                                                                                                        0x00bebea5
                                                                                                                                                                                                                                                        0x00bebeac
                                                                                                                                                                                                                                                        0x00bebeb3
                                                                                                                                                                                                                                                        0x00bebeba
                                                                                                                                                                                                                                                        0x00bebeca
                                                                                                                                                                                                                                                        0x00bebed2
                                                                                                                                                                                                                                                        0x00bebee2
                                                                                                                                                                                                                                                        0x00bebee9
                                                                                                                                                                                                                                                        0x00bebef0
                                                                                                                                                                                                                                                        0x00bebef7
                                                                                                                                                                                                                                                        0x00bebefe
                                                                                                                                                                                                                                                        0x00bebf05
                                                                                                                                                                                                                                                        0x00bebf15
                                                                                                                                                                                                                                                        0x00bebf1d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bebf27
                                                                                                                                                                                                                                                        0x00bebe49
                                                                                                                                                                                                                                                        0x00bebe59
                                                                                                                                                                                                                                                        0x00bebe59
                                                                                                                                                                                                                                                        0x00bebf2d
                                                                                                                                                                                                                                                        0x00bebed2
                                                                                                                                                                                                                                                        0x00bebe44
                                                                                                                                                                                                                                                        0x00bebe44
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_ENABLE_HANDLE_VERIFIER,?,?,?,?,?,00000000,?,?,00BEBDB7,?,00BEBD7B,00BB1412), ref: 00BEBE37
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(?), ref: 00BEBE86
                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(00BFB760,00BEBFA0,?,?), ref: 00BEBECA
                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(00BFB768,00BEBFA0,?,?), ref: 00BEBF15
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Once$ExecuteInit$LibraryLoadgetenv
                                                                                                                                                                                                                                                        • String ID: .$DuplicateHandle$MOZ_ENABLE_HANDLE_VERIFIER$l
                                                                                                                                                                                                                                                        • API String ID: 3097556743-1064258692
                                                                                                                                                                                                                                                        • Opcode ID: 79b7be14cfd7f1d409a21e5e3decb8f1ecec4dcdd1bdbe1144b04d054f48fb6e
                                                                                                                                                                                                                                                        • Instruction ID: 9fb84546bf79cb526e9396962f5eff2a239ec72ab6e5434b2b44df0fab296bdd
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 79b7be14cfd7f1d409a21e5e3decb8f1ecec4dcdd1bdbe1144b04d054f48fb6e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 44214871D0038D9ADB109FA6D849FEFBBF5EB48718F045498D61077260DBB05A88CFA9
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1068 bc0700-bc0731 RtlQueryPerformanceCounter 1069 bc0745-bc0747 1068->1069 1070 bc0733-bc0742 1068->1070 1071 bc074d-bc0764 1069->1071 1072 bc09bb-bc09f3 RtlAcquireSRWLockShared RtlReleaseSRWLockShared call beecb0 1069->1072 1070->1069 1073 bc07c8-bc07e8 RtlCaptureStackBackTrace 1071->1073 1074 bc0766-bc0774 1071->1074 1078 bc0848-bc084a 1073->1078 1079 bc07ea-bc07f3 1073->1079 1075 bc078f-bc07c5 memset 1074->1075 1076 bc0776-bc077c call bc0d40 1074->1076 1075->1073 1089 bc0781-bc0783 1076->1089 1082 bc084d-bc0856 1078->1082 1080 bc080a-bc080c 1079->1080 1081 bc07f5-bc0808 call bc0d40 1079->1081 1086 bc080e-bc0843 memset 1080->1086 1087 bc0846 1080->1087 1081->1080 1081->1082 1082->1072 1088 bc085c-bc0862 1082->1088 1086->1087 1087->1078 1088->1072 1092 bc0868-bc086a 1088->1092 1089->1072 1093 bc0789-bc078c 1089->1093 1094 bc086c-bc0872 1092->1094 1095 bc08ab-bc08d1 RtlFreeHeap 1092->1095 1093->1075 1094->1072 1096 bc0878-bc089c RtlReAllocateHeap 1094->1096 1095->1072 1097 bc089e-bc08a0 1096->1097 1098 bc08d6-bc08de 1096->1098 1099 bc09ae-bc09b8 1097->1099 1101 bc08a6 1097->1101 1098->1099 1100 bc08e4-bc090f 1098->1100 1099->1072 1102 bc091a-bc0935 1100->1102 1103 bc0911-bc0915 1100->1103 1101->1072 1105 bc094e-bc096c 1102->1105 1106 bc0937-bc0941 1102->1106 1104 bc09a0-bc09ac 1103->1104 1104->1099 1104->1104 1108 bc096e-bc0990 1105->1108 1106->1105 1107 bc0943-bc094c 1106->1107 1107->1104 1108->1108 1109 bc0992-bc099e 1108->1109 1109->1099 1109->1104
                                                                                                                                                                                                                                                        C-Code - Quality: 83%
                                                                                                                                                                                                                                                        			E00BC0700(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				void** _v72;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				signed int _v84;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				void* _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        				void* _t119;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				intOrPtr _t122;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				intOrPtr _t134;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				void* _t143;
                                                                                                                                                                                                                                                        				void* _t147;
                                                                                                                                                                                                                                                        				intOrPtr _t148;
                                                                                                                                                                                                                                                        				void* _t149;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				intOrPtr* _t156;
                                                                                                                                                                                                                                                        				intOrPtr _t159;
                                                                                                                                                                                                                                                        				void** _t166;
                                                                                                                                                                                                                                                        				signed int _t168;
                                                                                                                                                                                                                                                        				void* _t171;
                                                                                                                                                                                                                                                        				signed int _t175;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				signed int _t184;
                                                                                                                                                                                                                                                        				void* _t187;
                                                                                                                                                                                                                                                        				intOrPtr _t189;
                                                                                                                                                                                                                                                        				signed int _t190;
                                                                                                                                                                                                                                                        				signed int _t191;
                                                                                                                                                                                                                                                        				signed int _t192;
                                                                                                                                                                                                                                                        				signed int _t193;
                                                                                                                                                                                                                                                        				intOrPtr* _t194;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				signed int _t197;
                                                                                                                                                                                                                                                        				intOrPtr _t198;
                                                                                                                                                                                                                                                        				signed int _t199;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				signed int _t203;
                                                                                                                                                                                                                                                        				signed int _t204;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t206 = (_t204 & 0xfffffff8) - 0x28;
                                                                                                                                                                                                                                                        				_t106 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t189 = _a12;
                                                                                                                                                                                                                                                        				_t148 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t106 ^ _t203;
                                                                                                                                                                                                                                                        				_push( &_v32);
                                                                                                                                                                                                                                                        				L00BEF74A();
                                                                                                                                                                                                                                                        				_t155 =  *(_t189 + 8);
                                                                                                                                                                                                                                                        				_t179 = _t155 |  *(_t189 + 0xc);
                                                                                                                                                                                                                                                        				if((_t155 |  *(_t189 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        					_t179 = _v36 - _t155;
                                                                                                                                                                                                                                                        					asm("sbb esi, eax");
                                                                                                                                                                                                                                                        					 *(_t189 + 8) = _v36 - _t155;
                                                                                                                                                                                                                                                        					 *(_t189 + 0xc) = _v32;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t148 >= 0) {
                                                                                                                                                                                                                                                        					_t198 = _a12;
                                                                                                                                                                                                                                                        					_t190 = 0x200;
                                                                                                                                                                                                                                                        					_v56 = _t198 + 0x28;
                                                                                                                                                                                                                                                        					_t114 =  *(_t198 + 0x2c);
                                                                                                                                                                                                                                                        					if(_t114 > 0x1ff) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						 *(_t198 + 0x2c) = _t190;
                                                                                                                                                                                                                                                        						__imp__RtlCaptureStackBackTrace(2, 0x200,  *(_t198 + 0x28), 0);
                                                                                                                                                                                                                                                        						_t159 = _a12;
                                                                                                                                                                                                                                                        						_t191 = _t114 & 0x0000ffff;
                                                                                                                                                                                                                                                        						_t199 =  *(_t159 + 0x2c);
                                                                                                                                                                                                                                                        						if(_t199 >= _t191) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t200 = _t191;
                                                                                                                                                                                                                                                        							 *(_t159 + 0x2c) = _t191;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t195 = _t191 - _t199;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t159 + 0x30)) - _t199 >= _t195) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								if(_t195 > 0) {
                                                                                                                                                                                                                                                        									_t138 =  *_v72;
                                                                                                                                                                                                                                                        									_t171 = _t138 + _t199 * 4;
                                                                                                                                                                                                                                                        									_t149 = _t138 + 4 + _t199 * 4;
                                                                                                                                                                                                                                                        									_t179 = _t171 + _t195 * 4;
                                                                                                                                                                                                                                                        									_t150 =  >  ? _t179 : _t149;
                                                                                                                                                                                                                                                        									_t151 = ( >  ? _t179 : _t149) - (_t199 << 2);
                                                                                                                                                                                                                                                        									_t148 = _a8;
                                                                                                                                                                                                                                                        									_t141 = ( >  ? _t179 : _t149) - (_t199 << 0x00000002) +  !_t138 + 0x00000004 & 0xfffffffc;
                                                                                                                                                                                                                                                        									memset(_t171, 0, ( >  ? _t179 : _t149) - (_t199 << 0x00000002) +  !_t138 + 0x00000004 & 0xfffffffc);
                                                                                                                                                                                                                                                        									_t159 = _a12;
                                                                                                                                                                                                                                                        									_t199 =  *(_t159 + 0x2c);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t191 = _t195 + _t199;
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t179 = _t195;
                                                                                                                                                                                                                                                        								_t143 = E00BC0D40(_v72, _t195);
                                                                                                                                                                                                                                                        								_t159 = _a12;
                                                                                                                                                                                                                                                        								_t200 =  *(_t159 + 0x2c);
                                                                                                                                                                                                                                                        								if(_t143 != 0) {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t116 =  *_v72;
                                                                                                                                                                                                                                                        						if(_t116 != 4 && _t200 !=  *((intOrPtr*)(_a12 + 0x30))) {
                                                                                                                                                                                                                                                        							if(_t200 == 0) {
                                                                                                                                                                                                                                                        								RtlFreeHeap( *( *( *[fs:0x18] + 0x30) + 0x18), 0, _t116);
                                                                                                                                                                                                                                                        								_t118 = _a12;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t118 + 0x28)) = 4;
                                                                                                                                                                                                                                                        								 *(_t118 + 0x30) = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_t200 <= 0x3fffffff) {
                                                                                                                                                                                                                                                        									_t179 =  *( *[fs:0x18] + 0x30);
                                                                                                                                                                                                                                                        									_t119 = RtlReAllocateHeap( *( *( *[fs:0x18] + 0x30) + 0x18), 0, _t116, _t200 * 4);
                                                                                                                                                                                                                                                        									_v68 = _t119;
                                                                                                                                                                                                                                                        									if(_t119 == 4) {
                                                                                                                                                                                                                                                        										_t121 =  *(_a12 + 0x2c);
                                                                                                                                                                                                                                                        										if(_t121 > 0) {
                                                                                                                                                                                                                                                        											_t192 =  *(_a12 + 0x28);
                                                                                                                                                                                                                                                        											_t166 = _t192 + _t121 * 4;
                                                                                                                                                                                                                                                        											_t181 = _t192 + 4;
                                                                                                                                                                                                                                                        											_v84 = _t192;
                                                                                                                                                                                                                                                        											_t193 =  !_t192;
                                                                                                                                                                                                                                                        											_v80 = _t193;
                                                                                                                                                                                                                                                        											_t124 =  >  ? _t166 : _t181;
                                                                                                                                                                                                                                                        											_t125 = ( >  ? _t166 : _t181) + _t193;
                                                                                                                                                                                                                                                        											_t194 = 4;
                                                                                                                                                                                                                                                        											_t126 = ( >  ? _t166 : _t181) + _t193 >> 2;
                                                                                                                                                                                                                                                        											_t127 = (( >  ? _t166 : _t181) + _t193 >> 2) + 1;
                                                                                                                                                                                                                                                        											if(_t127 >= 8) {
                                                                                                                                                                                                                                                        												_v76 = _t127;
                                                                                                                                                                                                                                                        												_t182 =  >  ? _t166 : _t181;
                                                                                                                                                                                                                                                        												_t183 = ( >  ? _t166 : _t181) + _v80;
                                                                                                                                                                                                                                                        												_t184 = ( >  ? _t166 : _t181) + _v80 & 0xfffffffc;
                                                                                                                                                                                                                                                        												if(_v84 + _t184 + 4 < 5 || _v84 >= _t184 + 8) {
                                                                                                                                                                                                                                                        													_v72 = _t166;
                                                                                                                                                                                                                                                        													_t168 = _v76 & 0xfffffff8;
                                                                                                                                                                                                                                                        													_t179 = _v84 + _t168 * 4;
                                                                                                                                                                                                                                                        													_v80 = _t168;
                                                                                                                                                                                                                                                        													_t194 = 4 + _t168 * 4;
                                                                                                                                                                                                                                                        													_t132 = 0;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														asm("movups xmm0, [ecx+eax*4]");
                                                                                                                                                                                                                                                        														asm("movups xmm1, [ecx+eax*4+0x10]");
                                                                                                                                                                                                                                                        														asm("movups [ecx+eax*4], xmm0");
                                                                                                                                                                                                                                                        														asm("movups [ecx+eax*4+0x10], xmm1");
                                                                                                                                                                                                                                                        														_t132 = _t132 + 8;
                                                                                                                                                                                                                                                        													} while (_v80 != _t132);
                                                                                                                                                                                                                                                        													_t166 = _v72;
                                                                                                                                                                                                                                                        													if(_v76 != _v80) {
                                                                                                                                                                                                                                                        														goto L32;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t179 = _v84;
                                                                                                                                                                                                                                                        													_t194 = 4;
                                                                                                                                                                                                                                                        													goto L32;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t179 = _v84;
                                                                                                                                                                                                                                                        												do {
                                                                                                                                                                                                                                                        													L32:
                                                                                                                                                                                                                                                        													_t134 =  *_t179;
                                                                                                                                                                                                                                                        													_t179 = _t179 + 4;
                                                                                                                                                                                                                                                        													 *_t194 = _t134;
                                                                                                                                                                                                                                                        													_t194 = _t194 + 4;
                                                                                                                                                                                                                                                        												} while (_t179 < _t166);
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L33;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										if(_t119 != 0) {
                                                                                                                                                                                                                                                        											L33:
                                                                                                                                                                                                                                                        											_t122 = _a12;
                                                                                                                                                                                                                                                        											 *(_t122 + 0x28) = _v68;
                                                                                                                                                                                                                                                        											 *(_t122 + 0x30) = _t200;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t197 = 0x200 - _t114;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t198 + 0x30)) - _t114 >= 0x200) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_t175 =  *(_t198 + 0x28);
                                                                                                                                                                                                                                                        							_t187 = _t175 + _t114 * 4;
                                                                                                                                                                                                                                                        							_t152 = _t175 + 4 + _t114 * 4;
                                                                                                                                                                                                                                                        							_v52 = _t187;
                                                                                                                                                                                                                                                        							_t179 = _t187 + _t197 * 4;
                                                                                                                                                                                                                                                        							_t153 =  >  ? _t179 : _t152;
                                                                                                                                                                                                                                                        							_t154 = ( >  ? _t179 : _t152) - (_t114 << 2);
                                                                                                                                                                                                                                                        							_t148 = _a8;
                                                                                                                                                                                                                                                        							_t114 = memset(_v52, 0, ( >  ? _t179 : _t152) - (_t114 << 0x00000002) +  !_t175 + 0x00000004 & 0xfffffffc);
                                                                                                                                                                                                                                                        							_t206 = _t206 + 0xc;
                                                                                                                                                                                                                                                        							_t190 = _t197 +  *(_t198 + 0x2c);
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t179 = 0x200; // executed
                                                                                                                                                                                                                                                        							_t147 = E00BC0D40(_v56, 0x200); // executed
                                                                                                                                                                                                                                                        							if(_t147 != 0) {
                                                                                                                                                                                                                                                        								_t198 = _a12;
                                                                                                                                                                                                                                                        								_t114 =  *(_t198 + 0x2c);
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L00BEF70E();
                                                                                                                                                                                                                                                        				_t156 =  *0xbfa040; // 0x6f5c002c
                                                                                                                                                                                                                                                        				_t111 =  *((intOrPtr*)( *_t156 + 8))(_a4, _t148, _a12, 0xbfa7c8);
                                                                                                                                                                                                                                                        				_push(0xbfa7c8);
                                                                                                                                                                                                                                                        				L00BEF75C();
                                                                                                                                                                                                                                                        				return E00BEECB0(_t111, _v48 ^ _t203, _t179);
                                                                                                                                                                                                                                                        			}
























































                                                                                                                                                                                                                                                        0x00bc0709
                                                                                                                                                                                                                                                        0x00bc070c
                                                                                                                                                                                                                                                        0x00bc0711
                                                                                                                                                                                                                                                        0x00bc0714
                                                                                                                                                                                                                                                        0x00bc0719
                                                                                                                                                                                                                                                        0x00bc0721
                                                                                                                                                                                                                                                        0x00bc0722
                                                                                                                                                                                                                                                        0x00bc0727
                                                                                                                                                                                                                                                        0x00bc072f
                                                                                                                                                                                                                                                        0x00bc0731
                                                                                                                                                                                                                                                        0x00bc073b
                                                                                                                                                                                                                                                        0x00bc073d
                                                                                                                                                                                                                                                        0x00bc073f
                                                                                                                                                                                                                                                        0x00bc0742
                                                                                                                                                                                                                                                        0x00bc0742
                                                                                                                                                                                                                                                        0x00bc0747
                                                                                                                                                                                                                                                        0x00bc074d
                                                                                                                                                                                                                                                        0x00bc0750
                                                                                                                                                                                                                                                        0x00bc0758
                                                                                                                                                                                                                                                        0x00bc075c
                                                                                                                                                                                                                                                        0x00bc0764
                                                                                                                                                                                                                                                        0x00bc07c8
                                                                                                                                                                                                                                                        0x00bc07c8
                                                                                                                                                                                                                                                        0x00bc07d7
                                                                                                                                                                                                                                                        0x00bc07dd
                                                                                                                                                                                                                                                        0x00bc07e0
                                                                                                                                                                                                                                                        0x00bc07e3
                                                                                                                                                                                                                                                        0x00bc07e8
                                                                                                                                                                                                                                                        0x00bc0848
                                                                                                                                                                                                                                                        0x00bc0848
                                                                                                                                                                                                                                                        0x00bc084a
                                                                                                                                                                                                                                                        0x00bc07ea
                                                                                                                                                                                                                                                        0x00bc07ed
                                                                                                                                                                                                                                                        0x00bc07f3
                                                                                                                                                                                                                                                        0x00bc080a
                                                                                                                                                                                                                                                        0x00bc080c
                                                                                                                                                                                                                                                        0x00bc0812
                                                                                                                                                                                                                                                        0x00bc0814
                                                                                                                                                                                                                                                        0x00bc0817
                                                                                                                                                                                                                                                        0x00bc081d
                                                                                                                                                                                                                                                        0x00bc0822
                                                                                                                                                                                                                                                        0x00bc0828
                                                                                                                                                                                                                                                        0x00bc082e
                                                                                                                                                                                                                                                        0x00bc0831
                                                                                                                                                                                                                                                        0x00bc0838
                                                                                                                                                                                                                                                        0x00bc083d
                                                                                                                                                                                                                                                        0x00bc0843
                                                                                                                                                                                                                                                        0x00bc0843
                                                                                                                                                                                                                                                        0x00bc0846
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc07f5
                                                                                                                                                                                                                                                        0x00bc07f9
                                                                                                                                                                                                                                                        0x00bc07fb
                                                                                                                                                                                                                                                        0x00bc0800
                                                                                                                                                                                                                                                        0x00bc0805
                                                                                                                                                                                                                                                        0x00bc0808
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0808
                                                                                                                                                                                                                                                        0x00bc07f3
                                                                                                                                                                                                                                                        0x00bc0851
                                                                                                                                                                                                                                                        0x00bc0856
                                                                                                                                                                                                                                                        0x00bc086a
                                                                                                                                                                                                                                                        0x00bc08bb
                                                                                                                                                                                                                                                        0x00bc08c0
                                                                                                                                                                                                                                                        0x00bc08c3
                                                                                                                                                                                                                                                        0x00bc08ca
                                                                                                                                                                                                                                                        0x00bc086c
                                                                                                                                                                                                                                                        0x00bc0872
                                                                                                                                                                                                                                                        0x00bc0886
                                                                                                                                                                                                                                                        0x00bc0890
                                                                                                                                                                                                                                                        0x00bc0898
                                                                                                                                                                                                                                                        0x00bc089c
                                                                                                                                                                                                                                                        0x00bc08d9
                                                                                                                                                                                                                                                        0x00bc08de
                                                                                                                                                                                                                                                        0x00bc08e7
                                                                                                                                                                                                                                                        0x00bc08ea
                                                                                                                                                                                                                                                        0x00bc08ed
                                                                                                                                                                                                                                                        0x00bc08f0
                                                                                                                                                                                                                                                        0x00bc08f4
                                                                                                                                                                                                                                                        0x00bc08fa
                                                                                                                                                                                                                                                        0x00bc08fe
                                                                                                                                                                                                                                                        0x00bc0901
                                                                                                                                                                                                                                                        0x00bc0903
                                                                                                                                                                                                                                                        0x00bc0908
                                                                                                                                                                                                                                                        0x00bc090b
                                                                                                                                                                                                                                                        0x00bc090f
                                                                                                                                                                                                                                                        0x00bc091c
                                                                                                                                                                                                                                                        0x00bc0924
                                                                                                                                                                                                                                                        0x00bc0927
                                                                                                                                                                                                                                                        0x00bc092b
                                                                                                                                                                                                                                                        0x00bc0935
                                                                                                                                                                                                                                                        0x00bc094e
                                                                                                                                                                                                                                                        0x00bc095a
                                                                                                                                                                                                                                                        0x00bc095d
                                                                                                                                                                                                                                                        0x00bc0965
                                                                                                                                                                                                                                                        0x00bc0969
                                                                                                                                                                                                                                                        0x00bc096c
                                                                                                                                                                                                                                                        0x00bc096e
                                                                                                                                                                                                                                                        0x00bc0972
                                                                                                                                                                                                                                                        0x00bc0976
                                                                                                                                                                                                                                                        0x00bc0980
                                                                                                                                                                                                                                                        0x00bc0984
                                                                                                                                                                                                                                                        0x00bc0989
                                                                                                                                                                                                                                                        0x00bc098c
                                                                                                                                                                                                                                                        0x00bc0996
                                                                                                                                                                                                                                                        0x00bc099e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0943
                                                                                                                                                                                                                                                        0x00bc0943
                                                                                                                                                                                                                                                        0x00bc0947
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0947
                                                                                                                                                                                                                                                        0x00bc0911
                                                                                                                                                                                                                                                        0x00bc0911
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc09a2
                                                                                                                                                                                                                                                        0x00bc09a5
                                                                                                                                                                                                                                                        0x00bc09a7
                                                                                                                                                                                                                                                        0x00bc09aa
                                                                                                                                                                                                                                                        0x00bc09a0
                                                                                                                                                                                                                                                        0x00bc090f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc089e
                                                                                                                                                                                                                                                        0x00bc08a0
                                                                                                                                                                                                                                                        0x00bc09ae
                                                                                                                                                                                                                                                        0x00bc09ae
                                                                                                                                                                                                                                                        0x00bc09b5
                                                                                                                                                                                                                                                        0x00bc09b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc08a6
                                                                                                                                                                                                                                                        0x00bc08a0
                                                                                                                                                                                                                                                        0x00bc089c
                                                                                                                                                                                                                                                        0x00bc0872
                                                                                                                                                                                                                                                        0x00bc086a
                                                                                                                                                                                                                                                        0x00bc0766
                                                                                                                                                                                                                                                        0x00bc076e
                                                                                                                                                                                                                                                        0x00bc0774
                                                                                                                                                                                                                                                        0x00bc078f
                                                                                                                                                                                                                                                        0x00bc078f
                                                                                                                                                                                                                                                        0x00bc0792
                                                                                                                                                                                                                                                        0x00bc0795
                                                                                                                                                                                                                                                        0x00bc079e
                                                                                                                                                                                                                                                        0x00bc07a2
                                                                                                                                                                                                                                                        0x00bc07a7
                                                                                                                                                                                                                                                        0x00bc07aa
                                                                                                                                                                                                                                                        0x00bc07b0
                                                                                                                                                                                                                                                        0x00bc07bd
                                                                                                                                                                                                                                                        0x00bc07c2
                                                                                                                                                                                                                                                        0x00bc07c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0776
                                                                                                                                                                                                                                                        0x00bc077a
                                                                                                                                                                                                                                                        0x00bc077c
                                                                                                                                                                                                                                                        0x00bc0783
                                                                                                                                                                                                                                                        0x00bc0789
                                                                                                                                                                                                                                                        0x00bc078c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc078c
                                                                                                                                                                                                                                                        0x00bc0783
                                                                                                                                                                                                                                                        0x00bc0774
                                                                                                                                                                                                                                                        0x00bc0764
                                                                                                                                                                                                                                                        0x00bc09c0
                                                                                                                                                                                                                                                        0x00bc09c5
                                                                                                                                                                                                                                                        0x00bc09d4
                                                                                                                                                                                                                                                        0x00bc09d7
                                                                                                                                                                                                                                                        0x00bc09dc
                                                                                                                                                                                                                                                        0x00bc09f3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlQueryPerformanceCounter.NTDLL(?), ref: 00BC0722
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC07BD
                                                                                                                                                                                                                                                        • RtlCaptureStackBackTrace.NTDLL(00000002,00000200,?,00000000), ref: 00BC07D7
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC0838
                                                                                                                                                                                                                                                        • RtlReAllocateHeap.NTDLL ref: 00BC0890
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockShared.NTDLL(00BFA7C8), ref: 00BC09C0
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockShared.NTDLL(00BFA7C8), ref: 00BC09DC
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: LockSharedmemset$AcquireAllocateBackCaptureCounterHeapPerformanceQueryReleaseStackTrace
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 593168480-0
                                                                                                                                                                                                                                                        • Opcode ID: 05a061fb44c1fac7cb64798c61bbf6c6995bcda2adfb4892ec2d1724d1d4e9bc
                                                                                                                                                                                                                                                        • Instruction ID: 861d42dbc14e224fc2f2f70eee3a3f750a23a3838f9970476e7a9e3d69ab186d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 05a061fb44c1fac7cb64798c61bbf6c6995bcda2adfb4892ec2d1724d1d4e9bc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6EA14C71610701DFD714DF29C880F6AB7E2FB88314F148AADE8999B292D770EC56CB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1110 bc9f00-bc9f29 1111 bc9f2b-bc9f34 TlsGetValue 1110->1111 1112 bc9f36 call bca060 1110->1112 1111->1112 1113 bc9f3b-bc9f55 call bca290 RtlAcquireSRWLockExclusive 1111->1113 1112->1113 1117 bc9f56-bc9f64 1113->1117 1118 bc9fd8-bc9fdc 1117->1118 1119 bc9f66-bc9f90 1117->1119 1118->1117 1120 bc9fe2 1118->1120 1121 bc9f93-bc9fab RtlReleaseSRWLockExclusive 1119->1121 1120->1121 1122 bc9fad-bc9fc0 1121->1122 1123 bc9fe4-bc9ffd call bc2290 1121->1123 1125 bca01e-bca037 call bc2290 1122->1125 1126 bc9fc2-bc9fd7 call beecb0 1122->1126 1123->1122 1131 bc9fff-bca01c call bc2030 call bc20c0 1123->1131 1125->1126 1134 bca039-bca056 call bc2030 call bc20c0 1125->1134 1131->1122 1134->1126
                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BC9F00(signed int* __ecx, intOrPtr __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				signed int _v220;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				long _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				signed char _t36;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				signed int _t60;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				signed int* _t63;
                                                                                                                                                                                                                                                        				signed int _t65;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t59 = __edx;
                                                                                                                                                                                                                                                        				_t68 = (_t66 & 0xfffffff8) - 0xc8;
                                                                                                                                                                                                                                                        				_t30 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t61 = __edx;
                                                                                                                                                                                                                                                        				_t63 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t30 ^ _t65;
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa054; // 0x6
                                                                                                                                                                                                                                                        				if(_t32 == 0xffffffff || (TlsGetValue(_t32) & 0x00000003) == 0) {
                                                                                                                                                                                                                                                        					E00BCA060(_t59); // executed
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t34 = E00BCA290();
                                                                                                                                                                                                                                                        				_t48 = _t34;
                                                                                                                                                                                                                                                        				__imp__AcquireSRWLockExclusive(_t34);
                                                                                                                                                                                                                                                        				_t35 =  *0xbfa884; // 0x1
                                                                                                                                                                                                                                                        				_v220 = 0x100;
                                                                                                                                                                                                                                                        				_t36 = _t35 + 1;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t60 = _t36 & 0x000000ff;
                                                                                                                                                                                                                                                        					_t50 = _t60 + _t60 * 2;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(0xbfa888 + _t50 * 4)) == 0) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t36 = _t36 + 1;
                                                                                                                                                                                                                                                        					_v220 = _v220 - 1;
                                                                                                                                                                                                                                                        					__eflags = _v220;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						continue;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					__imp__ReleaseSRWLockExclusive(_t48);
                                                                                                                                                                                                                                                        					_t37 =  *_t63;
                                                                                                                                                                                                                                                        					_v216 = 0xffffffff;
                                                                                                                                                                                                                                                        					_v220 = _t37;
                                                                                                                                                                                                                                                        					if(_t37 == 0xffffffff) {
                                                                                                                                                                                                                                                        						_t39 = E00BC2290(_t60, __eflags,  &_v220,  &_v216, "slot_ != kInvalidSlotValue");
                                                                                                                                                                                                                                                        						_t68 = _t68 + 0xc;
                                                                                                                                                                                                                                                        						__eflags = _t39;
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							E00BC2030( &_v216, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0x196, _t39);
                                                                                                                                                                                                                                                        							E00BC20C0();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t40 =  *_t63;
                                                                                                                                                                                                                                                        					_v216 = 0x100;
                                                                                                                                                                                                                                                        					_v220 = _t40;
                                                                                                                                                                                                                                                        					if(_t40 > 0xff) {
                                                                                                                                                                                                                                                        						__eflags = E00BC2290(_t60, __eflags,  &_v220,  &_v216, "slot_ < kThreadLocalStorageSize");
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							_t40 = E00BC2030( &_v216, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc", 0x197, _t40);
                                                                                                                                                                                                                                                        							E00BC20C0();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return E00BEECB0(_t40, _v32 ^ _t65, _t60);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *0xbfa884 = _t60;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(0xbfa888 + _t50 * 4)) = 1;
                                                                                                                                                                                                                                                        				_t45 = _t60 * 4;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t45 + 0xbfa88c + _t45 * 2)) = _t61;
                                                                                                                                                                                                                                                        				 *_t63 = _t60;
                                                                                                                                                                                                                                                        				_t15 = _t45 * 2; // 0x10000
                                                                                                                                                                                                                                                        				_t63[1] =  *(_t45 + _t15 + 0xbfa890);
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}
























                                                                                                                                                                                                                                                        0x00bc9f00
                                                                                                                                                                                                                                                        0x00bc9f09
                                                                                                                                                                                                                                                        0x00bc9f0f
                                                                                                                                                                                                                                                        0x00bc9f14
                                                                                                                                                                                                                                                        0x00bc9f16
                                                                                                                                                                                                                                                        0x00bc9f1a
                                                                                                                                                                                                                                                        0x00bc9f21
                                                                                                                                                                                                                                                        0x00bc9f29
                                                                                                                                                                                                                                                        0x00bc9f36
                                                                                                                                                                                                                                                        0x00bc9f36
                                                                                                                                                                                                                                                        0x00bc9f3b
                                                                                                                                                                                                                                                        0x00bc9f40
                                                                                                                                                                                                                                                        0x00bc9f43
                                                                                                                                                                                                                                                        0x00bc9f49
                                                                                                                                                                                                                                                        0x00bc9f4e
                                                                                                                                                                                                                                                        0x00bc9f55
                                                                                                                                                                                                                                                        0x00bc9f56
                                                                                                                                                                                                                                                        0x00bc9f56
                                                                                                                                                                                                                                                        0x00bc9f59
                                                                                                                                                                                                                                                        0x00bc9f64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9fd8
                                                                                                                                                                                                                                                        0x00bc9fd9
                                                                                                                                                                                                                                                        0x00bc9fd9
                                                                                                                                                                                                                                                        0x00bc9fdc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc9f93
                                                                                                                                                                                                                                                        0x00bc9f94
                                                                                                                                                                                                                                                        0x00bc9f9a
                                                                                                                                                                                                                                                        0x00bc9f9c
                                                                                                                                                                                                                                                        0x00bc9fa7
                                                                                                                                                                                                                                                        0x00bc9fab
                                                                                                                                                                                                                                                        0x00bc9ff3
                                                                                                                                                                                                                                                        0x00bc9ff8
                                                                                                                                                                                                                                                        0x00bc9ffb
                                                                                                                                                                                                                                                        0x00bc9ffd
                                                                                                                                                                                                                                                        0x00bca010
                                                                                                                                                                                                                                                        0x00bca017
                                                                                                                                                                                                                                                        0x00bca017
                                                                                                                                                                                                                                                        0x00bc9ffd
                                                                                                                                                                                                                                                        0x00bc9fad
                                                                                                                                                                                                                                                        0x00bc9faf
                                                                                                                                                                                                                                                        0x00bc9fbc
                                                                                                                                                                                                                                                        0x00bc9fc0
                                                                                                                                                                                                                                                        0x00bca035
                                                                                                                                                                                                                                                        0x00bca037
                                                                                                                                                                                                                                                        0x00bca04a
                                                                                                                                                                                                                                                        0x00bca051
                                                                                                                                                                                                                                                        0x00bca051
                                                                                                                                                                                                                                                        0x00bca037
                                                                                                                                                                                                                                                        0x00bc9fd7
                                                                                                                                                                                                                                                        0x00bc9fd7
                                                                                                                                                                                                                                                        0x00bc9f6d
                                                                                                                                                                                                                                                        0x00bc9f73
                                                                                                                                                                                                                                                        0x00bc9f79
                                                                                                                                                                                                                                                        0x00bc9f80
                                                                                                                                                                                                                                                        0x00bc9f87
                                                                                                                                                                                                                                                        0x00bc9f89
                                                                                                                                                                                                                                                        0x00bc9f90
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • TlsGetValue.KERNEL32(00000006), ref: 00BC9F2C
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(00000000), ref: 00BC9F43
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BC9F94
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • slot_ != kInvalidSlotValue, xrefs: 00BC9FEC
                                                                                                                                                                                                                                                        • slot_ < kThreadLocalStorageSize, xrefs: 00BCA026
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc, xrefs: 00BCA00B, 00BCA045
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireReleaseValue
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc$slot_ != kInvalidSlotValue$slot_ < kThreadLocalStorageSize
                                                                                                                                                                                                                                                        • API String ID: 421378090-1005275948
                                                                                                                                                                                                                                                        • Opcode ID: 39cd2e8b9b8d2017013df94c64386e69375064d3418aac1a2d8ab497e5719334
                                                                                                                                                                                                                                                        • Instruction ID: 0d7becc27149e671cd99ad124510f970afe8117fee7590e4e006e4f9eae10f69
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 39cd2e8b9b8d2017013df94c64386e69375064d3418aac1a2d8ab497e5719334
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5531E1B06042059FE728EF24D845FBAB7E4EB44790F00499EF5A8C32E1DF75A905CB62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1142 bcb820-bcb851 1143 bcb868-bcb87c call bee547 1142->1143 1144 bcb853-bcb867 call beecb0 1142->1144 1143->1144 1149 bcb87e-bcb8e4 memset GetVersionExW GetProductInfo ??2@YAPAXI@Z call bcb920 1143->1149 1151 bcb8e9-bcb909 call bcb9f0 call bee599 1149->1151 1151->1144
                                                                                                                                                                                                                                                        C-Code - Quality: 80%
                                                                                                                                                                                                                                                        			E00BCB820() {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v296;
                                                                                                                                                                                                                                                        				void _v300;
                                                                                                                                                                                                                                                        				char _v304;
                                                                                                                                                                                                                                                        				int _v308;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __ebp;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				int* _t21;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t31;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOW* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t14 ^ _t33;
                                                                                                                                                                                                                                                        				_t25 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t30 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t16 =  *0xbfb4b0; // 0x80000005
                                                                                                                                                                                                                                                        				if(_t16 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t25 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					_t16 = E00BEE547(_t16, 0xbfb4b0);
                                                                                                                                                                                                                                                        					if( *0xbfb4b0 == 0xffffffff) {
                                                                                                                                                                                                                                                        						memset( &_v300, 0, 0x118);
                                                                                                                                                                                                                                                        						_t32 =  &_v304;
                                                                                                                                                                                                                                                        						_v304 = 0x11c;
                                                                                                                                                                                                                                                        						GetVersionExW(_t32);
                                                                                                                                                                                                                                                        						_t21 =  &_v308;
                                                                                                                                                                                                                                                        						_v308 = 0;
                                                                                                                                                                                                                                                        						__imp__GetProductInfo(_v300, _v296, 0, 0, _t21);
                                                                                                                                                                                                                                                        						_push(0x74);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t31 = _t21; // executed
                                                                                                                                                                                                                                                        						E00BCB920(); // executed
                                                                                                                                                                                                                                                        						_t30 = _t32;
                                                                                                                                                                                                                                                        						E00BCB9F0(_v308, _t31, _t32, _t31, _v308);
                                                                                                                                                                                                                                                        						 *0xbfb4ac = _t31;
                                                                                                                                                                                                                                                        						_t16 = E00BEE599(0xbfb4b0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_t16, _v20 ^ _t33, _t30);
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00bcb82c
                                                                                                                                                                                                                                                        0x00bcb833
                                                                                                                                                                                                                                                        0x00bcb836
                                                                                                                                                                                                                                                        0x00bcb83c
                                                                                                                                                                                                                                                        0x00bcb843
                                                                                                                                                                                                                                                        0x00bcb851
                                                                                                                                                                                                                                                        0x00bcb86d
                                                                                                                                                                                                                                                        0x00bcb87c
                                                                                                                                                                                                                                                        0x00bcb88c
                                                                                                                                                                                                                                                        0x00bcb894
                                                                                                                                                                                                                                                        0x00bcb89a
                                                                                                                                                                                                                                                        0x00bcb8a5
                                                                                                                                                                                                                                                        0x00bcb8ab
                                                                                                                                                                                                                                                        0x00bcb8b1
                                                                                                                                                                                                                                                        0x00bcb8cc
                                                                                                                                                                                                                                                        0x00bcb8d2
                                                                                                                                                                                                                                                        0x00bcb8d4
                                                                                                                                                                                                                                                        0x00bcb8e2
                                                                                                                                                                                                                                                        0x00bcb8e4
                                                                                                                                                                                                                                                        0x00bcb8eb
                                                                                                                                                                                                                                                        0x00bcb8ee
                                                                                                                                                                                                                                                        0x00bcb8f6
                                                                                                                                                                                                                                                        0x00bcb901
                                                                                                                                                                                                                                                        0x00bcb906
                                                                                                                                                                                                                                                        0x00bcb87c
                                                                                                                                                                                                                                                        0x00bcb867

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCB86D
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BCB88C
                                                                                                                                                                                                                                                        • GetVersionExW.KERNEL32(?), ref: 00BCB8A5
                                                                                                                                                                                                                                                        • GetProductInfo.KERNEL32(?,?,00000000,00000000,?), ref: 00BCB8CC
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000074), ref: 00BCB8D4
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCB901
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@InfoInit_thread_footerInit_thread_headerProductVersionmemset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2496309583-0
                                                                                                                                                                                                                                                        • Opcode ID: cd7b80ec20684fdfd30e9659517074e905f2b10be3fa9d4d599f07248e2bc38d
                                                                                                                                                                                                                                                        • Instruction ID: c9898d3d4fffe78a83955fa05252aad06c96fe41768248f458fac23c790bfe7d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cd7b80ec20684fdfd30e9659517074e905f2b10be3fa9d4d599f07248e2bc38d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 742105B1E002589BDB209B61EC47FEE77F8EB08314F0040E8EA0957392EB756A14CF91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        C-Code - Quality: 77%
                                                                                                                                                                                                                                                        			E00BB2BD0(void** __ecx, void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v180;
                                                                                                                                                                                                                                                        				char _v184;
                                                                                                                                                                                                                                                        				char _v196;
                                                                                                                                                                                                                                                        				char _v356;
                                                                                                                                                                                                                                                        				int _v364;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				int _t30;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				int _t56;
                                                                                                                                                                                                                                                        				void** _t57;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __eflags;
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t57 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t20 ^ _t58;
                                                                                                                                                                                                                                                        				E00BB2D00( &_v356, __edx, __eflags);
                                                                                                                                                                                                                                                        				E00BB2DD0( &_v356,  &_v180, _t65); // executed
                                                                                                                                                                                                                                                        				E00BB2D00( &_v180,  &_v180, _t65);
                                                                                                                                                                                                                                                        				_t53 =  &_v196;
                                                                                                                                                                                                                                                        				E00BB71B0( &_v180,  &_v196, _t65); // executed
                                                                                                                                                                                                                                                        				if(_v184 != 0 || _v196 == 0) {
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					E00BB2EF0( &_v180);
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t30 = E00BBA900("MOZ_DISABLE_POISON_IO_INTERPOSER=1");
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0x10);
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esi]");
                                                                                                                                                                                                                                                        					_t56 = _t30;
                                                                                                                                                                                                                                                        					asm("movsd [eax], xmm0");
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t56 + 8)) =  *((intOrPtr*)(__ecx + 8));
                                                                                                                                                                                                                                                        					_t32 = CreateToolhelp32Snapshot(8, 0);
                                                                                                                                                                                                                                                        					 *(_t56 + 0xc) = _t32;
                                                                                                                                                                                                                                                        					_v364 = _t56;
                                                                                                                                                                                                                                                        					__imp___beginthreadex(0, 0, E00BBA910, _t56, 0x10000, 0);
                                                                                                                                                                                                                                                        					if(_t32 != 0) {
                                                                                                                                                                                                                                                        						_v364 = 0;
                                                                                                                                                                                                                                                        						CloseHandle(_t32);
                                                                                                                                                                                                                                                        						E00BBA960( &_v364);
                                                                                                                                                                                                                                                        						E00BB2EF0( &_v184);
                                                                                                                                                                                                                                                        						__eflags =  *0xbfa764;
                                                                                                                                                                                                                                                        						if( *0xbfa764 != 0) {
                                                                                                                                                                                                                                                        							L5:
                                                                                                                                                                                                                                                        							E00BB2E50(_t57); // executed
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						E00BBA960( &_v364);
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(E00BB2EF0( &_v356), _v16 ^ _t58, _t53);
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bb2bd0
                                                                                                                                                                                                                                                        0x00bb2bde
                                                                                                                                                                                                                                                        0x00bb2be7
                                                                                                                                                                                                                                                        0x00bb2bed
                                                                                                                                                                                                                                                        0x00bb2bf4
                                                                                                                                                                                                                                                        0x00bb2c02
                                                                                                                                                                                                                                                        0x00bb2c10
                                                                                                                                                                                                                                                        0x00bb2c15
                                                                                                                                                                                                                                                        0x00bb2c1e
                                                                                                                                                                                                                                                        0x00bb2c2b
                                                                                                                                                                                                                                                        0x00bb2c93
                                                                                                                                                                                                                                                        0x00bb2c9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2c37
                                                                                                                                                                                                                                                        0x00bb2c3c
                                                                                                                                                                                                                                                        0x00bb2c43
                                                                                                                                                                                                                                                        0x00bb2c4c
                                                                                                                                                                                                                                                        0x00bb2c50
                                                                                                                                                                                                                                                        0x00bb2c52
                                                                                                                                                                                                                                                        0x00bb2c59
                                                                                                                                                                                                                                                        0x00bb2c60
                                                                                                                                                                                                                                                        0x00bb2c65
                                                                                                                                                                                                                                                        0x00bb2c68
                                                                                                                                                                                                                                                        0x00bb2c7d
                                                                                                                                                                                                                                                        0x00bb2c88
                                                                                                                                                                                                                                                        0x00bb2cc4
                                                                                                                                                                                                                                                        0x00bb2ccd
                                                                                                                                                                                                                                                        0x00bb2cd7
                                                                                                                                                                                                                                                        0x00bb2ce3
                                                                                                                                                                                                                                                        0x00bb2ce8
                                                                                                                                                                                                                                                        0x00bb2cef
                                                                                                                                                                                                                                                        0x00bb2c9f
                                                                                                                                                                                                                                                        0x00bb2ca1
                                                                                                                                                                                                                                                        0x00bb2ca1
                                                                                                                                                                                                                                                        0x00bb2c8a
                                                                                                                                                                                                                                                        0x00bb2c8e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb2c8e
                                                                                                                                                                                                                                                        0x00bb2c88
                                                                                                                                                                                                                                                        0x00bb2cc3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2D00: free.MOZGLUE(?), ref: 00BB2D61
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00BB2CCD
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA900: _putenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_DISABLE_POISON_IO_INTERPOSER=1,?,00BB2C41), ref: 00BBA904
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000010), ref: 00BB2C43
                                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 00BB2C60
                                                                                                                                                                                                                                                        • _beginthreadex.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,00000000,00BBA910,00000000,00010000,00000000), ref: 00BB2C7D
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA960: CloseHandle.KERNEL32(?,?,?,00BB2CDC), ref: 00BBA97C
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA960: free.MOZGLUE(?,?,?,00BB2CDC), ref: 00BBA983
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • MOZ_DISABLE_POISON_IO_INTERPOSER=1, xrefs: 00BB2C37
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseHandlefree$CreateSnapshotToolhelp32_beginthreadex_putenvmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: MOZ_DISABLE_POISON_IO_INTERPOSER=1
                                                                                                                                                                                                                                                        • API String ID: 444372769-2110291925
                                                                                                                                                                                                                                                        • Opcode ID: 77c163c5be331c0545eec74fbe2ec272145c7b2636196d30ec9a46d7e0ec0e1e
                                                                                                                                                                                                                                                        • Instruction ID: a35a32d804c6995ba021a702b8882c9c7b47b0938ffea2f4043138cbcc6fd8e0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 77c163c5be331c0545eec74fbe2ec272145c7b2636196d30ec9a46d7e0ec0e1e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC216D30604344ABD725EB25C856BFEBBE5EFC5710F0088A8F489572A1DFB06949D793
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1186 bcac30-bcac49 GetModuleHandleW GetProcAddress 1187 bcac4b-bcac52 1186->1187 1188 bcac61-bcac63 1186->1188 1190 bcac54-bcac5c 1187->1190 1191 bcac65-bcac67 1187->1191 1189 bcac69-bcac6c 1188->1189 1192 bcac80-bcac9f call bcacd0 call bc8120 1189->1192 1190->1192 1191->1189 1198 bcacc1-bcaccc RtlReleaseSRWLockExclusive 1192->1198 1199 bcaca1-bcaca3 1192->1199 1200 bcacbb 1199->1200 1201 bcaca5-bcacb6 ??2@YAPAXI@Z call bcabb0 1199->1201 1200->1198 1201->1200
                                                                                                                                                                                                                                                        C-Code - Quality: 54%
                                                                                                                                                                                                                                                        			E00BCAC30() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t2;
                                                                                                                                                                                                                                                        				intOrPtr _t4;
                                                                                                                                                                                                                                                        				signed char _t7;
                                                                                                                                                                                                                                                        				signed char _t9;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t12;
                                                                                                                                                                                                                                                        				signed char _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t2 = GetProcAddress(GetModuleHandleW(0), "GetHandleVerifier");
                                                                                                                                                                                                                                                        				if(_t2 == 0) {
                                                                                                                                                                                                                                                        					_t9 = 0;
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t12 = _t2;
                                                                                                                                                                                                                                                        					if(_t2 != E00BCAB90) {
                                                                                                                                                                                                                                                        						_t9 =  *_t12();
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t13 = 0;
                                                                                                                                                                                                                                                        						_pop(_t21);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t9 = 0;
                                                                                                                                                                                                                                                        						_t13 = 1;
                                                                                                                                                                                                                                                        						_pop(_t21);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t7 = _t13;
                                                                                                                                                                                                                                                        				_t16 = _t9;
                                                                                                                                                                                                                                                        				_t19 = E00BCACD0();
                                                                                                                                                                                                                                                        				_t4 = E00BC8120(_t3, _t3);
                                                                                                                                                                                                                                                        				if( *0xbfb4a0 == 0) {
                                                                                                                                                                                                                                                        					if(_t16 == 0) {
                                                                                                                                                                                                                                                        						_push(0x34);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t16 = _t4; // executed
                                                                                                                                                                                                                                                        						_t4 = E00BCABB0(_t4, _t7 & 0x000000ff); // executed
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *0xbfb4a0 = _t16;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__ReleaseSRWLockExclusive(_t19);
                                                                                                                                                                                                                                                        				return _t4;
                                                                                                                                                                                                                                                        			}











                                                                                                                                                                                                                                                        0x00bcac41
                                                                                                                                                                                                                                                        0x00bcac49
                                                                                                                                                                                                                                                        0x00bcac61
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcac4b
                                                                                                                                                                                                                                                        0x00bcac4b
                                                                                                                                                                                                                                                        0x00bcac52
                                                                                                                                                                                                                                                        0x00bcac67
                                                                                                                                                                                                                                                        0x00bcac69
                                                                                                                                                                                                                                                        0x00bcac69
                                                                                                                                                                                                                                                        0x00bcac6b
                                                                                                                                                                                                                                                        0x00bcac54
                                                                                                                                                                                                                                                        0x00bcac54
                                                                                                                                                                                                                                                        0x00bcac56
                                                                                                                                                                                                                                                        0x00bcac5b
                                                                                                                                                                                                                                                        0x00bcac5b
                                                                                                                                                                                                                                                        0x00bcac52
                                                                                                                                                                                                                                                        0x00bcac86
                                                                                                                                                                                                                                                        0x00bcac88
                                                                                                                                                                                                                                                        0x00bcac91
                                                                                                                                                                                                                                                        0x00bcac93
                                                                                                                                                                                                                                                        0x00bcac9f
                                                                                                                                                                                                                                                        0x00bcaca3
                                                                                                                                                                                                                                                        0x00bcaca5
                                                                                                                                                                                                                                                        0x00bcaca7
                                                                                                                                                                                                                                                        0x00bcacb4
                                                                                                                                                                                                                                                        0x00bcacb6
                                                                                                                                                                                                                                                        0x00bcacb6
                                                                                                                                                                                                                                                        0x00bcacbb
                                                                                                                                                                                                                                                        0x00bcacbb
                                                                                                                                                                                                                                                        0x00bcacc2
                                                                                                                                                                                                                                                        0x00bcaccc

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000,?,00BCABA3), ref: 00BCAC35
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetHandleVerifier), ref: 00BCAC41
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000034,?,?,?,?,00BCABA3), ref: 00BCACA7
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BCACC2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@AddressExclusiveHandleLockModuleProcRelease
                                                                                                                                                                                                                                                        • String ID: GetHandleVerifier
                                                                                                                                                                                                                                                        • API String ID: 2067283998-1090674830
                                                                                                                                                                                                                                                        • Opcode ID: 691b464cfd26ff25f3e894eab0f1baf304c62d10ed4af985f26b672452cfa91e
                                                                                                                                                                                                                                                        • Instruction ID: 963357b1489589cb25d3b8b248bda290965de1fb1fe2be9e773ebc7daf6012f8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 691b464cfd26ff25f3e894eab0f1baf304c62d10ed4af985f26b672452cfa91e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3F018F3264820C5BDB1867766C59F3B76DADB84769F1040FEF606C3381DE61880182A6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                        control_flow_graph 1203 bb1760-bb177d 1204 bb181a-bb181c 1203->1204 1205 bb1783-bb1794 call bb18c0 1203->1205 1207 bb17ef-bb1805 call beecb0 1204->1207 1211 bb1806-bb1818 call bb16a0 1205->1211 1212 bb1796-bb17a2 strdup 1205->1212 1211->1207 1212->1211 1213 bb17a4-bb17ce call bb2000 1212->1213 1218 bb181e-bb1837 1213->1218 1219 bb17d0-bb17dc 1213->1219 1224 bb1839-bb1841 1218->1224 1225 bb1857-bb185c 1218->1225 1220 bb17de 1219->1220 1221 bb1843-bb1855 call bb16a0 1219->1221 1227 bb17e3 1220->1227 1228 bb17e5-bb17ec free 1221->1228 1224->1220 1224->1221 1225->1224 1227->1228 1228->1207
                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BB1760(void* __ecx, intOrPtr __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v280;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				intOrPtr* _t19;
                                                                                                                                                                                                                                                        				char* _t24;
                                                                                                                                                                                                                                                        				intOrPtr* _t29;
                                                                                                                                                                                                                                                        				intOrPtr* _t31;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t32 = __edx;
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t13 = _t12 ^ _t36;
                                                                                                                                                                                                                                                        				_v20 = _t12 ^ _t36;
                                                                                                                                                                                                                                                        				if( *0xbfa534 != 0) {
                                                                                                                                                                                                                                                        					_t33 = 0;
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					E00BEECB0(_t13, _v20 ^ _t36, _t32);
                                                                                                                                                                                                                                                        					return _t33;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t24 =  &_v280;
                                                                                                                                                                                                                                                        				_t34 = __ecx;
                                                                                                                                                                                                                                                        				if(E00BB18C0(_t24, __edx) < 0) {
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					_push("Couldn\'t find the application directory.\n");
                                                                                                                                                                                                                                                        					_t13 = E00BB16A0();
                                                                                                                                                                                                                                                        					_t33 = 0x80004005;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t17 = strdup(_t24);
                                                                                                                                                                                                                                                        				_t37 = _t37 + 4;
                                                                                                                                                                                                                                                        				if(_t17 == 0) {
                                                                                                                                                                                                                                                        					goto L8;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t35 = _t17;
                                                                                                                                                                                                                                                        				E00BB2000(_t32, _t24, _t17, _t34); // executed
                                                                                                                                                                                                                                                        				_t39 = _t37 + 0xc;
                                                                                                                                                                                                                                                        				_t19 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        				_t29 = _v280;
                                                                                                                                                                                                                                                        				_v280 = 0;
                                                                                                                                                                                                                                                        				 *0xbfa534 = _t29;
                                                                                                                                                                                                                                                        				if(_t19 != 0) {
                                                                                                                                                                                                                                                        					_t32 =  *_t19;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t19 + 4))();
                                                                                                                                                                                                                                                        					_t31 = _v280;
                                                                                                                                                                                                                                                        					_v280 = 0;
                                                                                                                                                                                                                                                        					if(_t31 != 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t31 + 4))();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t29 =  *0xbfa534; // 0x4d0a0a8
                                                                                                                                                                                                                                                        					if(_t29 != 0) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t13 =  *((intOrPtr*)( *_t29 + 8))();
                                                                                                                                                                                                                                                        						_t33 = 0;
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						free(_t35);
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					_push("Couldn\'t load XPCOM.\n");
                                                                                                                                                                                                                                                        					_t13 = E00BB16A0();
                                                                                                                                                                                                                                                        					_t39 = _t39 + 4;
                                                                                                                                                                                                                                                        					_t33 = 0x80004005;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v280 = 0;
                                                                                                                                                                                                                                                        				if(_t29 == 0) {
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L5;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00bb1760
                                                                                                                                                                                                                                                        0x00bb176c
                                                                                                                                                                                                                                                        0x00bb1771
                                                                                                                                                                                                                                                        0x00bb1773
                                                                                                                                                                                                                                                        0x00bb177d
                                                                                                                                                                                                                                                        0x00bb181a
                                                                                                                                                                                                                                                        0x00bb17ef
                                                                                                                                                                                                                                                        0x00bb17f4
                                                                                                                                                                                                                                                        0x00bb1805
                                                                                                                                                                                                                                                        0x00bb1805
                                                                                                                                                                                                                                                        0x00bb1783
                                                                                                                                                                                                                                                        0x00bb1789
                                                                                                                                                                                                                                                        0x00bb1794
                                                                                                                                                                                                                                                        0x00bb1806
                                                                                                                                                                                                                                                        0x00bb1806
                                                                                                                                                                                                                                                        0x00bb180b
                                                                                                                                                                                                                                                        0x00bb1813
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1813
                                                                                                                                                                                                                                                        0x00bb1797
                                                                                                                                                                                                                                                        0x00bb179d
                                                                                                                                                                                                                                                        0x00bb17a2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb17a4
                                                                                                                                                                                                                                                        0x00bb17a9
                                                                                                                                                                                                                                                        0x00bb17ae
                                                                                                                                                                                                                                                        0x00bb17b1
                                                                                                                                                                                                                                                        0x00bb17b6
                                                                                                                                                                                                                                                        0x00bb17bc
                                                                                                                                                                                                                                                        0x00bb17c8
                                                                                                                                                                                                                                                        0x00bb17ce
                                                                                                                                                                                                                                                        0x00bb181e
                                                                                                                                                                                                                                                        0x00bb1822
                                                                                                                                                                                                                                                        0x00bb1825
                                                                                                                                                                                                                                                        0x00bb182b
                                                                                                                                                                                                                                                        0x00bb1837
                                                                                                                                                                                                                                                        0x00bb1859
                                                                                                                                                                                                                                                        0x00bb1859
                                                                                                                                                                                                                                                        0x00bb1839
                                                                                                                                                                                                                                                        0x00bb1841
                                                                                                                                                                                                                                                        0x00bb17de
                                                                                                                                                                                                                                                        0x00bb17e0
                                                                                                                                                                                                                                                        0x00bb17e3
                                                                                                                                                                                                                                                        0x00bb17e5
                                                                                                                                                                                                                                                        0x00bb17e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb17ec
                                                                                                                                                                                                                                                        0x00bb1843
                                                                                                                                                                                                                                                        0x00bb1843
                                                                                                                                                                                                                                                        0x00bb1848
                                                                                                                                                                                                                                                        0x00bb184d
                                                                                                                                                                                                                                                        0x00bb1850
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb1850
                                                                                                                                                                                                                                                        0x00bb17d0
                                                                                                                                                                                                                                                        0x00bb17dc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB18C0: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,000000FF,?,00000104,00000000,00000000), ref: 00BB18FD
                                                                                                                                                                                                                                                        • strdup.MOZGLUE(?), ref: 00BB1797
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: strrchr.VCRUNTIME140(?,0000005C), ref: 00BB2027
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: malloc.MOZGLUE(00000009), ref: 00BB2042
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: memcpy.NTDLL(00000000,?,00000001), ref: 00BB2050
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: memcpy.NTDLL(?,00000000,00000000), ref: 00BB20B2
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_RUN_GTEST), ref: 00BB2103
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,\dependentlibs.list,000000FF,?,00000104), ref: 00BB2130
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: _wfopen.API-MS-WIN-CRT-STDIO-L1-1-0(?,00BF412A), ref: 00BB213C
                                                                                                                                                                                                                                                          • Part of subcall function 00BB2000: fgets.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000104,00000000), ref: 00BB216B
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB17E6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Couldn't find the application directory., xrefs: 00BB1806
                                                                                                                                                                                                                                                        • Couldn't load XPCOM., xrefs: 00BB1843
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWidememcpy$_wfopenfgetsfreegetenvmallocstrdupstrrchr
                                                                                                                                                                                                                                                        • String ID: Couldn't find the application directory.$Couldn't load XPCOM.
                                                                                                                                                                                                                                                        • API String ID: 1623436115-4242252557
                                                                                                                                                                                                                                                        • Opcode ID: ba8dc982e8e22917817324120474409651f45b8a1e69662c37b31bed1be6e36a
                                                                                                                                                                                                                                                        • Instruction ID: 574d22feac4b91243a16a8e3f9918767b4d3ce57af7e6fc4782e87bed375729a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ba8dc982e8e22917817324120474409651f45b8a1e69662c37b31bed1be6e36a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F921B5B5E011084FEB189F29ED59BFA77F9EF84305F4404B8E90A87251EFB49D04CA52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BEBC90(void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				WCHAR* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t24 = __edx;
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t11 ^ _t28;
                                                                                                                                                                                                                                                        				_t13 = E00BEBE20(); // executed
                                                                                                                                                                                                                                                        				__imp__?IsWin32kLockedDown@mozilla@@YA_NXZ(); // executed
                                                                                                                                                                                                                                                        				if(_t13 != 0) {
                                                                                                                                                                                                                                                        					if( *0xbfb748 == 0) {
                                                                                                                                                                                                                                                        						 *0xbfb748 = LoadLibraryW(L"Api-ms-win-core-apiquery-l1-1-0.dll");
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v40 = 0xbfb79c;
                                                                                                                                                                                                                                                        					_v36 = 0xbfb714;
                                                                                                                                                                                                                                                        					_v32 = "ApiSetQueryApiSetPresence";
                                                                                                                                                                                                                                                        					_v28 = 0xbeddc0;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					__imp__InitOnceExecuteOnce(0xbfb7a0, 0xbebfa0,  &_v40,  &_v20);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t14 = E00BE3760();
                                                                                                                                                                                                                                                        				if(_t14 == 0) {
                                                                                                                                                                                                                                                        					_t26 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t26 =  ==  ? _t14 : 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t14, _v16 ^ _t28, _t24);
                                                                                                                                                                                                                                                        				return _t26;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bebc90
                                                                                                                                                                                                                                                        0x00bebc98
                                                                                                                                                                                                                                                        0x00bebc9f
                                                                                                                                                                                                                                                        0x00bebca2
                                                                                                                                                                                                                                                        0x00bebca7
                                                                                                                                                                                                                                                        0x00bebcaf
                                                                                                                                                                                                                                                        0x00bebcb8
                                                                                                                                                                                                                                                        0x00bebcc5
                                                                                                                                                                                                                                                        0x00bebcc5
                                                                                                                                                                                                                                                        0x00bebccd
                                                                                                                                                                                                                                                        0x00bebcd4
                                                                                                                                                                                                                                                        0x00bebcdb
                                                                                                                                                                                                                                                        0x00bebce2
                                                                                                                                                                                                                                                        0x00bebce9
                                                                                                                                                                                                                                                        0x00bebcf0
                                                                                                                                                                                                                                                        0x00bebd03
                                                                                                                                                                                                                                                        0x00bebd03
                                                                                                                                                                                                                                                        0x00bebd09
                                                                                                                                                                                                                                                        0x00bebd10
                                                                                                                                                                                                                                                        0x00bebd34
                                                                                                                                                                                                                                                        0x00bebd12
                                                                                                                                                                                                                                                        0x00bebd1e
                                                                                                                                                                                                                                                        0x00bebd1e
                                                                                                                                                                                                                                                        0x00bebd26
                                                                                                                                                                                                                                                        0x00bebd33

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEBE20: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_ENABLE_HANDLE_VERIFIER,?,?,?,?,?,00000000,?,?,00BEBDB7,?,00BEBD7B,00BB1412), ref: 00BEBE37
                                                                                                                                                                                                                                                        • ?IsWin32kLockedDown@mozilla@@YA_NXZ.MOZGLUE(?,?,?,00000000,?,?,00BEBC72,00BB1493), ref: 00BEBCA7
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Api-ms-win-core-apiquery-l1-1-0.dll,?,?,?,00000000,?,?,00BEBC72,00BB1493), ref: 00BEBCBF
                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(00BFB7A0,00BEBFA0,00BFB79C,00000000), ref: 00BEBD03
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • Api-ms-win-core-apiquery-l1-1-0.dll, xrefs: 00BEBCBA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Once$Down@mozilla@@ExecuteInitLibraryLoadLockedWin32kgetenv
                                                                                                                                                                                                                                                        • String ID: Api-ms-win-core-apiquery-l1-1-0.dll
                                                                                                                                                                                                                                                        • API String ID: 3164627539-3406996180
                                                                                                                                                                                                                                                        • Opcode ID: 9bf71be2c8e555cb42adc79315ae2d0938ba2aea5bcf7f5d8b45b8e21440e007
                                                                                                                                                                                                                                                        • Instruction ID: fb1801b4264b24f6b9a8744bd366b5692b1fa197564339756aa0be7e515975ee
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9bf71be2c8e555cb42adc79315ae2d0938ba2aea5bcf7f5d8b45b8e21440e007
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BC113C71A0025D9BCB14EFA6DC49ABFBBF4EF48705F5044E8E501A7261DFB45908CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BB6160(intOrPtr _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t10;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				intOrPtr* _t19;
                                                                                                                                                                                                                                                        				intOrPtr _t20;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t8 ^ _t21;
                                                                                                                                                                                                                                                        				_t10 =  &_v20;
                                                                                                                                                                                                                                                        				__imp__GetModuleHandleExW(6, _v0, _t10);
                                                                                                                                                                                                                                                        				if(_t10 == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t19 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t20 = _v20;
                                                                                                                                                                                                                                                        					if(_t20 == 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t10 = GetModuleHandleW(L"mozglue.dll"); // executed
                                                                                                                                                                                                                                                        						if(_t20 != _t10) {
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L00BEF762();
                                                                                                                                                                                                                                                        							_t19 =  *0xbf0550; // 0xbfa044
                                                                                                                                                                                                                                                        							_t10 =  *((intOrPtr*)( *_t19 + 0x1c))(_a4, 0xbfa7d0, E00BC0F50, 0, 0);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t10, _v16 ^ _t21, _t17);
                                                                                                                                                                                                                                                        				return _t19;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bb6168
                                                                                                                                                                                                                                                        0x00bb616f
                                                                                                                                                                                                                                                        0x00bb6172
                                                                                                                                                                                                                                                        0x00bb617b
                                                                                                                                                                                                                                                        0x00bb6183
                                                                                                                                                                                                                                                        0x00bb61d2
                                                                                                                                                                                                                                                        0x00bb61d2
                                                                                                                                                                                                                                                        0x00bb6185
                                                                                                                                                                                                                                                        0x00bb6185
                                                                                                                                                                                                                                                        0x00bb618a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb618c
                                                                                                                                                                                                                                                        0x00bb6191
                                                                                                                                                                                                                                                        0x00bb6199
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb619b
                                                                                                                                                                                                                                                        0x00bb61ac
                                                                                                                                                                                                                                                        0x00bb61b1
                                                                                                                                                                                                                                                        0x00bb61bc
                                                                                                                                                                                                                                                        0x00bb61bc
                                                                                                                                                                                                                                                        0x00bb6199
                                                                                                                                                                                                                                                        0x00bb618a
                                                                                                                                                                                                                                                        0x00bb61c4
                                                                                                                                                                                                                                                        0x00bb61d1

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleExW.KERNEL32(00000006,?,?), ref: 00BB617B
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNELBASE(mozglue.dll), ref: 00BB6191
                                                                                                                                                                                                                                                        • RtlRunOnceExecuteOnce.NTDLL ref: 00BB61AC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModuleOnce$Execute
                                                                                                                                                                                                                                                        • String ID: mozglue.dll
                                                                                                                                                                                                                                                        • API String ID: 3073045944-2883331376
                                                                                                                                                                                                                                                        • Opcode ID: 62baefdfd1f1acbdc933f284f78e6dfe2112b74a57731751795eb8fffbc52b6e
                                                                                                                                                                                                                                                        • Instruction ID: 7ee95da51c2283bf93c58c9069f08c45301f8c33f8ee68dc5cab9cad0c8de0f2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 62baefdfd1f1acbdc933f284f78e6dfe2112b74a57731751795eb8fffbc52b6e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21016231B40228ABCB10AFA99C45FBE77A5FF44B10F0540A4FE59BB291DE70AC04CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB6950(void* __ecx, int* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				int* _t35;
                                                                                                                                                                                                                                                        				signed int _t36;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t33 = __edx;
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t35 = __edx;
                                                                                                                                                                                                                                                        				_t19 = _t18 ^ _t36;
                                                                                                                                                                                                                                                        				_v20 = _t18 ^ _t36;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 0x20)) != 0) {
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					_t35[3] = 0;
                                                                                                                                                                                                                                                        					 *_t35 = 1;
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					E00BEECB0(_t19, _v20 ^ _t36, _t33);
                                                                                                                                                                                                                                                        					return _t35;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t34 = __ecx;
                                                                                                                                                                                                                                                        				_t19 = RegCreateKeyExW(0x80000001, L"SOFTWARE\\Mozilla\\Firefox\\Launcher", 0, 0, 0, 0xf003f, 0,  &_v28,  &_v24); // executed
                                                                                                                                                                                                                                                        				if(_t19 != 0) {
                                                                                                                                                                                                                                                        					_t35[3] = 1;
                                                                                                                                                                                                                                                        					 *_t35 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        					_t35[1] = 0x79;
                                                                                                                                                                                                                                                        					_t32 =  <=  ? _t19 : _t19 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					_t35[2] =  <=  ? _t19 : _t19 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t23 =  *(_t34 + 0x20);
                                                                                                                                                                                                                                                        				_t25 = _v28;
                                                                                                                                                                                                                                                        				if(_t23 != 0) {
                                                                                                                                                                                                                                                        					RegCloseKey(_t23);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *(_t34 + 0x20) = _t25;
                                                                                                                                                                                                                                                        				_t19 = _v24;
                                                                                                                                                                                                                                                        				if(_t19 != 2) {
                                                                                                                                                                                                                                                        					if(_t19 != 1) {
                                                                                                                                                                                                                                                        						_t35[3] = 1;
                                                                                                                                                                                                                                                        						 *_t35 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        						_t35[1] = 0x88;
                                                                                                                                                                                                                                                        						_t35[2] = 0x80070507;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t35[3] = 0;
                                                                                                                                                                                                                                                        						 *_t35 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bb6950
                                                                                                                                                                                                                                                        0x00bb6959
                                                                                                                                                                                                                                                        0x00bb695e
                                                                                                                                                                                                                                                        0x00bb6960
                                                                                                                                                                                                                                                        0x00bb6962
                                                                                                                                                                                                                                                        0x00bb6969
                                                                                                                                                                                                                                                        0x00bb69ab
                                                                                                                                                                                                                                                        0x00bb69ab
                                                                                                                                                                                                                                                        0x00bb69af
                                                                                                                                                                                                                                                        0x00bb69b5
                                                                                                                                                                                                                                                        0x00bb69ba
                                                                                                                                                                                                                                                        0x00bb69c8
                                                                                                                                                                                                                                                        0x00bb69c8
                                                                                                                                                                                                                                                        0x00bb696b
                                                                                                                                                                                                                                                        0x00bb698c
                                                                                                                                                                                                                                                        0x00bb6994
                                                                                                                                                                                                                                                        0x00bb69dd
                                                                                                                                                                                                                                                        0x00bb69e1
                                                                                                                                                                                                                                                        0x00bb69e7
                                                                                                                                                                                                                                                        0x00bb69f6
                                                                                                                                                                                                                                                        0x00bb69f9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb69f9
                                                                                                                                                                                                                                                        0x00bb6996
                                                                                                                                                                                                                                                        0x00bb6999
                                                                                                                                                                                                                                                        0x00bb699e
                                                                                                                                                                                                                                                        0x00bb69ff
                                                                                                                                                                                                                                                        0x00bb69ff
                                                                                                                                                                                                                                                        0x00bb69a0
                                                                                                                                                                                                                                                        0x00bb69a3
                                                                                                                                                                                                                                                        0x00bb69a9
                                                                                                                                                                                                                                                        0x00bb69cc
                                                                                                                                                                                                                                                        0x00bb6a07
                                                                                                                                                                                                                                                        0x00bb6a0b
                                                                                                                                                                                                                                                        0x00bb6a11
                                                                                                                                                                                                                                                        0x00bb6a18
                                                                                                                                                                                                                                                        0x00bb69ce
                                                                                                                                                                                                                                                        0x00bb69ce
                                                                                                                                                                                                                                                        0x00bb69d2
                                                                                                                                                                                                                                                        0x00bb69d2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegCreateKeyExW.KERNEL32(80000001,SOFTWARE\Mozilla\Firefox\Launcher,00000000,00000000,00000000,000F003F,00000000,?,?,76337E20,?,00BB5A6D), ref: 00BB698C
                                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000,?,00BB5A6D), ref: 00BB69FF
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • SOFTWARE\Mozilla\Firefox\Launcher, xrefs: 00BB6982
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseCreate
                                                                                                                                                                                                                                                        • String ID: SOFTWARE\Mozilla\Firefox\Launcher
                                                                                                                                                                                                                                                        • API String ID: 2932200918-1856778397
                                                                                                                                                                                                                                                        • Opcode ID: d9b05f06c38551028447b7fe772bd3f31a25624ca1b05a1ef63d6697a1cdfc6e
                                                                                                                                                                                                                                                        • Instruction ID: 48f3a3375b31e292db549962b3f1c44d59fad29ff83427d73f75bd0928392d1a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d9b05f06c38551028447b7fe772bd3f31a25624ca1b05a1ef63d6697a1cdfc6e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FB216F70600349DFE7248F25C845BBABBE4FB54718F20885DE6CA9B681E7F9AC44CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 22%
                                                                                                                                                                                                                                                        			E00BBA7D0(unsigned int __ebx, void** __ecx, void* __edi, void* __esi, signed int _a4, void* _a12) {
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				intOrPtr _t24;
                                                                                                                                                                                                                                                        				intOrPtr _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t27;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				unsigned int _t31;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				unsigned int _t34;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				void** _t53;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t34 = __ebx;
                                                                                                                                                                                                                                                        				_push(__ebx);
                                                                                                                                                                                                                                                        				_t53 = __ecx;
                                                                                                                                                                                                                                                        				_t38 = _a4;
                                                                                                                                                                                                                                                        				if(_t38 >= 0x7fffffff) {
                                                                                                                                                                                                                                                        					L12();
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t34 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_t45 = _t38 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t45 > 0x7ffffffe) {
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t49 = 0x7ffffffe;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t49 = 0x7ffffffe;
                                                                                                                                                                                                                                                        						_t31 = _t34 >> 1;
                                                                                                                                                                                                                                                        						_t33 =  >=  ? _t45 : _t31 + _t34;
                                                                                                                                                                                                                                                        						if(_t34 <= 0x7ffffffe - _t31) {
                                                                                                                                                                                                                                                        							_t49 = _t33;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t3 = _t49 + 1; // 0x8
                                                                                                                                                                                                                                                        				_t17 = _t3;
                                                                                                                                                                                                                                                        				_push(_t17); // executed
                                                                                                                                                                                                                                                        				L13(); // executed
                                                                                                                                                                                                                                                        				_t40 = _t17;
                                                                                                                                                                                                                                                        				_t18 = _a4;
                                                                                                                                                                                                                                                        				_t53[4] = _t18;
                                                                                                                                                                                                                                                        				_t53[5] = _t49;
                                                                                                                                                                                                                                                        				_t50 = _t40;
                                                                                                                                                                                                                                                        				memcpy(_t40, _a12, _t18 + _t18);
                                                                                                                                                                                                                                                        				_t59 = _t58 + 0xc;
                                                                                                                                                                                                                                                        				 *((short*)(_t50 + _a4 * 2)) = 0;
                                                                                                                                                                                                                                                        				if(_t34 >= 8) {
                                                                                                                                                                                                                                                        					_t22 =  *_t53;
                                                                                                                                                                                                                                                        					if((_t34 + 0x00000001 & 0x7ffff800) != 0) {
                                                                                                                                                                                                                                                        						_t41 = _t22;
                                                                                                                                                                                                                                                        						_t22 =  *(_t22 - 4);
                                                                                                                                                                                                                                                        						if(_t41 + 0xfffffffc - _t22 < 0x20) {
                                                                                                                                                                                                                                                        							goto L7;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							_t56 = _t59;
                                                                                                                                                                                                                                                        							_push("string too long");
                                                                                                                                                                                                                                                        							L00BEF798();
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							_push(_t56);
                                                                                                                                                                                                                                                        							_t24 = _v24;
                                                                                                                                                                                                                                                        							if(_t24 < 0) {
                                                                                                                                                                                                                                                        								_t25 = 0xffffffff;
                                                                                                                                                                                                                                                        								if(0xffffffff < 0x1000) {
                                                                                                                                                                                                                                                        									goto L15;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t25 = _t24 + _t24;
                                                                                                                                                                                                                                                        								if(_t25 >= 0x1000) {
                                                                                                                                                                                                                                                        									L18:
                                                                                                                                                                                                                                                        									if(_t25 > 0xffffffdc) {
                                                                                                                                                                                                                                                        										_t27 = 0xffffffff;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t27 = _t25 + 0x23;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__imp__moz_xmalloc(_t27);
                                                                                                                                                                                                                                                        									_t29 = _t27 + 0x00000023 & 0xffffffe0;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t29 - 4)) = _t27;
                                                                                                                                                                                                                                                        									return _t29;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L15:
                                                                                                                                                                                                                                                        									if(_t25 == 0) {
                                                                                                                                                                                                                                                        										return 0;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__imp__moz_xmalloc(_t25); // executed
                                                                                                                                                                                                                                                        										return _t25;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						free(_t22);
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					 *_t53 = _t50;
                                                                                                                                                                                                                                                        					return _t53;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}
























                                                                                                                                                                                                                                                        0x00bba7d0
                                                                                                                                                                                                                                                        0x00bba7d3
                                                                                                                                                                                                                                                        0x00bba7d6
                                                                                                                                                                                                                                                        0x00bba7d8
                                                                                                                                                                                                                                                        0x00bba7e1
                                                                                                                                                                                                                                                        0x00bba86a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba7e7
                                                                                                                                                                                                                                                        0x00bba7e7
                                                                                                                                                                                                                                                        0x00bba7ea
                                                                                                                                                                                                                                                        0x00bba7f3
                                                                                                                                                                                                                                                        0x00bba86f
                                                                                                                                                                                                                                                        0x00bba86f
                                                                                                                                                                                                                                                        0x00bba7f5
                                                                                                                                                                                                                                                        0x00bba7fc
                                                                                                                                                                                                                                                        0x00bba801
                                                                                                                                                                                                                                                        0x00bba809
                                                                                                                                                                                                                                                        0x00bba80e
                                                                                                                                                                                                                                                        0x00bba810
                                                                                                                                                                                                                                                        0x00bba810
                                                                                                                                                                                                                                                        0x00bba80e
                                                                                                                                                                                                                                                        0x00bba7f3
                                                                                                                                                                                                                                                        0x00bba812
                                                                                                                                                                                                                                                        0x00bba812
                                                                                                                                                                                                                                                        0x00bba817
                                                                                                                                                                                                                                                        0x00bba818
                                                                                                                                                                                                                                                        0x00bba81d
                                                                                                                                                                                                                                                        0x00bba81f
                                                                                                                                                                                                                                                        0x00bba822
                                                                                                                                                                                                                                                        0x00bba825
                                                                                                                                                                                                                                                        0x00bba828
                                                                                                                                                                                                                                                        0x00bba832
                                                                                                                                                                                                                                                        0x00bba837
                                                                                                                                                                                                                                                        0x00bba840
                                                                                                                                                                                                                                                        0x00bba846
                                                                                                                                                                                                                                                        0x00bba853
                                                                                                                                                                                                                                                        0x00bba85c
                                                                                                                                                                                                                                                        0x00bba876
                                                                                                                                                                                                                                                        0x00bba878
                                                                                                                                                                                                                                                        0x00bba883
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba885
                                                                                                                                                                                                                                                        0x00bba885
                                                                                                                                                                                                                                                        0x00bba88b
                                                                                                                                                                                                                                                        0x00bba88c
                                                                                                                                                                                                                                                        0x00bba88d
                                                                                                                                                                                                                                                        0x00bba88e
                                                                                                                                                                                                                                                        0x00bba88f
                                                                                                                                                                                                                                                        0x00bba891
                                                                                                                                                                                                                                                        0x00bba893
                                                                                                                                                                                                                                                        0x00bba898
                                                                                                                                                                                                                                                        0x00bba89d
                                                                                                                                                                                                                                                        0x00bba89e
                                                                                                                                                                                                                                                        0x00bba89f
                                                                                                                                                                                                                                                        0x00bba8a0
                                                                                                                                                                                                                                                        0x00bba8a3
                                                                                                                                                                                                                                                        0x00bba8a8
                                                                                                                                                                                                                                                        0x00bba8c5
                                                                                                                                                                                                                                                        0x00bba8cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba8aa
                                                                                                                                                                                                                                                        0x00bba8aa
                                                                                                                                                                                                                                                        0x00bba8b1
                                                                                                                                                                                                                                                        0x00bba8d1
                                                                                                                                                                                                                                                        0x00bba8d4
                                                                                                                                                                                                                                                        0x00bba8f8
                                                                                                                                                                                                                                                        0x00bba8d6
                                                                                                                                                                                                                                                        0x00bba8d6
                                                                                                                                                                                                                                                        0x00bba8d6
                                                                                                                                                                                                                                                        0x00bba8da
                                                                                                                                                                                                                                                        0x00bba8e8
                                                                                                                                                                                                                                                        0x00bba8eb
                                                                                                                                                                                                                                                        0x00bba8ef
                                                                                                                                                                                                                                                        0x00bba8b3
                                                                                                                                                                                                                                                        0x00bba8b3
                                                                                                                                                                                                                                                        0x00bba8b5
                                                                                                                                                                                                                                                        0x00bba8f5
                                                                                                                                                                                                                                                        0x00bba8b7
                                                                                                                                                                                                                                                        0x00bba8b8
                                                                                                                                                                                                                                                        0x00bba8c2
                                                                                                                                                                                                                                                        0x00bba8c2
                                                                                                                                                                                                                                                        0x00bba8b5
                                                                                                                                                                                                                                                        0x00bba8b1
                                                                                                                                                                                                                                                        0x00bba8a8
                                                                                                                                                                                                                                                        0x00bba85e
                                                                                                                                                                                                                                                        0x00bba85e
                                                                                                                                                                                                                                                        0x00bba85f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba865
                                                                                                                                                                                                                                                        0x00bba848
                                                                                                                                                                                                                                                        0x00bba848
                                                                                                                                                                                                                                                        0x00bba848
                                                                                                                                                                                                                                                        0x00bba850
                                                                                                                                                                                                                                                        0x00bba850

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,?,?,00BC334D,?,00BC164C,?,?,?,?,00BC154C,vector<T> too long), ref: 00BBA832
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,00BC334D,?,00BC164C,?,?,?,?,00BC154C,vector<T> too long,?,00BC34E7,00BC334D), ref: 00BBA85F
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(00BC334D,?,00BC164C,?,?,?,?,00BC154C,vector<T> too long,?,00BC34E7,00BC334D), ref: 00BBA885
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _invalid_parameter_noinfo_noreturnfreememcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 970123828-0
                                                                                                                                                                                                                                                        • Opcode ID: b699070b44ed83e344deaa5cbb18c43369b47cc8b53a678156605af95d5438cb
                                                                                                                                                                                                                                                        • Instruction ID: c2f189e83ae6f7abfea0c36a46b2c8bce462030198097092380d90908a03b442
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b699070b44ed83e344deaa5cbb18c43369b47cc8b53a678156605af95d5438cb
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CA11B131A00204AFC7249E78DC944BAB6E9FB85330724476EF463C7AA0EFB1DC418352
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBED70(intOrPtr* __ecx) {
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				intOrPtr _t26;
                                                                                                                                                                                                                                                        				intOrPtr _t30;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t36;
                                                                                                                                                                                                                                                        				intOrPtr* _t37;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t38;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa044; // 0xbf0ef0
                                                                                                                                                                                                                                                        				_t37 = __ecx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t33 + 8))( *((intOrPtr*)(__ecx + 4)),  *((intOrPtr*)(__ecx + 0xc)), __ecx + 0x10);
                                                                                                                                                                                                                                                        				_t30 =  *__ecx;
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa7d4; // 0x0
                                                                                                                                                                                                                                                        				if(_t21 !=  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
                                                                                                                                                                                                                                                        					if( *0xbfa7d8 != 0) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t22 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t22 * 4)) + 8)) = _t30;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)( *[fs:0x18] + 0x2c)) == 0) {
                                                                                                                                                                                                                                                        							_t26 =  *[fs:0x18];
                                                                                                                                                                                                                                                        							_t21 =  *((intOrPtr*)(_t26 + 0x24));
                                                                                                                                                                                                                                                        							 *0xbfa7d4 =  *((intOrPtr*)(_t26 + 0x24));
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *0xbfa7d8 = 1;
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					E00BC14A0(_t21, _t30);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t24 =  *(_t37 + 0x38);
                                                                                                                                                                                                                                                        				if(_t24 != 4) {
                                                                                                                                                                                                                                                        					_t24 = RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t24);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t37 + 0x30)) != 0) {
                                                                                                                                                                                                                                                        					_t36 = _t37 + 0x2c;
                                                                                                                                                                                                                                                        					RtlFreeUnicodeString(_t36);
                                                                                                                                                                                                                                                        					 *(_t36 + 4) = 0;
                                                                                                                                                                                                                                                        					 *_t36 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t37 + 0x28)) != 0) {
                                                                                                                                                                                                                                                        					_t38 = _t37 + 0x24;
                                                                                                                                                                                                                                                        					RtlFreeUnicodeString(_t38);
                                                                                                                                                                                                                                                        					 *(_t38 + 4) = 0;
                                                                                                                                                                                                                                                        					 *_t38 = 0;
                                                                                                                                                                                                                                                        					return _t24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t24;
                                                                                                                                                                                                                                                        			}











                                                                                                                                                                                                                                                        0x00bbed75
                                                                                                                                                                                                                                                        0x00bbed7b
                                                                                                                                                                                                                                                        0x00bbed8c
                                                                                                                                                                                                                                                        0x00bbed8f
                                                                                                                                                                                                                                                        0x00bbed91
                                                                                                                                                                                                                                                        0x00bbeda0
                                                                                                                                                                                                                                                        0x00bbedb0
                                                                                                                                                                                                                                                        0x00bbedc5
                                                                                                                                                                                                                                                        0x00bbedc5
                                                                                                                                                                                                                                                        0x00bbedd4
                                                                                                                                                                                                                                                        0x00bbedb2
                                                                                                                                                                                                                                                        0x00bbedbc
                                                                                                                                                                                                                                                        0x00bbee33
                                                                                                                                                                                                                                                        0x00bbee39
                                                                                                                                                                                                                                                        0x00bbee3c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbedbe
                                                                                                                                                                                                                                                        0x00bbedbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbedbe
                                                                                                                                                                                                                                                        0x00bbedbc
                                                                                                                                                                                                                                                        0x00bbeda2
                                                                                                                                                                                                                                                        0x00bbeda2
                                                                                                                                                                                                                                                        0x00bbeda2
                                                                                                                                                                                                                                                        0x00bbeda2
                                                                                                                                                                                                                                                        0x00bbedda
                                                                                                                                                                                                                                                        0x00bbede0
                                                                                                                                                                                                                                                        0x00bbedf2
                                                                                                                                                                                                                                                        0x00bbedf2
                                                                                                                                                                                                                                                        0x00bbedfb
                                                                                                                                                                                                                                                        0x00bbedfd
                                                                                                                                                                                                                                                        0x00bbee01
                                                                                                                                                                                                                                                        0x00bbee06
                                                                                                                                                                                                                                                        0x00bbee0d
                                                                                                                                                                                                                                                        0x00bbee0d
                                                                                                                                                                                                                                                        0x00bbee17
                                                                                                                                                                                                                                                        0x00bbee19
                                                                                                                                                                                                                                                        0x00bbee1d
                                                                                                                                                                                                                                                        0x00bbee22
                                                                                                                                                                                                                                                        0x00bbee29
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbee29
                                                                                                                                                                                                                                                        0x00bbee32

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,00000004), ref: 00BBEDF2
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(00000000,?,00BBED3B), ref: 00BBEE01
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?,?,00BBED3B), ref: 00BBEE1D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Free$StringUnicode$Heap
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2207616570-0
                                                                                                                                                                                                                                                        • Opcode ID: 27e25f7f2774c46d7ebc21ad59b5a7e56ab11bfda95892f6d68655af4227fc17
                                                                                                                                                                                                                                                        • Instruction ID: a49dbb291cde2a98d57bc5966e50275434b74da3b71eb3c8fc1293a8d0ab0d47
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 27e25f7f2774c46d7ebc21ad59b5a7e56ab11bfda95892f6d68655af4227fc17
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EF2188B5200680DFD325DF18C584FB1B7E4FB08714F6088A8E84A4BB61CBB9EC85DB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE2E40(void* __edx, void* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				long _t26;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t24 = __edx;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t18 = _a4;
                                                                                                                                                                                                                                                        				_t26 = 0;
                                                                                                                                                                                                                                                        				_t10 = _t9 ^ _t27;
                                                                                                                                                                                                                                                        				_v20 = _t9 ^ _t27;
                                                                                                                                                                                                                                                        				if(_a4 != 7) {
                                                                                                                                                                                                                                                        					if(OpenProcessToken(GetCurrentProcess(), 0x80,  &_v24) != 0) {
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						E00BC5200(_v24,  &_v28, _v24);
                                                                                                                                                                                                                                                        						_t26 = E00BE2D90(_v28, _t18); // executed
                                                                                                                                                                                                                                                        						_t10 = E00BC51B0(_t15,  &_v28); // executed
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t26 = GetLastError();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t10, _v20 ^ _t27, _t24);
                                                                                                                                                                                                                                                        				return _t26;
                                                                                                                                                                                                                                                        			}










                                                                                                                                                                                                                                                        0x00be2e40
                                                                                                                                                                                                                                                        0x00be2e49
                                                                                                                                                                                                                                                        0x00be2e4e
                                                                                                                                                                                                                                                        0x00be2e51
                                                                                                                                                                                                                                                        0x00be2e53
                                                                                                                                                                                                                                                        0x00be2e58
                                                                                                                                                                                                                                                        0x00be2e5b
                                                                                                                                                                                                                                                        0x00be2e89
                                                                                                                                                                                                                                                        0x00be2e9b
                                                                                                                                                                                                                                                        0x00be2ea5
                                                                                                                                                                                                                                                        0x00be2eb8
                                                                                                                                                                                                                                                        0x00be2eba
                                                                                                                                                                                                                                                        0x00be2e8b
                                                                                                                                                                                                                                                        0x00be2e91
                                                                                                                                                                                                                                                        0x00be2e91
                                                                                                                                                                                                                                                        0x00be2e89
                                                                                                                                                                                                                                                        0x00be2e62
                                                                                                                                                                                                                                                        0x00be2e70

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE2E71
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,00000080,?), ref: 00BE2E81
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE2E8B
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2D90: ConvertStringSidToSidW.ADVAPI32(00BE164E,?), ref: 00BE2DC7
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2D90: GetLengthSid.ADVAPI32(00000000,00BE164E,?), ref: 00BE2DE3
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2D90: SetTokenInformation.ADVAPI32(00000000,00000019,?,-00000008), ref: 00BE2DF3
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2D90: GetLastError.KERNEL32(?,-00000008), ref: 00BE2DFB
                                                                                                                                                                                                                                                          • Part of subcall function 00BE2D90: LocalFree.KERNEL32(00000000,?,-00000008), ref: 00BE2E07
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$ProcessToken$ConvertCurrentFreeHandleInformationLengthLocalOpenStringVerifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1785949060-0
                                                                                                                                                                                                                                                        • Opcode ID: 7e8d98db11c291b98ed43212872d7865e611d0787b8d15496dc2b752d0192d0c
                                                                                                                                                                                                                                                        • Instruction ID: e0c366e7945b65ff894c50e7900881594b85af818cd7a92fb45467047a858fce
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7e8d98db11c291b98ed43212872d7865e611d0787b8d15496dc2b752d0192d0c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 48018471A0025A9BCB109BB1DC4AA7F7BBCEF44744F000469E905AB240EF705D04C7E0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                                                                                                                        			E00BCB920() {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				intOrPtr _t10;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t22 = (_t20 & 0xfffffff0) - 0x30;
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t8 ^ _t19;
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t18 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t10 =  *0xbfb4d8; // 0x80000004
                                                                                                                                                                                                                                                        				if(_t10 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t14 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					_t10 = E00BEE547(_t10, 0xbfb4d8);
                                                                                                                                                                                                                                                        					_t23 = _t22 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfb4d8 == 0xffffffff) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esp], xmm0");
                                                                                                                                                                                                                                                        						__imp__GetNativeSystemInfo(_t23); // executed
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [esp+0x10]");
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [esp+0x18]");
                                                                                                                                                                                                                                                        						asm("movsd xmm2, [esp]");
                                                                                                                                                                                                                                                        						asm("movsd [0xbfb4c4], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [esp+0x8]");
                                                                                                                                                                                                                                                        						 *0xbfb4d4 = _v24;
                                                                                                                                                                                                                                                        						asm("movsd [0xbfb4cc], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd [0xbfb4b4], xmm2");
                                                                                                                                                                                                                                                        						asm("movsd [0xbfb4bc], xmm1");
                                                                                                                                                                                                                                                        						_t10 = E00BEE599(0xbfb4d8);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_t10, _v16 ^ _t19, _t18);
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bcb926
                                                                                                                                                                                                                                                        0x00bcb929
                                                                                                                                                                                                                                                        0x00bcb930
                                                                                                                                                                                                                                                        0x00bcb934
                                                                                                                                                                                                                                                        0x00bcb93a
                                                                                                                                                                                                                                                        0x00bcb941
                                                                                                                                                                                                                                                        0x00bcb94f
                                                                                                                                                                                                                                                        0x00bcb965
                                                                                                                                                                                                                                                        0x00bcb96a
                                                                                                                                                                                                                                                        0x00bcb974
                                                                                                                                                                                                                                                        0x00bcb976
                                                                                                                                                                                                                                                        0x00bcb97b
                                                                                                                                                                                                                                                        0x00bcb983
                                                                                                                                                                                                                                                        0x00bcb988
                                                                                                                                                                                                                                                        0x00bcb98d
                                                                                                                                                                                                                                                        0x00bcb993
                                                                                                                                                                                                                                                        0x00bcb99d
                                                                                                                                                                                                                                                        0x00bcb9a3
                                                                                                                                                                                                                                                        0x00bcb9a8
                                                                                                                                                                                                                                                        0x00bcb9b0
                                                                                                                                                                                                                                                        0x00bcb9b6
                                                                                                                                                                                                                                                        0x00bcb9bb
                                                                                                                                                                                                                                                        0x00bcb9c3
                                                                                                                                                                                                                                                        0x00bcb9cb
                                                                                                                                                                                                                                                        0x00bcb9d8
                                                                                                                                                                                                                                                        0x00bcb9dd
                                                                                                                                                                                                                                                        0x00bcb974
                                                                                                                                                                                                                                                        0x00bcb95f

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCB965
                                                                                                                                                                                                                                                        • GetNativeSystemInfo.KERNEL32 ref: 00BCB98D
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCB9D8
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: InfoInit_thread_footerInit_thread_headerNativeSystem
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 420575652-0
                                                                                                                                                                                                                                                        • Opcode ID: 2273f5b0e3687dc2742ff26d3abf86812ace01417f0c9e8ad210ffffe30db32c
                                                                                                                                                                                                                                                        • Instruction ID: e5b5246a33a09f29786c87be0365da90459250869fd4117b6ab3020918e4499b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2273f5b0e3687dc2742ff26d3abf86812ace01417f0c9e8ad210ffffe30db32c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4D115BB0908B448BD201DF28EA46E66B3E4FF9E314F00479DE95957362EF31A545CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 92%
                                                                                                                                                                                                                                                        			E00BC0D40(signed int __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int* _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				signed int* _t62;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				signed int _t102;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				signed int _t115;
                                                                                                                                                                                                                                                        				void _t117;
                                                                                                                                                                                                                                                        				signed int _t118;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t76 = __ecx;
                                                                                                                                                                                                                                                        				if(__edx == 1) {
                                                                                                                                                                                                                                                        					_t55 =  *__ecx;
                                                                                                                                                                                                                                                        					if(_t55 == 4) {
                                                                                                                                                                                                                                                        						_t108 = 1;
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t60 = RtlAllocateHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t108 * 4); // executed
                                                                                                                                                                                                                                                        						_v28 = _t60;
                                                                                                                                                                                                                                                        						if(_t60 == 0) {
                                                                                                                                                                                                                                                        							L5:
                                                                                                                                                                                                                                                        							return 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t61 = _t76[1];
                                                                                                                                                                                                                                                        						if(_t61 <= 0) {
                                                                                                                                                                                                                                                        							L26:
                                                                                                                                                                                                                                                        							_t56 = _v28;
                                                                                                                                                                                                                                                        							L27:
                                                                                                                                                                                                                                                        							 *_t76 = _t56;
                                                                                                                                                                                                                                                        							_t76[2] = _t108;
                                                                                                                                                                                                                                                        							return 1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t115 =  *_t76;
                                                                                                                                                                                                                                                        						_t88 = _t115 + _t61 * 4;
                                                                                                                                                                                                                                                        						_t62 = _t115 + 4;
                                                                                                                                                                                                                                                        						_v24 = _t62;
                                                                                                                                                                                                                                                        						_t102 =  !_t115;
                                                                                                                                                                                                                                                        						_t63 =  >  ? _t88 : _t62;
                                                                                                                                                                                                                                                        						_v20 = _t102;
                                                                                                                                                                                                                                                        						_t64 = ( >  ? _t88 : _t62) + _t102;
                                                                                                                                                                                                                                                        						_t65 = ( >  ? _t88 : _t62) + _t102 >> 2;
                                                                                                                                                                                                                                                        						_t66 = (( >  ? _t88 : _t62) + _t102 >> 2) + 1;
                                                                                                                                                                                                                                                        						_v36 = _t66;
                                                                                                                                                                                                                                                        						if(_t66 >= 8) {
                                                                                                                                                                                                                                                        							_v32 = _t108;
                                                                                                                                                                                                                                                        							_t104 =  >  ? _t88 : _v24;
                                                                                                                                                                                                                                                        							_t68 = _v28;
                                                                                                                                                                                                                                                        							_t112 = _t68;
                                                                                                                                                                                                                                                        							if(_t68 >= (_t104 + _v20 & 0xfffffffc) + _t115 + 4 || _t112 + (_t104 + _v20 + 0x00000004 & 0xfffffffc) <= _t115) {
                                                                                                                                                                                                                                                        								_v24 = _t76;
                                                                                                                                                                                                                                                        								_t70 = _v36 & 0xfffffff8;
                                                                                                                                                                                                                                                        								_t105 = _t115 + _t70 * 4;
                                                                                                                                                                                                                                                        								_v20 = _t70;
                                                                                                                                                                                                                                                        								_t71 = _t112 + _t70 * 4;
                                                                                                                                                                                                                                                        								_t113 = 0;
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									asm("movups xmm0, [esi+edi*4]");
                                                                                                                                                                                                                                                        									asm("movups xmm1, [esi+edi*4+0x10]");
                                                                                                                                                                                                                                                        									asm("movups [ebx+edi*4], xmm0");
                                                                                                                                                                                                                                                        									asm("movups [ebx+edi*4+0x10], xmm1");
                                                                                                                                                                                                                                                        									_t113 = _t113 + 8;
                                                                                                                                                                                                                                                        								} while (_v20 != _t113);
                                                                                                                                                                                                                                                        								_t76 = _v24;
                                                                                                                                                                                                                                                        								_t108 = _v32;
                                                                                                                                                                                                                                                        								if(_v36 == _v20) {
                                                                                                                                                                                                                                                        									goto L26;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L25;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t71 = _t112;
                                                                                                                                                                                                                                                        								_t108 = _v32;
                                                                                                                                                                                                                                                        								_t105 = _t115;
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									L25:
                                                                                                                                                                                                                                                        									_t117 =  *_t105;
                                                                                                                                                                                                                                                        									_t105 = _t105 + 4;
                                                                                                                                                                                                                                                        									 *_t71 = _t117;
                                                                                                                                                                                                                                                        									_t71 = _t71 + 4;
                                                                                                                                                                                                                                                        								} while (_t105 < _t88);
                                                                                                                                                                                                                                                        								goto L26;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t71 = _v28;
                                                                                                                                                                                                                                                        						_t105 = _t115;
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t106 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					if(_t106 == 0) {
                                                                                                                                                                                                                                                        						_t108 = 1;
                                                                                                                                                                                                                                                        						L16:
                                                                                                                                                                                                                                                        						_t56 = RtlReAllocateHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t55, _t108 * 4);
                                                                                                                                                                                                                                                        						if(_t56 != 0) {
                                                                                                                                                                                                                                                        							goto L27;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t106 > 0xfffffff) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t118 = _t106 * 8;
                                                                                                                                                                                                                                                        					asm("bsr ecx, ecx");
                                                                                                                                                                                                                                                        					_t80 =  <  ? 1 : 1 <<  ~(_t118 - 0x00000001 ^ 0x0000001f);
                                                                                                                                                                                                                                                        					_t81 = ( <  ? 1 : 1 <<  ~(_t118 - 0x00000001 ^ 0x0000001f)) - _t118;
                                                                                                                                                                                                                                                        					_t124 = ( <  ? 1 : 1 <<  ~(_t118 - 0x00000001 ^ 0x0000001f)) - _t118 - 3;
                                                                                                                                                                                                                                                        					_t76 = __ecx;
                                                                                                                                                                                                                                                        					_t94 = 0 | ( <  ? 1 : 1 <<  ~(_t118 - 0x00000001 ^ 0x0000001f)) - _t118 - 0x00000003 > 0x00000000;
                                                                                                                                                                                                                                                        					_t95 = (( <  ? 1 : 1 <<  ~(_t118 - 0x00000001 ^ 0x0000001f)) - _t118 - 3 > 0) + _t106 * 2;
                                                                                                                                                                                                                                                        					_t108 = _t95;
                                                                                                                                                                                                                                                        					if(_t95 <= 0x3fffffff) {
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t97 = __edx +  *(__ecx + 4);
                                                                                                                                                                                                                                                        				if(_t97 >= 0 && _t97 <= 0x1fffffff) {
                                                                                                                                                                                                                                                        					asm("bsr ecx, eax");
                                                                                                                                                                                                                                                        					_t108 =  >=  ? 1 <<  ~(__ecx ^ 0x0000001f) >> 2 : 0;
                                                                                                                                                                                                                                                        					_t55 =  *__ecx;
                                                                                                                                                                                                                                                        					if(_t55 != 4) {
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return 0;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bc0d49
                                                                                                                                                                                                                                                        0x00bc0d4e
                                                                                                                                                                                                                                                        0x00bc0d50
                                                                                                                                                                                                                                                        0x00bc0d55
                                                                                                                                                                                                                                                        0x00bc0df8
                                                                                                                                                                                                                                                        0x00bc0dfd
                                                                                                                                                                                                                                                        0x00bc0e14
                                                                                                                                                                                                                                                        0x00bc0e1b
                                                                                                                                                                                                                                                        0x00bc0e1e
                                                                                                                                                                                                                                                        0x00bc0db1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0db1
                                                                                                                                                                                                                                                        0x00bc0e20
                                                                                                                                                                                                                                                        0x00bc0e25
                                                                                                                                                                                                                                                        0x00bc0f1e
                                                                                                                                                                                                                                                        0x00bc0f1e
                                                                                                                                                                                                                                                        0x00bc0f21
                                                                                                                                                                                                                                                        0x00bc0f21
                                                                                                                                                                                                                                                        0x00bc0f25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0f25
                                                                                                                                                                                                                                                        0x00bc0e2b
                                                                                                                                                                                                                                                        0x00bc0e2d
                                                                                                                                                                                                                                                        0x00bc0e30
                                                                                                                                                                                                                                                        0x00bc0e37
                                                                                                                                                                                                                                                        0x00bc0e3a
                                                                                                                                                                                                                                                        0x00bc0e3c
                                                                                                                                                                                                                                                        0x00bc0e3f
                                                                                                                                                                                                                                                        0x00bc0e42
                                                                                                                                                                                                                                                        0x00bc0e44
                                                                                                                                                                                                                                                        0x00bc0e47
                                                                                                                                                                                                                                                        0x00bc0e4b
                                                                                                                                                                                                                                                        0x00bc0e4e
                                                                                                                                                                                                                                                        0x00bc0e8f
                                                                                                                                                                                                                                                        0x00bc0e94
                                                                                                                                                                                                                                                        0x00bc0e9a
                                                                                                                                                                                                                                                        0x00bc0ea6
                                                                                                                                                                                                                                                        0x00bc0ea8
                                                                                                                                                                                                                                                        0x00bc0ec6
                                                                                                                                                                                                                                                        0x00bc0ecb
                                                                                                                                                                                                                                                        0x00bc0ece
                                                                                                                                                                                                                                                        0x00bc0ed1
                                                                                                                                                                                                                                                        0x00bc0ed4
                                                                                                                                                                                                                                                        0x00bc0ed7
                                                                                                                                                                                                                                                        0x00bc0ee0
                                                                                                                                                                                                                                                        0x00bc0ee0
                                                                                                                                                                                                                                                        0x00bc0ee4
                                                                                                                                                                                                                                                        0x00bc0ee9
                                                                                                                                                                                                                                                        0x00bc0eed
                                                                                                                                                                                                                                                        0x00bc0ef2
                                                                                                                                                                                                                                                        0x00bc0ef5
                                                                                                                                                                                                                                                        0x00bc0efd
                                                                                                                                                                                                                                                        0x00bc0f00
                                                                                                                                                                                                                                                        0x00bc0f06
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0eba
                                                                                                                                                                                                                                                        0x00bc0eba
                                                                                                                                                                                                                                                        0x00bc0ebc
                                                                                                                                                                                                                                                        0x00bc0ebf
                                                                                                                                                                                                                                                        0x00bc0f10
                                                                                                                                                                                                                                                        0x00bc0f10
                                                                                                                                                                                                                                                        0x00bc0f10
                                                                                                                                                                                                                                                        0x00bc0f12
                                                                                                                                                                                                                                                        0x00bc0f15
                                                                                                                                                                                                                                                        0x00bc0f17
                                                                                                                                                                                                                                                        0x00bc0f1a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0f10
                                                                                                                                                                                                                                                        0x00bc0ea8
                                                                                                                                                                                                                                                        0x00bc0e50
                                                                                                                                                                                                                                                        0x00bc0e53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0e53
                                                                                                                                                                                                                                                        0x00bc0d5b
                                                                                                                                                                                                                                                        0x00bc0d60
                                                                                                                                                                                                                                                        0x00bc0e5a
                                                                                                                                                                                                                                                        0x00bc0e5f
                                                                                                                                                                                                                                                        0x00bc0e77
                                                                                                                                                                                                                                                        0x00bc0e7e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0e84
                                                                                                                                                                                                                                                        0x00bc0d6c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0d6e
                                                                                                                                                                                                                                                        0x00bc0d7f
                                                                                                                                                                                                                                                        0x00bc0d91
                                                                                                                                                                                                                                                        0x00bc0d96
                                                                                                                                                                                                                                                        0x00bc0d98
                                                                                                                                                                                                                                                        0x00bc0d9b
                                                                                                                                                                                                                                                        0x00bc0d9d
                                                                                                                                                                                                                                                        0x00bc0da0
                                                                                                                                                                                                                                                        0x00bc0da9
                                                                                                                                                                                                                                                        0x00bc0dab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0dab
                                                                                                                                                                                                                                                        0x00bc0dba
                                                                                                                                                                                                                                                        0x00bc0dbd
                                                                                                                                                                                                                                                        0x00bc0dd7
                                                                                                                                                                                                                                                        0x00bc0dec
                                                                                                                                                                                                                                                        0x00bc0def
                                                                                                                                                                                                                                                        0x00bc0df4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0df6
                                                                                                                                                                                                                                                        0x00bc0f2f

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                                                                                                                        • Opcode ID: 8251b922e09467ef58f6ac78e82ae71b18a4e4655b6b16bbafadcc374a817297
                                                                                                                                                                                                                                                        • Instruction ID: ec3ecf636e00248a27e250ecea7dc7abcf14358068d61d619c7b9686f118ea7e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8251b922e09467ef58f6ac78e82ae71b18a4e4655b6b16bbafadcc374a817297
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 44518331A10216CBDF24DF58C880BBEB3E6FB85314F68466DD8169B245D771F982CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BC51B0(void* __eax, intOrPtr* __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				void* _t7;
                                                                                                                                                                                                                                                        				void* _t8;
                                                                                                                                                                                                                                                        				intOrPtr* _t10;
                                                                                                                                                                                                                                                        				intOrPtr* _t12;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t7 =  *__ecx + 1;
                                                                                                                                                                                                                                                        				if(_t7 >= 2) {
                                                                                                                                                                                                                                                        					_t8 = E00BC50B0();
                                                                                                                                                                                                                                                        					_v20 =  *__ecx;
                                                                                                                                                                                                                                                        					_t10 = E00BCAB90();
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t10 + 8))(_v20, __ecx, _v0, _t8);
                                                                                                                                                                                                                                                        					_t12 = E00BCAB90();
                                                                                                                                                                                                                                                        					_t7 =  *((intOrPtr*)( *_t12))( *__ecx); // executed
                                                                                                                                                                                                                                                        					 *__ecx = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t7;
                                                                                                                                                                                                                                                        			}









                                                                                                                                                                                                                                                        0x00bc51b9
                                                                                                                                                                                                                                                        0x00bc51bd
                                                                                                                                                                                                                                                        0x00bc51c9
                                                                                                                                                                                                                                                        0x00bc51d5
                                                                                                                                                                                                                                                        0x00bc51d8
                                                                                                                                                                                                                                                        0x00bc51e7
                                                                                                                                                                                                                                                        0x00bc51ec
                                                                                                                                                                                                                                                        0x00bc51f6
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51c6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetHandleVerifier.FLASHPLAYER(00000000,?,?,?,?,00BC5220,?,00BDC412,00000000,?,00BDBECC), ref: 00BC51D8
                                                                                                                                                                                                                                                        • GetHandleVerifier.FLASHPLAYER(?,00BC5220,?,00BDC412,00000000,?,00BDBECC), ref: 00BC51EC
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleVerifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3954843157-0
                                                                                                                                                                                                                                                        • Opcode ID: decbcaa6028ab4a4bfc57b7ceadfbca13f87b217aad1d52a6e78576ec3e33355
                                                                                                                                                                                                                                                        • Instruction ID: 7705b35646f0b71496f68571d4048cdff09082b979331a7a6c155bd6a2157796
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: decbcaa6028ab4a4bfc57b7ceadfbca13f87b217aad1d52a6e78576ec3e33355
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E8F03075600514AFD720AF25C888E6BBBF9FF8A36471409ADF54687310DA32AC41DBD1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,string too long,?,00BBD92F,?,00BCA1A9,?,6F514DD0,?,00BBD857,?,?,?,?), ref: 00BBA8B8
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF,?,string too long,?,00BBD92F,?,00BCA1A9,?,6F514DD0,?,00BBD857,?,?,?,?), ref: 00BBA8DA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4043078735-0
                                                                                                                                                                                                                                                        • Opcode ID: 0521e23af23f3df5a2457dd03508ad69c38b5c2f85298cba9a3df46e98e27e3a
                                                                                                                                                                                                                                                        • Instruction ID: 9dae6eee3201d611e54f56b3fa55405da746bf10d4059b141378da9996d0e525
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0521e23af23f3df5a2457dd03508ad69c38b5c2f85298cba9a3df46e98e27e3a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B6F082B3A002448BDA004678EC496AA73C89B543717048776F426C7AD0FAA6D8D1D25A
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE9CA0(void* __ecx) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _t5;
                                                                                                                                                                                                                                                        				void* _t11;
                                                                                                                                                                                                                                                        				void* _t15;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t5 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v12 = _t5 ^ _t16;
                                                                                                                                                                                                                                                        				_t8 = RegOpenKeyExW(__ecx, 0, 0, 0x2000000,  &_v16); // executed
                                                                                                                                                                                                                                                        				if(_t8 == 0) {
                                                                                                                                                                                                                                                        					if(RegCloseKey(_v16) == 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t11 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t11 = 1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t8, _v12 ^ _t16, _t15);
                                                                                                                                                                                                                                                        				return _t11;
                                                                                                                                                                                                                                                        			}









                                                                                                                                                                                                                                                        0x00be9ca7
                                                                                                                                                                                                                                                        0x00be9cae
                                                                                                                                                                                                                                                        0x00be9cbf
                                                                                                                                                                                                                                                        0x00be9cc7
                                                                                                                                                                                                                                                        0x00be9ce8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9cea
                                                                                                                                                                                                                                                        0x00be9cea
                                                                                                                                                                                                                                                        0x00be9cea
                                                                                                                                                                                                                                                        0x00be9cc9
                                                                                                                                                                                                                                                        0x00be9cc9
                                                                                                                                                                                                                                                        0x00be9cc9
                                                                                                                                                                                                                                                        0x00be9cc9
                                                                                                                                                                                                                                                        0x00be9cd0
                                                                                                                                                                                                                                                        0x00be9cdc

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegOpenKeyExW.KERNEL32(80000002,00000000,00000000,02000000,?,?,00BE9A46), ref: 00BE9CBF
                                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?,?,00BE9A46), ref: 00BE9CE0
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseOpen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 47109696-0
                                                                                                                                                                                                                                                        • Opcode ID: 17f68446b340f4c4c304365f99fcdff8eec7b805b2510df29efc87185bbf7505
                                                                                                                                                                                                                                                        • Instruction ID: 01fcda96d5860e4ae9b6fc99e873ca42a195c1e8fa650b8bca0fc83c899fd112
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 17f68446b340f4c4c304365f99fcdff8eec7b805b2510df29efc87185bbf7505
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95F06571B40208ABEB106FA5EC85BAA7BECEB00714F6040B9E9159B380DF75E518D754
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlCreateHeap.NTDLL(00000002,00000000,00000000,00000000,00000000,00000000), ref: 00BE3874
                                                                                                                                                                                                                                                        • RtlDestroyHeap.NTDLL(00000000), ref: 00BE388D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Heap$CreateDestroy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3296620671-0
                                                                                                                                                                                                                                                        • Opcode ID: 3d95e2ef75d490b76596ff7bc4a2cc592671ebff55606188d5c2c6dd28e40108
                                                                                                                                                                                                                                                        • Instruction ID: 93622cf90cbec517c1ef1c87146705b7c7f4880a1698be3c985ddae94df93ca2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3d95e2ef75d490b76596ff7bc4a2cc592671ebff55606188d5c2c6dd28e40108
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A9E04671200300EAEB249B72EC0DB36B3E99700B06F1081ADA10DC79A0EF708A90CF40
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCAD40(void* __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				void* _t11;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t11 = _a4;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 5)) != 0) {
                                                                                                                                                                                                                                                        					E00BCA330(__ecx + 8, __ecx + 8);
                                                                                                                                                                                                                                                        					CloseHandle(_t11);
                                                                                                                                                                                                                                                        					E00BCA330(_t13, 0);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					FindCloseChangeNotification(_t11); // executed
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return 1;
                                                                                                                                                                                                                                                        			}




                                                                                                                                                                                                                                                        0x00bcad45
                                                                                                                                                                                                                                                        0x00bcad4c
                                                                                                                                                                                                                                                        0x00bcad65
                                                                                                                                                                                                                                                        0x00bcad6b
                                                                                                                                                                                                                                                        0x00bcad75
                                                                                                                                                                                                                                                        0x00bcad4e
                                                                                                                                                                                                                                                        0x00bcad4f
                                                                                                                                                                                                                                                        0x00bcad4f
                                                                                                                                                                                                                                                        0x00bcad5a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • FindCloseChangeNotification.KERNEL32(?), ref: 00BCAD4F
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 00BCAD6B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Close$ChangeFindHandleNotification
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4069496961-0
                                                                                                                                                                                                                                                        • Opcode ID: a33c24c7c485f0e658efc9e304e07f17e9dea004b224216f436ed2d42a845dd9
                                                                                                                                                                                                                                                        • Instruction ID: fd59f95bab24741bb946181e601e3a0c0cb5a3cf3ffdbd279b1d68e8cffb900f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a33c24c7c485f0e658efc9e304e07f17e9dea004b224216f436ed2d42a845dd9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EFE0263665816827C20126515C08FBF3F988FC3776F0000ADF50A17641CE1A1843C6F7
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BEBC30() {
                                                                                                                                                                                                                                                        				intOrPtr _t4;
                                                                                                                                                                                                                                                        				intOrPtr _t6;
                                                                                                                                                                                                                                                        				intOrPtr _t7;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t11 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t4 =  *0xbfb750; // 0x80000003
                                                                                                                                                                                                                                                        				if(_t4 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t9 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					E00BEE547(_t4, 0xbfb750);
                                                                                                                                                                                                                                                        					__eflags =  *0xbfb750 - 0xffffffff;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						_t7 = E00BEBC90(_t11, __eflags); // executed
                                                                                                                                                                                                                                                        						 *0xbfb74c = _t7;
                                                                                                                                                                                                                                                        						E00BEE599(0xbfb750);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t6 =  *0xbfb74c; // 0xbfb6cc
                                                                                                                                                                                                                                                        				return _t6;
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00bebc33
                                                                                                                                                                                                                                                        0x00bebc39
                                                                                                                                                                                                                                                        0x00bebc40
                                                                                                                                                                                                                                                        0x00bebc4e
                                                                                                                                                                                                                                                        0x00bebc5c
                                                                                                                                                                                                                                                        0x00bebc64
                                                                                                                                                                                                                                                        0x00bebc6b
                                                                                                                                                                                                                                                        0x00bebc6d
                                                                                                                                                                                                                                                        0x00bebc72
                                                                                                                                                                                                                                                        0x00bebc7c
                                                                                                                                                                                                                                                        0x00bebc81
                                                                                                                                                                                                                                                        0x00bebc6b
                                                                                                                                                                                                                                                        0x00bebc50
                                                                                                                                                                                                                                                        0x00bebc56

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BEBC5C
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BEBC7C
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Init_thread_footerInit_thread_header
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4092853384-0
                                                                                                                                                                                                                                                        • Opcode ID: d0d74c627656d1a14c6da89fba77381a5e0c52852d9977e375b267c94a3c9237
                                                                                                                                                                                                                                                        • Instruction ID: 3505f9ae8b7345d73f6b0007837b577a51d0e1287ae1abcbe4429cd17094d080
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d0d74c627656d1a14c6da89fba77381a5e0c52852d9977e375b267c94a3c9237
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0FE09270504288CBD610FB29E942C7633D0F784714F2005A6E92547791EF31BC40DB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 80%
                                                                                                                                                                                                                                                        			E00BBA740(void* __ecx, wchar_t* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				wchar_t* _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t14;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				wchar_t* _t21;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t21 = _a4;
                                                                                                                                                                                                                                                        				_t30 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t11 ^ _t31;
                                                                                                                                                                                                                                                        				_t13 = wcslen(_t21);
                                                                                                                                                                                                                                                        				_t33 = _t32 + 4;
                                                                                                                                                                                                                                                        				_t29 = _t13;
                                                                                                                                                                                                                                                        				_t14 =  *((intOrPtr*)(_t30 + 0x14));
                                                                                                                                                                                                                                                        				if(_t14 < _t29) {
                                                                                                                                                                                                                                                        					_v32 = _v24;
                                                                                                                                                                                                                                                        					_v28 = _t21;
                                                                                                                                                                                                                                                        					 *(_t33 - 0xc) = _t29; // executed
                                                                                                                                                                                                                                                        					_t16 = E00BBA7D0(_t21, _t30, _t29, _t30); // executed
                                                                                                                                                                                                                                                        					_t30 = _t16;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t27 = _t21;
                                                                                                                                                                                                                                                        					_t22 = _t30;
                                                                                                                                                                                                                                                        					if(_t14 >= 8) {
                                                                                                                                                                                                                                                        						_t22 =  *_t30;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *(_t30 + 0x10) = _t29;
                                                                                                                                                                                                                                                        					_t16 = memmove(_t22, _t27, _t29 + _t29);
                                                                                                                                                                                                                                                        					 *((short*)(_t22 + _t29 * 2)) = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t16, _v20 ^ _t31, _t28);
                                                                                                                                                                                                                                                        				return _t30;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00bba749
                                                                                                                                                                                                                                                        0x00bba74e
                                                                                                                                                                                                                                                        0x00bba751
                                                                                                                                                                                                                                                        0x00bba755
                                                                                                                                                                                                                                                        0x00bba759
                                                                                                                                                                                                                                                        0x00bba75e
                                                                                                                                                                                                                                                        0x00bba761
                                                                                                                                                                                                                                                        0x00bba763
                                                                                                                                                                                                                                                        0x00bba768
                                                                                                                                                                                                                                                        0x00bba7a9
                                                                                                                                                                                                                                                        0x00bba7ad
                                                                                                                                                                                                                                                        0x00bba7b1
                                                                                                                                                                                                                                                        0x00bba7b4
                                                                                                                                                                                                                                                        0x00bba7b9
                                                                                                                                                                                                                                                        0x00bba76a
                                                                                                                                                                                                                                                        0x00bba76a
                                                                                                                                                                                                                                                        0x00bba76f
                                                                                                                                                                                                                                                        0x00bba771
                                                                                                                                                                                                                                                        0x00bba7bd
                                                                                                                                                                                                                                                        0x00bba7bd
                                                                                                                                                                                                                                                        0x00bba775
                                                                                                                                                                                                                                                        0x00bba77d
                                                                                                                                                                                                                                                        0x00bba785
                                                                                                                                                                                                                                                        0x00bba785
                                                                                                                                                                                                                                                        0x00bba790
                                                                                                                                                                                                                                                        0x00bba79e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memmovewcslen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 991614986-0
                                                                                                                                                                                                                                                        • Opcode ID: cfb399daa66e5851c3d93313a16d7065f1b125bc256ca98570c93035ebdfe13f
                                                                                                                                                                                                                                                        • Instruction ID: b751885271524759ad40a5f52ea4cae81383551bb2b1bd3d3f670b5e1b342205
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cfb399daa66e5851c3d93313a16d7065f1b125bc256ca98570c93035ebdfe13f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BB0192B1B182545BD7109F2ADC818BFBBF99B84310B140979E88687302DE709C0483A6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE3D30(void* __eflags, intOrPtr _a4, long* _a8, intOrPtr* _a12, intOrPtr* _a16) {
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				unsigned int _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				intOrPtr _t40;
                                                                                                                                                                                                                                                        				signed short* _t41;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				void* _t52;
                                                                                                                                                                                                                                                        				long* _t56;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				intOrPtr* _t63;
                                                                                                                                                                                                                                                        				intOrPtr* _t64;
                                                                                                                                                                                                                                                        				intOrPtr _t68;
                                                                                                                                                                                                                                                        				void* _t69;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v40 = _t70;
                                                                                                                                                                                                                                                        				_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        				_v24 = 0xbf9764;
                                                                                                                                                                                                                                                        				_v28 = 0xbef860;
                                                                                                                                                                                                                                                        				_t69 = 0xc0000017;
                                                                                                                                                                                                                                                        				_v32 =  *[fs:0x0];
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &_v32; // executed
                                                                                                                                                                                                                                                        				_t37 = E00BE3850( &_v32); // executed
                                                                                                                                                                                                                                                        				if(_t37 == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					 *[fs:0x0] = _v32;
                                                                                                                                                                                                                                                        					return _t69;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t56 = _a8;
                                                                                                                                                                                                                                                        				_t40 = _a4;
                                                                                                                                                                                                                                                        				_t69 = 0xc0000001;
                                                                                                                                                                                                                                                        				if(_a16 != 0 ||  *((intOrPtr*)(_t40 + 4)) == 0) {
                                                                                                                                                                                                                                                        					_t41 =  *(_t40 + 8);
                                                                                                                                                                                                                                                        					if(_t41 == 0 || _t41[2] == 0) {
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t44 =  *_t41 & 0x0000ffff;
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						_v48 = _t44;
                                                                                                                                                                                                                                                        						_v44 = _t44 + 2;
                                                                                                                                                                                                                                                        						_t49 = E00BE3D00(E00BE3CC0(_a8, E00BE3CE0(_t44 + 0x00000002 & 0xfffffffe, 0)), _a8);
                                                                                                                                                                                                                                                        						_t56 = _a8;
                                                                                                                                                                                                                                                        						_t69 = 0xc0000001;
                                                                                                                                                                                                                                                        						if(_t49 == 0) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t51 = E00BE3980(E00BD1C40(_t56),  *((intOrPtr*)( *((intOrPtr*)(_a4 + 8)) + 4)), _v48);
                                                                                                                                                                                                                                                        						if(_t51 < 0) {
                                                                                                                                                                                                                                                        							_t56 = _a8;
                                                                                                                                                                                                                                                        							_t69 = _t51;
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t52 = E00BD1C40(_a8);
                                                                                                                                                                                                                                                        							_t63 = _a12;
                                                                                                                                                                                                                                                        							 *((short*)(_t52 + (_v44 >> 1) * 2 - 2)) = 0;
                                                                                                                                                                                                                                                        							_t68 = _a4;
                                                                                                                                                                                                                                                        							if(_t63 != 0) {
                                                                                                                                                                                                                                                        								 *_t63 =  *((intOrPtr*)(_t68 + 0xc));
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t64 = _a16;
                                                                                                                                                                                                                                                        							_t69 = 0;
                                                                                                                                                                                                                                                        							if(_t64 != 0) {
                                                                                                                                                                                                                                                        								 *_t64 =  *((intOrPtr*)(_t68 + 4));
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t42 =  *_t56;
                                                                                                                                                                                                                                                        					if(_t42 != 0) {
                                                                                                                                                                                                                                                        						 *_t56 = 0;
                                                                                                                                                                                                                                                        						_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        						_t57 =  *0xbfb67c; // 0x69d0000
                                                                                                                                                                                                                                                        						RtlFreeHeap(_t57, 0, _t42);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00be3d39
                                                                                                                                                                                                                                                        0x00be3d3c
                                                                                                                                                                                                                                                        0x00be3d43
                                                                                                                                                                                                                                                        0x00be3d4a
                                                                                                                                                                                                                                                        0x00be3d54
                                                                                                                                                                                                                                                        0x00be3d60
                                                                                                                                                                                                                                                        0x00be3d63
                                                                                                                                                                                                                                                        0x00be3d69
                                                                                                                                                                                                                                                        0x00be3d70
                                                                                                                                                                                                                                                        0x00be3dac
                                                                                                                                                                                                                                                        0x00be3daf
                                                                                                                                                                                                                                                        0x00be3dbe
                                                                                                                                                                                                                                                        0x00be3dbe
                                                                                                                                                                                                                                                        0x00be3d72
                                                                                                                                                                                                                                                        0x00be3d75
                                                                                                                                                                                                                                                        0x00be3d7c
                                                                                                                                                                                                                                                        0x00be3d81
                                                                                                                                                                                                                                                        0x00be3dbf
                                                                                                                                                                                                                                                        0x00be3dc4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3dcc
                                                                                                                                                                                                                                                        0x00be3dcc
                                                                                                                                                                                                                                                        0x00be3dcf
                                                                                                                                                                                                                                                        0x00be3dd6
                                                                                                                                                                                                                                                        0x00be3ddc
                                                                                                                                                                                                                                                        0x00be3dfd
                                                                                                                                                                                                                                                        0x00be3e02
                                                                                                                                                                                                                                                        0x00be3e07
                                                                                                                                                                                                                                                        0x00be3e0c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3e24
                                                                                                                                                                                                                                                        0x00be3e2e
                                                                                                                                                                                                                                                        0x00be3e6a
                                                                                                                                                                                                                                                        0x00be3e6d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3e30
                                                                                                                                                                                                                                                        0x00be3e33
                                                                                                                                                                                                                                                        0x00be3e3b
                                                                                                                                                                                                                                                        0x00be3e42
                                                                                                                                                                                                                                                        0x00be3e49
                                                                                                                                                                                                                                                        0x00be3e4c
                                                                                                                                                                                                                                                        0x00be3e51
                                                                                                                                                                                                                                                        0x00be3e51
                                                                                                                                                                                                                                                        0x00be3e53
                                                                                                                                                                                                                                                        0x00be3e56
                                                                                                                                                                                                                                                        0x00be3e5a
                                                                                                                                                                                                                                                        0x00be3e63
                                                                                                                                                                                                                                                        0x00be3e63
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3e5a
                                                                                                                                                                                                                                                        0x00be3e2e
                                                                                                                                                                                                                                                        0x00be3d89
                                                                                                                                                                                                                                                        0x00be3d89
                                                                                                                                                                                                                                                        0x00be3d89
                                                                                                                                                                                                                                                        0x00be3d8d
                                                                                                                                                                                                                                                        0x00be3d8f
                                                                                                                                                                                                                                                        0x00be3d95
                                                                                                                                                                                                                                                        0x00be3d9c
                                                                                                                                                                                                                                                        0x00be3da6
                                                                                                                                                                                                                                                        0x00be3da6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3d8d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(069D0000,00000000,?), ref: 00BE3DA6
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FreeHeap
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3298025750-0
                                                                                                                                                                                                                                                        • Opcode ID: 340be504567ca2903cd642da8b591b601bf08551de0b08f355f8f16a91e1d4ae
                                                                                                                                                                                                                                                        • Instruction ID: cef853e63ba994db5aa161ac85c51b46c4af6edda25217d8b8954a6e7193e17c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 340be504567ca2903cd642da8b591b601bf08551de0b08f355f8f16a91e1d4ae
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B441A071A00249DFDB14DF6AC848BAAB7F5EF44B24F14C1A8E8159B390D735DE40CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB2D00(char* __ecx, void* __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        				char* _t41;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t39 = __edx;
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t41 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t26 ^ _t42;
                                                                                                                                                                                                                                                        				 *__ecx = 0;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 8)) = 0;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0x18)) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 0x20) = 0;
                                                                                                                                                                                                                                                        				E00BBA640(_t26 ^ _t42,  &_v24); // executed
                                                                                                                                                                                                                                                        				_t33 = _v24;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x38)) = 7;
                                                                                                                                                                                                                                                        				 *(__ecx + 0x34) = 0;
                                                                                                                                                                                                                                                        				 *((short*)(__ecx + 0x24)) = 0;
                                                                                                                                                                                                                                                        				E00BBA740(__ecx + 0x24, _t33);
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				if(_t33 != 0) {
                                                                                                                                                                                                                                                        					free(_t33);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *(_t41 + 0x4c) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t41 + 0x50)) = 7;
                                                                                                                                                                                                                                                        				 *((short*)(_t41 + 0x3c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t41 + 0x68)) = 7;
                                                                                                                                                                                                                                                        				 *(_t41 + 0x64) = 0;
                                                                                                                                                                                                                                                        				 *((short*)(_t41 + 0x54)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t41 + 0x80)) = 7;
                                                                                                                                                                                                                                                        				 *(_t41 + 0x7c) = 0;
                                                                                                                                                                                                                                                        				 *((short*)(_t41 + 0x6c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t41 + 0x98)) = 7;
                                                                                                                                                                                                                                                        				 *(_t41 + 0x94) = 0;
                                                                                                                                                                                                                                                        				 *((short*)(_t41 + 0x84)) = 0;
                                                                                                                                                                                                                                                        				E00BEECB0(7, _v20 ^ _t42, _t39);
                                                                                                                                                                                                                                                        				return _t41;
                                                                                                                                                                                                                                                        			}










                                                                                                                                                                                                                                                        0x00bb2d00
                                                                                                                                                                                                                                                        0x00bb2d09
                                                                                                                                                                                                                                                        0x00bb2d0e
                                                                                                                                                                                                                                                        0x00bb2d15
                                                                                                                                                                                                                                                        0x00bb2d18
                                                                                                                                                                                                                                                        0x00bb2d1b
                                                                                                                                                                                                                                                        0x00bb2d1f
                                                                                                                                                                                                                                                        0x00bb2d23
                                                                                                                                                                                                                                                        0x00bb2d27
                                                                                                                                                                                                                                                        0x00bb2d31
                                                                                                                                                                                                                                                        0x00bb2d36
                                                                                                                                                                                                                                                        0x00bb2d39
                                                                                                                                                                                                                                                        0x00bb2d40
                                                                                                                                                                                                                                                        0x00bb2d47
                                                                                                                                                                                                                                                        0x00bb2d50
                                                                                                                                                                                                                                                        0x00bb2d57
                                                                                                                                                                                                                                                        0x00bb2d5e
                                                                                                                                                                                                                                                        0x00bb2d61
                                                                                                                                                                                                                                                        0x00bb2d67
                                                                                                                                                                                                                                                        0x00bb2d6f
                                                                                                                                                                                                                                                        0x00bb2d76
                                                                                                                                                                                                                                                        0x00bb2d79
                                                                                                                                                                                                                                                        0x00bb2d7f
                                                                                                                                                                                                                                                        0x00bb2d82
                                                                                                                                                                                                                                                        0x00bb2d89
                                                                                                                                                                                                                                                        0x00bb2d8f
                                                                                                                                                                                                                                                        0x00bb2d95
                                                                                                                                                                                                                                                        0x00bb2d9c
                                                                                                                                                                                                                                                        0x00bb2da2
                                                                                                                                                                                                                                                        0x00bb2da8
                                                                                                                                                                                                                                                        0x00bb2db2
                                                                                                                                                                                                                                                        0x00bb2dc0
                                                                                                                                                                                                                                                        0x00bb2dce

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: moz_xmalloc.MOZGLUE(FFFFFFFF,?,00BB2D36,?,00BB3EE0), ref: 00BBA660
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: memset.NTDLL ref: 00BBA66F
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA682
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: moz_xmalloc.MOZGLUE(FFFFFFFF,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA69E
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: memset.NTDLL ref: 00BBA6AD
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000105,?,?,?,?,?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6BA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA640: free.MOZGLUE(?,?,?,?,?,?,?,00BB2D36,?,00BB3EE0), ref: 00BBA6CF
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB2D61
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: freememsetmoz_xmalloc$FileModuleNamememmovewcscpy_swcslen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 114180017-0
                                                                                                                                                                                                                                                        • Opcode ID: f485adaa40b0301144b7e6e30ad312161935ecccf518ca8e47768627aa6bbb73
                                                                                                                                                                                                                                                        • Instruction ID: 511a9e4048d59ec7636cdbe9a7864e2495b6653fa93fe8523853807eb64cb4b8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f485adaa40b0301144b7e6e30ad312161935ecccf518ca8e47768627aa6bbb73
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CD21F9B05007448BE320CF29C959797BBE4BF04308F10086DD49A9B791DBBAA509CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 94%
                                                                                                                                                                                                                                                        			E00BCABB0(intOrPtr* __ecx, char __edx) {
                                                                                                                                                                                                                                                        				intOrPtr* _t14;
                                                                                                                                                                                                                                                        				intOrPtr* _t23;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				 *__ecx = 0xbf0fc0;
                                                                                                                                                                                                                                                        				_t23 = __ecx;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 5)) = __edx;
                                                                                                                                                                                                                                                        				E00BCA370(__ecx + 8, 0); // executed
                                                                                                                                                                                                                                                        				_t14 = E00BCACD0();
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x10)) = _t14;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x14)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x18)) = 0;
                                                                                                                                                                                                                                                        				_t5 = _t23 + 0x14; // 0x14
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				_push(0x20);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				 *_t14 = _t14;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t14 + 4)) = _t14;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x18)) = _t14;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x24)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x28)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t23 + 0x14)) = 0x3f800000;
                                                                                                                                                                                                                                                        				E00BC3300(_t5, 8);
                                                                                                                                                                                                                                                        				return _t23;
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bcabb5
                                                                                                                                                                                                                                                        0x00bcabbb
                                                                                                                                                                                                                                                        0x00bcabbd
                                                                                                                                                                                                                                                        0x00bcabc5
                                                                                                                                                                                                                                                        0x00bcabca
                                                                                                                                                                                                                                                        0x00bcabcf
                                                                                                                                                                                                                                                        0x00bcabd2
                                                                                                                                                                                                                                                        0x00bcabd9
                                                                                                                                                                                                                                                        0x00bcabe0
                                                                                                                                                                                                                                                        0x00bcabe3
                                                                                                                                                                                                                                                        0x00bcabea
                                                                                                                                                                                                                                                        0x00bcabec
                                                                                                                                                                                                                                                        0x00bcabfb
                                                                                                                                                                                                                                                        0x00bcabfd
                                                                                                                                                                                                                                                        0x00bcac00
                                                                                                                                                                                                                                                        0x00bcac03
                                                                                                                                                                                                                                                        0x00bcac0a
                                                                                                                                                                                                                                                        0x00bcac11
                                                                                                                                                                                                                                                        0x00bcac18
                                                                                                                                                                                                                                                        0x00bcac1f
                                                                                                                                                                                                                                                        0x00bcac29

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BCACD0: __Init_thread_header.LIBCMT ref: 00BCACF6
                                                                                                                                                                                                                                                          • Part of subcall function 00BCACD0: ??2@YAPAXI@Z.MOZGLUE(00000004), ref: 00BCAD09
                                                                                                                                                                                                                                                          • Part of subcall function 00BCACD0: __Init_thread_footer.LIBCMT ref: 00BCAD25
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000020), ref: 00BCABEC
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$Init_thread_footerInit_thread_header
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1593466182-0
                                                                                                                                                                                                                                                        • Opcode ID: 02b192d8d45f9c676e94551540dc27a3b1941aec83b0ec97fd4718d69f43953a
                                                                                                                                                                                                                                                        • Instruction ID: 15a0d77f1048dc0f53b3e3cd0faa1b54fa4c42b5ff5b7b746ff636e6c548cdf9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 02b192d8d45f9c676e94551540dc27a3b1941aec83b0ec97fd4718d69f43953a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 06F04FB15017408FD3709F59D805707BEF4EF45704F104A6DE18A8BB52D7B5A50D8BE6
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BD6270(void*** __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				int _v212;
                                                                                                                                                                                                                                                        				long _v220;
                                                                                                                                                                                                                                                        				void _v224;
                                                                                                                                                                                                                                                        				long _v228;
                                                                                                                                                                                                                                                        				long _v232;
                                                                                                                                                                                                                                                        				void* _v236;
                                                                                                                                                                                                                                                        				void _v240;
                                                                                                                                                                                                                                                        				void* _v244;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				int _t36;
                                                                                                                                                                                                                                                        				int _t50;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				signed int _t64;
                                                                                                                                                                                                                                                        				int _t66;
                                                                                                                                                                                                                                                        				void*** _t67;
                                                                                                                                                                                                                                                        				signed int _t68;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __edx;
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t67 = __ecx;
                                                                                                                                                                                                                                                        				_t27 = _t26 ^ _t68;
                                                                                                                                                                                                                                                        				_v24 = _t26 ^ _t68;
                                                                                                                                                                                                                                                        				if(__edx != 0) {
                                                                                                                                                                                                                                                        					_push(0);
                                                                                                                                                                                                                                                        					_push("_TargetNtMapViewOfSection@44");
                                                                                                                                                                                                                                                        					E00BD5BD0(__ecx, __eflags,  &M00BF146A, "NtMapViewOfSection", 1);
                                                                                                                                                                                                                                                        					_push(1);
                                                                                                                                                                                                                                                        					_push("_TargetNtUnmapViewOfSection@12");
                                                                                                                                                                                                                                                        					E00BD5BD0(__ecx, __eflags,  &M00BF146A, "NtUnmapViewOfSection", 1);
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					_t31 =  *( *_t67);
                                                                                                                                                                                                                                                        					_v244 = _t31;
                                                                                                                                                                                                                                                        					_v236 = VirtualAllocEx(_t31, 0, 0x10000, 0x2000, 1);
                                                                                                                                                                                                                                                        					_t8 = (_t67[2] << 6) + 0x50; // 0x50
                                                                                                                                                                                                                                                        					_v240 = _t8;
                                                                                                                                                                                                                                                        					_t33 = E00BD5940(_t8);
                                                                                                                                                                                                                                                        					_t64 = _t33 & 0x00000fff;
                                                                                                                                                                                                                                                        					_t36 = VirtualAllocEx(_v244, (_t33 & 0xfffff000) + _v236, (_t67[2] << 0x00000006) + 0x0000104f & 0xfffff000, 0x1000, 0x40);
                                                                                                                                                                                                                                                        					_t50 = _t36;
                                                                                                                                                                                                                                                        					__eflags = _t36;
                                                                                                                                                                                                                                                        					if(_t36 == 0) {
                                                                                                                                                                                                                                                        						_push("thunk_base");
                                                                                                                                                                                                                                                        						E00BC1FF0( &_v224, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/interception.cc", 0x188);
                                                                                                                                                                                                                                                        						E00BC20C0();
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t51 = _t50 + _t64;
                                                                                                                                                                                                                                                        					_t65 = _v240;
                                                                                                                                                                                                                                                        					_v224 = _v240;
                                                                                                                                                                                                                                                        					_v212 = 0;
                                                                                                                                                                                                                                                        					_v220 = 0x10;
                                                                                                                                                                                                                                                        					memset("true", 0, 0xa8);
                                                                                                                                                                                                                                                        					_t62 = _t51;
                                                                                                                                                                                                                                                        					_t27 = E00BD66A0(_t51, _t67, _t51, _v240, _t67, _t65,  &_v224);
                                                                                                                                                                                                                                                        					_t66 = _t27;
                                                                                                                                                                                                                                                        					__eflags = _t27;
                                                                                                                                                                                                                                                        					if(_t27 == 0) {
                                                                                                                                                                                                                                                        						_t27 = WriteProcessMemory(_v244, _t51,  &_v224, 0x10,  &_v228);
                                                                                                                                                                                                                                                        						__eflags = _t27;
                                                                                                                                                                                                                                                        						_t66 = 0x2a;
                                                                                                                                                                                                                                                        						if(_t27 != 0) {
                                                                                                                                                                                                                                                        							__eflags = _v228 - 0x10;
                                                                                                                                                                                                                                                        							if(__eflags == 0) {
                                                                                                                                                                                                                                                        								VirtualProtectEx(_v244, _t51, _v240, 0x20,  &_v232);
                                                                                                                                                                                                                                                        								_t66 = E00BE9630( *_t67, _t62, __eflags, "g_originals", "true", 0xa8);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					E00BEECB0(_t27, _v40 ^ _t68, _t62);
                                                                                                                                                                                                                                                        					return _t66;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t66 = 0;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 8)) != 0) {
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00bd6270
                                                                                                                                                                                                                                                        0x00bd627f
                                                                                                                                                                                                                                                        0x00bd6284
                                                                                                                                                                                                                                                        0x00bd6286
                                                                                                                                                                                                                                                        0x00bd628a
                                                                                                                                                                                                                                                        0x00bd6291
                                                                                                                                                                                                                                                        0x00bd62b5
                                                                                                                                                                                                                                                        0x00bd62b7
                                                                                                                                                                                                                                                        0x00bd62c8
                                                                                                                                                                                                                                                        0x00bd62cf
                                                                                                                                                                                                                                                        0x00bd62d1
                                                                                                                                                                                                                                                        0x00bd62e2
                                                                                                                                                                                                                                                        0x00bd62e7
                                                                                                                                                                                                                                                        0x00bd62e9
                                                                                                                                                                                                                                                        0x00bd62eb
                                                                                                                                                                                                                                                        0x00bd6307
                                                                                                                                                                                                                                                        0x00bd630e
                                                                                                                                                                                                                                                        0x00bd6311
                                                                                                                                                                                                                                                        0x00bd6315
                                                                                                                                                                                                                                                        0x00bd632b
                                                                                                                                                                                                                                                        0x00bd6344
                                                                                                                                                                                                                                                        0x00bd634a
                                                                                                                                                                                                                                                        0x00bd634c
                                                                                                                                                                                                                                                        0x00bd634e
                                                                                                                                                                                                                                                        0x00bd6354
                                                                                                                                                                                                                                                        0x00bd6363
                                                                                                                                                                                                                                                        0x00bd636c
                                                                                                                                                                                                                                                        0x00bd636c
                                                                                                                                                                                                                                                        0x00bd6371
                                                                                                                                                                                                                                                        0x00bd6373
                                                                                                                                                                                                                                                        0x00bd6377
                                                                                                                                                                                                                                                        0x00bd637b
                                                                                                                                                                                                                                                        0x00bd6383
                                                                                                                                                                                                                                                        0x00bd6397
                                                                                                                                                                                                                                                        0x00bd63a5
                                                                                                                                                                                                                                                        0x00bd63a9
                                                                                                                                                                                                                                                        0x00bd63b1
                                                                                                                                                                                                                                                        0x00bd63b3
                                                                                                                                                                                                                                                        0x00bd63b5
                                                                                                                                                                                                                                                        0x00bd63cc
                                                                                                                                                                                                                                                        0x00bd63d2
                                                                                                                                                                                                                                                        0x00bd63d4
                                                                                                                                                                                                                                                        0x00bd63d9
                                                                                                                                                                                                                                                        0x00bd63df
                                                                                                                                                                                                                                                        0x00bd63e4
                                                                                                                                                                                                                                                        0x00bd63fa
                                                                                                                                                                                                                                                        0x00bd6416
                                                                                                                                                                                                                                                        0x00bd6416
                                                                                                                                                                                                                                                        0x00bd63e4
                                                                                                                                                                                                                                                        0x00bd63d9
                                                                                                                                                                                                                                                        0x00bd629b
                                                                                                                                                                                                                                                        0x00bd62a4
                                                                                                                                                                                                                                                        0x00bd62b2
                                                                                                                                                                                                                                                        0x00bd62b2
                                                                                                                                                                                                                                                        0x00bd6293
                                                                                                                                                                                                                                                        0x00bd6299
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNEL32(?,00000000,00010000,00002000,00000001,ntdll.dll,NtUnmapViewOfSection,00000001,_TargetNtUnmapViewOfSection@12,00000001,ntdll.dll,NtMapViewOfSection,00000001,_TargetNtMapViewOfSection@44,00000000), ref: 00BD62FE
                                                                                                                                                                                                                                                        • VirtualAllocEx.KERNEL32(?,?,-0000104F,00001000,00000040), ref: 00BD6344
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BD6397
                                                                                                                                                                                                                                                        • WriteProcessMemory.KERNEL32(?,00000000,?,00000010,?), ref: 00BD63CC
                                                                                                                                                                                                                                                        • VirtualProtectEx.KERNEL32(00000010,00000000,?,00000020,?), ref: 00BD63FA
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • _TargetNtUnmapViewOfSection@12, xrefs: 00BD62D1
                                                                                                                                                                                                                                                        • _TargetNtMapViewOfSection@44, xrefs: 00BD62B7
                                                                                                                                                                                                                                                        • g_originals, xrefs: 00BD640C
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/interception.cc, xrefs: 00BD635E
                                                                                                                                                                                                                                                        • ntdll.dll, xrefs: 00BD62C3, 00BD62DD
                                                                                                                                                                                                                                                        • NtMapViewOfSection, xrefs: 00BD62BE
                                                                                                                                                                                                                                                        • thunk_base, xrefs: 00BD6354
                                                                                                                                                                                                                                                        • NtUnmapViewOfSection, xrefs: 00BD62D8
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Virtual$Alloc$MemoryProcessProtectWritememset
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/interception.cc$NtMapViewOfSection$NtUnmapViewOfSection$_TargetNtMapViewOfSection@44$_TargetNtUnmapViewOfSection@12$g_originals$ntdll.dll$thunk_base
                                                                                                                                                                                                                                                        • API String ID: 3767303471-1816357452
                                                                                                                                                                                                                                                        • Opcode ID: 05adbf8d82cfe06e7ed980f4bd1f7bd64cb45543dea7064cff15d3eef9bc7773
                                                                                                                                                                                                                                                        • Instruction ID: f32caef61adbd540ee9436d31114a1df7b95d469e5386a8e51ea992096fa6d12
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 05adbf8d82cfe06e7ed980f4bd1f7bd64cb45543dea7064cff15d3eef9bc7773
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4541B371784309ABE320DF14DC42F6AB7D5EB94B55F10086AF684973D1EBB09808CB62
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE0D0(char** __ecx, WCHAR* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _v52;
                                                                                                                                                                                                                                                        				long _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				long _v64;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				void* _v72;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				signed short _t47;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t62;
                                                                                                                                                                                                                                                        				char** _t63;
                                                                                                                                                                                                                                                        				signed int _t64;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t60 = __edx;
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t63 = __ecx;
                                                                                                                                                                                                                                                        				_t42 = _t41 ^ _t64;
                                                                                                                                                                                                                                                        				_v16 = _t41 ^ _t64;
                                                                                                                                                                                                                                                        				__ecx[1] = 0;
                                                                                                                                                                                                                                                        				 *__ecx = 0;
                                                                                                                                                                                                                                                        				__ecx[3] = 0;
                                                                                                                                                                                                                                                        				__ecx[2] = 0;
                                                                                                                                                                                                                                                        				__ecx[5] = 0;
                                                                                                                                                                                                                                                        				__ecx[4] = 0;
                                                                                                                                                                                                                                                        				__ecx[6] = 0;
                                                                                                                                                                                                                                                        				if(__edx == 0) {
                                                                                                                                                                                                                                                        					__ecx[6] = 1;
                                                                                                                                                                                                                                                        					 *__ecx = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        					__ecx[1] = 0x16a;
                                                                                                                                                                                                                                                        					__ecx[2] = 0x80070057;
                                                                                                                                                                                                                                                        					L9:
                                                                                                                                                                                                                                                        					E00BEECB0(_t42, _v16 ^ _t64, _t60);
                                                                                                                                                                                                                                                        					return _t63;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t45 = _a4;
                                                                                                                                                                                                                                                        				_v20 = 0;
                                                                                                                                                                                                                                                        				if(_t45 != 0) {
                                                                                                                                                                                                                                                        					if(_t45 != 1) {
                                                                                                                                                                                                                                                        						__ecx[6] = 1;
                                                                                                                                                                                                                                                        						 *__ecx = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        						__ecx[1] = 0x172;
                                                                                                                                                                                                                                                        						__ecx[2] = 0x80070057;
                                                                                                                                                                                                                                                        						_t61 = 0;
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						_t26 = _t61 + 1; // 0x100000000
                                                                                                                                                                                                                                                        						_t42 = _t26;
                                                                                                                                                                                                                                                        						if(_t26 >= 2) {
                                                                                                                                                                                                                                                        							_t42 = CloseHandle(_t61);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t46 = CreateFileW(__edx, 0, 7, 0, 3, 0x2000000, 0);
                                                                                                                                                                                                                                                        					_t61 = _t46;
                                                                                                                                                                                                                                                        					_v20 = _t46;
                                                                                                                                                                                                                                                        					if(_t46 == 0xffffffff) {
                                                                                                                                                                                                                                                        						_t47 = GetLastError();
                                                                                                                                                                                                                                                        						_t63[6] = 1;
                                                                                                                                                                                                                                                        						 *_t63 = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        						_t63[1] = 0x192;
                                                                                                                                                                                                                                                        						_t61 = 0xffffffff;
                                                                                                                                                                                                                                                        						_t57 =  <=  ? _t47 : _t47 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t63[2] =  <=  ? _t47 : _t47 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t60 =  &_v20;
                                                                                                                                                                                                                                                        					E00BBE290(_t63,  &_v20);
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t62 =  &_v28;
                                                                                                                                                                                                                                                        				RtlInitUnicodeString(_t62, __edx);
                                                                                                                                                                                                                                                        				_v60 = 0x18;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0x40;
                                                                                                                                                                                                                                                        				_v52 = _t62;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_v40 = 0;
                                                                                                                                                                                                                                                        				_v64 = 0;
                                                                                                                                                                                                                                                        				_v68 = 0;
                                                                                                                                                                                                                                                        				_t60 =  &_v72;
                                                                                                                                                                                                                                                        				_t50 = NtOpenFile( &_v72, 0x100080,  &_v60,  &_v68, 7, 0x4020);
                                                                                                                                                                                                                                                        				if(_t50 < 0) {
                                                                                                                                                                                                                                                        					_t63[6] = 1;
                                                                                                                                                                                                                                                        					 *_t63 = "/builds/worker/workspace/obj-build/dist/include/mozilla/WinHeaderOnlyUtils.h";
                                                                                                                                                                                                                                                        					_t63[1] = 0x185;
                                                                                                                                                                                                                                                        					_t61 = 0;
                                                                                                                                                                                                                                                        					_t63[2] = _t50 | 0x10000000;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t61 = _v92;
                                                                                                                                                                                                                                                        				_v48 = _t61;
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bbe0d0
                                                                                                                                                                                                                                                        0x00bbe0db
                                                                                                                                                                                                                                                        0x00bbe0e0
                                                                                                                                                                                                                                                        0x00bbe0e2
                                                                                                                                                                                                                                                        0x00bbe0e6
                                                                                                                                                                                                                                                        0x00bbe0ea
                                                                                                                                                                                                                                                        0x00bbe0f1
                                                                                                                                                                                                                                                        0x00bbe0f7
                                                                                                                                                                                                                                                        0x00bbe0fe
                                                                                                                                                                                                                                                        0x00bbe105
                                                                                                                                                                                                                                                        0x00bbe10c
                                                                                                                                                                                                                                                        0x00bbe113
                                                                                                                                                                                                                                                        0x00bbe117
                                                                                                                                                                                                                                                        0x00bbe201
                                                                                                                                                                                                                                                        0x00bbe205
                                                                                                                                                                                                                                                        0x00bbe20b
                                                                                                                                                                                                                                                        0x00bbe212
                                                                                                                                                                                                                                                        0x00bbe1ed
                                                                                                                                                                                                                                                        0x00bbe1f3
                                                                                                                                                                                                                                                        0x00bbe200
                                                                                                                                                                                                                                                        0x00bbe200
                                                                                                                                                                                                                                                        0x00bbe11d
                                                                                                                                                                                                                                                        0x00bbe120
                                                                                                                                                                                                                                                        0x00bbe12a
                                                                                                                                                                                                                                                        0x00bbe1a8
                                                                                                                                                                                                                                                        0x00bbe238
                                                                                                                                                                                                                                                        0x00bbe23c
                                                                                                                                                                                                                                                        0x00bbe242
                                                                                                                                                                                                                                                        0x00bbe249
                                                                                                                                                                                                                                                        0x00bbe250
                                                                                                                                                                                                                                                        0x00bbe1de
                                                                                                                                                                                                                                                        0x00bbe1de
                                                                                                                                                                                                                                                        0x00bbe1de
                                                                                                                                                                                                                                                        0x00bbe1e4
                                                                                                                                                                                                                                                        0x00bbe1e7
                                                                                                                                                                                                                                                        0x00bbe1e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe1e4
                                                                                                                                                                                                                                                        0x00bbe1be
                                                                                                                                                                                                                                                        0x00bbe1c4
                                                                                                                                                                                                                                                        0x00bbe1c9
                                                                                                                                                                                                                                                        0x00bbe1cd
                                                                                                                                                                                                                                                        0x00bbe254
                                                                                                                                                                                                                                                        0x00bbe25d
                                                                                                                                                                                                                                                        0x00bbe261
                                                                                                                                                                                                                                                        0x00bbe267
                                                                                                                                                                                                                                                        0x00bbe26e
                                                                                                                                                                                                                                                        0x00bbe27b
                                                                                                                                                                                                                                                        0x00bbe27e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe27e
                                                                                                                                                                                                                                                        0x00bbe1d3
                                                                                                                                                                                                                                                        0x00bbe1d3
                                                                                                                                                                                                                                                        0x00bbe1d9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe1d9
                                                                                                                                                                                                                                                        0x00bbe12c
                                                                                                                                                                                                                                                        0x00bbe132
                                                                                                                                                                                                                                                        0x00bbe13b
                                                                                                                                                                                                                                                        0x00bbe143
                                                                                                                                                                                                                                                        0x00bbe14b
                                                                                                                                                                                                                                                        0x00bbe153
                                                                                                                                                                                                                                                        0x00bbe157
                                                                                                                                                                                                                                                        0x00bbe15f
                                                                                                                                                                                                                                                        0x00bbe167
                                                                                                                                                                                                                                                        0x00bbe16f
                                                                                                                                                                                                                                                        0x00bbe17b
                                                                                                                                                                                                                                                        0x00bbe18e
                                                                                                                                                                                                                                                        0x00bbe195
                                                                                                                                                                                                                                                        0x00bbe220
                                                                                                                                                                                                                                                        0x00bbe224
                                                                                                                                                                                                                                                        0x00bbe22a
                                                                                                                                                                                                                                                        0x00bbe231
                                                                                                                                                                                                                                                        0x00bbe233
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe233
                                                                                                                                                                                                                                                        0x00bbe19b
                                                                                                                                                                                                                                                        0x00bbe19f
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,00000000), ref: 00BBE132
                                                                                                                                                                                                                                                        • NtOpenFile.NTDLL ref: 00BBE18E
                                                                                                                                                                                                                                                        • CreateFileW.KERNEL32(00000000,00000000,00000007,00000000,00000003,02000000,00000000), ref: 00BBE1BE
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00BBE1E7
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BBE254
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: File$CloseCreateErrorHandleInitLastOpenStringUnicode
                                                                                                                                                                                                                                                        • String ID: @
                                                                                                                                                                                                                                                        • API String ID: 1288004472-2766056989
                                                                                                                                                                                                                                                        • Opcode ID: fad8b40823792d5b4e9c3db38756cf580cb42e1db3b67c635b7cbc773f2299a1
                                                                                                                                                                                                                                                        • Instruction ID: b7e21a979b585329cbc345ae4c8e9417dcda605585f076a503c1c0e010401485
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fad8b40823792d5b4e9c3db38756cf580cb42e1db3b67c635b7cbc773f2299a1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3F416D71108341ABE320CF25C8447AABBE4FF84714F20895DE9E95B2D1D7F9E549CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BC0120(intOrPtr* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed int _v42;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				union _PROCESSINFOCLASS _v80;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				signed int _t43;
                                                                                                                                                                                                                                                        				int _t46;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        				short* _t56;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				SIZE_T* _t63;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t64;
                                                                                                                                                                                                                                                        				intOrPtr* _t73;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				short* _t80;
                                                                                                                                                                                                                                                        				intOrPtr _t81;
                                                                                                                                                                                                                                                        				intOrPtr* _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t83;
                                                                                                                                                                                                                                                        				long _t84;
                                                                                                                                                                                                                                                        				void* _t85;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				intOrPtr _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				signed int _t91;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t93 = _t92 - 0x28;
                                                                                                                                                                                                                                                        				_t37 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t37 ^ _t90;
                                                                                                                                                                                                                                                        				_t39 =  *((intOrPtr*)(_a8 + 0xc));
                                                                                                                                                                                                                                                        				if(_t39 == 2) {
                                                                                                                                                                                                                                                        					L14:
                                                                                                                                                                                                                                                        					E00BEECB0(_t39, _v20 ^ _t90, _t82);
                                                                                                                                                                                                                                                        					return 1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(_t39 != 1) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						E00BB77D5(0x43, _t82, __eflags);
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						_push(_t90);
                                                                                                                                                                                                                                                        						_t91 = _t93;
                                                                                                                                                                                                                                                        						_push(_t83);
                                                                                                                                                                                                                                                        						_t43 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        						_t84 = _v48;
                                                                                                                                                                                                                                                        						_t87 = _v52;
                                                                                                                                                                                                                                                        						_t63 =  &_v80;
                                                                                                                                                                                                                                                        						_v76 = _t43 ^ _t91;
                                                                                                                                                                                                                                                        						_v80 = 0;
                                                                                                                                                                                                                                                        						_t33 = _t84 + 0x10; // 0xbb27f9
                                                                                                                                                                                                                                                        						_t46 = WriteProcessMemory(_t87, _t33, 0x53, 0xc, _t63);
                                                                                                                                                                                                                                                        						__eflags = _t46;
                                                                                                                                                                                                                                                        						if(_t46 != 0) {
                                                                                                                                                                                                                                                        							_v32 = 1;
                                                                                                                                                                                                                                                        							_t85 = _t84 + 0xc;
                                                                                                                                                                                                                                                        							__eflags = _t85;
                                                                                                                                                                                                                                                        							_t46 = WriteProcessMemory(_t87, _t85,  &_v32, 4, _t63);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _v24 ^ _t91;
                                                                                                                                                                                                                                                        						return E00BEECB0(_t46, _v24 ^ _t91, _t82);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						RtlInitUnicodeString( &_v56, L"kernel32.dll");
                                                                                                                                                                                                                                                        						_t64 =  &_v44;
                                                                                                                                                                                                                                                        						if(NtQueryInformationProcess(0xffffffff, 0, _t64, 0x18,  &_v48) < 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							E00BB77D5(0x4b, _t82, _t106);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t88 =  *((intOrPtr*)(_v40 + 0xc));
                                                                                                                                                                                                                                                        							if(_t88 != 0) {
                                                                                                                                                                                                                                                        								_t83 =  *((intOrPtr*)(_t88 + 0x14));
                                                                                                                                                                                                                                                        								_t89 = _t88 + 0x14;
                                                                                                                                                                                                                                                        								if(_t83 != _t89) {
                                                                                                                                                                                                                                                        									asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t82 =  *((intOrPtr*)(_t83 + 0x20));
                                                                                                                                                                                                                                                        										_t79 = ( *(_t83 + 0x1c) & 0x0000ffff) >> 1;
                                                                                                                                                                                                                                                        										_t56 = _t82 + _t79 * 2 - 2;
                                                                                                                                                                                                                                                        										_t80 = _t56;
                                                                                                                                                                                                                                                        										if(_t79 != 0) {
                                                                                                                                                                                                                                                        											_t80 = _t56;
                                                                                                                                                                                                                                                        											asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        											while( *_t80 != 0x5c) {
                                                                                                                                                                                                                                                        												_t80 = _t80 + 0xfffffffe;
                                                                                                                                                                                                                                                        												if(_t80 >= _t82) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L10;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L10:
                                                                                                                                                                                                                                                        										_t81 = _t80 + 2;
                                                                                                                                                                                                                                                        										_v40 = _t81;
                                                                                                                                                                                                                                                        										_t59 = _t56 - _t81 + 0x00000002 & 0x0000fffe;
                                                                                                                                                                                                                                                        										_v44 = _t59;
                                                                                                                                                                                                                                                        										_v42 = _t59;
                                                                                                                                                                                                                                                        										if(RtlCompareUnicodeString(_t64,  &_v56, 1) != 0) {
                                                                                                                                                                                                                                                        											goto L11;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        										L11:
                                                                                                                                                                                                                                                        										_t83 =  *_t83;
                                                                                                                                                                                                                                                        										_t106 = _t83 - _t89;
                                                                                                                                                                                                                                                        									} while (_t83 != _t89);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_t73 = _a8;
                                                                                                                                                                                                                                                        						_t82 = _t73;
                                                                                                                                                                                                                                                        						_t54 =  *(_t83 + 0x10) & 0xfffffffc;
                                                                                                                                                                                                                                                        						 *_t82 =  *((intOrPtr*)(_t73 + 0x10)) + _t54;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t82 + 4)) =  *((intOrPtr*)(_t82 + 0x14)) + _t54;
                                                                                                                                                                                                                                                        						_t39 = _t54 +  *((intOrPtr*)(_t82 + 0x18));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t82 + 8)) = _t54 +  *((intOrPtr*)(_t82 + 0x18));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t82 + 0xc)) = 2;
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





































                                                                                                                                                                                                                                                        0x00bc0126
                                                                                                                                                                                                                                                        0x00bc0129
                                                                                                                                                                                                                                                        0x00bc0133
                                                                                                                                                                                                                                                        0x00bc0136
                                                                                                                                                                                                                                                        0x00bc013c
                                                                                                                                                                                                                                                        0x00bc021d
                                                                                                                                                                                                                                                        0x00bc0222
                                                                                                                                                                                                                                                        0x00bc0233
                                                                                                                                                                                                                                                        0x00bc0142
                                                                                                                                                                                                                                                        0x00bc0145
                                                                                                                                                                                                                                                        0x00bc0236
                                                                                                                                                                                                                                                        0x00bc023c
                                                                                                                                                                                                                                                        0x00bc0241
                                                                                                                                                                                                                                                        0x00bc0242
                                                                                                                                                                                                                                                        0x00bc0243
                                                                                                                                                                                                                                                        0x00bc0244
                                                                                                                                                                                                                                                        0x00bc0245
                                                                                                                                                                                                                                                        0x00bc0246
                                                                                                                                                                                                                                                        0x00bc0247
                                                                                                                                                                                                                                                        0x00bc0248
                                                                                                                                                                                                                                                        0x00bc0249
                                                                                                                                                                                                                                                        0x00bc024a
                                                                                                                                                                                                                                                        0x00bc024b
                                                                                                                                                                                                                                                        0x00bc024c
                                                                                                                                                                                                                                                        0x00bc024d
                                                                                                                                                                                                                                                        0x00bc024e
                                                                                                                                                                                                                                                        0x00bc024f
                                                                                                                                                                                                                                                        0x00bc0250
                                                                                                                                                                                                                                                        0x00bc0251
                                                                                                                                                                                                                                                        0x00bc0254
                                                                                                                                                                                                                                                        0x00bc0259
                                                                                                                                                                                                                                                        0x00bc025e
                                                                                                                                                                                                                                                        0x00bc0261
                                                                                                                                                                                                                                                        0x00bc0264
                                                                                                                                                                                                                                                        0x00bc026c
                                                                                                                                                                                                                                                        0x00bc026f
                                                                                                                                                                                                                                                        0x00bc0276
                                                                                                                                                                                                                                                        0x00bc027f
                                                                                                                                                                                                                                                        0x00bc0285
                                                                                                                                                                                                                                                        0x00bc0287
                                                                                                                                                                                                                                                        0x00bc0289
                                                                                                                                                                                                                                                        0x00bc0290
                                                                                                                                                                                                                                                        0x00bc0290
                                                                                                                                                                                                                                                        0x00bc029c
                                                                                                                                                                                                                                                        0x00bc029c
                                                                                                                                                                                                                                                        0x00bc02a5
                                                                                                                                                                                                                                                        0x00bc02b3
                                                                                                                                                                                                                                                        0x00bc014b
                                                                                                                                                                                                                                                        0x00bc0154
                                                                                                                                                                                                                                                        0x00bc015c
                                                                                                                                                                                                                                                        0x00bc016e
                                                                                                                                                                                                                                                        0x00bc01eb
                                                                                                                                                                                                                                                        0x00bc01eb
                                                                                                                                                                                                                                                        0x00bc01f1
                                                                                                                                                                                                                                                        0x00bc0170
                                                                                                                                                                                                                                                        0x00bc0173
                                                                                                                                                                                                                                                        0x00bc0178
                                                                                                                                                                                                                                                        0x00bc017a
                                                                                                                                                                                                                                                        0x00bc017d
                                                                                                                                                                                                                                                        0x00bc0182
                                                                                                                                                                                                                                                        0x00bc0184
                                                                                                                                                                                                                                                        0x00bc0190
                                                                                                                                                                                                                                                        0x00bc0194
                                                                                                                                                                                                                                                        0x00bc0197
                                                                                                                                                                                                                                                        0x00bc0199
                                                                                                                                                                                                                                                        0x00bc01a0
                                                                                                                                                                                                                                                        0x00bc01a2
                                                                                                                                                                                                                                                        0x00bc01a4
                                                                                                                                                                                                                                                        0x00bc01a6
                                                                                                                                                                                                                                                        0x00bc01b0
                                                                                                                                                                                                                                                        0x00bc01b6
                                                                                                                                                                                                                                                        0x00bc01bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc01bb
                                                                                                                                                                                                                                                        0x00bc01b0
                                                                                                                                                                                                                                                        0x00bc01bd
                                                                                                                                                                                                                                                        0x00bc01bd
                                                                                                                                                                                                                                                        0x00bc01c2
                                                                                                                                                                                                                                                        0x00bc01c8
                                                                                                                                                                                                                                                        0x00bc01cd
                                                                                                                                                                                                                                                        0x00bc01d1
                                                                                                                                                                                                                                                        0x00bc01e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc01e5
                                                                                                                                                                                                                                                        0x00bc01e5
                                                                                                                                                                                                                                                        0x00bc01e7
                                                                                                                                                                                                                                                        0x00bc01e7
                                                                                                                                                                                                                                                        0x00bc0190
                                                                                                                                                                                                                                                        0x00bc0182
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0178
                                                                                                                                                                                                                                                        0x00bc01f6
                                                                                                                                                                                                                                                        0x00bc01f6
                                                                                                                                                                                                                                                        0x00bc01fc
                                                                                                                                                                                                                                                        0x00bc0201
                                                                                                                                                                                                                                                        0x00bc0206
                                                                                                                                                                                                                                                        0x00bc020d
                                                                                                                                                                                                                                                        0x00bc0210
                                                                                                                                                                                                                                                        0x00bc0213
                                                                                                                                                                                                                                                        0x00bc0216
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0216
                                                                                                                                                                                                                                                        0x00bc0145

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,kernel32.dll), ref: 00BC0154
                                                                                                                                                                                                                                                        • NtQueryInformationProcess.NTDLL(000000FF,00000000,?,00000018,?), ref: 00BC0167
                                                                                                                                                                                                                                                        • RtlCompareUnicodeString.NTDLL(?,?,00000001), ref: 00BC01DC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: StringUnicode$CompareInformationInitProcessQuery
                                                                                                                                                                                                                                                        • String ID: kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 3041476385-1793498882
                                                                                                                                                                                                                                                        • Opcode ID: e6ea83b8b052373a49d1ab04855202cd85af836241660182395e12306cc1ac5a
                                                                                                                                                                                                                                                        • Instruction ID: 111d92c54a76a79dca76db19416617e6d5a3caf7732d8f6d35ba1c0b4e13774c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e6ea83b8b052373a49d1ab04855202cd85af836241660182395e12306cc1ac5a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A318171A002099BCB18DF68D895FAEB3E5FF58720F2845ADE515AB281EB30DD41C7A4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE4330(void* __edx, void* __eflags, void* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				signed int _t6;
                                                                                                                                                                                                                                                        				char _t12;
                                                                                                                                                                                                                                                        				long _t13;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t16 = __edx;
                                                                                                                                                                                                                                                        				_t6 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t18 = 0;
                                                                                                                                                                                                                                                        				_v20 = _t6 ^ _t19;
                                                                                                                                                                                                                                                        				if(E00BE3850(_t6 ^ _t19) == 0) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					E00BEECB0(_t8, _v20 ^ _t19, _t16);
                                                                                                                                                                                                                                                        					return _t18;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t13 = 0x208;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t8 = RtlAllocateHeap( *0xbfb67c, 0, _t13);
                                                                                                                                                                                                                                                        					if(_t8 == 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t17 = _t8;
                                                                                                                                                                                                                                                        					_t8 = NtQueryVirtualMemory(0xffffffff, _a4, 2, _t17, _t13,  &_v24);
                                                                                                                                                                                                                                                        					if(_t8 == 0x80000005) {
                                                                                                                                                                                                                                                        						_t12 = RtlFreeHeap( *0xbfb67c, 0, _t17);
                                                                                                                                                                                                                                                        						_t13 = _v24;
                                                                                                                                                                                                                                                        						if(E00BE3850(_t12) != 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t8 < 0) {
                                                                                                                                                                                                                                                        						_t8 = RtlFreeHeap( *0xbfb67c, 0, _t17);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t18 = _t17;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00be4330
                                                                                                                                                                                                                                                        0x00be4339
                                                                                                                                                                                                                                                        0x00be433e
                                                                                                                                                                                                                                                        0x00be4342
                                                                                                                                                                                                                                                        0x00be434c
                                                                                                                                                                                                                                                        0x00be4388
                                                                                                                                                                                                                                                        0x00be438d
                                                                                                                                                                                                                                                        0x00be439b
                                                                                                                                                                                                                                                        0x00be439b
                                                                                                                                                                                                                                                        0x00be434e
                                                                                                                                                                                                                                                        0x00be4353
                                                                                                                                                                                                                                                        0x00be435c
                                                                                                                                                                                                                                                        0x00be4364
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4366
                                                                                                                                                                                                                                                        0x00be4375
                                                                                                                                                                                                                                                        0x00be4380
                                                                                                                                                                                                                                                        0x00be43b6
                                                                                                                                                                                                                                                        0x00be43bc
                                                                                                                                                                                                                                                        0x00be43c6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be43c8
                                                                                                                                                                                                                                                        0x00be4384
                                                                                                                                                                                                                                                        0x00be43a5
                                                                                                                                                                                                                                                        0x00be4386
                                                                                                                                                                                                                                                        0x00be4386
                                                                                                                                                                                                                                                        0x00be4386
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4384
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL ref: 00BE435C
                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL(000000FF,00000208,00000002,00000000,00000208,?), ref: 00BE4375
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(00000000,00000000), ref: 00BE43A5
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(00000000,00000000), ref: 00BE43B6
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Heap$Free$AllocateMemoryQueryVirtual
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2061684100-0
                                                                                                                                                                                                                                                        • Opcode ID: fe97ce6c785735fe2e82ce4953296776b3c42362d34a939ee9ae05fea51a83df
                                                                                                                                                                                                                                                        • Instruction ID: 843ec5e6ddc1c690f84bf290f9a98564c699bc0280a93f7fbf42a985888d03c9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fe97ce6c785735fe2e82ce4953296776b3c42362d34a939ee9ae05fea51a83df
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E301C031600248BBDB105B66EC49F7BBBADEB45755F200165F911EB1E0DF209C00C7A4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BB6280(intOrPtr __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _OSVERSIONINFOEXA _v176;
                                                                                                                                                                                                                                                        				char _v244;
                                                                                                                                                                                                                                                        				char _v312;
                                                                                                                                                                                                                                                        				char _v380;
                                                                                                                                                                                                                                                        				void _v416;
                                                                                                                                                                                                                                                        				int _v420;
                                                                                                                                                                                                                                                        				int _v424;
                                                                                                                                                                                                                                                        				int _v428;
                                                                                                                                                                                                                                                        				int _v432;
                                                                                                                                                                                                                                                        				int _v436;
                                                                                                                                                                                                                                                        				int _v440;
                                                                                                                                                                                                                                                        				int _v444;
                                                                                                                                                                                                                                                        				intOrPtr _v448;
                                                                                                                                                                                                                                                        				union _TOKEN_INFORMATION_CLASS _v452;
                                                                                                                                                                                                                                                        				int _v456;
                                                                                                                                                                                                                                                        				int _v460;
                                                                                                                                                                                                                                                        				int _v464;
                                                                                                                                                                                                                                                        				int _v468;
                                                                                                                                                                                                                                                        				int _v472;
                                                                                                                                                                                                                                                        				int _v476;
                                                                                                                                                                                                                                                        				char* _v480;
                                                                                                                                                                                                                                                        				int _v484;
                                                                                                                                                                                                                                                        				int _v488;
                                                                                                                                                                                                                                                        				int _v492;
                                                                                                                                                                                                                                                        				int _v496;
                                                                                                                                                                                                                                                        				int _v500;
                                                                                                                                                                                                                                                        				int _v504;
                                                                                                                                                                                                                                                        				int _v508;
                                                                                                                                                                                                                                                        				intOrPtr _v512;
                                                                                                                                                                                                                                                        				signed int _v516;
                                                                                                                                                                                                                                                        				int* _v520;
                                                                                                                                                                                                                                                        				void* _v524;
                                                                                                                                                                                                                                                        				long _v528;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR _v548;
                                                                                                                                                                                                                                                        				char _v552;
                                                                                                                                                                                                                                                        				char _v556;
                                                                                                                                                                                                                                                        				char _v560;
                                                                                                                                                                                                                                                        				void* _v564;
                                                                                                                                                                                                                                                        				intOrPtr _v568;
                                                                                                                                                                                                                                                        				void* _v572;
                                                                                                                                                                                                                                                        				void* _v576;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				int _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				int _t135;
                                                                                                                                                                                                                                                        				long _t139;
                                                                                                                                                                                                                                                        				int _t141;
                                                                                                                                                                                                                                                        				char* _t142;
                                                                                                                                                                                                                                                        				char* _t143;
                                                                                                                                                                                                                                                        				intOrPtr _t144;
                                                                                                                                                                                                                                                        				char* _t145;
                                                                                                                                                                                                                                                        				intOrPtr _t147;
                                                                                                                                                                                                                                                        				intOrPtr _t148;
                                                                                                                                                                                                                                                        				signed short _t149;
                                                                                                                                                                                                                                                        				void* _t150;
                                                                                                                                                                                                                                                        				void* _t160;
                                                                                                                                                                                                                                                        				void* _t161;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				longlong _t163;
                                                                                                                                                                                                                                                        				signed int _t169;
                                                                                                                                                                                                                                                        				signed int _t171;
                                                                                                                                                                                                                                                        				intOrPtr _t172;
                                                                                                                                                                                                                                                        				void* _t175;
                                                                                                                                                                                                                                                        				void* _t176;
                                                                                                                                                                                                                                                        				void* _t177;
                                                                                                                                                                                                                                                        				longlong _t178;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				void* _t185;
                                                                                                                                                                                                                                                        				void* _t190;
                                                                                                                                                                                                                                                        				int* _t197;
                                                                                                                                                                                                                                                        				void* _t202;
                                                                                                                                                                                                                                                        				void* _t203;
                                                                                                                                                                                                                                                        				void* _t207;
                                                                                                                                                                                                                                                        				char* _t210;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _t211;
                                                                                                                                                                                                                                                        				int _t219;
                                                                                                                                                                                                                                                        				DWORD* _t220;
                                                                                                                                                                                                                                                        				int _t221;
                                                                                                                                                                                                                                                        				intOrPtr _t222;
                                                                                                                                                                                                                                                        				void* _t223;
                                                                                                                                                                                                                                                        				intOrPtr* _t224;
                                                                                                                                                                                                                                                        				intOrPtr* _t225;
                                                                                                                                                                                                                                                        				signed int _t226;
                                                                                                                                                                                                                                                        				void* _t227;
                                                                                                                                                                                                                                                        				void* _t229;
                                                                                                                                                                                                                                                        				void* _t232;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v568 = __ecx;
                                                                                                                                                                                                                                                        				_t122 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t122 ^ _t226;
                                                                                                                                                                                                                                                        				_v524 = 0;
                                                                                                                                                                                                                                                        				if(OpenProcessToken(GetCurrentProcess(), 8,  &_v524) == 0) {
                                                                                                                                                                                                                                                        					_t202 =  <=  ? GetLastError() : _t126 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					L23:
                                                                                                                                                                                                                                                        					E00BEECB0(_t126, _v20 ^ _t226, _t199);
                                                                                                                                                                                                                                                        					return _t202;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t203 = _v524;
                                                                                                                                                                                                                                                        				_v528 = 0;
                                                                                                                                                                                                                                                        				_t130 = GetTokenInformation(_t203, 1, 0, 0,  &_v528);
                                                                                                                                                                                                                                                        				_t131 = GetLastError();
                                                                                                                                                                                                                                                        				_v576 = _t203;
                                                                                                                                                                                                                                                        				if(_t130 != 0 || _t131 == 0x7a) {
                                                                                                                                                                                                                                                        					_t219 = _v528;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t219);
                                                                                                                                                                                                                                                        					_t184 = _t131;
                                                                                                                                                                                                                                                        					memset(_t131, 0, _t219);
                                                                                                                                                                                                                                                        					_t229 = _t227 + 0x10;
                                                                                                                                                                                                                                                        					_t220 =  &_v528;
                                                                                                                                                                                                                                                        					_v564 = _t184;
                                                                                                                                                                                                                                                        					if(GetTokenInformation(_t203, 1, _t184, _v528, _t220) == 0) {
                                                                                                                                                                                                                                                        						_t134 = GetLastError();
                                                                                                                                                                                                                                                        						L38:
                                                                                                                                                                                                                                                        						_t185 = _v564;
                                                                                                                                                                                                                                                        						_t202 =  <=  ? _t134 : _t134 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						L20:
                                                                                                                                                                                                                                                        						free(_t185);
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v528 = 0;
                                                                                                                                                                                                                                                        					_t135 = GetTokenInformation(_t203, 5, 0, 0, _t220);
                                                                                                                                                                                                                                                        					_t134 = GetLastError();
                                                                                                                                                                                                                                                        					if(_t135 != 0 || _t134 == 0x7a) {
                                                                                                                                                                                                                                                        						_t221 = _v528;
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(_t221);
                                                                                                                                                                                                                                                        						_t207 = _t134;
                                                                                                                                                                                                                                                        						memset(_t134, 0, _t221);
                                                                                                                                                                                                                                                        						_t232 = _t229 + 0x10;
                                                                                                                                                                                                                                                        						_v572 = _t207;
                                                                                                                                                                                                                                                        						if(GetTokenInformation(_v576, 5, _t207, _v528,  &_v528) == 0) {
                                                                                                                                                                                                                                                        							_t139 = GetLastError();
                                                                                                                                                                                                                                                        							_t185 = _v564;
                                                                                                                                                                                                                                                        							L30:
                                                                                                                                                                                                                                                        							_t202 =  <=  ? _t139 : _t139 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							free(_v572);
                                                                                                                                                                                                                                                        							_t229 = _t232 + 4;
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t141 = InitializeSecurityDescriptor( &_v548, 1);
                                                                                                                                                                                                                                                        						_t185 = _v564;
                                                                                                                                                                                                                                                        						_t222 = _v568;
                                                                                                                                                                                                                                                        						if(_t141 == 0) {
                                                                                                                                                                                                                                                        							L29:
                                                                                                                                                                                                                                                        							_t139 = GetLastError();
                                                                                                                                                                                                                                                        							goto L30;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t142 =  &_v552;
                                                                                                                                                                                                                                                        						_v552 = 0x44;
                                                                                                                                                                                                                                                        						__imp__CreateWellKnownSid(0x16, 0,  &_v244, _t142);
                                                                                                                                                                                                                                                        						if(_t142 == 0) {
                                                                                                                                                                                                                                                        							goto L29;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t143 =  &_v556;
                                                                                                                                                                                                                                                        						_t210 =  &_v312;
                                                                                                                                                                                                                                                        						_v556 = 0x44;
                                                                                                                                                                                                                                                        						__imp__CreateWellKnownSid(0x1a, 0, _t210, _t143);
                                                                                                                                                                                                                                                        						if(_t143 == 0) {
                                                                                                                                                                                                                                                        							goto L29;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v560 = 0x44;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t222 + 4)) == 0) {
                                                                                                                                                                                                                                                        							_t144 =  *0xbfa760; // 0xa000000
                                                                                                                                                                                                                                                        							if(_t144 > 0x601ffff) {
                                                                                                                                                                                                                                                        								L28:
                                                                                                                                                                                                                                                        								_t81 =  &_v560; // 0x44
                                                                                                                                                                                                                                                        								_t145 = _t81;
                                                                                                                                                                                                                                                        								__imp__CreateWellKnownSid(0x54, 0,  &_v380, _t145);
                                                                                                                                                                                                                                                        								if(_t145 != 0) {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L29;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t172 =  *0xbfa038; // 0xffffffff
                                                                                                                                                                                                                                                        							if(_t172 < 0x6020001) {
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							memset( &(_v176.dwBuildNumber), 0, 0x90);
                                                                                                                                                                                                                                                        							_t232 = _t232 + 0xc;
                                                                                                                                                                                                                                                        							_t225 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        							_v176.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        							_v176.dwMajorVersion = 6;
                                                                                                                                                                                                                                                        							_v176.dwMinorVersion = 2;
                                                                                                                                                                                                                                                        							_v176.wServicePackMajor = 0;
                                                                                                                                                                                                                                                        							_t175 =  *_t225(0, 0, 2, 3);
                                                                                                                                                                                                                                                        							_t176 =  *_t225(_t175, _t199, 1, 3);
                                                                                                                                                                                                                                                        							_t177 =  *_t225(_t176, _t199, 0x20, 3);
                                                                                                                                                                                                                                                        							_t178 =  *_t225(_t177, _t199, 0x10, 3);
                                                                                                                                                                                                                                                        							_push(_t199);
                                                                                                                                                                                                                                                        							if(VerifyVersionInfoA( &_v176, 0x33, _t178) == 0) {
                                                                                                                                                                                                                                                        								 *0xbfa038 = 0x6020000;
                                                                                                                                                                                                                                                        								_t222 = _v568;
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *0xbfa760 = 0x6020000;
                                                                                                                                                                                                                                                        								_t222 = _v568;
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t199 =  &_v244;
                                                                                                                                                                                                                                                        						_v512 = 4;
                                                                                                                                                                                                                                                        						_v520 =  &_v508;
                                                                                                                                                                                                                                                        						_v508 = 1;
                                                                                                                                                                                                                                                        						_v504 = 1;
                                                                                                                                                                                                                                                        						_v496 = 0;
                                                                                                                                                                                                                                                        						_v500 = 0;
                                                                                                                                                                                                                                                        						_v488 = 0;
                                                                                                                                                                                                                                                        						_v492 = 0;
                                                                                                                                                                                                                                                        						_v484 = 1;
                                                                                                                                                                                                                                                        						_v480 = _t199;
                                                                                                                                                                                                                                                        						_v476 = 1;
                                                                                                                                                                                                                                                        						_v472 = 1;
                                                                                                                                                                                                                                                        						_v460 = 0;
                                                                                                                                                                                                                                                        						_v456 = 0;
                                                                                                                                                                                                                                                        						_v468 = 0;
                                                                                                                                                                                                                                                        						_v464 = 0;
                                                                                                                                                                                                                                                        						_v452 = 5;
                                                                                                                                                                                                                                                        						_v448 = _t210;
                                                                                                                                                                                                                                                        						_v444 = 1;
                                                                                                                                                                                                                                                        						_v440 = 1;
                                                                                                                                                                                                                                                        						_v428 = 0;
                                                                                                                                                                                                                                                        						_v424 = 0;
                                                                                                                                                                                                                                                        						_v436 = 0;
                                                                                                                                                                                                                                                        						_v432 = 0;
                                                                                                                                                                                                                                                        						_v420 = 1;
                                                                                                                                                                                                                                                        						_t211 =  &_v548;
                                                                                                                                                                                                                                                        						_v416 =  *_t185;
                                                                                                                                                                                                                                                        						_v516 = 3;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t222 + 4)) == 0) {
                                                                                                                                                                                                                                                        							_t147 =  *0xbfa760; // 0xa000000
                                                                                                                                                                                                                                                        							if(_t147 <= 0x601ffff) {
                                                                                                                                                                                                                                                        								_t148 =  *0xbfa038; // 0xffffffff
                                                                                                                                                                                                                                                        								if(_t148 < 0x6020001) {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								memset( &(_v176.dwBuildNumber), 0, 0x90);
                                                                                                                                                                                                                                                        								_t232 = _t232 + 0xc;
                                                                                                                                                                                                                                                        								_t224 = __imp__VerSetConditionMask;
                                                                                                                                                                                                                                                        								_v176.dwOSVersionInfoSize = 0x9c;
                                                                                                                                                                                                                                                        								_v176.dwMajorVersion = 6;
                                                                                                                                                                                                                                                        								_v176.dwMinorVersion = 2;
                                                                                                                                                                                                                                                        								_v176.wServicePackMajor = 0;
                                                                                                                                                                                                                                                        								_t160 =  *_t224(0, 0, 2, 3);
                                                                                                                                                                                                                                                        								_t161 =  *_t224(_t160, _t199, 1, 3);
                                                                                                                                                                                                                                                        								_t162 =  *_t224(_t161, _t199, 0x20, 3);
                                                                                                                                                                                                                                                        								_t163 =  *_t224(_t162, _t199, 0x10, 3);
                                                                                                                                                                                                                                                        								_push(_t199);
                                                                                                                                                                                                                                                        								if(VerifyVersionInfoA( &_v176, 0x33, _t163) == 0) {
                                                                                                                                                                                                                                                        									_t211 =  &_v548;
                                                                                                                                                                                                                                                        									 *0xbfa038 = 0x6020000;
                                                                                                                                                                                                                                                        									_t185 = _v564;
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t211 =  &_v548;
                                                                                                                                                                                                                                                        								 *0xbfa760 = 0x6020000;
                                                                                                                                                                                                                                                        								_t185 = _v564;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t169 = _v516;
                                                                                                                                                                                                                                                        							if(_t169 == _v512) {
                                                                                                                                                                                                                                                        								if(E00BBE6A0(_t169,  &_v520) == 0) {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t169 = _v516;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t197 = _v520;
                                                                                                                                                                                                                                                        							_t171 = _t169 << 5;
                                                                                                                                                                                                                                                        							_t199 =  &_v380;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171) = 1;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171 + 4) = 1;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171 + 0xc) = 0;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171 + 8) = 0;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171 + 0x14) = 0;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171 + 0x10) = 0;
                                                                                                                                                                                                                                                        							 *(_t197 + _t171 + 0x18) = 5;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t197 + _t171 + 0x1c)) =  &_v380;
                                                                                                                                                                                                                                                        							_v516 = _v516 + 1;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t149 =  &_v176;
                                                                                                                                                                                                                                                        						_v176.dwOSVersionInfoSize = 0;
                                                                                                                                                                                                                                                        						__imp__SetEntriesInAclW(_v516, _v520, 0, _t149);
                                                                                                                                                                                                                                                        						if(_t149 != 0) {
                                                                                                                                                                                                                                                        							_t202 =  <=  ? _t149 : _t149 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							L18:
                                                                                                                                                                                                                                                        							_t150 = _v520;
                                                                                                                                                                                                                                                        							if(_t150 !=  &_v508) {
                                                                                                                                                                                                                                                        								free(_t150);
                                                                                                                                                                                                                                                        								_t232 = _t232 + 4;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t223 = _v176.dwOSVersionInfoSize;
                                                                                                                                                                                                                                                        						if(SetSecurityDescriptorDacl(_t211, 1, _t223, 0) == 0 || SetSecurityDescriptorOwner(_t211,  *_t185, 0) == 0 || SetSecurityDescriptorGroup(_t211,  *_v572, 0) == 0) {
                                                                                                                                                                                                                                                        							_t202 =  <=  ? GetLastError() : _t152 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							if(_t223 != 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t202 =  *0xbfa13c(_t211, 0xffffffff, 0, 0, 0, 2, 0, 0, 0);
                                                                                                                                                                                                                                                        							if(_t223 == 0) {
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L17:
                                                                                                                                                                                                                                                        							LocalFree(_t223);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L38;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t202 =  <=  ? _t131 : _t131 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					L21:
                                                                                                                                                                                                                                                        					_t190 = _v576;
                                                                                                                                                                                                                                                        					_t126 = _t190 + 1;
                                                                                                                                                                                                                                                        					if(_t190 + 1 >= 2) {
                                                                                                                                                                                                                                                        						_t126 = CloseHandle(_t190);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L23;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}



























































































                                                                                                                                                                                                                                                        0x00bb628c
                                                                                                                                                                                                                                                        0x00bb6292
                                                                                                                                                                                                                                                        0x00bb6299
                                                                                                                                                                                                                                                        0x00bb629c
                                                                                                                                                                                                                                                        0x00bb62be
                                                                                                                                                                                                                                                        0x00bb67e1
                                                                                                                                                                                                                                                        0x00bb663b
                                                                                                                                                                                                                                                        0x00bb6640
                                                                                                                                                                                                                                                        0x00bb6651
                                                                                                                                                                                                                                                        0x00bb6651
                                                                                                                                                                                                                                                        0x00bb62c4
                                                                                                                                                                                                                                                        0x00bb62d0
                                                                                                                                                                                                                                                        0x00bb62e2
                                                                                                                                                                                                                                                        0x00bb62ea
                                                                                                                                                                                                                                                        0x00bb62f2
                                                                                                                                                                                                                                                        0x00bb62f8
                                                                                                                                                                                                                                                        0x00bb6303
                                                                                                                                                                                                                                                        0x00bb630a
                                                                                                                                                                                                                                                        0x00bb6313
                                                                                                                                                                                                                                                        0x00bb6319
                                                                                                                                                                                                                                                        0x00bb631e
                                                                                                                                                                                                                                                        0x00bb6321
                                                                                                                                                                                                                                                        0x00bb632e
                                                                                                                                                                                                                                                        0x00bb6340
                                                                                                                                                                                                                                                        0x00bb67e9
                                                                                                                                                                                                                                                        0x00bb67ef
                                                                                                                                                                                                                                                        0x00bb67ef
                                                                                                                                                                                                                                                        0x00bb6800
                                                                                                                                                                                                                                                        0x00bb661c
                                                                                                                                                                                                                                                        0x00bb661d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6623
                                                                                                                                                                                                                                                        0x00bb6346
                                                                                                                                                                                                                                                        0x00bb6358
                                                                                                                                                                                                                                                        0x00bb6360
                                                                                                                                                                                                                                                        0x00bb6368
                                                                                                                                                                                                                                                        0x00bb6373
                                                                                                                                                                                                                                                        0x00bb637a
                                                                                                                                                                                                                                                        0x00bb6383
                                                                                                                                                                                                                                                        0x00bb6389
                                                                                                                                                                                                                                                        0x00bb638e
                                                                                                                                                                                                                                                        0x00bb639e
                                                                                                                                                                                                                                                        0x00bb63b5
                                                                                                                                                                                                                                                        0x00bb6808
                                                                                                                                                                                                                                                        0x00bb680e
                                                                                                                                                                                                                                                        0x00bb6725
                                                                                                                                                                                                                                                        0x00bb6730
                                                                                                                                                                                                                                                        0x00bb660d
                                                                                                                                                                                                                                                        0x00bb6613
                                                                                                                                                                                                                                                        0x00bb6619
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6619
                                                                                                                                                                                                                                                        0x00bb63c4
                                                                                                                                                                                                                                                        0x00bb63ca
                                                                                                                                                                                                                                                        0x00bb63d0
                                                                                                                                                                                                                                                        0x00bb63d8
                                                                                                                                                                                                                                                        0x00bb671f
                                                                                                                                                                                                                                                        0x00bb671f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb671f
                                                                                                                                                                                                                                                        0x00bb63de
                                                                                                                                                                                                                                                        0x00bb63e4
                                                                                                                                                                                                                                                        0x00bb63fa
                                                                                                                                                                                                                                                        0x00bb6402
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6408
                                                                                                                                                                                                                                                        0x00bb640e
                                                                                                                                                                                                                                                        0x00bb6414
                                                                                                                                                                                                                                                        0x00bb6424
                                                                                                                                                                                                                                                        0x00bb642c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6432
                                                                                                                                                                                                                                                        0x00bb6440
                                                                                                                                                                                                                                                        0x00bb6652
                                                                                                                                                                                                                                                        0x00bb665c
                                                                                                                                                                                                                                                        0x00bb66ff
                                                                                                                                                                                                                                                        0x00bb66ff
                                                                                                                                                                                                                                                        0x00bb66ff
                                                                                                                                                                                                                                                        0x00bb6711
                                                                                                                                                                                                                                                        0x00bb6719
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6719
                                                                                                                                                                                                                                                        0x00bb6662
                                                                                                                                                                                                                                                        0x00bb666c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6680
                                                                                                                                                                                                                                                        0x00bb6685
                                                                                                                                                                                                                                                        0x00bb6688
                                                                                                                                                                                                                                                        0x00bb668e
                                                                                                                                                                                                                                                        0x00bb6698
                                                                                                                                                                                                                                                        0x00bb66a2
                                                                                                                                                                                                                                                        0x00bb66ac
                                                                                                                                                                                                                                                        0x00bb66bb
                                                                                                                                                                                                                                                        0x00bb66c3
                                                                                                                                                                                                                                                        0x00bb66cb
                                                                                                                                                                                                                                                        0x00bb66d3
                                                                                                                                                                                                                                                        0x00bb66db
                                                                                                                                                                                                                                                        0x00bb66e8
                                                                                                                                                                                                                                                        0x00bb6853
                                                                                                                                                                                                                                                        0x00bb6859
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb66ee
                                                                                                                                                                                                                                                        0x00bb66f3
                                                                                                                                                                                                                                                        0x00bb66f9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb66f9
                                                                                                                                                                                                                                                        0x00bb66e8
                                                                                                                                                                                                                                                        0x00bb6446
                                                                                                                                                                                                                                                        0x00bb644e
                                                                                                                                                                                                                                                        0x00bb6454
                                                                                                                                                                                                                                                        0x00bb645e
                                                                                                                                                                                                                                                        0x00bb6464
                                                                                                                                                                                                                                                        0x00bb646e
                                                                                                                                                                                                                                                        0x00bb6478
                                                                                                                                                                                                                                                        0x00bb6482
                                                                                                                                                                                                                                                        0x00bb648c
                                                                                                                                                                                                                                                        0x00bb6496
                                                                                                                                                                                                                                                        0x00bb64a0
                                                                                                                                                                                                                                                        0x00bb64aa
                                                                                                                                                                                                                                                        0x00bb64b0
                                                                                                                                                                                                                                                        0x00bb64ba
                                                                                                                                                                                                                                                        0x00bb64c4
                                                                                                                                                                                                                                                        0x00bb64ce
                                                                                                                                                                                                                                                        0x00bb64d8
                                                                                                                                                                                                                                                        0x00bb64e2
                                                                                                                                                                                                                                                        0x00bb64ec
                                                                                                                                                                                                                                                        0x00bb64f6
                                                                                                                                                                                                                                                        0x00bb64fc
                                                                                                                                                                                                                                                        0x00bb6506
                                                                                                                                                                                                                                                        0x00bb6510
                                                                                                                                                                                                                                                        0x00bb651a
                                                                                                                                                                                                                                                        0x00bb6524
                                                                                                                                                                                                                                                        0x00bb652e
                                                                                                                                                                                                                                                        0x00bb6538
                                                                                                                                                                                                                                                        0x00bb6542
                                                                                                                                                                                                                                                        0x00bb6548
                                                                                                                                                                                                                                                        0x00bb654e
                                                                                                                                                                                                                                                        0x00bb655c
                                                                                                                                                                                                                                                        0x00bb6738
                                                                                                                                                                                                                                                        0x00bb6742
                                                                                                                                                                                                                                                        0x00bb6864
                                                                                                                                                                                                                                                        0x00bb686e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6882
                                                                                                                                                                                                                                                        0x00bb6887
                                                                                                                                                                                                                                                        0x00bb688a
                                                                                                                                                                                                                                                        0x00bb6890
                                                                                                                                                                                                                                                        0x00bb689a
                                                                                                                                                                                                                                                        0x00bb68a4
                                                                                                                                                                                                                                                        0x00bb68ae
                                                                                                                                                                                                                                                        0x00bb68bd
                                                                                                                                                                                                                                                        0x00bb68c5
                                                                                                                                                                                                                                                        0x00bb68cd
                                                                                                                                                                                                                                                        0x00bb68d5
                                                                                                                                                                                                                                                        0x00bb68dd
                                                                                                                                                                                                                                                        0x00bb68ea
                                                                                                                                                                                                                                                        0x00bb692b
                                                                                                                                                                                                                                                        0x00bb6931
                                                                                                                                                                                                                                                        0x00bb6937
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6937
                                                                                                                                                                                                                                                        0x00bb68f1
                                                                                                                                                                                                                                                        0x00bb68f7
                                                                                                                                                                                                                                                        0x00bb68fd
                                                                                                                                                                                                                                                        0x00bb68fd
                                                                                                                                                                                                                                                        0x00bb6748
                                                                                                                                                                                                                                                        0x00bb6754
                                                                                                                                                                                                                                                        0x00bb6915
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb691b
                                                                                                                                                                                                                                                        0x00bb691b
                                                                                                                                                                                                                                                        0x00bb675a
                                                                                                                                                                                                                                                        0x00bb6760
                                                                                                                                                                                                                                                        0x00bb6763
                                                                                                                                                                                                                                                        0x00bb6769
                                                                                                                                                                                                                                                        0x00bb6770
                                                                                                                                                                                                                                                        0x00bb6778
                                                                                                                                                                                                                                                        0x00bb6780
                                                                                                                                                                                                                                                        0x00bb6788
                                                                                                                                                                                                                                                        0x00bb6790
                                                                                                                                                                                                                                                        0x00bb6798
                                                                                                                                                                                                                                                        0x00bb67a0
                                                                                                                                                                                                                                                        0x00bb67a4
                                                                                                                                                                                                                                                        0x00bb67a4
                                                                                                                                                                                                                                                        0x00bb6562
                                                                                                                                                                                                                                                        0x00bb6562
                                                                                                                                                                                                                                                        0x00bb6568
                                                                                                                                                                                                                                                        0x00bb6581
                                                                                                                                                                                                                                                        0x00bb6589
                                                                                                                                                                                                                                                        0x00bb6824
                                                                                                                                                                                                                                                        0x00bb65f9
                                                                                                                                                                                                                                                        0x00bb65f9
                                                                                                                                                                                                                                                        0x00bb6607
                                                                                                                                                                                                                                                        0x00bb682d
                                                                                                                                                                                                                                                        0x00bb6833
                                                                                                                                                                                                                                                        0x00bb6833
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6607
                                                                                                                                                                                                                                                        0x00bb658f
                                                                                                                                                                                                                                                        0x00bb65a3
                                                                                                                                                                                                                                                        0x00bb67c0
                                                                                                                                                                                                                                                        0x00bb67c5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb65d5
                                                                                                                                                                                                                                                        0x00bb65ec
                                                                                                                                                                                                                                                        0x00bb65f0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb65f2
                                                                                                                                                                                                                                                        0x00bb65f3
                                                                                                                                                                                                                                                        0x00bb65f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb683b
                                                                                                                                                                                                                                                        0x00bb6846
                                                                                                                                                                                                                                                        0x00bb6626
                                                                                                                                                                                                                                                        0x00bb6626
                                                                                                                                                                                                                                                        0x00bb662c
                                                                                                                                                                                                                                                        0x00bb6632
                                                                                                                                                                                                                                                        0x00bb6635
                                                                                                                                                                                                                                                        0x00bb6635
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6632

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BB62A6
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,00000008,00000000), ref: 00BB62B6
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,00000001(TokenIntegrityLevel),00000000,00000000,?), ref: 00BB62E2
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB62EA
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB630A
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB6319
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,00000001(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00BB6338
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,00000005(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00BB6358
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB6360
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 00BB637A
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB6389
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000005(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00BB63AD
                                                                                                                                                                                                                                                        • InitializeSecurityDescriptor.ADVAPI32(?,00000001), ref: 00BB63C4
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(00000016,00000000,?,?), ref: 00BB63FA
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(0000001A,00000000,?,?), ref: 00BB6424
                                                                                                                                                                                                                                                        • SetEntriesInAclW.ADVAPI32(00000003,?,00000000,?), ref: 00BB6581
                                                                                                                                                                                                                                                        • SetSecurityDescriptorDacl.ADVAPI32(?,00000001,00000000,00000000), ref: 00BB659B
                                                                                                                                                                                                                                                        • SetSecurityDescriptorOwner.ADVAPI32(?,?,00000000), ref: 00BB65AE
                                                                                                                                                                                                                                                        • SetSecurityDescriptorGroup.ADVAPI32(?,?,00000000), ref: 00BB65C7
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BB65F3
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB6613
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BB661D
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 00BB6635
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB6680
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BB66BB
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BB66C3
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BB66CB
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BB66D3
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000033,00000000), ref: 00BB66E0
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(00000054,00000000,?,DDD), ref: 00BB6711
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB671F
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB67AF
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB67D0
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB67E9
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB6808
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Token$ConditionDescriptorInformationMaskSecurity$CreateKnownWellmemset$Processfreemoz_xmalloc$CloseCurrentDaclEntriesFreeGroupHandleInfoInitializeLocalOpenOwnerVerifyVersion
                                                                                                                                                                                                                                                        • String ID: D$D$DDD
                                                                                                                                                                                                                                                        • API String ID: 3818353619-2701206848
                                                                                                                                                                                                                                                        • Opcode ID: 1aab8157e06f1c09ec1bb6308cef4444eae71a4c3c008e3939530d3a1acf6e0e
                                                                                                                                                                                                                                                        • Instruction ID: 4321220537eba4b3f6dced6ad30aa7f11002a9cfcd1ba285e568183f0d30b6e1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1aab8157e06f1c09ec1bb6308cef4444eae71a4c3c008e3939530d3a1acf6e0e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 76F150B19403299BEB309F21DC89BFA77B4EF44704F1040D9E909AB291DBB99E84CF55
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BD78C0(void* __eflags) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t33;
                                                                                                                                                                                                                                                        				intOrPtr _t34;
                                                                                                                                                                                                                                                        				signed int _t37;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t67 = __eflags;
                                                                                                                                                                                                                                                        				_t31 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v12 = _t31 ^ _t66;
                                                                                                                                                                                                                                                        				_t33 = GetModuleHandleW(L"ntdll.dll");
                                                                                                                                                                                                                                                        				_v20 = 0xbf0f50;
                                                                                                                                                                                                                                                        				_v16 = _t33;
                                                                                                                                                                                                                                                        				_t34 = E00BCAA70(_t33,  &_v20, _t65, _t67, "NtAllocateVirtualMemory");
                                                                                                                                                                                                                                                        				_t68 = _t34;
                                                                                                                                                                                                                                                        				 *0xbfb61c = _t34;
                                                                                                                                                                                                                                                        				if(_t34 == 0) {
                                                                                                                                                                                                                                                        					L24:
                                                                                                                                                                                                                                                        					_t38 = 0;
                                                                                                                                                                                                                                                        					__eflags = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t34 = E00BCAA70(_t34,  &_v20, _t65, _t68, "NtClose");
                                                                                                                                                                                                                                                        					_t69 = _t34;
                                                                                                                                                                                                                                                        					 *0xbfb620 = _t34;
                                                                                                                                                                                                                                                        					if(_t34 == 0) {
                                                                                                                                                                                                                                                        						goto L24;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t34 = E00BCAA70(_t34,  &_v20, _t65, _t69, "NtDuplicateObject");
                                                                                                                                                                                                                                                        						_t70 = _t34;
                                                                                                                                                                                                                                                        						 *0xbfb624 = _t34;
                                                                                                                                                                                                                                                        						if(_t34 == 0) {
                                                                                                                                                                                                                                                        							goto L24;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t34 = E00BCAA70(_t34,  &_v20, _t65, _t70, "NtFreeVirtualMemory");
                                                                                                                                                                                                                                                        							_t71 = _t34;
                                                                                                                                                                                                                                                        							 *0xbfb628 = _t34;
                                                                                                                                                                                                                                                        							if(_t34 == 0) {
                                                                                                                                                                                                                                                        								goto L24;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t34 = E00BCAA70(_t34,  &_v20, _t65, _t71, "NtMapViewOfSection");
                                                                                                                                                                                                                                                        								_t72 = _t34;
                                                                                                                                                                                                                                                        								 *0xbfb62c = _t34;
                                                                                                                                                                                                                                                        								if(_t34 == 0) {
                                                                                                                                                                                                                                                        									goto L24;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t34 = E00BCAA70(_t34,  &_v20, _t65, _t72, "NtProtectVirtualMemory");
                                                                                                                                                                                                                                                        									_t73 = _t34;
                                                                                                                                                                                                                                                        									 *0xbfb630 = _t34;
                                                                                                                                                                                                                                                        									if(_t34 == 0) {
                                                                                                                                                                                                                                                        										goto L24;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t34 = E00BCAA70(_t34,  &_v20, _t65, _t73, "NtQueryInformationProcess");
                                                                                                                                                                                                                                                        										_t74 = _t34;
                                                                                                                                                                                                                                                        										 *0xbfb634 = _t34;
                                                                                                                                                                                                                                                        										if(_t34 == 0) {
                                                                                                                                                                                                                                                        											goto L24;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t34 = E00BCAA70(_t34,  &_v20, _t65, _t74, "NtQueryObject");
                                                                                                                                                                                                                                                        											_t75 = _t34;
                                                                                                                                                                                                                                                        											 *0xbfb638 = _t34;
                                                                                                                                                                                                                                                        											if(_t34 == 0) {
                                                                                                                                                                                                                                                        												goto L24;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t34 = E00BCAA70(_t34,  &_v20, _t65, _t75, "NtQuerySection");
                                                                                                                                                                                                                                                        												_t76 = _t34;
                                                                                                                                                                                                                                                        												 *0xbfb63c = _t34;
                                                                                                                                                                                                                                                        												if(_t34 == 0) {
                                                                                                                                                                                                                                                        													goto L24;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t34 = E00BCAA70(_t34,  &_v20, _t65, _t76, "NtQueryVirtualMemory");
                                                                                                                                                                                                                                                        													_t77 = _t34;
                                                                                                                                                                                                                                                        													 *0xbfb640 = _t34;
                                                                                                                                                                                                                                                        													if(_t34 == 0) {
                                                                                                                                                                                                                                                        														goto L24;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t34 = E00BCAA70(_t34,  &_v20, _t65, _t77, "NtUnmapViewOfSection");
                                                                                                                                                                                                                                                        														_t78 = _t34;
                                                                                                                                                                                                                                                        														 *0xbfb644 = _t34;
                                                                                                                                                                                                                                                        														if(_t34 == 0) {
                                                                                                                                                                                                                                                        															goto L24;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t34 = E00BCAA70(_t34,  &_v20, _t65, _t78, "NtSignalAndWaitForSingleObject");
                                                                                                                                                                                                                                                        															_t79 = _t34;
                                                                                                                                                                                                                                                        															 *0xbfb648 = _t34;
                                                                                                                                                                                                                                                        															if(_t34 == 0) {
                                                                                                                                                                                                                                                        																goto L24;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t34 = E00BCAA70(_t34,  &_v20, _t65, _t79, "NtWaitForSingleObject");
                                                                                                                                                                                                                                                        																_t80 = _t34;
                                                                                                                                                                                                                                                        																 *0xbfb64c = _t34;
                                                                                                                                                                                                                                                        																if(_t34 == 0) {
                                                                                                                                                                                                                                                        																	goto L24;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t34 = E00BCAA70(_t34,  &_v20, _t65, _t80, "RtlAllocateHeap");
                                                                                                                                                                                                                                                        																	_t81 = _t34;
                                                                                                                                                                                                                                                        																	 *0xbfb650 = _t34;
                                                                                                                                                                                                                                                        																	if(_t34 == 0) {
                                                                                                                                                                                                                                                        																		goto L24;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t34 = E00BCAA70(_t34,  &_v20, _t65, _t81, "RtlAnsiStringToUnicodeString");
                                                                                                                                                                                                                                                        																		_t82 = _t34;
                                                                                                                                                                                                                                                        																		 *0xbfb654 = _t34;
                                                                                                                                                                                                                                                        																		if(_t34 == 0) {
                                                                                                                                                                                                                                                        																			goto L24;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t34 = E00BCAA70(_t34,  &_v20, _t65, _t82, "RtlCompareUnicodeString");
                                                                                                                                                                                                                                                        																			_t83 = _t34;
                                                                                                                                                                                                                                                        																			 *0xbfb658 = _t34;
                                                                                                                                                                                                                                                        																			if(_t34 == 0) {
                                                                                                                                                                                                                                                        																				goto L24;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t34 = E00BCAA70(_t34,  &_v20, _t65, _t83, "RtlCreateHeap");
                                                                                                                                                                                                                                                        																				_t84 = _t34;
                                                                                                                                                                                                                                                        																				 *0xbfb65c = _t34;
                                                                                                                                                                                                                                                        																				if(_t34 == 0) {
                                                                                                                                                                                                                                                        																					goto L24;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t34 = E00BCAA70(_t34,  &_v20, _t65, _t84, "RtlCreateUserThread");
                                                                                                                                                                                                                                                        																					_t85 = _t34;
                                                                                                                                                                                                                                                        																					 *0xbfb660 = _t34;
                                                                                                                                                                                                                                                        																					if(_t34 == 0) {
                                                                                                                                                                                                                                                        																						goto L24;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t34 = E00BCAA70(_t34,  &_v20, _t65, _t85, "RtlDestroyHeap");
                                                                                                                                                                                                                                                        																						_t86 = _t34;
                                                                                                                                                                                                                                                        																						 *0xbfb664 = _t34;
                                                                                                                                                                                                                                                        																						if(_t34 == 0) {
                                                                                                                                                                                                                                                        																							goto L24;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							_t34 = E00BCAA70(_t34,  &_v20, _t65, _t86, "RtlFreeHeap");
                                                                                                                                                                                                                                                        																							_t87 = _t34;
                                                                                                                                                                                                                                                        																							 *0xbfb668 = _t34;
                                                                                                                                                                                                                                                        																							if(_t34 == 0) {
                                                                                                                                                                                                                                                        																								goto L24;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								_t34 = E00BCAA70(_t34,  &_v20, _t65, _t87, "_strnicmp");
                                                                                                                                                                                                                                                        																								_t88 = _t34;
                                                                                                                                                                                                                                                        																								 *0xbfb66c = _t34;
                                                                                                                                                                                                                                                        																								if(_t34 == 0) {
                                                                                                                                                                                                                                                        																									goto L24;
                                                                                                                                                                                                                                                        																								} else {
                                                                                                                                                                                                                                                        																									_t34 = E00BCAA70(_t34,  &_v20, _t65, _t88, "strlen");
                                                                                                                                                                                                                                                        																									_t89 = _t34;
                                                                                                                                                                                                                                                        																									 *0xbfb670 = _t34;
                                                                                                                                                                                                                                                        																									if(_t34 == 0) {
                                                                                                                                                                                                                                                        																										goto L24;
                                                                                                                                                                                                                                                        																									} else {
                                                                                                                                                                                                                                                        																										_t34 = E00BCAA70(_t34,  &_v20, _t65, _t89, "wcslen");
                                                                                                                                                                                                                                                        																										_t90 = _t34;
                                                                                                                                                                                                                                                        																										 *0xbfb674 = _t34;
                                                                                                                                                                                                                                                        																										if(_t34 == 0) {
                                                                                                                                                                                                                                                        																											goto L24;
                                                                                                                                                                                                                                                        																										} else {
                                                                                                                                                                                                                                                        																											_t34 = E00BCAA70(_t34,  &_v20, _t65, _t90, "memcpy");
                                                                                                                                                                                                                                                        																											 *0xbfb678 = _t34;
                                                                                                                                                                                                                                                        																											_t38 = _t37 & 0xffffff00 | _t34 != 0x00000000;
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t34, _v12 ^ _t66, _t65);
                                                                                                                                                                                                                                                        				return _t38;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bd78c0
                                                                                                                                                                                                                                                        0x00bd78c7
                                                                                                                                                                                                                                                        0x00bd78ce
                                                                                                                                                                                                                                                        0x00bd78d6
                                                                                                                                                                                                                                                        0x00bd78dc
                                                                                                                                                                                                                                                        0x00bd78e3
                                                                                                                                                                                                                                                        0x00bd78ee
                                                                                                                                                                                                                                                        0x00bd78f3
                                                                                                                                                                                                                                                        0x00bd78f5
                                                                                                                                                                                                                                                        0x00bd78fa
                                                                                                                                                                                                                                                        0x00bd7b41
                                                                                                                                                                                                                                                        0x00bd7b41
                                                                                                                                                                                                                                                        0x00bd7b41
                                                                                                                                                                                                                                                        0x00bd7900
                                                                                                                                                                                                                                                        0x00bd7908
                                                                                                                                                                                                                                                        0x00bd790d
                                                                                                                                                                                                                                                        0x00bd790f
                                                                                                                                                                                                                                                        0x00bd7914
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd791a
                                                                                                                                                                                                                                                        0x00bd7922
                                                                                                                                                                                                                                                        0x00bd7927
                                                                                                                                                                                                                                                        0x00bd7929
                                                                                                                                                                                                                                                        0x00bd792e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7934
                                                                                                                                                                                                                                                        0x00bd793c
                                                                                                                                                                                                                                                        0x00bd7941
                                                                                                                                                                                                                                                        0x00bd7943
                                                                                                                                                                                                                                                        0x00bd7948
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd794e
                                                                                                                                                                                                                                                        0x00bd7956
                                                                                                                                                                                                                                                        0x00bd795b
                                                                                                                                                                                                                                                        0x00bd795d
                                                                                                                                                                                                                                                        0x00bd7962
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7968
                                                                                                                                                                                                                                                        0x00bd7970
                                                                                                                                                                                                                                                        0x00bd7975
                                                                                                                                                                                                                                                        0x00bd7977
                                                                                                                                                                                                                                                        0x00bd797c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7982
                                                                                                                                                                                                                                                        0x00bd798a
                                                                                                                                                                                                                                                        0x00bd798f
                                                                                                                                                                                                                                                        0x00bd7991
                                                                                                                                                                                                                                                        0x00bd7996
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd799c
                                                                                                                                                                                                                                                        0x00bd79a4
                                                                                                                                                                                                                                                        0x00bd79a9
                                                                                                                                                                                                                                                        0x00bd79ab
                                                                                                                                                                                                                                                        0x00bd79b0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd79b6
                                                                                                                                                                                                                                                        0x00bd79be
                                                                                                                                                                                                                                                        0x00bd79c3
                                                                                                                                                                                                                                                        0x00bd79c5
                                                                                                                                                                                                                                                        0x00bd79ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd79d0
                                                                                                                                                                                                                                                        0x00bd79d8
                                                                                                                                                                                                                                                        0x00bd79dd
                                                                                                                                                                                                                                                        0x00bd79df
                                                                                                                                                                                                                                                        0x00bd79e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd79ea
                                                                                                                                                                                                                                                        0x00bd79f2
                                                                                                                                                                                                                                                        0x00bd79f7
                                                                                                                                                                                                                                                        0x00bd79f9
                                                                                                                                                                                                                                                        0x00bd79fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a04
                                                                                                                                                                                                                                                        0x00bd7a0c
                                                                                                                                                                                                                                                        0x00bd7a11
                                                                                                                                                                                                                                                        0x00bd7a13
                                                                                                                                                                                                                                                        0x00bd7a18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a1e
                                                                                                                                                                                                                                                        0x00bd7a26
                                                                                                                                                                                                                                                        0x00bd7a2b
                                                                                                                                                                                                                                                        0x00bd7a2d
                                                                                                                                                                                                                                                        0x00bd7a32
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a38
                                                                                                                                                                                                                                                        0x00bd7a40
                                                                                                                                                                                                                                                        0x00bd7a45
                                                                                                                                                                                                                                                        0x00bd7a47
                                                                                                                                                                                                                                                        0x00bd7a4c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a52
                                                                                                                                                                                                                                                        0x00bd7a5a
                                                                                                                                                                                                                                                        0x00bd7a5f
                                                                                                                                                                                                                                                        0x00bd7a61
                                                                                                                                                                                                                                                        0x00bd7a66
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a6c
                                                                                                                                                                                                                                                        0x00bd7a74
                                                                                                                                                                                                                                                        0x00bd7a79
                                                                                                                                                                                                                                                        0x00bd7a7b
                                                                                                                                                                                                                                                        0x00bd7a80
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7a86
                                                                                                                                                                                                                                                        0x00bd7a8e
                                                                                                                                                                                                                                                        0x00bd7a93
                                                                                                                                                                                                                                                        0x00bd7a95
                                                                                                                                                                                                                                                        0x00bd7a9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7aa0
                                                                                                                                                                                                                                                        0x00bd7aa8
                                                                                                                                                                                                                                                        0x00bd7aad
                                                                                                                                                                                                                                                        0x00bd7aaf
                                                                                                                                                                                                                                                        0x00bd7ab4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7aba
                                                                                                                                                                                                                                                        0x00bd7ac2
                                                                                                                                                                                                                                                        0x00bd7ac7
                                                                                                                                                                                                                                                        0x00bd7ac9
                                                                                                                                                                                                                                                        0x00bd7ace
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7ad0
                                                                                                                                                                                                                                                        0x00bd7ad8
                                                                                                                                                                                                                                                        0x00bd7add
                                                                                                                                                                                                                                                        0x00bd7adf
                                                                                                                                                                                                                                                        0x00bd7ae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7ae6
                                                                                                                                                                                                                                                        0x00bd7aee
                                                                                                                                                                                                                                                        0x00bd7af3
                                                                                                                                                                                                                                                        0x00bd7af5
                                                                                                                                                                                                                                                        0x00bd7afa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7afc
                                                                                                                                                                                                                                                        0x00bd7b04
                                                                                                                                                                                                                                                        0x00bd7b09
                                                                                                                                                                                                                                                        0x00bd7b0b
                                                                                                                                                                                                                                                        0x00bd7b10
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7b12
                                                                                                                                                                                                                                                        0x00bd7b1a
                                                                                                                                                                                                                                                        0x00bd7b1f
                                                                                                                                                                                                                                                        0x00bd7b21
                                                                                                                                                                                                                                                        0x00bd7b26
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7b28
                                                                                                                                                                                                                                                        0x00bd7b30
                                                                                                                                                                                                                                                        0x00bd7b37
                                                                                                                                                                                                                                                        0x00bd7b3c
                                                                                                                                                                                                                                                        0x00bd7b3c
                                                                                                                                                                                                                                                        0x00bd7b26
                                                                                                                                                                                                                                                        0x00bd7b10
                                                                                                                                                                                                                                                        0x00bd7afa
                                                                                                                                                                                                                                                        0x00bd7ae4
                                                                                                                                                                                                                                                        0x00bd7ace
                                                                                                                                                                                                                                                        0x00bd7ab4
                                                                                                                                                                                                                                                        0x00bd7a9a
                                                                                                                                                                                                                                                        0x00bd7a80
                                                                                                                                                                                                                                                        0x00bd7a66
                                                                                                                                                                                                                                                        0x00bd7a4c
                                                                                                                                                                                                                                                        0x00bd7a32
                                                                                                                                                                                                                                                        0x00bd7a18
                                                                                                                                                                                                                                                        0x00bd79fe
                                                                                                                                                                                                                                                        0x00bd79e4
                                                                                                                                                                                                                                                        0x00bd79ca
                                                                                                                                                                                                                                                        0x00bd79b0
                                                                                                                                                                                                                                                        0x00bd7996
                                                                                                                                                                                                                                                        0x00bd797c
                                                                                                                                                                                                                                                        0x00bd7962
                                                                                                                                                                                                                                                        0x00bd7948
                                                                                                                                                                                                                                                        0x00bd792e
                                                                                                                                                                                                                                                        0x00bd7914
                                                                                                                                                                                                                                                        0x00bd7b48
                                                                                                                                                                                                                                                        0x00bd7b54

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,?,00BE587C,?,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD78D6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleModule
                                                                                                                                                                                                                                                        • String ID: NtAllocateVirtualMemory$NtClose$NtDuplicateObject$NtFreeVirtualMemory$NtMapViewOfSection$NtProtectVirtualMemory$NtQueryInformationProcess$NtQueryObject$NtQuerySection$NtQueryVirtualMemory$NtSignalAndWaitForSingleObject$NtUnmapViewOfSection$NtWaitForSingleObject$RtlAllocateHeap$RtlAnsiStringToUnicodeString$RtlCompareUnicodeString$RtlCreateHeap$RtlCreateUserThread$RtlDestroyHeap$RtlFreeHeap$_strnicmp$memcpy$ntdll.dll$strlen$wcslen
                                                                                                                                                                                                                                                        • API String ID: 4139908857-148567080
                                                                                                                                                                                                                                                        • Opcode ID: 5a8614c92a7fbc67ffc4448d0426dabcf9c79c8b221869f4de60d209196d4fab
                                                                                                                                                                                                                                                        • Instruction ID: d10347191ee6173c6ac31a7c86f5d98cea3b2f72c0be2f7f263f3e8a02f65a02
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a8614c92a7fbc67ffc4448d0426dabcf9c79c8b221869f4de60d209196d4fab
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1951557198025E9E5B04EFB6CD62EBAF7E4EA08308B5414EEEA15C3290FF309508CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 87%
                                                                                                                                                                                                                                                        			E00BE9220(void* __ecx, void* __edx, WCHAR* _a4, intOrPtr _a8, signed char _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, long* _a28) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v128;
                                                                                                                                                                                                                                                        				intOrPtr _v132;
                                                                                                                                                                                                                                                        				void* _v136;
                                                                                                                                                                                                                                                        				char _v144;
                                                                                                                                                                                                                                                        				void* _v156;
                                                                                                                                                                                                                                                        				char _v160;
                                                                                                                                                                                                                                                        				long _v164;
                                                                                                                                                                                                                                                        				int _v168;
                                                                                                                                                                                                                                                        				void* _v172;
                                                                                                                                                                                                                                                        				struct _PROCESS_INFORMATION _v192;
                                                                                                                                                                                                                                                        				void* _v208;
                                                                                                                                                                                                                                                        				void* _v212;
                                                                                                                                                                                                                                                        				void* _v216;
                                                                                                                                                                                                                                                        				void* _v224;
                                                                                                                                                                                                                                                        				void* _v228;
                                                                                                                                                                                                                                                        				void* _v232;
                                                                                                                                                                                                                                                        				intOrPtr _v240;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				WCHAR* _t101;
                                                                                                                                                                                                                                                        				int _t108;
                                                                                                                                                                                                                                                        				int _t111;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				intOrPtr _t114;
                                                                                                                                                                                                                                                        				int _t116;
                                                                                                                                                                                                                                                        				int _t120;
                                                                                                                                                                                                                                                        				int _t123;
                                                                                                                                                                                                                                                        				int _t129;
                                                                                                                                                                                                                                                        				long _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				int _t134;
                                                                                                                                                                                                                                                        				int _t142;
                                                                                                                                                                                                                                                        				long _t150;
                                                                                                                                                                                                                                                        				void* _t151;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				signed int _t154;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				void* _t158;
                                                                                                                                                                                                                                                        				void* _t163;
                                                                                                                                                                                                                                                        				int _t165;
                                                                                                                                                                                                                                                        				void* _t168;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				void* _t185;
                                                                                                                                                                                                                                                        				void* _t188;
                                                                                                                                                                                                                                                        				void* _t189;
                                                                                                                                                                                                                                                        				intOrPtr _t190;
                                                                                                                                                                                                                                                        				void* _t191;
                                                                                                                                                                                                                                                        				void* _t192;
                                                                                                                                                                                                                                                        				intOrPtr* _t193;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				int _t197;
                                                                                                                                                                                                                                                        				void _t198;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				signed int _t201;
                                                                                                                                                                                                                                                        				void* _t204;
                                                                                                                                                                                                                                                        				void* _t205;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t184 = __edx;
                                                                                                                                                                                                                                                        				_t99 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t190 = _a8;
                                                                                                                                                                                                                                                        				_t185 = __ecx;
                                                                                                                                                                                                                                                        				_t100 = _t99 ^ _t200;
                                                                                                                                                                                                                                                        				_v24 = _t100;
                                                                                                                                                                                                                                                        				__imp___wcsdup(_a4);
                                                                                                                                                                                                                                                        				_t204 = (_t201 & 0xfffffff0) - 0xe0 + 4;
                                                                                                                                                                                                                                                        				_t158 =  *(__ecx + 0x2c);
                                                                                                                                                                                                                                                        				 *(__ecx + 0x2c) = _t100;
                                                                                                                                                                                                                                                        				if(_t158 != 0) {
                                                                                                                                                                                                                                                        					free(_t158);
                                                                                                                                                                                                                                                        					_t204 = _t204 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp___wcsdup(_t190);
                                                                                                                                                                                                                                                        				_t205 = _t204 + 4;
                                                                                                                                                                                                                                                        				_v224 = _t100;
                                                                                                                                                                                                                                                        				_v216 = _t185;
                                                                                                                                                                                                                                                        				_t150 = (0 |  *((intOrPtr*)(_a16 + 0x48)) != 0x00000000) << 0x00000013 | 0x0000040c;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t185 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        					_t13 = _t150 + 0x1000000; // 0x1000000
                                                                                                                                                                                                                                                        					E00BCBDD0();
                                                                                                                                                                                                                                                        					_t150 =  <  ? _t13 : _t150;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t101 = GetEnvironmentStringsW();
                                                                                                                                                                                                                                                        				_t191 =  &_v156;
                                                                                                                                                                                                                                                        				E00BC58B0(_t191, _t101, _a24);
                                                                                                                                                                                                                                                        				_t206 = _t205 + 0xc;
                                                                                                                                                                                                                                                        				FreeEnvironmentStringsW(_t101);
                                                                                                                                                                                                                                                        				if(_v136 > 7) {
                                                                                                                                                                                                                                                        					_t191 = _v156;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        				asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        				_t151 = _v224;
                                                                                                                                                                                                                                                        				_t192 = _v216;
                                                                                                                                                                                                                                                        				if(CreateProcessAsUserW( *(_t192 + 0x10), _a4, _t151, 0, 0, _a12 & 0x000000ff, _t150, _t191, 0, _a16 + 4,  &_v192) != 0) {
                                                                                                                                                                                                                                                        					E00BCB460( &_v208,  &_v192);
                                                                                                                                                                                                                                                        					_t108 =  *(_t192 + 0x1c);
                                                                                                                                                                                                                                                        					_t188 = _t192;
                                                                                                                                                                                                                                                        					__eflags = _t108;
                                                                                                                                                                                                                                                        					if(_t108 == 0) {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t163 =  *((intOrPtr*)(_t188 + 0x14));
                                                                                                                                                                                                                                                        						_t193 = _a28;
                                                                                                                                                                                                                                                        						_t33 = _t163 + 1; // 0x1
                                                                                                                                                                                                                                                        						__eflags = _t33 - 2;
                                                                                                                                                                                                                                                        						if(__eflags >= 0) {
                                                                                                                                                                                                                                                        							_v228 = _t163;
                                                                                                                                                                                                                                                        							_v212 = 0;
                                                                                                                                                                                                                                                        							_t111 = OpenProcessToken(_v208, 8,  &_v164);
                                                                                                                                                                                                                                                        							__eflags = _t111;
                                                                                                                                                                                                                                                        							if(_t111 != 0) {
                                                                                                                                                                                                                                                        								_v168 = 0;
                                                                                                                                                                                                                                                        								_t113 = E00BC5200(_v164,  &_v168, _v164);
                                                                                                                                                                                                                                                        								_push(0x48);
                                                                                                                                                                                                                                                        								L00BEF6BA();
                                                                                                                                                                                                                                                        								_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        								_t152 = _t113;
                                                                                                                                                                                                                                                        								_v136 = _t113;
                                                                                                                                                                                                                                                        								_t114 = _t113 + 0x48;
                                                                                                                                                                                                                                                        								_v128 = _t114;
                                                                                                                                                                                                                                                        								_v132 = _t114;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x40) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x44) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x38) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x3c) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x30) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x34) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x28) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x2c) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x20) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x24) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x18) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x1c) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x10) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0x14) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 8) = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 0xc) = 0;
                                                                                                                                                                                                                                                        								 *_t152 = 0;
                                                                                                                                                                                                                                                        								 *(_t152 + 4) = 0;
                                                                                                                                                                                                                                                        								_t116 = GetTokenInformation(_v172, 0x1f, _t152, 0x48,  &_v164);
                                                                                                                                                                                                                                                        								_t165 = 0;
                                                                                                                                                                                                                                                        								__eflags = _t116;
                                                                                                                                                                                                                                                        								_t117 = 0;
                                                                                                                                                                                                                                                        								if(_t116 != 0) {
                                                                                                                                                                                                                                                        									_t198 =  *_t152;
                                                                                                                                                                                                                                                        									_t165 = 0;
                                                                                                                                                                                                                                                        									_t117 = 0;
                                                                                                                                                                                                                                                        									__eflags = _t198;
                                                                                                                                                                                                                                                        									if(_t198 != 0) {
                                                                                                                                                                                                                                                        										_push(0x44);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        										E00BE7140(0, _t198);
                                                                                                                                                                                                                                                        										_t165 = 0;
                                                                                                                                                                                                                                                        										_t117 = 1;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t195 =  &_v136;
                                                                                                                                                                                                                                                        								_v224 = _t165;
                                                                                                                                                                                                                                                        								E00BC51B0(E00BC3010(_t195),  &_v172);
                                                                                                                                                                                                                                                        								__eflags = _t117;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									_t193 = _a28;
                                                                                                                                                                                                                                                        									_t120 = _v224;
                                                                                                                                                                                                                                                        									_t154 = 0;
                                                                                                                                                                                                                                                        									__eflags = _t120;
                                                                                                                                                                                                                                                        									if(_t120 == 0) {
                                                                                                                                                                                                                                                        										goto L34;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L33;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t155 = _t195;
                                                                                                                                                                                                                                                        									_t197 = _v224;
                                                                                                                                                                                                                                                        									E00BE5D50(_t195, __eflags, _t197, _t188 + 0x30);
                                                                                                                                                                                                                                                        									_t142 = E00BE30E0(_t184, __eflags, _v240, 0, _t155, 0, 0,  &_v224);
                                                                                                                                                                                                                                                        									_t206 = _t206 + 0x18;
                                                                                                                                                                                                                                                        									__eflags = _t142;
                                                                                                                                                                                                                                                        									_t154 = _t155 & 0xffffff00 | _t142 == 0x00000000;
                                                                                                                                                                                                                                                        									E00BE5EA0( &_v144, _t184);
                                                                                                                                                                                                                                                        									_t120 = _t197;
                                                                                                                                                                                                                                                        									_t193 = _a28;
                                                                                                                                                                                                                                                        									__eflags = _t120;
                                                                                                                                                                                                                                                        									if(_t120 != 0) {
                                                                                                                                                                                                                                                        										L33:
                                                                                                                                                                                                                                                        										_push(_t120);
                                                                                                                                                                                                                                                        										L00BEF6C0();
                                                                                                                                                                                                                                                        										_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        										L34:
                                                                                                                                                                                                                                                        										__eflags = _t154;
                                                                                                                                                                                                                                                        										_t151 = _v228;
                                                                                                                                                                                                                                                        										_t168 = _v232;
                                                                                                                                                                                                                                                        										if(_t154 != 0) {
                                                                                                                                                                                                                                                        											_t168 = _v216;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L22:
                                                                                                                                                                                                                                                        										_v136 = _v208;
                                                                                                                                                                                                                                                        										_t123 = SetThreadToken( &_v136, _t168);
                                                                                                                                                                                                                                                        										__eflags = _t123;
                                                                                                                                                                                                                                                        										if(_t123 != 0) {
                                                                                                                                                                                                                                                        											E00BC51B0(E00BC51B0(_t123, _t188 + 0x14),  &_v216);
                                                                                                                                                                                                                                                        											goto L12;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *_t193 = GetLastError();
                                                                                                                                                                                                                                                        										_t129 = E00BC51B0(TerminateProcess(_v212, 0),  &_v216);
                                                                                                                                                                                                                                                        										_t189 = 0x15;
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_t130 = E00BCB510(_t129,  &_v212);
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										_t131 = E00BBDF30(_t130,  &_v160, _t184);
                                                                                                                                                                                                                                                        										if(_t151 != 0) {
                                                                                                                                                                                                                                                        											free(_t151);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										E00BEECB0(_t131, _v28 ^ _t200, _t184);
                                                                                                                                                                                                                                                        										return _t189;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L34;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t168 = _v228;
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						__eflags = E00BCB570(_a20, __eflags,  &_v212);
                                                                                                                                                                                                                                                        						if(__eflags == 0) {
                                                                                                                                                                                                                                                        							 *_t193 = GetLastError();
                                                                                                                                                                                                                                                        							_t129 = TerminateProcess(_v212, 0);
                                                                                                                                                                                                                                                        							_t189 = 0x17;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t134 = E00BEB5C0(_t184, __eflags, _v212);
                                                                                                                                                                                                                                                        							_t206 = _t206 + 4;
                                                                                                                                                                                                                                                        							__eflags = _t134;
                                                                                                                                                                                                                                                        							 *(_t188 + 0x28) = _t134;
                                                                                                                                                                                                                                                        							if(_t134 != 0) {
                                                                                                                                                                                                                                                        								E00BCB630( &_v212,  &_v136);
                                                                                                                                                                                                                                                        								_t129 = E00BCB4A0(_t188,  &_v136);
                                                                                                                                                                                                                                                        								_t189 = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *_t193 = GetLastError();
                                                                                                                                                                                                                                                        								_t129 = TerminateProcess(_v212, 0);
                                                                                                                                                                                                                                                        								_t189 = 0x2b;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp__AssignProcessToJobObject(_t108, _v208);
                                                                                                                                                                                                                                                        					__eflags = _t108;
                                                                                                                                                                                                                                                        					if(_t108 != 0) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *_a28 = GetLastError();
                                                                                                                                                                                                                                                        					_t129 = TerminateProcess(_v216, 0);
                                                                                                                                                                                                                                                        					_t189 = 0x14;
                                                                                                                                                                                                                                                        					goto L16;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t130 = GetLastError();
                                                                                                                                                                                                                                                        				_t189 = 0x12;
                                                                                                                                                                                                                                                        				 *_a28 = _t130;
                                                                                                                                                                                                                                                        				goto L17;
                                                                                                                                                                                                                                                        			}































































                                                                                                                                                                                                                                                        0x00be9220
                                                                                                                                                                                                                                                        0x00be922f
                                                                                                                                                                                                                                                        0x00be9234
                                                                                                                                                                                                                                                        0x00be9237
                                                                                                                                                                                                                                                        0x00be9239
                                                                                                                                                                                                                                                        0x00be923b
                                                                                                                                                                                                                                                        0x00be9245
                                                                                                                                                                                                                                                        0x00be924b
                                                                                                                                                                                                                                                        0x00be924e
                                                                                                                                                                                                                                                        0x00be9251
                                                                                                                                                                                                                                                        0x00be9256
                                                                                                                                                                                                                                                        0x00be9259
                                                                                                                                                                                                                                                        0x00be925f
                                                                                                                                                                                                                                                        0x00be925f
                                                                                                                                                                                                                                                        0x00be9263
                                                                                                                                                                                                                                                        0x00be9269
                                                                                                                                                                                                                                                        0x00be9271
                                                                                                                                                                                                                                                        0x00be9275
                                                                                                                                                                                                                                                        0x00be9283
                                                                                                                                                                                                                                                        0x00be928d
                                                                                                                                                                                                                                                        0x00be928f
                                                                                                                                                                                                                                                        0x00be9295
                                                                                                                                                                                                                                                        0x00be929d
                                                                                                                                                                                                                                                        0x00be929d
                                                                                                                                                                                                                                                        0x00be92a0
                                                                                                                                                                                                                                                        0x00be92a6
                                                                                                                                                                                                                                                        0x00be92b1
                                                                                                                                                                                                                                                        0x00be92b6
                                                                                                                                                                                                                                                        0x00be92ba
                                                                                                                                                                                                                                                        0x00be92c5
                                                                                                                                                                                                                                                        0x00be92c7
                                                                                                                                                                                                                                                        0x00be92c7
                                                                                                                                                                                                                                                        0x00be92ce
                                                                                                                                                                                                                                                        0x00be92d5
                                                                                                                                                                                                                                                        0x00be92ee
                                                                                                                                                                                                                                                        0x00be92f6
                                                                                                                                                                                                                                                        0x00be9305
                                                                                                                                                                                                                                                        0x00be9321
                                                                                                                                                                                                                                                        0x00be9326
                                                                                                                                                                                                                                                        0x00be9329
                                                                                                                                                                                                                                                        0x00be932b
                                                                                                                                                                                                                                                        0x00be932d
                                                                                                                                                                                                                                                        0x00be935c
                                                                                                                                                                                                                                                        0x00be935c
                                                                                                                                                                                                                                                        0x00be935f
                                                                                                                                                                                                                                                        0x00be9362
                                                                                                                                                                                                                                                        0x00be9365
                                                                                                                                                                                                                                                        0x00be9368
                                                                                                                                                                                                                                                        0x00be9408
                                                                                                                                                                                                                                                        0x00be940c
                                                                                                                                                                                                                                                        0x00be941b
                                                                                                                                                                                                                                                        0x00be9421
                                                                                                                                                                                                                                                        0x00be9423
                                                                                                                                                                                                                                                        0x00be9491
                                                                                                                                                                                                                                                        0x00be949a
                                                                                                                                                                                                                                                        0x00be94a3
                                                                                                                                                                                                                                                        0x00be94a5
                                                                                                                                                                                                                                                        0x00be94aa
                                                                                                                                                                                                                                                        0x00be94ad
                                                                                                                                                                                                                                                        0x00be94af
                                                                                                                                                                                                                                                        0x00be94b3
                                                                                                                                                                                                                                                        0x00be94b6
                                                                                                                                                                                                                                                        0x00be94ba
                                                                                                                                                                                                                                                        0x00be94c2
                                                                                                                                                                                                                                                        0x00be94c9
                                                                                                                                                                                                                                                        0x00be94d0
                                                                                                                                                                                                                                                        0x00be94d7
                                                                                                                                                                                                                                                        0x00be94de
                                                                                                                                                                                                                                                        0x00be94e5
                                                                                                                                                                                                                                                        0x00be94ec
                                                                                                                                                                                                                                                        0x00be94f3
                                                                                                                                                                                                                                                        0x00be94fa
                                                                                                                                                                                                                                                        0x00be9501
                                                                                                                                                                                                                                                        0x00be9508
                                                                                                                                                                                                                                                        0x00be950f
                                                                                                                                                                                                                                                        0x00be9516
                                                                                                                                                                                                                                                        0x00be951d
                                                                                                                                                                                                                                                        0x00be9524
                                                                                                                                                                                                                                                        0x00be952b
                                                                                                                                                                                                                                                        0x00be9532
                                                                                                                                                                                                                                                        0x00be9538
                                                                                                                                                                                                                                                        0x00be9546
                                                                                                                                                                                                                                                        0x00be954c
                                                                                                                                                                                                                                                        0x00be954e
                                                                                                                                                                                                                                                        0x00be9550
                                                                                                                                                                                                                                                        0x00be9555
                                                                                                                                                                                                                                                        0x00be9557
                                                                                                                                                                                                                                                        0x00be9559
                                                                                                                                                                                                                                                        0x00be955b
                                                                                                                                                                                                                                                        0x00be9560
                                                                                                                                                                                                                                                        0x00be9562
                                                                                                                                                                                                                                                        0x00be9564
                                                                                                                                                                                                                                                        0x00be9566
                                                                                                                                                                                                                                                        0x00be956b
                                                                                                                                                                                                                                                        0x00be9573
                                                                                                                                                                                                                                                        0x00be9578
                                                                                                                                                                                                                                                        0x00be957a
                                                                                                                                                                                                                                                        0x00be957a
                                                                                                                                                                                                                                                        0x00be9562
                                                                                                                                                                                                                                                        0x00be957c
                                                                                                                                                                                                                                                        0x00be9580
                                                                                                                                                                                                                                                        0x00be9591
                                                                                                                                                                                                                                                        0x00be9596
                                                                                                                                                                                                                                                        0x00be9598
                                                                                                                                                                                                                                                        0x00be95f3
                                                                                                                                                                                                                                                        0x00be95f6
                                                                                                                                                                                                                                                        0x00be95fa
                                                                                                                                                                                                                                                        0x00be95fc
                                                                                                                                                                                                                                                        0x00be95fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be959a
                                                                                                                                                                                                                                                        0x00be95a0
                                                                                                                                                                                                                                                        0x00be95a2
                                                                                                                                                                                                                                                        0x00be95a7
                                                                                                                                                                                                                                                        0x00be95bc
                                                                                                                                                                                                                                                        0x00be95c1
                                                                                                                                                                                                                                                        0x00be95c4
                                                                                                                                                                                                                                                        0x00be95ca
                                                                                                                                                                                                                                                        0x00be95cd
                                                                                                                                                                                                                                                        0x00be95d2
                                                                                                                                                                                                                                                        0x00be95d4
                                                                                                                                                                                                                                                        0x00be95d7
                                                                                                                                                                                                                                                        0x00be95d9
                                                                                                                                                                                                                                                        0x00be9600
                                                                                                                                                                                                                                                        0x00be9600
                                                                                                                                                                                                                                                        0x00be9601
                                                                                                                                                                                                                                                        0x00be9606
                                                                                                                                                                                                                                                        0x00be9609
                                                                                                                                                                                                                                                        0x00be9609
                                                                                                                                                                                                                                                        0x00be960b
                                                                                                                                                                                                                                                        0x00be960f
                                                                                                                                                                                                                                                        0x00be9613
                                                                                                                                                                                                                                                        0x00be9619
                                                                                                                                                                                                                                                        0x00be9619
                                                                                                                                                                                                                                                        0x00be9429
                                                                                                                                                                                                                                                        0x00be942d
                                                                                                                                                                                                                                                        0x00be9437
                                                                                                                                                                                                                                                        0x00be943d
                                                                                                                                                                                                                                                        0x00be943f
                                                                                                                                                                                                                                                        0x00be95e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be95e9
                                                                                                                                                                                                                                                        0x00be944b
                                                                                                                                                                                                                                                        0x00be945d
                                                                                                                                                                                                                                                        0x00be9462
                                                                                                                                                                                                                                                        0x00be93ca
                                                                                                                                                                                                                                                        0x00be93ce
                                                                                                                                                                                                                                                        0x00be93d3
                                                                                                                                                                                                                                                        0x00be93d7
                                                                                                                                                                                                                                                        0x00be93de
                                                                                                                                                                                                                                                        0x00be93e1
                                                                                                                                                                                                                                                        0x00be93e7
                                                                                                                                                                                                                                                        0x00be93f3
                                                                                                                                                                                                                                                        0x00be9401
                                                                                                                                                                                                                                                        0x00be9401
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be95db
                                                                                                                                                                                                                                                        0x00be9598
                                                                                                                                                                                                                                                        0x00be9425
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9425
                                                                                                                                                                                                                                                        0x00be936e
                                                                                                                                                                                                                                                        0x00be937b
                                                                                                                                                                                                                                                        0x00be937d
                                                                                                                                                                                                                                                        0x00be93b7
                                                                                                                                                                                                                                                        0x00be93bf
                                                                                                                                                                                                                                                        0x00be93c5
                                                                                                                                                                                                                                                        0x00be937f
                                                                                                                                                                                                                                                        0x00be9383
                                                                                                                                                                                                                                                        0x00be9388
                                                                                                                                                                                                                                                        0x00be938b
                                                                                                                                                                                                                                                        0x00be938d
                                                                                                                                                                                                                                                        0x00be9390
                                                                                                                                                                                                                                                        0x00be9475
                                                                                                                                                                                                                                                        0x00be947d
                                                                                                                                                                                                                                                        0x00be9482
                                                                                                                                                                                                                                                        0x00be9396
                                                                                                                                                                                                                                                        0x00be939c
                                                                                                                                                                                                                                                        0x00be93a4
                                                                                                                                                                                                                                                        0x00be93aa
                                                                                                                                                                                                                                                        0x00be93aa
                                                                                                                                                                                                                                                        0x00be9390
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be937d
                                                                                                                                                                                                                                                        0x00be9334
                                                                                                                                                                                                                                                        0x00be933a
                                                                                                                                                                                                                                                        0x00be933c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9347
                                                                                                                                                                                                                                                        0x00be934f
                                                                                                                                                                                                                                                        0x00be9355
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be9355
                                                                                                                                                                                                                                                        0x00be9307
                                                                                                                                                                                                                                                        0x00be9310
                                                                                                                                                                                                                                                        0x00be9315
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _wcsdup.MOZGLUE(00000000), ref: 00BE9245
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BE9259
                                                                                                                                                                                                                                                        • _wcsdup.MOZGLUE(?), ref: 00BE9263
                                                                                                                                                                                                                                                        • GetEnvironmentStringsW.KERNEL32 ref: 00BE92A0
                                                                                                                                                                                                                                                        • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00BE92BA
                                                                                                                                                                                                                                                        • CreateProcessAsUserW.ADVAPI32(00000000,00000000,?,00000000,00000000,00000000,00000000,?,00000000,-00000004,?), ref: 00BE92FD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE9307
                                                                                                                                                                                                                                                        • AssignProcessToJobObject.KERNEL32 ref: 00BE9334
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE933E
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE934F
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE9396
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE93A4
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE93B1
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE93BF
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BE93E1
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(?,00000008,?), ref: 00BE941B
                                                                                                                                                                                                                                                        • SetThreadToken.ADVAPI32(?,?), ref: 00BE9437
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE9445
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000000), ref: 00BE9453
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000048,?), ref: 00BE94A5
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(00000000,0000001F(TokenIntegrityLevel),00000000,00000048,?), ref: 00BE9546
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000044), ref: 00BE9566
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE9601
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$ErrorLast$Terminate$Token$??2@EnvironmentStrings_wcsdupfree$??3@AssignCreateFreeInformationObjectOpenThreadUser
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4032390575-0
                                                                                                                                                                                                                                                        • Opcode ID: c3f95e1c4125206e7b580ad6ad5c4ef93d7ccadf18d44efaf1a63c6bfd7bf01c
                                                                                                                                                                                                                                                        • Instruction ID: c18fd78e9734c4212cafedac979c701302ae8ae424d9b00deae635ded3eef699
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c3f95e1c4125206e7b580ad6ad5c4ef93d7ccadf18d44efaf1a63c6bfd7bf01c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5AB159B16043419FEB109F21CC95B6B7BE8FF88304F0444ADF9859B291EB75E909CB96
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BD43C0(intOrPtr* __ecx, int __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				int _v72;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				void* _v80;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				int _v100;
                                                                                                                                                                                                                                                        				intOrPtr* _v104;
                                                                                                                                                                                                                                                        				int _v108;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				void* _t75;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				int _t81;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				intOrPtr _t85;
                                                                                                                                                                                                                                                        				int _t95;
                                                                                                                                                                                                                                                        				void* _t99;
                                                                                                                                                                                                                                                        				intOrPtr _t101;
                                                                                                                                                                                                                                                        				int _t106;
                                                                                                                                                                                                                                                        				int _t108;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				int _t112;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        				int _t117;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				int _t130;
                                                                                                                                                                                                                                                        				signed int _t147;
                                                                                                                                                                                                                                                        				int _t148;
                                                                                                                                                                                                                                                        				void* _t152;
                                                                                                                                                                                                                                                        				void* _t155;
                                                                                                                                                                                                                                                        				intOrPtr* _t156;
                                                                                                                                                                                                                                                        				intOrPtr _t157;
                                                                                                                                                                                                                                                        				intOrPtr* _t159;
                                                                                                                                                                                                                                                        				void* _t160;
                                                                                                                                                                                                                                                        				void* _t161;
                                                                                                                                                                                                                                                        				signed int _t164;
                                                                                                                                                                                                                                                        				void* _t165;
                                                                                                                                                                                                                                                        				void* _t167;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t149 = __edx;
                                                                                                                                                                                                                                                        				_t73 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t159 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t73 ^ _t164;
                                                                                                                                                                                                                                                        				_v72 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t75 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				__imp__GetProcessHandleCount(_t75,  &_v72);
                                                                                                                                                                                                                                                        				if(_t75 == 0) {
                                                                                                                                                                                                                                                        					_t114 = 0;
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					E00BEECB0(_t75, _v20 ^ _t164, _t149);
                                                                                                                                                                                                                                                        					return _t114;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t75 = GetModuleHandleA("verifier.dll");
                                                                                                                                                                                                                                                        				_t114 = 1;
                                                                                                                                                                                                                                                        				if(_t75 == 0) {
                                                                                                                                                                                                                                                        					_push(0xa0);
                                                                                                                                                                                                                                                        					L00BEF6BA();
                                                                                                                                                                                                                                                        					_t5 = _t75 + 0xa0; // 0xa0
                                                                                                                                                                                                                                                        					_t152 = _t5;
                                                                                                                                                                                                                                                        					_v84 = _t75;
                                                                                                                                                                                                                                                        					_v76 = _t152;
                                                                                                                                                                                                                                                        					_v96 = _t75;
                                                                                                                                                                                                                                                        					_t78 = memset(_t75, 0, 0xa0);
                                                                                                                                                                                                                                                        					_t167 = _t165 + 0x10;
                                                                                                                                                                                                                                                        					__eflags = _v72;
                                                                                                                                                                                                                                                        					_v80 = _t152;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					if(_v72 != 0) {
                                                                                                                                                                                                                                                        						_t79 = _v96;
                                                                                                                                                                                                                                                        						_v104 = _t159;
                                                                                                                                                                                                                                                        						_t115 = 0;
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_t160 = _t79;
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							_t115 = _t115 + 4;
                                                                                                                                                                                                                                                        							__eflags = _t115;
                                                                                                                                                                                                                                                        							_v88 = _t152 - _t79;
                                                                                                                                                                                                                                                        							_t81 = E00BD4740(_t115, _t160,  &_v88);
                                                                                                                                                                                                                                                        							_t167 = _t167 + 0xc;
                                                                                                                                                                                                                                                        							_v96 = _t115;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								__eflags = _t81 - 0xc0000004;
                                                                                                                                                                                                                                                        								if(_t81 == 0xc0000004) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								__eflags = _t81 - 0x80000005;
                                                                                                                                                                                                                                                        								if(_t81 != 0x80000005) {
                                                                                                                                                                                                                                                        									__eflags = _t81;
                                                                                                                                                                                                                                                        									if(_t81 < 0) {
                                                                                                                                                                                                                                                        										L30:
                                                                                                                                                                                                                                                        										_t78 = _v100 + 1;
                                                                                                                                                                                                                                                        										__eflags = _t78 - 0x63;
                                                                                                                                                                                                                                                        										if(_t78 > 0x63) {
                                                                                                                                                                                                                                                        											goto L5;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L31:
                                                                                                                                                                                                                                                        										__eflags = _v72;
                                                                                                                                                                                                                                                        										if(_v72 == 0) {
                                                                                                                                                                                                                                                        											goto L5;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_v100 = _t78;
                                                                                                                                                                                                                                                        										_t79 = _v84;
                                                                                                                                                                                                                                                        										_t152 = _v80;
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t95 =  *(_t160 + 4);
                                                                                                                                                                                                                                                        									__eflags = _t95;
                                                                                                                                                                                                                                                        									if(_t95 != 0) {
                                                                                                                                                                                                                                                        										_v72 = _v72 - 1;
                                                                                                                                                                                                                                                        										 *((short*)(_t95 + ( *_t160 & 0xfffe))) = 0;
                                                                                                                                                                                                                                                        										_v48 = 7;
                                                                                                                                                                                                                                                        										_v52 = 0;
                                                                                                                                                                                                                                                        										_v68 = 0;
                                                                                                                                                                                                                                                        										E00BBA740( &_v68,  *(_t160 + 4));
                                                                                                                                                                                                                                                        										_t156 = _v104;
                                                                                                                                                                                                                                                        										_t99 = E00BD2C90( &_v92, _t156,  &_v92,  &_v68);
                                                                                                                                                                                                                                                        										_t115 = _v96;
                                                                                                                                                                                                                                                        										E00BBDF30(_t99,  &_v68, _t149);
                                                                                                                                                                                                                                                        										_t101 = _v92;
                                                                                                                                                                                                                                                        										__eflags = _t101 -  *_t156;
                                                                                                                                                                                                                                                        										if(_t101 ==  *_t156) {
                                                                                                                                                                                                                                                        											L39:
                                                                                                                                                                                                                                                        											_t78 = _v100;
                                                                                                                                                                                                                                                        											__eflags = _t78 - 0x63;
                                                                                                                                                                                                                                                        											if(_t78 <= 0x63) {
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L5;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags =  *(_t101 + 0x2c);
                                                                                                                                                                                                                                                        										_t157 = _t101;
                                                                                                                                                                                                                                                        										if( *(_t101 + 0x2c) == 0) {
                                                                                                                                                                                                                                                        											L44:
                                                                                                                                                                                                                                                        											_t78 = SetHandleInformation(_t115, 2, 0);
                                                                                                                                                                                                                                                        											__eflags = _t78;
                                                                                                                                                                                                                                                        											if(_t78 == 0) {
                                                                                                                                                                                                                                                        												L46:
                                                                                                                                                                                                                                                        												_t114 = 0;
                                                                                                                                                                                                                                                        												L6:
                                                                                                                                                                                                                                                        												E00BBDF30(_t78,  &_v44, _t149);
                                                                                                                                                                                                                                                        												_t75 = E00BC14C0(_t114,  &_v84);
                                                                                                                                                                                                                                                        												goto L2;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = CloseHandle(_t115);
                                                                                                                                                                                                                                                        											if(__eflags != 0) {
                                                                                                                                                                                                                                                        												_t149 = _t115;
                                                                                                                                                                                                                                                        												E00BD4020(_v104, _t115, __eflags, _v92 + 0x10);
                                                                                                                                                                                                                                                        												_t167 = _t167 + 4;
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L46;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t106 = E00BD3070(_t115,  &_v44);
                                                                                                                                                                                                                                                        										_t167 = _t167 + 8;
                                                                                                                                                                                                                                                        										__eflags = _t106;
                                                                                                                                                                                                                                                        										if(_t106 != 0) {
                                                                                                                                                                                                                                                        											_t108 = E00BD47D0(_t157 + 0x28,  &_v44);
                                                                                                                                                                                                                                                        											__eflags = _t108;
                                                                                                                                                                                                                                                        											if(_t108 == 0) {
                                                                                                                                                                                                                                                        												goto L39;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L44;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L39;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L30;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L11;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									L11:
                                                                                                                                                                                                                                                        									_t125 = _v80;
                                                                                                                                                                                                                                                        									_t161 = _v84;
                                                                                                                                                                                                                                                        									_t117 = _v88 + 2;
                                                                                                                                                                                                                                                        									_t83 = _v76 - _t161;
                                                                                                                                                                                                                                                        									_t155 = _t125 - _t161;
                                                                                                                                                                                                                                                        									__eflags = _t83 - _t117;
                                                                                                                                                                                                                                                        									if(_t83 < _t117) {
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t112 = _t117 - _t155;
                                                                                                                                                                                                                                                        										__eflags = _t112;
                                                                                                                                                                                                                                                        										if(__eflags <= 0) {
                                                                                                                                                                                                                                                        											if(__eflags != 0) {
                                                                                                                                                                                                                                                        												_v80 = _t117 + _t161;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											memset(_t125, 0, _t112);
                                                                                                                                                                                                                                                        											_t167 = _t167 + 0xc;
                                                                                                                                                                                                                                                        											_v80 = _t125 + _t112;
                                                                                                                                                                                                                                                        											_t160 = _v84;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L14:
                                                                                                                                                                                                                                                        									_t115 = _v96;
                                                                                                                                                                                                                                                        									_t81 = E00BD4740(_t115, _t160,  &_v88);
                                                                                                                                                                                                                                                        									_t167 = _t167 + 0xc;
                                                                                                                                                                                                                                                        									__eflags = _t81;
                                                                                                                                                                                                                                                        									if(_t81 < 0) {
                                                                                                                                                                                                                                                        										__eflags = _t81 - 0xc0000004;
                                                                                                                                                                                                                                                        										if(_t81 == 0xc0000004) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L10;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v88 - _v80 - _v84;
                                                                                                                                                                                                                                                        									_t81 =  ==  ? 0xc0000004 : _t81;
                                                                                                                                                                                                                                                        									__eflags = _t81 - 0xc0000004;
                                                                                                                                                                                                                                                        									if(_t81 != 0xc0000004) {
                                                                                                                                                                                                                                                        										goto L10;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        									L17:
                                                                                                                                                                                                                                                        									__eflags = _t117;
                                                                                                                                                                                                                                                        									if(_t117 < 0) {
                                                                                                                                                                                                                                                        										E00BC14B0(_t117, _t125);
                                                                                                                                                                                                                                                        										L52:
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										L53:
                                                                                                                                                                                                                                                        										_t85 = 0xffffffff;
                                                                                                                                                                                                                                                        										L35:
                                                                                                                                                                                                                                                        										_push(_t85);
                                                                                                                                                                                                                                                        										L00BEF6BA();
                                                                                                                                                                                                                                                        										_t167 = _t167 + 4;
                                                                                                                                                                                                                                                        										_t51 = _t85 + 0x23; // 0x23
                                                                                                                                                                                                                                                        										_t160 = _t51 & 0xffffffe0;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t160 - 4)) = _t85;
                                                                                                                                                                                                                                                        										L24:
                                                                                                                                                                                                                                                        										memset(_t160 + _t155, 0, _t117 - _t155);
                                                                                                                                                                                                                                                        										memmove(_t160, _v84, _v80 - _v84);
                                                                                                                                                                                                                                                        										_t167 = _t167 + 0x18;
                                                                                                                                                                                                                                                        										_t130 = _v84;
                                                                                                                                                                                                                                                        										__eflags = _t130;
                                                                                                                                                                                                                                                        										if(_t130 == 0) {
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											_v84 = _t160;
                                                                                                                                                                                                                                                        											_v80 = _t160 + _t117;
                                                                                                                                                                                                                                                        											_v76 = _t160 + _v108;
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t110 = _v76 - _t130;
                                                                                                                                                                                                                                                        										__eflags = _t110 - 0x1000;
                                                                                                                                                                                                                                                        										if(_t110 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t149 =  *(_t130 - 4);
                                                                                                                                                                                                                                                        											__eflags = _t130 + 0xfffffffc - _t149 - 0x20;
                                                                                                                                                                                                                                                        											if(_t130 + 0xfffffffc - _t149 >= 0x20) {
                                                                                                                                                                                                                                                        												goto L52;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t110 = _t110 + 0x23;
                                                                                                                                                                                                                                                        											_t130 = _t149;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_push(_t110);
                                                                                                                                                                                                                                                        										_push(_t130);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t167 = _t167 + 8;
                                                                                                                                                                                                                                                        										goto L27;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t147 = _t83 >> 1;
                                                                                                                                                                                                                                                        									__eflags = _t83 - (_t147 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        									_t149 = _t117;
                                                                                                                                                                                                                                                        									if(_t83 <= (_t147 ^ 0x7fffffff)) {
                                                                                                                                                                                                                                                        										_t148 = _t83 + _t147;
                                                                                                                                                                                                                                                        										_t149 = _t117;
                                                                                                                                                                                                                                                        										__eflags = _t148 - _t117;
                                                                                                                                                                                                                                                        										if(_t148 >= _t117) {
                                                                                                                                                                                                                                                        											_t149 = _t148;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _t149 - 0x1000;
                                                                                                                                                                                                                                                        									_v108 = _t149;
                                                                                                                                                                                                                                                        									if(_t149 >= 0x1000) {
                                                                                                                                                                                                                                                        										__eflags = _t149 - 0xffffffdc;
                                                                                                                                                                                                                                                        										if(_t149 > 0xffffffdc) {
                                                                                                                                                                                                                                                        											goto L53;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t85 = _t149 + 0x23;
                                                                                                                                                                                                                                                        										goto L35;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__eflags = _t149;
                                                                                                                                                                                                                                                        										if(_t149 == 0) {
                                                                                                                                                                                                                                                        											_t160 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_push(_t149);
                                                                                                                                                                                                                                                        											L00BEF6BA();
                                                                                                                                                                                                                                                        											_t167 = _t167 + 4;
                                                                                                                                                                                                                                                        											_t160 = _t83;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L24;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								_t125 = _v80;
                                                                                                                                                                                                                                                        								_t161 = _v84;
                                                                                                                                                                                                                                                        								_t117 = _v88 + 2;
                                                                                                                                                                                                                                                        								_t83 = _v76 - _t161;
                                                                                                                                                                                                                                                        								_t155 = _t125 - _t161;
                                                                                                                                                                                                                                                        								__eflags = _t83 - _t117;
                                                                                                                                                                                                                                                        								if(_t83 < _t117) {
                                                                                                                                                                                                                                                        									goto L17;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t112 = _t117 - _t155;
                                                                                                                                                                                                                                                        									__eflags = _t112;
                                                                                                                                                                                                                                                        									if(__eflags <= 0) {
                                                                                                                                                                                                                                                        										if(__eflags != 0) {
                                                                                                                                                                                                                                                        											_v80 = _t117 + _t161;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										memset(_t125, 0, _t112);
                                                                                                                                                                                                                                                        										_t167 = _t167 + 0xc;
                                                                                                                                                                                                                                                        										_v80 = _t125 + _t112;
                                                                                                                                                                                                                                                        										_t160 = _v84;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t114 = 1;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}



















































                                                                                                                                                                                                                                                        0x00bd43c0
                                                                                                                                                                                                                                                        0x00bd43c9
                                                                                                                                                                                                                                                        0x00bd43ce
                                                                                                                                                                                                                                                        0x00bd43d2
                                                                                                                                                                                                                                                        0x00bd43d5
                                                                                                                                                                                                                                                        0x00bd43dc
                                                                                                                                                                                                                                                        0x00bd43e7
                                                                                                                                                                                                                                                        0x00bd43ef
                                                                                                                                                                                                                                                        0x00bd4416
                                                                                                                                                                                                                                                        0x00bd4402
                                                                                                                                                                                                                                                        0x00bd4407
                                                                                                                                                                                                                                                        0x00bd4415
                                                                                                                                                                                                                                                        0x00bd4415
                                                                                                                                                                                                                                                        0x00bd43f6
                                                                                                                                                                                                                                                        0x00bd43fc
                                                                                                                                                                                                                                                        0x00bd4400
                                                                                                                                                                                                                                                        0x00bd441a
                                                                                                                                                                                                                                                        0x00bd441f
                                                                                                                                                                                                                                                        0x00bd4427
                                                                                                                                                                                                                                                        0x00bd4427
                                                                                                                                                                                                                                                        0x00bd442d
                                                                                                                                                                                                                                                        0x00bd4430
                                                                                                                                                                                                                                                        0x00bd443a
                                                                                                                                                                                                                                                        0x00bd443e
                                                                                                                                                                                                                                                        0x00bd4443
                                                                                                                                                                                                                                                        0x00bd4446
                                                                                                                                                                                                                                                        0x00bd444a
                                                                                                                                                                                                                                                        0x00bd444d
                                                                                                                                                                                                                                                        0x00bd4454
                                                                                                                                                                                                                                                        0x00bd445b
                                                                                                                                                                                                                                                        0x00bd4461
                                                                                                                                                                                                                                                        0x00bd4477
                                                                                                                                                                                                                                                        0x00bd447a
                                                                                                                                                                                                                                                        0x00bd447d
                                                                                                                                                                                                                                                        0x00bd447d
                                                                                                                                                                                                                                                        0x00bd447f
                                                                                                                                                                                                                                                        0x00bd4486
                                                                                                                                                                                                                                                        0x00bd4490
                                                                                                                                                                                                                                                        0x00bd4490
                                                                                                                                                                                                                                                        0x00bd4492
                                                                                                                                                                                                                                                        0x00bd4492
                                                                                                                                                                                                                                                        0x00bd4498
                                                                                                                                                                                                                                                        0x00bd449e
                                                                                                                                                                                                                                                        0x00bd44a3
                                                                                                                                                                                                                                                        0x00bd44a6
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd44b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44b7
                                                                                                                                                                                                                                                        0x00bd44b7
                                                                                                                                                                                                                                                        0x00bd44bc
                                                                                                                                                                                                                                                        0x00bd45e0
                                                                                                                                                                                                                                                        0x00bd45e2
                                                                                                                                                                                                                                                        0x00bd45eb
                                                                                                                                                                                                                                                        0x00bd45ee
                                                                                                                                                                                                                                                        0x00bd45ef
                                                                                                                                                                                                                                                        0x00bd45f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd45f8
                                                                                                                                                                                                                                                        0x00bd45f8
                                                                                                                                                                                                                                                        0x00bd45fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4602
                                                                                                                                                                                                                                                        0x00bd4605
                                                                                                                                                                                                                                                        0x00bd4608
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4608
                                                                                                                                                                                                                                                        0x00bd45e4
                                                                                                                                                                                                                                                        0x00bd45e7
                                                                                                                                                                                                                                                        0x00bd45e9
                                                                                                                                                                                                                                                        0x00bd4633
                                                                                                                                                                                                                                                        0x00bd463f
                                                                                                                                                                                                                                                        0x00bd464d
                                                                                                                                                                                                                                                        0x00bd4650
                                                                                                                                                                                                                                                        0x00bd4657
                                                                                                                                                                                                                                                        0x00bd4660
                                                                                                                                                                                                                                                        0x00bd4665
                                                                                                                                                                                                                                                        0x00bd466f
                                                                                                                                                                                                                                                        0x00bd4676
                                                                                                                                                                                                                                                        0x00bd4679
                                                                                                                                                                                                                                                        0x00bd467e
                                                                                                                                                                                                                                                        0x00bd4681
                                                                                                                                                                                                                                                        0x00bd4683
                                                                                                                                                                                                                                                        0x00bd469e
                                                                                                                                                                                                                                                        0x00bd469e
                                                                                                                                                                                                                                                        0x00bd46a1
                                                                                                                                                                                                                                                        0x00bd46a4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46aa
                                                                                                                                                                                                                                                        0x00bd4685
                                                                                                                                                                                                                                                        0x00bd4689
                                                                                                                                                                                                                                                        0x00bd468b
                                                                                                                                                                                                                                                        0x00bd46d8
                                                                                                                                                                                                                                                        0x00bd46dd
                                                                                                                                                                                                                                                        0x00bd46e3
                                                                                                                                                                                                                                                        0x00bd46e5
                                                                                                                                                                                                                                                        0x00bd46f2
                                                                                                                                                                                                                                                        0x00bd46f2
                                                                                                                                                                                                                                                        0x00bd4465
                                                                                                                                                                                                                                                        0x00bd4468
                                                                                                                                                                                                                                                        0x00bd4470
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4470
                                                                                                                                                                                                                                                        0x00bd46ee
                                                                                                                                                                                                                                                        0x00bd46f0
                                                                                                                                                                                                                                                        0x00bd46ff
                                                                                                                                                                                                                                                        0x00bd4705
                                                                                                                                                                                                                                                        0x00bd470a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd470a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46f0
                                                                                                                                                                                                                                                        0x00bd4692
                                                                                                                                                                                                                                                        0x00bd4697
                                                                                                                                                                                                                                                        0x00bd469a
                                                                                                                                                                                                                                                        0x00bd469c
                                                                                                                                                                                                                                                        0x00bd46cf
                                                                                                                                                                                                                                                        0x00bd46d4
                                                                                                                                                                                                                                                        0x00bd46d6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46d6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd469c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44c2
                                                                                                                                                                                                                                                        0x00bd44c2
                                                                                                                                                                                                                                                        0x00bd44c5
                                                                                                                                                                                                                                                        0x00bd44c8
                                                                                                                                                                                                                                                        0x00bd44d0
                                                                                                                                                                                                                                                        0x00bd44d3
                                                                                                                                                                                                                                                        0x00bd44d5
                                                                                                                                                                                                                                                        0x00bd44d7
                                                                                                                                                                                                                                                        0x00bd44d9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44db
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd470f
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd44e5
                                                                                                                                                                                                                                                        0x00bd44ec
                                                                                                                                                                                                                                                        0x00bd44f1
                                                                                                                                                                                                                                                        0x00bd44f4
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd44fa
                                                                                                                                                                                                                                                        0x00bd44ff
                                                                                                                                                                                                                                                        0x00bd4503
                                                                                                                                                                                                                                                        0x00bd4508
                                                                                                                                                                                                                                                        0x00bd450b
                                                                                                                                                                                                                                                        0x00bd450d
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd44b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44b5
                                                                                                                                                                                                                                                        0x00bd4515
                                                                                                                                                                                                                                                        0x00bd451d
                                                                                                                                                                                                                                                        0x00bd4520
                                                                                                                                                                                                                                                        0x00bd4525
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4530
                                                                                                                                                                                                                                                        0x00bd4530
                                                                                                                                                                                                                                                        0x00bd4532
                                                                                                                                                                                                                                                        0x00bd4726
                                                                                                                                                                                                                                                        0x00bd472b
                                                                                                                                                                                                                                                        0x00bd472b
                                                                                                                                                                                                                                                        0x00bd4731
                                                                                                                                                                                                                                                        0x00bd4731
                                                                                                                                                                                                                                                        0x00bd461c
                                                                                                                                                                                                                                                        0x00bd461c
                                                                                                                                                                                                                                                        0x00bd461d
                                                                                                                                                                                                                                                        0x00bd4622
                                                                                                                                                                                                                                                        0x00bd4625
                                                                                                                                                                                                                                                        0x00bd4628
                                                                                                                                                                                                                                                        0x00bd462b
                                                                                                                                                                                                                                                        0x00bd4576
                                                                                                                                                                                                                                                        0x00bd4581
                                                                                                                                                                                                                                                        0x00bd4594
                                                                                                                                                                                                                                                        0x00bd4599
                                                                                                                                                                                                                                                        0x00bd459c
                                                                                                                                                                                                                                                        0x00bd459f
                                                                                                                                                                                                                                                        0x00bd45a1
                                                                                                                                                                                                                                                        0x00bd45bd
                                                                                                                                                                                                                                                        0x00bd45c2
                                                                                                                                                                                                                                                        0x00bd45c5
                                                                                                                                                                                                                                                        0x00bd45ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd45ca
                                                                                                                                                                                                                                                        0x00bd45a6
                                                                                                                                                                                                                                                        0x00bd45a8
                                                                                                                                                                                                                                                        0x00bd45ad
                                                                                                                                                                                                                                                        0x00bd46af
                                                                                                                                                                                                                                                        0x00bd46b7
                                                                                                                                                                                                                                                        0x00bd46ba
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd46bc
                                                                                                                                                                                                                                                        0x00bd46bf
                                                                                                                                                                                                                                                        0x00bd46bf
                                                                                                                                                                                                                                                        0x00bd45b3
                                                                                                                                                                                                                                                        0x00bd45b4
                                                                                                                                                                                                                                                        0x00bd45b5
                                                                                                                                                                                                                                                        0x00bd45ba
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd45ba
                                                                                                                                                                                                                                                        0x00bd453a
                                                                                                                                                                                                                                                        0x00bd4544
                                                                                                                                                                                                                                                        0x00bd4546
                                                                                                                                                                                                                                                        0x00bd4548
                                                                                                                                                                                                                                                        0x00bd454a
                                                                                                                                                                                                                                                        0x00bd454c
                                                                                                                                                                                                                                                        0x00bd454e
                                                                                                                                                                                                                                                        0x00bd4550
                                                                                                                                                                                                                                                        0x00bd4552
                                                                                                                                                                                                                                                        0x00bd4552
                                                                                                                                                                                                                                                        0x00bd4550
                                                                                                                                                                                                                                                        0x00bd4554
                                                                                                                                                                                                                                                        0x00bd455a
                                                                                                                                                                                                                                                        0x00bd455d
                                                                                                                                                                                                                                                        0x00bd4610
                                                                                                                                                                                                                                                        0x00bd4613
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4619
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4563
                                                                                                                                                                                                                                                        0x00bd4563
                                                                                                                                                                                                                                                        0x00bd4565
                                                                                                                                                                                                                                                        0x00bd471f
                                                                                                                                                                                                                                                        0x00bd456b
                                                                                                                                                                                                                                                        0x00bd456b
                                                                                                                                                                                                                                                        0x00bd456c
                                                                                                                                                                                                                                                        0x00bd4571
                                                                                                                                                                                                                                                        0x00bd4574
                                                                                                                                                                                                                                                        0x00bd4574
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4565
                                                                                                                                                                                                                                                        0x00bd455d
                                                                                                                                                                                                                                                        0x00bd44c2
                                                                                                                                                                                                                                                        0x00bd44c5
                                                                                                                                                                                                                                                        0x00bd44c8
                                                                                                                                                                                                                                                        0x00bd44d0
                                                                                                                                                                                                                                                        0x00bd44d3
                                                                                                                                                                                                                                                        0x00bd44d5
                                                                                                                                                                                                                                                        0x00bd44d7
                                                                                                                                                                                                                                                        0x00bd44d9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd44db
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44dd
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd470f
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd4717
                                                                                                                                                                                                                                                        0x00bd44e5
                                                                                                                                                                                                                                                        0x00bd44ec
                                                                                                                                                                                                                                                        0x00bd44f1
                                                                                                                                                                                                                                                        0x00bd44f4
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44f7
                                                                                                                                                                                                                                                        0x00bd44df
                                                                                                                                                                                                                                                        0x00bd44d9
                                                                                                                                                                                                                                                        0x00bd44b0
                                                                                                                                                                                                                                                        0x00bd4490
                                                                                                                                                                                                                                                        0x00bd4463
                                                                                                                                                                                                                                                        0x00bd4463
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4463
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD43DC
                                                                                                                                                                                                                                                        • GetProcessHandleCount.KERNEL32(00000000,FFFFFFFF), ref: 00BD43E7
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(verifier.dll), ref: 00BD43F6
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(000000A0), ref: 00BD441F
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BD443E
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BD44EC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleProcessmemset$??2@CountCurrentModule
                                                                                                                                                                                                                                                        • String ID: verifier.dll
                                                                                                                                                                                                                                                        • API String ID: 576989540-3265496382
                                                                                                                                                                                                                                                        • Opcode ID: fb48b03c148a57adc2169315e4b715559557b28b8139dcf717467a4622618d32
                                                                                                                                                                                                                                                        • Instruction ID: 385b84d7ddaf3cd464489c6d4dfc67c4c4f733f202bc2a642e7971ca681a1ce0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb48b03c148a57adc2169315e4b715559557b28b8139dcf717467a4622618d32
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 68A19C71E002088FDB14DFA4DC85BAEB7F9EF45314F1445AAE806AB384EB74AC45CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 80%
                                                                                                                                                                                                                                                        			E00BB5BA0(signed char* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				signed short _t27;
                                                                                                                                                                                                                                                        				long _t29;
                                                                                                                                                                                                                                                        				signed short _t30;
                                                                                                                                                                                                                                                        				long _t32;
                                                                                                                                                                                                                                                        				signed short _t33;
                                                                                                                                                                                                                                                        				long _t35;
                                                                                                                                                                                                                                                        				signed short _t36;
                                                                                                                                                                                                                                                        				long _t38;
                                                                                                                                                                                                                                                        				signed short _t39;
                                                                                                                                                                                                                                                        				long _t41;
                                                                                                                                                                                                                                                        				signed short _t42;
                                                                                                                                                                                                                                                        				long _t44;
                                                                                                                                                                                                                                                        				signed short _t45;
                                                                                                                                                                                                                                                        				long _t47;
                                                                                                                                                                                                                                                        				signed short _t48;
                                                                                                                                                                                                                                                        				long _t50;
                                                                                                                                                                                                                                                        				signed short _t51;
                                                                                                                                                                                                                                                        				long _t53;
                                                                                                                                                                                                                                                        				signed short* _t54;
                                                                                                                                                                                                                                                        				signed char _t55;
                                                                                                                                                                                                                                                        				signed short* _t57;
                                                                                                                                                                                                                                                        				char* _t58;
                                                                                                                                                                                                                                                        				signed short** _t64;
                                                                                                                                                                                                                                                        				char* _t65;
                                                                                                                                                                                                                                                        				signed char* _t66;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __edx;
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t66 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t20 ^ _t67;
                                                                                                                                                                                                                                                        				_t54 =  *(__edx + 4);
                                                                                                                                                                                                                                                        				if(_t54 == 0) {
                                                                                                                                                                                                                                                        					L31:
                                                                                                                                                                                                                                                        					_t55 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t64 = __edx + 8;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						if(( *_t54 & 0x0000ffff | 0x00000002) == 0x2f) {
                                                                                                                                                                                                                                                        							if(_t54[1] == 0x2d) {
                                                                                                                                                                                                                                                        								_t57 =  &(_t54[2]);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t57 =  &(_t54[1]);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t27 =  *_t57 & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t27 == 0) {
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t29 = towlower(_t27 & 0x0000ffff);
                                                                                                                                                                                                                                                        								_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        								if(_t29 != 0x73) {
                                                                                                                                                                                                                                                        									goto L3;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t30 = _t57[1] & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t30 == 0) {
                                                                                                                                                                                                                                                        										goto L3;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t32 = towlower(_t30 & 0x0000ffff);
                                                                                                                                                                                                                                                        										_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        										if(_t32 != 0x61) {
                                                                                                                                                                                                                                                        											goto L3;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t33 = _t57[2] & 0x0000ffff;
                                                                                                                                                                                                                                                        											if(_t33 == 0) {
                                                                                                                                                                                                                                                        												goto L3;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t35 = towlower(_t33 & 0x0000ffff);
                                                                                                                                                                                                                                                        												_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        												if(_t35 != 0x66) {
                                                                                                                                                                                                                                                        													goto L3;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t36 = _t57[3] & 0x0000ffff;
                                                                                                                                                                                                                                                        													if(_t36 == 0) {
                                                                                                                                                                                                                                                        														goto L3;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t38 = towlower(_t36 & 0x0000ffff);
                                                                                                                                                                                                                                                        														_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        														if(_t38 != 0x65) {
                                                                                                                                                                                                                                                        															goto L3;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t39 = _t57[4] & 0x0000ffff;
                                                                                                                                                                                                                                                        															if(_t39 == 0) {
                                                                                                                                                                                                                                                        																goto L3;
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t41 = towlower(_t39 & 0x0000ffff);
                                                                                                                                                                                                                                                        																_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        																if(_t41 != 0x2d) {
                                                                                                                                                                                                                                                        																	goto L3;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t42 = _t57[5] & 0x0000ffff;
                                                                                                                                                                                                                                                        																	if(_t42 == 0) {
                                                                                                                                                                                                                                                        																		goto L3;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t44 = towlower(_t42 & 0x0000ffff);
                                                                                                                                                                                                                                                        																		_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        																		if(_t44 != 0x6d) {
                                                                                                                                                                                                                                                        																			goto L3;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t45 = _t57[6] & 0x0000ffff;
                                                                                                                                                                                                                                                        																			if(_t45 == 0) {
                                                                                                                                                                                                                                                        																				goto L3;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t47 = towlower(_t45 & 0x0000ffff);
                                                                                                                                                                                                                                                        																				_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        																				if(_t47 != 0x6f) {
                                                                                                                                                                                                                                                        																					goto L3;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_t48 = _t57[7] & 0x0000ffff;
                                                                                                                                                                                                                                                        																					if(_t48 == 0) {
                                                                                                                                                                                                                                                        																						goto L3;
                                                                                                                                                                                                                                                        																					} else {
                                                                                                                                                                                                                                                        																						_t50 = towlower(_t48 & 0x0000ffff);
                                                                                                                                                                                                                                                        																						_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        																						if(_t50 != 0x64) {
                                                                                                                                                                                                                                                        																							goto L3;
                                                                                                                                                                                                                                                        																						} else {
                                                                                                                                                                                                                                                        																							_t51 = _t57[8] & 0x0000ffff;
                                                                                                                                                                                                                                                        																							if(_t51 == 0) {
                                                                                                                                                                                                                                                        																								goto L3;
                                                                                                                                                                                                                                                        																							} else {
                                                                                                                                                                                                                                                        																								_t53 = towlower(_t51 & 0x0000ffff);
                                                                                                                                                                                                                                                        																								_t68 = _t68 + 4;
                                                                                                                                                                                                                                                        																								if(_t53 != 0x65 || _t57[9] != 0) {
                                                                                                                                                                                                                                                        																									goto L3;
                                                                                                                                                                                                                                                        																								} else {
                                                                                                                                                                                                                                                        																									_t65 =  &_v24;
                                                                                                                                                                                                                                                        																									_t58 =  &_v28;
                                                                                                                                                                                                                                                        																									_v24 = 4;
                                                                                                                                                                                                                                                        																									__imp__RegGetValueW(0x80000002, L"SOFTWARE\\Policies\\Mozilla\\Firefox", L"DisableSafeMode", 0x18, 0, _t58, _t65);
                                                                                                                                                                                                                                                        																									if(_t53 == 0) {
                                                                                                                                                                                                                                                        																										L30:
                                                                                                                                                                                                                                                        																										_t55 = 1;
                                                                                                                                                                                                                                                        																										if(_v28 == 1) {
                                                                                                                                                                                                                                                        																											goto L31;
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									} else {
                                                                                                                                                                                                                                                        																										_v24 = 4;
                                                                                                                                                                                                                                                        																										__imp__RegGetValueW(0x80000001, L"SOFTWARE\\Policies\\Mozilla\\Firefox", L"DisableSafeMode", 0x18, 0, _t58, _t65);
                                                                                                                                                                                                                                                        																										if(_t53 == 0) {
                                                                                                                                                                                                                                                        																											goto L30;
                                                                                                                                                                                                                                                        																										} else {
                                                                                                                                                                                                                                                        																											_t55 = 1;
                                                                                                                                                                                                                                                        																										}
                                                                                                                                                                                                                                                        																									}
                                                                                                                                                                                                                                                        																								}
                                                                                                                                                                                                                                                        																							}
                                                                                                                                                                                                                                                        																						}
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						_t54 =  *_t64;
                                                                                                                                                                                                                                                        						_t64 =  &(_t64[1]);
                                                                                                                                                                                                                                                        					} while (_t54 != 0);
                                                                                                                                                                                                                                                        					goto L31;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L32:
                                                                                                                                                                                                                                                        				if(getenv("MOZ_SAFE_MODE_RESTART") != 0) {
                                                                                                                                                                                                                                                        					_t22 = _t55 & 0x000000ff;
                                                                                                                                                                                                                                                        					_t55 =  ==  ? _t55 & 0x000000ff : 1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t66 = _t55;
                                                                                                                                                                                                                                                        				_t66[1] = 1;
                                                                                                                                                                                                                                                        				E00BEECB0(_t22, _v20 ^ _t67, _t62);
                                                                                                                                                                                                                                                        				return _t66;
                                                                                                                                                                                                                                                        			}


































                                                                                                                                                                                                                                                        0x00bb5ba0
                                                                                                                                                                                                                                                        0x00bb5ba9
                                                                                                                                                                                                                                                        0x00bb5bae
                                                                                                                                                                                                                                                        0x00bb5bb2
                                                                                                                                                                                                                                                        0x00bb5bb5
                                                                                                                                                                                                                                                        0x00bb5bba
                                                                                                                                                                                                                                                        0x00bb5d86
                                                                                                                                                                                                                                                        0x00bb5d86
                                                                                                                                                                                                                                                        0x00bb5bc0
                                                                                                                                                                                                                                                        0x00bb5bc2
                                                                                                                                                                                                                                                        0x00bb5bc5
                                                                                                                                                                                                                                                        0x00bb5bcf
                                                                                                                                                                                                                                                        0x00bb5be5
                                                                                                                                                                                                                                                        0x00bb5d76
                                                                                                                                                                                                                                                        0x00bb5beb
                                                                                                                                                                                                                                                        0x00bb5beb
                                                                                                                                                                                                                                                        0x00bb5beb
                                                                                                                                                                                                                                                        0x00bb5bee
                                                                                                                                                                                                                                                        0x00bb5bf4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5bf6
                                                                                                                                                                                                                                                        0x00bb5bfa
                                                                                                                                                                                                                                                        0x00bb5c00
                                                                                                                                                                                                                                                        0x00bb5c07
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c09
                                                                                                                                                                                                                                                        0x00bb5c09
                                                                                                                                                                                                                                                        0x00bb5c10
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c12
                                                                                                                                                                                                                                                        0x00bb5c16
                                                                                                                                                                                                                                                        0x00bb5c1c
                                                                                                                                                                                                                                                        0x00bb5c23
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c25
                                                                                                                                                                                                                                                        0x00bb5c25
                                                                                                                                                                                                                                                        0x00bb5c2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c2e
                                                                                                                                                                                                                                                        0x00bb5c32
                                                                                                                                                                                                                                                        0x00bb5c38
                                                                                                                                                                                                                                                        0x00bb5c3f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c41
                                                                                                                                                                                                                                                        0x00bb5c41
                                                                                                                                                                                                                                                        0x00bb5c48
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c4a
                                                                                                                                                                                                                                                        0x00bb5c4e
                                                                                                                                                                                                                                                        0x00bb5c54
                                                                                                                                                                                                                                                        0x00bb5c5b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c61
                                                                                                                                                                                                                                                        0x00bb5c61
                                                                                                                                                                                                                                                        0x00bb5c68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c6e
                                                                                                                                                                                                                                                        0x00bb5c72
                                                                                                                                                                                                                                                        0x00bb5c78
                                                                                                                                                                                                                                                        0x00bb5c7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c85
                                                                                                                                                                                                                                                        0x00bb5c85
                                                                                                                                                                                                                                                        0x00bb5c8c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5c92
                                                                                                                                                                                                                                                        0x00bb5c96
                                                                                                                                                                                                                                                        0x00bb5c9c
                                                                                                                                                                                                                                                        0x00bb5ca3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ca9
                                                                                                                                                                                                                                                        0x00bb5ca9
                                                                                                                                                                                                                                                        0x00bb5cb0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cb6
                                                                                                                                                                                                                                                        0x00bb5cba
                                                                                                                                                                                                                                                        0x00bb5cc0
                                                                                                                                                                                                                                                        0x00bb5cc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5ccd
                                                                                                                                                                                                                                                        0x00bb5ccd
                                                                                                                                                                                                                                                        0x00bb5cd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cda
                                                                                                                                                                                                                                                        0x00bb5cde
                                                                                                                                                                                                                                                        0x00bb5ce4
                                                                                                                                                                                                                                                        0x00bb5ceb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cf1
                                                                                                                                                                                                                                                        0x00bb5cf1
                                                                                                                                                                                                                                                        0x00bb5cf8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5cfe
                                                                                                                                                                                                                                                        0x00bb5d02
                                                                                                                                                                                                                                                        0x00bb5d08
                                                                                                                                                                                                                                                        0x00bb5d0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5d20
                                                                                                                                                                                                                                                        0x00bb5d20
                                                                                                                                                                                                                                                        0x00bb5d23
                                                                                                                                                                                                                                                        0x00bb5d26
                                                                                                                                                                                                                                                        0x00bb5d42
                                                                                                                                                                                                                                                        0x00bb5d4a
                                                                                                                                                                                                                                                        0x00bb5d7e
                                                                                                                                                                                                                                                        0x00bb5d82
                                                                                                                                                                                                                                                        0x00bb5d84
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5d4c
                                                                                                                                                                                                                                                        0x00bb5d4c
                                                                                                                                                                                                                                                        0x00bb5d68
                                                                                                                                                                                                                                                        0x00bb5d70
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5d72
                                                                                                                                                                                                                                                        0x00bb5d72
                                                                                                                                                                                                                                                        0x00bb5d72
                                                                                                                                                                                                                                                        0x00bb5d70
                                                                                                                                                                                                                                                        0x00bb5d4a
                                                                                                                                                                                                                                                        0x00bb5d0f
                                                                                                                                                                                                                                                        0x00bb5cf8
                                                                                                                                                                                                                                                        0x00bb5ceb
                                                                                                                                                                                                                                                        0x00bb5cd4
                                                                                                                                                                                                                                                        0x00bb5cc7
                                                                                                                                                                                                                                                        0x00bb5cb0
                                                                                                                                                                                                                                                        0x00bb5ca3
                                                                                                                                                                                                                                                        0x00bb5c8c
                                                                                                                                                                                                                                                        0x00bb5c7f
                                                                                                                                                                                                                                                        0x00bb5c68
                                                                                                                                                                                                                                                        0x00bb5c5b
                                                                                                                                                                                                                                                        0x00bb5c48
                                                                                                                                                                                                                                                        0x00bb5c3f
                                                                                                                                                                                                                                                        0x00bb5c2c
                                                                                                                                                                                                                                                        0x00bb5c23
                                                                                                                                                                                                                                                        0x00bb5c10
                                                                                                                                                                                                                                                        0x00bb5c07
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5bd1
                                                                                                                                                                                                                                                        0x00bb5bd1
                                                                                                                                                                                                                                                        0x00bb5bd3
                                                                                                                                                                                                                                                        0x00bb5bd6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5bda
                                                                                                                                                                                                                                                        0x00bb5d88
                                                                                                                                                                                                                                                        0x00bb5d98
                                                                                                                                                                                                                                                        0x00bb5db7
                                                                                                                                                                                                                                                        0x00bb5dbf
                                                                                                                                                                                                                                                        0x00bb5dbf
                                                                                                                                                                                                                                                        0x00bb5d9a
                                                                                                                                                                                                                                                        0x00bb5d9c
                                                                                                                                                                                                                                                        0x00bb5da5
                                                                                                                                                                                                                                                        0x00bb5db3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,00BB4F4B), ref: 00BB5BFA
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,00BB4F4B), ref: 00BB5C16
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB4F4B), ref: 00BB5C32
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB4F4B), ref: 00BB5C4E
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5C72
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5C96
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5CBA
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5CDE
                                                                                                                                                                                                                                                        • towlower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,00BB4F4B), ref: 00BB5D02
                                                                                                                                                                                                                                                        • RegGetValueW.ADVAPI32(80000002,SOFTWARE\Policies\Mozilla\Firefox,DisableSafeMode,00000018,00000000,?,?), ref: 00BB5D42
                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_SAFE_MODE_RESTART,?,?,00BB4F4B), ref: 00BB5D8D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: towlower$Valuegetenv
                                                                                                                                                                                                                                                        • String ID: DisableSafeMode$MOZ_SAFE_MODE_RESTART$SOFTWARE\Policies\Mozilla\Firefox
                                                                                                                                                                                                                                                        • API String ID: 242805946-4180355920
                                                                                                                                                                                                                                                        • Opcode ID: eb29dd452935ef142d42cb6df4475c9872f7bdd7a2d925c0a2d434b0e1f1f974
                                                                                                                                                                                                                                                        • Instruction ID: e7bcd8a8839c8bfe9ff77fd7b37499fa9e4a6ab2a443340fbab224c18dab631c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eb29dd452935ef142d42cb6df4475c9872f7bdd7a2d925c0a2d434b0e1f1f974
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E651F3E4A0062557DF305F299C4ABF236E4DB00705F5840E5FD859B1C1DEA8CD96E27B
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BBE810(void* __ecx, signed int _a4, void* _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				void* _v0;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				unsigned int _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				signed short* _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				unsigned int _v58;
                                                                                                                                                                                                                                                        				short _v60;
                                                                                                                                                                                                                                                        				unsigned int _v62;
                                                                                                                                                                                                                                                        				short _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v92;
                                                                                                                                                                                                                                                        				void _v332;
                                                                                                                                                                                                                                                        				long _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t98;
                                                                                                                                                                                                                                                        				unsigned int _t107;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        				long _t112;
                                                                                                                                                                                                                                                        				int _t115;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				void* _t121;
                                                                                                                                                                                                                                                        				void* _t132;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        				intOrPtr _t137;
                                                                                                                                                                                                                                                        				signed short* _t138;
                                                                                                                                                                                                                                                        				signed short* _t143;
                                                                                                                                                                                                                                                        				unsigned int _t144;
                                                                                                                                                                                                                                                        				void* _t156;
                                                                                                                                                                                                                                                        				unsigned int _t158;
                                                                                                                                                                                                                                                        				void* _t160;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				void* _t165;
                                                                                                                                                                                                                                                        				signed int _t168;
                                                                                                                                                                                                                                                        				unsigned int _t169;
                                                                                                                                                                                                                                                        				unsigned int _t171;
                                                                                                                                                                                                                                                        				void* _t172;
                                                                                                                                                                                                                                                        				signed int _t173;
                                                                                                                                                                                                                                                        				void* _t174;
                                                                                                                                                                                                                                                        				signed int _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				void* _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				void* _t182;
                                                                                                                                                                                                                                                        				intOrPtr _t183;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t135 = __ecx;
                                                                                                                                                                                                                                                        				_t182 = _t181 - 0x10;
                                                                                                                                                                                                                                                        				_t161 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t173 = _a4;
                                                                                                                                                                                                                                                        				_t132 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t161 < _t173) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L13;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t175 = _t173 + _t161;
                                                                                                                                                                                                                                                        					_t169 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_v28 = _t161;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					_t119 = _t175 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t119 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t132 = 0x7ffffffe;
                                                                                                                                                                                                                                                        						_t158 = _t169 >> 1;
                                                                                                                                                                                                                                                        						_t160 =  >=  ? _t119 : _t158 + _t169;
                                                                                                                                                                                                                                                        						if(_t169 <= 0x7ffffffe - _t158) {
                                                                                                                                                                                                                                                        							_t132 = _t160;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v32 = _t169;
                                                                                                                                                                                                                                                        					_t7 = _t132 + 1; // 0x7fffffff
                                                                                                                                                                                                                                                        					_t133 = _v20;
                                                                                                                                                                                                                                                        					_t121 = E00BBA8A0(_t7);
                                                                                                                                                                                                                                                        					 *(_t133 + 0x10) = _t175;
                                                                                                                                                                                                                                                        					 *(_t133 + 0x14) = _t132;
                                                                                                                                                                                                                                                        					_t171 = _v32;
                                                                                                                                                                                                                                                        					if(_t171 < 8) {
                                                                                                                                                                                                                                                        						_t176 = _v28;
                                                                                                                                                                                                                                                        						_t172 = _t133;
                                                                                                                                                                                                                                                        						_t134 = _t121;
                                                                                                                                                                                                                                                        						memcpy(_t121, _t133, _t176 + _t176);
                                                                                                                                                                                                                                                        						memcpy(_t134 + _t176 * 2, _a12, _a16 + _a16);
                                                                                                                                                                                                                                                        						 *((short*)(_t134 + (_t176 + _a16) * 2)) = 0;
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t178 = _v28;
                                                                                                                                                                                                                                                        						_t165 =  *_t133;
                                                                                                                                                                                                                                                        						_v24 = _t165;
                                                                                                                                                                                                                                                        						_t132 = _t121;
                                                                                                                                                                                                                                                        						memcpy(_t121, _t165, _t178 + _t178);
                                                                                                                                                                                                                                                        						memcpy(_t132 + _t178 * 2, _a12, _a16 + _a16);
                                                                                                                                                                                                                                                        						_t182 = _t182 + 0x18;
                                                                                                                                                                                                                                                        						_t173 = _t178 + _a16;
                                                                                                                                                                                                                                                        						_t168 = _t171 + 1;
                                                                                                                                                                                                                                                        						 *((short*)(_t132 + _t173 * 2)) = 0;
                                                                                                                                                                                                                                                        						if((_t168 & 0x7ffff800) != 0) {
                                                                                                                                                                                                                                                        							_t156 = _v24;
                                                                                                                                                                                                                                                        							_t135 =  *(_t156 - 4);
                                                                                                                                                                                                                                                        							if(_t156 + 0xfffffffc - _t135 >= 0x20) {
                                                                                                                                                                                                                                                        								L13:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t180 = _t182;
                                                                                                                                                                                                                                                        								_t183 = _t182 - 0x138;
                                                                                                                                                                                                                                                        								_v68 = _t183;
                                                                                                                                                                                                                                                        								_v48 = 0xffffffff;
                                                                                                                                                                                                                                                        								_v52 = 0xbf9620;
                                                                                                                                                                                                                                                        								_v56 = 0xbef860;
                                                                                                                                                                                                                                                        								_t174 = _t135;
                                                                                                                                                                                                                                                        								_v60 =  *[fs:0x0];
                                                                                                                                                                                                                                                        								_t137 = _t174 + 4;
                                                                                                                                                                                                                                                        								 *[fs:0x0] =  &_v60;
                                                                                                                                                                                                                                                        								_v92 = _t137;
                                                                                                                                                                                                                                                        								__imp__AcquireSRWLockExclusive(_t137, _t173, _t168, _t132, _t179);
                                                                                                                                                                                                                                                        								_t138 =  *_t174;
                                                                                                                                                                                                                                                        								if(_t138 != 0) {
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_v52 = _t138;
                                                                                                                                                                                                                                                        										_v24 = 0;
                                                                                                                                                                                                                                                        										_t97 = WideCharToMultiByte(0xfde9, 0, _t138[2], ( *_t138 & 0x0000ffff) >> 1,  &_v332, 0x104, 0, 0);
                                                                                                                                                                                                                                                        										if(_t97 == 0 || WriteFile(_v0,  &_v332, _t97,  &_v48, 0) == 0) {
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											if((_v52[4] & _v52[6]) == 0xffffffff) {
                                                                                                                                                                                                                                                        												L17:
                                                                                                                                                                                                                                                        												_v24 = 0;
                                                                                                                                                                                                                                                        												WriteFile(_v0, 0xbf361f, 1,  &_v48, 0);
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												WriteFile(_v0, 0xbf3c66, 1,  &_v48, 0);
                                                                                                                                                                                                                                                        												_t143 = _v52;
                                                                                                                                                                                                                                                        												_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        												_v56 = 0;
                                                                                                                                                                                                                                                        												_t107 =  *(_t143 + 8);
                                                                                                                                                                                                                                                        												_t144 =  *(_t143 + 0xc);
                                                                                                                                                                                                                                                        												_v64 = _t144 >> 0x10;
                                                                                                                                                                                                                                                        												_v62 = _t144;
                                                                                                                                                                                                                                                        												_v60 = _t107 >> 0x10;
                                                                                                                                                                                                                                                        												_v58 = _t107;
                                                                                                                                                                                                                                                        												E00BBEB70(_t107);
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													_t109 = _v56;
                                                                                                                                                                                                                                                        													if(_t109 >= 4) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v24 = 0;
                                                                                                                                                                                                                                                        													__imp___ltoa( *(_t180 + _t109 * 2 - 0x38) & 0x0000ffff,  &_v332, 0xa);
                                                                                                                                                                                                                                                        													_t112 = strlen( &_v332);
                                                                                                                                                                                                                                                        													_t183 = _t183 + 0x10;
                                                                                                                                                                                                                                                        													_t115 = E00BBEB70(WriteFile(_v0,  &_v332, _t112,  &_v48, 0));
                                                                                                                                                                                                                                                        													if(_v56 != 3) {
                                                                                                                                                                                                                                                        														_t115 = WriteFile(_v0, 0xbf3c64, 1,  &_v48, 0);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v56 = _v56 + 1;
                                                                                                                                                                                                                                                        													E00BBEB70(_t115);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        												goto L17;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        										L18:
                                                                                                                                                                                                                                                        										_t138 = _v52[8];
                                                                                                                                                                                                                                                        									} while (_t138 != 0);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L27:
                                                                                                                                                                                                                                                        								_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        								__imp__ReleaseSRWLockExclusive(_v68);
                                                                                                                                                                                                                                                        								_t98 = _v36;
                                                                                                                                                                                                                                                        								 *[fs:0x0] = _t98;
                                                                                                                                                                                                                                                        								return _t98;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t172 = _v20;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t172 = _v20;
                                                                                                                                                                                                                                                        							_t135 = _v24;
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							free(_t135);
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							 *_t172 = _t134;
                                                                                                                                                                                                                                                        							return _t172;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L28:
                                                                                                                                                                                                                                                        			}





















































                                                                                                                                                                                                                                                        0x00bbe810
                                                                                                                                                                                                                                                        0x00bbe816
                                                                                                                                                                                                                                                        0x00bbe819
                                                                                                                                                                                                                                                        0x00bbe81c
                                                                                                                                                                                                                                                        0x00bbe824
                                                                                                                                                                                                                                                        0x00bbe82d
                                                                                                                                                                                                                                                        0x00bbe931
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe833
                                                                                                                                                                                                                                                        0x00bbe833
                                                                                                                                                                                                                                                        0x00bbe835
                                                                                                                                                                                                                                                        0x00bbe838
                                                                                                                                                                                                                                                        0x00bbe83b
                                                                                                                                                                                                                                                        0x00bbe840
                                                                                                                                                                                                                                                        0x00bbe848
                                                                                                                                                                                                                                                        0x00bbe851
                                                                                                                                                                                                                                                        0x00bbe856
                                                                                                                                                                                                                                                        0x00bbe85e
                                                                                                                                                                                                                                                        0x00bbe863
                                                                                                                                                                                                                                                        0x00bbe865
                                                                                                                                                                                                                                                        0x00bbe865
                                                                                                                                                                                                                                                        0x00bbe863
                                                                                                                                                                                                                                                        0x00bbe867
                                                                                                                                                                                                                                                        0x00bbe86c
                                                                                                                                                                                                                                                        0x00bbe86f
                                                                                                                                                                                                                                                        0x00bbe875
                                                                                                                                                                                                                                                        0x00bbe87a
                                                                                                                                                                                                                                                        0x00bbe87d
                                                                                                                                                                                                                                                        0x00bbe880
                                                                                                                                                                                                                                                        0x00bbe886
                                                                                                                                                                                                                                                        0x00bbe8e5
                                                                                                                                                                                                                                                        0x00bbe8ee
                                                                                                                                                                                                                                                        0x00bbe8f0
                                                                                                                                                                                                                                                        0x00bbe8f2
                                                                                                                                                                                                                                                        0x00bbe907
                                                                                                                                                                                                                                                        0x00bbe912
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe888
                                                                                                                                                                                                                                                        0x00bbe888
                                                                                                                                                                                                                                                        0x00bbe88b
                                                                                                                                                                                                                                                        0x00bbe891
                                                                                                                                                                                                                                                        0x00bbe896
                                                                                                                                                                                                                                                        0x00bbe898
                                                                                                                                                                                                                                                        0x00bbe8ad
                                                                                                                                                                                                                                                        0x00bbe8b2
                                                                                                                                                                                                                                                        0x00bbe8b5
                                                                                                                                                                                                                                                        0x00bbe8b8
                                                                                                                                                                                                                                                        0x00bbe8bf
                                                                                                                                                                                                                                                        0x00bbe8c5
                                                                                                                                                                                                                                                        0x00bbe91a
                                                                                                                                                                                                                                                        0x00bbe91f
                                                                                                                                                                                                                                                        0x00bbe92a
                                                                                                                                                                                                                                                        0x00bbe936
                                                                                                                                                                                                                                                        0x00bbe936
                                                                                                                                                                                                                                                        0x00bbe93c
                                                                                                                                                                                                                                                        0x00bbe93d
                                                                                                                                                                                                                                                        0x00bbe93e
                                                                                                                                                                                                                                                        0x00bbe93f
                                                                                                                                                                                                                                                        0x00bbe941
                                                                                                                                                                                                                                                        0x00bbe946
                                                                                                                                                                                                                                                        0x00bbe94c
                                                                                                                                                                                                                                                        0x00bbe94f
                                                                                                                                                                                                                                                        0x00bbe956
                                                                                                                                                                                                                                                        0x00bbe95d
                                                                                                                                                                                                                                                        0x00bbe964
                                                                                                                                                                                                                                                        0x00bbe970
                                                                                                                                                                                                                                                        0x00bbe973
                                                                                                                                                                                                                                                        0x00bbe976
                                                                                                                                                                                                                                                        0x00bbe97c
                                                                                                                                                                                                                                                        0x00bbe980
                                                                                                                                                                                                                                                        0x00bbe986
                                                                                                                                                                                                                                                        0x00bbe98a
                                                                                                                                                                                                                                                        0x00bbe9d2
                                                                                                                                                                                                                                                        0x00bbe9d5
                                                                                                                                                                                                                                                        0x00bbe9db
                                                                                                                                                                                                                                                        0x00bbe9fd
                                                                                                                                                                                                                                                        0x00bbea05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea22
                                                                                                                                                                                                                                                        0x00bbea2e
                                                                                                                                                                                                                                                        0x00bbe9a7
                                                                                                                                                                                                                                                        0x00bbe9a7
                                                                                                                                                                                                                                                        0x00bbe9be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea34
                                                                                                                                                                                                                                                        0x00bbea44
                                                                                                                                                                                                                                                        0x00bbea4a
                                                                                                                                                                                                                                                        0x00bbea4d
                                                                                                                                                                                                                                                        0x00bbea54
                                                                                                                                                                                                                                                        0x00bbea5b
                                                                                                                                                                                                                                                        0x00bbea5e
                                                                                                                                                                                                                                                        0x00bbea66
                                                                                                                                                                                                                                                        0x00bbea6a
                                                                                                                                                                                                                                                        0x00bbea73
                                                                                                                                                                                                                                                        0x00bbea77
                                                                                                                                                                                                                                                        0x00bbea7b
                                                                                                                                                                                                                                                        0x00bbea98
                                                                                                                                                                                                                                                        0x00bbea98
                                                                                                                                                                                                                                                        0x00bbea9e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbeaa9
                                                                                                                                                                                                                                                        0x00bbeaba
                                                                                                                                                                                                                                                        0x00bbeaca
                                                                                                                                                                                                                                                        0x00bbeacf
                                                                                                                                                                                                                                                        0x00bbeae9
                                                                                                                                                                                                                                                        0x00bbeaf2
                                                                                                                                                                                                                                                        0x00bbeb04
                                                                                                                                                                                                                                                        0x00bbeb04
                                                                                                                                                                                                                                                        0x00bbea90
                                                                                                                                                                                                                                                        0x00bbea93
                                                                                                                                                                                                                                                        0x00bbea93
                                                                                                                                                                                                                                                        0x00bbe9a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe9a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbea2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe9c4
                                                                                                                                                                                                                                                        0x00bbe9c7
                                                                                                                                                                                                                                                        0x00bbe9ca
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe98c
                                                                                                                                                                                                                                                        0x00bbeb12
                                                                                                                                                                                                                                                        0x00bbeb12
                                                                                                                                                                                                                                                        0x00bbeb1c
                                                                                                                                                                                                                                                        0x00bbeb22
                                                                                                                                                                                                                                                        0x00bbeb25
                                                                                                                                                                                                                                                        0x00bbeb35
                                                                                                                                                                                                                                                        0x00bbe92c
                                                                                                                                                                                                                                                        0x00bbe92c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe92c
                                                                                                                                                                                                                                                        0x00bbe8c7
                                                                                                                                                                                                                                                        0x00bbe8c7
                                                                                                                                                                                                                                                        0x00bbe8ca
                                                                                                                                                                                                                                                        0x00bbe8cd
                                                                                                                                                                                                                                                        0x00bbe8ce
                                                                                                                                                                                                                                                        0x00bbe8d7
                                                                                                                                                                                                                                                        0x00bbe8d7
                                                                                                                                                                                                                                                        0x00bbe8e2
                                                                                                                                                                                                                                                        0x00bbe8e2
                                                                                                                                                                                                                                                        0x00bbe8c5
                                                                                                                                                                                                                                                        0x00bbe886
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE898
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,7FFFFFFF,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE8AD
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,7FFFFFFF,?,?,?,00BB742F), ref: 00BBE8CE
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE8F2
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,7FFFFFFF,?,?,7FFFFFFF,?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE907
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,00BB742F,?,?,?,?,?,?), ref: 00BBE936
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(?), ref: 00BBE980
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BBEB1C
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$ExclusiveLock$AcquireRelease_invalid_parameter_noinfo_noreturnfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1625097667-0
                                                                                                                                                                                                                                                        • Opcode ID: 4a9e890df65dd2d6399f39f5c19ee4863f2f1435097a8fcbfb25804cfe96463b
                                                                                                                                                                                                                                                        • Instruction ID: 7230894f6e306eb275dcfb2eddb168ed8fff45f0a40517ba9d0fea20fa38a25e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4a9e890df65dd2d6399f39f5c19ee4863f2f1435097a8fcbfb25804cfe96463b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4491BF71A00209ABDB14CF94DC85BFEB7B9FF44310F104669F926A72A0DBB1D945CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(00BB1447,browser,?,00BB1447,?), ref: 00BB1A33
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(0000002D,?,?,?,00BB1447,?), ref: 00BB1A49
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BB1447,?), ref: 00BB1A5F
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00BB1447,?), ref: 00BB1A75
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1A8B
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1ADE
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1AFC
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1B1A
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1B38
                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,00BB1447,?), ref: 00BB1B56
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: tolower
                                                                                                                                                                                                                                                        • String ID: browser
                                                                                                                                                                                                                                                        • API String ID: 3025214199-3658682170
                                                                                                                                                                                                                                                        • Opcode ID: e240a6de989f1abd2550bd97a851a2a839820f78a2b5f69bb5cd5a581b819341
                                                                                                                                                                                                                                                        • Instruction ID: bced11c54c0ac7e22f555f4f3d3d8e318411d66858ca5f8a2ed26ade39799a05
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e240a6de989f1abd2550bd97a851a2a839820f78a2b5f69bb5cd5a581b819341
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4671E570A882495FDF208B3C98646FBBFE5DF02304F8848E9D8959B202D775ED12C755
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 85%
                                                                                                                                                                                                                                                        			E00BE1360(intOrPtr* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				long _v104;
                                                                                                                                                                                                                                                        				int _v108;
                                                                                                                                                                                                                                                        				signed int _v112;
                                                                                                                                                                                                                                                        				intOrPtr* _v116;
                                                                                                                                                                                                                                                        				int _v120;
                                                                                                                                                                                                                                                        				signed int _v124;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				void* _t114;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        				signed int _t117;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				intOrPtr _t122;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				intOrPtr _t125;
                                                                                                                                                                                                                                                        				intOrPtr _t126;
                                                                                                                                                                                                                                                        				intOrPtr _t131;
                                                                                                                                                                                                                                                        				signed int _t133;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				intOrPtr _t135;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				signed int _t145;
                                                                                                                                                                                                                                                        				signed int _t153;
                                                                                                                                                                                                                                                        				int* _t154;
                                                                                                                                                                                                                                                        				signed int _t159;
                                                                                                                                                                                                                                                        				signed int _t161;
                                                                                                                                                                                                                                                        				signed int _t163;
                                                                                                                                                                                                                                                        				void* _t170;
                                                                                                                                                                                                                                                        				signed int _t174;
                                                                                                                                                                                                                                                        				intOrPtr* _t178;
                                                                                                                                                                                                                                                        				intOrPtr _t179;
                                                                                                                                                                                                                                                        				signed int _t181;
                                                                                                                                                                                                                                                        				signed int _t182;
                                                                                                                                                                                                                                                        				signed int _t183;
                                                                                                                                                                                                                                                        				signed int _t187;
                                                                                                                                                                                                                                                        				signed int _t188;
                                                                                                                                                                                                                                                        				intOrPtr* _t190;
                                                                                                                                                                                                                                                        				void* _t192;
                                                                                                                                                                                                                                                        				void* _t193;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				void* _t196;
                                                                                                                                                                                                                                                        				void* _t197;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t92 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t93 = _t92 ^ _t195;
                                                                                                                                                                                                                                                        				_v20 = _t92 ^ _t195;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t183 = 0x3f0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t178 = __ecx;
                                                                                                                                                                                                                                                        					_t131 =  *((intOrPtr*)(__ecx + 0x1c));
                                                                                                                                                                                                                                                        					_t184 =  *((intOrPtr*)(__ecx + 0x18));
                                                                                                                                                                                                                                                        					_v116 = __ecx;
                                                                                                                                                                                                                                                        					_t163 =  *((intOrPtr*)(__ecx + 4)) -  *__ecx;
                                                                                                                                                                                                                                                        					_t97 = _t131 - _t184;
                                                                                                                                                                                                                                                        					_t145 = (_t97 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        					_v104 = _t163;
                                                                                                                                                                                                                                                        					_v100 = _t145;
                                                                                                                                                                                                                                                        					_v112 = _t163 >> 2;
                                                                                                                                                                                                                                                        					_v108 =  *((intOrPtr*)(__ecx + 0x10)) -  *((intOrPtr*)(__ecx + 0xc));
                                                                                                                                                                                                                                                        					_t161 = 0;
                                                                                                                                                                                                                                                        					if(_t97 == 0) {
                                                                                                                                                                                                                                                        						_v120 = 0;
                                                                                                                                                                                                                                                        						_t98 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t124 = _t145 * 8;
                                                                                                                                                                                                                                                        						_t177 =  >=  ? _t124 : 0xffffffff;
                                                                                                                                                                                                                                                        						_push( >=  ? _t124 : 0xffffffff);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t196 = _t196 + 4;
                                                                                                                                                                                                                                                        						_t159 = _t124;
                                                                                                                                                                                                                                                        						_v120 = _t124;
                                                                                                                                                                                                                                                        						if(_t131 != _t184) {
                                                                                                                                                                                                                                                        							_t139 = 0;
                                                                                                                                                                                                                                                        							_t182 = 0;
                                                                                                                                                                                                                                                        							asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t159 + 4 + _t182 * 8)) = 0x10;
                                                                                                                                                                                                                                                        								_t125 = E00BE7750(_t184 + _t139);
                                                                                                                                                                                                                                                        								_t159 = _v120;
                                                                                                                                                                                                                                                        								_t139 = _t139 + 0x44;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t159 + _t182 * 8)) = _t125;
                                                                                                                                                                                                                                                        								_t126 = _v116;
                                                                                                                                                                                                                                                        								_t182 = _t182 + 1;
                                                                                                                                                                                                                                                        								_t184 =  *((intOrPtr*)(_t126 + 0x18));
                                                                                                                                                                                                                                                        							} while (_t182 < ( *((intOrPtr*)(_t126 + 0x1c)) -  *((intOrPtr*)(_t126 + 0x18)) >> 2) * 0xf0f0f0f1);
                                                                                                                                                                                                                                                        							_t178 = _v116;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t98 = _t159;
                                                                                                                                                                                                                                                        						_t145 = _v100;
                                                                                                                                                                                                                                                        						_t161 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v124 = _t98;
                                                                                                                                                                                                                                                        					_t133 = _v112 * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        					_v104 = _t133;
                                                                                                                                                                                                                                                        					if(_v104 != 0) {
                                                                                                                                                                                                                                                        						_t120 = _t133 * 8;
                                                                                                                                                                                                                                                        						_t173 =  >=  ? _t120 : 0xffffffff;
                                                                                                                                                                                                                                                        						_t193 = 0;
                                                                                                                                                                                                                                                        						_push( >=  ? _t120 : 0xffffffff);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t196 = _t196 + 4;
                                                                                                                                                                                                                                                        						_t174 = _t120;
                                                                                                                                                                                                                                                        						_t181 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							 *(_t174 + 4 + _t181 * 8) = 0;
                                                                                                                                                                                                                                                        							_t122 = E00BE7750( *_v116 + _t193);
                                                                                                                                                                                                                                                        							_t133 = _v104;
                                                                                                                                                                                                                                                        							_t193 = _t193 + 0x44;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t174 + _t181 * 8)) = _t122;
                                                                                                                                                                                                                                                        							_t181 = _t181 + 1;
                                                                                                                                                                                                                                                        						} while (_t181 < _t133);
                                                                                                                                                                                                                                                        						_t178 = _v116;
                                                                                                                                                                                                                                                        						_t145 = _v100;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t99 = _v108;
                                                                                                                                                                                                                                                        					_t187 = _t99 >> 3;
                                                                                                                                                                                                                                                        					if(_t99 == 0) {
                                                                                                                                                                                                                                                        						_v108 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t137 = _t161;
                                                                                                                                                                                                                                                        						_t117 = _t187 * 0xc;
                                                                                                                                                                                                                                                        						_t169 =  >=  ? _t117 : 0xffffffff;
                                                                                                                                                                                                                                                        						_push( >=  ? _t117 : 0xffffffff);
                                                                                                                                                                                                                                                        						L00BEF6CC();
                                                                                                                                                                                                                                                        						_t196 = _t196 + 4;
                                                                                                                                                                                                                                                        						_t153 = _t117;
                                                                                                                                                                                                                                                        						_t170 = 0;
                                                                                                                                                                                                                                                        						_v108 = _t153;
                                                                                                                                                                                                                                                        						_t154 = _t153 + 8;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							 *_t154 = 0;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax+edx*8]");
                                                                                                                                                                                                                                                        							_t170 = _t170 + 1;
                                                                                                                                                                                                                                                        							asm("movsd [ecx-0x8], xmm0");
                                                                                                                                                                                                                                                        							_t154 =  &(_t154[3]);
                                                                                                                                                                                                                                                        						} while (_t170 < _t187);
                                                                                                                                                                                                                                                        						_t161 = _t137;
                                                                                                                                                                                                                                                        						_t145 = _v100;
                                                                                                                                                                                                                                                        						_t133 = _v104;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					_v112 = _t161;
                                                                                                                                                                                                                                                        					_t103 =  *(_t178 + 0x30);
                                                                                                                                                                                                                                                        					if((_t133 | _t145 | _t187) == 0) {
                                                                                                                                                                                                                                                        						_t103 = DuplicateTokenEx(_t103, 0xf01ff, 0, 1, 1,  &_v92);
                                                                                                                                                                                                                                                        						_t188 = _v124;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t188 = _v124;
                                                                                                                                                                                                                                                        						__imp__CreateRestrictedToken(_t103, 0, _v100, _t188, _t187, _v108, _t133, _t161,  &_v92);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v100 = _t103;
                                                                                                                                                                                                                                                        					_v104 = GetLastError();
                                                                                                                                                                                                                                                        					if(_t188 != 0) {
                                                                                                                                                                                                                                                        						_push(_v120);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t196 = _t196 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t134 = _v112;
                                                                                                                                                                                                                                                        					if(_t134 != 0) {
                                                                                                                                                                                                                                                        						_push(_t134);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t196 = _t196 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t93 = _v108;
                                                                                                                                                                                                                                                        					_t183 = _v104;
                                                                                                                                                                                                                                                        					if(_t93 != 0) {
                                                                                                                                                                                                                                                        						_push(_t93);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						_t196 = _t196 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_v100 != 0) {
                                                                                                                                                                                                                                                        						_v96 = 0;
                                                                                                                                                                                                                                                        						E00BC5200(_v92,  &_v96, _v92);
                                                                                                                                                                                                                                                        						if( *((char*)(_t178 + 0x39)) == 0) {
                                                                                                                                                                                                                                                        							E00BE71D0( &_v88, 0x12);
                                                                                                                                                                                                                                                        							_t108 = E00BCBE80(_t161, _v96,  &_v88, 1, 0x10000000);
                                                                                                                                                                                                                                                        							_t197 = _t196 + 0x10;
                                                                                                                                                                                                                                                        							if(_t108 != 0) {
                                                                                                                                                                                                                                                        								goto L31;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L38;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t115 = E00BCBF70(_t161, _v96);
                                                                                                                                                                                                                                                        							_t197 = _t196 + 4;
                                                                                                                                                                                                                                                        							if(_t115 == 0) {
                                                                                                                                                                                                                                                        								L38:
                                                                                                                                                                                                                                                        								_t183 = GetLastError();
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L31:
                                                                                                                                                                                                                                                        								_t190 =  *((intOrPtr*)(_t178 + 0x24));
                                                                                                                                                                                                                                                        								_t135 = _t178;
                                                                                                                                                                                                                                                        								_t179 =  *((intOrPtr*)(_t178 + 0x28));
                                                                                                                                                                                                                                                        								if(_t190 == _t179) {
                                                                                                                                                                                                                                                        									L35:
                                                                                                                                                                                                                                                        									if(E00BCC020(_t161, _v96, 0x10000000) == 0) {
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t110 = E00BE2D90(_v96,  *((intOrPtr*)(_t135 + 0x34)));
                                                                                                                                                                                                                                                        										_t183 = _t110;
                                                                                                                                                                                                                                                        										if(_t110 == 0) {
                                                                                                                                                                                                                                                        											_t111 = GetCurrentProcess();
                                                                                                                                                                                                                                                        											if(DuplicateHandle(GetCurrentProcess(), _v96, _t111,  &_v88, 0xf01ff, 0, 0) != 0) {
                                                                                                                                                                                                                                                        												_t110 = E00BC5200(_t113, _a4, _v88);
                                                                                                                                                                                                                                                        												_t183 = 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L38;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        									while(1) {
                                                                                                                                                                                                                                                        										_t192 = _t190 + 8;
                                                                                                                                                                                                                                                        										_t114 = E00BCBE80(_t161, _v96, _t192,  *((intOrPtr*)(_t190 + 4)),  *_t190);
                                                                                                                                                                                                                                                        										_t197 = _t197 + 0x10;
                                                                                                                                                                                                                                                        										if(_t114 == 0) {
                                                                                                                                                                                                                                                        											goto L38;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t190 = _t192 + 0x44;
                                                                                                                                                                                                                                                        										if(_t190 != _t179) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L35;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L39;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L38;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L39:
                                                                                                                                                                                                                                                        						_t93 = E00BC51B0(_t110,  &_v96);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t93, _v20 ^ _t195, _t161);
                                                                                                                                                                                                                                                        				return _t183;
                                                                                                                                                                                                                                                        			}
























































                                                                                                                                                                                                                                                        0x00be1369
                                                                                                                                                                                                                                                        0x00be136e
                                                                                                                                                                                                                                                        0x00be1370
                                                                                                                                                                                                                                                        0x00be1377
                                                                                                                                                                                                                                                        0x00be158d
                                                                                                                                                                                                                                                        0x00be137d
                                                                                                                                                                                                                                                        0x00be137d
                                                                                                                                                                                                                                                        0x00be137f
                                                                                                                                                                                                                                                        0x00be1382
                                                                                                                                                                                                                                                        0x00be1388
                                                                                                                                                                                                                                                        0x00be138d
                                                                                                                                                                                                                                                        0x00be138f
                                                                                                                                                                                                                                                        0x00be1396
                                                                                                                                                                                                                                                        0x00be139c
                                                                                                                                                                                                                                                        0x00be13a2
                                                                                                                                                                                                                                                        0x00be13a5
                                                                                                                                                                                                                                                        0x00be13ae
                                                                                                                                                                                                                                                        0x00be13b1
                                                                                                                                                                                                                                                        0x00be13b5
                                                                                                                                                                                                                                                        0x00be1594
                                                                                                                                                                                                                                                        0x00be159b
                                                                                                                                                                                                                                                        0x00be13bb
                                                                                                                                                                                                                                                        0x00be13c2
                                                                                                                                                                                                                                                        0x00be13c9
                                                                                                                                                                                                                                                        0x00be13cc
                                                                                                                                                                                                                                                        0x00be13cd
                                                                                                                                                                                                                                                        0x00be13d2
                                                                                                                                                                                                                                                        0x00be13d5
                                                                                                                                                                                                                                                        0x00be13d9
                                                                                                                                                                                                                                                        0x00be13dc
                                                                                                                                                                                                                                                        0x00be13de
                                                                                                                                                                                                                                                        0x00be13e0
                                                                                                                                                                                                                                                        0x00be13e2
                                                                                                                                                                                                                                                        0x00be13f0
                                                                                                                                                                                                                                                        0x00be13f2
                                                                                                                                                                                                                                                        0x00be13fc
                                                                                                                                                                                                                                                        0x00be1401
                                                                                                                                                                                                                                                        0x00be1404
                                                                                                                                                                                                                                                        0x00be1407
                                                                                                                                                                                                                                                        0x00be140a
                                                                                                                                                                                                                                                        0x00be140d
                                                                                                                                                                                                                                                        0x00be140e
                                                                                                                                                                                                                                                        0x00be141f
                                                                                                                                                                                                                                                        0x00be1423
                                                                                                                                                                                                                                                        0x00be1423
                                                                                                                                                                                                                                                        0x00be1426
                                                                                                                                                                                                                                                        0x00be1428
                                                                                                                                                                                                                                                        0x00be142b
                                                                                                                                                                                                                                                        0x00be142b
                                                                                                                                                                                                                                                        0x00be1433
                                                                                                                                                                                                                                                        0x00be1436
                                                                                                                                                                                                                                                        0x00be143e
                                                                                                                                                                                                                                                        0x00be1441
                                                                                                                                                                                                                                                        0x00be144a
                                                                                                                                                                                                                                                        0x00be1451
                                                                                                                                                                                                                                                        0x00be1454
                                                                                                                                                                                                                                                        0x00be1456
                                                                                                                                                                                                                                                        0x00be1457
                                                                                                                                                                                                                                                        0x00be145c
                                                                                                                                                                                                                                                        0x00be145f
                                                                                                                                                                                                                                                        0x00be1461
                                                                                                                                                                                                                                                        0x00be1463
                                                                                                                                                                                                                                                        0x00be1470
                                                                                                                                                                                                                                                        0x00be1473
                                                                                                                                                                                                                                                        0x00be1481
                                                                                                                                                                                                                                                        0x00be1488
                                                                                                                                                                                                                                                        0x00be148b
                                                                                                                                                                                                                                                        0x00be148e
                                                                                                                                                                                                                                                        0x00be1491
                                                                                                                                                                                                                                                        0x00be1492
                                                                                                                                                                                                                                                        0x00be1496
                                                                                                                                                                                                                                                        0x00be1499
                                                                                                                                                                                                                                                        0x00be1499
                                                                                                                                                                                                                                                        0x00be149c
                                                                                                                                                                                                                                                        0x00be14a1
                                                                                                                                                                                                                                                        0x00be14a6
                                                                                                                                                                                                                                                        0x00be15a2
                                                                                                                                                                                                                                                        0x00be14ac
                                                                                                                                                                                                                                                        0x00be14b3
                                                                                                                                                                                                                                                        0x00be14b5
                                                                                                                                                                                                                                                        0x00be14bc
                                                                                                                                                                                                                                                        0x00be14bf
                                                                                                                                                                                                                                                        0x00be14c0
                                                                                                                                                                                                                                                        0x00be14c5
                                                                                                                                                                                                                                                        0x00be14c8
                                                                                                                                                                                                                                                        0x00be14cd
                                                                                                                                                                                                                                                        0x00be14cf
                                                                                                                                                                                                                                                        0x00be14d2
                                                                                                                                                                                                                                                        0x00be14d5
                                                                                                                                                                                                                                                        0x00be14e0
                                                                                                                                                                                                                                                        0x00be14e0
                                                                                                                                                                                                                                                        0x00be14e6
                                                                                                                                                                                                                                                        0x00be14eb
                                                                                                                                                                                                                                                        0x00be14ec
                                                                                                                                                                                                                                                        0x00be14f1
                                                                                                                                                                                                                                                        0x00be14f4
                                                                                                                                                                                                                                                        0x00be14f8
                                                                                                                                                                                                                                                        0x00be14fa
                                                                                                                                                                                                                                                        0x00be14fd
                                                                                                                                                                                                                                                        0x00be14fd
                                                                                                                                                                                                                                                        0x00be1502
                                                                                                                                                                                                                                                        0x00be1509
                                                                                                                                                                                                                                                        0x00be1513
                                                                                                                                                                                                                                                        0x00be1516
                                                                                                                                                                                                                                                        0x00be15bb
                                                                                                                                                                                                                                                        0x00be15c1
                                                                                                                                                                                                                                                        0x00be151c
                                                                                                                                                                                                                                                        0x00be1523
                                                                                                                                                                                                                                                        0x00be152d
                                                                                                                                                                                                                                                        0x00be152d
                                                                                                                                                                                                                                                        0x00be1533
                                                                                                                                                                                                                                                        0x00be153e
                                                                                                                                                                                                                                                        0x00be1541
                                                                                                                                                                                                                                                        0x00be1543
                                                                                                                                                                                                                                                        0x00be1546
                                                                                                                                                                                                                                                        0x00be154b
                                                                                                                                                                                                                                                        0x00be154b
                                                                                                                                                                                                                                                        0x00be154e
                                                                                                                                                                                                                                                        0x00be1553
                                                                                                                                                                                                                                                        0x00be1555
                                                                                                                                                                                                                                                        0x00be1556
                                                                                                                                                                                                                                                        0x00be155b
                                                                                                                                                                                                                                                        0x00be155b
                                                                                                                                                                                                                                                        0x00be155e
                                                                                                                                                                                                                                                        0x00be1561
                                                                                                                                                                                                                                                        0x00be1566
                                                                                                                                                                                                                                                        0x00be1568
                                                                                                                                                                                                                                                        0x00be1569
                                                                                                                                                                                                                                                        0x00be156e
                                                                                                                                                                                                                                                        0x00be156e
                                                                                                                                                                                                                                                        0x00be1575
                                                                                                                                                                                                                                                        0x00be15cc
                                                                                                                                                                                                                                                        0x00be15d7
                                                                                                                                                                                                                                                        0x00be15e0
                                                                                                                                                                                                                                                        0x00be169c
                                                                                                                                                                                                                                                        0x00be16ac
                                                                                                                                                                                                                                                        0x00be16b1
                                                                                                                                                                                                                                                        0x00be16b6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be16bc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be16bc
                                                                                                                                                                                                                                                        0x00be15e6
                                                                                                                                                                                                                                                        0x00be15e9
                                                                                                                                                                                                                                                        0x00be15ee
                                                                                                                                                                                                                                                        0x00be15f3
                                                                                                                                                                                                                                                        0x00be1680
                                                                                                                                                                                                                                                        0x00be1686
                                                                                                                                                                                                                                                        0x00be15f9
                                                                                                                                                                                                                                                        0x00be15f9
                                                                                                                                                                                                                                                        0x00be15f9
                                                                                                                                                                                                                                                        0x00be15fc
                                                                                                                                                                                                                                                        0x00be15fe
                                                                                                                                                                                                                                                        0x00be1603
                                                                                                                                                                                                                                                        0x00be162f
                                                                                                                                                                                                                                                        0x00be1641
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1643
                                                                                                                                                                                                                                                        0x00be1649
                                                                                                                                                                                                                                                        0x00be1651
                                                                                                                                                                                                                                                        0x00be1655
                                                                                                                                                                                                                                                        0x00be165d
                                                                                                                                                                                                                                                        0x00be167e
                                                                                                                                                                                                                                                        0x00be16c4
                                                                                                                                                                                                                                                        0x00be16c9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be167e
                                                                                                                                                                                                                                                        0x00be1655
                                                                                                                                                                                                                                                        0x00be1605
                                                                                                                                                                                                                                                        0x00be1605
                                                                                                                                                                                                                                                        0x00be1610
                                                                                                                                                                                                                                                        0x00be1615
                                                                                                                                                                                                                                                        0x00be161c
                                                                                                                                                                                                                                                        0x00be1621
                                                                                                                                                                                                                                                        0x00be1626
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1628
                                                                                                                                                                                                                                                        0x00be162d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be162d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1610
                                                                                                                                                                                                                                                        0x00be1603
                                                                                                                                                                                                                                                        0x00be15f3
                                                                                                                                                                                                                                                        0x00be1688
                                                                                                                                                                                                                                                        0x00be168b
                                                                                                                                                                                                                                                        0x00be168b
                                                                                                                                                                                                                                                        0x00be1575
                                                                                                                                                                                                                                                        0x00be157c
                                                                                                                                                                                                                                                        0x00be158a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BE13CD
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BE1457
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BE14C0
                                                                                                                                                                                                                                                        • CreateRestrictedToken.ADVAPI32(?,00000000,?,00000000,?,00000000,?,00000000,00000000), ref: 00BE152D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE1536
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE1546
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BE1556
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BE1569
                                                                                                                                                                                                                                                        • DuplicateTokenEx.ADVAPI32(?,000F01FF,00000000,00000001,00000001,00000000), ref: 00BE15BB
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,00000012,00000000), ref: 00BE165D
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,00000012,00000000), ref: 00BE1664
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,00000000,?,000F01FF,00000000,00000000,?,?,?,?,?,?,00000012,00000000), ref: 00BE1676
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,00000012,00000000), ref: 00BE1680
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$??2@??3@$CurrentDuplicateHandleProcessToken$CreateRestrictedVerifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1132497096-0
                                                                                                                                                                                                                                                        • Opcode ID: f4024ebef34ce2be82ddf0f2fd856af6aa9854a16086f1a60207b9bd3f26824d
                                                                                                                                                                                                                                                        • Instruction ID: 81901b1d7d49ad76fb394d0b0f7910be03a5a7cdf31d8d6a86db2c544e1603a4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f4024ebef34ce2be82ddf0f2fd856af6aa9854a16086f1a60207b9bd3f26824d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 15A18E71E002549BDF14DFA9CC45BAEB7F6EF48354F2545A9E809AB392DB31AC05CB80
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BD4020(void* __ecx, long __edx, void* __eflags, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void** _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				long _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				long _t49;
                                                                                                                                                                                                                                                        				int _t53;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        				int _t62;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				int _t71;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				intOrPtr* _t89;
                                                                                                                                                                                                                                                        				long _t95;
                                                                                                                                                                                                                                                        				long _t96;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				void** _t99;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t91 = __edx;
                                                                                                                                                                                                                                                        				_v56 = __edx;
                                                                                                                                                                                                                                                        				_t70 = _a4;
                                                                                                                                                                                                                                                        				_t98 = __ecx;
                                                                                                                                                                                                                                                        				_t42 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t42 ^ _t100;
                                                                                                                                                                                                                                                        				if(E00BD48E0(_a4, L"Event") == 0) {
                                                                                                                                                                                                                                                        					if(E00BD48E0(_t70, L"File") != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return E00BEECB0(_t47, _v20 ^ _t100, _t91);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				_t47 =  *((intOrPtr*)(_t98 + 8)) + 1;
                                                                                                                                                                                                                                                        				if(_t47 >= 2) {
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					__imp__GetCurrentProcessorNumber();
                                                                                                                                                                                                                                                        					_v44 = _t47;
                                                                                                                                                                                                                                                        					_t49 = SetThreadAffinityMask(GetCurrentThread(), 1 << _t47);
                                                                                                                                                                                                                                                        					_t71 = 0;
                                                                                                                                                                                                                                                        					_v48 = _t49;
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_v40 = _v44;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t95 = 1 << _v40;
                                                                                                                                                                                                                                                        						asm("bt eax, ecx");
                                                                                                                                                                                                                                                        						if(1 >= 0) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v40 != _v44) {
                                                                                                                                                                                                                                                        							SetThreadAffinityMask(GetCurrentThread(), _t95);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t97 = 0xffffffef;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							_t59 = GetCurrentProcess();
                                                                                                                                                                                                                                                        							_v60 =  *((intOrPtr*)(_t98 + 8));
                                                                                                                                                                                                                                                        							_t62 = DuplicateHandle(GetCurrentProcess(), _v60, _t59,  &_v36, 0, 0, 0);
                                                                                                                                                                                                                                                        							_t71 = _t62;
                                                                                                                                                                                                                                                        							if(_t62 == 0) {
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t63 = _v36;
                                                                                                                                                                                                                                                        							if(_t63 == _v56) {
                                                                                                                                                                                                                                                        								_v52 = 1;
                                                                                                                                                                                                                                                        								_t97 = _t97 + 1;
                                                                                                                                                                                                                                                        								if(_t97 == 0) {
                                                                                                                                                                                                                                                        									goto L18;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L14:
                                                                                                                                                                                                                                                        								if(_v36 < _v56) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t89 = _v28;
                                                                                                                                                                                                                                                        							_t91 = _v24;
                                                                                                                                                                                                                                                        							if(_v24 == _t89) {
                                                                                                                                                                                                                                                        								E00BCF210( &_v32, _t91,  &_v36);
                                                                                                                                                                                                                                                        								_t97 = _t97 + 1;
                                                                                                                                                                                                                                                        								if(_t97 != 0) {
                                                                                                                                                                                                                                                        									goto L14;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								goto L18;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							 *_t89 = _t63;
                                                                                                                                                                                                                                                        							_v28 = _v28 + 4;
                                                                                                                                                                                                                                                        							_t97 = _t97 + 1;
                                                                                                                                                                                                                                                        							if(_t97 != 0) {
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L18:
                                                                                                                                                                                                                                                        						_t83 =  ==  ? 0 : _v40 + 1;
                                                                                                                                                                                                                                                        						_v40 = _t83;
                                                                                                                                                                                                                                                        					} while (_t83 != _v44 && _t71 != 0 && (_v52 & 0x00000001) == 0);
                                                                                                                                                                                                                                                        					_t53 = SetThreadAffinityMask(GetCurrentThread(), _v48);
                                                                                                                                                                                                                                                        					_t99 = _v32;
                                                                                                                                                                                                                                                        					_t96 = _v28;
                                                                                                                                                                                                                                                        					if(_t99 == _t96) {
                                                                                                                                                                                                                                                        						L24:
                                                                                                                                                                                                                                                        						_t47 = E00BCF1B0(_t53,  &_v32);
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t53 = CloseHandle( *_t99);
                                                                                                                                                                                                                                                        						_t99 =  &(_t99[1]);
                                                                                                                                                                                                                                                        					} while (_t96 != _t99);
                                                                                                                                                                                                                                                        					goto L24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bd4020
                                                                                                                                                                                                                                                        0x00bd4029
                                                                                                                                                                                                                                                        0x00bd402c
                                                                                                                                                                                                                                                        0x00bd402f
                                                                                                                                                                                                                                                        0x00bd4031
                                                                                                                                                                                                                                                        0x00bd403a
                                                                                                                                                                                                                                                        0x00bd4049
                                                                                                                                                                                                                                                        0x00bd41f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4058
                                                                                                                                                                                                                                                        0x00bd4069
                                                                                                                                                                                                                                                        0x00bd4069
                                                                                                                                                                                                                                                        0x00bd404f
                                                                                                                                                                                                                                                        0x00bd4052
                                                                                                                                                                                                                                                        0x00bd4056
                                                                                                                                                                                                                                                        0x00bd406a
                                                                                                                                                                                                                                                        0x00bd4071
                                                                                                                                                                                                                                                        0x00bd4078
                                                                                                                                                                                                                                                        0x00bd407f
                                                                                                                                                                                                                                                        0x00bd408c
                                                                                                                                                                                                                                                        0x00bd4099
                                                                                                                                                                                                                                                        0x00bd40a2
                                                                                                                                                                                                                                                        0x00bd40a4
                                                                                                                                                                                                                                                        0x00bd40a7
                                                                                                                                                                                                                                                        0x00bd40ae
                                                                                                                                                                                                                                                        0x00bd40b1
                                                                                                                                                                                                                                                        0x00bd40c0
                                                                                                                                                                                                                                                        0x00bd40cb
                                                                                                                                                                                                                                                        0x00bd40cd
                                                                                                                                                                                                                                                        0x00bd40d0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd40dc
                                                                                                                                                                                                                                                        0x00bd40e6
                                                                                                                                                                                                                                                        0x00bd40e6
                                                                                                                                                                                                                                                        0x00bd40ec
                                                                                                                                                                                                                                                        0x00bd40f1
                                                                                                                                                                                                                                                        0x00bd4100
                                                                                                                                                                                                                                                        0x00bd4107
                                                                                                                                                                                                                                                        0x00bd4110
                                                                                                                                                                                                                                                        0x00bd4124
                                                                                                                                                                                                                                                        0x00bd412a
                                                                                                                                                                                                                                                        0x00bd412e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4130
                                                                                                                                                                                                                                                        0x00bd4136
                                                                                                                                                                                                                                                        0x00bd4152
                                                                                                                                                                                                                                                        0x00bd4155
                                                                                                                                                                                                                                                        0x00bd4156
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4158
                                                                                                                                                                                                                                                        0x00bd415e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4160
                                                                                                                                                                                                                                                        0x00bd4138
                                                                                                                                                                                                                                                        0x00bd413b
                                                                                                                                                                                                                                                        0x00bd4140
                                                                                                                                                                                                                                                        0x00bd416a
                                                                                                                                                                                                                                                        0x00bd416f
                                                                                                                                                                                                                                                        0x00bd4170
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4172
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd4172
                                                                                                                                                                                                                                                        0x00bd4142
                                                                                                                                                                                                                                                        0x00bd4144
                                                                                                                                                                                                                                                        0x00bd4148
                                                                                                                                                                                                                                                        0x00bd4149
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd414b
                                                                                                                                                                                                                                                        0x00bd4180
                                                                                                                                                                                                                                                        0x00bd418c
                                                                                                                                                                                                                                                        0x00bd4192
                                                                                                                                                                                                                                                        0x00bd4192
                                                                                                                                                                                                                                                        0x00bd41b0
                                                                                                                                                                                                                                                        0x00bd41b6
                                                                                                                                                                                                                                                        0x00bd41b9
                                                                                                                                                                                                                                                        0x00bd41be
                                                                                                                                                                                                                                                        0x00bd41db
                                                                                                                                                                                                                                                        0x00bd41de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd41de
                                                                                                                                                                                                                                                        0x00bd41c6
                                                                                                                                                                                                                                                        0x00bd41d0
                                                                                                                                                                                                                                                        0x00bd41d2
                                                                                                                                                                                                                                                        0x00bd41d4
                                                                                                                                                                                                                                                        0x00bd41d7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd41d0
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BD48E0: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BD4047,?,?,?,?,00BD4047,Event), ref: 00BD48EC
                                                                                                                                                                                                                                                        • GetCurrentProcessorNumber.KERNEL32(File,Event), ref: 00BD407F
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD4091
                                                                                                                                                                                                                                                        • SetThreadAffinityMask.KERNEL32(00000000,00000001), ref: 00BD4099
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD40DE
                                                                                                                                                                                                                                                        • SetThreadAffinityMask.KERNEL32(00000000,00000001), ref: 00BD40E6
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000), ref: 00BD4124
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD41A6
                                                                                                                                                                                                                                                        • SetThreadAffinityMask.KERNEL32(00000000,?), ref: 00BD41B0
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00BD41D2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Thread$Current$AffinityMask$Handle$CloseDuplicateNumberProcessorwcslen
                                                                                                                                                                                                                                                        • String ID: Event$File
                                                                                                                                                                                                                                                        • API String ID: 1300822950-4063823755
                                                                                                                                                                                                                                                        • Opcode ID: 7314ec050b50fdcbcdfbe3fbaf0ba9da180908c33a74da0cf54c8ee464c8e897
                                                                                                                                                                                                                                                        • Instruction ID: 98a67c5786ece510888e95dc09727f72b5e47e4a900cb2cb5beae2d21fae8d76
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7314ec050b50fdcbcdfbe3fbaf0ba9da180908c33a74da0cf54c8ee464c8e897
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D514775A00209ABDB14DFA4E884BBEBBF5FF48314F1400A9E916B7350EB319C84CB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RegGetValueW.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers,00BB3A1F,00010002,00000000,00000000,?), ref: 00BB3B34
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFFFFFF), ref: 00BB3B5D
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB3B6C
                                                                                                                                                                                                                                                        • RegGetValueW.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers,00BB3A1F,00010002,00000000,00000000,?), ref: 00BB3B89
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BB3BB6
                                                                                                                                                                                                                                                        • wcstok_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000020,?), ref: 00BB3C35
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,0000000B), ref: 00BB3C67
                                                                                                                                                                                                                                                        • wcstok_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000020,?), ref: 00BB3C7A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers, xrefs: 00BB3B2E, 00BB3B83
                                                                                                                                                                                                                                                        • , xrefs: 00BB3C12
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp, xrefs: 00BB3B9A, 00BB3BC8
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Valuewcstok_s$_wcsnicmpfreememsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID: $/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp$SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
                                                                                                                                                                                                                                                        • API String ID: 2494463478-1164482576
                                                                                                                                                                                                                                                        • Opcode ID: 6ac4dce735c6ee73f21a8712a9d86076b63492168305f1fb2b43398afa767860
                                                                                                                                                                                                                                                        • Instruction ID: ef6ad0d501209608a9f87f9f5a65f380afe022d3d37961e1731f863b371aefe4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6ac4dce735c6ee73f21a8712a9d86076b63492168305f1fb2b43398afa767860
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5341E171900308AFD7108F65DC45BFABBF8EF09704F14846DE84AE7291EBB5A904CB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBE2F4
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,00000000,00000002,00000003), ref: 00BBE32D
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000001,00000003), ref: 00BBE335
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000020,00000003), ref: 00BBE33D
                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL(00000000,?,00000010,00000003), ref: 00BBE345
                                                                                                                                                                                                                                                        • VerifyVersionInfoA.KERNEL32(0000009C,00000033,00000000), ref: 00BBE350
                                                                                                                                                                                                                                                        • GetFileInformationByHandleEx.KERNEL32(00000000,00000012,?,00000018), ref: 00BBE36E
                                                                                                                                                                                                                                                        • GetFileInformationByHandle.KERNEL32(00000000,?), ref: 00BBE3DD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00BBE42F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h, xrefs: 00BBE293
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ConditionMask$FileHandleInformation$ErrorInfoLastVerifyVersionmemset
                                                                                                                                                                                                                                                        • String ID: /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h
                                                                                                                                                                                                                                                        • API String ID: 938157213-3364526140
                                                                                                                                                                                                                                                        • Opcode ID: 23adda15b5d5ba365648eac1e04b4bd746a4bf739505571e380deb096b28d9a2
                                                                                                                                                                                                                                                        • Instruction ID: bedd199001f899aec169a3e9c9ba1389a3f38995c10c6f4f452d014b4fcbd6bc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 23adda15b5d5ba365648eac1e04b4bd746a4bf739505571e380deb096b28d9a2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 59519070548B45ABE321CF24DC45BAAB7F8FF88700F008A1DF5999B290EBB1D584CB56
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BE2C30(void* __eflags, intOrPtr _a4, intOrPtr _a8, wchar_t* _a12, wchar_t* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v48;
                                                                                                                                                                                                                                                        				struct _ACL* _v52;
                                                                                                                                                                                                                                                        				int _v56;
                                                                                                                                                                                                                                                        				int _v60;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				void** _t36;
                                                                                                                                                                                                                                                        				long _t42;
                                                                                                                                                                                                                                                        				char* _t57;
                                                                                                                                                                                                                                                        				long _t58;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t25 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t57 =  &_v44;
                                                                                                                                                                                                                                                        				_v20 = _t25 ^ _t59;
                                                                                                                                                                                                                                                        				_v24 = 7;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				E00BBA740(_t57, L"S:(");
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, L"ML", 2);
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, 0xbf53d0, 2);
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, _a12, wcslen(_a12));
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, L";;;", 3);
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, _a16, wcslen(_a16));
                                                                                                                                                                                                                                                        				E00BB73B0(_t57, ")", 1);
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v52 = 0;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v60 = 0;
                                                                                                                                                                                                                                                        				if(_v24 > 7) {
                                                                                                                                                                                                                                                        					_t57 = _v44;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t36 =  &_v48;
                                                                                                                                                                                                                                                        				_push(0);
                                                                                                                                                                                                                                                        				_push(_t36);
                                                                                                                                                                                                                                                        				_push(1);
                                                                                                                                                                                                                                                        				_push(_t57);
                                                                                                                                                                                                                                                        				L00BEF6DE();
                                                                                                                                                                                                                                                        				if(_t36 == 0) {
                                                                                                                                                                                                                                                        					_t58 = GetLastError();
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t55 =  &_v56;
                                                                                                                                                                                                                                                        					_t42 = GetSecurityDescriptorSacl(_v48,  &_v56,  &_v52,  &_v60);
                                                                                                                                                                                                                                                        					if(_t42 == 0) {
                                                                                                                                                                                                                                                        						_t42 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__imp__SetSecurityInfo(_a4, _a8, 0x10, 0, 0, 0, _v52);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t58 = _t42;
                                                                                                                                                                                                                                                        					_t37 = LocalFree(_v48);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(E00BBDF30(_t37,  &_v44, _t55), _v20 ^ _t59, _t55);
                                                                                                                                                                                                                                                        				return _t58;
                                                                                                                                                                                                                                                        			}

















                                                                                                                                                                                                                                                        0x00be2c39
                                                                                                                                                                                                                                                        0x00be2c44
                                                                                                                                                                                                                                                        0x00be2c4b
                                                                                                                                                                                                                                                        0x00be2c4e
                                                                                                                                                                                                                                                        0x00be2c55
                                                                                                                                                                                                                                                        0x00be2c5c
                                                                                                                                                                                                                                                        0x00be2c67
                                                                                                                                                                                                                                                        0x00be2c75
                                                                                                                                                                                                                                                        0x00be2c83
                                                                                                                                                                                                                                                        0x00be2c95
                                                                                                                                                                                                                                                        0x00be2ca3
                                                                                                                                                                                                                                                        0x00be2cb5
                                                                                                                                                                                                                                                        0x00be2cc3
                                                                                                                                                                                                                                                        0x00be2ccc
                                                                                                                                                                                                                                                        0x00be2cd3
                                                                                                                                                                                                                                                        0x00be2cda
                                                                                                                                                                                                                                                        0x00be2ce1
                                                                                                                                                                                                                                                        0x00be2ce8
                                                                                                                                                                                                                                                        0x00be2cea
                                                                                                                                                                                                                                                        0x00be2cea
                                                                                                                                                                                                                                                        0x00be2ced
                                                                                                                                                                                                                                                        0x00be2cf0
                                                                                                                                                                                                                                                        0x00be2cf2
                                                                                                                                                                                                                                                        0x00be2cf3
                                                                                                                                                                                                                                                        0x00be2cf5
                                                                                                                                                                                                                                                        0x00be2cf6
                                                                                                                                                                                                                                                        0x00be2cfd
                                                                                                                                                                                                                                                        0x00be2d5c
                                                                                                                                                                                                                                                        0x00be2cff
                                                                                                                                                                                                                                                        0x00be2d05
                                                                                                                                                                                                                                                        0x00be2d0e
                                                                                                                                                                                                                                                        0x00be2d16
                                                                                                                                                                                                                                                        0x00be2d60
                                                                                                                                                                                                                                                        0x00be2d18
                                                                                                                                                                                                                                                        0x00be2d29
                                                                                                                                                                                                                                                        0x00be2d29
                                                                                                                                                                                                                                                        0x00be2d2f
                                                                                                                                                                                                                                                        0x00be2d34
                                                                                                                                                                                                                                                        0x00be2d34
                                                                                                                                                                                                                                                        0x00be2d47
                                                                                                                                                                                                                                                        0x00be2d55

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BB73B0: memmove.NTDLL(00000000,?,?,?,?), ref: 00BB73EF
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00BF53D0,00000002,00BF52B6,00000002,S:(), ref: 00BE2C89
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BE55E6,;;;,00000003,00000000,00000000,S:(), ref: 00BE2CA9
                                                                                                                                                                                                                                                        • ConvertStringSecurityDescriptorToSecurityDescriptorW.ADVAPI32(?,00000001,00000000,00000000), ref: 00BE2CF6
                                                                                                                                                                                                                                                        • GetSecurityDescriptorSacl.ADVAPI32(00000000,00000000,00000000,00000000,00BF5498,00000001,00BE55E6), ref: 00BE2D0E
                                                                                                                                                                                                                                                        • SetSecurityInfo.ADVAPI32(00BF54A2,00000007,00000010,00000000,00000000,00000000,00000000), ref: 00BE2D29
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BE2D34
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00BF5498,00000001,00BE55E6), ref: 00BE2D56
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE2D60
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Security$Descriptorwcslen$ErrorLastmemmove$ConvertFreeInfoLocalSaclString
                                                                                                                                                                                                                                                        • String ID: ;;;$S:(
                                                                                                                                                                                                                                                        • API String ID: 3467144744-3740438060
                                                                                                                                                                                                                                                        • Opcode ID: 21d1f4617d7ba002f02a7848699c299007958048067a680e18a4b1294269d8d4
                                                                                                                                                                                                                                                        • Instruction ID: dc25b440bc88050a1adb05a1c2cd76b9ad51056f375f5cfcfb9cdf6bd454ff1b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 21d1f4617d7ba002f02a7848699c299007958048067a680e18a4b1294269d8d4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9D315E71A40219ABDB20AB61DC8ABFE7BB9EF44714F104054FA0177290DFB16905DBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 84%
                                                                                                                                                                                                                                                        			E00BB3CA0(void** __ecx, void** __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				void* _v104;
                                                                                                                                                                                                                                                        				void* _v108;
                                                                                                                                                                                                                                                        				void* _v120;
                                                                                                                                                                                                                                                        				intOrPtr _v132;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				void** _t28;
                                                                                                                                                                                                                                                        				signed short _t29;
                                                                                                                                                                                                                                                        				signed short _t32;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				void _t48;
                                                                                                                                                                                                                                                        				void** _t49;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				signed int _t51;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t47 = __edx;
                                                                                                                                                                                                                                                        				_t53 = (_t51 & 0xfffffff8) - 0x60;
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t49 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t21 ^ _t50;
                                                                                                                                                                                                                                                        				if(DuplicateTokenEx( *__edx, 0, 0, 2, 1,  &_v96) == 0) {
                                                                                                                                                                                                                                                        					_t25 = GetLastError();
                                                                                                                                                                                                                                                        					_t49[3] = 1;
                                                                                                                                                                                                                                                        					 *_t49 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        					_t49[1] = 0x32;
                                                                                                                                                                                                                                                        					_t38 =  <=  ? _t25 : _t25 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					_t49[2] =  <=  ? _t25 : _t25 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t34 = _v104;
                                                                                                                                                                                                                                                        					_t28 =  &_v108;
                                                                                                                                                                                                                                                        					_t48 =  &_v100;
                                                                                                                                                                                                                                                        					_v108 = 0x44;
                                                                                                                                                                                                                                                        					__imp__CreateWellKnownSid(0x43, 0, _t48, _t28);
                                                                                                                                                                                                                                                        					if(_t28 == 0) {
                                                                                                                                                                                                                                                        						_t29 = GetLastError();
                                                                                                                                                                                                                                                        						_t49[3] = 1;
                                                                                                                                                                                                                                                        						 *_t49 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        						_t49[1] = 0x3b;
                                                                                                                                                                                                                                                        						_t43 =  <=  ? _t29 : _t29 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						_t49[2] =  <=  ? _t29 : _t29 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v132 = 0x20;
                                                                                                                                                                                                                                                        						 *_t53 = _t48;
                                                                                                                                                                                                                                                        						if(SetTokenInformation(_v120, 0x19, _t53, 8) == 0) {
                                                                                                                                                                                                                                                        							_t32 = GetLastError();
                                                                                                                                                                                                                                                        							 *_t49 = "/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp";
                                                                                                                                                                                                                                                        							_t49[1] = 0x44;
                                                                                                                                                                                                                                                        							_t46 =  <=  ? _t32 : _t32 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        							_t33 = 1;
                                                                                                                                                                                                                                                        							_t49[2] =  <=  ? _t32 : _t32 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *_t49 = _t34;
                                                                                                                                                                                                                                                        							_t33 = 0;
                                                                                                                                                                                                                                                        							_t34 = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t49[3] = _t33;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t25 = _t34 + 1;
                                                                                                                                                                                                                                                        					if(_t34 + 1 >= 2) {
                                                                                                                                                                                                                                                        						_t25 = CloseHandle(_t34);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t25, _v32 ^ _t50, _t47);
                                                                                                                                                                                                                                                        				return _t49;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00bb3ca0
                                                                                                                                                                                                                                                        0x00bb3ca9
                                                                                                                                                                                                                                                        0x00bb3cac
                                                                                                                                                                                                                                                        0x00bb3cb1
                                                                                                                                                                                                                                                        0x00bb3cb5
                                                                                                                                                                                                                                                        0x00bb3cd0
                                                                                                                                                                                                                                                        0x00bb3d34
                                                                                                                                                                                                                                                        0x00bb3d3d
                                                                                                                                                                                                                                                        0x00bb3d41
                                                                                                                                                                                                                                                        0x00bb3d47
                                                                                                                                                                                                                                                        0x00bb3d56
                                                                                                                                                                                                                                                        0x00bb3d59
                                                                                                                                                                                                                                                        0x00bb3cd2
                                                                                                                                                                                                                                                        0x00bb3cd2
                                                                                                                                                                                                                                                        0x00bb3cd6
                                                                                                                                                                                                                                                        0x00bb3cda
                                                                                                                                                                                                                                                        0x00bb3cde
                                                                                                                                                                                                                                                        0x00bb3cec
                                                                                                                                                                                                                                                        0x00bb3cf4
                                                                                                                                                                                                                                                        0x00bb3d71
                                                                                                                                                                                                                                                        0x00bb3d7a
                                                                                                                                                                                                                                                        0x00bb3d7e
                                                                                                                                                                                                                                                        0x00bb3d84
                                                                                                                                                                                                                                                        0x00bb3d93
                                                                                                                                                                                                                                                        0x00bb3d96
                                                                                                                                                                                                                                                        0x00bb3cf6
                                                                                                                                                                                                                                                        0x00bb3cf6
                                                                                                                                                                                                                                                        0x00bb3cfe
                                                                                                                                                                                                                                                        0x00bb3d14
                                                                                                                                                                                                                                                        0x00bb3d9b
                                                                                                                                                                                                                                                        0x00bb3da4
                                                                                                                                                                                                                                                        0x00bb3daa
                                                                                                                                                                                                                                                        0x00bb3db9
                                                                                                                                                                                                                                                        0x00bb3dbc
                                                                                                                                                                                                                                                        0x00bb3dbe
                                                                                                                                                                                                                                                        0x00bb3d1a
                                                                                                                                                                                                                                                        0x00bb3d1a
                                                                                                                                                                                                                                                        0x00bb3d1c
                                                                                                                                                                                                                                                        0x00bb3d1e
                                                                                                                                                                                                                                                        0x00bb3d1e
                                                                                                                                                                                                                                                        0x00bb3d20
                                                                                                                                                                                                                                                        0x00bb3d20
                                                                                                                                                                                                                                                        0x00bb3d23
                                                                                                                                                                                                                                                        0x00bb3d29
                                                                                                                                                                                                                                                        0x00bb3d2c
                                                                                                                                                                                                                                                        0x00bb3d2c
                                                                                                                                                                                                                                                        0x00bb3d29
                                                                                                                                                                                                                                                        0x00bb3d62
                                                                                                                                                                                                                                                        0x00bb3d70

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • DuplicateTokenEx.ADVAPI32(?,00000000,00000000,00000002,00000001,?), ref: 00BB3CC8
                                                                                                                                                                                                                                                        • CreateWellKnownSid.ADVAPI32(00000043,00000000,?,?), ref: 00BB3CEC
                                                                                                                                                                                                                                                        • SetTokenInformation.ADVAPI32(?,00000019,?,00000008), ref: 00BB3D0C
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 00BB3D2C
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB3D34
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BB3D71
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00000008), ref: 00BB3D9B
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Token$CloseCreateDuplicateHandleInformationKnownWell
                                                                                                                                                                                                                                                        • String ID: $/builds/worker/checkouts/gecko/browser/app/winlauncher/LaunchUnelevated.cpp$D
                                                                                                                                                                                                                                                        • API String ID: 1699151596-3170737904
                                                                                                                                                                                                                                                        • Opcode ID: eaf5daa35a68eaaf4850250d914b169efbaf27e05abcea6f68521ef118f7f4a3
                                                                                                                                                                                                                                                        • Instruction ID: d2f885f032c7d5daac8da8b171fa4cd7c52aa0cdb975bdac8cffcd28893832a2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eaf5daa35a68eaaf4850250d914b169efbaf27e05abcea6f68521ef118f7f4a3
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9C316F712047419FE7248F25DC89B76BBE8FF44B14F10886EE99ACB290DBB4D548CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 45%
                                                                                                                                                                                                                                                        			E00BEB830(void* __eflags, intOrPtr _a4, intOrPtr* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v76;
                                                                                                                                                                                                                                                        				char _v144;
                                                                                                                                                                                                                                                        				void* _v148;
                                                                                                                                                                                                                                                        				void* _v152;
                                                                                                                                                                                                                                                        				char _v156;
                                                                                                                                                                                                                                                        				long _v160;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				long _t36;
                                                                                                                                                                                                                                                        				int _t38;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				char* _t51;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				char* _t65;
                                                                                                                                                                                                                                                        				wchar_t* _t67;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				intOrPtr* _t69;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t32 ^ _t70;
                                                                                                                                                                                                                                                        				_v24 = 7;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				E00BBA740( &_v44, L"sbox_alternate_desktop_");
                                                                                                                                                                                                                                                        				if(_a4 == 0) {
                                                                                                                                                                                                                                                        					E00BB73B0( &_v44, L"local_winstation_", 0x11);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t36 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        				_t67 =  &_v76;
                                                                                                                                                                                                                                                        				_v160 = _t36;
                                                                                                                                                                                                                                                        				 *(_t71 - 0x10) = _t67;
                                                                                                                                                                                                                                                        				E00BEBA50();
                                                                                                                                                                                                                                                        				_t38 = wcslen(_t67);
                                                                                                                                                                                                                                                        				_t65 =  &_v44;
                                                                                                                                                                                                                                                        				E00BB73B0(_t65, _t67, _t38);
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa0ec(GetCurrentThreadId());
                                                                                                                                                                                                                                                        				if(_t41 == 0) {
                                                                                                                                                                                                                                                        					_t68 = 0x24;
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v148 = 0;
                                                                                                                                                                                                                                                        					_v152 = 0;
                                                                                                                                                                                                                                                        					_v156 = 0xc;
                                                                                                                                                                                                                                                        					_v144 = 0;
                                                                                                                                                                                                                                                        					_t64 =  &_v144;
                                                                                                                                                                                                                                                        					__imp__GetSecurityInfo(_t41, 7, 4, 0, 0,  &_v144, 0,  &_v152);
                                                                                                                                                                                                                                                        					if(_t41 != 0) {
                                                                                                                                                                                                                                                        						_t68 = 0x25;
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						E00BEECB0(E00BBDF30(_t41,  &_v44, _t64), _v20 ^ _t70, _t64);
                                                                                                                                                                                                                                                        						return _t68;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t69 = _a8;
                                                                                                                                                                                                                                                        					_t54 =  *0xbfa0e8();
                                                                                                                                                                                                                                                        					_t46 = _a4;
                                                                                                                                                                                                                                                        					if(_t46 == 0) {
                                                                                                                                                                                                                                                        						if(_v24 > 7) {
                                                                                                                                                                                                                                                        							_t65 = _v44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t69 =  *0xbfa0e0(_t65, 0, 0, 0, 0xe0003,  &_v156);
                                                                                                                                                                                                                                                        						_t41 = LocalFree(_v152);
                                                                                                                                                                                                                                                        						if( *_t69 != 0) {
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							E00BE71D0( &_v144, 0x12);
                                                                                                                                                                                                                                                        							_t41 = E00BCC0B0( *_t69, 7,  &_v144, 3, 0xd013e);
                                                                                                                                                                                                                                                        							_t68 = 0;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						_t68 = 0xb;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t46);
                                                                                                                                                                                                                                                        					if( *0xbfa0f4() == 0) {
                                                                                                                                                                                                                                                        						_t41 = LocalFree(_v152);
                                                                                                                                                                                                                                                        						_t68 = 0xb;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_v24 <= 7) {
                                                                                                                                                                                                                                                        						_t51 =  &_v44;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t51 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *_t69 =  *0xbfa0e0(_t51, 0, 0, 0, 0xe0003,  &_v156);
                                                                                                                                                                                                                                                        					LocalFree(_v152);
                                                                                                                                                                                                                                                        					_push(_t54);
                                                                                                                                                                                                                                                        					if( *0xbfa0f4() == 0) {
                                                                                                                                                                                                                                                        						_t68 = 0xd;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if( *_t69 == 0) {
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00beb83c
                                                                                                                                                                                                                                                        0x00beb846
                                                                                                                                                                                                                                                        0x00beb849
                                                                                                                                                                                                                                                        0x00beb850
                                                                                                                                                                                                                                                        0x00beb857
                                                                                                                                                                                                                                                        0x00beb862
                                                                                                                                                                                                                                                        0x00beb86b
                                                                                                                                                                                                                                                        0x00beb9c4
                                                                                                                                                                                                                                                        0x00beb9c4
                                                                                                                                                                                                                                                        0x00beb871
                                                                                                                                                                                                                                                        0x00beb87a
                                                                                                                                                                                                                                                        0x00beb87d
                                                                                                                                                                                                                                                        0x00beb881
                                                                                                                                                                                                                                                        0x00beb884
                                                                                                                                                                                                                                                        0x00beb88d
                                                                                                                                                                                                                                                        0x00beb895
                                                                                                                                                                                                                                                        0x00beb89c
                                                                                                                                                                                                                                                        0x00beb8a8
                                                                                                                                                                                                                                                        0x00beb8b0
                                                                                                                                                                                                                                                        0x00beb9ce
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb8b6
                                                                                                                                                                                                                                                        0x00beb8bc
                                                                                                                                                                                                                                                        0x00beb8c6
                                                                                                                                                                                                                                                        0x00beb8d0
                                                                                                                                                                                                                                                        0x00beb8da
                                                                                                                                                                                                                                                        0x00beb8e4
                                                                                                                                                                                                                                                        0x00beb8f7
                                                                                                                                                                                                                                                        0x00beb8ff
                                                                                                                                                                                                                                                        0x00beb9d5
                                                                                                                                                                                                                                                        0x00beb99b
                                                                                                                                                                                                                                                        0x00beb9a8
                                                                                                                                                                                                                                                        0x00beb9b9
                                                                                                                                                                                                                                                        0x00beb9b9
                                                                                                                                                                                                                                                        0x00beb905
                                                                                                                                                                                                                                                        0x00beb90e
                                                                                                                                                                                                                                                        0x00beb910
                                                                                                                                                                                                                                                        0x00beb915
                                                                                                                                                                                                                                                        0x00beb9e0
                                                                                                                                                                                                                                                        0x00beb9e2
                                                                                                                                                                                                                                                        0x00beb9e2
                                                                                                                                                                                                                                                        0x00beb9fe
                                                                                                                                                                                                                                                        0x00beba06
                                                                                                                                                                                                                                                        0x00beba0f
                                                                                                                                                                                                                                                        0x00beb976
                                                                                                                                                                                                                                                        0x00beb980
                                                                                                                                                                                                                                                        0x00beb991
                                                                                                                                                                                                                                                        0x00beb999
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb999
                                                                                                                                                                                                                                                        0x00beba15
                                                                                                                                                                                                                                                        0x00beba15
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beba15
                                                                                                                                                                                                                                                        0x00beb91b
                                                                                                                                                                                                                                                        0x00beb924
                                                                                                                                                                                                                                                        0x00beba25
                                                                                                                                                                                                                                                        0x00beba2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beba2b
                                                                                                                                                                                                                                                        0x00beb92e
                                                                                                                                                                                                                                                        0x00beba35
                                                                                                                                                                                                                                                        0x00beb934
                                                                                                                                                                                                                                                        0x00beb934
                                                                                                                                                                                                                                                        0x00beb934
                                                                                                                                                                                                                                                        0x00beb950
                                                                                                                                                                                                                                                        0x00beb958
                                                                                                                                                                                                                                                        0x00beb95e
                                                                                                                                                                                                                                                        0x00beb967
                                                                                                                                                                                                                                                        0x00beba3d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb96d
                                                                                                                                                                                                                                                        0x00beb970
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beb970
                                                                                                                                                                                                                                                        0x00beb967

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32(sbox_alternate_desktop_), ref: 00BEB871
                                                                                                                                                                                                                                                          • Part of subcall function 00BEBA50: __stdio_common_vsnwprintf_s.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,00000010,00000010,0x%X,00000000,?,?,00BEB889), ref: 00BEBA82
                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 00BEB8A1
                                                                                                                                                                                                                                                        • GetSecurityInfo.ADVAPI32(00000000,00000007,00000004,00000000,00000000,00000000,00000000,?), ref: 00BEB8F7
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BEB958
                                                                                                                                                                                                                                                          • Part of subcall function 00BE71D0: CreateWellKnownSid.ADVAPI32(00BCC1F2,00000000,?,?), ref: 00BE71F6
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: GetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,?,00000000,?), ref: 00BCC0F0
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: SetEntriesInAclW.ADVAPI32(00000001,?,?,00000000), ref: 00BCC146
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: SetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,00000000,00000000), ref: 00BCC15D
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: LocalFree.KERNEL32(00000000), ref: 00BCC16E
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC0B0: LocalFree.KERNEL32(00000000), ref: 00BCC173
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BEB88D
                                                                                                                                                                                                                                                          • Part of subcall function 00BB73B0: memmove.NTDLL(00000000,?,?,?,?), ref: 00BB73EF
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BEBA06
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BEBA25
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FreeLocal$InfoSecurity$Currentmemmovewcslen$CreateEntriesKnownProcessThreadWell__stdio_common_vsnwprintf_s
                                                                                                                                                                                                                                                        • String ID: local_winstation_$sbox_alternate_desktop_
                                                                                                                                                                                                                                                        • API String ID: 2206787284-58166206
                                                                                                                                                                                                                                                        • Opcode ID: f0c79a2e1ed0aa57bd0e20b6a90accc2876c5279d27ee721c43349e05722164a
                                                                                                                                                                                                                                                        • Instruction ID: a21438720a9b6391c58d74196c919dd5efec5eb715795b0c9eae93722d5c80c4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f0c79a2e1ed0aa57bd0e20b6a90accc2876c5279d27ee721c43349e05722164a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 73516E71A00218EBEB209F61DC49FBE7BF8EB04700F1044A9F649B7291DF745A84CB65
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BDFA90(intOrPtr __edx, intOrPtr _a4, intOrPtr* _a8, WCHAR* _a12, WCHAR* _a16, intOrPtr* _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _STARTUPINFOW _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				void* _v96;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				WCHAR* _t47;
                                                                                                                                                                                                                                                        				int _t48;
                                                                                                                                                                                                                                                        				int _t55;
                                                                                                                                                                                                                                                        				HANDLE* _t60;
                                                                                                                                                                                                                                                        				intOrPtr* _t64;
                                                                                                                                                                                                                                                        				intOrPtr _t71;
                                                                                                                                                                                                                                                        				void* _t72;
                                                                                                                                                                                                                                                        				intOrPtr* _t73;
                                                                                                                                                                                                                                                        				WCHAR* _t74;
                                                                                                                                                                                                                                                        				WCHAR* _t77;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t71 = __edx;
                                                                                                                                                                                                                                                        				_t45 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t72 = 5;
                                                                                                                                                                                                                                                        				_t46 = _t45 ^ _t81;
                                                                                                                                                                                                                                                        				_v20 = _t45 ^ _t81;
                                                                                                                                                                                                                                                        				if(_a4 + 0xfffffffb <= 1) {
                                                                                                                                                                                                                                                        					_t47 = _a16;
                                                                                                                                                                                                                                                        					_v88.lpDesktop = 0;
                                                                                                                                                                                                                                                        					_v88.lpReserved = 0;
                                                                                                                                                                                                                                                        					_v88.dwX = 0;
                                                                                                                                                                                                                                                        					_v88.lpTitle = 0;
                                                                                                                                                                                                                                                        					_v88.dwXSize = 0;
                                                                                                                                                                                                                                                        					_v88.dwY = 0;
                                                                                                                                                                                                                                                        					_v88.dwXCountChars = 0;
                                                                                                                                                                                                                                                        					_v88.dwYSize = 0;
                                                                                                                                                                                                                                                        					_v88.dwFillAttribute = 0;
                                                                                                                                                                                                                                                        					_v88.dwYCountChars = 0;
                                                                                                                                                                                                                                                        					_v88.wShowWindow = 0;
                                                                                                                                                                                                                                                        					_v88.dwFlags = 0;
                                                                                                                                                                                                                                                        					_v88.hStdInput = 0;
                                                                                                                                                                                                                                                        					_v88.lpReserved2 = 0;
                                                                                                                                                                                                                                                        					_v88.hStdError = 0;
                                                                                                                                                                                                                                                        					_v88.hStdOutput = 0;
                                                                                                                                                                                                                                                        					_v88.cb = 0x44;
                                                                                                                                                                                                                                                        					_t73 = _a20;
                                                                                                                                                                                                                                                        					if(_t47[0xa] > 7) {
                                                                                                                                                                                                                                                        						_t47 =  *_t47;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t77 = _a12;
                                                                                                                                                                                                                                                        					__imp___wcsdup(_t47);
                                                                                                                                                                                                                                                        					_t71 =  *((intOrPtr*)(_t73 + 0x10));
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t73 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        						_t73 =  *_t73;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t60 = _a24;
                                                                                                                                                                                                                                                        					_t64 = _a8;
                                                                                                                                                                                                                                                        					_t74 =  ==  ? _t71 : _t73;
                                                                                                                                                                                                                                                        					if(_t77[0xa] > 7) {
                                                                                                                                                                                                                                                        						_t77 =  *_t77;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v96 =  *_t64;
                                                                                                                                                                                                                                                        					_v92 = _t47;
                                                                                                                                                                                                                                                        					_t48 = CreateProcessW(_t77, _t47, 0, 0, 0, 0, 0, _t74,  &_v88, _t60);
                                                                                                                                                                                                                                                        					_t72 = 5;
                                                                                                                                                                                                                                                        					if(_t48 != 0) {
                                                                                                                                                                                                                                                        						_t79 =  ==  ? 0x1fffff : 0x101c01;
                                                                                                                                                                                                                                                        						_v100 =  *_t60;
                                                                                                                                                                                                                                                        						_t55 = DuplicateHandle(GetCurrentProcess(), _v100, _v96, _t60,  ==  ? 0x1fffff : 0x101c01, 0, 1);
                                                                                                                                                                                                                                                        						_t80 = _t60[1];
                                                                                                                                                                                                                                                        						if(_t55 == 0) {
                                                                                                                                                                                                                                                        							CloseHandle(_t80);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t76 =  ==  ? 0x1fffff : 0x100c43;
                                                                                                                                                                                                                                                        							_t72 = (0 | DuplicateHandle(GetCurrentProcess(), _t80, _v96,  &(_t60[1]),  ==  ? 0x1fffff : 0x100c43, 0, 1) == 0x00000000) + (0 | DuplicateHandle(GetCurrentProcess(), _t80, _v96,  &(_t60[1]),  ==  ? 0x1fffff : 0x100c43, 0, 1) == 0x00000000) * 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t46 = _v92;
                                                                                                                                                                                                                                                        					if(_t46 != 0) {
                                                                                                                                                                                                                                                        						free(_t46);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t46, _v20 ^ _t81, _t71);
                                                                                                                                                                                                                                                        				return _t72;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bdfa90
                                                                                                                                                                                                                                                        0x00bdfa9c
                                                                                                                                                                                                                                                        0x00bdfaa1
                                                                                                                                                                                                                                                        0x00bdfaa9
                                                                                                                                                                                                                                                        0x00bdfaae
                                                                                                                                                                                                                                                        0x00bdfab1
                                                                                                                                                                                                                                                        0x00bdfac7
                                                                                                                                                                                                                                                        0x00bdfaca
                                                                                                                                                                                                                                                        0x00bdfad1
                                                                                                                                                                                                                                                        0x00bdfad8
                                                                                                                                                                                                                                                        0x00bdfadf
                                                                                                                                                                                                                                                        0x00bdfae6
                                                                                                                                                                                                                                                        0x00bdfaed
                                                                                                                                                                                                                                                        0x00bdfaf4
                                                                                                                                                                                                                                                        0x00bdfafb
                                                                                                                                                                                                                                                        0x00bdfb02
                                                                                                                                                                                                                                                        0x00bdfb09
                                                                                                                                                                                                                                                        0x00bdfb10
                                                                                                                                                                                                                                                        0x00bdfb17
                                                                                                                                                                                                                                                        0x00bdfb1e
                                                                                                                                                                                                                                                        0x00bdfb25
                                                                                                                                                                                                                                                        0x00bdfb2c
                                                                                                                                                                                                                                                        0x00bdfb33
                                                                                                                                                                                                                                                        0x00bdfb3a
                                                                                                                                                                                                                                                        0x00bdfb41
                                                                                                                                                                                                                                                        0x00bdfb48
                                                                                                                                                                                                                                                        0x00bdfb4a
                                                                                                                                                                                                                                                        0x00bdfb4a
                                                                                                                                                                                                                                                        0x00bdfb4c
                                                                                                                                                                                                                                                        0x00bdfb50
                                                                                                                                                                                                                                                        0x00bdfb59
                                                                                                                                                                                                                                                        0x00bdfb60
                                                                                                                                                                                                                                                        0x00bdfb62
                                                                                                                                                                                                                                                        0x00bdfb62
                                                                                                                                                                                                                                                        0x00bdfb66
                                                                                                                                                                                                                                                        0x00bdfb69
                                                                                                                                                                                                                                                        0x00bdfb6c
                                                                                                                                                                                                                                                        0x00bdfb73
                                                                                                                                                                                                                                                        0x00bdfb75
                                                                                                                                                                                                                                                        0x00bdfb75
                                                                                                                                                                                                                                                        0x00bdfb79
                                                                                                                                                                                                                                                        0x00bdfb8c
                                                                                                                                                                                                                                                        0x00bdfb91
                                                                                                                                                                                                                                                        0x00bdfb97
                                                                                                                                                                                                                                                        0x00bdfb9e
                                                                                                                                                                                                                                                        0x00bdfbb0
                                                                                                                                                                                                                                                        0x00bdfbb5
                                                                                                                                                                                                                                                        0x00bdfbcb
                                                                                                                                                                                                                                                        0x00bdfbd1
                                                                                                                                                                                                                                                        0x00bdfbd6
                                                                                                                                                                                                                                                        0x00bdfc28
                                                                                                                                                                                                                                                        0x00bdfbd8
                                                                                                                                                                                                                                                        0x00bdfbe9
                                                                                                                                                                                                                                                        0x00bdfc0a
                                                                                                                                                                                                                                                        0x00bdfc0a
                                                                                                                                                                                                                                                        0x00bdfbd6
                                                                                                                                                                                                                                                        0x00bdfc0d
                                                                                                                                                                                                                                                        0x00bdfc12
                                                                                                                                                                                                                                                        0x00bdfc19
                                                                                                                                                                                                                                                        0x00bdfc1f
                                                                                                                                                                                                                                                        0x00bdfc12
                                                                                                                                                                                                                                                        0x00bdfab8
                                                                                                                                                                                                                                                        0x00bdfac6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _wcsdup.MOZGLUE(00000000), ref: 00BDFB50
                                                                                                                                                                                                                                                        • CreateProcessW.KERNEL32 ref: 00BDFB91
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDFBB8
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,00000001,00000000,00101C01,00000000,00000001), ref: 00BDFBCB
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDFBEC
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000001,-00000004,00100C43,00000000,00000001), ref: 00BDFBFD
                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 00BDFC19
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentDuplicateHandle$Create_wcsdupfree
                                                                                                                                                                                                                                                        • String ID: D
                                                                                                                                                                                                                                                        • API String ID: 588577352-2746444292
                                                                                                                                                                                                                                                        • Opcode ID: de9179062feb86628b885b46becc92ceb7f5c18bf1239d459eb491e89896a51a
                                                                                                                                                                                                                                                        • Instruction ID: bbdab96d93a01d1c0d75b343e85765eb1c4da7f19073517608077c25ed419d6a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: de9179062feb86628b885b46becc92ceb7f5c18bf1239d459eb491e89896a51a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 014158B1900209AFEB10CFA4DC98BAFBBB5FF44318F144469E916AB380DB759945CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 86%
                                                                                                                                                                                                                                                        			E00BCC210(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				intOrPtr* _t35;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        				void* _t42;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t22 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t22 ^ _t44;
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t39 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t24 =  *0xbfb4e0; // 0x0
                                                                                                                                                                                                                                                        				if(_t24 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t33 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					_t24 = E00BEE547(_t24, 0xbfb4e0);
                                                                                                                                                                                                                                                        					_t45 = _t45 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfb4e0 == 0xffffffff) {
                                                                                                                                                                                                                                                        						 *0xbfb4dc = GetProcAddress(GetModuleHandleW(L"userenv"), "CreateAppContainerProfile");
                                                                                                                                                                                                                                                        						_t24 = E00BEE599(0xbfb4e0);
                                                                                                                                                                                                                                                        						_t45 = _t45 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t35 =  *0xbfb4dc; // 0x0
                                                                                                                                                                                                                                                        				if(_t35 == 0) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t42 = 0;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t43 = _a4;
                                                                                                                                                                                                                                                        					_t39 = _a8;
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					_t24 =  *_t35(_a4, _a8, _a12, 0, 0,  &_v92);
                                                                                                                                                                                                                                                        					if(_t24 == 0x800700b7) {
                                                                                                                                                                                                                                                        						_t42 = E00BCC360(_t43);
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						E00BEECB0(_t24, _v20 ^ _t44, _t39);
                                                                                                                                                                                                                                                        						return _t42;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t24 < 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t32 = _v92;
                                                                                                                                                                                                                                                        						_push(0x68);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t42 = _t24;
                                                                                                                                                                                                                                                        						_t41 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t41, _t32);
                                                                                                                                                                                                                                                        						 *_t42 = 0xbf1210;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 4)) = 0;
                                                                                                                                                                                                                                                        						_t13 = _t42 + 8; // 0x8
                                                                                                                                                                                                                                                        						_t24 = memcpy(_t13, _t41, 0x44);
                                                                                                                                                                                                                                                        						 *((char*)(_t42 + 0x4c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x54)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x50)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x5c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x58)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x64)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x60)) = 0;
                                                                                                                                                                                                                                                        						if(_t32 != 0) {
                                                                                                                                                                                                                                                        							_t24 = FreeSid(_t32);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bcc219
                                                                                                                                                                                                                                                        0x00bcc220
                                                                                                                                                                                                                                                        0x00bcc223
                                                                                                                                                                                                                                                        0x00bcc229
                                                                                                                                                                                                                                                        0x00bcc230
                                                                                                                                                                                                                                                        0x00bcc23e
                                                                                                                                                                                                                                                        0x00bcc317
                                                                                                                                                                                                                                                        0x00bcc31c
                                                                                                                                                                                                                                                        0x00bcc326
                                                                                                                                                                                                                                                        0x00bcc343
                                                                                                                                                                                                                                                        0x00bcc34d
                                                                                                                                                                                                                                                        0x00bcc352
                                                                                                                                                                                                                                                        0x00bcc352
                                                                                                                                                                                                                                                        0x00bcc326
                                                                                                                                                                                                                                                        0x00bcc244
                                                                                                                                                                                                                                                        0x00bcc24c
                                                                                                                                                                                                                                                        0x00bcc2ef
                                                                                                                                                                                                                                                        0x00bcc2ef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc252
                                                                                                                                                                                                                                                        0x00bcc255
                                                                                                                                                                                                                                                        0x00bcc258
                                                                                                                                                                                                                                                        0x00bcc25e
                                                                                                                                                                                                                                                        0x00bcc26d
                                                                                                                                                                                                                                                        0x00bcc274
                                                                                                                                                                                                                                                        0x00bcc30e
                                                                                                                                                                                                                                                        0x00bcc2f1
                                                                                                                                                                                                                                                        0x00bcc2f6
                                                                                                                                                                                                                                                        0x00bcc304
                                                                                                                                                                                                                                                        0x00bcc304
                                                                                                                                                                                                                                                        0x00bcc27c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc27e
                                                                                                                                                                                                                                                        0x00bcc27e
                                                                                                                                                                                                                                                        0x00bcc281
                                                                                                                                                                                                                                                        0x00bcc283
                                                                                                                                                                                                                                                        0x00bcc28b
                                                                                                                                                                                                                                                        0x00bcc28d
                                                                                                                                                                                                                                                        0x00bcc293
                                                                                                                                                                                                                                                        0x00bcc298
                                                                                                                                                                                                                                                        0x00bcc29e
                                                                                                                                                                                                                                                        0x00bcc2a5
                                                                                                                                                                                                                                                        0x00bcc2ac
                                                                                                                                                                                                                                                        0x00bcc2b6
                                                                                                                                                                                                                                                        0x00bcc2ba
                                                                                                                                                                                                                                                        0x00bcc2c1
                                                                                                                                                                                                                                                        0x00bcc2c8
                                                                                                                                                                                                                                                        0x00bcc2cf
                                                                                                                                                                                                                                                        0x00bcc2d6
                                                                                                                                                                                                                                                        0x00bcc2dd
                                                                                                                                                                                                                                                        0x00bcc2e4
                                                                                                                                                                                                                                                        0x00bcc2e7
                                                                                                                                                                                                                                                        0x00bcc2e7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc2e4
                                                                                                                                                                                                                                                        0x00bcc27c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000068), ref: 00BCC283
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000008,?,00000044,00000000), ref: 00BCC2AC
                                                                                                                                                                                                                                                        • FreeSid.ADVAPI32(00000000), ref: 00BCC2E7
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCC317
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(userenv), ref: 00BCC331
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CreateAppContainerProfile), ref: 00BCC33D
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCC34D
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC360: ??2@YAPAXI@Z.MOZGLUE(00000068,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BCC3BC
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC360: memcpy.NTDLL(00000008,?,00000044,00000000), ref: 00BCC3E5
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC360: FreeSid.ADVAPI32(00000000,?,?,00000000), ref: 00BCC420
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Freememcpy$AddressHandleInit_thread_footerInit_thread_headerModuleProc
                                                                                                                                                                                                                                                        • String ID: CreateAppContainerProfile$userenv
                                                                                                                                                                                                                                                        • API String ID: 1127064212-483217340
                                                                                                                                                                                                                                                        • Opcode ID: 98f238339a5534011c9cbb6780eac3d20333193198f0d900264e37f0fc6fa36e
                                                                                                                                                                                                                                                        • Instruction ID: ab431ef86954a4b1eb34701c7b51d9496d497b2866598e7e7fe62f53040a5e35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 98f238339a5534011c9cbb6780eac3d20333193198f0d900264e37f0fc6fa36e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6531D0B16003849FD720DFA5DC4AF6B7BE4EB54708F0044ACE90AAB391DB75A908CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 84%
                                                                                                                                                                                                                                                        			E00BCC360(intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				intOrPtr* _t33;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				void* _t39;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t20 ^ _t40;
                                                                                                                                                                                                                                                        				_t31 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t37 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t22 =  *0xbfb4e8; // 0x0
                                                                                                                                                                                                                                                        				if(_t22 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t31 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					_t22 = E00BEE547(_t22, 0xbfb4e8);
                                                                                                                                                                                                                                                        					_t41 = _t41 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfb4e8 == 0xffffffff) {
                                                                                                                                                                                                                                                        						 *0xbfb4e4 = GetProcAddress(GetModuleHandleW(L"userenv"), "DeriveAppContainerSidFromAppContainerName");
                                                                                                                                                                                                                                                        						_t22 = E00BEE599(0xbfb4e8);
                                                                                                                                                                                                                                                        						_t41 = _t41 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t33 =  *0xbfb4e4; // 0x0
                                                                                                                                                                                                                                                        				if(_t33 == 0) {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t39 = 0;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t37 =  &_v92;
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					_t22 =  *_t33(_a4,  &_v92);
                                                                                                                                                                                                                                                        					if(_t22 < 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t30 = _v92;
                                                                                                                                                                                                                                                        						_push(0x68);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t39 = _t22;
                                                                                                                                                                                                                                                        						_t38 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t38, _t30);
                                                                                                                                                                                                                                                        						 *_t39 = 0xbf1210;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 4)) = 0;
                                                                                                                                                                                                                                                        						_t11 = _t39 + 8; // 0x8
                                                                                                                                                                                                                                                        						_t22 = memcpy(_t11, _t38, 0x44);
                                                                                                                                                                                                                                                        						 *((char*)(_t39 + 0x4c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 0x54)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 0x50)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 0x5c)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 0x58)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 0x64)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t39 + 0x60)) = 0;
                                                                                                                                                                                                                                                        						if(_t30 != 0) {
                                                                                                                                                                                                                                                        							_t22 = FreeSid(_t30);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						E00BEECB0(_t22, _v20 ^ _t40, _t37);
                                                                                                                                                                                                                                                        						return _t39;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bcc369
                                                                                                                                                                                                                                                        0x00bcc370
                                                                                                                                                                                                                                                        0x00bcc373
                                                                                                                                                                                                                                                        0x00bcc379
                                                                                                                                                                                                                                                        0x00bcc380
                                                                                                                                                                                                                                                        0x00bcc38e
                                                                                                                                                                                                                                                        0x00bcc443
                                                                                                                                                                                                                                                        0x00bcc448
                                                                                                                                                                                                                                                        0x00bcc452
                                                                                                                                                                                                                                                        0x00bcc46f
                                                                                                                                                                                                                                                        0x00bcc479
                                                                                                                                                                                                                                                        0x00bcc47e
                                                                                                                                                                                                                                                        0x00bcc47e
                                                                                                                                                                                                                                                        0x00bcc452
                                                                                                                                                                                                                                                        0x00bcc394
                                                                                                                                                                                                                                                        0x00bcc39c
                                                                                                                                                                                                                                                        0x00bcc428
                                                                                                                                                                                                                                                        0x00bcc428
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc3a2
                                                                                                                                                                                                                                                        0x00bcc3a5
                                                                                                                                                                                                                                                        0x00bcc3a8
                                                                                                                                                                                                                                                        0x00bcc3b1
                                                                                                                                                                                                                                                        0x00bcc3b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc3b7
                                                                                                                                                                                                                                                        0x00bcc3b7
                                                                                                                                                                                                                                                        0x00bcc3ba
                                                                                                                                                                                                                                                        0x00bcc3bc
                                                                                                                                                                                                                                                        0x00bcc3c4
                                                                                                                                                                                                                                                        0x00bcc3c6
                                                                                                                                                                                                                                                        0x00bcc3cc
                                                                                                                                                                                                                                                        0x00bcc3d1
                                                                                                                                                                                                                                                        0x00bcc3d7
                                                                                                                                                                                                                                                        0x00bcc3de
                                                                                                                                                                                                                                                        0x00bcc3e5
                                                                                                                                                                                                                                                        0x00bcc3ef
                                                                                                                                                                                                                                                        0x00bcc3f3
                                                                                                                                                                                                                                                        0x00bcc3fa
                                                                                                                                                                                                                                                        0x00bcc401
                                                                                                                                                                                                                                                        0x00bcc408
                                                                                                                                                                                                                                                        0x00bcc40f
                                                                                                                                                                                                                                                        0x00bcc416
                                                                                                                                                                                                                                                        0x00bcc41d
                                                                                                                                                                                                                                                        0x00bcc420
                                                                                                                                                                                                                                                        0x00bcc420
                                                                                                                                                                                                                                                        0x00bcc42a
                                                                                                                                                                                                                                                        0x00bcc42f
                                                                                                                                                                                                                                                        0x00bcc43d
                                                                                                                                                                                                                                                        0x00bcc43d
                                                                                                                                                                                                                                                        0x00bcc3b5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000068,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BCC3BC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000008,?,00000044,00000000), ref: 00BCC3E5
                                                                                                                                                                                                                                                        • FreeSid.ADVAPI32(00000000,?,?,00000000), ref: 00BCC420
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCC443
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(userenv), ref: 00BCC45D
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,DeriveAppContainerSidFromAppContainerName), ref: 00BCC469
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCC479
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • DeriveAppContainerSidFromAppContainerName, xrefs: 00BCC463
                                                                                                                                                                                                                                                        • userenv, xrefs: 00BCC458
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@AddressFreeHandleInit_thread_footerInit_thread_headerModuleProcmemcpy
                                                                                                                                                                                                                                                        • String ID: DeriveAppContainerSidFromAppContainerName$userenv
                                                                                                                                                                                                                                                        • API String ID: 3618151330-855603467
                                                                                                                                                                                                                                                        • Opcode ID: 708bee6671afa7fe189da63097acc6f5a09d28d307798e61096ee09c49e2066e
                                                                                                                                                                                                                                                        • Instruction ID: 7a65fb6e572d9b7b301bae6b18fcb3771beb7c67a5b6a873d3ec196b199abd82
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 708bee6671afa7fe189da63097acc6f5a09d28d307798e61096ee09c49e2066e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D31C3B16003449BD724DFA5DC59F6B7BF4EF44704F00485CE9065B391DB75A948CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 91%
                                                                                                                                                                                                                                                        			E00BC88B0(void* __ecx, void* __edx, void* __eflags, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				intOrPtr _t18;
                                                                                                                                                                                                                                                        				intOrPtr _t19;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				intOrPtr* _t32;
                                                                                                                                                                                                                                                        				signed int _t35;
                                                                                                                                                                                                                                                        				intOrPtr* _t37;
                                                                                                                                                                                                                                                        				intOrPtr* _t43;
                                                                                                                                                                                                                                                        				char* _t44;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t43 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t14 ^ _t45;
                                                                                                                                                                                                                                                        				E00BC8F00(L00BC8E90(_t31, __edx, _t43), _t43);
                                                                                                                                                                                                                                                        				_t35 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t42 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa86c; // 0x0
                                                                                                                                                                                                                                                        				if(_t18 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t35 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					E00BEE547(_t18, 0xbfa86c);
                                                                                                                                                                                                                                                        					_t46 = _t46 + 4;
                                                                                                                                                                                                                                                        					if( *0xbfa86c == 0xffffffff) {
                                                                                                                                                                                                                                                        						 *0xbfa868 = GetProcAddress(GetModuleHandleW(L"Kernel32.dll"), "SetThreadDescription");
                                                                                                                                                                                                                                                        						E00BEE599(0xbfa86c);
                                                                                                                                                                                                                                                        						_t46 = _t46 + 4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa868; // 0x0
                                                                                                                                                                                                                                                        				if(_t32 != 0) {
                                                                                                                                                                                                                                                        					_t19 =  *((intOrPtr*)(_t43 + 0x10));
                                                                                                                                                                                                                                                        					__eflags =  *((intOrPtr*)(_t43 + 0x14)) - 0xf;
                                                                                                                                                                                                                                                        					_t37 = _t43;
                                                                                                                                                                                                                                                        					if(__eflags > 0) {
                                                                                                                                                                                                                                                        						_t37 =  *_t43;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t44 =  &_v44;
                                                                                                                                                                                                                                                        					E00BC7C90(__eflags, _t44, _t37, _t19);
                                                                                                                                                                                                                                                        					_t46 = _t46 + 0xc;
                                                                                                                                                                                                                                                        					__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        					if(_v24 > 7) {
                                                                                                                                                                                                                                                        						_t44 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t21 = GetCurrentThread();
                                                                                                                                                                                                                                                        					E00BBDF30( *_t32(_t21, _t44),  &_v44, _t42);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(IsDebuggerPresent() != 0) {
                                                                                                                                                                                                                                                        					__eflags =  *((intOrPtr*)(_t43 + 0x14)) - 0xf;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t43 + 0x14)) > 0xf) {
                                                                                                                                                                                                                                                        						_t43 =  *_t43;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t24 = E00BC89B0(GetCurrentThreadId(), _t43);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_t24, _v20 ^ _t45, _t42);
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bc88b9
                                                                                                                                                                                                                                                        0x00bc88be
                                                                                                                                                                                                                                                        0x00bc88c3
                                                                                                                                                                                                                                                        0x00bc88ce
                                                                                                                                                                                                                                                        0x00bc88d3
                                                                                                                                                                                                                                                        0x00bc88d9
                                                                                                                                                                                                                                                        0x00bc88e0
                                                                                                                                                                                                                                                        0x00bc88ee
                                                                                                                                                                                                                                                        0x00bc88f5
                                                                                                                                                                                                                                                        0x00bc88fa
                                                                                                                                                                                                                                                        0x00bc8904
                                                                                                                                                                                                                                                        0x00bc891d
                                                                                                                                                                                                                                                        0x00bc8927
                                                                                                                                                                                                                                                        0x00bc892c
                                                                                                                                                                                                                                                        0x00bc892c
                                                                                                                                                                                                                                                        0x00bc8904
                                                                                                                                                                                                                                                        0x00bc892f
                                                                                                                                                                                                                                                        0x00bc8937
                                                                                                                                                                                                                                                        0x00bc8955
                                                                                                                                                                                                                                                        0x00bc8958
                                                                                                                                                                                                                                                        0x00bc895c
                                                                                                                                                                                                                                                        0x00bc895e
                                                                                                                                                                                                                                                        0x00bc8960
                                                                                                                                                                                                                                                        0x00bc8960
                                                                                                                                                                                                                                                        0x00bc8962
                                                                                                                                                                                                                                                        0x00bc8968
                                                                                                                                                                                                                                                        0x00bc896d
                                                                                                                                                                                                                                                        0x00bc8970
                                                                                                                                                                                                                                                        0x00bc8974
                                                                                                                                                                                                                                                        0x00bc8976
                                                                                                                                                                                                                                                        0x00bc8976
                                                                                                                                                                                                                                                        0x00bc8979
                                                                                                                                                                                                                                                        0x00bc8986
                                                                                                                                                                                                                                                        0x00bc8986
                                                                                                                                                                                                                                                        0x00bc8941
                                                                                                                                                                                                                                                        0x00bc898d
                                                                                                                                                                                                                                                        0x00bc8991
                                                                                                                                                                                                                                                        0x00bc8993
                                                                                                                                                                                                                                                        0x00bc8993
                                                                                                                                                                                                                                                        0x00bc899d
                                                                                                                                                                                                                                                        0x00bc89a2
                                                                                                                                                                                                                                                        0x00bc8954

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8F00: GetCurrentThreadId.KERNEL32 ref: 00BC8F15
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8F00: ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00BC88D3,?), ref: 00BC8F45
                                                                                                                                                                                                                                                          • Part of subcall function 00BC8F00: RtlReleaseSRWLockExclusive.NTDLL ref: 00BC8FCD
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BC88F5
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE552
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: LeaveCriticalSection.KERNEL32(00BFA18C,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE58F
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(Kernel32.dll,?), ref: 00BC890B
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetThreadDescription), ref: 00BC8917
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BC8927
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE599: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,00BCAD2A,00BFB4A8), ref: 00BEE5A3
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE599: LeaveCriticalSection.KERNEL32(00BFA18C,?,00BCAD2A,00BFB4A8), ref: 00BEE5D6
                                                                                                                                                                                                                                                        • IsDebuggerPresent.KERNEL32(?,?,?), ref: 00BC8939
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BC8979
                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 00BC8995
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$CurrentThread$EnterLeave$??2@AddressDebuggerExclusiveHandleInit_thread_footerInit_thread_headerLockModulePresentProcRelease
                                                                                                                                                                                                                                                        • String ID: Kernel32.dll$SetThreadDescription
                                                                                                                                                                                                                                                        • API String ID: 3618487677-1724334159
                                                                                                                                                                                                                                                        • Opcode ID: 1468b37b9ee926948d788733ed8cac0d7fd91443a13b63bf615dc32944b37229
                                                                                                                                                                                                                                                        • Instruction ID: 8924fd905d441659f5631b1e97b2d281181b2cd439abeecce5482ff73ad11f10
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1468b37b9ee926948d788733ed8cac0d7fd91443a13b63bf615dc32944b37229
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4F21DEB1A002059BDB14AFA1EC49EBE77F4EF44710B0404ADE91A97251EFB1AC45CBA3
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 94%
                                                                                                                                                                                                                                                        			E00BE30E0(long __edx, void* __eflags, int _a4, intOrPtr _a8, intOrPtr* _a12, intOrPtr _a16, int _a20, intOrPtr _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v24;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v28;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v32;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v36;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v40;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v44;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v56;
                                                                                                                                                                                                                                                        				void* _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v72;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v76;
                                                                                                                                                                                                                                                        				struct _SECURITY_ATTRIBUTES* _v80;
                                                                                                                                                                                                                                                        				struct _SECURITY_DESCRIPTOR* _v84;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				int _t60;
                                                                                                                                                                                                                                                        				long _t63;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				int _t67;
                                                                                                                                                                                                                                                        				int _t71;
                                                                                                                                                                                                                                                        				int _t74;
                                                                                                                                                                                                                                                        				int _t80;
                                                                                                                                                                                                                                                        				intOrPtr _t82;
                                                                                                                                                                                                                                                        				int _t85;
                                                                                                                                                                                                                                                        				long _t102;
                                                                                                                                                                                                                                                        				intOrPtr* _t103;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t100 = __edx;
                                                                                                                                                                                                                                                        				_t53 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t53 ^ _t106;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtCreateLowBoxToken",  &_v24);
                                                                                                                                                                                                                                                        				_t57 = E00BCBDD0();
                                                                                                                                                                                                                                                        				_t102 = 0x78;
                                                                                                                                                                                                                                                        				if(_t57 < 5) {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_t57, _v20 ^ _t106, _t100);
                                                                                                                                                                                                                                                        					return _t102;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t82 = _a8;
                                                                                                                                                                                                                                                        				_t102 = 0x57;
                                                                                                                                                                                                                                                        				if(_t82 > 1) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t105 = _a24;
                                                                                                                                                                                                                                                        				if(_a24 != 0) {
                                                                                                                                                                                                                                                        					_t60 = _a4;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					__eflags = _t60;
                                                                                                                                                                                                                                                        					if(_t60 != 0) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t85 = _a20;
                                                                                                                                                                                                                                                        						_t103 = _a12;
                                                                                                                                                                                                                                                        						_v52 = 0x18;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v56 = 0;
                                                                                                                                                                                                                                                        						__eflags = _t85;
                                                                                                                                                                                                                                                        						_t100 =  ==  ? _t85 : _a16;
                                                                                                                                                                                                                                                        						__eflags = _v24( &_v56, _t60, 0xf01ff,  &_v52,  *_t103,  *((intOrPtr*)(_t103 + 8)),  *((intOrPtr*)(_t103 + 4)), _t85,  ==  ? _t85 : _a16);
                                                                                                                                                                                                                                                        						if(__eflags < 0) {
                                                                                                                                                                                                                                                        							_t63 = E00BEB570(_t100, __eflags, _t62);
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_t102 = _t63;
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_t57 = E00BC51B0(_t63,  &_v28);
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_t65 = E00BC5200(_v56,  &_v60, _v56);
                                                                                                                                                                                                                                                        						__eflags = _t82 - 1;
                                                                                                                                                                                                                                                        						if(_t82 != 1) {
                                                                                                                                                                                                                                                        							_v64 = 0;
                                                                                                                                                                                                                                                        							_t67 = DuplicateTokenEx(_v60, 0xf01ff, 0, 2, 2,  &_v64);
                                                                                                                                                                                                                                                        							__eflags = _t67;
                                                                                                                                                                                                                                                        							if(_t67 != 0) {
                                                                                                                                                                                                                                                        								_v68 = 0;
                                                                                                                                                                                                                                                        								E00BC5200(_v64,  &_v68, _v64);
                                                                                                                                                                                                                                                        								_v80 = 0;
                                                                                                                                                                                                                                                        								_v76 = 0;
                                                                                                                                                                                                                                                        								_v72 = 0;
                                                                                                                                                                                                                                                        								_v84 = 0;
                                                                                                                                                                                                                                                        								_t100 = 4;
                                                                                                                                                                                                                                                        								_t71 = E00BE2FE0(_v60, 4,  &_v80,  &_v84);
                                                                                                                                                                                                                                                        								_t102 = _t71;
                                                                                                                                                                                                                                                        								__eflags = _t71;
                                                                                                                                                                                                                                                        								if(_t71 == 0) {
                                                                                                                                                                                                                                                        									_t74 = SetKernelObjectSecurity(_v68, 4, _v84);
                                                                                                                                                                                                                                                        									__eflags = _t74;
                                                                                                                                                                                                                                                        									if(_t74 != 0) {
                                                                                                                                                                                                                                                        										E00BC5200(E00BC5260(_t74,  &_v68), _t105, _t75);
                                                                                                                                                                                                                                                        										_t102 = 0;
                                                                                                                                                                                                                                                        										__eflags = 0;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t102 = GetLastError();
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t73 = E00BC51B0(E00BC3010( &_v80),  &_v68);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t102 = GetLastError();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t73 = E00BC5200(E00BC5260(_t65,  &_v60), _t105, _t78);
                                                                                                                                                                                                                                                        							_t102 = 0;
                                                                                                                                                                                                                                                        							__eflags = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t63 = E00BC51B0(_t73,  &_v60);
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_t80 = OpenProcessToken(GetCurrentProcess(), 0xf01ff,  &_v52);
                                                                                                                                                                                                                                                        					__eflags = _t80;
                                                                                                                                                                                                                                                        					if(_t80 != 0) {
                                                                                                                                                                                                                                                        						E00BC5200(_t80,  &_v28, _v52);
                                                                                                                                                                                                                                                        						_t60 = _v52;
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t63 = GetLastError();
                                                                                                                                                                                                                                                        						goto L13;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L3;
                                                                                                                                                                                                                                                        			}


































                                                                                                                                                                                                                                                        0x00be30e0
                                                                                                                                                                                                                                                        0x00be30e9
                                                                                                                                                                                                                                                        0x00be30f0
                                                                                                                                                                                                                                                        0x00be30f6
                                                                                                                                                                                                                                                        0x00be3103
                                                                                                                                                                                                                                                        0x00be310b
                                                                                                                                                                                                                                                        0x00be3110
                                                                                                                                                                                                                                                        0x00be3118
                                                                                                                                                                                                                                                        0x00be312e
                                                                                                                                                                                                                                                        0x00be3133
                                                                                                                                                                                                                                                        0x00be3141
                                                                                                                                                                                                                                                        0x00be3141
                                                                                                                                                                                                                                                        0x00be311a
                                                                                                                                                                                                                                                        0x00be311d
                                                                                                                                                                                                                                                        0x00be3125
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3127
                                                                                                                                                                                                                                                        0x00be312c
                                                                                                                                                                                                                                                        0x00be3142
                                                                                                                                                                                                                                                        0x00be3145
                                                                                                                                                                                                                                                        0x00be314c
                                                                                                                                                                                                                                                        0x00be314e
                                                                                                                                                                                                                                                        0x00be318a
                                                                                                                                                                                                                                                        0x00be318a
                                                                                                                                                                                                                                                        0x00be3190
                                                                                                                                                                                                                                                        0x00be3193
                                                                                                                                                                                                                                                        0x00be319a
                                                                                                                                                                                                                                                        0x00be31a1
                                                                                                                                                                                                                                                        0x00be31a8
                                                                                                                                                                                                                                                        0x00be31af
                                                                                                                                                                                                                                                        0x00be31b6
                                                                                                                                                                                                                                                        0x00be31bd
                                                                                                                                                                                                                                                        0x00be31c4
                                                                                                                                                                                                                                                        0x00be31c6
                                                                                                                                                                                                                                                        0x00be31e4
                                                                                                                                                                                                                                                        0x00be31e6
                                                                                                                                                                                                                                                        0x00be321d
                                                                                                                                                                                                                                                        0x00be3225
                                                                                                                                                                                                                                                        0x00be3225
                                                                                                                                                                                                                                                        0x00be3227
                                                                                                                                                                                                                                                        0x00be322a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be322a
                                                                                                                                                                                                                                                        0x00be31eb
                                                                                                                                                                                                                                                        0x00be31f6
                                                                                                                                                                                                                                                        0x00be31fb
                                                                                                                                                                                                                                                        0x00be31fe
                                                                                                                                                                                                                                                        0x00be3237
                                                                                                                                                                                                                                                        0x00be324d
                                                                                                                                                                                                                                                        0x00be3253
                                                                                                                                                                                                                                                        0x00be3255
                                                                                                                                                                                                                                                        0x00be3264
                                                                                                                                                                                                                                                        0x00be326f
                                                                                                                                                                                                                                                        0x00be327d
                                                                                                                                                                                                                                                        0x00be3284
                                                                                                                                                                                                                                                        0x00be328b
                                                                                                                                                                                                                                                        0x00be3292
                                                                                                                                                                                                                                                        0x00be3299
                                                                                                                                                                                                                                                        0x00be32a0
                                                                                                                                                                                                                                                        0x00be32a8
                                                                                                                                                                                                                                                        0x00be32aa
                                                                                                                                                                                                                                                        0x00be32ac
                                                                                                                                                                                                                                                        0x00be32b6
                                                                                                                                                                                                                                                        0x00be32bc
                                                                                                                                                                                                                                                        0x00be32be
                                                                                                                                                                                                                                                        0x00be32d5
                                                                                                                                                                                                                                                        0x00be32da
                                                                                                                                                                                                                                                        0x00be32da
                                                                                                                                                                                                                                                        0x00be32c0
                                                                                                                                                                                                                                                        0x00be32c6
                                                                                                                                                                                                                                                        0x00be32c6
                                                                                                                                                                                                                                                        0x00be32be
                                                                                                                                                                                                                                                        0x00be32e7
                                                                                                                                                                                                                                                        0x00be3257
                                                                                                                                                                                                                                                        0x00be325d
                                                                                                                                                                                                                                                        0x00be325d
                                                                                                                                                                                                                                                        0x00be3200
                                                                                                                                                                                                                                                        0x00be320b
                                                                                                                                                                                                                                                        0x00be3210
                                                                                                                                                                                                                                                        0x00be3210
                                                                                                                                                                                                                                                        0x00be3210
                                                                                                                                                                                                                                                        0x00be3215
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3215
                                                                                                                                                                                                                                                        0x00be3150
                                                                                                                                                                                                                                                        0x00be3167
                                                                                                                                                                                                                                                        0x00be316d
                                                                                                                                                                                                                                                        0x00be316f
                                                                                                                                                                                                                                                        0x00be3182
                                                                                                                                                                                                                                                        0x00be3187
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3171
                                                                                                                                                                                                                                                        0x00be3171
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be3171
                                                                                                                                                                                                                                                        0x00be316f
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?), ref: 00BE3157
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,000F01FF,00000000,?,?,?,?,?,?,?), ref: 00BE3167
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?), ref: 00BE3171
                                                                                                                                                                                                                                                        • DuplicateTokenEx.ADVAPI32(00000000,000F01FF,00000000,00000002,00000002,?,00000000), ref: 00BE324D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE3257
                                                                                                                                                                                                                                                        • SetKernelObjectSecurity.ADVAPI32(00000000,00000004,00000000), ref: 00BE32B6
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE32C0
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$ProcessToken$AddressCurrentDuplicateKernelObjectOpenProcSecurity
                                                                                                                                                                                                                                                        • String ID: NtCreateLowBoxToken
                                                                                                                                                                                                                                                        • API String ID: 3861797965-4243535219
                                                                                                                                                                                                                                                        • Opcode ID: efcd3e8684d0a0149d8c0b65012b110bfb8987d403a7ef4c2f3fc770df649f2e
                                                                                                                                                                                                                                                        • Instruction ID: 11369472c026d5f26ea5373ab7e81ada88301a8be0bd6742211b63e339e794e1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: efcd3e8684d0a0149d8c0b65012b110bfb8987d403a7ef4c2f3fc770df649f2e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4C515EB1A00209ABEF10DFA1DC99BEEBBF9FF44704F504058F905A7280DB74A905CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BC52B0(intOrPtr __edx, char _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t46;
                                                                                                                                                                                                                                                        				intOrPtr _t50;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				char* _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t72;
                                                                                                                                                                                                                                                        				intOrPtr* _t73;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				intOrPtr _t80;
                                                                                                                                                                                                                                                        				intOrPtr* _t93;
                                                                                                                                                                                                                                                        				intOrPtr* _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t98;
                                                                                                                                                                                                                                                        				intOrPtr* _t100;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t92 = __edx;
                                                                                                                                                                                                                                                        				_t100 = (_t98 & 0xfffffff0) - 0xd0;
                                                                                                                                                                                                                                                        				_t96 = _t100;
                                                                                                                                                                                                                                                        				_t41 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				 *(_t96 + 0xc8) = _t41 ^ _t97;
                                                                                                                                                                                                                                                        				_t72 = _a8;
                                                                                                                                                                                                                                                        				_t93 = _a4;
                                                                                                                                                                                                                                                        				if(_t72 + 1 > 1) {
                                                                                                                                                                                                                                                        					__eflags =  *( &_a4 + 0xc);
                                                                                                                                                                                                                                                        					if(__eflags == 0 || __eflags < 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t79 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        						_t92 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        						_t50 =  *0xbfa85c; // 0x0
                                                                                                                                                                                                                                                        						_t80 =  *((intOrPtr*)( *[fs:0x2c] + _t79 * 4));
                                                                                                                                                                                                                                                        						__eflags = _t50 -  *((intOrPtr*)(_t80 + 4));
                                                                                                                                                                                                                                                        						if(_t50 >  *((intOrPtr*)(_t80 + 4))) {
                                                                                                                                                                                                                                                        							E00BEE547(_t50, 0xbfa85c);
                                                                                                                                                                                                                                                        							_t100 = _t100 + 4;
                                                                                                                                                                                                                                                        							__eflags =  *0xbfa85c - 0xffffffff;
                                                                                                                                                                                                                                                        							if( *0xbfa85c == 0xffffffff) {
                                                                                                                                                                                                                                                        								 *0xbfa858 = GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "NtQuerySection");
                                                                                                                                                                                                                                                        								E00BEE599(0xbfa85c);
                                                                                                                                                                                                                                                        								_t100 = _t100 + 4;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esi+0x10], xmm0");
                                                                                                                                                                                                                                                        						_t53 =  *0xbfa858(_t72, 0, _t96 + 0x10, 0x10, 0);
                                                                                                                                                                                                                                                        						__eflags = _t53;
                                                                                                                                                                                                                                                        						if(_t53 != 0) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__eflags =  *(_t96 + 0x14) & 0x01000000;
                                                                                                                                                                                                                                                        							if(( *(_t96 + 0x14) & 0x01000000) != 0) {
                                                                                                                                                                                                                                                        								goto L1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t92 =  *((intOrPtr*)( &_a4 + 8));
                                                                                                                                                                                                                                                        							_t55 = E00BC5460( *((intOrPtr*)( &_a4 + 4)),  *((intOrPtr*)( &_a4 + 8)));
                                                                                                                                                                                                                                                        							__eflags = _t55;
                                                                                                                                                                                                                                                        							if(_t55 == 0) {
                                                                                                                                                                                                                                                        								_push("CheckPlatformHandlePermissionsCorrespondToMode(handle.Get(), mode, size)");
                                                                                                                                                                                                                                                        								E00BC1FF0(_t96 + 0x10, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/memory/platform_shared_memory_region_win.cc", 0x90);
                                                                                                                                                                                                                                                        								E00BC20C0();
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t96 + 0xc)) = _t100;
                                                                                                                                                                                                                                                        							_t56 =  &_a4;
                                                                                                                                                                                                                                                        							_t73 = _t100 - 0x10;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t96 + 8)) =  *((intOrPtr*)(_t56 + 0x10));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t96 + 4)) =  *((intOrPtr*)(_t56 + 8));
                                                                                                                                                                                                                                                        							 *_t73 = 0;
                                                                                                                                                                                                                                                        							 *_t96 =  *((intOrPtr*)(_t56 + 0xc));
                                                                                                                                                                                                                                                        							E00BC5200(E00BC5260(_t56, _t56 + 4), _t73, _t57);
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t73 + 4)) =  *((intOrPtr*)(_t96 + 4));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t73 + 8)) =  *_t96;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t73 + 0xc)) =  *((intOrPtr*)(_t96 + 8));
                                                                                                                                                                                                                                                        							 *_t93 = 0;
                                                                                                                                                                                                                                                        							E00BC5200(E00BC5260( *((intOrPtr*)(_t96 + 8)), _t73), _t93, _t62);
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t93 + 4)) =  *((intOrPtr*)(_t73 + 4));
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t93 + 8)) =  *((intOrPtr*)(_t73 + 8));
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x18], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x10], xmm0");
                                                                                                                                                                                                                                                        							E00BC51B0( *((intOrPtr*)(_t73 + 0xc)), _t73);
                                                                                                                                                                                                                                                        							L2:
                                                                                                                                                                                                                                                        							_t46 =  &_a4;
                                                                                                                                                                                                                                                        							E00BEECB0(E00BC51B0(_t46, _t46 + 4),  *(_t96 + 0xc8) ^ _t97, _t92);
                                                                                                                                                                                                                                                        							return  *_t46;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BC50C0(_t93);
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bc52b0
                                                                                                                                                                                                                                                        0x00bc52b9
                                                                                                                                                                                                                                                        0x00bc52bf
                                                                                                                                                                                                                                                        0x00bc52c1
                                                                                                                                                                                                                                                        0x00bc52c8
                                                                                                                                                                                                                                                        0x00bc52ce
                                                                                                                                                                                                                                                        0x00bc52d1
                                                                                                                                                                                                                                                        0x00bc52da
                                                                                                                                                                                                                                                        0x00bc530c
                                                                                                                                                                                                                                                        0x00bc5310
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5314
                                                                                                                                                                                                                                                        0x00bc5314
                                                                                                                                                                                                                                                        0x00bc531a
                                                                                                                                                                                                                                                        0x00bc5321
                                                                                                                                                                                                                                                        0x00bc5326
                                                                                                                                                                                                                                                        0x00bc5329
                                                                                                                                                                                                                                                        0x00bc532f
                                                                                                                                                                                                                                                        0x00bc541a
                                                                                                                                                                                                                                                        0x00bc541f
                                                                                                                                                                                                                                                        0x00bc5422
                                                                                                                                                                                                                                                        0x00bc5429
                                                                                                                                                                                                                                                        0x00bc5446
                                                                                                                                                                                                                                                        0x00bc5450
                                                                                                                                                                                                                                                        0x00bc5455
                                                                                                                                                                                                                                                        0x00bc5455
                                                                                                                                                                                                                                                        0x00bc5429
                                                                                                                                                                                                                                                        0x00bc5335
                                                                                                                                                                                                                                                        0x00bc533b
                                                                                                                                                                                                                                                        0x00bc5347
                                                                                                                                                                                                                                                        0x00bc534d
                                                                                                                                                                                                                                                        0x00bc534f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5351
                                                                                                                                                                                                                                                        0x00bc5351
                                                                                                                                                                                                                                                        0x00bc5358
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5360
                                                                                                                                                                                                                                                        0x00bc5363
                                                                                                                                                                                                                                                        0x00bc5368
                                                                                                                                                                                                                                                        0x00bc536a
                                                                                                                                                                                                                                                        0x00bc5371
                                                                                                                                                                                                                                                        0x00bc5380
                                                                                                                                                                                                                                                        0x00bc5387
                                                                                                                                                                                                                                                        0x00bc5387
                                                                                                                                                                                                                                                        0x00bc538c
                                                                                                                                                                                                                                                        0x00bc5392
                                                                                                                                                                                                                                                        0x00bc5395
                                                                                                                                                                                                                                                        0x00bc539a
                                                                                                                                                                                                                                                        0x00bc53a0
                                                                                                                                                                                                                                                        0x00bc53a6
                                                                                                                                                                                                                                                        0x00bc53ac
                                                                                                                                                                                                                                                        0x00bc53b9
                                                                                                                                                                                                                                                        0x00bc53c3
                                                                                                                                                                                                                                                        0x00bc53c8
                                                                                                                                                                                                                                                        0x00bc53ce
                                                                                                                                                                                                                                                        0x00bc53d1
                                                                                                                                                                                                                                                        0x00bc53df
                                                                                                                                                                                                                                                        0x00bc53e9
                                                                                                                                                                                                                                                        0x00bc53ef
                                                                                                                                                                                                                                                        0x00bc53f5
                                                                                                                                                                                                                                                        0x00bc53f9
                                                                                                                                                                                                                                                        0x00bc53fe
                                                                                                                                                                                                                                                        0x00bc5403
                                                                                                                                                                                                                                                        0x00bc5408
                                                                                                                                                                                                                                                        0x00bc52e3
                                                                                                                                                                                                                                                        0x00bc52e3
                                                                                                                                                                                                                                                        0x00bc52fa
                                                                                                                                                                                                                                                        0x00bc5308
                                                                                                                                                                                                                                                        0x00bc5308
                                                                                                                                                                                                                                                        0x00bc534f
                                                                                                                                                                                                                                                        0x00bc5310
                                                                                                                                                                                                                                                        0x00bc52dc
                                                                                                                                                                                                                                                        0x00bc52de
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BC541A
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: EnterCriticalSection.KERNEL32(00BFA18C,00000000,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE552
                                                                                                                                                                                                                                                          • Part of subcall function 00BEE547: LeaveCriticalSection.KERNEL32(00BFA18C,?,?,00BCACFB,00BFB4A8,?,?,00BCAC8F,?,?,?,?,00BCABA3), ref: 00BEE58F
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll), ref: 00BC5434
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NtQuerySection), ref: 00BC5440
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BC5450
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/memory/platform_shared_memory_region_win.cc, xrefs: 00BC537B
                                                                                                                                                                                                                                                        • CheckPlatformHandlePermissionsCorrespondToMode(handle.Get(), mode, size), xrefs: 00BC5371
                                                                                                                                                                                                                                                        • ntdll.dll, xrefs: 00BC542F
                                                                                                                                                                                                                                                        • NtQuerySection, xrefs: 00BC543A
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$AddressEnterHandleInit_thread_footerInit_thread_headerLeaveModuleProc
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/memory/platform_shared_memory_region_win.cc$CheckPlatformHandlePermissionsCorrespondToMode(handle.Get(), mode, size)$NtQuerySection$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 598948434-2418523825
                                                                                                                                                                                                                                                        • Opcode ID: 76c375f3991c2560194922d2e8882912f5a05686896934df91d0bc9d45dae218
                                                                                                                                                                                                                                                        • Instruction ID: b90bc6f4246a00e655ad49c8ad2a8bf075dd0bef6ec36883ad562ab578f0886e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76c375f3991c2560194922d2e8882912f5a05686896934df91d0bc9d45dae218
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A05180B0600B049FC724DF24C885F66B7E5EF48350F1485ADE85A8B352EB70F989CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BCC4E0(void* __ecx, intOrPtr _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed int _t14;
                                                                                                                                                                                                                                                        				intOrPtr _t16;
                                                                                                                                                                                                                                                        				int _t17;
                                                                                                                                                                                                                                                        				int _t22;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t14 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t36 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t14 ^ _t38;
                                                                                                                                                                                                                                                        				_t28 =  *0xbfa1d8; // 0x0
                                                                                                                                                                                                                                                        				_t35 =  *[fs:0x2c];
                                                                                                                                                                                                                                                        				_t16 =  *0xbfb4f0; // 0x0
                                                                                                                                                                                                                                                        				if(_t16 >  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x2c] + _t28 * 4)) + 4))) {
                                                                                                                                                                                                                                                        					_t16 = E00BEE547(_t16, 0xbfb4f0);
                                                                                                                                                                                                                                                        					__eflags =  *0xbfb4f0 - 0xffffffff;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *0xbfb4ec = GetProcAddress(GetModuleHandleW(L"userenv"), "GetAppContainerRegistryLocation");
                                                                                                                                                                                                                                                        					_t16 = E00BEE599(0xbfb4f0);
                                                                                                                                                                                                                                                        					__eflags =  *0xbfb4ec;
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t26 = 0;
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						E00BEECB0(_t16, _v16 ^ _t38, _t35);
                                                                                                                                                                                                                                                        						return _t26;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t35 =  &_v20;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					_t17 = E00BCC5E0(_t16, _t36,  &_v20, __eflags);
                                                                                                                                                                                                                                                        					__eflags = _t17;
                                                                                                                                                                                                                                                        					if(_t17 == 0) {
                                                                                                                                                                                                                                                        						_t26 = 0;
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t16 = E00BC51B0(_t17,  &_v20);
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					ImpersonateLoggedOnUser(_v20);
                                                                                                                                                                                                                                                        					_t22 =  *0xbfb4ec(_a4,  &_v24);
                                                                                                                                                                                                                                                        					__eflags = _t22;
                                                                                                                                                                                                                                                        					if(_t22 >= 0) {
                                                                                                                                                                                                                                                        						E00BC5200(_t22, _a8, _v24);
                                                                                                                                                                                                                                                        						_t26 = 1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t26 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t17 = RevertToSelf();
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				if( *0xbfb4ec != 0) {
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bcc4e8
                                                                                                                                                                                                                                                        0x00bcc4ed
                                                                                                                                                                                                                                                        0x00bcc4f1
                                                                                                                                                                                                                                                        0x00bcc4f4
                                                                                                                                                                                                                                                        0x00bcc4fa
                                                                                                                                                                                                                                                        0x00bcc501
                                                                                                                                                                                                                                                        0x00bcc50f
                                                                                                                                                                                                                                                        0x00bcc536
                                                                                                                                                                                                                                                        0x00bcc53e
                                                                                                                                                                                                                                                        0x00bcc545
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc55e
                                                                                                                                                                                                                                                        0x00bcc568
                                                                                                                                                                                                                                                        0x00bcc570
                                                                                                                                                                                                                                                        0x00bcc577
                                                                                                                                                                                                                                                        0x00bcc51a
                                                                                                                                                                                                                                                        0x00bcc51a
                                                                                                                                                                                                                                                        0x00bcc51c
                                                                                                                                                                                                                                                        0x00bcc521
                                                                                                                                                                                                                                                        0x00bcc52e
                                                                                                                                                                                                                                                        0x00bcc52e
                                                                                                                                                                                                                                                        0x00bcc579
                                                                                                                                                                                                                                                        0x00bcc579
                                                                                                                                                                                                                                                        0x00bcc57e
                                                                                                                                                                                                                                                        0x00bcc585
                                                                                                                                                                                                                                                        0x00bcc58a
                                                                                                                                                                                                                                                        0x00bcc58c
                                                                                                                                                                                                                                                        0x00bcc5ad
                                                                                                                                                                                                                                                        0x00bcc5c4
                                                                                                                                                                                                                                                        0x00bcc5c7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc5c7
                                                                                                                                                                                                                                                        0x00bcc594
                                                                                                                                                                                                                                                        0x00bcc59f
                                                                                                                                                                                                                                                        0x00bcc5a5
                                                                                                                                                                                                                                                        0x00bcc5a7
                                                                                                                                                                                                                                                        0x00bcc5b7
                                                                                                                                                                                                                                                        0x00bcc5bc
                                                                                                                                                                                                                                                        0x00bcc5a9
                                                                                                                                                                                                                                                        0x00bcc5a9
                                                                                                                                                                                                                                                        0x00bcc5a9
                                                                                                                                                                                                                                                        0x00bcc5be
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc5be
                                                                                                                                                                                                                                                        0x00bcc511
                                                                                                                                                                                                                                                        0x00bcc518
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • __Init_thread_header.LIBCMT ref: 00BCC536
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(userenv), ref: 00BCC54C
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetAppContainerRegistryLocation), ref: 00BCC558
                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 00BCC568
                                                                                                                                                                                                                                                        • ImpersonateLoggedOnUser.ADVAPI32(00000000), ref: 00BCC594
                                                                                                                                                                                                                                                        • RevertToSelf.ADVAPI32(?), ref: 00BCC5BE
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorHandleLast$AddressImpersonateInit_thread_footerInit_thread_headerLoggedModuleProcRevertSelfUserVerifier
                                                                                                                                                                                                                                                        • String ID: GetAppContainerRegistryLocation$userenv
                                                                                                                                                                                                                                                        • API String ID: 451835585-1384793904
                                                                                                                                                                                                                                                        • Opcode ID: 6dd1172ce11ff056e7ddece790e578fccd221470b0ca439bcab3d13e1bbc2cdf
                                                                                                                                                                                                                                                        • Instruction ID: 50fd6bfdcc202cccd7b746ad15eeda454ef4ee279f2bc557df119d6e401f37e9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6dd1172ce11ff056e7ddece790e578fccd221470b0ca439bcab3d13e1bbc2cdf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 79217F71A002099FCB10EFA5ED96FBA7BE5FB64314F0040A9E919973A2DF706948CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 62%
                                                                                                                                                                                                                                                        			E00BBE460(char _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v17;
                                                                                                                                                                                                                                                        				char _v2064;
                                                                                                                                                                                                                                                        				intOrPtr _v2068;
                                                                                                                                                                                                                                                        				signed int _t11;
                                                                                                                                                                                                                                                        				int _t13;
                                                                                                                                                                                                                                                        				int _t14;
                                                                                                                                                                                                                                                        				intOrPtr* _t15;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				CHAR* _t22;
                                                                                                                                                                                                                                                        				char* _t23;
                                                                                                                                                                                                                                                        				char* _t24;
                                                                                                                                                                                                                                                        				struct _IO_FILE* _t25;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t11 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t11 ^ _t26;
                                                                                                                                                                                                                                                        				_t13 = IsDebuggerPresent();
                                                                                                                                                                                                                                                        				if(_t13 != 0) {
                                                                                                                                                                                                                                                        					_t24 =  &_a8;
                                                                                                                                                                                                                                                        					_v2068 = _t24;
                                                                                                                                                                                                                                                        					_t13 = E00BB18B0();
                                                                                                                                                                                                                                                        					_t22 =  &_v2064;
                                                                                                                                                                                                                                                        					__imp____stdio_common_vsprintf( *_t13 | 0x00000002,  *((intOrPtr*)(_t13 + 4)), _t22, 0x800, "\n\nBROWSERBROWSERBROWSERBROWSER\n  debug me @ %lu\n\n", 0, _t24);
                                                                                                                                                                                                                                                        					_t27 = _t27 + 0x1c;
                                                                                                                                                                                                                                                        					_v17 = 0;
                                                                                                                                                                                                                                                        					OutputDebugStringA(_t22);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp___dup(2);
                                                                                                                                                                                                                                                        				_t14 = _fdopen(_t13, 0xbf344c);
                                                                                                                                                                                                                                                        				if(_t14 != 0) {
                                                                                                                                                                                                                                                        					_t23 =  &_a8;
                                                                                                                                                                                                                                                        					_t25 = _t14;
                                                                                                                                                                                                                                                        					_v2064 = _t23;
                                                                                                                                                                                                                                                        					_t15 = E00BB18B0();
                                                                                                                                                                                                                                                        					__imp____stdio_common_vfprintf( *_t15,  *((intOrPtr*)(_t15 + 4)), _t25, "\n\nBROWSERBROWSERBROWSERBROWSER\n  debug me @ %lu\n\n", 0, _t23);
                                                                                                                                                                                                                                                        					_t14 = fclose(_t25);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_t14, _v16 ^ _t26, _t21);
                                                                                                                                                                                                                                                        			}


















                                                                                                                                                                                                                                                        0x00bbe46b
                                                                                                                                                                                                                                                        0x00bbe472
                                                                                                                                                                                                                                                        0x00bbe475
                                                                                                                                                                                                                                                        0x00bbe47d
                                                                                                                                                                                                                                                        0x00bbe4b1
                                                                                                                                                                                                                                                        0x00bbe4b4
                                                                                                                                                                                                                                                        0x00bbe4ba
                                                                                                                                                                                                                                                        0x00bbe4c1
                                                                                                                                                                                                                                                        0x00bbe4dc
                                                                                                                                                                                                                                                        0x00bbe4e2
                                                                                                                                                                                                                                                        0x00bbe4e5
                                                                                                                                                                                                                                                        0x00bbe4ea
                                                                                                                                                                                                                                                        0x00bbe4ea
                                                                                                                                                                                                                                                        0x00bbe481
                                                                                                                                                                                                                                                        0x00bbe490
                                                                                                                                                                                                                                                        0x00bbe49b
                                                                                                                                                                                                                                                        0x00bbe4f2
                                                                                                                                                                                                                                                        0x00bbe4f5
                                                                                                                                                                                                                                                        0x00bbe4f7
                                                                                                                                                                                                                                                        0x00bbe4fd
                                                                                                                                                                                                                                                        0x00bbe510
                                                                                                                                                                                                                                                        0x00bbe51a
                                                                                                                                                                                                                                                        0x00bbe520
                                                                                                                                                                                                                                                        0x00bbe4b0

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • IsDebuggerPresent.KERNEL32 ref: 00BBE475
                                                                                                                                                                                                                                                        • _dup.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 00BBE481
                                                                                                                                                                                                                                                        • _fdopen.API-MS-WIN-CRT-MATH-L1-1-0(00000000,00BF344C), ref: 00BBE490
                                                                                                                                                                                                                                                        • __stdio_common_vsprintf.API-MS-WIN-CRT-STDIO-L1-1-0(?,?,?,00000800,BROWSERBROWSERBROWSERBROWSER debug me @ %lu,00000000,00000001), ref: 00BBE4DC
                                                                                                                                                                                                                                                        • OutputDebugStringA.KERNEL32(?), ref: 00BBE4EA
                                                                                                                                                                                                                                                        • __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,BROWSERBROWSERBROWSERBROWSER debug me @ %lu,00000000,00000001), ref: 00BBE510
                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 00BBE51A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: DebugDebuggerOutputPresentString__stdio_common_vfprintf__stdio_common_vsprintf_dup_fdopenfclose
                                                                                                                                                                                                                                                        • String ID: BROWSERBROWSERBROWSERBROWSER debug me @ %lu
                                                                                                                                                                                                                                                        • API String ID: 3054222236-2161972429
                                                                                                                                                                                                                                                        • Opcode ID: fc733cb118d8bddc2672167858710b9bbd09a266c2b166f47e1f91348f3ec64f
                                                                                                                                                                                                                                                        • Instruction ID: 8a9a21afabe2b4b37fbd8a988b96e4e2c103e8a3621ab4a3dfcbf8cd02b0ba2b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fc733cb118d8bddc2672167858710b9bbd09a266c2b166f47e1f91348f3ec64f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45117F30940114ABDB205B299C0AFBE7BB4FF41700F44C4E8F959672A1DF759618CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 81%
                                                                                                                                                                                                                                                        			E00BB3190(void** __ecx, intOrPtr __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				int _v20;
                                                                                                                                                                                                                                                        				wchar_t* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				void** _v32;
                                                                                                                                                                                                                                                        				signed short* _v36;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				wchar_t* _t54;
                                                                                                                                                                                                                                                        				short* _t55;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				void* _t59;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				wchar_t* _t64;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        				wchar_t* _t66;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				short* _t70;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				signed int* _t77;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				wchar_t* _t80;
                                                                                                                                                                                                                                                        				wchar_t* _t81;
                                                                                                                                                                                                                                                        				wchar_t* _t83;
                                                                                                                                                                                                                                                        				int _t85;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v32 = __ecx;
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				if(__edx > 0) {
                                                                                                                                                                                                                                                        					_t67 = 0;
                                                                                                                                                                                                                                                        					_t87 = 0;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t83 =  *(_a4 + _t67 * 4);
                                                                                                                                                                                                                                                        						_v20 = wcslen(_t83);
                                                                                                                                                                                                                                                        						_v24 = wcschr(_t83, 0x22);
                                                                                                                                                                                                                                                        						_v36 = _t83;
                                                                                                                                                                                                                                                        						_t64 = wcspbrk(_t83, 0xbf03c4);
                                                                                                                                                                                                                                                        						_t88 = _t88 + 0x14;
                                                                                                                                                                                                                                                        						if(_t64 != 0) {
                                                                                                                                                                                                                                                        							_v20 =  &(_v20[0]);
                                                                                                                                                                                                                                                        							if(_v24 == 0) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L40;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(_v24 != 0) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t65 = 0;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									_t73 =  *_v36 & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t73 == 0x22) {
                                                                                                                                                                                                                                                        										goto L23;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L21:
                                                                                                                                                                                                                                                        									if(_t73 == 0x5c) {
                                                                                                                                                                                                                                                        										_v36 =  &(_v36[1]);
                                                                                                                                                                                                                                                        										_t65 = _t65 + 1;
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											_t73 =  *_v36 & 0x0000ffff;
                                                                                                                                                                                                                                                        											if(_t73 == 0x22) {
                                                                                                                                                                                                                                                        												goto L23;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L21;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L23;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									if(_t73 == 0) {
                                                                                                                                                                                                                                                        										goto L4;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L19:
                                                                                                                                                                                                                                                        										_v36 =  &(_v36[0]);
                                                                                                                                                                                                                                                        										_t65 = 0;
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L40:
                                                                                                                                                                                                                                                        									L23:
                                                                                                                                                                                                                                                        									_t38 =  &(_v20[0]); // 0x1
                                                                                                                                                                                                                                                        									_v20 = _t65 + _t38;
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t67 = _t67 + 1;
                                                                                                                                                                                                                                                        						_t48 = _v20;
                                                                                                                                                                                                                                                        						_t87 = _t87 + _t48 + 1;
                                                                                                                                                                                                                                                        					} while (_t67 != _v28);
                                                                                                                                                                                                                                                        					if(_t87 == 0) {
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t85 = 2;
                                                                                                                                                                                                                                                        				if(2 < 0) {
                                                                                                                                                                                                                                                        					_t85 = 0xffffffff;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__moz_xmalloc(_t85);
                                                                                                                                                                                                                                                        				_t79 = _t48;
                                                                                                                                                                                                                                                        				memset(_t48, 0, _t85);
                                                                                                                                                                                                                                                        				_t90 = _t88 + 0x10;
                                                                                                                                                                                                                                                        				 *_v32 = _t79;
                                                                                                                                                                                                                                                        				if(_v28 > 0) {
                                                                                                                                                                                                                                                        					_t86 = 0;
                                                                                                                                                                                                                                                        					_v20 = _t79;
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t66 =  *(_a4 + _t86 * 4);
                                                                                                                                                                                                                                                        						_t80 = wcschr(_t66, 0x22);
                                                                                                                                                                                                                                                        						_t54 = wcspbrk(_t66, 0xbf03c4);
                                                                                                                                                                                                                                                        						_t90 = _t90 + 0x10;
                                                                                                                                                                                                                                                        						_v24 = _t54;
                                                                                                                                                                                                                                                        						if(_t54 != 0) {
                                                                                                                                                                                                                                                        							goto L24;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t80 != 0) {
                                                                                                                                                                                                                                                        							L25:
                                                                                                                                                                                                                                                        							_t59 = 0;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t69 =  *_t66 & 0x0000ffff;
                                                                                                                                                                                                                                                        								if(_t69 == 0x22) {
                                                                                                                                                                                                                                                        									goto L32;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L30:
                                                                                                                                                                                                                                                        								if(_t69 != 0x5c) {
                                                                                                                                                                                                                                                        									if(_t69 != 0) {
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_t59 = 0;
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t79 = _v20;
                                                                                                                                                                                                                                                        									if(_v24 == 0) {
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t59 = _t59 + 1;
                                                                                                                                                                                                                                                        									_t69 = 0x5c;
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									_t77 = _v20;
                                                                                                                                                                                                                                                        									_t66 =  &(_t66[0]);
                                                                                                                                                                                                                                                        									 *_t77 = _t69;
                                                                                                                                                                                                                                                        									_v20 =  &(_t77[0]);
                                                                                                                                                                                                                                                        									_t69 =  *_t66 & 0x0000ffff;
                                                                                                                                                                                                                                                        									if(_t69 == 0x22) {
                                                                                                                                                                                                                                                        										goto L32;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L30;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L40;
                                                                                                                                                                                                                                                        								L32:
                                                                                                                                                                                                                                                        								if(_t59 < 0) {
                                                                                                                                                                                                                                                        									_t69 = 0x22;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t60 = _t59 + 1;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t70 = _v20;
                                                                                                                                                                                                                                                        										 *_t70 = 0x5c;
                                                                                                                                                                                                                                                        										_t60 = _t60 - 1;
                                                                                                                                                                                                                                                        										_v20 = _t70 + 2;
                                                                                                                                                                                                                                                        									} while (_t60 != 0);
                                                                                                                                                                                                                                                        									_t69 =  *_t66 & 0x0000ffff;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L27;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_t81 = _v20;
                                                                                                                                                                                                                                                        							wcscpy(_t81, _t66);
                                                                                                                                                                                                                                                        							_t58 = wcslen(_t66);
                                                                                                                                                                                                                                                        							_t90 = _t90 + 0xc;
                                                                                                                                                                                                                                                        							_t79 = _t81 + _t58 * 2;
                                                                                                                                                                                                                                                        							if(_v24 != 0) {
                                                                                                                                                                                                                                                        								L38:
                                                                                                                                                                                                                                                        								 *_t79 = 0x22;
                                                                                                                                                                                                                                                        								_t79 = _t79 + 2;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_t86 = _t86 + 1;
                                                                                                                                                                                                                                                        						if(_t86 != _v28) {
                                                                                                                                                                                                                                                        							 *_t79 = 0x20;
                                                                                                                                                                                                                                                        							_v20 = _t79 + 2;
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        						L24:
                                                                                                                                                                                                                                                        						_t55 = _v20;
                                                                                                                                                                                                                                                        						 *_t55 = 0x22;
                                                                                                                                                                                                                                                        						_v20 = _t55 + 2;
                                                                                                                                                                                                                                                        						if(_t80 == 0) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L25;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L40;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L15:
                                                                                                                                                                                                                                                        				 *_t79 = 0;
                                                                                                                                                                                                                                                        				return _v32;
                                                                                                                                                                                                                                                        				goto L40;
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bb319b
                                                                                                                                                                                                                                                        0x00bb319e
                                                                                                                                                                                                                                                        0x00bb31a1
                                                                                                                                                                                                                                                        0x00bb31a3
                                                                                                                                                                                                                                                        0x00bb31a5
                                                                                                                                                                                                                                                        0x00bb31a7
                                                                                                                                                                                                                                                        0x00bb31aa
                                                                                                                                                                                                                                                        0x00bb31b6
                                                                                                                                                                                                                                                        0x00bb31c4
                                                                                                                                                                                                                                                        0x00bb31cc
                                                                                                                                                                                                                                                        0x00bb31d0
                                                                                                                                                                                                                                                        0x00bb31d6
                                                                                                                                                                                                                                                        0x00bb31db
                                                                                                                                                                                                                                                        0x00bb32ad
                                                                                                                                                                                                                                                        0x00bb32b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb31e1
                                                                                                                                                                                                                                                        0x00bb31e5
                                                                                                                                                                                                                                                        0x00bb32bb
                                                                                                                                                                                                                                                        0x00bb32bb
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32d1
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32da
                                                                                                                                                                                                                                                        0x00bb32de
                                                                                                                                                                                                                                                        0x00bb32e0
                                                                                                                                                                                                                                                        0x00bb32e4
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32d1
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32d8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb32c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32c8
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32cc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32e7
                                                                                                                                                                                                                                                        0x00bb32ea
                                                                                                                                                                                                                                                        0x00bb32ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32ee
                                                                                                                                                                                                                                                        0x00bb32ce
                                                                                                                                                                                                                                                        0x00bb31e5
                                                                                                                                                                                                                                                        0x00bb31eb
                                                                                                                                                                                                                                                        0x00bb31eb
                                                                                                                                                                                                                                                        0x00bb31ec
                                                                                                                                                                                                                                                        0x00bb31f2
                                                                                                                                                                                                                                                        0x00bb31f2
                                                                                                                                                                                                                                                        0x00bb31fa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb31fa
                                                                                                                                                                                                                                                        0x00bb3201
                                                                                                                                                                                                                                                        0x00bb3203
                                                                                                                                                                                                                                                        0x00bb3374
                                                                                                                                                                                                                                                        0x00bb3374
                                                                                                                                                                                                                                                        0x00bb320a
                                                                                                                                                                                                                                                        0x00bb3213
                                                                                                                                                                                                                                                        0x00bb3219
                                                                                                                                                                                                                                                        0x00bb321e
                                                                                                                                                                                                                                                        0x00bb3228
                                                                                                                                                                                                                                                        0x00bb322a
                                                                                                                                                                                                                                                        0x00bb322c
                                                                                                                                                                                                                                                        0x00bb322e
                                                                                                                                                                                                                                                        0x00bb3231
                                                                                                                                                                                                                                                        0x00bb3234
                                                                                                                                                                                                                                                        0x00bb3242
                                                                                                                                                                                                                                                        0x00bb324a
                                                                                                                                                                                                                                                        0x00bb3250
                                                                                                                                                                                                                                                        0x00bb3255
                                                                                                                                                                                                                                                        0x00bb3258
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3260
                                                                                                                                                                                                                                                        0x00bb3309
                                                                                                                                                                                                                                                        0x00bb3309
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb332c
                                                                                                                                                                                                                                                        0x00bb3330
                                                                                                                                                                                                                                                        0x00bb3310
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3312
                                                                                                                                                                                                                                                        0x00bb335a
                                                                                                                                                                                                                                                        0x00bb3361
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3332
                                                                                                                                                                                                                                                        0x00bb3332
                                                                                                                                                                                                                                                        0x00bb3333
                                                                                                                                                                                                                                                        0x00bb3314
                                                                                                                                                                                                                                                        0x00bb3314
                                                                                                                                                                                                                                                        0x00bb3317
                                                                                                                                                                                                                                                        0x00bb331a
                                                                                                                                                                                                                                                        0x00bb3320
                                                                                                                                                                                                                                                        0x00bb3323
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb332a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3339
                                                                                                                                                                                                                                                        0x00bb333b
                                                                                                                                                                                                                                                        0x00bb3354
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333d
                                                                                                                                                                                                                                                        0x00bb333e
                                                                                                                                                                                                                                                        0x00bb333e
                                                                                                                                                                                                                                                        0x00bb3341
                                                                                                                                                                                                                                                        0x00bb3349
                                                                                                                                                                                                                                                        0x00bb334a
                                                                                                                                                                                                                                                        0x00bb334a
                                                                                                                                                                                                                                                        0x00bb334f
                                                                                                                                                                                                                                                        0x00bb334f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb333b
                                                                                                                                                                                                                                                        0x00bb3266
                                                                                                                                                                                                                                                        0x00bb3266
                                                                                                                                                                                                                                                        0x00bb3267
                                                                                                                                                                                                                                                        0x00bb326b
                                                                                                                                                                                                                                                        0x00bb3275
                                                                                                                                                                                                                                                        0x00bb327a
                                                                                                                                                                                                                                                        0x00bb327d
                                                                                                                                                                                                                                                        0x00bb3284
                                                                                                                                                                                                                                                        0x00bb3367
                                                                                                                                                                                                                                                        0x00bb3367
                                                                                                                                                                                                                                                        0x00bb336c
                                                                                                                                                                                                                                                        0x00bb336c
                                                                                                                                                                                                                                                        0x00bb3284
                                                                                                                                                                                                                                                        0x00bb328a
                                                                                                                                                                                                                                                        0x00bb328a
                                                                                                                                                                                                                                                        0x00bb328e
                                                                                                                                                                                                                                                        0x00bb3290
                                                                                                                                                                                                                                                        0x00bb3298
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3298
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb32f3
                                                                                                                                                                                                                                                        0x00bb32f3
                                                                                                                                                                                                                                                        0x00bb32f6
                                                                                                                                                                                                                                                        0x00bb32fe
                                                                                                                                                                                                                                                        0x00bb3303
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb3303
                                                                                                                                                                                                                                                        0x00bb3231
                                                                                                                                                                                                                                                        0x00bb329d
                                                                                                                                                                                                                                                        0x00bb32a0
                                                                                                                                                                                                                                                        0x00bb32ac
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000001), ref: 00BB31AE
                                                                                                                                                                                                                                                        • wcschr.VCRUNTIME140(00000001,00000022), ref: 00BB31BC
                                                                                                                                                                                                                                                        • wcspbrk.API-MS-WIN-CRT-STRING-L1-1-0(00000001,00BF03C4), ref: 00BB31D0
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001), ref: 00BB320A
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BB3219
                                                                                                                                                                                                                                                        • wcschr.VCRUNTIME140(?,00000022), ref: 00BB323A
                                                                                                                                                                                                                                                        • wcspbrk.API-MS-WIN-CRT-STRING-L1-1-0(?,00BF03C4), ref: 00BB324A
                                                                                                                                                                                                                                                        • wcscpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 00BB326B
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BB3275
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcschrwcslenwcspbrk$memsetmoz_xmallocwcscpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 4023855588-0
                                                                                                                                                                                                                                                        • Opcode ID: add59867cda1ed89d3ecf232953cbe50a809c43dcee1804db9248dd443e6fe2d
                                                                                                                                                                                                                                                        • Instruction ID: 6424eec06c914d9d5ce1fab7d98bb96522c8293c740f45f4db2aedf08ac90806
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: add59867cda1ed89d3ecf232953cbe50a809c43dcee1804db9248dd443e6fe2d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E151DEB1D0022ADBCB209F98CC816FFB7F4FF44B04F5441A8D816A7251E7B49A05CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF040(intOrPtr* _a4, char _a8, char _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, char _a36, intOrPtr _a40, intOrPtr _a44) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v544;
                                                                                                                                                                                                                                                        				intOrPtr _v560;
                                                                                                                                                                                                                                                        				long _v600;
                                                                                                                                                                                                                                                        				char _v608;
                                                                                                                                                                                                                                                        				char _v612;
                                                                                                                                                                                                                                                        				char _v616;
                                                                                                                                                                                                                                                        				char _v620;
                                                                                                                                                                                                                                                        				char _v624;
                                                                                                                                                                                                                                                        				intOrPtr _v628;
                                                                                                                                                                                                                                                        				char _v632;
                                                                                                                                                                                                                                                        				intOrPtr _v636;
                                                                                                                                                                                                                                                        				char _v640;
                                                                                                                                                                                                                                                        				long _v644;
                                                                                                                                                                                                                                                        				intOrPtr _v648;
                                                                                                                                                                                                                                                        				intOrPtr _v652;
                                                                                                                                                                                                                                                        				char _v656;
                                                                                                                                                                                                                                                        				char _v660;
                                                                                                                                                                                                                                                        				char _v664;
                                                                                                                                                                                                                                                        				char _v668;
                                                                                                                                                                                                                                                        				char _v672;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				intOrPtr* _t79;
                                                                                                                                                                                                                                                        				intOrPtr* _t81;
                                                                                                                                                                                                                                                        				intOrPtr* _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t83;
                                                                                                                                                                                                                                                        				intOrPtr* _t85;
                                                                                                                                                                                                                                                        				char _t89;
                                                                                                                                                                                                                                                        				char _t90;
                                                                                                                                                                                                                                                        				long _t91;
                                                                                                                                                                                                                                                        				char _t93;
                                                                                                                                                                                                                                                        				char _t95;
                                                                                                                                                                                                                                                        				void* _t100;
                                                                                                                                                                                                                                                        				char _t101;
                                                                                                                                                                                                                                                        				char _t104;
                                                                                                                                                                                                                                                        				char _t106;
                                                                                                                                                                                                                                                        				char _t109;
                                                                                                                                                                                                                                                        				char _t111;
                                                                                                                                                                                                                                                        				char _t113;
                                                                                                                                                                                                                                                        				char _t119;
                                                                                                                                                                                                                                                        				char _t122;
                                                                                                                                                                                                                                                        				char _t124;
                                                                                                                                                                                                                                                        				char _t125;
                                                                                                                                                                                                                                                        				char _t130;
                                                                                                                                                                                                                                                        				char _t131;
                                                                                                                                                                                                                                                        				char _t147;
                                                                                                                                                                                                                                                        				char _t148;
                                                                                                                                                                                                                                                        				WCHAR* _t149;
                                                                                                                                                                                                                                                        				char _t150;
                                                                                                                                                                                                                                                        				char _t153;
                                                                                                                                                                                                                                                        				signed int _t154;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				void* _t157;
                                                                                                                                                                                                                                                        				void* _t158;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t157 = (_t155 & 0xfffffff0) - 0x290;
                                                                                                                                                                                                                                                        				_t77 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t122 = _a36;
                                                                                                                                                                                                                                                        				_t147 = _a12;
                                                                                                                                                                                                                                                        				_v24 = _t77 ^ _t154;
                                                                                                                                                                                                                                                        				_t79 = E00BE9C20();
                                                                                                                                                                                                                                                        				_t146 =  *_t79;
                                                                                                                                                                                                                                                        				if( *((char*)( *((intOrPtr*)( *_t79 + 8))() + 4)) == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					_t81 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t81 != 0) {
                                                                                                                                                                                                                                                        						 *_t81("BLOCKED", "CreateProcessA", _a8, 1, 2);
                                                                                                                                                                                                                                                        						_t157 = _t157 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t82 = E00BE9C20();
                                                                                                                                                                                                                                                        					_t146 =  *_t82;
                                                                                                                                                                                                                                                        					_t83 =  *((intOrPtr*)( *_t82 + 8))();
                                                                                                                                                                                                                                                        					_t153 = 0;
                                                                                                                                                                                                                                                        					if( *_t83 > 0) {
                                                                                                                                                                                                                                                        						_v644 = GetLastError();
                                                                                                                                                                                                                                                        						_t85 = E00BE3900(_a44, 0x10, 1);
                                                                                                                                                                                                                                                        						_t158 = _t157 + 0xc;
                                                                                                                                                                                                                                                        						__eflags = _t85;
                                                                                                                                                                                                                                                        						if(_t85 != 0) {
                                                                                                                                                                                                                                                        							_t85 = E00BE3790();
                                                                                                                                                                                                                                                        							__eflags = _t85;
                                                                                                                                                                                                                                                        							if(_t85 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t85 =  *0xbfb68c; // 0x830000
                                                                                                                                                                                                                                                        							__eflags = _t85;
                                                                                                                                                                                                                                                        							_v672 = _t85;
                                                                                                                                                                                                                                                        							if(_t85 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _t147;
                                                                                                                                                                                                                                                        							if(_t147 == 0) {
                                                                                                                                                                                                                                                        								L12:
                                                                                                                                                                                                                                                        								_v668 = 0;
                                                                                                                                                                                                                                                        								_t89 = _a8;
                                                                                                                                                                                                                                                        								_t148 = 0;
                                                                                                                                                                                                                                                        								__eflags = _t89;
                                                                                                                                                                                                                                                        								if(_t89 == 0) {
                                                                                                                                                                                                                                                        									L14:
                                                                                                                                                                                                                                                        									__eflags = _t122;
                                                                                                                                                                                                                                                        									_t90 = 0;
                                                                                                                                                                                                                                                        									_v664 = 0;
                                                                                                                                                                                                                                                        									if(_t122 == 0) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_t130 = _v668;
                                                                                                                                                                                                                                                        										__eflags = _t130;
                                                                                                                                                                                                                                                        										if(_t130 != 0) {
                                                                                                                                                                                                                                                        											_v664 =  *((intOrPtr*)(_t130 + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t131 = 0;
                                                                                                                                                                                                                                                        										__eflags = _t148;
                                                                                                                                                                                                                                                        										_t146 = 0;
                                                                                                                                                                                                                                                        										if(_t148 != 0) {
                                                                                                                                                                                                                                                        											_t146 =  *((intOrPtr*)(_t148 + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _t90;
                                                                                                                                                                                                                                                        										_v656 = _t146;
                                                                                                                                                                                                                                                        										_v648 = _t148;
                                                                                                                                                                                                                                                        										if(_t90 != 0) {
                                                                                                                                                                                                                                                        											_t131 =  *((intOrPtr*)(_t90 + 4));
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t149 =  &_v544;
                                                                                                                                                                                                                                                        										_v660 = _t131;
                                                                                                                                                                                                                                                        										_v652 = _t90;
                                                                                                                                                                                                                                                        										_t91 = GetCurrentDirectoryW(0x104, _t149);
                                                                                                                                                                                                                                                        										asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        										__eflags = _t91 - 1 - 0x103;
                                                                                                                                                                                                                                                        										_t93 = _v672;
                                                                                                                                                                                                                                                        										_t124 =  <  ? _t149 : 0;
                                                                                                                                                                                                                                                        										_v640 = _t93;
                                                                                                                                                                                                                                                        										asm("movaps [esp+0x60], xmm0");
                                                                                                                                                                                                                                                        										asm("movaps [esp+0x50], xmm0");
                                                                                                                                                                                                                                                        										asm("movaps [esp+0x40], xmm0");
                                                                                                                                                                                                                                                        										_v560 = 0;
                                                                                                                                                                                                                                                        										_v636 = _t93 +  *((intOrPtr*)(_t93 + 8));
                                                                                                                                                                                                                                                        										_t95 = E00BE6680( &_v640, _t91 - 1 - 0x103);
                                                                                                                                                                                                                                                        										__eflags = _t95;
                                                                                                                                                                                                                                                        										if(_t95 == 0) {
                                                                                                                                                                                                                                                        											_t150 = 4;
                                                                                                                                                                                                                                                        											goto L33;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											 *_t95 = 0xd;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t95 + 4)) = 0;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t95 + 0x3c)) = 5;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t95 + 0x44)) = 0x88;
                                                                                                                                                                                                                                                        											_v612 = _v656;
                                                                                                                                                                                                                                                        											_t100 = E00BD1910( &_v612);
                                                                                                                                                                                                                                                        											_v672 = _t95;
                                                                                                                                                                                                                                                        											_t101 = E00BD19D0(_t95, 0, _v612, _t100, 0, 1);
                                                                                                                                                                                                                                                        											_t150 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t101;
                                                                                                                                                                                                                                                        											if(_t101 == 0) {
                                                                                                                                                                                                                                                        												L33:
                                                                                                                                                                                                                                                        												E00BE4060(_v668, 0);
                                                                                                                                                                                                                                                        												E00BE4060(_v648, 0);
                                                                                                                                                                                                                                                        												_t85 = E00BE4060(_v652, 0);
                                                                                                                                                                                                                                                        												__eflags = _t150;
                                                                                                                                                                                                                                                        												if(_t150 != 0) {
                                                                                                                                                                                                                                                        													goto L7;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												SetLastError(_v600);
                                                                                                                                                                                                                                                        												_t153 = 0;
                                                                                                                                                                                                                                                        												__eflags = _v600;
                                                                                                                                                                                                                                                        												if(_v600 == 0) {
                                                                                                                                                                                                                                                        													_t85 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        													_t153 = 1;
                                                                                                                                                                                                                                                        													__eflags = _t85;
                                                                                                                                                                                                                                                        													if(_t85 != 0) {
                                                                                                                                                                                                                                                        														_t85 =  *_t85("Broker ALLOWED", "CreateProcessA", _a8, 0, 0);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L5;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v616 = _v664;
                                                                                                                                                                                                                                                        											_t104 = E00BD19D0(_v672, 1, _v616, E00BD1910( &_v616), 0, 1);
                                                                                                                                                                                                                                                        											_t150 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t104;
                                                                                                                                                                                                                                                        											if(_t104 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v620 = _t124;
                                                                                                                                                                                                                                                        											_t106 = E00BD19D0(_v672, 2, _v620, E00BD1910( &_v620), 0, 1);
                                                                                                                                                                                                                                                        											_t150 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t106;
                                                                                                                                                                                                                                                        											if(_t106 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v624 = _v660;
                                                                                                                                                                                                                                                        											_t109 = E00BD19D0(_v672, 3, _v624, E00BD1910( &_v624), 0, 1);
                                                                                                                                                                                                                                                        											_t150 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t109;
                                                                                                                                                                                                                                                        											if(_t109 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v632 = 0x10;
                                                                                                                                                                                                                                                        											_v628 = _a44;
                                                                                                                                                                                                                                                        											_t111 = E00BD19D0(_v672, 4, _a44, 0x10, 1, 6);
                                                                                                                                                                                                                                                        											_t150 = 4;
                                                                                                                                                                                                                                                        											__eflags = _t111;
                                                                                                                                                                                                                                                        											if(_t111 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t113 = E00BE67F0( &_v640, _v672,  &_v608);
                                                                                                                                                                                                                                                        											_t125 = _t113;
                                                                                                                                                                                                                                                        											__eflags = _t113 - 0xa;
                                                                                                                                                                                                                                                        											if(_t113 == 0xa) {
                                                                                                                                                                                                                                                        												L30:
                                                                                                                                                                                                                                                        												_t150 = _t125;
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v668 = E00BD1BB0( &_v632,  *((intOrPtr*)(_v672 + 0x74)) + _v672);
                                                                                                                                                                                                                                                        											E00BE67B0( &_v644, _v672);
                                                                                                                                                                                                                                                        											__eflags = _v672;
                                                                                                                                                                                                                                                        											_t150 = 2;
                                                                                                                                                                                                                                                        											if(_v672 == 0) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L30;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t90 = E00BE3FC0(_t146, _t122);
                                                                                                                                                                                                                                                        									_t158 = _t158 + 4;
                                                                                                                                                                                                                                                        									__eflags = 0;
                                                                                                                                                                                                                                                        									if(0 == 0) {
                                                                                                                                                                                                                                                        										E00BE4060(_v668, 0);
                                                                                                                                                                                                                                                        										_push(0);
                                                                                                                                                                                                                                                        										_push(_t148);
                                                                                                                                                                                                                                                        										L38:
                                                                                                                                                                                                                                                        										_t85 = E00BE4060();
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t119 = E00BE3FC0(_t146, _t89);
                                                                                                                                                                                                                                                        								_t148 = _t119;
                                                                                                                                                                                                                                                        								__eflags = _t119;
                                                                                                                                                                                                                                                        								if(_t119 == 0) {
                                                                                                                                                                                                                                                        									_push(0);
                                                                                                                                                                                                                                                        									_push(_v668);
                                                                                                                                                                                                                                                        									goto L38;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t85 = E00BE3FC0(_t146, _t147);
                                                                                                                                                                                                                                                        							_t158 = _t158 + 4;
                                                                                                                                                                                                                                                        							__eflags = _t85;
                                                                                                                                                                                                                                                        							if(_t85 == 0) {
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						SetLastError(_v644);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					E00BEECB0(_t85, _v24 ^ _t154, _t146);
                                                                                                                                                                                                                                                        					return _t153;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t85 =  *_a4(_a8, _t147, _a16, _a20, _a24, _a28, _a32, _t122, _a40, _a44);
                                                                                                                                                                                                                                                        				_t153 = 1;
                                                                                                                                                                                                                                                        				if(_t85 != 0) {
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}


























































                                                                                                                                                                                                                                                        0x00bdf049
                                                                                                                                                                                                                                                        0x00bdf04f
                                                                                                                                                                                                                                                        0x00bdf054
                                                                                                                                                                                                                                                        0x00bdf057
                                                                                                                                                                                                                                                        0x00bdf05c
                                                                                                                                                                                                                                                        0x00bdf063
                                                                                                                                                                                                                                                        0x00bdf068
                                                                                                                                                                                                                                                        0x00bdf073
                                                                                                                                                                                                                                                        0x00bdf09d
                                                                                                                                                                                                                                                        0x00bdf09d
                                                                                                                                                                                                                                                        0x00bdf0a4
                                                                                                                                                                                                                                                        0x00bdf0b7
                                                                                                                                                                                                                                                        0x00bdf0b9
                                                                                                                                                                                                                                                        0x00bdf0b9
                                                                                                                                                                                                                                                        0x00bdf0bc
                                                                                                                                                                                                                                                        0x00bdf0c1
                                                                                                                                                                                                                                                        0x00bdf0c5
                                                                                                                                                                                                                                                        0x00bdf0c8
                                                                                                                                                                                                                                                        0x00bdf0cd
                                                                                                                                                                                                                                                        0x00bdf0ef
                                                                                                                                                                                                                                                        0x00bdf0fa
                                                                                                                                                                                                                                                        0x00bdf0ff
                                                                                                                                                                                                                                                        0x00bdf102
                                                                                                                                                                                                                                                        0x00bdf104
                                                                                                                                                                                                                                                        0x00bdf112
                                                                                                                                                                                                                                                        0x00bdf117
                                                                                                                                                                                                                                                        0x00bdf119
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf11b
                                                                                                                                                                                                                                                        0x00bdf120
                                                                                                                                                                                                                                                        0x00bdf122
                                                                                                                                                                                                                                                        0x00bdf125
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf127
                                                                                                                                                                                                                                                        0x00bdf12e
                                                                                                                                                                                                                                                        0x00bdf13d
                                                                                                                                                                                                                                                        0x00bdf13d
                                                                                                                                                                                                                                                        0x00bdf141
                                                                                                                                                                                                                                                        0x00bdf144
                                                                                                                                                                                                                                                        0x00bdf149
                                                                                                                                                                                                                                                        0x00bdf14b
                                                                                                                                                                                                                                                        0x00bdf160
                                                                                                                                                                                                                                                        0x00bdf160
                                                                                                                                                                                                                                                        0x00bdf162
                                                                                                                                                                                                                                                        0x00bdf167
                                                                                                                                                                                                                                                        0x00bdf16f
                                                                                                                                                                                                                                                        0x00bdf182
                                                                                                                                                                                                                                                        0x00bdf182
                                                                                                                                                                                                                                                        0x00bdf186
                                                                                                                                                                                                                                                        0x00bdf188
                                                                                                                                                                                                                                                        0x00bdf18d
                                                                                                                                                                                                                                                        0x00bdf18d
                                                                                                                                                                                                                                                        0x00bdf191
                                                                                                                                                                                                                                                        0x00bdf193
                                                                                                                                                                                                                                                        0x00bdf195
                                                                                                                                                                                                                                                        0x00bdf19a
                                                                                                                                                                                                                                                        0x00bdf19c
                                                                                                                                                                                                                                                        0x00bdf19c
                                                                                                                                                                                                                                                        0x00bdf19f
                                                                                                                                                                                                                                                        0x00bdf1a1
                                                                                                                                                                                                                                                        0x00bdf1a5
                                                                                                                                                                                                                                                        0x00bdf1a9
                                                                                                                                                                                                                                                        0x00bdf1ab
                                                                                                                                                                                                                                                        0x00bdf1ab
                                                                                                                                                                                                                                                        0x00bdf1ae
                                                                                                                                                                                                                                                        0x00bdf1b5
                                                                                                                                                                                                                                                        0x00bdf1b9
                                                                                                                                                                                                                                                        0x00bdf1c3
                                                                                                                                                                                                                                                        0x00bdf1d0
                                                                                                                                                                                                                                                        0x00bdf1d3
                                                                                                                                                                                                                                                        0x00bdf1d8
                                                                                                                                                                                                                                                        0x00bdf1db
                                                                                                                                                                                                                                                        0x00bdf1de
                                                                                                                                                                                                                                                        0x00bdf1e5
                                                                                                                                                                                                                                                        0x00bdf1ea
                                                                                                                                                                                                                                                        0x00bdf1ef
                                                                                                                                                                                                                                                        0x00bdf1f4
                                                                                                                                                                                                                                                        0x00bdf1fc
                                                                                                                                                                                                                                                        0x00bdf200
                                                                                                                                                                                                                                                        0x00bdf205
                                                                                                                                                                                                                                                        0x00bdf207
                                                                                                                                                                                                                                                        0x00bdf369
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf20d
                                                                                                                                                                                                                                                        0x00bdf20d
                                                                                                                                                                                                                                                        0x00bdf213
                                                                                                                                                                                                                                                        0x00bdf21a
                                                                                                                                                                                                                                                        0x00bdf223
                                                                                                                                                                                                                                                        0x00bdf232
                                                                                                                                                                                                                                                        0x00bdf236
                                                                                                                                                                                                                                                        0x00bdf23b
                                                                                                                                                                                                                                                        0x00bdf24b
                                                                                                                                                                                                                                                        0x00bdf250
                                                                                                                                                                                                                                                        0x00bdf255
                                                                                                                                                                                                                                                        0x00bdf257
                                                                                                                                                                                                                                                        0x00bdf36e
                                                                                                                                                                                                                                                        0x00bdf375
                                                                                                                                                                                                                                                        0x00bdf383
                                                                                                                                                                                                                                                        0x00bdf391
                                                                                                                                                                                                                                                        0x00bdf399
                                                                                                                                                                                                                                                        0x00bdf39b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf3a5
                                                                                                                                                                                                                                                        0x00bdf3ab
                                                                                                                                                                                                                                                        0x00bdf3ad
                                                                                                                                                                                                                                                        0x00bdf3b2
                                                                                                                                                                                                                                                        0x00bdf3b8
                                                                                                                                                                                                                                                        0x00bdf3bd
                                                                                                                                                                                                                                                        0x00bdf3c2
                                                                                                                                                                                                                                                        0x00bdf3c4
                                                                                                                                                                                                                                                        0x00bdf3db
                                                                                                                                                                                                                                                        0x00bdf3dd
                                                                                                                                                                                                                                                        0x00bdf3c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf3b2
                                                                                                                                                                                                                                                        0x00bdf265
                                                                                                                                                                                                                                                        0x00bdf27c
                                                                                                                                                                                                                                                        0x00bdf281
                                                                                                                                                                                                                                                        0x00bdf286
                                                                                                                                                                                                                                                        0x00bdf288
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf292
                                                                                                                                                                                                                                                        0x00bdf2a9
                                                                                                                                                                                                                                                        0x00bdf2ae
                                                                                                                                                                                                                                                        0x00bdf2b3
                                                                                                                                                                                                                                                        0x00bdf2b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf2c3
                                                                                                                                                                                                                                                        0x00bdf2da
                                                                                                                                                                                                                                                        0x00bdf2df
                                                                                                                                                                                                                                                        0x00bdf2e4
                                                                                                                                                                                                                                                        0x00bdf2e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf2f2
                                                                                                                                                                                                                                                        0x00bdf2fa
                                                                                                                                                                                                                                                        0x00bdf307
                                                                                                                                                                                                                                                        0x00bdf30c
                                                                                                                                                                                                                                                        0x00bdf311
                                                                                                                                                                                                                                                        0x00bdf313
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf322
                                                                                                                                                                                                                                                        0x00bdf327
                                                                                                                                                                                                                                                        0x00bdf329
                                                                                                                                                                                                                                                        0x00bdf32c
                                                                                                                                                                                                                                                        0x00bdf35a
                                                                                                                                                                                                                                                        0x00bdf35a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf35a
                                                                                                                                                                                                                                                        0x00bdf340
                                                                                                                                                                                                                                                        0x00bdf349
                                                                                                                                                                                                                                                        0x00bdf34e
                                                                                                                                                                                                                                                        0x00bdf353
                                                                                                                                                                                                                                                        0x00bdf358
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf358
                                                                                                                                                                                                                                                        0x00bdf207
                                                                                                                                                                                                                                                        0x00bdf172
                                                                                                                                                                                                                                                        0x00bdf177
                                                                                                                                                                                                                                                        0x00bdf17a
                                                                                                                                                                                                                                                        0x00bdf17c
                                                                                                                                                                                                                                                        0x00bdf3eb
                                                                                                                                                                                                                                                        0x00bdf3f3
                                                                                                                                                                                                                                                        0x00bdf3f5
                                                                                                                                                                                                                                                        0x00bdf3f6
                                                                                                                                                                                                                                                        0x00bdf3f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf3fb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf17c
                                                                                                                                                                                                                                                        0x00bdf14e
                                                                                                                                                                                                                                                        0x00bdf156
                                                                                                                                                                                                                                                        0x00bdf158
                                                                                                                                                                                                                                                        0x00bdf15a
                                                                                                                                                                                                                                                        0x00bdf35e
                                                                                                                                                                                                                                                        0x00bdf360
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf360
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf15a
                                                                                                                                                                                                                                                        0x00bdf131
                                                                                                                                                                                                                                                        0x00bdf136
                                                                                                                                                                                                                                                        0x00bdf139
                                                                                                                                                                                                                                                        0x00bdf13b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf13b
                                                                                                                                                                                                                                                        0x00bdf106
                                                                                                                                                                                                                                                        0x00bdf10a
                                                                                                                                                                                                                                                        0x00bdf10a
                                                                                                                                                                                                                                                        0x00bdf0cf
                                                                                                                                                                                                                                                        0x00bdf0d8
                                                                                                                                                                                                                                                        0x00bdf0e6
                                                                                                                                                                                                                                                        0x00bdf0e6
                                                                                                                                                                                                                                                        0x00bdf092
                                                                                                                                                                                                                                                        0x00bdf094
                                                                                                                                                                                                                                                        0x00bdf09b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDF0E9
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?), ref: 00BDF10A
                                                                                                                                                                                                                                                        • GetCurrentDirectoryW.KERNEL32(00000104,?), ref: 00BDF1C3
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?), ref: 00BDF3A5
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$CurrentDirectory
                                                                                                                                                                                                                                                        • String ID: BLOCKED$Broker ALLOWED$CreateProcessA
                                                                                                                                                                                                                                                        • API String ID: 3993060814-2756017072
                                                                                                                                                                                                                                                        • Opcode ID: 35551c91ef60e12c2d4cf22631b31929a1870fa3c8b31f2edb671be679cefafe
                                                                                                                                                                                                                                                        • Instruction ID: 0380d79d835be8309635a0aa9200c3b96868561578a4e1f491c6305aeb226e79
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 35551c91ef60e12c2d4cf22631b31929a1870fa3c8b31f2edb671be679cefafe
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E6B1E570608341AFEB109F64CC42B6AF7E1EF84754F0448ADF9859B3A2EB75D945CB42
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BEA920(signed int __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v568;
                                                                                                                                                                                                                                                        				signed int _v572;
                                                                                                                                                                                                                                                        				signed int _v588;
                                                                                                                                                                                                                                                        				intOrPtr _v592;
                                                                                                                                                                                                                                                        				signed int _v596;
                                                                                                                                                                                                                                                        				char _v612;
                                                                                                                                                                                                                                                        				intOrPtr _v616;
                                                                                                                                                                                                                                                        				signed int _v620;
                                                                                                                                                                                                                                                        				char _v636;
                                                                                                                                                                                                                                                        				signed int _v640;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t86;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				int _t100;
                                                                                                                                                                                                                                                        				signed int _t103;
                                                                                                                                                                                                                                                        				signed int _t104;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t110;
                                                                                                                                                                                                                                                        				signed int* _t112;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				signed int _t115;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t124;
                                                                                                                                                                                                                                                        				signed int* _t129;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				void* _t136;
                                                                                                                                                                                                                                                        				signed int _t142;
                                                                                                                                                                                                                                                        				void* _t145;
                                                                                                                                                                                                                                                        				signed int _t146;
                                                                                                                                                                                                                                                        				signed int _t149;
                                                                                                                                                                                                                                                        				wchar_t* _t150;
                                                                                                                                                                                                                                                        				char* _t151;
                                                                                                                                                                                                                                                        				signed int _t152;
                                                                                                                                                                                                                                                        				signed int _t153;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t141 = __edx;
                                                                                                                                                                                                                                                        				_t86 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t143 = _a8;
                                                                                                                                                                                                                                                        				_t150 =  &_v588;
                                                                                                                                                                                                                                                        				_v20 = _t86 ^ _t153;
                                                                                                                                                                                                                                                        				_v568 = 7;
                                                                                                                                                                                                                                                        				_v572 = 0;
                                                                                                                                                                                                                                                        				_v588 = 0;
                                                                                                                                                                                                                                                        				E00BBA740(_t150, _a8);
                                                                                                                                                                                                                                                        				_t89 = E00BEA2A0(_t150);
                                                                                                                                                                                                                                                        				_t90 = E00BBDF30(_t89, _t150, _t141);
                                                                                                                                                                                                                                                        				_t110 = 1;
                                                                                                                                                                                                                                                        				if(_t89 == 0) {
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_t92 = E00BEA450(_t141, __eflags, _a4,  &_v44);
                                                                                                                                                                                                                                                        					__eflags = _t92;
                                                                                                                                                                                                                                                        					if(_t92 == 0) {
                                                                                                                                                                                                                                                        						_t110 = 0;
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t90 = E00BBDF30(_t92,  &_v44, _t141);
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v48 = 7;
                                                                                                                                                                                                                                                        					_t112 =  &_v68;
                                                                                                                                                                                                                                                        					_v52 = 0;
                                                                                                                                                                                                                                                        					_v68 = 0;
                                                                                                                                                                                                                                                        					E00BBA740(_t112, _t143);
                                                                                                                                                                                                                                                        					_t124 = _v48;
                                                                                                                                                                                                                                                        					_t96 = _v68;
                                                                                                                                                                                                                                                        					_t142 = _v52;
                                                                                                                                                                                                                                                        					__eflags = _t124 - 7;
                                                                                                                                                                                                                                                        					_t145 =  >  ? _t96 : _t112;
                                                                                                                                                                                                                                                        					__eflags =  *((short*)(_t145 + _t142 * 2 - 2)) - 0x5c;
                                                                                                                                                                                                                                                        					if( *((short*)(_t145 + _t142 * 2 - 2)) == 0x5c) {
                                                                                                                                                                                                                                                        						_t23 = _t142 - 1; // -1
                                                                                                                                                                                                                                                        						_v52 = _t23;
                                                                                                                                                                                                                                                        						 *((short*)(_t145 + _t142 * 2 - 2)) = 0;
                                                                                                                                                                                                                                                        						_t96 = _v68;
                                                                                                                                                                                                                                                        						_t124 = _v48;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t124 - 7;
                                                                                                                                                                                                                                                        					_t113 =  >  ? _t96 : _t112;
                                                                                                                                                                                                                                                        					__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        					_t97 =  &_v44;
                                                                                                                                                                                                                                                        					if(_v24 > 7) {
                                                                                                                                                                                                                                                        						_t97 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__imp___wcsicmp(_t97, _t113);
                                                                                                                                                                                                                                                        					_t110 = 1;
                                                                                                                                                                                                                                                        					__eflags = _t97;
                                                                                                                                                                                                                                                        					if(_t97 != 0) {
                                                                                                                                                                                                                                                        						_t146 =  &_v68;
                                                                                                                                                                                                                                                        						_t141 = _t146;
                                                                                                                                                                                                                                                        						E00BEA740(_t146, _t146);
                                                                                                                                                                                                                                                        						_t99 = E00BEA810(_t146);
                                                                                                                                                                                                                                                        						__eflags = _t99;
                                                                                                                                                                                                                                                        						if(_t99 != 0) {
                                                                                                                                                                                                                                                        							L21:
                                                                                                                                                                                                                                                        							__eflags = _v48 - 7;
                                                                                                                                                                                                                                                        							if(_v48 > 7) {
                                                                                                                                                                                                                                                        								_t146 = _v68;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__imp__GetVolumePathNameW(_t146, _t150, 0x104);
                                                                                                                                                                                                                                                        							__eflags = _t99;
                                                                                                                                                                                                                                                        							if(_t99 != 0) {
                                                                                                                                                                                                                                                        								_t100 = wcslen(_t150);
                                                                                                                                                                                                                                                        								_v592 = 7;
                                                                                                                                                                                                                                                        								_v616 = 7;
                                                                                                                                                                                                                                                        								_v596 = 0;
                                                                                                                                                                                                                                                        								_v620 = 0;
                                                                                                                                                                                                                                                        								_v640 = _t100;
                                                                                                                                                                                                                                                        								_v612 = 0;
                                                                                                                                                                                                                                                        								_v636 = 0;
                                                                                                                                                                                                                                                        								E00BBA740( &_v636, _t150);
                                                                                                                                                                                                                                                        								_t151 =  &_v612;
                                                                                                                                                                                                                                                        								_t115 = E00BEAC30( &_v636, _t151);
                                                                                                                                                                                                                                                        								_t103 = E00BBDF30(_t102,  &_v636, _t141);
                                                                                                                                                                                                                                                        								__eflags = _t115;
                                                                                                                                                                                                                                                        								if(_t115 == 0) {
                                                                                                                                                                                                                                                        									L36:
                                                                                                                                                                                                                                                        									_t110 = 0;
                                                                                                                                                                                                                                                        									__eflags = 0;
                                                                                                                                                                                                                                                        									L37:
                                                                                                                                                                                                                                                        									_t129 =  &_v612;
                                                                                                                                                                                                                                                        									L38:
                                                                                                                                                                                                                                                        									_t99 = E00BBDF30(_t103, _t129, _t141);
                                                                                                                                                                                                                                                        									goto L8;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t103 = _v596;
                                                                                                                                                                                                                                                        								_t149 = _v640;
                                                                                                                                                                                                                                                        								__eflags = _t103 - _t149 + _v52 - _v28;
                                                                                                                                                                                                                                                        								if(_t103 - _t149 + _v52 != _v28) {
                                                                                                                                                                                                                                                        									goto L36;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v592 - 7;
                                                                                                                                                                                                                                                        								if(_v592 > 7) {
                                                                                                                                                                                                                                                        									_t151 = _v612;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        								if(_v24 <= 7) {
                                                                                                                                                                                                                                                        									_t134 =  &_v44;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t134 = _v44;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__imp___wcsnicmp(_t134, _t151, _t103);
                                                                                                                                                                                                                                                        								__eflags = _t103;
                                                                                                                                                                                                                                                        								if(_t103 != 0) {
                                                                                                                                                                                                                                                        									goto L36;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t104 = _v596;
                                                                                                                                                                                                                                                        									__eflags = _v48 - 7;
                                                                                                                                                                                                                                                        									if(_v48 <= 7) {
                                                                                                                                                                                                                                                        										_t135 =  &_v68;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t135 = _v68;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        									_t136 = _t135 + _t149 * 2;
                                                                                                                                                                                                                                                        									if(_v24 <= 7) {
                                                                                                                                                                                                                                                        										_t141 =  &_v44;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t141 = _v44;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t103 = _t141 + _t104 * 2;
                                                                                                                                                                                                                                                        									__imp___wcsicmp(_t103, _t136);
                                                                                                                                                                                                                                                        									__eflags = _t103;
                                                                                                                                                                                                                                                        									_t110 = _t115 & 0xffffff00 | _t103 == 0x00000000;
                                                                                                                                                                                                                                                        									goto L37;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t110 = 0;
                                                                                                                                                                                                                                                        								goto L8;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = 1;
                                                                                                                                                                                                                                                        						if(1 == 0) {
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t116 =  &_v68;
                                                                                                                                                                                                                                                        						_v572 = 0;
                                                                                                                                                                                                                                                        						_t141 = _t116;
                                                                                                                                                                                                                                                        						_v568 = 7;
                                                                                                                                                                                                                                                        						_v588 = 0;
                                                                                                                                                                                                                                                        						_t106 = E00BEA850(_t116, _t116);
                                                                                                                                                                                                                                                        						__eflags = _t106;
                                                                                                                                                                                                                                                        						if(_t106 == 0) {
                                                                                                                                                                                                                                                        							_push(4);
                                                                                                                                                                                                                                                        							_t99 = E00BBDF30(E00BD26E0(_t116,  &_v68, _t146, 0, L"\\\\.\\"),  &_v588, _t141);
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t152 =  &_v588;
                                                                                                                                                                                                                                                        						_t141 = _t152;
                                                                                                                                                                                                                                                        						_t103 = E00BEA850( &_v44, _t152);
                                                                                                                                                                                                                                                        						__eflags = _t103;
                                                                                                                                                                                                                                                        						if(_t103 == 0) {
                                                                                                                                                                                                                                                        							_t110 = 0;
                                                                                                                                                                                                                                                        							_t129 =  &_v588;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							__eflags = _v48 - 7;
                                                                                                                                                                                                                                                        							if(_v48 > 7) {
                                                                                                                                                                                                                                                        								_t116 = _v68;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        							if(_v568 > 7) {
                                                                                                                                                                                                                                                        								_t152 = _v588;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__imp___wcsicmp(_t152, _t116);
                                                                                                                                                                                                                                                        							__eflags = _t103;
                                                                                                                                                                                                                                                        							_t129 =  &_v588;
                                                                                                                                                                                                                                                        							_t110 = _t116 & 0xffffff00 | _t103 == 0x00000000;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L38;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t92 = E00BBDF30(_t99,  &_v68, _t141);
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_t90, _v20 ^ _t153, _t141);
                                                                                                                                                                                                                                                        				return _t110;
                                                                                                                                                                                                                                                        			}



















































                                                                                                                                                                                                                                                        0x00bea920
                                                                                                                                                                                                                                                        0x00bea92c
                                                                                                                                                                                                                                                        0x00bea931
                                                                                                                                                                                                                                                        0x00bea934
                                                                                                                                                                                                                                                        0x00bea93e
                                                                                                                                                                                                                                                        0x00bea941
                                                                                                                                                                                                                                                        0x00bea94b
                                                                                                                                                                                                                                                        0x00bea955
                                                                                                                                                                                                                                                        0x00bea95f
                                                                                                                                                                                                                                                        0x00bea965
                                                                                                                                                                                                                                                        0x00bea971
                                                                                                                                                                                                                                                        0x00bea978
                                                                                                                                                                                                                                                        0x00bea97a
                                                                                                                                                                                                                                                        0x00bea99e
                                                                                                                                                                                                                                                        0x00bea9a5
                                                                                                                                                                                                                                                        0x00bea9a8
                                                                                                                                                                                                                                                        0x00bea9b0
                                                                                                                                                                                                                                                        0x00bea9b8
                                                                                                                                                                                                                                                        0x00bea9ba
                                                                                                                                                                                                                                                        0x00beaa30
                                                                                                                                                                                                                                                        0x00beaa30
                                                                                                                                                                                                                                                        0x00beaa32
                                                                                                                                                                                                                                                        0x00beaa35
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa35
                                                                                                                                                                                                                                                        0x00bea9bc
                                                                                                                                                                                                                                                        0x00bea9bf
                                                                                                                                                                                                                                                        0x00bea9c2
                                                                                                                                                                                                                                                        0x00bea9c9
                                                                                                                                                                                                                                                        0x00bea9d2
                                                                                                                                                                                                                                                        0x00bea9d7
                                                                                                                                                                                                                                                        0x00bea9da
                                                                                                                                                                                                                                                        0x00bea9dd
                                                                                                                                                                                                                                                        0x00bea9e2
                                                                                                                                                                                                                                                        0x00bea9e5
                                                                                                                                                                                                                                                        0x00bea9e8
                                                                                                                                                                                                                                                        0x00bea9ee
                                                                                                                                                                                                                                                        0x00bea9f0
                                                                                                                                                                                                                                                        0x00bea9f3
                                                                                                                                                                                                                                                        0x00bea9f6
                                                                                                                                                                                                                                                        0x00bea9fd
                                                                                                                                                                                                                                                        0x00beaa00
                                                                                                                                                                                                                                                        0x00beaa00
                                                                                                                                                                                                                                                        0x00beaa03
                                                                                                                                                                                                                                                        0x00beaa06
                                                                                                                                                                                                                                                        0x00beaa09
                                                                                                                                                                                                                                                        0x00beaa0d
                                                                                                                                                                                                                                                        0x00beaa10
                                                                                                                                                                                                                                                        0x00beaa12
                                                                                                                                                                                                                                                        0x00beaa12
                                                                                                                                                                                                                                                        0x00beaa17
                                                                                                                                                                                                                                                        0x00beaa20
                                                                                                                                                                                                                                                        0x00beaa22
                                                                                                                                                                                                                                                        0x00beaa24
                                                                                                                                                                                                                                                        0x00beaa3f
                                                                                                                                                                                                                                                        0x00beaa44
                                                                                                                                                                                                                                                        0x00beaa46
                                                                                                                                                                                                                                                        0x00beaa4f
                                                                                                                                                                                                                                                        0x00beaa54
                                                                                                                                                                                                                                                        0x00beaa56
                                                                                                                                                                                                                                                        0x00beaaf9
                                                                                                                                                                                                                                                        0x00beaaf9
                                                                                                                                                                                                                                                        0x00beaafd
                                                                                                                                                                                                                                                        0x00beaaff
                                                                                                                                                                                                                                                        0x00beaaff
                                                                                                                                                                                                                                                        0x00beab09
                                                                                                                                                                                                                                                        0x00beab0f
                                                                                                                                                                                                                                                        0x00beab16
                                                                                                                                                                                                                                                        0x00beab20
                                                                                                                                                                                                                                                        0x00beab28
                                                                                                                                                                                                                                                        0x00beab2e
                                                                                                                                                                                                                                                        0x00beab3a
                                                                                                                                                                                                                                                        0x00beab44
                                                                                                                                                                                                                                                        0x00beab4e
                                                                                                                                                                                                                                                        0x00beab54
                                                                                                                                                                                                                                                        0x00beab5d
                                                                                                                                                                                                                                                        0x00beab69
                                                                                                                                                                                                                                                        0x00beab6e
                                                                                                                                                                                                                                                        0x00beab80
                                                                                                                                                                                                                                                        0x00beab82
                                                                                                                                                                                                                                                        0x00beab87
                                                                                                                                                                                                                                                        0x00beab89
                                                                                                                                                                                                                                                        0x00beabeb
                                                                                                                                                                                                                                                        0x00beabeb
                                                                                                                                                                                                                                                        0x00beabeb
                                                                                                                                                                                                                                                        0x00beabed
                                                                                                                                                                                                                                                        0x00beabed
                                                                                                                                                                                                                                                        0x00beabf3
                                                                                                                                                                                                                                                        0x00beabf3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beabf3
                                                                                                                                                                                                                                                        0x00beab8b
                                                                                                                                                                                                                                                        0x00beab91
                                                                                                                                                                                                                                                        0x00beab9e
                                                                                                                                                                                                                                                        0x00beaba1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaba3
                                                                                                                                                                                                                                                        0x00beabaa
                                                                                                                                                                                                                                                        0x00beabac
                                                                                                                                                                                                                                                        0x00beabac
                                                                                                                                                                                                                                                        0x00beabb2
                                                                                                                                                                                                                                                        0x00beabb6
                                                                                                                                                                                                                                                        0x00beabc7
                                                                                                                                                                                                                                                        0x00beabb8
                                                                                                                                                                                                                                                        0x00beabb8
                                                                                                                                                                                                                                                        0x00beabb8
                                                                                                                                                                                                                                                        0x00beabcd
                                                                                                                                                                                                                                                        0x00beabd6
                                                                                                                                                                                                                                                        0x00beabd8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beabda
                                                                                                                                                                                                                                                        0x00beabda
                                                                                                                                                                                                                                                        0x00beabe0
                                                                                                                                                                                                                                                        0x00beabe4
                                                                                                                                                                                                                                                        0x00beabfd
                                                                                                                                                                                                                                                        0x00beabe6
                                                                                                                                                                                                                                                        0x00beabe6
                                                                                                                                                                                                                                                        0x00beabe6
                                                                                                                                                                                                                                                        0x00beac00
                                                                                                                                                                                                                                                        0x00beac04
                                                                                                                                                                                                                                                        0x00beac07
                                                                                                                                                                                                                                                        0x00beac0e
                                                                                                                                                                                                                                                        0x00beac09
                                                                                                                                                                                                                                                        0x00beac09
                                                                                                                                                                                                                                                        0x00beac09
                                                                                                                                                                                                                                                        0x00beac11
                                                                                                                                                                                                                                                        0x00beac16
                                                                                                                                                                                                                                                        0x00beac1f
                                                                                                                                                                                                                                                        0x00beac21
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beac21
                                                                                                                                                                                                                                                        0x00beab18
                                                                                                                                                                                                                                                        0x00beab18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beab18
                                                                                                                                                                                                                                                        0x00beab16
                                                                                                                                                                                                                                                        0x00beaa5c
                                                                                                                                                                                                                                                        0x00beaa5e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa64
                                                                                                                                                                                                                                                        0x00beaa6c
                                                                                                                                                                                                                                                        0x00beaa78
                                                                                                                                                                                                                                                        0x00beaa7a
                                                                                                                                                                                                                                                        0x00beaa80
                                                                                                                                                                                                                                                        0x00beaa89
                                                                                                                                                                                                                                                        0x00beaa8e
                                                                                                                                                                                                                                                        0x00beaa90
                                                                                                                                                                                                                                                        0x00beaae0
                                                                                                                                                                                                                                                        0x00beaaf4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaaf4
                                                                                                                                                                                                                                                        0x00beaa92
                                                                                                                                                                                                                                                        0x00beaa9b
                                                                                                                                                                                                                                                        0x00beaa9d
                                                                                                                                                                                                                                                        0x00beaaa2
                                                                                                                                                                                                                                                        0x00beaaa4
                                                                                                                                                                                                                                                        0x00beabbd
                                                                                                                                                                                                                                                        0x00beabbf
                                                                                                                                                                                                                                                        0x00beaaaa
                                                                                                                                                                                                                                                        0x00beaaaa
                                                                                                                                                                                                                                                        0x00beaaae
                                                                                                                                                                                                                                                        0x00beaab0
                                                                                                                                                                                                                                                        0x00beaab0
                                                                                                                                                                                                                                                        0x00beaab3
                                                                                                                                                                                                                                                        0x00beaaba
                                                                                                                                                                                                                                                        0x00beaabc
                                                                                                                                                                                                                                                        0x00beaabc
                                                                                                                                                                                                                                                        0x00beaac4
                                                                                                                                                                                                                                                        0x00beaacd
                                                                                                                                                                                                                                                        0x00beaacf
                                                                                                                                                                                                                                                        0x00beaad5
                                                                                                                                                                                                                                                        0x00beaad5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa26
                                                                                                                                                                                                                                                        0x00beaa26
                                                                                                                                                                                                                                                        0x00beaa29
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beaa29
                                                                                                                                                                                                                                                        0x00beaa24
                                                                                                                                                                                                                                                        0x00bea97c
                                                                                                                                                                                                                                                        0x00bea981
                                                                                                                                                                                                                                                        0x00bea992

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BEA2A0: _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00BEACA1,\??\,00000004,00000001,?,00BEACA1,00BCFF01), ref: 00BEA2C7
                                                                                                                                                                                                                                                        • _wcsicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00BD22FC,?,?,00BD22FC), ref: 00BEAA17
                                                                                                                                                                                                                                                        • _wcsicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000,?,?,?,?,00BD22FC), ref: 00BEAAC4
                                                                                                                                                                                                                                                        • GetVolumePathNameW.KERNEL32(00000000,?,00000104,?,?,?,?,00BD22FC), ref: 00BEAB09
                                                                                                                                                                                                                                                          • Part of subcall function 00BBDF30: free.MOZGLUE(00000000,?,?,00BC309D,?,00000000,3F800000,?,?,00BC2FDE,?,?,00BC37F9,00000000,?,00BC3B5C), ref: 00BBDF60
                                                                                                                                                                                                                                                          • Part of subcall function 00BBDF30: _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00BC309D,?,00000000,3F800000,?,?,00BC2FDE,?,?,00BC37F9,00000000,?,00BC3B5C,?), ref: 00BBDF7A
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,00BD22FC), ref: 00BEAB20
                                                                                                                                                                                                                                                          • Part of subcall function 00BEAC30: CreateFileW.KERNEL32(00000000,00000000,00000007,00000000,00000003,02000000,00000000,00000000,00000000,?,00BEAB7B,?,00000000,?), ref: 00BEAC50
                                                                                                                                                                                                                                                          • Part of subcall function 00BEAC30: CloseHandle.KERNEL32(00000000,00000000,?), ref: 00BEAC6C
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000,00000000,?,?), ref: 00BEABCD
                                                                                                                                                                                                                                                        • _wcsicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000), ref: 00BEAC16
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _wcsicmp$_wcsnicmpwcslen$CloseCreateFileHandleNamePathVolume_invalid_parameter_noinfo_noreturnfreememmove
                                                                                                                                                                                                                                                        • String ID: \\.\
                                                                                                                                                                                                                                                        • API String ID: 1320591374-2900601889
                                                                                                                                                                                                                                                        • Opcode ID: 4748a2eefa80bb18ad7c4682c7b1ebd56db28a5b167fc236be3a31b75f9f46fd
                                                                                                                                                                                                                                                        • Instruction ID: 6eaba1eec68ffd1671f5d2dc02de9b324c0db471dc4deffbcc3ca64a79146720
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4748a2eefa80bb18ad7c4682c7b1ebd56db28a5b167fc236be3a31b75f9f46fd
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F812B70E142589BCB14DF65CC99AEEB7F9EF44314F1400E9E40A77240EB756E89CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 34%
                                                                                                                                                                                                                                                        			E00BECCD0(void* __eax, signed int __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				void* _t76;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				void* _t81;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				void* _t87;
                                                                                                                                                                                                                                                        				intOrPtr _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t92;
                                                                                                                                                                                                                                                        				void* _t93;
                                                                                                                                                                                                                                                        				signed int _t94;
                                                                                                                                                                                                                                                        				void* _t100;
                                                                                                                                                                                                                                                        				signed int _t101;
                                                                                                                                                                                                                                                        				signed int _t102;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				signed int _t107;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				void* _t129;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				void** _t134;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				void* _t138;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				void* _t140;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t101 = __ecx;
                                                                                                                                                                                                                                                        				_t76 = __eax;
                                                                                                                                                                                                                                                        				_t139 = _t138 - 8;
                                                                                                                                                                                                                                                        				_t134 = __ecx;
                                                                                                                                                                                                                                                        				if( *__ecx != 0xc) {
                                                                                                                                                                                                                                                        					_t77 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					if(_t77 == 0) {
                                                                                                                                                                                                                                                        						_v24 = 1;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t77 >= 0x4000000) {
                                                                                                                                                                                                                                                        							L28:
                                                                                                                                                                                                                                                        							__imp__mozalloc_abort("alloc overflow");
                                                                                                                                                                                                                                                        							asm("int3");
                                                                                                                                                                                                                                                        							_push(_t92);
                                                                                                                                                                                                                                                        							_push(1);
                                                                                                                                                                                                                                                        							_push(_t134);
                                                                                                                                                                                                                                                        							_push(_t77);
                                                                                                                                                                                                                                                        							if(_t119 == 0) {
                                                                                                                                                                                                                                                        								_t83 = 0;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t135 = _t101;
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t101 + 4)) != 0) {
                                                                                                                                                                                                                                                        									L33:
                                                                                                                                                                                                                                                        									_t83 =  *(_t135 + 8);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t94 = _t119;
                                                                                                                                                                                                                                                        									_v24 = 1 + _t135;
                                                                                                                                                                                                                                                        									_t107 = E00BB94B0();
                                                                                                                                                                                                                                                        									_t131 = 0;
                                                                                                                                                                                                                                                        									_t125 = _t94 % _t107;
                                                                                                                                                                                                                                                        									if(_t125 != 0) {
                                                                                                                                                                                                                                                        										_t131 = _t107 - _t125;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *(_t135 + 8) = _t131 + _t94;
                                                                                                                                                                                                                                                        									_t87 = GetCurrentProcess();
                                                                                                                                                                                                                                                        									_push(_v0);
                                                                                                                                                                                                                                                        									_t88 = E00BECF00(_t94, _v24, _t87, _t131 + _t94, _t135, _t131 + _t94);
                                                                                                                                                                                                                                                        									_t139 = _t139 + 8;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t135 + 4)) = _t88;
                                                                                                                                                                                                                                                        									_t83 = 0;
                                                                                                                                                                                                                                                        									if(_t88 != 0) {
                                                                                                                                                                                                                                                        										goto L33;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							return _t83;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t119 = _t77 * 8 + _t77 * 8 * 2;
                                                                                                                                                                                                                                                        							asm("bsr ecx, ecx");
                                                                                                                                                                                                                                                        							_t97 =  <  ? 1 : 1 <<  ~(_t119 - 0x00000001 ^ 0x0000001f);
                                                                                                                                                                                                                                                        							_t92 = ( <  ? 1 : 1 <<  ~(_t119 - 0x00000001 ^ 0x0000001f)) - _t119;
                                                                                                                                                                                                                                                        							_t101 = 0xbadbad + _t77 * 2;
                                                                                                                                                                                                                                                        							_t77 = _t101;
                                                                                                                                                                                                                                                        							_v24 = _t101;
                                                                                                                                                                                                                                                        							if(_t101 > 0xfffffff) {
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t80 = _v24 * 4 + _v24 * 4 * 2;
                                                                                                                                                                                                                                                        								__imp__moz_xmalloc(_t80);
                                                                                                                                                                                                                                                        								_t140 = _t139 + 4;
                                                                                                                                                                                                                                                        								_t102 = _t134[1];
                                                                                                                                                                                                                                                        								_v20 = _t80;
                                                                                                                                                                                                                                                        								_t81 =  *_t134;
                                                                                                                                                                                                                                                        								if(_t102 <= 0) {
                                                                                                                                                                                                                                                        									_t93 = _t81;
                                                                                                                                                                                                                                                        									_t129 = _t81 + (_t102 + _t102 * 2) * 4;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t105 = 0;
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										asm("movsd xmm0, [eax+ecx]");
                                                                                                                                                                                                                                                        										asm("movsd [edi+ecx], xmm0");
                                                                                                                                                                                                                                                        										 *(_t81 + _t105 + 8) = 0;
                                                                                                                                                                                                                                                        										 *(_v20 + _t105 + 8) =  *(_t81 + _t105 + 8);
                                                                                                                                                                                                                                                        										_t93 =  *_t134;
                                                                                                                                                                                                                                                        										_t129 = _t93 + (_t134[1] + _t134[1] * 2) * 4;
                                                                                                                                                                                                                                                        										_t32 = _t105 + 0xc; // 0xc
                                                                                                                                                                                                                                                        										_t105 = _t105 + 0xc;
                                                                                                                                                                                                                                                        									} while (_t81 + _t32 < _t129);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								if(_t93 < _t129) {
                                                                                                                                                                                                                                                        									do {
                                                                                                                                                                                                                                                        										_t82 =  *(_t93 + 8);
                                                                                                                                                                                                                                                        										 *(_t93 + 8) = 0;
                                                                                                                                                                                                                                                        										if(_t82 != 0) {
                                                                                                                                                                                                                                                        											free(_t82);
                                                                                                                                                                                                                                                        											_t140 = _t140 + 4;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t93 = _t93 + 0xc;
                                                                                                                                                                                                                                                        									} while (_t93 < _t129);
                                                                                                                                                                                                                                                        									_t93 =  *_t134;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								free(_t93);
                                                                                                                                                                                                                                                        								_t141 = _t140 + 4;
                                                                                                                                                                                                                                                        								_t76 = _v20;
                                                                                                                                                                                                                                                        								 *_t134 = _t76;
                                                                                                                                                                                                                                                        								_t134[2] = _v24;
                                                                                                                                                                                                                                                        								goto L3;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0xc);
                                                                                                                                                                                                                                                        					_t141 = _t139 + 4;
                                                                                                                                                                                                                                                        					_t116 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        					_t133 = __eax;
                                                                                                                                                                                                                                                        					if(_t116 > 0) {
                                                                                                                                                                                                                                                        						_t89 =  *__ecx;
                                                                                                                                                                                                                                                        						_t127 = 0;
                                                                                                                                                                                                                                                        						_t118 = _t89 + (_t116 + _t116 * 2) * 4;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [eax+edx]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+edx], xmm0");
                                                                                                                                                                                                                                                        							 *(_t89 + _t127 + 8) = 0;
                                                                                                                                                                                                                                                        							 *(__eax + _t127 + 8) =  *(_t89 + _t127 + 8);
                                                                                                                                                                                                                                                        							_t44 = _t127 + 0xc; // 0xc
                                                                                                                                                                                                                                                        							_t127 = _t127 + 0xc;
                                                                                                                                                                                                                                                        						} while (_t89 + _t44 < _t118);
                                                                                                                                                                                                                                                        						_t76 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        						if(_t76 > 0) {
                                                                                                                                                                                                                                                        							_t100 =  *__ecx;
                                                                                                                                                                                                                                                        							_v20 = _t100 + (_t76 + _t76 * 2) * 4;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t76 =  *(_t100 + 8);
                                                                                                                                                                                                                                                        								 *(_t100 + 8) = 0;
                                                                                                                                                                                                                                                        								if(_t76 != 0) {
                                                                                                                                                                                                                                                        									free(_t76);
                                                                                                                                                                                                                                                        									_t141 = _t141 + 4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t100 = _t100 + 0xc;
                                                                                                                                                                                                                                                        								if(_t100 >= _v20) {
                                                                                                                                                                                                                                                        									goto L2;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					 *_t134 = _t133;
                                                                                                                                                                                                                                                        					_t134[2] = 1;
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					return _t76;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}








































                                                                                                                                                                                                                                                        0x00beccd0
                                                                                                                                                                                                                                                        0x00beccd0
                                                                                                                                                                                                                                                        0x00beccd6
                                                                                                                                                                                                                                                        0x00beccdc
                                                                                                                                                                                                                                                        0x00beccde
                                                                                                                                                                                                                                                        0x00becd09
                                                                                                                                                                                                                                                        0x00becd0e
                                                                                                                                                                                                                                                        0x00bece2d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becd14
                                                                                                                                                                                                                                                        0x00becd19
                                                                                                                                                                                                                                                        0x00bece84
                                                                                                                                                                                                                                                        0x00bece89
                                                                                                                                                                                                                                                        0x00bece8f
                                                                                                                                                                                                                                                        0x00bece93
                                                                                                                                                                                                                                                        0x00bece94
                                                                                                                                                                                                                                                        0x00bece95
                                                                                                                                                                                                                                                        0x00bece96
                                                                                                                                                                                                                                                        0x00bece99
                                                                                                                                                                                                                                                        0x00becef4
                                                                                                                                                                                                                                                        0x00bece9b
                                                                                                                                                                                                                                                        0x00bece9f
                                                                                                                                                                                                                                                        0x00becea1
                                                                                                                                                                                                                                                        0x00becee9
                                                                                                                                                                                                                                                        0x00becee9
                                                                                                                                                                                                                                                        0x00becea3
                                                                                                                                                                                                                                                        0x00becea6
                                                                                                                                                                                                                                                        0x00becea8
                                                                                                                                                                                                                                                        0x00beceb0
                                                                                                                                                                                                                                                        0x00beceb6
                                                                                                                                                                                                                                                        0x00becebb
                                                                                                                                                                                                                                                        0x00becebf
                                                                                                                                                                                                                                                        0x00becefa
                                                                                                                                                                                                                                                        0x00becefa
                                                                                                                                                                                                                                                        0x00becec3
                                                                                                                                                                                                                                                        0x00becec6
                                                                                                                                                                                                                                                        0x00beced1
                                                                                                                                                                                                                                                        0x00beced5
                                                                                                                                                                                                                                                        0x00beceda
                                                                                                                                                                                                                                                        0x00becedd
                                                                                                                                                                                                                                                        0x00becee2
                                                                                                                                                                                                                                                        0x00becee7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becee7
                                                                                                                                                                                                                                                        0x00becea1
                                                                                                                                                                                                                                                        0x00becef3
                                                                                                                                                                                                                                                        0x00becd1f
                                                                                                                                                                                                                                                        0x00becd30
                                                                                                                                                                                                                                                        0x00becd36
                                                                                                                                                                                                                                                        0x00becd43
                                                                                                                                                                                                                                                        0x00becd48
                                                                                                                                                                                                                                                        0x00becd50
                                                                                                                                                                                                                                                        0x00becd59
                                                                                                                                                                                                                                                        0x00becd5b
                                                                                                                                                                                                                                                        0x00becd5e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becd64
                                                                                                                                                                                                                                                        0x00becd64
                                                                                                                                                                                                                                                        0x00becd6e
                                                                                                                                                                                                                                                        0x00becd72
                                                                                                                                                                                                                                                        0x00becd78
                                                                                                                                                                                                                                                        0x00becd7b
                                                                                                                                                                                                                                                        0x00becd7e
                                                                                                                                                                                                                                                        0x00becd81
                                                                                                                                                                                                                                                        0x00becd85
                                                                                                                                                                                                                                                        0x00bece3c
                                                                                                                                                                                                                                                        0x00bece3e
                                                                                                                                                                                                                                                        0x00becd8b
                                                                                                                                                                                                                                                        0x00becd8b
                                                                                                                                                                                                                                                        0x00becd8d
                                                                                                                                                                                                                                                        0x00becd8d
                                                                                                                                                                                                                                                        0x00becd95
                                                                                                                                                                                                                                                        0x00becd9e
                                                                                                                                                                                                                                                        0x00becda6
                                                                                                                                                                                                                                                        0x00becdad
                                                                                                                                                                                                                                                        0x00becdb2
                                                                                                                                                                                                                                                        0x00becdb5
                                                                                                                                                                                                                                                        0x00becdb9
                                                                                                                                                                                                                                                        0x00becdbc
                                                                                                                                                                                                                                                        0x00becdc0
                                                                                                                                                                                                                                                        0x00bece43
                                                                                                                                                                                                                                                        0x00bece4e
                                                                                                                                                                                                                                                        0x00bece4e
                                                                                                                                                                                                                                                        0x00bece51
                                                                                                                                                                                                                                                        0x00bece5a
                                                                                                                                                                                                                                                        0x00bece5d
                                                                                                                                                                                                                                                        0x00bece63
                                                                                                                                                                                                                                                        0x00bece63
                                                                                                                                                                                                                                                        0x00bece47
                                                                                                                                                                                                                                                        0x00bece4a
                                                                                                                                                                                                                                                        0x00bece68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bece45
                                                                                                                                                                                                                                                        0x00bece6b
                                                                                                                                                                                                                                                        0x00bece71
                                                                                                                                                                                                                                                        0x00bece74
                                                                                                                                                                                                                                                        0x00bece7a
                                                                                                                                                                                                                                                        0x00bece7c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bece7c
                                                                                                                                                                                                                                                        0x00becd5e
                                                                                                                                                                                                                                                        0x00becd19
                                                                                                                                                                                                                                                        0x00becce0
                                                                                                                                                                                                                                                        0x00becce2
                                                                                                                                                                                                                                                        0x00becce8
                                                                                                                                                                                                                                                        0x00becceb
                                                                                                                                                                                                                                                        0x00beccee
                                                                                                                                                                                                                                                        0x00beccf2
                                                                                                                                                                                                                                                        0x00becdc2
                                                                                                                                                                                                                                                        0x00becdc7
                                                                                                                                                                                                                                                        0x00becdc9
                                                                                                                                                                                                                                                        0x00becdcc
                                                                                                                                                                                                                                                        0x00becdcc
                                                                                                                                                                                                                                                        0x00becdd1
                                                                                                                                                                                                                                                        0x00becdda
                                                                                                                                                                                                                                                        0x00becde2
                                                                                                                                                                                                                                                        0x00becde6
                                                                                                                                                                                                                                                        0x00becdea
                                                                                                                                                                                                                                                        0x00becded
                                                                                                                                                                                                                                                        0x00becdf1
                                                                                                                                                                                                                                                        0x00becdf6
                                                                                                                                                                                                                                                        0x00becdfc
                                                                                                                                                                                                                                                        0x00bece04
                                                                                                                                                                                                                                                        0x00bece07
                                                                                                                                                                                                                                                        0x00bece07
                                                                                                                                                                                                                                                        0x00bece0a
                                                                                                                                                                                                                                                        0x00bece13
                                                                                                                                                                                                                                                        0x00bece16
                                                                                                                                                                                                                                                        0x00bece1c
                                                                                                                                                                                                                                                        0x00bece1c
                                                                                                                                                                                                                                                        0x00bece1f
                                                                                                                                                                                                                                                        0x00bece25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bece2b
                                                                                                                                                                                                                                                        0x00bece07
                                                                                                                                                                                                                                                        0x00becdf6
                                                                                                                                                                                                                                                        0x00beccf8
                                                                                                                                                                                                                                                        0x00beccf8
                                                                                                                                                                                                                                                        0x00beccfa
                                                                                                                                                                                                                                                        0x00becd01
                                                                                                                                                                                                                                                        0x00becd08
                                                                                                                                                                                                                                                        0x00becd08

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(0000000C,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECCE2
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BECD72
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE16
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE5D
                                                                                                                                                                                                                                                        • free.MOZGLUE(-0000000C,?,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE6B
                                                                                                                                                                                                                                                        • mozalloc_abort.MOZGLUE(alloc overflow,?,00BECCC1,?,?,?,?,00BEC944), ref: 00BECE89
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$moz_xmalloc$mozalloc_abort
                                                                                                                                                                                                                                                        • String ID: alloc overflow
                                                                                                                                                                                                                                                        • API String ID: 232320567-749304246
                                                                                                                                                                                                                                                        • Opcode ID: a1f8458dec327dafafb88dfe1bb7c04e44359be6cd6e3bb91024482008eacab4
                                                                                                                                                                                                                                                        • Instruction ID: f544931dc1ae64a19a5cb750a6724ead6379e9eb4fc3085677e1753be6adc9f4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a1f8458dec327dafafb88dfe1bb7c04e44359be6cd6e3bb91024482008eacab4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0551B5756003468FDB24CF19C8C0A6ABBF5FF44308F1485ADD8469B252EB72B956CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE3300(void* __edx, intOrPtr _a4, signed int _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				signed int _t22;
                                                                                                                                                                                                                                                        				long _t24;
                                                                                                                                                                                                                                                        				intOrPtr _t28;
                                                                                                                                                                                                                                                        				char* _t40;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				long _t50;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t48 = __edx;
                                                                                                                                                                                                                                                        				_t22 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t22 ^ _t52;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_t24 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        				__imp__ProcessIdToSessionId(_t24,  &_v48);
                                                                                                                                                                                                                                                        				if(_t24 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					_t50 = GetLastError();
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_t25, _v20 ^ _t52, _t48);
                                                                                                                                                                                                                                                        					return _t50;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t28 = _a4;
                                                                                                                                                                                                                                                        				_v52 = 0;
                                                                                                                                                                                                                                                        				_push( &_v52);
                                                                                                                                                                                                                                                        				_push(_t28);
                                                                                                                                                                                                                                                        				L00BEF6D8();
                                                                                                                                                                                                                                                        				if(_t28 != 0) {
                                                                                                                                                                                                                                                        					_t49 = _v52;
                                                                                                                                                                                                                                                        					E00BC7590(__eflags,  &_v44, L"\\Sessions\\%d\\AppContainerNamedObjects\\%ls", _v48);
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					E00BEB3D0("NtCreateDirectoryObject",  &_v56);
                                                                                                                                                                                                                                                        					_t40 =  &_v80;
                                                                                                                                                                                                                                                        					E00BE5CE0( &_v44, (_a8 & 0x000000ff) << 0x00000007 | 0x00000040, 0, _t40,  &_v88, 0);
                                                                                                                                                                                                                                                        					_v92 = 0;
                                                                                                                                                                                                                                                        					__eflags = _v56( &_v92, 0xf, _t40, _t49);
                                                                                                                                                                                                                                                        					if(__eflags < 0) {
                                                                                                                                                                                                                                                        						_t50 = E00BEB570(_t48, __eflags, _t37);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t38 = E00BC5200(_t37, _a12, _v92);
                                                                                                                                                                                                                                                        						_t50 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t25 = E00BBDF30(_t38,  &_v44, _t48);
                                                                                                                                                                                                                                                        					__eflags = _t49;
                                                                                                                                                                                                                                                        					if(_t49 != 0) {
                                                                                                                                                                                                                                                        						_t25 = LocalFree(_t49);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00be3300
                                                                                                                                                                                                                                                        0x00be3309
                                                                                                                                                                                                                                                        0x00be3310
                                                                                                                                                                                                                                                        0x00be3313
                                                                                                                                                                                                                                                        0x00be331a
                                                                                                                                                                                                                                                        0x00be3325
                                                                                                                                                                                                                                                        0x00be332d
                                                                                                                                                                                                                                                        0x00be3347
                                                                                                                                                                                                                                                        0x00be334d
                                                                                                                                                                                                                                                        0x00be334f
                                                                                                                                                                                                                                                        0x00be3354
                                                                                                                                                                                                                                                        0x00be3362
                                                                                                                                                                                                                                                        0x00be3362
                                                                                                                                                                                                                                                        0x00be332f
                                                                                                                                                                                                                                                        0x00be3335
                                                                                                                                                                                                                                                        0x00be333c
                                                                                                                                                                                                                                                        0x00be333d
                                                                                                                                                                                                                                                        0x00be333e
                                                                                                                                                                                                                                                        0x00be3345
                                                                                                                                                                                                                                                        0x00be3363
                                                                                                                                                                                                                                                        0x00be3376
                                                                                                                                                                                                                                                        0x00be3381
                                                                                                                                                                                                                                                        0x00be338e
                                                                                                                                                                                                                                                        0x00be339c
                                                                                                                                                                                                                                                        0x00be33ad
                                                                                                                                                                                                                                                        0x00be33b8
                                                                                                                                                                                                                                                        0x00be33c6
                                                                                                                                                                                                                                                        0x00be33c8
                                                                                                                                                                                                                                                        0x00be33e2
                                                                                                                                                                                                                                                        0x00be33ca
                                                                                                                                                                                                                                                        0x00be33d0
                                                                                                                                                                                                                                                        0x00be33d5
                                                                                                                                                                                                                                                        0x00be33d5
                                                                                                                                                                                                                                                        0x00be33e7
                                                                                                                                                                                                                                                        0x00be33ec
                                                                                                                                                                                                                                                        0x00be33ee
                                                                                                                                                                                                                                                        0x00be33f5
                                                                                                                                                                                                                                                        0x00be33f5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be33ee
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32 ref: 00BE331A
                                                                                                                                                                                                                                                        • ProcessIdToSessionId.KERNEL32(00000000,00000000), ref: 00BE3325
                                                                                                                                                                                                                                                        • ConvertSidToStringSidW.ADVAPI32(00000001,?), ref: 00BE333E
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE3347
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BE33F5
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • NtCreateDirectoryObject, xrefs: 00BE3389
                                                                                                                                                                                                                                                        • \Sessions\%d\AppContainerNamedObjects\%ls, xrefs: 00BE3370
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$ConvertCurrentErrorFreeLastLocalSessionString
                                                                                                                                                                                                                                                        • String ID: NtCreateDirectoryObject$\Sessions\%d\AppContainerNamedObjects\%ls
                                                                                                                                                                                                                                                        • API String ID: 2750361503-2316199652
                                                                                                                                                                                                                                                        • Opcode ID: eeb1917e284d0aed403234178d56aeb21503bc781f37f8b02917e096b80fbf14
                                                                                                                                                                                                                                                        • Instruction ID: 457524b9a21945cec0d97b41b978607a6004558d89780b639273f36da8e3d44c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eeb1917e284d0aed403234178d56aeb21503bc781f37f8b02917e096b80fbf14
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 33215EB1D00259ABEB109FA5DC49FEEBBF8EF04B54F040458F915A7241EF70AA09C764
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                                                                                                                        			E00BDDA20(intOrPtr _a8, void* _a12, void* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v4076;
                                                                                                                                                                                                                                                        				intOrPtr _v4080;
                                                                                                                                                                                                                                                        				char _v4132;
                                                                                                                                                                                                                                                        				char _v8228;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t18;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				signed int _t20;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t22;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				intOrPtr _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				E00BEF1D0();
                                                                                                                                                                                                                                                        				_t20 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t26 =  &_v4132;
                                                                                                                                                                                                                                                        				_v20 = _t20 ^ _t29;
                                                                                                                                                                                                                                                        				_t13 = memcpy(_t26, _a12, 0x1010);
                                                                                                                                                                                                                                                        				_t31 = _t30 + 0xc;
                                                                                                                                                                                                                                                        				asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        				asm("pcmpeqb xmm0, [0xbf18c0]");
                                                                                                                                                                                                                                                        				asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        				if(_t13 == 0xffff) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					if(_v4080 == 0) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t27 = _a8;
                                                                                                                                                                                                                                                        						_t19 =  &_v8228;
                                                                                                                                                                                                                                                        						memset(_t19, 0, 0x1000);
                                                                                                                                                                                                                                                        						_t31 = _t31 + 0xc;
                                                                                                                                                                                                                                                        						_t22 =  *0xbfb610; // 0x0
                                                                                                                                                                                                                                                        						if(_t22 == 0) {
                                                                                                                                                                                                                                                        							_t18 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetOPMInformation");
                                                                                                                                                                                                                                                        							_t22 = _t18;
                                                                                                                                                                                                                                                        							 *0xbfb610 = _t18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t13 =  *_t22(_t27, _t26, _t19);
                                                                                                                                                                                                                                                        						_t28 = _t13;
                                                                                                                                                                                                                                                        						if(_t13 == 0) {
                                                                                                                                                                                                                                                        							_t13 = memcpy(_a16, _t19, 0x1000);
                                                                                                                                                                                                                                                        							_t31 = _t31 + 0xc;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						E00BEECB0(_t13, _v20 ^ _t29, _t25);
                                                                                                                                                                                                                                                        						return _t28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        					asm("pcmpeqb xmm0, [0xbf18e0]");
                                                                                                                                                                                                                                                        					asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        					if(_t13 == 0xffff) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t28 = 0xc000000d;
                                                                                                                                                                                                                                                        						if(_v4080 != 4) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t13 = _v4076;
                                                                                                                                                                                                                                                        						if(_t13 == 0x10 || _t13 == 8) {
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        					_t28 = 0xc000000d;
                                                                                                                                                                                                                                                        					asm("pcmpeqb xmm0, [0xbf18f0]");
                                                                                                                                                                                                                                                        					asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        					if(_t13 != 0xffff) {
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				asm("movdqu xmm0, [ebp-0x1000]");
                                                                                                                                                                                                                                                        				asm("pcmpeqb xmm0, [0xbf18d0]");
                                                                                                                                                                                                                                                        				asm("pmovmskb eax, xmm0");
                                                                                                                                                                                                                                                        				if(_t13 != 0xffff) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bdda2b
                                                                                                                                                                                                                                                        0x00bdda30
                                                                                                                                                                                                                                                        0x00bdda39
                                                                                                                                                                                                                                                        0x00bdda41
                                                                                                                                                                                                                                                        0x00bdda4b
                                                                                                                                                                                                                                                        0x00bdda50
                                                                                                                                                                                                                                                        0x00bdda53
                                                                                                                                                                                                                                                        0x00bdda5b
                                                                                                                                                                                                                                                        0x00bdda63
                                                                                                                                                                                                                                                        0x00bdda6c
                                                                                                                                                                                                                                                        0x00bdda89
                                                                                                                                                                                                                                                        0x00bdda90
                                                                                                                                                                                                                                                        0x00bddaeb
                                                                                                                                                                                                                                                        0x00bddaeb
                                                                                                                                                                                                                                                        0x00bddaee
                                                                                                                                                                                                                                                        0x00bddafc
                                                                                                                                                                                                                                                        0x00bddb01
                                                                                                                                                                                                                                                        0x00bddb04
                                                                                                                                                                                                                                                        0x00bddb0c
                                                                                                                                                                                                                                                        0x00bddb1f
                                                                                                                                                                                                                                                        0x00bddb25
                                                                                                                                                                                                                                                        0x00bddb27
                                                                                                                                                                                                                                                        0x00bddb27
                                                                                                                                                                                                                                                        0x00bddb2f
                                                                                                                                                                                                                                                        0x00bddb31
                                                                                                                                                                                                                                                        0x00bddb35
                                                                                                                                                                                                                                                        0x00bddb40
                                                                                                                                                                                                                                                        0x00bddb45
                                                                                                                                                                                                                                                        0x00bddb45
                                                                                                                                                                                                                                                        0x00bddb48
                                                                                                                                                                                                                                                        0x00bddb4d
                                                                                                                                                                                                                                                        0x00bddb5e
                                                                                                                                                                                                                                                        0x00bddb5e
                                                                                                                                                                                                                                                        0x00bdda92
                                                                                                                                                                                                                                                        0x00bdda92
                                                                                                                                                                                                                                                        0x00bdda9a
                                                                                                                                                                                                                                                        0x00bddaa2
                                                                                                                                                                                                                                                        0x00bddaab
                                                                                                                                                                                                                                                        0x00bddacd
                                                                                                                                                                                                                                                        0x00bddad4
                                                                                                                                                                                                                                                        0x00bddad9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bddadb
                                                                                                                                                                                                                                                        0x00bddae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bddae4
                                                                                                                                                                                                                                                        0x00bddaad
                                                                                                                                                                                                                                                        0x00bddab5
                                                                                                                                                                                                                                                        0x00bddaba
                                                                                                                                                                                                                                                        0x00bddac2
                                                                                                                                                                                                                                                        0x00bddacb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bddacb
                                                                                                                                                                                                                                                        0x00bdda6e
                                                                                                                                                                                                                                                        0x00bdda76
                                                                                                                                                                                                                                                        0x00bdda7e
                                                                                                                                                                                                                                                        0x00bdda87
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00001010,?,?,?,?,00BDAE7D,?,?,?,?), ref: 00BDDA4B
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BDDAFC
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,?,?,?), ref: 00BDDB13
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetOPMInformation), ref: 00BDDB1F
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00001000,?,?,?,?,?,?), ref: 00BDDB40
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$AddressHandleModuleProcmemset
                                                                                                                                                                                                                                                        • String ID: GetOPMInformation$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 3130643468-2496369802
                                                                                                                                                                                                                                                        • Opcode ID: 9521655a6a5700c6eed67b0acb4e802ab8284872800a750056680dbeb5bc6840
                                                                                                                                                                                                                                                        • Instruction ID: a2a902c70977448d3d2c35ca559d87e5bfc5344f586efd150cae575642f1d222
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9521655a6a5700c6eed67b0acb4e802ab8284872800a750056680dbeb5bc6840
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8F31B63090025A96DB319B2DDC45FBAB3A4EB45345F0446BAF684B7290FF708DC4C751
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BE5BD0(intOrPtr* __ecx, intOrPtr __edx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				char _v176;
                                                                                                                                                                                                                                                        				intOrPtr _v180;
                                                                                                                                                                                                                                                        				char _v188;
                                                                                                                                                                                                                                                        				intOrPtr* _v192;
                                                                                                                                                                                                                                                        				intOrPtr _v196;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t19;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				intOrPtr* _t37;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				signed int _t56;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __eflags;
                                                                                                                                                                                                                                                        				_t50 = __edx;
                                                                                                                                                                                                                                                        				_v180 = __edx;
                                                                                                                                                                                                                                                        				_t51 =  &_v176;
                                                                                                                                                                                                                                                        				_t37 = __ecx;
                                                                                                                                                                                                                                                        				_t19 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v24 = _t19 ^ _t55;
                                                                                                                                                                                                                                                        				E00BBC880( &_v176, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t65, E00BBC940(_t65,  &_v176, "handle != ((HANDLE)(LONG_PTR)-1)"), " (");
                                                                                                                                                                                                                                                        				_t53 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z;
                                                                                                                                                                                                                                                        				 *_t53( *_t37);
                                                                                                                                                                                                                                                        				E00BBC940(_t65,  &_v176, " vs. ");
                                                                                                                                                                                                                                                        				 *_t53( *_v192);
                                                                                                                                                                                                                                                        				_t28 = E00BBC940(_t65, _t51, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t63 = (_t56 & 0xfffffff8) - 0xa8 + 0x24;
                                                                                                                                                                                                                                                        				_t54 = _t28;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v188, _t28);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t63 +  *((intOrPtr*)(_v196 + 4)) + 8)) = 0xbf0324;
                                                                                                                                                                                                                                                        				_t12 = _v196 + 4; // 0xbbd0b0
                                                                                                                                                                                                                                                        				_t13 =  *_t12 - 0x50; // 0xbbd060
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t63 +  *_t12 + 4)) = _t13;
                                                                                                                                                                                                                                                        				_v192 = 0xbf0330;
                                                                                                                                                                                                                                                        				_t34 = E00BBD690( &_v188, _t54, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_t34, _v44 ^ _t55, _t50);
                                                                                                                                                                                                                                                        				return _t54;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00be5bd0
                                                                                                                                                                                                                                                        0x00be5bd0
                                                                                                                                                                                                                                                        0x00be5bdf
                                                                                                                                                                                                                                                        0x00be5be3
                                                                                                                                                                                                                                                        0x00be5be7
                                                                                                                                                                                                                                                        0x00be5be9
                                                                                                                                                                                                                                                        0x00be5bf2
                                                                                                                                                                                                                                                        0x00be5bfd
                                                                                                                                                                                                                                                        0x00be5c16
                                                                                                                                                                                                                                                        0x00be5c1e
                                                                                                                                                                                                                                                        0x00be5c28
                                                                                                                                                                                                                                                        0x00be5c30
                                                                                                                                                                                                                                                        0x00be5c40
                                                                                                                                                                                                                                                        0x00be5c48
                                                                                                                                                                                                                                                        0x00be5c52
                                                                                                                                                                                                                                                        0x00be5c57
                                                                                                                                                                                                                                                        0x00be5c5e
                                                                                                                                                                                                                                                        0x00be5c63
                                                                                                                                                                                                                                                        0x00be5c73
                                                                                                                                                                                                                                                        0x00be5c7f
                                                                                                                                                                                                                                                        0x00be5c82
                                                                                                                                                                                                                                                        0x00be5c85
                                                                                                                                                                                                                                                        0x00be5c8b
                                                                                                                                                                                                                                                        0x00be5c93
                                                                                                                                                                                                                                                        0x00be5c9a
                                                                                                                                                                                                                                                        0x00be5ca2
                                                                                                                                                                                                                                                        0x00be5cb1
                                                                                                                                                                                                                                                        0x00be5cbf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,00000002,00000001), ref: 00BE5C28
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BE5C40
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BE5C52
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BE5C9A
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BE5CA2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs. $handle != ((HANDLE)(LONG_PTR)-1)
                                                                                                                                                                                                                                                        • API String ID: 4214169141-1330305732
                                                                                                                                                                                                                                                        • Opcode ID: dc3d1ee597d18ea1d95cb86b4cc7fc19032beb6d2079015721a6f330584eb8cf
                                                                                                                                                                                                                                                        • Instruction ID: ae816fe5890ea3d6ecdbc7a635f529079c07787fcadcd35e5e6cff7c19c5d315
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dc3d1ee597d18ea1d95cb86b4cc7fc19032beb6d2079015721a6f330584eb8cf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 63218375B04304ABD714EB29EC46D7FBBE5EBC5714F04446CF889973A2DA709908CB52
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BCA4C0(void* __edx) {
                                                                                                                                                                                                                                                        				struct %anon52 _v0;
                                                                                                                                                                                                                                                        				void* _v8;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				struct %anon52 _v24;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				void* _v69;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				struct %anon52 _v116;
                                                                                                                                                                                                                                                        				signed int _v144;
                                                                                                                                                                                                                                                        				signed int _v148;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER _v152;
                                                                                                                                                                                                                                                        				struct %anon52 _v160;
                                                                                                                                                                                                                                                        				intOrPtr _v172;
                                                                                                                                                                                                                                                        				signed int _v176;
                                                                                                                                                                                                                                                        				signed int _v180;
                                                                                                                                                                                                                                                        				intOrPtr _v196;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				struct %anon52 _t64;
                                                                                                                                                                                                                                                        				intOrPtr _t65;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				struct %anon52 _t71;
                                                                                                                                                                                                                                                        				signed int _t72;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				intOrPtr _t86;
                                                                                                                                                                                                                                                        				struct %anon52 _t89;
                                                                                                                                                                                                                                                        				long _t97;
                                                                                                                                                                                                                                                        				char _t98;
                                                                                                                                                                                                                                                        				long _t102;
                                                                                                                                                                                                                                                        				intOrPtr _t112;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				intOrPtr _t119;
                                                                                                                                                                                                                                                        				intOrPtr _t120;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				signed int _t130;
                                                                                                                                                                                                                                                        				intOrPtr _t134;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				signed int _t139;
                                                                                                                                                                                                                                                        				signed int _t141;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER* _t143;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t117 = __edx;
                                                                                                                                                                                                                                                        				_t143 = (_t141 & 0xfffffff8) - 0x70;
                                                                                                                                                                                                                                                        				_t59 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t59 ^ _t139;
                                                                                                                                                                                                                                                        				_v116.LowPart = 0;
                                                                                                                                                                                                                                                        				_t143->LowPart = 0;
                                                                                                                                                                                                                                                        				if(QueryPerformanceFrequency(_t143) == 0) {
                                                                                                                                                                                                                                                        					_v116.LowPart = 0;
                                                                                                                                                                                                                                                        					_t143->LowPart = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC4C80( &_v108, _t117);
                                                                                                                                                                                                                                                        				_t64 = _t143->LowPart;
                                                                                                                                                                                                                                                        				_t97 = _v116.LowPart;
                                                                                                                                                                                                                                                        				asm("sbb edx, 0x0");
                                                                                                                                                                                                                                                        				if(_t64 < 1) {
                                                                                                                                                                                                                                                        					_t119 = E00BCA720;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t119 =  ==  ? E00BCA720 : 0xbca600;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				0xbfb498->LowPart = _t64;
                                                                                                                                                                                                                                                        				 *0xbfb49c = _t97;
                                                                                                                                                                                                                                                        				if( *0xbfa058 == E00BCA480) {
                                                                                                                                                                                                                                                        					 *0xbfa058 = _t119;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t65 = _v24.HighPart;
                                                                                                                                                                                                                                                        				 *0xbfa05c = _t119;
                                                                                                                                                                                                                                                        				if(_t65 >= 0x10) {
                                                                                                                                                                                                                                                        					_t98 = _v40;
                                                                                                                                                                                                                                                        					_t134 = _t65 + 1;
                                                                                                                                                                                                                                                        					if(_t134 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t120 =  *((intOrPtr*)(_t98 - 4));
                                                                                                                                                                                                                                                        						if(_t98 + 0xfffffffc - _t120 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t98 = _t120;
                                                                                                                                                                                                                                                        							_t134 = _t65 + 0x24;
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_push(_t134);
                                                                                                                                                                                                                                                        						_push(_t98);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t143 = _t143 + 8;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_v24 = 0;
                                                                                                                                                                                                                                                        					_v24.HighPart = 0xf;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_t86 = _v44;
                                                                                                                                                                                                                                                        					if(_t86 >= 0x10) {
                                                                                                                                                                                                                                                        						_t112 = _v64;
                                                                                                                                                                                                                                                        						_t134 = _t86 + 1;
                                                                                                                                                                                                                                                        						if(_t134 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t120 =  *((intOrPtr*)(_t112 - 4));
                                                                                                                                                                                                                                                        							if(_t112 + 0xfffffffc - _t120 >= 0x20) {
                                                                                                                                                                                                                                                        								L18:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t139);
                                                                                                                                                                                                                                                        								_t140 = _t143;
                                                                                                                                                                                                                                                        								_push(_t134);
                                                                                                                                                                                                                                                        								_t66 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        								_t89 = _v116;
                                                                                                                                                                                                                                                        								_v144 = _t66 ^ _t143;
                                                                                                                                                                                                                                                        								_v148 = 0;
                                                                                                                                                                                                                                                        								_v152.LowPart = 0;
                                                                                                                                                                                                                                                        								QueryPerformanceCounter( &_v152);
                                                                                                                                                                                                                                                        								_t130 = _v152.LowPart;
                                                                                                                                                                                                                                                        								_t135 = _v148;
                                                                                                                                                                                                                                                        								asm("sbb ecx, esi");
                                                                                                                                                                                                                                                        								if(0x7bd05af6 < _t130) {
                                                                                                                                                                                                                                                        									_t71 = 0xbfb498->LowPart; // 0x0
                                                                                                                                                                                                                                                        									_t102 =  *0xbfb49c; // 0x0
                                                                                                                                                                                                                                                        									_v160 = _t71;
                                                                                                                                                                                                                                                        									_v160.HighPart = _t102;
                                                                                                                                                                                                                                                        									_t72 = E00BEF5D0(_t130, _t135, _t71, _t102);
                                                                                                                                                                                                                                                        									_v180 = _t72;
                                                                                                                                                                                                                                                        									asm("sbb esi, ebx");
                                                                                                                                                                                                                                                        									_v180 = _v180 * 0xf4240;
                                                                                                                                                                                                                                                        									_t127 = ((_t130 - _t72 * _v176) * 0xf4240 >> 0x20) + _t135 * 0xf4240;
                                                                                                                                                                                                                                                        									_t79 = E00BEF5D0((_t130 - _t72 * _v176) * 0xf4240, _t127, _v176, _v172) + _v196;
                                                                                                                                                                                                                                                        									asm("adc edx, ebx");
                                                                                                                                                                                                                                                        									_t89 = _v0;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t127 = _t130 * 0xf4240 >> 0x20;
                                                                                                                                                                                                                                                        									_t79 = E00BEF5D0(_t130 * 0xf4240, _t135 * 0xf4240 + _t127,  *0xbfb498,  *0xbfb49c);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t80 = E00BC8A40(0, 0, _t79, _t127);
                                                                                                                                                                                                                                                        								 *(_t89 + 4) = _t127;
                                                                                                                                                                                                                                                        								 *_t89 = _t80;
                                                                                                                                                                                                                                                        								E00BEECB0(_t80, _v144 ^ _t140, _t127);
                                                                                                                                                                                                                                                        								return _t89;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t86 = _t86 + 0x24;
                                                                                                                                                                                                                                                        								_t112 = _t120;
                                                                                                                                                                                                                                                        								_t134 = _t86;
                                                                                                                                                                                                                                                        								goto L13;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_push(_t134);
                                                                                                                                                                                                                                                        							_push(_t112);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						return E00BEECB0(_t86, _v16 ^ _t139, _t120);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}













































                                                                                                                                                                                                                                                        0x00bca4c0
                                                                                                                                                                                                                                                        0x00bca4c7
                                                                                                                                                                                                                                                        0x00bca4ca
                                                                                                                                                                                                                                                        0x00bca4d1
                                                                                                                                                                                                                                                        0x00bca4d7
                                                                                                                                                                                                                                                        0x00bca4df
                                                                                                                                                                                                                                                        0x00bca4ef
                                                                                                                                                                                                                                                        0x00bca4f1
                                                                                                                                                                                                                                                        0x00bca4f9
                                                                                                                                                                                                                                                        0x00bca4f9
                                                                                                                                                                                                                                                        0x00bca504
                                                                                                                                                                                                                                                        0x00bca509
                                                                                                                                                                                                                                                        0x00bca50c
                                                                                                                                                                                                                                                        0x00bca515
                                                                                                                                                                                                                                                        0x00bca518
                                                                                                                                                                                                                                                        0x00bca587
                                                                                                                                                                                                                                                        0x00bca51a
                                                                                                                                                                                                                                                        0x00bca529
                                                                                                                                                                                                                                                        0x00bca529
                                                                                                                                                                                                                                                        0x00bca52c
                                                                                                                                                                                                                                                        0x00bca531
                                                                                                                                                                                                                                                        0x00bca541
                                                                                                                                                                                                                                                        0x00bca543
                                                                                                                                                                                                                                                        0x00bca543
                                                                                                                                                                                                                                                        0x00bca549
                                                                                                                                                                                                                                                        0x00bca54d
                                                                                                                                                                                                                                                        0x00bca556
                                                                                                                                                                                                                                                        0x00bca58e
                                                                                                                                                                                                                                                        0x00bca592
                                                                                                                                                                                                                                                        0x00bca59b
                                                                                                                                                                                                                                                        0x00bca5c4
                                                                                                                                                                                                                                                        0x00bca5cf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5d1
                                                                                                                                                                                                                                                        0x00bca5d4
                                                                                                                                                                                                                                                        0x00bca5d6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5d6
                                                                                                                                                                                                                                                        0x00bca59d
                                                                                                                                                                                                                                                        0x00bca59d
                                                                                                                                                                                                                                                        0x00bca59d
                                                                                                                                                                                                                                                        0x00bca59e
                                                                                                                                                                                                                                                        0x00bca59f
                                                                                                                                                                                                                                                        0x00bca5a4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5a4
                                                                                                                                                                                                                                                        0x00bca558
                                                                                                                                                                                                                                                        0x00bca558
                                                                                                                                                                                                                                                        0x00bca558
                                                                                                                                                                                                                                                        0x00bca560
                                                                                                                                                                                                                                                        0x00bca568
                                                                                                                                                                                                                                                        0x00bca56d
                                                                                                                                                                                                                                                        0x00bca574
                                                                                                                                                                                                                                                        0x00bca5a9
                                                                                                                                                                                                                                                        0x00bca5ad
                                                                                                                                                                                                                                                        0x00bca5b6
                                                                                                                                                                                                                                                        0x00bca5da
                                                                                                                                                                                                                                                        0x00bca5e5
                                                                                                                                                                                                                                                        0x00bca5f0
                                                                                                                                                                                                                                                        0x00bca5f0
                                                                                                                                                                                                                                                        0x00bca5f6
                                                                                                                                                                                                                                                        0x00bca5f7
                                                                                                                                                                                                                                                        0x00bca5f8
                                                                                                                                                                                                                                                        0x00bca5f9
                                                                                                                                                                                                                                                        0x00bca5fa
                                                                                                                                                                                                                                                        0x00bca5fb
                                                                                                                                                                                                                                                        0x00bca5fc
                                                                                                                                                                                                                                                        0x00bca5fd
                                                                                                                                                                                                                                                        0x00bca5fe
                                                                                                                                                                                                                                                        0x00bca5ff
                                                                                                                                                                                                                                                        0x00bca600
                                                                                                                                                                                                                                                        0x00bca601
                                                                                                                                                                                                                                                        0x00bca605
                                                                                                                                                                                                                                                        0x00bca60c
                                                                                                                                                                                                                                                        0x00bca611
                                                                                                                                                                                                                                                        0x00bca616
                                                                                                                                                                                                                                                        0x00bca61e
                                                                                                                                                                                                                                                        0x00bca626
                                                                                                                                                                                                                                                        0x00bca62f
                                                                                                                                                                                                                                                        0x00bca635
                                                                                                                                                                                                                                                        0x00bca639
                                                                                                                                                                                                                                                        0x00bca649
                                                                                                                                                                                                                                                        0x00bca64b
                                                                                                                                                                                                                                                        0x00bca673
                                                                                                                                                                                                                                                        0x00bca678
                                                                                                                                                                                                                                                        0x00bca67e
                                                                                                                                                                                                                                                        0x00bca682
                                                                                                                                                                                                                                                        0x00bca68a
                                                                                                                                                                                                                                                        0x00bca693
                                                                                                                                                                                                                                                        0x00bca6ba
                                                                                                                                                                                                                                                        0x00bca6c0
                                                                                                                                                                                                                                                        0x00bca6d5
                                                                                                                                                                                                                                                        0x00bca6e6
                                                                                                                                                                                                                                                        0x00bca6ea
                                                                                                                                                                                                                                                        0x00bca6ec
                                                                                                                                                                                                                                                        0x00bca64d
                                                                                                                                                                                                                                                        0x00bca654
                                                                                                                                                                                                                                                        0x00bca66c
                                                                                                                                                                                                                                                        0x00bca66c
                                                                                                                                                                                                                                                        0x00bca6f5
                                                                                                                                                                                                                                                        0x00bca6fd
                                                                                                                                                                                                                                                        0x00bca700
                                                                                                                                                                                                                                                        0x00bca708
                                                                                                                                                                                                                                                        0x00bca716
                                                                                                                                                                                                                                                        0x00bca5e7
                                                                                                                                                                                                                                                        0x00bca5e7
                                                                                                                                                                                                                                                        0x00bca5ea
                                                                                                                                                                                                                                                        0x00bca5ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5ec
                                                                                                                                                                                                                                                        0x00bca5b8
                                                                                                                                                                                                                                                        0x00bca5b8
                                                                                                                                                                                                                                                        0x00bca5b8
                                                                                                                                                                                                                                                        0x00bca5b9
                                                                                                                                                                                                                                                        0x00bca5ba
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bca5bf
                                                                                                                                                                                                                                                        0x00bca576
                                                                                                                                                                                                                                                        0x00bca576
                                                                                                                                                                                                                                                        0x00bca586
                                                                                                                                                                                                                                                        0x00bca586
                                                                                                                                                                                                                                                        0x00bca574

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • QueryPerformanceFrequency.KERNEL32 ref: 00BCA4E7
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCA59F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCA5BA
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BCA5F0
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BCA62F
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA66C
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA68A
                                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00BCA6E1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@$??3@PerformanceQuery$CounterFrequency_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1545975061-0
                                                                                                                                                                                                                                                        • Opcode ID: c47929486536583d21e6a76bd978ce5eab7d88d805ce31e0ff9118304f5a608a
                                                                                                                                                                                                                                                        • Instruction ID: e67b0b99d72e20f7ab90cdfc217cfc212236df2a5fac3ef6d804667d3e2a99ca
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c47929486536583d21e6a76bd978ce5eab7d88d805ce31e0ff9118304f5a608a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6E61A071A043049FC708DF29D885B3BBBE5EB98318F14896DF489873A1EB30D844DB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BC7150(void* __ecx, void* _a4, int _a12, intOrPtr _a16, void* _a20, int _a24) {
                                                                                                                                                                                                                                                        				void _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				int _v60;
                                                                                                                                                                                                                                                        				int _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				int _t49;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t67;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t71;
                                                                                                                                                                                                                                                        				intOrPtr _t72;
                                                                                                                                                                                                                                                        				void _t73;
                                                                                                                                                                                                                                                        				void* _t74;
                                                                                                                                                                                                                                                        				void* _t75;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				intOrPtr _t81;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				int _t103;
                                                                                                                                                                                                                                                        				int _t106;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				intOrPtr _t111;
                                                                                                                                                                                                                                                        				unsigned int _t112;
                                                                                                                                                                                                                                                        				int _t113;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				void* _t118;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				void* _t122;
                                                                                                                                                                                                                                                        				void _t124;
                                                                                                                                                                                                                                                        				void* _t126;
                                                                                                                                                                                                                                                        				void* _t129;
                                                                                                                                                                                                                                                        				signed int _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t78 = __ecx;
                                                                                                                                                                                                                                                        				_t130 = _t129 - 0x14;
                                                                                                                                                                                                                                                        				_t100 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t117 = _a4;
                                                                                                                                                                                                                                                        				_t71 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t100 < _t117) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t112 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_t119 = _t117 + _t100;
                                                                                                                                                                                                                                                        					_v24 = _t100;
                                                                                                                                                                                                                                                        					_v32 = __ecx;
                                                                                                                                                                                                                                                        					_v36 = _t119;
                                                                                                                                                                                                                                                        					_t54 = _t119 | 0x0000000f;
                                                                                                                                                                                                                                                        					if(_t54 >= 0) {
                                                                                                                                                                                                                                                        						_t98 = (_t112 >> 1) + _t112;
                                                                                                                                                                                                                                                        						_t99 =  >=  ? _t54 : _t98;
                                                                                                                                                                                                                                                        						_t71 =  <=  ?  >=  ? _t54 : _t98 : 0x7fffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v28 = _t112;
                                                                                                                                                                                                                                                        					_t113 = _a12;
                                                                                                                                                                                                                                                        					_t9 = _t71 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t74 = _v32;
                                                                                                                                                                                                                                                        					_t56 = E00BBD730(_t9);
                                                                                                                                                                                                                                                        					_v20 = _t56;
                                                                                                                                                                                                                                                        					 *(_t74 + 0x10) = _v36;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t74 + 0x14)) = _t71;
                                                                                                                                                                                                                                                        					if(_v28 < 0x10) {
                                                                                                                                                                                                                                                        						memcpy(_t56, _t74, _t113);
                                                                                                                                                                                                                                                        						_t122 = _v20 + _t113;
                                                                                                                                                                                                                                                        						memcpy(_t122, _a20, _a24);
                                                                                                                                                                                                                                                        						_t124 = _v20;
                                                                                                                                                                                                                                                        						memcpy(_t122 + _a24, _t74 + _t113 + _a16, _v24 - _a16 + _t113 + 1);
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t75 =  *_t74;
                                                                                                                                                                                                                                                        						memcpy(_t56, _t75, _t113);
                                                                                                                                                                                                                                                        						_t126 = _t56 + _t113;
                                                                                                                                                                                                                                                        						memcpy(_t126, _a20, _a24);
                                                                                                                                                                                                                                                        						_t67 = _a16;
                                                                                                                                                                                                                                                        						_t117 = _t126 + _a24;
                                                                                                                                                                                                                                                        						_t110 = _t75 + _t113 + _t67;
                                                                                                                                                                                                                                                        						memcpy(_t117, _t110, _v24 - _t67 + _t113 + 1);
                                                                                                                                                                                                                                                        						_t130 = _t130 + 0x24;
                                                                                                                                                                                                                                                        						_t106 = _v28;
                                                                                                                                                                                                                                                        						_t22 = _t106 + 1; // 0x11
                                                                                                                                                                                                                                                        						_t78 = _t22;
                                                                                                                                                                                                                                                        						if(_t78 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t78);
                                                                                                                                                                                                                                                        							_push(_t75);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t124 = _v20;
                                                                                                                                                                                                                                                        							_t74 = _v32;
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t74 = _t124;
                                                                                                                                                                                                                                                        							return _t74;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t70 =  *(_t75 - 4);
                                                                                                                                                                                                                                                        							_t71 = _t75 + 0xfffffffc - _t70;
                                                                                                                                                                                                                                                        							if(_t71 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t128 = _t130;
                                                                                                                                                                                                                                                        								_push(_t71);
                                                                                                                                                                                                                                                        								_push(_t110);
                                                                                                                                                                                                                                                        								_push(_t117);
                                                                                                                                                                                                                                                        								_t131 = _t130 - 8;
                                                                                                                                                                                                                                                        								_t118 = _t78;
                                                                                                                                                                                                                                                        								_t79 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        								_t49 = _v28;
                                                                                                                                                                                                                                                        								_v52 = _t79 ^ _t130;
                                                                                                                                                                                                                                                        								_t72 =  *((intOrPtr*)(_t118 + 0x14));
                                                                                                                                                                                                                                                        								_t81 =  *((intOrPtr*)(_t118 + 0x10));
                                                                                                                                                                                                                                                        								_t103 = _v24;
                                                                                                                                                                                                                                                        								if(_t72 - _t81 >= _t49) {
                                                                                                                                                                                                                                                        									_t111 = _t81 + _t49;
                                                                                                                                                                                                                                                        									_t73 = _t118;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t118 + 0x10)) = _t111;
                                                                                                                                                                                                                                                        									if(_t72 >= 0x10) {
                                                                                                                                                                                                                                                        										_t73 =  *_t118;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t50 = memset(_t81 + _t73, _t103, _t49);
                                                                                                                                                                                                                                                        									 *((char*)(_t73 + _t111)) = 0;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v68 = _v28;
                                                                                                                                                                                                                                                        									_v64 = _t49;
                                                                                                                                                                                                                                                        									 *(_t131 - 0x10) = _t49;
                                                                                                                                                                                                                                                        									_v60 = _t103;
                                                                                                                                                                                                                                                        									_t118 = E00BC7330(_t118);
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								E00BEECB0(_t50, _v24 ^ _t128, _t103);
                                                                                                                                                                                                                                                        								return _t118;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t75 = _t70;
                                                                                                                                                                                                                                                        								_t78 = _t106 + 0x24;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC71D4
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,00000010,?), ref: 00BC71E6
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BC7205
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,00000011), ref: 00BC7231
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC7244
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000010,?), ref: 00BC7259
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BC727B
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC7296
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: ab0922b8a1c7d5df229c6549c720d303fd6d47c16b0f24e732a97d0fe9d8c8ba
                                                                                                                                                                                                                                                        • Instruction ID: 5d525ca52f1c9c8434a59e5a29014d3d16304394c4822a78258b5874a07321c6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ab0922b8a1c7d5df229c6549c720d303fd6d47c16b0f24e732a97d0fe9d8c8ba
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D441D372E001199FCF08DF68DC858AF77E9EF85310B194278FC15AB381DA35AD518BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 94%
                                                                                                                                                                                                                                                        			E00BCE270(intOrPtr __ecx, void** __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _v40;
                                                                                                                                                                                                                                                        				void** _v44;
                                                                                                                                                                                                                                                        				void** _v48;
                                                                                                                                                                                                                                                        				DWORD* _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v60;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				void* _t44;
                                                                                                                                                                                                                                                        				long _t47;
                                                                                                                                                                                                                                                        				void** _t48;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t52;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				long _t55;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        				void** _t62;
                                                                                                                                                                                                                                                        				void** _t77;
                                                                                                                                                                                                                                                        				long _t78;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED _t79;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t82;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				void* _t98;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t99;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t100;
                                                                                                                                                                                                                                                        				signed int _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				intOrPtr _t103;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t90 = __edx;
                                                                                                                                                                                                                                                        				_v60 = __ecx;
                                                                                                                                                                                                                                                        				_t62 = __edx;
                                                                                                                                                                                                                                                        				_t42 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t42 ^ _t101;
                                                                                                                                                                                                                                                        				_v24 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t44 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				_v44 = _t62;
                                                                                                                                                                                                                                                        				if(DuplicateHandle(GetCurrentProcess(),  *_t62, _t44,  &_v24, 0x100000, 0, 0) == 0) {
                                                                                                                                                                                                                                                        					_t47 = GetLastError();
                                                                                                                                                                                                                                                        					_t98 = 0x36;
                                                                                                                                                                                                                                                        					 *(_v44[3]) = _t47;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t52 = E00BC5200(_v24,  &_v28, _v24);
                                                                                                                                                                                                                                                        					_push(0x14);
                                                                                                                                                                                                                                                        					L00BEF6BA();
                                                                                                                                                                                                                                                        					_t103 = _t102 + 4;
                                                                                                                                                                                                                                                        					_v40 = _t52;
                                                                                                                                                                                                                                                        					_v56 = _t103;
                                                                                                                                                                                                                                                        					_t99 = _t103 - 0xc;
                                                                                                                                                                                                                                                        					_t99->Offset = 0;
                                                                                                                                                                                                                                                        					_t53 = E00BC5260(_t52,  &_v28);
                                                                                                                                                                                                                                                        					_v52 =  &(_t99->Offset);
                                                                                                                                                                                                                                                        					E00BC5200(_t53,  &(_t99->Offset), _t53);
                                                                                                                                                                                                                                                        					_t77 = _v44;
                                                                                                                                                                                                                                                        					_t55 =  *(_t77 + 4);
                                                                                                                                                                                                                                                        					_t78 =  *(_t77 + 8);
                                                                                                                                                                                                                                                        					_t99->Internal = _t78;
                                                                                                                                                                                                                                                        					if(_t78 != 0) {
                                                                                                                                                                                                                                                        						asm("lock inc dword [ecx+0x24]");
                                                                                                                                                                                                                                                        						_t79 = _t99->Internal;
                                                                                                                                                                                                                                                        						_t99->InternalHigh = _t55;
                                                                                                                                                                                                                                                        						_v40->Internal = _t79;
                                                                                                                                                                                                                                                        						if(_t79 != 0) {
                                                                                                                                                                                                                                                        							asm("lock inc dword [ecx+0x24]");
                                                                                                                                                                                                                                                        							_t55 = _t99->InternalHigh;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t99->InternalHigh = _t55;
                                                                                                                                                                                                                                                        						 *_v40 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t94 = _v52;
                                                                                                                                                                                                                                                        					_v48 =  &(_v44[1]);
                                                                                                                                                                                                                                                        					_t82 = _v40;
                                                                                                                                                                                                                                                        					 *(_t82 + 4) = _t55;
                                                                                                                                                                                                                                                        					 *(_t82 + 8) = 0;
                                                                                                                                                                                                                                                        					_t57 = E00BC5200(E00BC5260(_t55, _v52),  &(_t82->Offset), _t56);
                                                                                                                                                                                                                                                        					_t85 = _t99->Internal;
                                                                                                                                                                                                                                                        					if(_t99->Internal != 0) {
                                                                                                                                                                                                                                                        						_t57 = E00BE4A70(_t85);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BC51B0(_t57, _t94);
                                                                                                                                                                                                                                                        					_t95 = _v60;
                                                                                                                                                                                                                                                        					PostQueuedCompletionStatus( *(_t95 + 4), 0, 2, _v40);
                                                                                                                                                                                                                                                        					_t100 = _t95 + 0x1c;
                                                                                                                                                                                                                                                        					EnterCriticalSection(_t100);
                                                                                                                                                                                                                                                        					_t90 =  &_v36;
                                                                                                                                                                                                                                                        					_t60 = E00BCECF0(_t95 + 0x14,  &_v36, _v48);
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_t100);
                                                                                                                                                                                                                                                        					E00BC51B0(_t60,  &_v28);
                                                                                                                                                                                                                                                        					_t98 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t48 = _v44;
                                                                                                                                                                                                                                                        				_t71 = _t48[2];
                                                                                                                                                                                                                                                        				if(_t48[2] != 0) {
                                                                                                                                                                                                                                                        					_t48 = E00BE4A70(_t71);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t48, _v20 ^ _t101, _t90);
                                                                                                                                                                                                                                                        				return _t98;
                                                                                                                                                                                                                                                        			}



































                                                                                                                                                                                                                                                        0x00bce270
                                                                                                                                                                                                                                                        0x00bce279
                                                                                                                                                                                                                                                        0x00bce282
                                                                                                                                                                                                                                                        0x00bce284
                                                                                                                                                                                                                                                        0x00bce28b
                                                                                                                                                                                                                                                        0x00bce28e
                                                                                                                                                                                                                                                        0x00bce295
                                                                                                                                                                                                                                                        0x00bce297
                                                                                                                                                                                                                                                        0x00bce2b8
                                                                                                                                                                                                                                                        0x00bce3c3
                                                                                                                                                                                                                                                        0x00bce3cc
                                                                                                                                                                                                                                                        0x00bce3d4
                                                                                                                                                                                                                                                        0x00bce2be
                                                                                                                                                                                                                                                        0x00bce2c4
                                                                                                                                                                                                                                                        0x00bce2ce
                                                                                                                                                                                                                                                        0x00bce2d3
                                                                                                                                                                                                                                                        0x00bce2d5
                                                                                                                                                                                                                                                        0x00bce2da
                                                                                                                                                                                                                                                        0x00bce2dd
                                                                                                                                                                                                                                                        0x00bce2e0
                                                                                                                                                                                                                                                        0x00bce2e6
                                                                                                                                                                                                                                                        0x00bce2ed
                                                                                                                                                                                                                                                        0x00bce2f4
                                                                                                                                                                                                                                                        0x00bce2fb
                                                                                                                                                                                                                                                        0x00bce2ff
                                                                                                                                                                                                                                                        0x00bce304
                                                                                                                                                                                                                                                        0x00bce307
                                                                                                                                                                                                                                                        0x00bce30a
                                                                                                                                                                                                                                                        0x00bce30f
                                                                                                                                                                                                                                                        0x00bce311
                                                                                                                                                                                                                                                        0x00bce3df
                                                                                                                                                                                                                                                        0x00bce3e3
                                                                                                                                                                                                                                                        0x00bce3e8
                                                                                                                                                                                                                                                        0x00bce3ed
                                                                                                                                                                                                                                                        0x00bce3ef
                                                                                                                                                                                                                                                        0x00bce3f5
                                                                                                                                                                                                                                                        0x00bce3f9
                                                                                                                                                                                                                                                        0x00bce3f9
                                                                                                                                                                                                                                                        0x00bce317
                                                                                                                                                                                                                                                        0x00bce31a
                                                                                                                                                                                                                                                        0x00bce31d
                                                                                                                                                                                                                                                        0x00bce31d
                                                                                                                                                                                                                                                        0x00bce326
                                                                                                                                                                                                                                                        0x00bce32c
                                                                                                                                                                                                                                                        0x00bce32f
                                                                                                                                                                                                                                                        0x00bce334
                                                                                                                                                                                                                                                        0x00bce337
                                                                                                                                                                                                                                                        0x00bce34b
                                                                                                                                                                                                                                                        0x00bce350
                                                                                                                                                                                                                                                        0x00bce354
                                                                                                                                                                                                                                                        0x00bce401
                                                                                                                                                                                                                                                        0x00bce401
                                                                                                                                                                                                                                                        0x00bce35c
                                                                                                                                                                                                                                                        0x00bce36b
                                                                                                                                                                                                                                                        0x00bce371
                                                                                                                                                                                                                                                        0x00bce377
                                                                                                                                                                                                                                                        0x00bce37b
                                                                                                                                                                                                                                                        0x00bce384
                                                                                                                                                                                                                                                        0x00bce38c
                                                                                                                                                                                                                                                        0x00bce395
                                                                                                                                                                                                                                                        0x00bce39e
                                                                                                                                                                                                                                                        0x00bce3a3
                                                                                                                                                                                                                                                        0x00bce3a3
                                                                                                                                                                                                                                                        0x00bce3a5
                                                                                                                                                                                                                                                        0x00bce3a8
                                                                                                                                                                                                                                                        0x00bce3ad
                                                                                                                                                                                                                                                        0x00bce3d8
                                                                                                                                                                                                                                                        0x00bce3d8
                                                                                                                                                                                                                                                        0x00bce3b4
                                                                                                                                                                                                                                                        0x00bce3c2

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BCE295
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BCE29E
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,00000000,FFFFFFFF,00100000,00000000,00000000), ref: 00BCE2B0
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BCE3C3
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,FFFFFFFF), ref: 00BCE2D5
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5260: GetHandleVerifier.FLASHPLAYER(?,?,?,?,?,00BC5117), ref: 00BC5286
                                                                                                                                                                                                                                                        • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000002,?,00000000,00000000), ref: 00BCE371
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 00BCE37B
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 00BCE395
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorHandleLast$CriticalCurrentProcessSectionVerifier$??2@CompletionDuplicateEnterLeavePostQueuedStatus
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 624720175-0
                                                                                                                                                                                                                                                        • Opcode ID: a158d5d8db04e9cef560f82c72de841d585034bf2b3a690b59a1e4b2c6377e48
                                                                                                                                                                                                                                                        • Instruction ID: 0179d43394555e57433b0771bb35e1589386faf937dfbcbecdad150f5029125e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a158d5d8db04e9cef560f82c72de841d585034bf2b3a690b59a1e4b2c6377e48
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4C516F70A01209DFDB14DFA4D895BAEBBF5EF88314F1440ADE516AB381DB31AD41CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BE9CF0(intOrPtr* __ecx, void* __eflags, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void* _t52;
                                                                                                                                                                                                                                                        				intOrPtr _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t55;
                                                                                                                                                                                                                                                        				intOrPtr _t57;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t61;
                                                                                                                                                                                                                                                        				intOrPtr _t63;
                                                                                                                                                                                                                                                        				intOrPtr _t65;
                                                                                                                                                                                                                                                        				intOrPtr* _t72;
                                                                                                                                                                                                                                                        				void* _t74;
                                                                                                                                                                                                                                                        				intOrPtr* _t76;
                                                                                                                                                                                                                                                        				intOrPtr* _t78;
                                                                                                                                                                                                                                                        				intOrPtr* _t80;
                                                                                                                                                                                                                                                        				intOrPtr* _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t86;
                                                                                                                                                                                                                                                        				intOrPtr* _t88;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				intOrPtr _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t91;
                                                                                                                                                                                                                                                        				intOrPtr _t92;
                                                                                                                                                                                                                                                        				intOrPtr _t93;
                                                                                                                                                                                                                                                        				intOrPtr _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				intOrPtr* _t97;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t108 = __eflags;
                                                                                                                                                                                                                                                        				_t72 = __ecx;
                                                                                                                                                                                                                                                        				_t97 = __ecx;
                                                                                                                                                                                                                                                        				 *(__ecx + 4) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 8) = 0;
                                                                                                                                                                                                                                                        				 *(__ecx + 0xc) = 0;
                                                                                                                                                                                                                                                        				 *__ecx = 0xbf1d1c;
                                                                                                                                                                                                                                                        				_t5 = _t72 + 0x14; // 0x14
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx + 0x10)) = _a4;
                                                                                                                                                                                                                                                        				_t52 = memset(_t5, 0, 0xb0);
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t89 = _t52;
                                                                                                                                                                                                                                                        				_t53 = E00BCFCD0(_t52, _t108, _a4);
                                                                                                                                                                                                                                                        				asm("movd xmm0, edi");
                                                                                                                                                                                                                                                        				 *(_t97 + 0x50) = _t89;
                                                                                                                                                                                                                                                        				asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0x40], xmm0");
                                                                                                                                                                                                                                                        				_t74 =  *(_t97 + 0x14);
                                                                                                                                                                                                                                                        				 *(_t97 + 0x14) = _t89;
                                                                                                                                                                                                                                                        				if(_t74 != 0) {
                                                                                                                                                                                                                                                        					_t53 =  *((intOrPtr*)( *_t74 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t90 = _t53;
                                                                                                                                                                                                                                                        				_t55 = E00BD72E0(_t53,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x54)) = _t90;
                                                                                                                                                                                                                                                        				_t76 =  *((intOrPtr*)(_t97 + 0x18));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x18)) = _t90;
                                                                                                                                                                                                                                                        				_t110 = _t76;
                                                                                                                                                                                                                                                        				if(_t76 != 0) {
                                                                                                                                                                                                                                                        					_t55 =  *((intOrPtr*)( *_t76 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t91 = _t55;
                                                                                                                                                                                                                                                        				_t57 = E00BDDD50(_t55, _t110,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				asm("movd xmm0, edi");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x68)) = _t91;
                                                                                                                                                                                                                                                        				asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0x58], xmm0");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x8c)) = _t91;
                                                                                                                                                                                                                                                        				_t78 =  *((intOrPtr*)(_t97 + 0x1c));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x1c)) = _t91;
                                                                                                                                                                                                                                                        				_t111 = _t78;
                                                                                                                                                                                                                                                        				if(_t78 != 0) {
                                                                                                                                                                                                                                                        					_t57 =  *((intOrPtr*)( *_t78 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t92 = _t57;
                                                                                                                                                                                                                                                        				_t59 = E00BE7E10(_t57, _t111,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x6c)) = _t92;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x70)) = _t92;
                                                                                                                                                                                                                                                        				_t80 =  *((intOrPtr*)(_t97 + 0x20));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x20)) = _t92;
                                                                                                                                                                                                                                                        				_t112 = _t80;
                                                                                                                                                                                                                                                        				if(_t80 != 0) {
                                                                                                                                                                                                                                                        					_t59 =  *((intOrPtr*)( *_t80 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t93 = _t59;
                                                                                                                                                                                                                                                        				_t61 = E00BDFCB0(_t59, _t112,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x74)) = _t93;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x78)) = _t93;
                                                                                                                                                                                                                                                        				_t82 =  *((intOrPtr*)(_t97 + 0x24));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x24)) = _t93;
                                                                                                                                                                                                                                                        				if(_t82 != 0) {
                                                                                                                                                                                                                                                        					_t61 =  *((intOrPtr*)( *_t82 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t94 = _t61;
                                                                                                                                                                                                                                                        				_t63 = E00BD5200(_t61,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x7c)) = _t94;
                                                                                                                                                                                                                                                        				_t84 =  *((intOrPtr*)(_t97 + 0x28));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x28)) = _t94;
                                                                                                                                                                                                                                                        				if(_t84 != 0) {
                                                                                                                                                                                                                                                        					_t63 =  *((intOrPtr*)( *_t84 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x20);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t95 = _t63;
                                                                                                                                                                                                                                                        				_t65 = E00BDA150(_t63,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				asm("movd xmm0, edi");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x80)) = _t95;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x84)) = _t95;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x88)) = _t95;
                                                                                                                                                                                                                                                        				asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0x90], xmm0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0xa0], xmm0");
                                                                                                                                                                                                                                                        				asm("movdqu [esi+0xb0], xmm0");
                                                                                                                                                                                                                                                        				_t86 =  *((intOrPtr*)(_t97 + 0x2c));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x2c)) = _t95;
                                                                                                                                                                                                                                                        				if(_t86 != 0) {
                                                                                                                                                                                                                                                        					_t65 =  *((intOrPtr*)( *_t86 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_push(0x14);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t96 = _t65;
                                                                                                                                                                                                                                                        				E00BE7780(_t65,  *((intOrPtr*)(_t97 + 0x10)));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0xc0)) = _t96;
                                                                                                                                                                                                                                                        				_t88 =  *((intOrPtr*)(_t97 + 0x30));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t97 + 0x30)) = _t96;
                                                                                                                                                                                                                                                        				if(_t88 != 0) {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t88 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t97;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00be9cf0
                                                                                                                                                                                                                                                        0x00be9cf0
                                                                                                                                                                                                                                                        0x00be9cf9
                                                                                                                                                                                                                                                        0x00be9cfb
                                                                                                                                                                                                                                                        0x00be9d02
                                                                                                                                                                                                                                                        0x00be9d09
                                                                                                                                                                                                                                                        0x00be9d10
                                                                                                                                                                                                                                                        0x00be9d16
                                                                                                                                                                                                                                                        0x00be9d19
                                                                                                                                                                                                                                                        0x00be9d24
                                                                                                                                                                                                                                                        0x00be9d2c
                                                                                                                                                                                                                                                        0x00be9d2e
                                                                                                                                                                                                                                                        0x00be9d38
                                                                                                                                                                                                                                                        0x00be9d3b
                                                                                                                                                                                                                                                        0x00be9d40
                                                                                                                                                                                                                                                        0x00be9d44
                                                                                                                                                                                                                                                        0x00be9d47
                                                                                                                                                                                                                                                        0x00be9d4c
                                                                                                                                                                                                                                                        0x00be9d51
                                                                                                                                                                                                                                                        0x00be9d54
                                                                                                                                                                                                                                                        0x00be9d59
                                                                                                                                                                                                                                                        0x00be9ec2
                                                                                                                                                                                                                                                        0x00be9ec2
                                                                                                                                                                                                                                                        0x00be9d5f
                                                                                                                                                                                                                                                        0x00be9d61
                                                                                                                                                                                                                                                        0x00be9d6b
                                                                                                                                                                                                                                                        0x00be9d70
                                                                                                                                                                                                                                                        0x00be9d75
                                                                                                                                                                                                                                                        0x00be9d78
                                                                                                                                                                                                                                                        0x00be9d7b
                                                                                                                                                                                                                                                        0x00be9d7e
                                                                                                                                                                                                                                                        0x00be9d80
                                                                                                                                                                                                                                                        0x00be9ece
                                                                                                                                                                                                                                                        0x00be9ece
                                                                                                                                                                                                                                                        0x00be9d86
                                                                                                                                                                                                                                                        0x00be9d88
                                                                                                                                                                                                                                                        0x00be9d92
                                                                                                                                                                                                                                                        0x00be9d97
                                                                                                                                                                                                                                                        0x00be9d9c
                                                                                                                                                                                                                                                        0x00be9da0
                                                                                                                                                                                                                                                        0x00be9da3
                                                                                                                                                                                                                                                        0x00be9da8
                                                                                                                                                                                                                                                        0x00be9dad
                                                                                                                                                                                                                                                        0x00be9db3
                                                                                                                                                                                                                                                        0x00be9db6
                                                                                                                                                                                                                                                        0x00be9db9
                                                                                                                                                                                                                                                        0x00be9dbb
                                                                                                                                                                                                                                                        0x00be9eda
                                                                                                                                                                                                                                                        0x00be9eda
                                                                                                                                                                                                                                                        0x00be9dc1
                                                                                                                                                                                                                                                        0x00be9dc3
                                                                                                                                                                                                                                                        0x00be9dcd
                                                                                                                                                                                                                                                        0x00be9dd2
                                                                                                                                                                                                                                                        0x00be9dd7
                                                                                                                                                                                                                                                        0x00be9dda
                                                                                                                                                                                                                                                        0x00be9ddd
                                                                                                                                                                                                                                                        0x00be9de0
                                                                                                                                                                                                                                                        0x00be9de3
                                                                                                                                                                                                                                                        0x00be9de5
                                                                                                                                                                                                                                                        0x00be9ee6
                                                                                                                                                                                                                                                        0x00be9ee6
                                                                                                                                                                                                                                                        0x00be9deb
                                                                                                                                                                                                                                                        0x00be9ded
                                                                                                                                                                                                                                                        0x00be9df7
                                                                                                                                                                                                                                                        0x00be9dfc
                                                                                                                                                                                                                                                        0x00be9e01
                                                                                                                                                                                                                                                        0x00be9e04
                                                                                                                                                                                                                                                        0x00be9e07
                                                                                                                                                                                                                                                        0x00be9e0a
                                                                                                                                                                                                                                                        0x00be9e0f
                                                                                                                                                                                                                                                        0x00be9ef2
                                                                                                                                                                                                                                                        0x00be9ef2
                                                                                                                                                                                                                                                        0x00be9e15
                                                                                                                                                                                                                                                        0x00be9e17
                                                                                                                                                                                                                                                        0x00be9e21
                                                                                                                                                                                                                                                        0x00be9e26
                                                                                                                                                                                                                                                        0x00be9e2b
                                                                                                                                                                                                                                                        0x00be9e2e
                                                                                                                                                                                                                                                        0x00be9e31
                                                                                                                                                                                                                                                        0x00be9e36
                                                                                                                                                                                                                                                        0x00be9efe
                                                                                                                                                                                                                                                        0x00be9efe
                                                                                                                                                                                                                                                        0x00be9e3c
                                                                                                                                                                                                                                                        0x00be9e3e
                                                                                                                                                                                                                                                        0x00be9e48
                                                                                                                                                                                                                                                        0x00be9e4d
                                                                                                                                                                                                                                                        0x00be9e52
                                                                                                                                                                                                                                                        0x00be9e56
                                                                                                                                                                                                                                                        0x00be9e5c
                                                                                                                                                                                                                                                        0x00be9e62
                                                                                                                                                                                                                                                        0x00be9e68
                                                                                                                                                                                                                                                        0x00be9e6d
                                                                                                                                                                                                                                                        0x00be9e75
                                                                                                                                                                                                                                                        0x00be9e7d
                                                                                                                                                                                                                                                        0x00be9e85
                                                                                                                                                                                                                                                        0x00be9e88
                                                                                                                                                                                                                                                        0x00be9e8d
                                                                                                                                                                                                                                                        0x00be9f0a
                                                                                                                                                                                                                                                        0x00be9f0a
                                                                                                                                                                                                                                                        0x00be9e8f
                                                                                                                                                                                                                                                        0x00be9e91
                                                                                                                                                                                                                                                        0x00be9e9b
                                                                                                                                                                                                                                                        0x00be9ea0
                                                                                                                                                                                                                                                        0x00be9ea5
                                                                                                                                                                                                                                                        0x00be9eab
                                                                                                                                                                                                                                                        0x00be9eae
                                                                                                                                                                                                                                                        0x00be9eb3
                                                                                                                                                                                                                                                        0x00be9f13
                                                                                                                                                                                                                                                        0x00be9f13
                                                                                                                                                                                                                                                        0x00be9ebb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BE9D24
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,00BE48F5,00000000), ref: 00BE9D2E
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,00BE48F5,?,?,00BE48F5,00000000), ref: 00BE9D61
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,00BE48F5,?,?,00BE48F5,00000000), ref: 00BE9D88
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,00BE48F5,?,?,00BE48F5,00000000), ref: 00BE9DC3
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,00BE48F5,00000000), ref: 00BE9DED
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,?,?,?,?,00BE48F5,00000000), ref: 00BE9E17
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000020,?,?,?,?,?,?,?,00BE48F5,00000000), ref: 00BE9E3E
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,?,?,?,?,?,?,?,?,00BE48F5,00000000), ref: 00BE9E91
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$memset
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1860491036-0
                                                                                                                                                                                                                                                        • Opcode ID: 5c62e0981a75846a71ae37345dc69c0e6c60ab57cd4c8d2afe4d5fc7698e1275
                                                                                                                                                                                                                                                        • Instruction ID: cf8b830b6424a58e8304a3c908b2ff72c5515c9537e1daf2b0da77166bf717a1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5c62e0981a75846a71ae37345dc69c0e6c60ab57cd4c8d2afe4d5fc7698e1275
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3051B0B2A007418FE724DF26C845B26F7F1BF94700F104A6DE58B8B7A1EBB1A845CB51
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                                                                                                                        			E00BD5BD0(void* __ecx, void* __eflags, intOrPtr _a4, intOrPtr _a8, char _a12, intOrPtr _a16, intOrPtr _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				signed int _v72;
                                                                                                                                                                                                                                                        				intOrPtr _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				char _v96;
                                                                                                                                                                                                                                                        				intOrPtr _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				signed int _v120;
                                                                                                                                                                                                                                                        				intOrPtr _v124;
                                                                                                                                                                                                                                                        				signed int _v128;
                                                                                                                                                                                                                                                        				signed int _v132;
                                                                                                                                                                                                                                                        				char _v148;
                                                                                                                                                                                                                                                        				signed int _v152;
                                                                                                                                                                                                                                                        				signed int _v156;
                                                                                                                                                                                                                                                        				char _v172;
                                                                                                                                                                                                                                                        				intOrPtr _v176;
                                                                                                                                                                                                                                                        				signed int _v180;
                                                                                                                                                                                                                                                        				char _v196;
                                                                                                                                                                                                                                                        				char _v204;
                                                                                                                                                                                                                                                        				signed int _v224;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				intOrPtr _t110;
                                                                                                                                                                                                                                                        				signed int* _t115;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int _t132;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				intOrPtr* _t139;
                                                                                                                                                                                                                                                        				signed int _t146;
                                                                                                                                                                                                                                                        				signed int _t151;
                                                                                                                                                                                                                                                        				signed int _t157;
                                                                                                                                                                                                                                                        				signed int _t159;
                                                                                                                                                                                                                                                        				signed int* _t164;
                                                                                                                                                                                                                                                        				char* _t165;
                                                                                                                                                                                                                                                        				signed int _t166;
                                                                                                                                                                                                                                                        				intOrPtr _t172;
                                                                                                                                                                                                                                                        				intOrPtr _t175;
                                                                                                                                                                                                                                                        				signed int _t180;
                                                                                                                                                                                                                                                        				signed int _t181;
                                                                                                                                                                                                                                                        				signed int _t182;
                                                                                                                                                                                                                                                        				void* _t183;
                                                                                                                                                                                                                                                        				signed int _t185;
                                                                                                                                                                                                                                                        				signed int _t187;
                                                                                                                                                                                                                                                        				void* _t188;
                                                                                                                                                                                                                                                        				void* _t190;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t121 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t164 =  &_v72;
                                                                                                                                                                                                                                                        				_t115 =  &_v48;
                                                                                                                                                                                                                                                        				_v20 = _t121 ^ _t180;
                                                                                                                                                                                                                                                        				_v76 = 7;
                                                                                                                                                                                                                                                        				_v80 = 0;
                                                                                                                                                                                                                                                        				_v96 = 0;
                                                                                                                                                                                                                                                        				_v52 = 0xf;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v72 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0xf;
                                                                                                                                                                                                                                                        				_v32 = 0;
                                                                                                                                                                                                                                                        				_v48 = 0;
                                                                                                                                                                                                                                                        				_v104 = _a12;
                                                                                                                                                                                                                                                        				_v100 = _a20;
                                                                                                                                                                                                                                                        				E00BBA740( &_v96, _a4);
                                                                                                                                                                                                                                                        				E00BBD9B0(_t164, _a8);
                                                                                                                                                                                                                                                        				E00BBD9B0(_t115, _a16);
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_push( &_v104);
                                                                                                                                                                                                                                                        				E00BD6AD0( &_v104, _t115, __ecx + 4,  *((intOrPtr*)(__ecx + 4)), _t164, __ecx);
                                                                                                                                                                                                                                                        				_t185 = _t183 - 0x58 + 4;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0xc)) = 1;
                                                                                                                                                                                                                                                        				_t90 = _v28;
                                                                                                                                                                                                                                                        				if(_t90 >= 0x10) {
                                                                                                                                                                                                                                                        					_t129 = _v48;
                                                                                                                                                                                                                                                        					_t37 = _t90 + 1; // 0x10
                                                                                                                                                                                                                                                        					_t172 = _t37;
                                                                                                                                                                                                                                                        					__eflags = _t172 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t172 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t157 =  *((intOrPtr*)(_t129 - 4));
                                                                                                                                                                                                                                                        						_t131 = _t129 + 0xfffffffc - _t157;
                                                                                                                                                                                                                                                        						__eflags = _t131 - 0x20;
                                                                                                                                                                                                                                                        						if(_t131 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t129 = _t157;
                                                                                                                                                                                                                                                        							_t172 = _t90 + 0x24;
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_push(_t172);
                                                                                                                                                                                                                                                        						_push(_t129);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t185 = _t185 + 8;
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v28 = 0xf;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_t110 = _v52;
                                                                                                                                                                                                                                                        					if(_t110 >= 0x10) {
                                                                                                                                                                                                                                                        						_t151 = _v72;
                                                                                                                                                                                                                                                        						_t39 = _t110 + 1; // 0x10
                                                                                                                                                                                                                                                        						_t172 = _t39;
                                                                                                                                                                                                                                                        						__eflags = _t172 - 0x1000;
                                                                                                                                                                                                                                                        						if(_t172 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t157 =  *((intOrPtr*)(_t151 - 4));
                                                                                                                                                                                                                                                        							_t131 = _t151 + 0xfffffffc - _t157;
                                                                                                                                                                                                                                                        							__eflags = _t131 - 0x20;
                                                                                                                                                                                                                                                        							if(_t131 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t180);
                                                                                                                                                                                                                                                        								_t181 = _t185;
                                                                                                                                                                                                                                                        								_push(_t164);
                                                                                                                                                                                                                                                        								_push(_t172);
                                                                                                                                                                                                                                                        								_t132 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        								_t165 =  &_v172;
                                                                                                                                                                                                                                                        								_v120 = _t132 ^ _t181;
                                                                                                                                                                                                                                                        								_v176 = 7;
                                                                                                                                                                                                                                                        								_v180 = 0;
                                                                                                                                                                                                                                                        								_v196 = 0;
                                                                                                                                                                                                                                                        								_v152 = 0xf;
                                                                                                                                                                                                                                                        								_v156 = 0;
                                                                                                                                                                                                                                                        								_v172 = 0;
                                                                                                                                                                                                                                                        								_v128 = 0xf;
                                                                                                                                                                                                                                                        								_v132 = 0;
                                                                                                                                                                                                                                                        								_v148 = 0;
                                                                                                                                                                                                                                                        								_v204 = 5;
                                                                                                                                                                                                                                                        								E00BBA740( &_v196, _v100);
                                                                                                                                                                                                                                                        								E00BBD9B0(_t165, L"@ntdll.dll");
                                                                                                                                                                                                                                                        								_v124 = 1;
                                                                                                                                                                                                                                                        								_push( &_v204);
                                                                                                                                                                                                                                                        								E00BD6AD0( &_v204, _t115, _t131 + 4,  *((intOrPtr*)(_t131 + 4)), _t165, _t131 + 4);
                                                                                                                                                                                                                                                        								_t187 = _t185 - 0x58 + 4;
                                                                                                                                                                                                                                                        								_t96 = _v128;
                                                                                                                                                                                                                                                        								__eflags = _t96 - 0x10;
                                                                                                                                                                                                                                                        								if(_t96 >= 0x10) {
                                                                                                                                                                                                                                                        									_t137 = _v48;
                                                                                                                                                                                                                                                        									_t70 = _t96 + 1; // 0x10
                                                                                                                                                                                                                                                        									_t175 = _t70;
                                                                                                                                                                                                                                                        									__eflags = _t175 - 0x1000;
                                                                                                                                                                                                                                                        									if(_t175 >= 0x1000) {
                                                                                                                                                                                                                                                        										_t159 =  *(_t137 - 4);
                                                                                                                                                                                                                                                        										_t139 = _t137 + 0xfffffffc - _t159;
                                                                                                                                                                                                                                                        										__eflags = _t139 - 0x20;
                                                                                                                                                                                                                                                        										if(_t139 >= 0x20) {
                                                                                                                                                                                                                                                        											goto L23;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t137 = _t159;
                                                                                                                                                                                                                                                        											_t175 = _t96 + 0x24;
                                                                                                                                                                                                                                                        											goto L16;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										_push(_t175);
                                                                                                                                                                                                                                                        										_push(_t137);
                                                                                                                                                                                                                                                        										L00BEF6C6();
                                                                                                                                                                                                                                                        										_t187 = _t187 + 8;
                                                                                                                                                                                                                                                        										goto L13;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L13:
                                                                                                                                                                                                                                                        									_v32 = 0;
                                                                                                                                                                                                                                                        									_v28 = 0xf;
                                                                                                                                                                                                                                                        									_v48 = 0;
                                                                                                                                                                                                                                                        									_t105 = _v52;
                                                                                                                                                                                                                                                        									__eflags = _t105 - 0x10;
                                                                                                                                                                                                                                                        									if(_t105 >= 0x10) {
                                                                                                                                                                                                                                                        										_t146 = _v72;
                                                                                                                                                                                                                                                        										_t72 = _t105 + 1; // 0x10
                                                                                                                                                                                                                                                        										_t175 = _t72;
                                                                                                                                                                                                                                                        										__eflags = _t175 - 0x1000;
                                                                                                                                                                                                                                                        										if(_t175 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t159 =  *(_t146 - 4);
                                                                                                                                                                                                                                                        											_t139 = _t146 + 0xfffffffc - _t159;
                                                                                                                                                                                                                                                        											__eflags = _t139 - 0x20;
                                                                                                                                                                                                                                                        											if(_t139 >= 0x20) {
                                                                                                                                                                                                                                                        												L23:
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t181);
                                                                                                                                                                                                                                                        												_t182 = _t187;
                                                                                                                                                                                                                                                        												_push(_t115);
                                                                                                                                                                                                                                                        												_push(_t165);
                                                                                                                                                                                                                                                        												_push(_t175);
                                                                                                                                                                                                                                                        												_t188 = _t187 - 0xc;
                                                                                                                                                                                                                                                        												_t97 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        												_t116 = 0;
                                                                                                                                                                                                                                                        												_t98 = _t97 ^ _t182;
                                                                                                                                                                                                                                                        												_v224 = _t97 ^ _t182;
                                                                                                                                                                                                                                                        												__eflags =  *(_t139 + 8);
                                                                                                                                                                                                                                                        												if(__eflags != 0) {
                                                                                                                                                                                                                                                        													_t176 = _t139;
                                                                                                                                                                                                                                                        													_t99 = E00BD5F40(_t139, __eflags);
                                                                                                                                                                                                                                                        													_t166 = _t99;
                                                                                                                                                                                                                                                        													_push(_t99);
                                                                                                                                                                                                                                                        													L00BEF6CC();
                                                                                                                                                                                                                                                        													_t98 = E00BD6040(_t139, _t99, _t166);
                                                                                                                                                                                                                                                        													_t159 = _t99;
                                                                                                                                                                                                                                                        													_t190 = _t188 + 8;
                                                                                                                                                                                                                                                        													_t116 = 0x26;
                                                                                                                                                                                                                                                        													__eflags = _t98;
                                                                                                                                                                                                                                                        													if(_t98 != 0) {
                                                                                                                                                                                                                                                        														_t116 = 0x27;
                                                                                                                                                                                                                                                        														_v36 = _t159;
                                                                                                                                                                                                                                                        														_t98 = E00BEB4E0( *((intOrPtr*)( *_t176)), _t159, _t166,  &_v32);
                                                                                                                                                                                                                                                        														_t190 = _t190 + 0x10;
                                                                                                                                                                                                                                                        														__eflags = _t98;
                                                                                                                                                                                                                                                        														if(_t98 != 0) {
                                                                                                                                                                                                                                                        															__eflags = _t166;
                                                                                                                                                                                                                                                        															_t162 = 0 | _t166 != 0x00000000;
                                                                                                                                                                                                                                                        															_t98 = E00BD6270(_t176, _t166 != 0);
                                                                                                                                                                                                                                                        															_t116 = _t98;
                                                                                                                                                                                                                                                        															__eflags = _t98;
                                                                                                                                                                                                                                                        															if(__eflags == 0) {
                                                                                                                                                                                                                                                        																 *0xbfb5bc = _v32;
                                                                                                                                                                                                                                                        																_t116 = E00BE9630( *_t176, _t162, __eflags, "g_interceptions", "true", 4);
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t159 = _v36;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_push(_t159);
                                                                                                                                                                                                                                                        													L00BEF6D2();
                                                                                                                                                                                                                                                        													_t188 = _t190 + 4;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												__eflags = _v28 ^ _t182;
                                                                                                                                                                                                                                                        												E00BEECB0(_t98, _v28 ^ _t182, _t159);
                                                                                                                                                                                                                                                        												return _t116;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t105 = _t105 + 0x24;
                                                                                                                                                                                                                                                        												_t146 = _t159;
                                                                                                                                                                                                                                                        												_t175 = _t105;
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											_push(_t175);
                                                                                                                                                                                                                                                        											_push(_t146);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t187 = _t187 + 8;
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L14:
                                                                                                                                                                                                                                                        										_v56 = 0;
                                                                                                                                                                                                                                                        										_v52 = 0xf;
                                                                                                                                                                                                                                                        										_v72 = 0;
                                                                                                                                                                                                                                                        										_t106 = E00BBDF30(_t105,  &_v96, _t159);
                                                                                                                                                                                                                                                        										__eflags = _v20 ^ _t181;
                                                                                                                                                                                                                                                        										E00BEECB0(_t106, _v20 ^ _t181, _t159);
                                                                                                                                                                                                                                                        										return 1;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t110 = _t110 + 0x24;
                                                                                                                                                                                                                                                        								_t151 = _t157;
                                                                                                                                                                                                                                                        								_t172 = _t110;
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							_push(_t172);
                                                                                                                                                                                                                                                        							_push(_t151);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t185 = _t185 + 8;
                                                                                                                                                                                                                                                        							goto L2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_v56 = 0;
                                                                                                                                                                                                                                                        						_v52 = 0xf;
                                                                                                                                                                                                                                                        						_v72 = 0;
                                                                                                                                                                                                                                                        						E00BEECB0(E00BBDF30(_t110,  &_v96, _t157), _v20 ^ _t180, _t157);
                                                                                                                                                                                                                                                        						return 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

































































                                                                                                                                                                                                                                                        0x00bd5bdb
                                                                                                                                                                                                                                                        0x00bd5be4
                                                                                                                                                                                                                                                        0x00bd5be7
                                                                                                                                                                                                                                                        0x00bd5bec
                                                                                                                                                                                                                                                        0x00bd5bf2
                                                                                                                                                                                                                                                        0x00bd5bf9
                                                                                                                                                                                                                                                        0x00bd5c00
                                                                                                                                                                                                                                                        0x00bd5c06
                                                                                                                                                                                                                                                        0x00bd5c0d
                                                                                                                                                                                                                                                        0x00bd5c14
                                                                                                                                                                                                                                                        0x00bd5c18
                                                                                                                                                                                                                                                        0x00bd5c1f
                                                                                                                                                                                                                                                        0x00bd5c26
                                                                                                                                                                                                                                                        0x00bd5c2a
                                                                                                                                                                                                                                                        0x00bd5c30
                                                                                                                                                                                                                                                        0x00bd5c37
                                                                                                                                                                                                                                                        0x00bd5c41
                                                                                                                                                                                                                                                        0x00bd5c4b
                                                                                                                                                                                                                                                        0x00bd5c50
                                                                                                                                                                                                                                                        0x00bd5c60
                                                                                                                                                                                                                                                        0x00bd5c61
                                                                                                                                                                                                                                                        0x00bd5c66
                                                                                                                                                                                                                                                        0x00bd5c69
                                                                                                                                                                                                                                                        0x00bd5c6d
                                                                                                                                                                                                                                                        0x00bd5c73
                                                                                                                                                                                                                                                        0x00bd5cbf
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc5
                                                                                                                                                                                                                                                        0x00bd5ccb
                                                                                                                                                                                                                                                        0x00bd5cf3
                                                                                                                                                                                                                                                        0x00bd5cf9
                                                                                                                                                                                                                                                        0x00bd5cfb
                                                                                                                                                                                                                                                        0x00bd5cfe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d00
                                                                                                                                                                                                                                                        0x00bd5d03
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5cce
                                                                                                                                                                                                                                                        0x00bd5ccf
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c7c
                                                                                                                                                                                                                                                        0x00bd5c83
                                                                                                                                                                                                                                                        0x00bd5c87
                                                                                                                                                                                                                                                        0x00bd5c8d
                                                                                                                                                                                                                                                        0x00bd5cd9
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdf
                                                                                                                                                                                                                                                        0x00bd5ce5
                                                                                                                                                                                                                                                        0x00bd5d09
                                                                                                                                                                                                                                                        0x00bd5d0f
                                                                                                                                                                                                                                                        0x00bd5d11
                                                                                                                                                                                                                                                        0x00bd5d14
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d25
                                                                                                                                                                                                                                                        0x00bd5d26
                                                                                                                                                                                                                                                        0x00bd5d27
                                                                                                                                                                                                                                                        0x00bd5d28
                                                                                                                                                                                                                                                        0x00bd5d29
                                                                                                                                                                                                                                                        0x00bd5d2a
                                                                                                                                                                                                                                                        0x00bd5d2b
                                                                                                                                                                                                                                                        0x00bd5d2c
                                                                                                                                                                                                                                                        0x00bd5d2d
                                                                                                                                                                                                                                                        0x00bd5d2e
                                                                                                                                                                                                                                                        0x00bd5d2f
                                                                                                                                                                                                                                                        0x00bd5d30
                                                                                                                                                                                                                                                        0x00bd5d31
                                                                                                                                                                                                                                                        0x00bd5d33
                                                                                                                                                                                                                                                        0x00bd5d34
                                                                                                                                                                                                                                                        0x00bd5d3a
                                                                                                                                                                                                                                                        0x00bd5d43
                                                                                                                                                                                                                                                        0x00bd5d48
                                                                                                                                                                                                                                                        0x00bd5d4e
                                                                                                                                                                                                                                                        0x00bd5d55
                                                                                                                                                                                                                                                        0x00bd5d5c
                                                                                                                                                                                                                                                        0x00bd5d62
                                                                                                                                                                                                                                                        0x00bd5d69
                                                                                                                                                                                                                                                        0x00bd5d70
                                                                                                                                                                                                                                                        0x00bd5d74
                                                                                                                                                                                                                                                        0x00bd5d7b
                                                                                                                                                                                                                                                        0x00bd5d82
                                                                                                                                                                                                                                                        0x00bd5d86
                                                                                                                                                                                                                                                        0x00bd5d8e
                                                                                                                                                                                                                                                        0x00bd5d9a
                                                                                                                                                                                                                                                        0x00bd5d9f
                                                                                                                                                                                                                                                        0x00bd5db1
                                                                                                                                                                                                                                                        0x00bd5db2
                                                                                                                                                                                                                                                        0x00bd5db7
                                                                                                                                                                                                                                                        0x00bd5dba
                                                                                                                                                                                                                                                        0x00bd5dbd
                                                                                                                                                                                                                                                        0x00bd5dc0
                                                                                                                                                                                                                                                        0x00bd5e0b
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e11
                                                                                                                                                                                                                                                        0x00bd5e17
                                                                                                                                                                                                                                                        0x00bd5e3f
                                                                                                                                                                                                                                                        0x00bd5e45
                                                                                                                                                                                                                                                        0x00bd5e47
                                                                                                                                                                                                                                                        0x00bd5e4a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e4c
                                                                                                                                                                                                                                                        0x00bd5e4f
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e1a
                                                                                                                                                                                                                                                        0x00bd5e1b
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc9
                                                                                                                                                                                                                                                        0x00bd5dd0
                                                                                                                                                                                                                                                        0x00bd5dd4
                                                                                                                                                                                                                                                        0x00bd5dd7
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5e25
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e2b
                                                                                                                                                                                                                                                        0x00bd5e31
                                                                                                                                                                                                                                                        0x00bd5e55
                                                                                                                                                                                                                                                        0x00bd5e5b
                                                                                                                                                                                                                                                        0x00bd5e5d
                                                                                                                                                                                                                                                        0x00bd5e60
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e71
                                                                                                                                                                                                                                                        0x00bd5e72
                                                                                                                                                                                                                                                        0x00bd5e73
                                                                                                                                                                                                                                                        0x00bd5e74
                                                                                                                                                                                                                                                        0x00bd5e75
                                                                                                                                                                                                                                                        0x00bd5e76
                                                                                                                                                                                                                                                        0x00bd5e77
                                                                                                                                                                                                                                                        0x00bd5e78
                                                                                                                                                                                                                                                        0x00bd5e79
                                                                                                                                                                                                                                                        0x00bd5e7a
                                                                                                                                                                                                                                                        0x00bd5e7b
                                                                                                                                                                                                                                                        0x00bd5e7c
                                                                                                                                                                                                                                                        0x00bd5e7d
                                                                                                                                                                                                                                                        0x00bd5e7e
                                                                                                                                                                                                                                                        0x00bd5e7f
                                                                                                                                                                                                                                                        0x00bd5e80
                                                                                                                                                                                                                                                        0x00bd5e81
                                                                                                                                                                                                                                                        0x00bd5e83
                                                                                                                                                                                                                                                        0x00bd5e84
                                                                                                                                                                                                                                                        0x00bd5e85
                                                                                                                                                                                                                                                        0x00bd5e86
                                                                                                                                                                                                                                                        0x00bd5e89
                                                                                                                                                                                                                                                        0x00bd5e8e
                                                                                                                                                                                                                                                        0x00bd5e90
                                                                                                                                                                                                                                                        0x00bd5e92
                                                                                                                                                                                                                                                        0x00bd5e95
                                                                                                                                                                                                                                                        0x00bd5e99
                                                                                                                                                                                                                                                        0x00bd5eaf
                                                                                                                                                                                                                                                        0x00bd5eb1
                                                                                                                                                                                                                                                        0x00bd5eb6
                                                                                                                                                                                                                                                        0x00bd5eb8
                                                                                                                                                                                                                                                        0x00bd5eb9
                                                                                                                                                                                                                                                        0x00bd5ec8
                                                                                                                                                                                                                                                        0x00bd5ecd
                                                                                                                                                                                                                                                        0x00bd5ecf
                                                                                                                                                                                                                                                        0x00bd5ed2
                                                                                                                                                                                                                                                        0x00bd5ed7
                                                                                                                                                                                                                                                        0x00bd5ed9
                                                                                                                                                                                                                                                        0x00bd5ee0
                                                                                                                                                                                                                                                        0x00bd5ee7
                                                                                                                                                                                                                                                        0x00bd5eed
                                                                                                                                                                                                                                                        0x00bd5ef2
                                                                                                                                                                                                                                                        0x00bd5ef5
                                                                                                                                                                                                                                                        0x00bd5ef7
                                                                                                                                                                                                                                                        0x00bd5f09
                                                                                                                                                                                                                                                        0x00bd5f0d
                                                                                                                                                                                                                                                        0x00bd5f10
                                                                                                                                                                                                                                                        0x00bd5f15
                                                                                                                                                                                                                                                        0x00bd5f17
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5f1e
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5efc
                                                                                                                                                                                                                                                        0x00bd5efd
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5e9e
                                                                                                                                                                                                                                                        0x00bd5ea0
                                                                                                                                                                                                                                                        0x00bd5eae
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e65
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e34
                                                                                                                                                                                                                                                        0x00bd5e35
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddf
                                                                                                                                                                                                                                                        0x00bd5de6
                                                                                                                                                                                                                                                        0x00bd5ded
                                                                                                                                                                                                                                                        0x00bd5df1
                                                                                                                                                                                                                                                        0x00bd5df9
                                                                                                                                                                                                                                                        0x00bd5dfb
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d19
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce8
                                                                                                                                                                                                                                                        0x00bd5ce9
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c92
                                                                                                                                                                                                                                                        0x00bd5c99
                                                                                                                                                                                                                                                        0x00bd5ca0
                                                                                                                                                                                                                                                        0x00bd5cae
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5c8d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00BB2D55,00BB2D55,?,?,00BB3EE0), ref: 00BBA759
                                                                                                                                                                                                                                                          • Part of subcall function 00BBA740: memmove.NTDLL(?,00BB2D55,00000000,?,00BB2D55,?,?,00BB3EE0), ref: 00BBA77D
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BBD9C9
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD9B0: memmove.NTDLL(?,?,00000000), ref: 00BBD9E9
                                                                                                                                                                                                                                                          • Part of subcall function 00BD6AD0: ??2@YAPAXI@Z.MOZGLUE(0000005C), ref: 00BD6AE3
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5CCF
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5CE9
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BD5D1F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@memmove$??2@_invalid_parameter_noinfo_noreturnstrlenwcslen
                                                                                                                                                                                                                                                        • String ID: @ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 3260599714-536421688
                                                                                                                                                                                                                                                        • Opcode ID: 95abb8b8433cc14a26c9066ae7073806ca4293c17857643426232310fea35948
                                                                                                                                                                                                                                                        • Instruction ID: 27dbafda6ab68aec9d6f12b573eb4e97183c6a17afa0276043b12063c1cf5bf6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 95abb8b8433cc14a26c9066ae7073806ca4293c17857643426232310fea35948
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C881D071D002489FDB24DFA4D898BEEFBB2EF44318F144569E40A6B381EB755948CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                                                                                                                        			E00BD4210(intOrPtr __ecx, void* __edx, char* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v188;
                                                                                                                                                                                                                                                        				long _v192;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v220;
                                                                                                                                                                                                                                                        				char _v224;
                                                                                                                                                                                                                                                        				intOrPtr* _v228;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				int _t42;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				int _t55;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				char _t64;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				char* _t84;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				signed int _t88;
                                                                                                                                                                                                                                                        				intOrPtr* _t90;
                                                                                                                                                                                                                                                        				intOrPtr* _t91;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t90 = (_t88 & 0xfffffff8) - 0xd8;
                                                                                                                                                                                                                                                        				 *_t90 = __ecx;
                                                                                                                                                                                                                                                        				_t84 = _a4;
                                                                                                                                                                                                                                                        				_t38 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v24 = _t38 ^ _t87;
                                                                                                                                                                                                                                                        				if( *0xbfb504 == 0) {
                                                                                                                                                                                                                                                        					_push("g_handles_to_close");
                                                                                                                                                                                                                                                        					E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc", 0x81);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t84 = 1;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfb504; // 0x0
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t40 + 4)) != 0) {
                                                                                                                                                                                                                                                        					_t64 = 0;
                                                                                                                                                                                                                                                        					_t60 = _t40 + 8;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t17 = _t60 + 0xc; // 0x4
                                                                                                                                                                                                                                                        						_t85 = _t17;
                                                                                                                                                                                                                                                        						_v224 = _t64;
                                                                                                                                                                                                                                                        						_t42 = wcscmp(_t17, L"ALPC Port");
                                                                                                                                                                                                                                                        						_t91 = _t90 + 8;
                                                                                                                                                                                                                                                        						if(_t42 == 0) {
                                                                                                                                                                                                                                                        							 *_a4 = 0;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t80 =  &_v208;
                                                                                                                                                                                                                                                        						_v192 = 0;
                                                                                                                                                                                                                                                        						_v188 = 7;
                                                                                                                                                                                                                                                        						_v208 = 0;
                                                                                                                                                                                                                                                        						E00BBA740( &_v208, _t85);
                                                                                                                                                                                                                                                        						_t79 =  &_v220;
                                                                                                                                                                                                                                                        						E00BD4930( *_t91,  &_v220,  &_v208);
                                                                                                                                                                                                                                                        						_t90 = _t91 + 4;
                                                                                                                                                                                                                                                        						_v224 = _v220;
                                                                                                                                                                                                                                                        						E00BBDF30(_v220, _t80,  &_v220);
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t60 + 8)) != 0) {
                                                                                                                                                                                                                                                        							_t86 = 0;
                                                                                                                                                                                                                                                        							_v228 = _t60;
                                                                                                                                                                                                                                                        							_t82 =  *((intOrPtr*)(_t60 + 4)) + _t60;
                                                                                                                                                                                                                                                        							do {
                                                                                                                                                                                                                                                        								_t61 =  &_v208;
                                                                                                                                                                                                                                                        								_v192 = 0;
                                                                                                                                                                                                                                                        								_v188 = 7;
                                                                                                                                                                                                                                                        								_v208 = 0;
                                                                                                                                                                                                                                                        								E00BBA740( &_v208, _t82);
                                                                                                                                                                                                                                                        								_t79 =  &_v220;
                                                                                                                                                                                                                                                        								_t51 = E00BD4EB0(_v224 + 0x28,  &_v220,  &_v208);
                                                                                                                                                                                                                                                        								_t90 = _t90 + 4;
                                                                                                                                                                                                                                                        								E00BBDF30(_t51, _t61,  &_v220);
                                                                                                                                                                                                                                                        								if(_v216 == 0) {
                                                                                                                                                                                                                                                        									_push("name.second");
                                                                                                                                                                                                                                                        									E00BC1FF0( &_v208, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc", 0x95);
                                                                                                                                                                                                                                                        									E00BC20C0();
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t60 = _v228;
                                                                                                                                                                                                                                                        								_t86 = _t86 + 1;
                                                                                                                                                                                                                                                        								_t82 = _t82 + 2 +  *(_v216 + 0x20) * 2;
                                                                                                                                                                                                                                                        							} while (_t86 <  *((intOrPtr*)(_t60 + 8)));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t40 =  *0xbfb504; // 0x0
                                                                                                                                                                                                                                                        						_t60 = _t60 +  *_t60;
                                                                                                                                                                                                                                                        						_t64 = _v224 + 1;
                                                                                                                                                                                                                                                        					} while (_t64 <  *((intOrPtr*)(_t40 + 4)));
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t55 = VirtualFree(_t40, 0, 0x8000);
                                                                                                                                                                                                                                                        					 *0xbfb504 = 0;
                                                                                                                                                                                                                                                        					return E00BEECB0(_t55, _v24 ^ _t87, _t79);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bd4219
                                                                                                                                                                                                                                                        0x00bd421f
                                                                                                                                                                                                                                                        0x00bd4222
                                                                                                                                                                                                                                                        0x00bd4225
                                                                                                                                                                                                                                                        0x00bd422c
                                                                                                                                                                                                                                                        0x00bd423a
                                                                                                                                                                                                                                                        0x00bd4242
                                                                                                                                                                                                                                                        0x00bd4251
                                                                                                                                                                                                                                                        0x00bd4258
                                                                                                                                                                                                                                                        0x00bd4258
                                                                                                                                                                                                                                                        0x00bd425d
                                                                                                                                                                                                                                                        0x00bd4260
                                                                                                                                                                                                                                                        0x00bd4269
                                                                                                                                                                                                                                                        0x00bd429e
                                                                                                                                                                                                                                                        0x00bd42a0
                                                                                                                                                                                                                                                        0x00bd430e
                                                                                                                                                                                                                                                        0x00bd430e
                                                                                                                                                                                                                                                        0x00bd430e
                                                                                                                                                                                                                                                        0x00bd4311
                                                                                                                                                                                                                                                        0x00bd431b
                                                                                                                                                                                                                                                        0x00bd4321
                                                                                                                                                                                                                                                        0x00bd4326
                                                                                                                                                                                                                                                        0x00bd432b
                                                                                                                                                                                                                                                        0x00bd432b
                                                                                                                                                                                                                                                        0x00bd42b5
                                                                                                                                                                                                                                                        0x00bd42b9
                                                                                                                                                                                                                                                        0x00bd42c1
                                                                                                                                                                                                                                                        0x00bd42c5
                                                                                                                                                                                                                                                        0x00bd42cf
                                                                                                                                                                                                                                                        0x00bd42d7
                                                                                                                                                                                                                                                        0x00bd42dc
                                                                                                                                                                                                                                                        0x00bd42e1
                                                                                                                                                                                                                                                        0x00bd42ea
                                                                                                                                                                                                                                                        0x00bd42ee
                                                                                                                                                                                                                                                        0x00bd42f7
                                                                                                                                                                                                                                                        0x00bd4333
                                                                                                                                                                                                                                                        0x00bd4335
                                                                                                                                                                                                                                                        0x00bd4339
                                                                                                                                                                                                                                                        0x00bd4355
                                                                                                                                                                                                                                                        0x00bd435a
                                                                                                                                                                                                                                                        0x00bd435e
                                                                                                                                                                                                                                                        0x00bd4366
                                                                                                                                                                                                                                                        0x00bd436a
                                                                                                                                                                                                                                                        0x00bd4374
                                                                                                                                                                                                                                                        0x00bd437d
                                                                                                                                                                                                                                                        0x00bd4385
                                                                                                                                                                                                                                                        0x00bd438a
                                                                                                                                                                                                                                                        0x00bd438f
                                                                                                                                                                                                                                                        0x00bd4399
                                                                                                                                                                                                                                                        0x00bd43a1
                                                                                                                                                                                                                                                        0x00bd43b0
                                                                                                                                                                                                                                                        0x00bd43b7
                                                                                                                                                                                                                                                        0x00bd43b7
                                                                                                                                                                                                                                                        0x00bd4344
                                                                                                                                                                                                                                                        0x00bd4348
                                                                                                                                                                                                                                                        0x00bd434f
                                                                                                                                                                                                                                                        0x00bd434f
                                                                                                                                                                                                                                                        0x00bd4355
                                                                                                                                                                                                                                                        0x00bd42fd
                                                                                                                                                                                                                                                        0x00bd4302
                                                                                                                                                                                                                                                        0x00bd4304
                                                                                                                                                                                                                                                        0x00bd4305
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd426b
                                                                                                                                                                                                                                                        0x00bd426b
                                                                                                                                                                                                                                                        0x00bd4273
                                                                                                                                                                                                                                                        0x00bd4279
                                                                                                                                                                                                                                                        0x00bd4298
                                                                                                                                                                                                                                                        0x00bd4298

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcscmp.API-MS-WIN-CRT-STRING-L1-1-0(00000004,ALPC Port), ref: 00BD431B
                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00000000,00008000), ref: 00BD4273
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • g_handles_to_close, xrefs: 00BD4242
                                                                                                                                                                                                                                                        • name.second, xrefs: 00BD43A1
                                                                                                                                                                                                                                                        • ALPC Port, xrefs: 00BD4315
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc, xrefs: 00BD424C, 00BD43AB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??1?$basic_streambuf@D@std@@@std@@FreeU?$char_traits@Virtualwcscmp
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc$ALPC Port$g_handles_to_close$name.second
                                                                                                                                                                                                                                                        • API String ID: 4239719893-1431499672
                                                                                                                                                                                                                                                        • Opcode ID: 62f34d414f3148ed0491c14e2cd333da740c49f1a1344654487d9199b954b126
                                                                                                                                                                                                                                                        • Instruction ID: 90a01e3102e89c4a0739f40c902785f6173becee77a89a9a1a8dd4128b85020f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 62f34d414f3148ed0491c14e2cd333da740c49f1a1344654487d9199b954b126
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E641B3706083019FCB10DF14D895B6EBBE5EF94314F0048AEF4855B392EB74A948CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateJobObjectW.KERNEL32 ref: 00BD716B
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(00000000), ref: 00BD7183
                                                                                                                                                                                                                                                        • SetInformationJobObject.KERNEL32 ref: 00BD725D
                                                                                                                                                                                                                                                        • SetInformationJobObject.KERNEL32 ref: 00BD727D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD728D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Object$ErrorInformationLast$Create
                                                                                                                                                                                                                                                        • String ID: '
                                                                                                                                                                                                                                                        • API String ID: 920667998-1997036262
                                                                                                                                                                                                                                                        • Opcode ID: 2b8eaf724f99f6d9378b0696fe3c67e31c528a94437dea749a5e558d3056b959
                                                                                                                                                                                                                                                        • Instruction ID: 8f91813182a084e5d69647a3dd031108aab8f00ed65ce9e90e197f130425ab31
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2b8eaf724f99f6d9378b0696fe3c67e31c528a94437dea749a5e558d3056b959
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5241B070A483809BE7248F29D845BAAB7E5FFC4314F10862EE99997380EF758945CB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 76%
                                                                                                                                                                                                                                                        			E00BE4920(intOrPtr* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				intOrPtr* _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				intOrPtr* _t31;
                                                                                                                                                                                                                                                        				intOrPtr* _t37;
                                                                                                                                                                                                                                                        				intOrPtr* _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				intOrPtr _t48;
                                                                                                                                                                                                                                                        				intOrPtr* _t50;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				intOrPtr* _t56;
                                                                                                                                                                                                                                                        				void* _t60;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t45 = __edx;
                                                                                                                                                                                                                                                        				 *__ecx = 0xbf1b30;
                                                                                                                                                                                                                                                        				_t53 = __ecx;
                                                                                                                                                                                                                                                        				_t17 =  *((intOrPtr*)(__ecx + 0x1c));
                                                                                                                                                                                                                                                        				_t31 =  *_t17;
                                                                                                                                                                                                                                                        				if(_t17 != _t31) {
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t47 =  *((intOrPtr*)(_t31 + 8));
                                                                                                                                                                                                                                                        						__eflags = _t47;
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							E00BE9180(_t47, __eflags);
                                                                                                                                                                                                                                                        							_push(_t47);
                                                                                                                                                                                                                                                        							L00BEF6C0();
                                                                                                                                                                                                                                                        							_t60 = _t60 + 4;
                                                                                                                                                                                                                                                        							_t17 =  *((intOrPtr*)(_t53 + 0x1c));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t31 =  *_t31;
                                                                                                                                                                                                                                                        						__eflags = _t17 - _t31;
                                                                                                                                                                                                                                                        						if(_t17 == _t31) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L21:
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				_t48 =  *((intOrPtr*)(_t53 + 0x6c));
                                                                                                                                                                                                                                                        				if(_t48 != 0) {
                                                                                                                                                                                                                                                        					E00BD8480(_t48);
                                                                                                                                                                                                                                                        					_push(_t48);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t60 = _t60 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t19 =  *((intOrPtr*)(_t53 + 0x70));
                                                                                                                                                                                                                                                        				if(_t19 != 0) {
                                                                                                                                                                                                                                                        					_push(_t19);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t60 = _t60 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t20 =  *(_t53 + 0x88);
                                                                                                                                                                                                                                                        				if(_t20 != 0) {
                                                                                                                                                                                                                                                        					LocalFree(_t20);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t22 = _t53 + 4;
                                                                                                                                                                                                                                                        				DeleteCriticalSection(_t53 + 4);
                                                                                                                                                                                                                                                        				_t35 =  *((intOrPtr*)(_t53 + 0xa8));
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t53 + 0xa8)) != 0) {
                                                                                                                                                                                                                                                        					_t22 = E00BCC4A0(_t35);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t23 = E00BCF1B0(_t22, _t53 + 0x98);
                                                                                                                                                                                                                                                        				_t37 =  *((intOrPtr*)(_t53 + 0x90));
                                                                                                                                                                                                                                                        				_t67 = _t37;
                                                                                                                                                                                                                                                        				if(_t37 != 0) {
                                                                                                                                                                                                                                                        					_t23 =  *((intOrPtr*)( *_t37 + 8))(1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC51B0(_t23, _t53 + 0x8c);
                                                                                                                                                                                                                                                        				E00BC7510(E00BD2990(_t53 + 0x80, _t67), _t31, _t53 + 0x74, _t45, _t48);
                                                                                                                                                                                                                                                        				_t41 = _t53 + 0x1c;
                                                                                                                                                                                                                                                        				_pop(_t55);
                                                                                                                                                                                                                                                        				_pop(_t49);
                                                                                                                                                                                                                                                        				_pop(_t58);
                                                                                                                                                                                                                                                        				_t56 = _t41;
                                                                                                                                                                                                                                                        				_t42 =  *_t41;
                                                                                                                                                                                                                                                        				_t27 =  *_t42;
                                                                                                                                                                                                                                                        				 *_t42 = _t42;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t56 + 4)) =  *_t56;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t56 + 4)) = 0;
                                                                                                                                                                                                                                                        				if(_t27 !=  *_t56) {
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t50 =  *_t27;
                                                                                                                                                                                                                                                        						_push(0xc);
                                                                                                                                                                                                                                                        						_push(_t27);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t60 = _t60 + 8;
                                                                                                                                                                                                                                                        						__eflags = _t50 -  *_t56;
                                                                                                                                                                                                                                                        						_t27 = _t50;
                                                                                                                                                                                                                                                        						if(_t50 ==  *_t56) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t50 = _t27;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L18:
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				_push(_t50);
                                                                                                                                                                                                                                                        				L00BEF6C6();
                                                                                                                                                                                                                                                        				return _t27;
                                                                                                                                                                                                                                                        				goto L21;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00be4920
                                                                                                                                                                                                                                                        0x00be4926
                                                                                                                                                                                                                                                        0x00be492c
                                                                                                                                                                                                                                                        0x00be492e
                                                                                                                                                                                                                                                        0x00be4931
                                                                                                                                                                                                                                                        0x00be4935
                                                                                                                                                                                                                                                        0x00be49e2
                                                                                                                                                                                                                                                        0x00be49e2
                                                                                                                                                                                                                                                        0x00be49e5
                                                                                                                                                                                                                                                        0x00be49e7
                                                                                                                                                                                                                                                        0x00be49eb
                                                                                                                                                                                                                                                        0x00be49f0
                                                                                                                                                                                                                                                        0x00be49f1
                                                                                                                                                                                                                                                        0x00be49f6
                                                                                                                                                                                                                                                        0x00be49f9
                                                                                                                                                                                                                                                        0x00be49f9
                                                                                                                                                                                                                                                        0x00be49fc
                                                                                                                                                                                                                                                        0x00be49fe
                                                                                                                                                                                                                                                        0x00be4a00
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a06
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a06
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a00
                                                                                                                                                                                                                                                        0x00be49e2
                                                                                                                                                                                                                                                        0x00be493b
                                                                                                                                                                                                                                                        0x00be493b
                                                                                                                                                                                                                                                        0x00be4940
                                                                                                                                                                                                                                                        0x00be49b1
                                                                                                                                                                                                                                                        0x00be49b6
                                                                                                                                                                                                                                                        0x00be49b7
                                                                                                                                                                                                                                                        0x00be49bc
                                                                                                                                                                                                                                                        0x00be49bc
                                                                                                                                                                                                                                                        0x00be4942
                                                                                                                                                                                                                                                        0x00be4947
                                                                                                                                                                                                                                                        0x00be49c1
                                                                                                                                                                                                                                                        0x00be49c2
                                                                                                                                                                                                                                                        0x00be49c7
                                                                                                                                                                                                                                                        0x00be49c7
                                                                                                                                                                                                                                                        0x00be4949
                                                                                                                                                                                                                                                        0x00be4951
                                                                                                                                                                                                                                                        0x00be49d0
                                                                                                                                                                                                                                                        0x00be49d0
                                                                                                                                                                                                                                                        0x00be4953
                                                                                                                                                                                                                                                        0x00be4957
                                                                                                                                                                                                                                                        0x00be495d
                                                                                                                                                                                                                                                        0x00be4965
                                                                                                                                                                                                                                                        0x00be49db
                                                                                                                                                                                                                                                        0x00be49db
                                                                                                                                                                                                                                                        0x00be496d
                                                                                                                                                                                                                                                        0x00be4972
                                                                                                                                                                                                                                                        0x00be4978
                                                                                                                                                                                                                                                        0x00be497a
                                                                                                                                                                                                                                                        0x00be4980
                                                                                                                                                                                                                                                        0x00be4980
                                                                                                                                                                                                                                                        0x00be4989
                                                                                                                                                                                                                                                        0x00be499c
                                                                                                                                                                                                                                                        0x00be49a4
                                                                                                                                                                                                                                                        0x00be49a6
                                                                                                                                                                                                                                                        0x00be49a7
                                                                                                                                                                                                                                                        0x00be49a9
                                                                                                                                                                                                                                                        0x00be4a15
                                                                                                                                                                                                                                                        0x00be4a17
                                                                                                                                                                                                                                                        0x00be4a19
                                                                                                                                                                                                                                                        0x00be4a1b
                                                                                                                                                                                                                                                        0x00be4a1f
                                                                                                                                                                                                                                                        0x00be4a22
                                                                                                                                                                                                                                                        0x00be4a2b
                                                                                                                                                                                                                                                        0x00be4a3e
                                                                                                                                                                                                                                                        0x00be4a3e
                                                                                                                                                                                                                                                        0x00be4a40
                                                                                                                                                                                                                                                        0x00be4a42
                                                                                                                                                                                                                                                        0x00be4a43
                                                                                                                                                                                                                                                        0x00be4a48
                                                                                                                                                                                                                                                        0x00be4a4b
                                                                                                                                                                                                                                                        0x00be4a4d
                                                                                                                                                                                                                                                        0x00be4a4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be4a51
                                                                                                                                                                                                                                                        0x00be4a2d
                                                                                                                                                                                                                                                        0x00be4a2d
                                                                                                                                                                                                                                                        0x00be4a2d
                                                                                                                                                                                                                                                        0x00be4a2f
                                                                                                                                                                                                                                                        0x00be4a2f
                                                                                                                                                                                                                                                        0x00be4a31
                                                                                                                                                                                                                                                        0x00be4a32
                                                                                                                                                                                                                                                        0x00be4a3d
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • DeleteCriticalSection.KERNEL32(?,?,00BCCFC5), ref: 00BE4957
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?,?,?,?,00BE4A8E,?,?,00BCF089,00000000,?,?,00BCCFC5), ref: 00BE49B7
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,00BCCFC5), ref: 00BE49C2
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?,?,00BCCFC5), ref: 00BE49D0
                                                                                                                                                                                                                                                          • Part of subcall function 00BCC4A0: ??3@YAXPAX@Z.MOZGLUE ref: 00BCC4D0
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,?,00BE4A8E,?,?,00BCF089,00000000,?,?,00BCCFC5), ref: 00BE49F1
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00BCCFC5,0000000C,?,?,?,?,00BCCFC5), ref: 00BE4A32
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$CriticalDeleteFreeLocalSection
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2906964862-0
                                                                                                                                                                                                                                                        • Opcode ID: 0ca1a34c517ee117abd70c2a4f2fe3261712e672c3c89eddcaf9867c53625f46
                                                                                                                                                                                                                                                        • Instruction ID: cd053da15958decf93609e31dab00fb9b12ed27fc59743806668203fb81a3b3b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0ca1a34c517ee117abd70c2a4f2fe3261712e672c3c89eddcaf9867c53625f46
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F731C07A2042409FC624AF26D885F3B73E9EF91714B6444EDE58AA7312EB31AC05D791
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BC04D0(void* __ecx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t46;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 = _a4;
                                                                                                                                                                                                                                                        				if(_t44 != 0) {
                                                                                                                                                                                                                                                        					_t35 = __ecx + 4;
                                                                                                                                                                                                                                                        					_push(_t35);
                                                                                                                                                                                                                                                        					L00BEF708();
                                                                                                                                                                                                                                                        					_t21 =  *(__ecx + 8);
                                                                                                                                                                                                                                                        					 *(__ecx + 8) = 0;
                                                                                                                                                                                                                                                        					_push(_t35);
                                                                                                                                                                                                                                                        					_t36 = _t21;
                                                                                                                                                                                                                                                        					L00BEF756();
                                                                                                                                                                                                                                                        					if(_t36 != 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t44 + 0x10))(_t36);
                                                                                                                                                                                                                                                        						_t24 =  *(_t36 + 4);
                                                                                                                                                                                                                                                        						_t45 =  *_t36;
                                                                                                                                                                                                                                                        						if(_t24 <= 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							if(_t45 != 0x38) {
                                                                                                                                                                                                                                                        								RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t45);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							return RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t36);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t43 = _t45 + _t24 * 0x38;
                                                                                                                                                                                                                                                        						_t46 = _t45 + 0x14;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t31 =  *(_t46 + 0x14);
                                                                                                                                                                                                                                                        							if(_t31 != 4) {
                                                                                                                                                                                                                                                        								RtlFreeHeap( *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18), 0, _t31);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if( *(_t46 + 0xc) != 0) {
                                                                                                                                                                                                                                                        								RtlFreeUnicodeString(_t46 + 8);
                                                                                                                                                                                                                                                        								 *(_t46 + 0xc) = 0;
                                                                                                                                                                                                                                                        								 *(_t46 + 8) = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if( *(_t46 + 4) != 0) {
                                                                                                                                                                                                                                                        								RtlFreeUnicodeString(_t46);
                                                                                                                                                                                                                                                        								 *(_t46 + 4) = 0;
                                                                                                                                                                                                                                                        								 *_t46 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t54 = _t46 + 0x24 - _t43;
                                                                                                                                                                                                                                                        							_t46 = _t46 + 0x38;
                                                                                                                                                                                                                                                        						} while (_t54 < 0);
                                                                                                                                                                                                                                                        						_t45 =  *_t36;
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t21;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bc04d6
                                                                                                                                                                                                                                                        0x00bc04db
                                                                                                                                                                                                                                                        0x00bc04e1
                                                                                                                                                                                                                                                        0x00bc04e6
                                                                                                                                                                                                                                                        0x00bc04e7
                                                                                                                                                                                                                                                        0x00bc04ec
                                                                                                                                                                                                                                                        0x00bc04ef
                                                                                                                                                                                                                                                        0x00bc04f6
                                                                                                                                                                                                                                                        0x00bc04f7
                                                                                                                                                                                                                                                        0x00bc04f9
                                                                                                                                                                                                                                                        0x00bc0500
                                                                                                                                                                                                                                                        0x00bc050b
                                                                                                                                                                                                                                                        0x00bc050e
                                                                                                                                                                                                                                                        0x00bc0511
                                                                                                                                                                                                                                                        0x00bc0515
                                                                                                                                                                                                                                                        0x00bc0593
                                                                                                                                                                                                                                                        0x00bc0596
                                                                                                                                                                                                                                                        0x00bc05a7
                                                                                                                                                                                                                                                        0x00bc05a7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc05bb
                                                                                                                                                                                                                                                        0x00bc051a
                                                                                                                                                                                                                                                        0x00bc051c
                                                                                                                                                                                                                                                        0x00bc053c
                                                                                                                                                                                                                                                        0x00bc053c
                                                                                                                                                                                                                                                        0x00bc0542
                                                                                                                                                                                                                                                        0x00bc0554
                                                                                                                                                                                                                                                        0x00bc0554
                                                                                                                                                                                                                                                        0x00bc055d
                                                                                                                                                                                                                                                        0x00bc0563
                                                                                                                                                                                                                                                        0x00bc0568
                                                                                                                                                                                                                                                        0x00bc056f
                                                                                                                                                                                                                                                        0x00bc056f
                                                                                                                                                                                                                                                        0x00bc057a
                                                                                                                                                                                                                                                        0x00bc057d
                                                                                                                                                                                                                                                        0x00bc0582
                                                                                                                                                                                                                                                        0x00bc0589
                                                                                                                                                                                                                                                        0x00bc0589
                                                                                                                                                                                                                                                        0x00bc0536
                                                                                                                                                                                                                                                        0x00bc0538
                                                                                                                                                                                                                                                        0x00bc0538
                                                                                                                                                                                                                                                        0x00bc0591
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc0591
                                                                                                                                                                                                                                                        0x00bc0500
                                                                                                                                                                                                                                                        0x00bc05c4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlAcquireSRWLockExclusive.NTDLL(?), ref: 00BC04E7
                                                                                                                                                                                                                                                        • RtlReleaseSRWLockExclusive.NTDLL ref: 00BC04F9
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,?), ref: 00BC0554
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(00000000), ref: 00BC0563
                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?), ref: 00BC057D
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,?), ref: 00BC05A7
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000,?), ref: 00BC05BB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Free$Heap$ExclusiveLockStringUnicode$AcquireRelease
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1699237932-0
                                                                                                                                                                                                                                                        • Opcode ID: 265b35d8e6bda7ee8d5c3aacc7550c17df9e173ac5edb2d5134c92326827c5a9
                                                                                                                                                                                                                                                        • Instruction ID: c1984095fa38b76b689ca7682918fd61d51f00329418a8bd005f8aad6befcbf2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 265b35d8e6bda7ee8d5c3aacc7550c17df9e173ac5edb2d5134c92326827c5a9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6121AC72610651DFD720AF1AC8C4F66B7E8EF24710F1584ADE8469B661D774EC41CF90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BC8BE0(void* __edx, void* __eflags, intOrPtr* _a4, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				void* _v124;
                                                                                                                                                                                                                                                        				char _v196;
                                                                                                                                                                                                                                                        				intOrPtr _v200;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				intOrPtr* _t25;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				intOrPtr* _t36;
                                                                                                                                                                                                                                                        				void* _t48;
                                                                                                                                                                                                                                                        				intOrPtr* _t50;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				signed int _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				intOrPtr* _t62;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t64 = __eflags;
                                                                                                                                                                                                                                                        				_t48 = __edx;
                                                                                                                                                                                                                                                        				_t57 = (_t55 & 0xfffffff8) - 0xa0;
                                                                                                                                                                                                                                                        				_t18 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t36 = _a4;
                                                                                                                                                                                                                                                        				_t52 = _t57;
                                                                                                                                                                                                                                                        				_v24 = _t18 ^ _t54;
                                                                                                                                                                                                                                                        				E00BBC880(_t57, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t64, E00BBC940(_t64, _t57, _a12), " (");
                                                                                                                                                                                                                                                        				_t50 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z;
                                                                                                                                                                                                                                                        				 *_t50( *_t36,  *((intOrPtr*)(_t36 + 4)));
                                                                                                                                                                                                                                                        				E00BBC940(_t64, _t57, " vs. ");
                                                                                                                                                                                                                                                        				_t25 = _a8;
                                                                                                                                                                                                                                                        				 *_t50( *_t25,  *((intOrPtr*)(_t25 + 4)));
                                                                                                                                                                                                                                                        				_t27 = E00BBC940(_t64, _t52, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t62 = _t57 + 0x24;
                                                                                                                                                                                                                                                        				_t53 = _t27;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v196, _t27);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t62 +  *((intOrPtr*)( *_t62 + 4)))) = 0xbf0324;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t62 +  *((intOrPtr*)( *_t62 + 4)) - 4)) =  *((intOrPtr*)( *_t62 + 4)) - 0x50;
                                                                                                                                                                                                                                                        				_v200 = 0xbf0330;
                                                                                                                                                                                                                                                        				_t33 = E00BBD690( &_v196, _t53, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_t33, _v52 ^ _t54, _t48);
                                                                                                                                                                                                                                                        				return _t53;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00bc8be0
                                                                                                                                                                                                                                                        0x00bc8be0
                                                                                                                                                                                                                                                        0x00bc8be9
                                                                                                                                                                                                                                                        0x00bc8bef
                                                                                                                                                                                                                                                        0x00bc8bf4
                                                                                                                                                                                                                                                        0x00bc8bfa
                                                                                                                                                                                                                                                        0x00bc8c00
                                                                                                                                                                                                                                                        0x00bc8c0b
                                                                                                                                                                                                                                                        0x00bc8c20
                                                                                                                                                                                                                                                        0x00bc8c28
                                                                                                                                                                                                                                                        0x00bc8c35
                                                                                                                                                                                                                                                        0x00bc8c3d
                                                                                                                                                                                                                                                        0x00bc8c45
                                                                                                                                                                                                                                                        0x00bc8c4f
                                                                                                                                                                                                                                                        0x00bc8c57
                                                                                                                                                                                                                                                        0x00bc8c61
                                                                                                                                                                                                                                                        0x00bc8c66
                                                                                                                                                                                                                                                        0x00bc8c6d
                                                                                                                                                                                                                                                        0x00bc8c72
                                                                                                                                                                                                                                                        0x00bc8c81
                                                                                                                                                                                                                                                        0x00bc8c91
                                                                                                                                                                                                                                                        0x00bc8c97
                                                                                                                                                                                                                                                        0x00bc8c9f
                                                                                                                                                                                                                                                        0x00bc8ca6
                                                                                                                                                                                                                                                        0x00bc8cae
                                                                                                                                                                                                                                                        0x00bc8cbd
                                                                                                                                                                                                                                                        0x00bc8ccb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z.MSVCP140(FFFFFFFF,?,?,?,00000002,00000001), ref: 00BC8C35
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z.MSVCP140(7FFFFFFF,?,?,?,?,?,00000002,00000001), ref: 00BC8C4F
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BC8C61
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BC8CA6
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BC8CAE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@_$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs.
                                                                                                                                                                                                                                                        • API String ID: 759890191-795465908
                                                                                                                                                                                                                                                        • Opcode ID: f5a60a1395614e144680e7b420a283ca62a00d7f5345e52953ba6201e67f841a
                                                                                                                                                                                                                                                        • Instruction ID: 6af0c54151590111a1d05062e610c09894da884ff401eabcfbe1b46898a2a2cf
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f5a60a1395614e144680e7b420a283ca62a00d7f5345e52953ba6201e67f841a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FE21B675700204ABCB10FF28EC46DBEBBE5EF85710F044468FD4947392DA71A918C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BC4A90(void* __edx, void* __eflags, intOrPtr* _a4, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				char _v188;
                                                                                                                                                                                                                                                        				intOrPtr _v192;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t48;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __eflags;
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				_t55 = (_t53 & 0xfffffff8) - 0xa0;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t50 = _t55;
                                                                                                                                                                                                                                                        				_v24 = _t16 ^ _t52;
                                                                                                                                                                                                                                                        				E00BBC880(_t55, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, E00BBC940(_t62, _t55, _a12), " (");
                                                                                                                                                                                                                                                        				_t48 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z;
                                                                                                                                                                                                                                                        				 *_t48( *_a4);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, _t55, " vs. ");
                                                                                                                                                                                                                                                        				 *_t48( *_a8);
                                                                                                                                                                                                                                                        				_t25 = E00BBC940(_t62, _t50, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t60 = _t55 + 0x24;
                                                                                                                                                                                                                                                        				_t51 = _t25;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v188, _t25);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)))) = 0xbf0324;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)) - 4)) =  *((intOrPtr*)( *_t60 + 4)) - 0x50;
                                                                                                                                                                                                                                                        				_v192 = 0xbf0330;
                                                                                                                                                                                                                                                        				_t31 = E00BBD690( &_v188, _t51, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_t31, _v44 ^ _t52, _t46);
                                                                                                                                                                                                                                                        				return _t51;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bc4a90
                                                                                                                                                                                                                                                        0x00bc4a90
                                                                                                                                                                                                                                                        0x00bc4a99
                                                                                                                                                                                                                                                        0x00bc4a9f
                                                                                                                                                                                                                                                        0x00bc4aaa
                                                                                                                                                                                                                                                        0x00bc4ab0
                                                                                                                                                                                                                                                        0x00bc4abb
                                                                                                                                                                                                                                                        0x00bc4ad0
                                                                                                                                                                                                                                                        0x00bc4ad8
                                                                                                                                                                                                                                                        0x00bc4ae2
                                                                                                                                                                                                                                                        0x00bc4aea
                                                                                                                                                                                                                                                        0x00bc4af9
                                                                                                                                                                                                                                                        0x00bc4b01
                                                                                                                                                                                                                                                        0x00bc4b0b
                                                                                                                                                                                                                                                        0x00bc4b10
                                                                                                                                                                                                                                                        0x00bc4b17
                                                                                                                                                                                                                                                        0x00bc4b1c
                                                                                                                                                                                                                                                        0x00bc4b2b
                                                                                                                                                                                                                                                        0x00bc4b3b
                                                                                                                                                                                                                                                        0x00bc4b41
                                                                                                                                                                                                                                                        0x00bc4b49
                                                                                                                                                                                                                                                        0x00bc4b50
                                                                                                                                                                                                                                                        0x00bc4b58
                                                                                                                                                                                                                                                        0x00bc4b67
                                                                                                                                                                                                                                                        0x00bc4b75

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z.MSVCP140(?,?,?,00000002,00000001), ref: 00BC4AE2
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BC4AF9
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BC4B0B
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BC4B50
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BC4B58
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs.
                                                                                                                                                                                                                                                        • API String ID: 4214169141-795465908
                                                                                                                                                                                                                                                        • Opcode ID: 113fc12c45aacdfb35c2ed640a6ced32ae7a8c4644e8e6fead1c21170783fea6
                                                                                                                                                                                                                                                        • Instruction ID: df8dae6274bd07ba9721a59aa473621a4a15a5cfb0a449fdcdb9be4a720e6745
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 113fc12c45aacdfb35c2ed640a6ced32ae7a8c4644e8e6fead1c21170783fea6
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4A219275700244ABD720FB28EC46DBEBBE5EF85710F004468F84997392DE71A908C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 61%
                                                                                                                                                                                                                                                        			E00BC2290(void* __edx, void* __eflags, intOrPtr* _a4, intOrPtr* _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				void* _v116;
                                                                                                                                                                                                                                                        				char _v188;
                                                                                                                                                                                                                                                        				intOrPtr _v192;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t48;
                                                                                                                                                                                                                                                        				void* _t51;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				void* _t62;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t62 = __eflags;
                                                                                                                                                                                                                                                        				_t46 = __edx;
                                                                                                                                                                                                                                                        				_t55 = (_t53 & 0xfffffff8) - 0xa0;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t50 = _t55;
                                                                                                                                                                                                                                                        				_v24 = _t16 ^ _t52;
                                                                                                                                                                                                                                                        				E00BBC880(_t55, 2, 1);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, E00BBC940(_t62, _t55, _a12), " (");
                                                                                                                                                                                                                                                        				_t48 = __imp__??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z;
                                                                                                                                                                                                                                                        				 *_t48( *_a4);
                                                                                                                                                                                                                                                        				E00BBC940(_t62, _t55, " vs. ");
                                                                                                                                                                                                                                                        				 *_t48( *_a8);
                                                                                                                                                                                                                                                        				_t25 = E00BBC940(_t62, _t50, 0xbf3ee8);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t60 = _t55 + 0x24;
                                                                                                                                                                                                                                                        				_t51 = _t25;
                                                                                                                                                                                                                                                        				E00BBD7F0( &_v188, _t25);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)))) = 0xbf0324;
                                                                                                                                                                                                                                                        				_t10 =  *((intOrPtr*)( *_t60 + 4)) - 0x50; // -80
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t60 +  *((intOrPtr*)( *_t60 + 4)) - 4)) = _t10;
                                                                                                                                                                                                                                                        				_v192 = 0xbf0330;
                                                                                                                                                                                                                                                        				_t31 = E00BBD690( &_v188, _t51, 0x18);
                                                                                                                                                                                                                                                        				__imp__??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				__imp__??1ios_base@std@@UAE@XZ();
                                                                                                                                                                                                                                                        				E00BEECB0(_t31, _v44 ^ _t52, _t46);
                                                                                                                                                                                                                                                        				return _t51;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bc2290
                                                                                                                                                                                                                                                        0x00bc2290
                                                                                                                                                                                                                                                        0x00bc2299
                                                                                                                                                                                                                                                        0x00bc229f
                                                                                                                                                                                                                                                        0x00bc22aa
                                                                                                                                                                                                                                                        0x00bc22b0
                                                                                                                                                                                                                                                        0x00bc22bb
                                                                                                                                                                                                                                                        0x00bc22d0
                                                                                                                                                                                                                                                        0x00bc22d8
                                                                                                                                                                                                                                                        0x00bc22e2
                                                                                                                                                                                                                                                        0x00bc22ea
                                                                                                                                                                                                                                                        0x00bc22f9
                                                                                                                                                                                                                                                        0x00bc2301
                                                                                                                                                                                                                                                        0x00bc230b
                                                                                                                                                                                                                                                        0x00bc2310
                                                                                                                                                                                                                                                        0x00bc2317
                                                                                                                                                                                                                                                        0x00bc231c
                                                                                                                                                                                                                                                        0x00bc232b
                                                                                                                                                                                                                                                        0x00bc2338
                                                                                                                                                                                                                                                        0x00bc233b
                                                                                                                                                                                                                                                        0x00bc2341
                                                                                                                                                                                                                                                        0x00bc2349
                                                                                                                                                                                                                                                        0x00bc2350
                                                                                                                                                                                                                                                        0x00bc2358
                                                                                                                                                                                                                                                        0x00bc2367
                                                                                                                                                                                                                                                        0x00bc2375

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0ios_base@std@@IAE@XZ.MSVCP140(?,00000000,00000000), ref: 00BBC89A
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z.MSVCP140(?,00000000,?,00000000,00000000), ref: 00BBC8E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC880: ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ.MSVCP140 ref: 00BBC904
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(FFFFFFFF,?,?,00000002,00000001), ref: 00BC22E2
                                                                                                                                                                                                                                                        • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BC22F9
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BC230B
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD690: free.MOZGLUE(00000000,00000000,?,00BCA1D9), ref: 00BBD6BB
                                                                                                                                                                                                                                                        • ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BC2350
                                                                                                                                                                                                                                                        • ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BC2358
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: U?$char_traits@$D@std@@@std@@$??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??0?$basic_streambuf@??0ios_base@std@@??1?$basic_streambuf@??1ios_base@std@@??2@?clear@?$basic_ios@?init@?$basic_ios@D@std@@@2@_Osfx@?$basic_ostream@V?$basic_streambuf@freestrlen
                                                                                                                                                                                                                                                        • String ID: vs.
                                                                                                                                                                                                                                                        • API String ID: 4214169141-795465908
                                                                                                                                                                                                                                                        • Opcode ID: 3788ea9c73d499a40e06079d539f2ce10a5f0b636d2389c941a27ce011778a7b
                                                                                                                                                                                                                                                        • Instruction ID: f7b901912750b57afe633320434b5151624141c5f2b9f34581ed39488df43114
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3788ea9c73d499a40e06079d539f2ce10a5f0b636d2389c941a27ce011778a7b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 46219275700244ABD720FB28EC46DBEBBE5EF85710F004468FC4997392DEB1A908C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 91%
                                                                                                                                                                                                                                                        			E00BE1950(void* __ecx, void* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				long _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t27 = __edx;
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t13 = _t12 ^ _t32;
                                                                                                                                                                                                                                                        				_v20 = _t13;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t28 = 0x3f0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t29 = __ecx;
                                                                                                                                                                                                                                                        					_v92 = 0x4c;
                                                                                                                                                                                                                                                        					_push(0x4c);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t34 = _t33 + 4;
                                                                                                                                                                                                                                                        					_t31 = _t13;
                                                                                                                                                                                                                                                        					if(GetTokenInformation( *(__ecx + 0x30), 1, _t31, 0x4c,  &_v92) == 0) {
                                                                                                                                                                                                                                                        						_t28 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t20 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t20,  *_t31);
                                                                                                                                                                                                                                                        						_t25 =  *(_t29 + 0x1c);
                                                                                                                                                                                                                                                        						_t19 =  *((intOrPtr*)(_t29 + 0x20));
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t29 + 0x20)) == _t25) {
                                                                                                                                                                                                                                                        							_t13 = E00BCCB00(_t29 + 0x18, _t19, _t20);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t13 = memcpy(_t25, _t20, 0x44);
                                                                                                                                                                                                                                                        							_t34 = _t34 + 0xc;
                                                                                                                                                                                                                                                        							 *(_t29 + 0x1c) =  *(_t29 + 0x1c) + 0x44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t28 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t31);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t13, _v20 ^ _t32, _t27);
                                                                                                                                                                                                                                                        				return _t28;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00be1950
                                                                                                                                                                                                                                                        0x00be1959
                                                                                                                                                                                                                                                        0x00be195e
                                                                                                                                                                                                                                                        0x00be1960
                                                                                                                                                                                                                                                        0x00be1967
                                                                                                                                                                                                                                                        0x00be19d9
                                                                                                                                                                                                                                                        0x00be1969
                                                                                                                                                                                                                                                        0x00be1969
                                                                                                                                                                                                                                                        0x00be196b
                                                                                                                                                                                                                                                        0x00be1972
                                                                                                                                                                                                                                                        0x00be1974
                                                                                                                                                                                                                                                        0x00be1979
                                                                                                                                                                                                                                                        0x00be197c
                                                                                                                                                                                                                                                        0x00be1992
                                                                                                                                                                                                                                                        0x00be19e6
                                                                                                                                                                                                                                                        0x00be1994
                                                                                                                                                                                                                                                        0x00be1994
                                                                                                                                                                                                                                                        0x00be199b
                                                                                                                                                                                                                                                        0x00be19a0
                                                                                                                                                                                                                                                        0x00be19a3
                                                                                                                                                                                                                                                        0x00be19a8
                                                                                                                                                                                                                                                        0x00be19f1
                                                                                                                                                                                                                                                        0x00be19aa
                                                                                                                                                                                                                                                        0x00be19ae
                                                                                                                                                                                                                                                        0x00be19b3
                                                                                                                                                                                                                                                        0x00be19b6
                                                                                                                                                                                                                                                        0x00be19b6
                                                                                                                                                                                                                                                        0x00be19ba
                                                                                                                                                                                                                                                        0x00be19ba
                                                                                                                                                                                                                                                        0x00be19bc
                                                                                                                                                                                                                                                        0x00be19bd
                                                                                                                                                                                                                                                        0x00be19c2
                                                                                                                                                                                                                                                        0x00be19ca
                                                                                                                                                                                                                                                        0x00be19d8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000004C,?,?,?,?,?,?,?,?,?,?,?,?,?,?,000000A0), ref: 00BE1974
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000001(TokenIntegrityLevel),00000000,0000004C,?), ref: 00BE198A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00000044,00000000), ref: 00BE19AE
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BE19BD
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE19E0
                                                                                                                                                                                                                                                          • Part of subcall function 00BE7140: CopySid.ADVAPI32(00000044,?,00BCBFFF,00000000,?,00BCBFFF,?), ref: 00BE71C3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@CopyErrorInformationLastTokenmemcpy
                                                                                                                                                                                                                                                        • String ID: L
                                                                                                                                                                                                                                                        • API String ID: 1725515051-2909332022
                                                                                                                                                                                                                                                        • Opcode ID: 12bf227d76da8a9978fc9a32360cfa2b76abbd539c8b228bace3cf17a96b6ff1
                                                                                                                                                                                                                                                        • Instruction ID: d1da06709ebf5c09761159556978e0d9160e0bfbe2e65f4fb9dad3b1c22301c3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 12bf227d76da8a9978fc9a32360cfa2b76abbd539c8b228bace3cf17a96b6ff1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 491104F1A00284ABE710AB66DC9AE6E7BE9FF40340F240469F50A8B292DF359C05C695
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BE1CA0(void* __ecx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t12;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				long _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				void* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t12 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t13 = _t12 ^ _t30;
                                                                                                                                                                                                                                                        				_v20 = _t13;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t27 = 0x3f0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t28 = __ecx;
                                                                                                                                                                                                                                                        					_v92 = 0x4c;
                                                                                                                                                                                                                                                        					_push(0x4c);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t32 = _t31 + 4;
                                                                                                                                                                                                                                                        					_t29 = _t13;
                                                                                                                                                                                                                                                        					if(GetTokenInformation( *(__ecx + 0x30), 1, _t29, 0x4c,  &_v92) == 0) {
                                                                                                                                                                                                                                                        						_t27 = GetLastError();
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t20 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE7140(_t20,  *_t29);
                                                                                                                                                                                                                                                        						_t19 =  *(_t28 + 4);
                                                                                                                                                                                                                                                        						_t26 =  *((intOrPtr*)(_t28 + 8));
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t28 + 8)) == _t19) {
                                                                                                                                                                                                                                                        							_t13 = E00BCCB00(_t28, _t26, _t20);
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t13 = memcpy(_t19, _t20, 0x44);
                                                                                                                                                                                                                                                        							_t32 = _t32 + 0xc;
                                                                                                                                                                                                                                                        							 *(_t28 + 4) =  *(_t28 + 4) + 0x44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t27 = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_push(_t29);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t13, _v20 ^ _t30, _t26);
                                                                                                                                                                                                                                                        				return _t27;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00be1ca9
                                                                                                                                                                                                                                                        0x00be1cae
                                                                                                                                                                                                                                                        0x00be1cb0
                                                                                                                                                                                                                                                        0x00be1cb7
                                                                                                                                                                                                                                                        0x00be1d29
                                                                                                                                                                                                                                                        0x00be1cb9
                                                                                                                                                                                                                                                        0x00be1cb9
                                                                                                                                                                                                                                                        0x00be1cbb
                                                                                                                                                                                                                                                        0x00be1cc2
                                                                                                                                                                                                                                                        0x00be1cc4
                                                                                                                                                                                                                                                        0x00be1cc9
                                                                                                                                                                                                                                                        0x00be1ccc
                                                                                                                                                                                                                                                        0x00be1ce2
                                                                                                                                                                                                                                                        0x00be1d36
                                                                                                                                                                                                                                                        0x00be1ce4
                                                                                                                                                                                                                                                        0x00be1ce4
                                                                                                                                                                                                                                                        0x00be1ceb
                                                                                                                                                                                                                                                        0x00be1cf0
                                                                                                                                                                                                                                                        0x00be1cf3
                                                                                                                                                                                                                                                        0x00be1cf8
                                                                                                                                                                                                                                                        0x00be1d3e
                                                                                                                                                                                                                                                        0x00be1cfa
                                                                                                                                                                                                                                                        0x00be1cfe
                                                                                                                                                                                                                                                        0x00be1d03
                                                                                                                                                                                                                                                        0x00be1d06
                                                                                                                                                                                                                                                        0x00be1d06
                                                                                                                                                                                                                                                        0x00be1d0a
                                                                                                                                                                                                                                                        0x00be1d0a
                                                                                                                                                                                                                                                        0x00be1d0c
                                                                                                                                                                                                                                                        0x00be1d0d
                                                                                                                                                                                                                                                        0x00be1d12
                                                                                                                                                                                                                                                        0x00be1d1a
                                                                                                                                                                                                                                                        0x00be1d28

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000004C), ref: 00BE1CC4
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000001(TokenIntegrityLevel),00000000,0000004C,?,?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 00BE1CDA
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00000044,00000000,?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 00BE1CFE
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,?,?,?,?,?,00000000,?,00000000,?,00BE2B03,00000000,00000012), ref: 00BE1D0D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00000000,?,00000000,?,00BE2B03,00000000,00000012,00000000), ref: 00BE1D30
                                                                                                                                                                                                                                                          • Part of subcall function 00BE7140: CopySid.ADVAPI32(00000044,?,00BCBFFF,00000000,?,00BCBFFF,?), ref: 00BE71C3
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@CopyErrorInformationLastTokenmemcpy
                                                                                                                                                                                                                                                        • String ID: L
                                                                                                                                                                                                                                                        • API String ID: 1725515051-2909332022
                                                                                                                                                                                                                                                        • Opcode ID: be4f82d8e2f967151e6f502a21f50f28d73ededefbecfdee84fcf357ea7c533f
                                                                                                                                                                                                                                                        • Instruction ID: 617f6d7b323eaed4782fe2786e8aa5ef0f65f482b5019779beb141ba20c36aa4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: be4f82d8e2f967151e6f502a21f50f28d73ededefbecfdee84fcf357ea7c533f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A011E7F1B00189ABE710AB66DC86EAF7BE9FF80344F2448B5F50A47280DF359C14C291
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 28%
                                                                                                                                                                                                                                                        			E00BB5B30(void* __eax) {
                                                                                                                                                                                                                                                        				intOrPtr* _t14;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				__imp__AttachConsole(0xffffffff);
                                                                                                                                                                                                                                                        				if(__eax != 0) {
                                                                                                                                                                                                                                                        					_t14 = __imp____acrt_iob_func;
                                                                                                                                                                                                                                                        					E00BB7720("CONOUT$", 0xbf218a,  *_t14(1), 0xfffffff5);
                                                                                                                                                                                                                                                        					E00BB7720("CONOUT$", 0xbf218a,  *_t14(2), 0xfffffff4);
                                                                                                                                                                                                                                                        					return E00BB7720("CONIN$", 0xbf2473,  *_t14(0), 0xfffffff6);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return __eax;
                                                                                                                                                                                                                                                        			}




                                                                                                                                                                                                                                                        0x00bb5b36
                                                                                                                                                                                                                                                        0x00bb5b3e
                                                                                                                                                                                                                                                        0x00bb5b43
                                                                                                                                                                                                                                                        0x00bb5b5d
                                                                                                                                                                                                                                                        0x00bb5b79
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb5b9a
                                                                                                                                                                                                                                                        0x00bb5b42

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • AttachConsole.KERNEL32(000000FF,?,?,00BB466E), ref: 00BB5B36
                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000001,?,00BB466E), ref: 00BB5B4B
                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,00BB466E), ref: 00BB5B67
                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,?,?,00BB466E), ref: 00BB5B83
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: __acrt_iob_func$AttachConsole
                                                                                                                                                                                                                                                        • String ID: CONIN$$CONOUT$
                                                                                                                                                                                                                                                        • API String ID: 2279943003-123850019
                                                                                                                                                                                                                                                        • Opcode ID: 7cc7f6d9b58291c24d58e950da89762d6d7176e390c72df7c0bf317c66b856e8
                                                                                                                                                                                                                                                        • Instruction ID: 6c3f23f6213264d07bbb7f50b71e65a1e27234c12020bbbdca9be11c1465ac22
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7cc7f6d9b58291c24d58e950da89762d6d7176e390c72df7c0bf317c66b856e8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 05F0B492E4811933CA2066696C46BB734C98B51776F2403B1FB3A2B6C1FC929A1881F3
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                                                                                                                        			E00BCB9F0(void* __ebx, signed int* __ecx, void* __edx, void* __edi, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				signed int _v96;
                                                                                                                                                                                                                                                        				signed int _v100;
                                                                                                                                                                                                                                                        				intOrPtr _v104;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				void* _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				signed int _t100;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				signed int* _t114;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t117;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        				signed int _t119;
                                                                                                                                                                                                                                                        				intOrPtr _t124;
                                                                                                                                                                                                                                                        				intOrPtr* _t127;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				intOrPtr _t140;
                                                                                                                                                                                                                                                        				signed int _t143;
                                                                                                                                                                                                                                                        				signed int _t146;
                                                                                                                                                                                                                                                        				signed int _t148;
                                                                                                                                                                                                                                                        				signed int _t151;
                                                                                                                                                                                                                                                        				void* _t154;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				signed int _t156;
                                                                                                                                                                                                                                                        				void* _t159;
                                                                                                                                                                                                                                                        				signed int _t160;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				intOrPtr* _t165;
                                                                                                                                                                                                                                                        				void* _t167;
                                                                                                                                                                                                                                                        				void* _t174;
                                                                                                                                                                                                                                                        				signed int _t177;
                                                                                                                                                                                                                                                        				void* _t178;
                                                                                                                                                                                                                                                        				void* _t179;
                                                                                                                                                                                                                                                        				void* _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				short _t189;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t153 = __edx;
                                                                                                                                                                                                                                                        				_t175 = _t177;
                                                                                                                                                                                                                                                        				_t178 = _t177 - 0x54;
                                                                                                                                                                                                                                                        				_t89 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t162 = __edx;
                                                                                                                                                                                                                                                        				_t165 = __ecx;
                                                                                                                                                                                                                                                        				_v20 = _t89 ^ _t177;
                                                                                                                                                                                                                                                        				 *__ecx = 0;
                                                                                                                                                                                                                                                        				__ecx[0xd] = 0xf;
                                                                                                                                                                                                                                                        				__ecx[0xc] = 0;
                                                                                                                                                                                                                                                        				__ecx[8] = 0;
                                                                                                                                                                                                                                                        				__ecx[0x13] = 0xf;
                                                                                                                                                                                                                                                        				__ecx[0x12] = 0;
                                                                                                                                                                                                                                                        				__ecx[0xe] = 0;
                                                                                                                                                                                                                                                        				_t91 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				_v96 = 0;
                                                                                                                                                                                                                                                        				__imp__IsWow64Process(_t91,  &_v96, _t164, __edi, __ebx, _t174);
                                                                                                                                                                                                                                                        				_t134 = 2;
                                                                                                                                                                                                                                                        				if(_t91 != 0) {
                                                                                                                                                                                                                                                        					_t134 = 0 | _v96 != 0x00000000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *(_t165 + 0x58) = _t134;
                                                                                                                                                                                                                                                        				 *(_t165 + 0x6c) = 0;
                                                                                                                                                                                                                                                        				_t15 = _t165 + 0x20; // 0x20
                                                                                                                                                                                                                                                        				_t127 = _t15;
                                                                                                                                                                                                                                                        				 *(_t165 + 0x70) = 0xf;
                                                                                                                                                                                                                                                        				 *((char*)(_t165 + 0x5c)) = 0;
                                                                                                                                                                                                                                                        				 *(_t165 + 4) =  *(_t162 + 4);
                                                                                                                                                                                                                                                        				 *(_t165 + 8) =  *(_t162 + 8);
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t165 + 0xc)) =  *((intOrPtr*)(_t162 + 0xc));
                                                                                                                                                                                                                                                        				_v24 = 7;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_v44 = 0;
                                                                                                                                                                                                                                                        				_t97 = E00BC7CE0( &_v68,  &_v44, 0);
                                                                                                                                                                                                                                                        				_t179 = _t178 + 0xc;
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [ebp-0x38]");
                                                                                                                                                                                                                                                        				_v96 = 0;
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ebp-0x40]");
                                                                                                                                                                                                                                                        				asm("movsd [ebp-0x50], xmm1");
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [ebp-0x30]");
                                                                                                                                                                                                                                                        				asm("movsd [ebp-0x58], xmm0");
                                                                                                                                                                                                                                                        				asm("movsd [ebp-0x48], xmm1");
                                                                                                                                                                                                                                                        				E00BBDF30(_t97,  &_v44, _t153);
                                                                                                                                                                                                                                                        				 *(_t165 + 0x10) = 0;
                                                                                                                                                                                                                                                        				_t99 =  *((intOrPtr*)(_t165 + 0x34));
                                                                                                                                                                                                                                                        				if(_t99 >= 0x10) {
                                                                                                                                                                                                                                                        					_t137 =  *_t127;
                                                                                                                                                                                                                                                        					_t154 = _t99 + 1;
                                                                                                                                                                                                                                                        					__eflags = _t154 - 0x1000;
                                                                                                                                                                                                                                                        					if(_t154 >= 0x1000) {
                                                                                                                                                                                                                                                        						_t155 =  *(_t137 - 4);
                                                                                                                                                                                                                                                        						_t139 = _t137 + 0xfffffffc - _t155;
                                                                                                                                                                                                                                                        						_v100 = _t155;
                                                                                                                                                                                                                                                        						__eflags = _t139 - 0x20;
                                                                                                                                                                                                                                                        						if(_t139 >= 0x20) {
                                                                                                                                                                                                                                                        							goto L41;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t137 = _v100;
                                                                                                                                                                                                                                                        							_t154 = _t99 + 0x24;
                                                                                                                                                                                                                                                        							goto L27;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L27:
                                                                                                                                                                                                                                                        						_push(_t154);
                                                                                                                                                                                                                                                        						_push(_t137);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t179 = _t179 + 8;
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t33 = _t165 + 0x38; // 0x38
                                                                                                                                                                                                                                                        					_v100 = _t33;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [eax+0x10]");
                                                                                                                                                                                                                                                        					asm("movsd [ebx+0x10], xmm0");
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [eax]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [eax+0x8]");
                                                                                                                                                                                                                                                        					asm("movsd [ebx+0x8], xmm1");
                                                                                                                                                                                                                                                        					asm("movsd [ebx], xmm0");
                                                                                                                                                                                                                                                        					_t160 =  *(_t165 + 8);
                                                                                                                                                                                                                                                        					_push( *((intOrPtr*)(_t165 + 0xc)));
                                                                                                                                                                                                                                                        					L42();
                                                                                                                                                                                                                                                        					_t180 = _t179 + 4;
                                                                                                                                                                                                                                                        					 *_t165 =  &_v92;
                                                                                                                                                                                                                                                        					 *(_t165 + 0x18) =  *(_t162 + 0x114) & 0x0000ffff;
                                                                                                                                                                                                                                                        					 *(_t165 + 0x1c) =  *(_t162 + 0x116) & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t113 = _t162 + 0x14;
                                                                                                                                                                                                                                                        					if( *((short*)(_t162 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        						__eflags = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t151 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t189 =  *((short*)(_t162 + 0x16 + _t151 * 2));
                                                                                                                                                                                                                                                        							_t151 = _t151 + 1;
                                                                                                                                                                                                                                                        						} while (_t189 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t114 =  &_v96;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t114, _t113, 0);
                                                                                                                                                                                                                                                        					_t181 = _t180 + 0xc;
                                                                                                                                                                                                                                                        					_t143 = _v100;
                                                                                                                                                                                                                                                        					if(_t114 == _t143) {
                                                                                                                                                                                                                                                        						_t116 = _v76;
                                                                                                                                                                                                                                                        						__eflags = _t116 - 0x10;
                                                                                                                                                                                                                                                        						if(_t116 < 0x10) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t146 = _v96;
                                                                                                                                                                                                                                                        							_t130 = _t116 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t130 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t130 >= 0x1000) {
                                                                                                                                                                                                                                                        								_t155 =  *(_t146 - 4);
                                                                                                                                                                                                                                                        								_t139 = _t146 + 0xfffffffc - _t155;
                                                                                                                                                                                                                                                        								__eflags = _t139 - 0x20;
                                                                                                                                                                                                                                                        								if(_t139 >= 0x20) {
                                                                                                                                                                                                                                                        									goto L41;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t146 = _t155;
                                                                                                                                                                                                                                                        									_t130 = _t116 + 0x24;
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L19:
                                                                                                                                                                                                                                                        								_push(_t130);
                                                                                                                                                                                                                                                        								_push(_t146);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t181 = _t181 + 8;
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t124 =  *((intOrPtr*)(_t165 + 0x4c));
                                                                                                                                                                                                                                                        						if(_t124 >= 0x10) {
                                                                                                                                                                                                                                                        							_t148 =  *_t143;
                                                                                                                                                                                                                                                        							_t131 = _t124 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t131 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t131 >= 0x1000) {
                                                                                                                                                                                                                                                        								_t155 =  *(_t148 - 4);
                                                                                                                                                                                                                                                        								_t139 = _t148 + 0xfffffffc - _t155;
                                                                                                                                                                                                                                                        								__eflags = _t139 - 0x20;
                                                                                                                                                                                                                                                        								if(_t139 >= 0x20) {
                                                                                                                                                                                                                                                        									L41:
                                                                                                                                                                                                                                                        									__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t165);
                                                                                                                                                                                                                                                        									__eflags = _t139 - 0xa;
                                                                                                                                                                                                                                                        									if(_t139 != 0xa) {
                                                                                                                                                                                                                                                        										_t100 = 0xf;
                                                                                                                                                                                                                                                        										__eflags = _t139 - 6;
                                                                                                                                                                                                                                                        										if(__eflags <= 0) {
                                                                                                                                                                                                                                                        											if(__eflags != 0) {
                                                                                                                                                                                                                                                        												__eflags = _t155 - 1;
                                                                                                                                                                                                                                                        												_t167 = 2 - (0 | _t155 == 0x00000001);
                                                                                                                                                                                                                                                        												__eflags = _t155;
                                                                                                                                                                                                                                                        												_t168 =  ==  ? _t155 : _t167;
                                                                                                                                                                                                                                                        												__eflags = _t139 - 5;
                                                                                                                                                                                                                                                        												_t104 =  ==  ?  ==  ? _t155 : _t167 : 0;
                                                                                                                                                                                                                                                        												return  ==  ?  ==  ? _t155 : _t167 : 0;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t100 = 6;
                                                                                                                                                                                                                                                        												__eflags = _t155 - 3;
                                                                                                                                                                                                                                                        												if(_t155 >= 3) {
                                                                                                                                                                                                                                                        													goto L50;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t156 = _t155 + 3;
                                                                                                                                                                                                                                                        													__eflags = _t156;
                                                                                                                                                                                                                                                        													return _t156;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											goto L50;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t140 = _v104;
                                                                                                                                                                                                                                                        										_t100 = 0xe;
                                                                                                                                                                                                                                                        										__eflags = _t140 - 0x47b9;
                                                                                                                                                                                                                                                        										if(_t140 > 0x47b9) {
                                                                                                                                                                                                                                                        											L50:
                                                                                                                                                                                                                                                        											return _t100;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t100 = 0xd;
                                                                                                                                                                                                                                                        											__eflags = _t140 - 0x4562;
                                                                                                                                                                                                                                                        											if(_t140 > 0x4562) {
                                                                                                                                                                                                                                                        												goto L50;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t100 = 0xc;
                                                                                                                                                                                                                                                        												__eflags = _t140 - 0x42ed;
                                                                                                                                                                                                                                                        												if(_t140 > 0x42ed) {
                                                                                                                                                                                                                                                        													goto L50;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t100 = 0xb;
                                                                                                                                                                                                                                                        													__eflags = _t140 - 0x3faa;
                                                                                                                                                                                                                                                        													if(_t140 > 0x3faa) {
                                                                                                                                                                                                                                                        														goto L50;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t100 = 0xa;
                                                                                                                                                                                                                                                        														__eflags = _t140 - 0x3ad6;
                                                                                                                                                                                                                                                        														if(_t140 > 0x3ad6) {
                                                                                                                                                                                                                                                        															goto L50;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															__eflags = _t140 - 0x2959;
                                                                                                                                                                                                                                                        															_t159 = (0 | _t140 - 0x00002959 > 0x00000000) + 7;
                                                                                                                                                                                                                                                        															__eflags = _t140 - 0x3838;
                                                                                                                                                                                                                                                        															_t107 =  <=  ? _t159 : 9;
                                                                                                                                                                                                                                                        															return  <=  ? _t159 : 9;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t148 = _t155;
                                                                                                                                                                                                                                                        									_t131 = _t124 + 0x24;
                                                                                                                                                                                                                                                        									goto L33;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L33:
                                                                                                                                                                                                                                                        								_push(_t131);
                                                                                                                                                                                                                                                        								_push(_t148);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t181 = _t181 + 8;
                                                                                                                                                                                                                                                        								goto L10;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L10:
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x4c]");
                                                                                                                                                                                                                                                        							asm("movsd [ecx+0x10], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x5c]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x54]");
                                                                                                                                                                                                                                                        							asm("movsd [ecx+0x8], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [ecx], xmm0");
                                                                                                                                                                                                                                                        							_v80 = 0;
                                                                                                                                                                                                                                                        							_v76 = 0xf;
                                                                                                                                                                                                                                                        							_v96 = 0;
                                                                                                                                                                                                                                                        							L11:
                                                                                                                                                                                                                                                        							_t117 =  *0xbfb4c8; // 0x4
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t165 + 0x50)) = _t117;
                                                                                                                                                                                                                                                        							_t118 =  *0xbfb4d0; // 0x10000
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t165 + 0x54)) = _t118;
                                                                                                                                                                                                                                                        							_t119 =  *(_t162 + 4);
                                                                                                                                                                                                                                                        							if(_t119 == 5) {
                                                                                                                                                                                                                                                        								_t119 =  *(_t162 + 8);
                                                                                                                                                                                                                                                        								__eflags = _t119 - 1;
                                                                                                                                                                                                                                                        								if(_t119 == 1) {
                                                                                                                                                                                                                                                        									__eflags =  *(_t162 + 0x119) & 0x00000002;
                                                                                                                                                                                                                                                        									if(( *(_t162 + 0x119) & 0x00000002) != 0) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L29;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									__eflags = _t119 - 2;
                                                                                                                                                                                                                                                        									if(_t119 != 2) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t162 + 0x11a)) - 1;
                                                                                                                                                                                                                                                        										if( *((char*)(_t162 + 0x11a)) != 1) {
                                                                                                                                                                                                                                                        											L24:
                                                                                                                                                                                                                                                        											__eflags =  *((short*)(_t162 + 0x118));
                                                                                                                                                                                                                                                        											if( *((short*)(_t162 + 0x118)) < 0) {
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L25;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											__eflags =  *0xbfb4b4 - 9;
                                                                                                                                                                                                                                                        											if( *0xbfb4b4 == 9) {
                                                                                                                                                                                                                                                        												goto L29;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												goto L24;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_t119 == 0xa || _t119 == 6) {
                                                                                                                                                                                                                                                        									_t119 = _a4 - 1;
                                                                                                                                                                                                                                                        									if(_t119 > 0x81) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										switch( *((intOrPtr*)(_t119 * 4 +  &M00BF0FE8))) {
                                                                                                                                                                                                                                                        											case 0:
                                                                                                                                                                                                                                                        												L29:
                                                                                                                                                                                                                                                        												 *(_t165 + 0x14) = 1;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											case 1:
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											case 2:
                                                                                                                                                                                                                                                        												 *(_t165 + 0x14) = 3;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											case 3:
                                                                                                                                                                                                                                                        												L25:
                                                                                                                                                                                                                                                        												 *(_t165 + 0x14) = 2;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											case 4:
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(__esi + 0x14)) = 4;
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L30:
                                                                                                                                                                                                                                                        									 *(_t165 + 0x14) = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L31:
                                                                                                                                                                                                                                                        							E00BEECB0(_t119, _v20 ^ _t175, _t160);
                                                                                                                                                                                                                                                        							return _t165;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





















































                                                                                                                                                                                                                                                        0x00bcb9f0
                                                                                                                                                                                                                                                        0x00bcb9f1
                                                                                                                                                                                                                                                        0x00bcb9f6
                                                                                                                                                                                                                                                        0x00bcb9f9
                                                                                                                                                                                                                                                        0x00bcb9fe
                                                                                                                                                                                                                                                        0x00bcba00
                                                                                                                                                                                                                                                        0x00bcba04
                                                                                                                                                                                                                                                        0x00bcba07
                                                                                                                                                                                                                                                        0x00bcba0d
                                                                                                                                                                                                                                                        0x00bcba14
                                                                                                                                                                                                                                                        0x00bcba1b
                                                                                                                                                                                                                                                        0x00bcba1f
                                                                                                                                                                                                                                                        0x00bcba26
                                                                                                                                                                                                                                                        0x00bcba2d
                                                                                                                                                                                                                                                        0x00bcba31
                                                                                                                                                                                                                                                        0x00bcba3a
                                                                                                                                                                                                                                                        0x00bcba43
                                                                                                                                                                                                                                                        0x00bcba49
                                                                                                                                                                                                                                                        0x00bcba50
                                                                                                                                                                                                                                                        0x00bcba58
                                                                                                                                                                                                                                                        0x00bcba58
                                                                                                                                                                                                                                                        0x00bcba60
                                                                                                                                                                                                                                                        0x00bcba63
                                                                                                                                                                                                                                                        0x00bcba6a
                                                                                                                                                                                                                                                        0x00bcba6a
                                                                                                                                                                                                                                                        0x00bcba70
                                                                                                                                                                                                                                                        0x00bcba73
                                                                                                                                                                                                                                                        0x00bcba7a
                                                                                                                                                                                                                                                        0x00bcba80
                                                                                                                                                                                                                                                        0x00bcba86
                                                                                                                                                                                                                                                        0x00bcba8c
                                                                                                                                                                                                                                                        0x00bcba93
                                                                                                                                                                                                                                                        0x00bcba9a
                                                                                                                                                                                                                                                        0x00bcbaa4
                                                                                                                                                                                                                                                        0x00bcbaa9
                                                                                                                                                                                                                                                        0x00bcbaac
                                                                                                                                                                                                                                                        0x00bcbab1
                                                                                                                                                                                                                                                        0x00bcbab8
                                                                                                                                                                                                                                                        0x00bcbac0
                                                                                                                                                                                                                                                        0x00bcbac5
                                                                                                                                                                                                                                                        0x00bcbaca
                                                                                                                                                                                                                                                        0x00bcbacf
                                                                                                                                                                                                                                                        0x00bcbad4
                                                                                                                                                                                                                                                        0x00bcbad9
                                                                                                                                                                                                                                                        0x00bcbae0
                                                                                                                                                                                                                                                        0x00bcbae6
                                                                                                                                                                                                                                                        0x00bcbc56
                                                                                                                                                                                                                                                        0x00bcbc58
                                                                                                                                                                                                                                                        0x00bcbc5b
                                                                                                                                                                                                                                                        0x00bcbc61
                                                                                                                                                                                                                                                        0x00bcbce0
                                                                                                                                                                                                                                                        0x00bcbce6
                                                                                                                                                                                                                                                        0x00bcbce8
                                                                                                                                                                                                                                                        0x00bcbceb
                                                                                                                                                                                                                                                        0x00bcbcee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcf0
                                                                                                                                                                                                                                                        0x00bcbcf0
                                                                                                                                                                                                                                                        0x00bcbcf6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcf6
                                                                                                                                                                                                                                                        0x00bcbc63
                                                                                                                                                                                                                                                        0x00bcbc63
                                                                                                                                                                                                                                                        0x00bcbc63
                                                                                                                                                                                                                                                        0x00bcbc64
                                                                                                                                                                                                                                                        0x00bcbc65
                                                                                                                                                                                                                                                        0x00bcbc6a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc6a
                                                                                                                                                                                                                                                        0x00bcbaec
                                                                                                                                                                                                                                                        0x00bcbaec
                                                                                                                                                                                                                                                        0x00bcbaec
                                                                                                                                                                                                                                                        0x00bcbaef
                                                                                                                                                                                                                                                        0x00bcbaf5
                                                                                                                                                                                                                                                        0x00bcbafa
                                                                                                                                                                                                                                                        0x00bcbaff
                                                                                                                                                                                                                                                        0x00bcbb03
                                                                                                                                                                                                                                                        0x00bcbb08
                                                                                                                                                                                                                                                        0x00bcbb0d
                                                                                                                                                                                                                                                        0x00bcbb14
                                                                                                                                                                                                                                                        0x00bcbb17
                                                                                                                                                                                                                                                        0x00bcbb1a
                                                                                                                                                                                                                                                        0x00bcbb1f
                                                                                                                                                                                                                                                        0x00bcbb22
                                                                                                                                                                                                                                                        0x00bcbb2b
                                                                                                                                                                                                                                                        0x00bcbb35
                                                                                                                                                                                                                                                        0x00bcbb38
                                                                                                                                                                                                                                                        0x00bcbb40
                                                                                                                                                                                                                                                        0x00bcbb5d
                                                                                                                                                                                                                                                        0x00bcbb42
                                                                                                                                                                                                                                                        0x00bcbb42
                                                                                                                                                                                                                                                        0x00bcbb44
                                                                                                                                                                                                                                                        0x00bcbb50
                                                                                                                                                                                                                                                        0x00bcbb50
                                                                                                                                                                                                                                                        0x00bcbb56
                                                                                                                                                                                                                                                        0x00bcbb56
                                                                                                                                                                                                                                                        0x00bcbb5b
                                                                                                                                                                                                                                                        0x00bcbb61
                                                                                                                                                                                                                                                        0x00bcbb67
                                                                                                                                                                                                                                                        0x00bcbb6c
                                                                                                                                                                                                                                                        0x00bcbb6f
                                                                                                                                                                                                                                                        0x00bcbb74
                                                                                                                                                                                                                                                        0x00bcbbfd
                                                                                                                                                                                                                                                        0x00bcbc00
                                                                                                                                                                                                                                                        0x00bcbc03
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc05
                                                                                                                                                                                                                                                        0x00bcbc05
                                                                                                                                                                                                                                                        0x00bcbc08
                                                                                                                                                                                                                                                        0x00bcbc0b
                                                                                                                                                                                                                                                        0x00bcbc11
                                                                                                                                                                                                                                                        0x00bcbcc7
                                                                                                                                                                                                                                                        0x00bcbccd
                                                                                                                                                                                                                                                        0x00bcbccf
                                                                                                                                                                                                                                                        0x00bcbcd2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcd4
                                                                                                                                                                                                                                                        0x00bcbcd7
                                                                                                                                                                                                                                                        0x00bcbcd9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcd9
                                                                                                                                                                                                                                                        0x00bcbc17
                                                                                                                                                                                                                                                        0x00bcbc17
                                                                                                                                                                                                                                                        0x00bcbc17
                                                                                                                                                                                                                                                        0x00bcbc18
                                                                                                                                                                                                                                                        0x00bcbc19
                                                                                                                                                                                                                                                        0x00bcbc1e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc1e
                                                                                                                                                                                                                                                        0x00bcbc11
                                                                                                                                                                                                                                                        0x00bcbb7a
                                                                                                                                                                                                                                                        0x00bcbb7a
                                                                                                                                                                                                                                                        0x00bcbb80
                                                                                                                                                                                                                                                        0x00bcbc9f
                                                                                                                                                                                                                                                        0x00bcbca1
                                                                                                                                                                                                                                                        0x00bcbca4
                                                                                                                                                                                                                                                        0x00bcbcaa
                                                                                                                                                                                                                                                        0x00bcbcfd
                                                                                                                                                                                                                                                        0x00bcbd03
                                                                                                                                                                                                                                                        0x00bcbd05
                                                                                                                                                                                                                                                        0x00bcbd08
                                                                                                                                                                                                                                                        0x00bcbd13
                                                                                                                                                                                                                                                        0x00bcbd13
                                                                                                                                                                                                                                                        0x00bcbd19
                                                                                                                                                                                                                                                        0x00bcbd1a
                                                                                                                                                                                                                                                        0x00bcbd1b
                                                                                                                                                                                                                                                        0x00bcbd1c
                                                                                                                                                                                                                                                        0x00bcbd1d
                                                                                                                                                                                                                                                        0x00bcbd1e
                                                                                                                                                                                                                                                        0x00bcbd1f
                                                                                                                                                                                                                                                        0x00bcbd20
                                                                                                                                                                                                                                                        0x00bcbd21
                                                                                                                                                                                                                                                        0x00bcbd24
                                                                                                                                                                                                                                                        0x00bcbd89
                                                                                                                                                                                                                                                        0x00bcbd8e
                                                                                                                                                                                                                                                        0x00bcbd91
                                                                                                                                                                                                                                                        0x00bcbd95
                                                                                                                                                                                                                                                        0x00bcbdaa
                                                                                                                                                                                                                                                        0x00bcbdb5
                                                                                                                                                                                                                                                        0x00bcbdb7
                                                                                                                                                                                                                                                        0x00bcbdb9
                                                                                                                                                                                                                                                        0x00bcbdbe
                                                                                                                                                                                                                                                        0x00bcbdc1
                                                                                                                                                                                                                                                        0x00bcbdc5
                                                                                                                                                                                                                                                        0x00bcbd97
                                                                                                                                                                                                                                                        0x00bcbd97
                                                                                                                                                                                                                                                        0x00bcbd9c
                                                                                                                                                                                                                                                        0x00bcbd9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbda1
                                                                                                                                                                                                                                                        0x00bcbda1
                                                                                                                                                                                                                                                        0x00bcbda1
                                                                                                                                                                                                                                                        0x00bcbda7
                                                                                                                                                                                                                                                        0x00bcbda7
                                                                                                                                                                                                                                                        0x00bcbd9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd26
                                                                                                                                                                                                                                                        0x00bcbd26
                                                                                                                                                                                                                                                        0x00bcbd2a
                                                                                                                                                                                                                                                        0x00bcbd2f
                                                                                                                                                                                                                                                        0x00bcbd35
                                                                                                                                                                                                                                                        0x00bcbd93
                                                                                                                                                                                                                                                        0x00bcbd94
                                                                                                                                                                                                                                                        0x00bcbd37
                                                                                                                                                                                                                                                        0x00bcbd37
                                                                                                                                                                                                                                                        0x00bcbd3c
                                                                                                                                                                                                                                                        0x00bcbd42
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd44
                                                                                                                                                                                                                                                        0x00bcbd44
                                                                                                                                                                                                                                                        0x00bcbd49
                                                                                                                                                                                                                                                        0x00bcbd4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd51
                                                                                                                                                                                                                                                        0x00bcbd51
                                                                                                                                                                                                                                                        0x00bcbd56
                                                                                                                                                                                                                                                        0x00bcbd5c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd5e
                                                                                                                                                                                                                                                        0x00bcbd5e
                                                                                                                                                                                                                                                        0x00bcbd63
                                                                                                                                                                                                                                                        0x00bcbd69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd6b
                                                                                                                                                                                                                                                        0x00bcbd6d
                                                                                                                                                                                                                                                        0x00bcbd7b
                                                                                                                                                                                                                                                        0x00bcbd7e
                                                                                                                                                                                                                                                        0x00bcbd84
                                                                                                                                                                                                                                                        0x00bcbd88
                                                                                                                                                                                                                                                        0x00bcbd88
                                                                                                                                                                                                                                                        0x00bcbd69
                                                                                                                                                                                                                                                        0x00bcbd5c
                                                                                                                                                                                                                                                        0x00bcbd4f
                                                                                                                                                                                                                                                        0x00bcbd42
                                                                                                                                                                                                                                                        0x00bcbd35
                                                                                                                                                                                                                                                        0x00bcbd0a
                                                                                                                                                                                                                                                        0x00bcbd0d
                                                                                                                                                                                                                                                        0x00bcbd0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbd0f
                                                                                                                                                                                                                                                        0x00bcbcac
                                                                                                                                                                                                                                                        0x00bcbcac
                                                                                                                                                                                                                                                        0x00bcbcac
                                                                                                                                                                                                                                                        0x00bcbcad
                                                                                                                                                                                                                                                        0x00bcbcae
                                                                                                                                                                                                                                                        0x00bcbcb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcb6
                                                                                                                                                                                                                                                        0x00bcbb86
                                                                                                                                                                                                                                                        0x00bcbb86
                                                                                                                                                                                                                                                        0x00bcbb86
                                                                                                                                                                                                                                                        0x00bcbb8b
                                                                                                                                                                                                                                                        0x00bcbb90
                                                                                                                                                                                                                                                        0x00bcbb95
                                                                                                                                                                                                                                                        0x00bcbb9a
                                                                                                                                                                                                                                                        0x00bcbb9f
                                                                                                                                                                                                                                                        0x00bcbba3
                                                                                                                                                                                                                                                        0x00bcbbaa
                                                                                                                                                                                                                                                        0x00bcbbb1
                                                                                                                                                                                                                                                        0x00bcbbb5
                                                                                                                                                                                                                                                        0x00bcbbb5
                                                                                                                                                                                                                                                        0x00bcbbba
                                                                                                                                                                                                                                                        0x00bcbbbd
                                                                                                                                                                                                                                                        0x00bcbbc2
                                                                                                                                                                                                                                                        0x00bcbbc5
                                                                                                                                                                                                                                                        0x00bcbbcb
                                                                                                                                                                                                                                                        0x00bcbc23
                                                                                                                                                                                                                                                        0x00bcbc26
                                                                                                                                                                                                                                                        0x00bcbc29
                                                                                                                                                                                                                                                        0x00bcbc72
                                                                                                                                                                                                                                                        0x00bcbc79
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc2b
                                                                                                                                                                                                                                                        0x00bcbc2b
                                                                                                                                                                                                                                                        0x00bcbc2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc30
                                                                                                                                                                                                                                                        0x00bcbc30
                                                                                                                                                                                                                                                        0x00bcbc37
                                                                                                                                                                                                                                                        0x00bcbc43
                                                                                                                                                                                                                                                        0x00bcbc43
                                                                                                                                                                                                                                                        0x00bcbc4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc39
                                                                                                                                                                                                                                                        0x00bcbc39
                                                                                                                                                                                                                                                        0x00bcbc41
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc41
                                                                                                                                                                                                                                                        0x00bcbc37
                                                                                                                                                                                                                                                        0x00bcbc2e
                                                                                                                                                                                                                                                        0x00bcbbcd
                                                                                                                                                                                                                                                        0x00bcbbd0
                                                                                                                                                                                                                                                        0x00bcbbde
                                                                                                                                                                                                                                                        0x00bcbbe4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbbea
                                                                                                                                                                                                                                                        0x00bcbbea
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc7b
                                                                                                                                                                                                                                                        0x00bcbc7b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbbf1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbc4d
                                                                                                                                                                                                                                                        0x00bcbc4d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbcbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcbbea
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbc84
                                                                                                                                                                                                                                                        0x00bcbbd0
                                                                                                                                                                                                                                                        0x00bcbc8b
                                                                                                                                                                                                                                                        0x00bcbc90
                                                                                                                                                                                                                                                        0x00bcbc9e
                                                                                                                                                                                                                                                        0x00bcbc9e
                                                                                                                                                                                                                                                        0x00bcbb80
                                                                                                                                                                                                                                                        0x00bcbb74

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BCBA31
                                                                                                                                                                                                                                                        • IsWow64Process.KERNEL32(00000000,?), ref: 00BCBA43
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCBC19
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCBC65
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BCBCAE
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BCBD13
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$Process$CurrentWow64_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2416501996-0
                                                                                                                                                                                                                                                        • Opcode ID: 95df797b0ca72035cb7dc4bf02be566790a78d5de1561751111f17a7e69545f1
                                                                                                                                                                                                                                                        • Instruction ID: edfe83811c439464690d1e29e2e258a7629148e6bd0cf4a859919287a44b026c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 95df797b0ca72035cb7dc4bf02be566790a78d5de1561751111f17a7e69545f1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A91B070900B489FDB24CF64C485FAEB7F1FF05304F10869DD4469B281DB75A985CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 67%
                                                                                                                                                                                                                                                        			E00BC7330(void* __ecx, intOrPtr _a4, int _a12, signed int _a16) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				signed short* _v16;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				int _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				void* _t63;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t72;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				void* _t80;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				void* _t84;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				int _t94;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				intOrPtr* _t98;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				unsigned int _t102;
                                                                                                                                                                                                                                                        				intOrPtr _t103;
                                                                                                                                                                                                                                                        				int _t104;
                                                                                                                                                                                                                                                        				void* _t105;
                                                                                                                                                                                                                                                        				signed int _t106;
                                                                                                                                                                                                                                                        				signed int _t108;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        				signed int _t110;
                                                                                                                                                                                                                                                        				signed int _t112;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				void* _t115;
                                                                                                                                                                                                                                                        				int _t117;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed int _t123;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t94 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t103 = _a4;
                                                                                                                                                                                                                                                        				_t114 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t94 < _t103) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t112 = _t103 + _t94;
                                                                                                                                                                                                                                                        					_v32 = _t94;
                                                                                                                                                                                                                                                        					_v36 = __ecx;
                                                                                                                                                                                                                                                        					_v20 =  *((intOrPtr*)(__ecx + 0x14));
                                                                                                                                                                                                                                                        					_t70 = _t112 | 0x0000000f;
                                                                                                                                                                                                                                                        					if(_t70 >= 0) {
                                                                                                                                                                                                                                                        						_t102 = _v20;
                                                                                                                                                                                                                                                        						_t120 = _t102 >> 1;
                                                                                                                                                                                                                                                        						_t114 = _t120 + _t102;
                                                                                                                                                                                                                                                        						_t93 = _t120 ^ 0x7fffffff;
                                                                                                                                                                                                                                                        						if(_t70 >= _t114) {
                                                                                                                                                                                                                                                        							_t114 = _t70;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v20 > _t93) {
                                                                                                                                                                                                                                                        							_t114 = 0x7fffffff;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t77 = _v36;
                                                                                                                                                                                                                                                        					_t10 = _t114 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t72 = E00BBD730(_t10);
                                                                                                                                                                                                                                                        					 *(_t77 + 0x10) = _t112;
                                                                                                                                                                                                                                                        					 *(_t77 + 0x14) = _t114;
                                                                                                                                                                                                                                                        					_t114 = _v20;
                                                                                                                                                                                                                                                        					_v28 = _t72;
                                                                                                                                                                                                                                                        					if(_t114 >= 0x10) {
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						_t104 = _v32;
                                                                                                                                                                                                                                                        						_t56 =  *_t77;
                                                                                                                                                                                                                                                        						_v24 = _t56;
                                                                                                                                                                                                                                                        						_t78 = _v28;
                                                                                                                                                                                                                                                        						memcpy(_t78, _t56, _t104);
                                                                                                                                                                                                                                                        						memset(_t78 + _t104, _a16 & 0x000000ff, _a12);
                                                                                                                                                                                                                                                        						_t105 = _t104 + _a12;
                                                                                                                                                                                                                                                        						_t28 = _t114 + 1; // 0x80000000
                                                                                                                                                                                                                                                        						_t83 = _t28;
                                                                                                                                                                                                                                                        						__eflags = _t83 - 0x1000;
                                                                                                                                                                                                                                                        						 *((char*)(_t78 + _t105)) = 0;
                                                                                                                                                                                                                                                        						if(_t83 < 0x1000) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_push(_t83);
                                                                                                                                                                                                                                                        							_push(_v24);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t79 = _v36;
                                                                                                                                                                                                                                                        							goto L7;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t84 = _v24;
                                                                                                                                                                                                                                                        							_t63 =  *(_t84 - 4);
                                                                                                                                                                                                                                                        							__eflags = _t84 + 0xfffffffc - _t63 - 0x20;
                                                                                                                                                                                                                                                        							if(_t84 + 0xfffffffc - _t63 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t78);
                                                                                                                                                                                                                                                        								_push(_t105);
                                                                                                                                                                                                                                                        								_push(_t114);
                                                                                                                                                                                                                                                        								_t87 = _v12;
                                                                                                                                                                                                                                                        								_t64 = 0xffffffff;
                                                                                                                                                                                                                                                        								_t97 = _v24 - _t87;
                                                                                                                                                                                                                                                        								__eflags = _t97;
                                                                                                                                                                                                                                                        								if(_t97 >= 0) {
                                                                                                                                                                                                                                                        									_t106 = _v20;
                                                                                                                                                                                                                                                        									__eflags = _t97 - _t106;
                                                                                                                                                                                                                                                        									if(_t97 >= _t106) {
                                                                                                                                                                                                                                                        										__eflags = _t87;
                                                                                                                                                                                                                                                        										if(_t87 == 0) {
                                                                                                                                                                                                                                                        											return _t106;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t115 = _v28;
                                                                                                                                                                                                                                                        										_t80 = _t115 + 2 + _t97 * 2;
                                                                                                                                                                                                                                                        										_t98 = _t115 + _t106 * 2;
                                                                                                                                                                                                                                                        										_t108 = _t80 - _t98;
                                                                                                                                                                                                                                                        										__eflags = _t108;
                                                                                                                                                                                                                                                        										if(_t108 != 0) {
                                                                                                                                                                                                                                                        											_t123 =  *_v16 & 0x0000ffff;
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												_t109 = _t108 >> 1;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													__eflags =  *_t98 - _t123;
                                                                                                                                                                                                                                                        													if( *_t98 == _t123) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t98 = _t98 + 2;
                                                                                                                                                                                                                                                        													_t109 = _t109 - 1;
                                                                                                                                                                                                                                                        													__eflags = _t109;
                                                                                                                                                                                                                                                        													if(_t109 != 0) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													return _t64;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t110 = 1;
                                                                                                                                                                                                                                                        												while(1) {
                                                                                                                                                                                                                                                        													__eflags = _t87 - _t110;
                                                                                                                                                                                                                                                        													if(_t87 == _t110) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													__eflags = ( *(_t98 + _t110 * 2) & 0x0000ffff) - _v16[_t110];
                                                                                                                                                                                                                                                        													_t115 = _v28;
                                                                                                                                                                                                                                                        													_t64 = 0xffffffff;
                                                                                                                                                                                                                                                        													_t110 = _t110 + 1;
                                                                                                                                                                                                                                                        													if(__eflags == 0) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L27;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t99 = _t98 - _t115;
                                                                                                                                                                                                                                                        												__eflags = _t99;
                                                                                                                                                                                                                                                        												return _t99 >> 1;
                                                                                                                                                                                                                                                        												L27:
                                                                                                                                                                                                                                                        												_t98 = _t98 + 2;
                                                                                                                                                                                                                                                        												_t108 = _t80 - _t98;
                                                                                                                                                                                                                                                        												__eflags = _t108;
                                                                                                                                                                                                                                                        											} while (_t108 != 0);
                                                                                                                                                                                                                                                        											return 0xffffffff;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								return _t64;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v24 = _t63;
                                                                                                                                                                                                                                                        								_t83 = _v20 + 0x24;
                                                                                                                                                                                                                                                        								__eflags = _t83;
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t117 = _v32;
                                                                                                                                                                                                                                                        						_t113 = _v28;
                                                                                                                                                                                                                                                        						memcpy(_t113, _t77, _t117);
                                                                                                                                                                                                                                                        						memset(_t113 + _t117, _a16 & 0x000000ff, _a12);
                                                                                                                                                                                                                                                        						 *((char*)(_t113 + _t117 + _a12)) = 0;
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						 *_t79 = _v28;
                                                                                                                                                                                                                                                        						return _t79;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































                                                                                                                                                                                                                                                        0x00bc7339
                                                                                                                                                                                                                                                        0x00bc733c
                                                                                                                                                                                                                                                        0x00bc7344
                                                                                                                                                                                                                                                        0x00bc734d
                                                                                                                                                                                                                                                        0x00bc73e6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7353
                                                                                                                                                                                                                                                        0x00bc7356
                                                                                                                                                                                                                                                        0x00bc7358
                                                                                                                                                                                                                                                        0x00bc735b
                                                                                                                                                                                                                                                        0x00bc735e
                                                                                                                                                                                                                                                        0x00bc7363
                                                                                                                                                                                                                                                        0x00bc7366
                                                                                                                                                                                                                                                        0x00bc7368
                                                                                                                                                                                                                                                        0x00bc736d
                                                                                                                                                                                                                                                        0x00bc7371
                                                                                                                                                                                                                                                        0x00bc7373
                                                                                                                                                                                                                                                        0x00bc737b
                                                                                                                                                                                                                                                        0x00bc737d
                                                                                                                                                                                                                                                        0x00bc737d
                                                                                                                                                                                                                                                        0x00bc7382
                                                                                                                                                                                                                                                        0x00bc7453
                                                                                                                                                                                                                                                        0x00bc7453
                                                                                                                                                                                                                                                        0x00bc7382
                                                                                                                                                                                                                                                        0x00bc7388
                                                                                                                                                                                                                                                        0x00bc738b
                                                                                                                                                                                                                                                        0x00bc7391
                                                                                                                                                                                                                                                        0x00bc7396
                                                                                                                                                                                                                                                        0x00bc7399
                                                                                                                                                                                                                                                        0x00bc739c
                                                                                                                                                                                                                                                        0x00bc739f
                                                                                                                                                                                                                                                        0x00bc73a5
                                                                                                                                                                                                                                                        0x00bc73eb
                                                                                                                                                                                                                                                        0x00bc73eb
                                                                                                                                                                                                                                                        0x00bc73ee
                                                                                                                                                                                                                                                        0x00bc73f1
                                                                                                                                                                                                                                                        0x00bc73f5
                                                                                                                                                                                                                                                        0x00bc73f9
                                                                                                                                                                                                                                                        0x00bc740f
                                                                                                                                                                                                                                                        0x00bc7417
                                                                                                                                                                                                                                                        0x00bc741a
                                                                                                                                                                                                                                                        0x00bc741a
                                                                                                                                                                                                                                                        0x00bc741d
                                                                                                                                                                                                                                                        0x00bc7423
                                                                                                                                                                                                                                                        0x00bc7427
                                                                                                                                                                                                                                                        0x00bc7442
                                                                                                                                                                                                                                                        0x00bc7442
                                                                                                                                                                                                                                                        0x00bc7443
                                                                                                                                                                                                                                                        0x00bc7446
                                                                                                                                                                                                                                                        0x00bc744e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7429
                                                                                                                                                                                                                                                        0x00bc7429
                                                                                                                                                                                                                                                        0x00bc742c
                                                                                                                                                                                                                                                        0x00bc7434
                                                                                                                                                                                                                                                        0x00bc7437
                                                                                                                                                                                                                                                        0x00bc745d
                                                                                                                                                                                                                                                        0x00bc7463
                                                                                                                                                                                                                                                        0x00bc7464
                                                                                                                                                                                                                                                        0x00bc7465
                                                                                                                                                                                                                                                        0x00bc7466
                                                                                                                                                                                                                                                        0x00bc7467
                                                                                                                                                                                                                                                        0x00bc7468
                                                                                                                                                                                                                                                        0x00bc7469
                                                                                                                                                                                                                                                        0x00bc746a
                                                                                                                                                                                                                                                        0x00bc746b
                                                                                                                                                                                                                                                        0x00bc746c
                                                                                                                                                                                                                                                        0x00bc746d
                                                                                                                                                                                                                                                        0x00bc746e
                                                                                                                                                                                                                                                        0x00bc746f
                                                                                                                                                                                                                                                        0x00bc7471
                                                                                                                                                                                                                                                        0x00bc7472
                                                                                                                                                                                                                                                        0x00bc7473
                                                                                                                                                                                                                                                        0x00bc7474
                                                                                                                                                                                                                                                        0x00bc747c
                                                                                                                                                                                                                                                        0x00bc7481
                                                                                                                                                                                                                                                        0x00bc7481
                                                                                                                                                                                                                                                        0x00bc7483
                                                                                                                                                                                                                                                        0x00bc7485
                                                                                                                                                                                                                                                        0x00bc7489
                                                                                                                                                                                                                                                        0x00bc748b
                                                                                                                                                                                                                                                        0x00bc748d
                                                                                                                                                                                                                                                        0x00bc748f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74fd
                                                                                                                                                                                                                                                        0x00bc7491
                                                                                                                                                                                                                                                        0x00bc7495
                                                                                                                                                                                                                                                        0x00bc7499
                                                                                                                                                                                                                                                        0x00bc749e
                                                                                                                                                                                                                                                        0x00bc749e
                                                                                                                                                                                                                                                        0x00bc74a0
                                                                                                                                                                                                                                                        0x00bc74a6
                                                                                                                                                                                                                                                        0x00bc74aa
                                                                                                                                                                                                                                                        0x00bc74aa
                                                                                                                                                                                                                                                        0x00bc74b0
                                                                                                                                                                                                                                                        0x00bc74b0
                                                                                                                                                                                                                                                        0x00bc74b3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74b5
                                                                                                                                                                                                                                                        0x00bc74b8
                                                                                                                                                                                                                                                        0x00bc74b8
                                                                                                                                                                                                                                                        0x00bc74b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74b9
                                                                                                                                                                                                                                                        0x00bc74c0
                                                                                                                                                                                                                                                        0x00bc74c5
                                                                                                                                                                                                                                                        0x00bc74c5
                                                                                                                                                                                                                                                        0x00bc74c7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74d3
                                                                                                                                                                                                                                                        0x00bc74d9
                                                                                                                                                                                                                                                        0x00bc74dd
                                                                                                                                                                                                                                                        0x00bc74e2
                                                                                                                                                                                                                                                        0x00bc74e5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74e5
                                                                                                                                                                                                                                                        0x00bc74f2
                                                                                                                                                                                                                                                        0x00bc74f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74e7
                                                                                                                                                                                                                                                        0x00bc74e7
                                                                                                                                                                                                                                                        0x00bc74ec
                                                                                                                                                                                                                                                        0x00bc74ec
                                                                                                                                                                                                                                                        0x00bc74ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc74aa
                                                                                                                                                                                                                                                        0x00bc74a0
                                                                                                                                                                                                                                                        0x00bc748b
                                                                                                                                                                                                                                                        0x00bc74fc
                                                                                                                                                                                                                                                        0x00bc7439
                                                                                                                                                                                                                                                        0x00bc743c
                                                                                                                                                                                                                                                        0x00bc743f
                                                                                                                                                                                                                                                        0x00bc743f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc743f
                                                                                                                                                                                                                                                        0x00bc7437
                                                                                                                                                                                                                                                        0x00bc73a7
                                                                                                                                                                                                                                                        0x00bc73a7
                                                                                                                                                                                                                                                        0x00bc73ac
                                                                                                                                                                                                                                                        0x00bc73b0
                                                                                                                                                                                                                                                        0x00bc73c6
                                                                                                                                                                                                                                                        0x00bc73d1
                                                                                                                                                                                                                                                        0x00bc73d5
                                                                                                                                                                                                                                                        0x00bc73d8
                                                                                                                                                                                                                                                        0x00bc73e3
                                                                                                                                                                                                                                                        0x00bc73e3
                                                                                                                                                                                                                                                        0x00bc73a5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(80000000,?,?,80000000,00000000,?,?,?,00BC72E9,?,?,?,?,?,00000000), ref: 00BC73B0
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC73C6
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,?,00000000,?,?,?,00BC72E9,?,?,?,?,?,00000000), ref: 00BC73F9
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BC740F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,80000000,?,?,?,?,?,?,00000000,?,?,?,00BC72E9), ref: 00BC7446
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,00000000,?,?,?,00BC72E9,?,?,?,?,?), ref: 00BC745D
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpymemset$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1558069132-0
                                                                                                                                                                                                                                                        • Opcode ID: 60cfc36a1feece76c1e1a192f21d6dcccdf6d8d158307044761e567e5adda64d
                                                                                                                                                                                                                                                        • Instruction ID: de1f152765eeb5a3810baa307dc98c4d53528928dccb9147d7594a34865f24bc
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 60cfc36a1feece76c1e1a192f21d6dcccdf6d8d158307044761e567e5adda64d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4A41A5B2D042569BCF04DF55CC819BF7BB5BF85310B244669EC25A7381DB30AD118BB1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 53%
                                                                                                                                                                                                                                                        			E00BCC0B0(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, char _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				intOrPtr _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void** _t37;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				intOrPtr _t49;
                                                                                                                                                                                                                                                        				signed int _t51;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t47 = _a8;
                                                                                                                                                                                                                                                        				_t49 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t30 ^ _t51;
                                                                                                                                                                                                                                                        				_t32 =  &_v56;
                                                                                                                                                                                                                                                        				_v56 = 0;
                                                                                                                                                                                                                                                        				_v60 = 0;
                                                                                                                                                                                                                                                        				_v64 = 0;
                                                                                                                                                                                                                                                        				__imp__GetSecurityInfo(_t49, _t47, 4, 0, 0,  &_v60, 0, _t32);
                                                                                                                                                                                                                                                        				if(_t32 != 0) {
                                                                                                                                                                                                                                                        					_t39 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t46 = _a16;
                                                                                                                                                                                                                                                        					_t40 = _v60;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v48 = _a16;
                                                                                                                                                                                                                                                        					_v52 = _a20;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v36 = 0;
                                                                                                                                                                                                                                                        					_v24 = E00BE7750(_a12);
                                                                                                                                                                                                                                                        					_t37 =  &_v64;
                                                                                                                                                                                                                                                        					__imp__SetEntriesInAclW(1,  &_v52, _t40, _t37);
                                                                                                                                                                                                                                                        					if(_t37 != 0) {
                                                                                                                                                                                                                                                        						_t32 = LocalFree(_v56);
                                                                                                                                                                                                                                                        						_t39 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__imp__SetSecurityInfo(_t49, _t47, 4, 0, 0, _v64, 0);
                                                                                                                                                                                                                                                        						LocalFree(_v64);
                                                                                                                                                                                                                                                        						_t32 = LocalFree(_v56);
                                                                                                                                                                                                                                                        						_t39 = _t40 & 0xffffff00 | _t37 == 0x00000000;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t32, _v20 ^ _t51, _t46);
                                                                                                                                                                                                                                                        				return _t39;
                                                                                                                                                                                                                                                        			}























                                                                                                                                                                                                                                                        0x00bcc0b9
                                                                                                                                                                                                                                                        0x00bcc0be
                                                                                                                                                                                                                                                        0x00bcc0c1
                                                                                                                                                                                                                                                        0x00bcc0c9
                                                                                                                                                                                                                                                        0x00bcc0cc
                                                                                                                                                                                                                                                        0x00bcc0cf
                                                                                                                                                                                                                                                        0x00bcc0d6
                                                                                                                                                                                                                                                        0x00bcc0dd
                                                                                                                                                                                                                                                        0x00bcc0f0
                                                                                                                                                                                                                                                        0x00bcc0f8
                                                                                                                                                                                                                                                        0x00bcc18e
                                                                                                                                                                                                                                                        0x00bcc0fe
                                                                                                                                                                                                                                                        0x00bcc101
                                                                                                                                                                                                                                                        0x00bcc107
                                                                                                                                                                                                                                                        0x00bcc10a
                                                                                                                                                                                                                                                        0x00bcc111
                                                                                                                                                                                                                                                        0x00bcc114
                                                                                                                                                                                                                                                        0x00bcc117
                                                                                                                                                                                                                                                        0x00bcc11e
                                                                                                                                                                                                                                                        0x00bcc125
                                                                                                                                                                                                                                                        0x00bcc12c
                                                                                                                                                                                                                                                        0x00bcc138
                                                                                                                                                                                                                                                        0x00bcc13b
                                                                                                                                                                                                                                                        0x00bcc146
                                                                                                                                                                                                                                                        0x00bcc14e
                                                                                                                                                                                                                                                        0x00bcc195
                                                                                                                                                                                                                                                        0x00bcc19b
                                                                                                                                                                                                                                                        0x00bcc150
                                                                                                                                                                                                                                                        0x00bcc15d
                                                                                                                                                                                                                                                        0x00bcc16e
                                                                                                                                                                                                                                                        0x00bcc173
                                                                                                                                                                                                                                                        0x00bcc177
                                                                                                                                                                                                                                                        0x00bcc177
                                                                                                                                                                                                                                                        0x00bcc14e
                                                                                                                                                                                                                                                        0x00bcc17f
                                                                                                                                                                                                                                                        0x00bcc18d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,?,00000000,?), ref: 00BCC0F0
                                                                                                                                                                                                                                                        • SetEntriesInAclW.ADVAPI32(00000001,?,?,00000000), ref: 00BCC146
                                                                                                                                                                                                                                                        • SetSecurityInfo.ADVAPI32(?,?,00000004,00000000,00000000,00000000,00000000), ref: 00BCC15D
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BCC16E
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BCC173
                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000), ref: 00BCC195
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FreeLocal$InfoSecurity$Entries
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3140748100-0
                                                                                                                                                                                                                                                        • Opcode ID: b792f2723683b7cea1ac749bc6ed7c23c819d3d73d04d6abb5ec6f4b9de150d9
                                                                                                                                                                                                                                                        • Instruction ID: 1f1b85092d2dc887f05b88bc2c1e3a25dd15855d9aaaa8e7b9cf68f489869a40
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b792f2723683b7cea1ac749bc6ed7c23c819d3d73d04d6abb5ec6f4b9de150d9
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91312BB1A00219AFEB14DFA1EC89FEEBBB5EF44714F104019FA157B290DB756904CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE6CD0(void* __ecx, void** __edx, void** _a4, HANDLE* _a8, HANDLE* _a12) {
                                                                                                                                                                                                                                                        				void** _t24;
                                                                                                                                                                                                                                                        				void** _t26;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t28 = __ecx;
                                                                                                                                                                                                                                                        				_t24 = __edx;
                                                                                                                                                                                                                                                        				E00BC5200(CreateEventW(0, 0, 0, 0), _t24, _t8);
                                                                                                                                                                                                                                                        				if(DuplicateHandle(GetCurrentProcess(),  *_t24,  *(_t28 + 0x10), _a8, 0x100002, 0, 0) != 0) {
                                                                                                                                                                                                                                                        					_t26 = _a4;
                                                                                                                                                                                                                                                        					E00BC5200(CreateEventW(0, 0, 0, 0), _t26, _t12);
                                                                                                                                                                                                                                                        					return DuplicateHandle(GetCurrentProcess(),  *_t26,  *(_t28 + 0x10), _a12, 0x100002, 0, 0) & 0xffffff00 | _t15 != 0x00000000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return 0;
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00be6cd6
                                                                                                                                                                                                                                                        0x00be6cd8
                                                                                                                                                                                                                                                        0x00be6ceb
                                                                                                                                                                                                                                                        0x00be6d12
                                                                                                                                                                                                                                                        0x00be6d1e
                                                                                                                                                                                                                                                        0x00be6d32
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6d57
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • CreateEventW.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00000004,?,00BE6C0E,?,?,00000018,?,?,?,00000000), ref: 00BE6CE2
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE6CF5
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,?,00100002,00100002,00000000,00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400), ref: 00BE6D0A
                                                                                                                                                                                                                                                        • CreateEventW.KERNEL32(00000000,00000000,00000000,00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?), ref: 00BE6D29
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE6D3C
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,?,?,00100002,00000000,00000000,?,?,?,00000000,?,00BE9870,?,00000004,00000400), ref: 00BE6D4F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Handle$CreateCurrentDuplicateErrorEventLastProcess$Verifier
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1059238025-0
                                                                                                                                                                                                                                                        • Opcode ID: dbeb60b32e978cf79a1b3fd588d1a15d7714e5579d4355bf6ba6b3b622ee58c8
                                                                                                                                                                                                                                                        • Instruction ID: edb1ad5d4be2871812c2b0ae70a8c6815f67a78a36f5871d2879d4ed43469bf0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dbeb60b32e978cf79a1b3fd588d1a15d7714e5579d4355bf6ba6b3b622ee58c8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC01E976384344BBE6205BB19C4AF6B7BADEF88B51F644454F605AB2D0CEB0B800C674
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BD9C70(void* __eax, signed char _a4, signed int* _a12, signed int* _a16) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				signed int _t115;
                                                                                                                                                                                                                                                        				signed int _t116;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t120;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				signed int* _t129;
                                                                                                                                                                                                                                                        				signed int _t130;
                                                                                                                                                                                                                                                        				signed int _t132;
                                                                                                                                                                                                                                                        				signed int _t133;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				signed char _t139;
                                                                                                                                                                                                                                                        				signed int* _t140;
                                                                                                                                                                                                                                                        				void* _t150;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t129 = _a12;
                                                                                                                                                                                                                                                        				_t112 = E00BCBDD0();
                                                                                                                                                                                                                                                        				_t139 = _a4;
                                                                                                                                                                                                                                                        				_t150 = _t112;
                                                                                                                                                                                                                                                        				_t129[1] = 0;
                                                                                                                                                                                                                                                        				 *_t129 = 0;
                                                                                                                                                                                                                                                        				_t129[3] = 0;
                                                                                                                                                                                                                                                        				_t129[2] = 0;
                                                                                                                                                                                                                                                        				_t115 = 4 + (0 | _t150 - 0x00000004 > 0x00000000) * 4;
                                                                                                                                                                                                                                                        				 *_a16 = _t115;
                                                                                                                                                                                                                                                        				if((_t139 & 0x00000001) != 0) {
                                                                                                                                                                                                                                                        					_t115 =  *_t129;
                                                                                                                                                                                                                                                        					_t138 = _t129[1];
                                                                                                                                                                                                                                                        					 *_t129 = _t115 | 0x00000001;
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000002) == 0) {
                                                                                                                                                                                                                                                        						_t115 = _t115 | 0x00000003;
                                                                                                                                                                                                                                                        						_t129[1] = _t138;
                                                                                                                                                                                                                                                        						 *_t129 = _t115;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if((_t139 & 0x00000004) != 0) {
                                                                                                                                                                                                                                                        					 *_t129 =  *_t129 | 0x00000004;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_t150 >= 5) {
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000008) != 0) {
                                                                                                                                                                                                                                                        						_t127 =  *_t129;
                                                                                                                                                                                                                                                        						_t137 = _t129[1];
                                                                                                                                                                                                                                                        						 *_t129 = _t127 | 0x00000100;
                                                                                                                                                                                                                                                        						if((_t139 & 0x00000010) != 0) {
                                                                                                                                                                                                                                                        							_t129[1] = _t137;
                                                                                                                                                                                                                                                        							 *_t129 = _t127 | 0x00000300;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000020) != 0) {
                                                                                                                                                                                                                                                        						_t129[0] = _t129[0] | 0x00000010;
                                                                                                                                                                                                                                                        						if((_t139 & 0x00000040) == 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							if(_t139 < 0) {
                                                                                                                                                                                                                                                        								L34:
                                                                                                                                                                                                                                                        								_t129[0] = _t129[0] | 0x00000010;
                                                                                                                                                                                                                                                        								if((_t139 & 0x00000100) == 0) {
                                                                                                                                                                                                                                                        									L14:
                                                                                                                                                                                                                                                        									if((_t139 & 0x00000800) != 0) {
                                                                                                                                                                                                                                                        										L36:
                                                                                                                                                                                                                                                        										_t129[0] = _t129[0] | 0x00000010;
                                                                                                                                                                                                                                                        										if((_t139 & 0x00001000) == 0) {
                                                                                                                                                                                                                                                        											L16:
                                                                                                                                                                                                                                                        											if(_t150 < 6) {
                                                                                                                                                                                                                                                        												L38:
                                                                                                                                                                                                                                                        												_t116 =  *0xbfb5d8; // 0x0
                                                                                                                                                                                                                                                        												_t130 =  *0xbfb5dc; // 0x0
                                                                                                                                                                                                                                                        												if((_t116 |  *0xbfb5d0 | _t130 |  *0xbfb5d4) == 0) {
                                                                                                                                                                                                                                                        													_t120 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "GetProcessMitigationPolicy");
                                                                                                                                                                                                                                                        													if(_t120 != 0) {
                                                                                                                                                                                                                                                        														_v20 = 8 + (0 | E00BCBDD0() - 0x00000009 > 0x00000000) * 8;
                                                                                                                                                                                                                                                        														_t125 = GetCurrentProcess();
                                                                                                                                                                                                                                                        														 *_t120(_t125, 5, 0xbfb5d0, _v20);
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t121 =  *0xbfb5d4; // 0x0
                                                                                                                                                                                                                                                        												_t132 =  *0xbfb5d0; // 0x0
                                                                                                                                                                                                                                                        												_t140 = _a16;
                                                                                                                                                                                                                                                        												 *_t129 =  *_t129 & _t132;
                                                                                                                                                                                                                                                        												_t129[1] = _t129[1] & _t121;
                                                                                                                                                                                                                                                        												_t122 =  *0xbfb5d8; // 0x0
                                                                                                                                                                                                                                                        												_t133 =  *0xbfb5dc; // 0x0
                                                                                                                                                                                                                                                        												_t134 = _t133 & _t129[3];
                                                                                                                                                                                                                                                        												_t115 = _t122 & _t129[2];
                                                                                                                                                                                                                                                        												_t129[2] = _t115;
                                                                                                                                                                                                                                                        												_t129[3] = _t134;
                                                                                                                                                                                                                                                        												if(_t150 >= 0xa) {
                                                                                                                                                                                                                                                        													_t115 = _t115 | _t134;
                                                                                                                                                                                                                                                        													if(_t115 != 0) {
                                                                                                                                                                                                                                                        														 *_t140 = 0x10;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L6;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L17:
                                                                                                                                                                                                                                                        											if((_t139 & 0x00002000) != 0) {
                                                                                                                                                                                                                                                        												_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        												if(_t139 >= 0) {
                                                                                                                                                                                                                                                        													L19:
                                                                                                                                                                                                                                                        													if((_t139 & 0x00010000) == 0) {
                                                                                                                                                                                                                                                        														L22:
                                                                                                                                                                                                                                                        														if(_t150 < 8) {
                                                                                                                                                                                                                                                        															goto L38;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														if((_t139 & 0x00020000) != 0) {
                                                                                                                                                                                                                                                        															_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        															if((_t139 & 0x00040000) == 0) {
                                                                                                                                                                                                                                                        																L25:
                                                                                                                                                                                                                                                        																if((_t139 & 0x00080000) != 0) {
                                                                                                                                                                                                                                                        																	L49:
                                                                                                                                                                                                                                                        																	_t129[1] = _t129[1] | 0x00000001;
                                                                                                                                                                                                                                                        																	if(_t150 >= 9) {
                                                                                                                                                                                                                                                        																		L27:
                                                                                                                                                                                                                                                        																		if((_t139 & 0x00004000) != 0) {
                                                                                                                                                                                                                                                        																			_t129[1] = _t129[1] | 0x00000030;
                                                                                                                                                                                                                                                        																			if((_t139 & 0x00100000) == 0) {
                                                                                                                                                                                                                                                        																				L29:
                                                                                                                                                                                                                                                        																				if((_t139 & 0x00200000) == 0) {
                                                                                                                                                                                                                                                        																					goto L38;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				L30:
                                                                                                                                                                                                                                                        																				if(_t150 >= 0xb) {
                                                                                                                                                                                                                                                        																					_t129[2] = _t129[2] | 0x00000001;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				goto L38;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			L52:
                                                                                                                                                                                                                                                        																			_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        																			if((_t139 & 0x00200000) != 0) {
                                                                                                                                                                                                                                                        																				goto L30;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			goto L38;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		if((_t139 & 0x00100000) != 0) {
                                                                                                                                                                                                                                                        																			goto L52;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		goto L29;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	goto L38;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																L26:
                                                                                                                                                                                                                                                        																if(_t150 < 9) {
                                                                                                                                                                                                                                                        																	goto L38;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																goto L27;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															L48:
                                                                                                                                                                                                                                                        															_t129[1] = _t129[1] | 0x00000010;
                                                                                                                                                                                                                                                        															if((_t139 & 0x00080000) == 0) {
                                                                                                                                                                                                                                                        																goto L26;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															goto L49;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														if((_t139 & 0x00040000) != 0) {
                                                                                                                                                                                                                                                        															goto L48;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														goto L25;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													L20:
                                                                                                                                                                                                                                                        													if(_t150 >= 7) {
                                                                                                                                                                                                                                                        														_t129[1] = _t129[1] | 0x00000001;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L22;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												L45:
                                                                                                                                                                                                                                                        												_t129[1] = _t129[1] | 0x00000002;
                                                                                                                                                                                                                                                        												if((_t139 & 0x00010000) != 0) {
                                                                                                                                                                                                                                                        													goto L20;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L22;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											if(_t139 < 0) {
                                                                                                                                                                                                                                                        												goto L45;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L19;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L37:
                                                                                                                                                                                                                                                        										_t129[1] = _t129[1] | 0x00000001;
                                                                                                                                                                                                                                                        										if(_t150 >= 6) {
                                                                                                                                                                                                                                                        											goto L17;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L38;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L15:
                                                                                                                                                                                                                                                        									if((_t139 & 0x00001000) != 0) {
                                                                                                                                                                                                                                                        										goto L37;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L35:
                                                                                                                                                                                                                                                        								_t129[0] = _t129[0] | 0x00000001;
                                                                                                                                                                                                                                                        								if((_t139 & 0x00000800) == 0) {
                                                                                                                                                                                                                                                        									goto L15;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L36;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							if((_t139 & 0x00000100) != 0) {
                                                                                                                                                                                                                                                        								goto L35;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L33:
                                                                                                                                                                                                                                                        						_t129[0] = _t129[0] | 0x00000001;
                                                                                                                                                                                                                                                        						if(_t139 >= 0) {
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L34;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if((_t139 & 0x00000040) != 0) {
                                                                                                                                                                                                                                                        						goto L33;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L6:
                                                                                                                                                                                                                                                        				return _t115;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bd9c7d
                                                                                                                                                                                                                                                        0x00bd9c80
                                                                                                                                                                                                                                                        0x00bd9c85
                                                                                                                                                                                                                                                        0x00bd9c87
                                                                                                                                                                                                                                                        0x00bd9c8b
                                                                                                                                                                                                                                                        0x00bd9c92
                                                                                                                                                                                                                                                        0x00bd9c98
                                                                                                                                                                                                                                                        0x00bd9c9f
                                                                                                                                                                                                                                                        0x00bd9caf
                                                                                                                                                                                                                                                        0x00bd9cb6
                                                                                                                                                                                                                                                        0x00bd9cb8
                                                                                                                                                                                                                                                        0x00bd9cba
                                                                                                                                                                                                                                                        0x00bd9cbe
                                                                                                                                                                                                                                                        0x00bd9cc6
                                                                                                                                                                                                                                                        0x00bd9ccd
                                                                                                                                                                                                                                                        0x00bd9ccf
                                                                                                                                                                                                                                                        0x00bd9cd2
                                                                                                                                                                                                                                                        0x00bd9cd5
                                                                                                                                                                                                                                                        0x00bd9cd5
                                                                                                                                                                                                                                                        0x00bd9ccd
                                                                                                                                                                                                                                                        0x00bd9cda
                                                                                                                                                                                                                                                        0x00bd9cdc
                                                                                                                                                                                                                                                        0x00bd9cdc
                                                                                                                                                                                                                                                        0x00bd9ce2
                                                                                                                                                                                                                                                        0x00bd9cef
                                                                                                                                                                                                                                                        0x00bd9cf1
                                                                                                                                                                                                                                                        0x00bd9cf5
                                                                                                                                                                                                                                                        0x00bd9d00
                                                                                                                                                                                                                                                        0x00bd9d07
                                                                                                                                                                                                                                                        0x00bd9d0e
                                                                                                                                                                                                                                                        0x00bd9d11
                                                                                                                                                                                                                                                        0x00bd9d11
                                                                                                                                                                                                                                                        0x00bd9d07
                                                                                                                                                                                                                                                        0x00bd9d16
                                                                                                                                                                                                                                                        0x00bd9de0
                                                                                                                                                                                                                                                        0x00bd9de7
                                                                                                                                                                                                                                                        0x00bd9d25
                                                                                                                                                                                                                                                        0x00bd9d27
                                                                                                                                                                                                                                                        0x00bd9df9
                                                                                                                                                                                                                                                        0x00bd9df9
                                                                                                                                                                                                                                                        0x00bd9e03
                                                                                                                                                                                                                                                        0x00bd9d39
                                                                                                                                                                                                                                                        0x00bd9d3f
                                                                                                                                                                                                                                                        0x00bd9e19
                                                                                                                                                                                                                                                        0x00bd9e19
                                                                                                                                                                                                                                                        0x00bd9e23
                                                                                                                                                                                                                                                        0x00bd9d51
                                                                                                                                                                                                                                                        0x00bd9d54
                                                                                                                                                                                                                                                        0x00bd9e36
                                                                                                                                                                                                                                                        0x00bd9e36
                                                                                                                                                                                                                                                        0x00bd9e3b
                                                                                                                                                                                                                                                        0x00bd9e4f
                                                                                                                                                                                                                                                        0x00bd9ea8
                                                                                                                                                                                                                                                        0x00bd9eb0
                                                                                                                                                                                                                                                        0x00bd9ec8
                                                                                                                                                                                                                                                        0x00bd9ecb
                                                                                                                                                                                                                                                        0x00bd9edc
                                                                                                                                                                                                                                                        0x00bd9edc
                                                                                                                                                                                                                                                        0x00bd9eb0
                                                                                                                                                                                                                                                        0x00bd9e51
                                                                                                                                                                                                                                                        0x00bd9e56
                                                                                                                                                                                                                                                        0x00bd9e5c
                                                                                                                                                                                                                                                        0x00bd9e5f
                                                                                                                                                                                                                                                        0x00bd9e61
                                                                                                                                                                                                                                                        0x00bd9e64
                                                                                                                                                                                                                                                        0x00bd9e69
                                                                                                                                                                                                                                                        0x00bd9e6f
                                                                                                                                                                                                                                                        0x00bd9e72
                                                                                                                                                                                                                                                        0x00bd9e78
                                                                                                                                                                                                                                                        0x00bd9e7b
                                                                                                                                                                                                                                                        0x00bd9e7e
                                                                                                                                                                                                                                                        0x00bd9e84
                                                                                                                                                                                                                                                        0x00bd9e86
                                                                                                                                                                                                                                                        0x00bd9e8c
                                                                                                                                                                                                                                                        0x00bd9e8c
                                                                                                                                                                                                                                                        0x00bd9e86
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9e7e
                                                                                                                                                                                                                                                        0x00bd9d5a
                                                                                                                                                                                                                                                        0x00bd9d60
                                                                                                                                                                                                                                                        0x00bd9ee3
                                                                                                                                                                                                                                                        0x00bd9ee9
                                                                                                                                                                                                                                                        0x00bd9d6e
                                                                                                                                                                                                                                                        0x00bd9d74
                                                                                                                                                                                                                                                        0x00bd9d7f
                                                                                                                                                                                                                                                        0x00bd9d82
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d8e
                                                                                                                                                                                                                                                        0x00bd9f04
                                                                                                                                                                                                                                                        0x00bd9f0e
                                                                                                                                                                                                                                                        0x00bd9da0
                                                                                                                                                                                                                                                        0x00bd9da6
                                                                                                                                                                                                                                                        0x00bd9f24
                                                                                                                                                                                                                                                        0x00bd9f24
                                                                                                                                                                                                                                                        0x00bd9f2b
                                                                                                                                                                                                                                                        0x00bd9db5
                                                                                                                                                                                                                                                        0x00bd9dbb
                                                                                                                                                                                                                                                        0x00bd9f36
                                                                                                                                                                                                                                                        0x00bd9f40
                                                                                                                                                                                                                                                        0x00bd9dcd
                                                                                                                                                                                                                                                        0x00bd9dd3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9dd5
                                                                                                                                                                                                                                                        0x00bd9dd8
                                                                                                                                                                                                                                                        0x00bd9dda
                                                                                                                                                                                                                                                        0x00bd9dda
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9dd8
                                                                                                                                                                                                                                                        0x00bd9f46
                                                                                                                                                                                                                                                        0x00bd9f46
                                                                                                                                                                                                                                                        0x00bd9f50
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9f56
                                                                                                                                                                                                                                                        0x00bd9dc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9dc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9f31
                                                                                                                                                                                                                                                        0x00bd9dac
                                                                                                                                                                                                                                                        0x00bd9daf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9daf
                                                                                                                                                                                                                                                        0x00bd9f14
                                                                                                                                                                                                                                                        0x00bd9f14
                                                                                                                                                                                                                                                        0x00bd9f1e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9f1e
                                                                                                                                                                                                                                                        0x00bd9d9a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d9a
                                                                                                                                                                                                                                                        0x00bd9d76
                                                                                                                                                                                                                                                        0x00bd9d79
                                                                                                                                                                                                                                                        0x00bd9d7b
                                                                                                                                                                                                                                                        0x00bd9d7b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d79
                                                                                                                                                                                                                                                        0x00bd9eef
                                                                                                                                                                                                                                                        0x00bd9eef
                                                                                                                                                                                                                                                        0x00bd9ef9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9eff
                                                                                                                                                                                                                                                        0x00bd9d68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d68
                                                                                                                                                                                                                                                        0x00bd9e29
                                                                                                                                                                                                                                                        0x00bd9e29
                                                                                                                                                                                                                                                        0x00bd9e30
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9e30
                                                                                                                                                                                                                                                        0x00bd9d45
                                                                                                                                                                                                                                                        0x00bd9d4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d4b
                                                                                                                                                                                                                                                        0x00bd9e09
                                                                                                                                                                                                                                                        0x00bd9e09
                                                                                                                                                                                                                                                        0x00bd9e13
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9e13
                                                                                                                                                                                                                                                        0x00bd9d2d
                                                                                                                                                                                                                                                        0x00bd9d33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d33
                                                                                                                                                                                                                                                        0x00bd9ded
                                                                                                                                                                                                                                                        0x00bd9ded
                                                                                                                                                                                                                                                        0x00bd9df3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9df3
                                                                                                                                                                                                                                                        0x00bd9d1f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9d1f
                                                                                                                                                                                                                                                        0x00bd9ce4
                                                                                                                                                                                                                                                        0x00bd9ceb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll,00000000,?,?,?,?,00BCDA5E,00000000,?,?,?), ref: 00BD9E9C
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetProcessMitigationPolicy), ref: 00BD9EA8
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,00BCDA5E,00000000,?,?,?), ref: 00BD9ECB
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcProcess
                                                                                                                                                                                                                                                        • String ID: GetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 4190356694-1680159014
                                                                                                                                                                                                                                                        • Opcode ID: 2ba6521781eb9561b0e3ac10c6d9d291d64437f83e4791e0887d7fcae968db3e
                                                                                                                                                                                                                                                        • Instruction ID: 53c7b8bcaec4f16057d781c543d2ba7ce69f436e32d9f02f07731ccfb1e5b734
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2ba6521781eb9561b0e3ac10c6d9d291d64437f83e4791e0887d7fcae968db3e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 646170749042448AEB25CF19C5C57A2FBE2EB55354F08C0EACC898F39AF7B8D888D751
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE3A00(void* __eflags, void* _a4, wchar_t* _a8, long* _a12) {
                                                                                                                                                                                                                                                        				long _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed short* _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				void* _t83;
                                                                                                                                                                                                                                                        				void* _t85;
                                                                                                                                                                                                                                                        				signed short* _t90;
                                                                                                                                                                                                                                                        				int _t93;
                                                                                                                                                                                                                                                        				signed short* _t95;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				signed short* _t104;
                                                                                                                                                                                                                                                        				long* _t111;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed short* _t130;
                                                                                                                                                                                                                                                        				intOrPtr _t131;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v40 = _t131;
                                                                                                                                                                                                                                                        				_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        				_v24 = 0xbf974c;
                                                                                                                                                                                                                                                        				_v28 = 0xbef860;
                                                                                                                                                                                                                                                        				_t130 = 0xc0000017;
                                                                                                                                                                                                                                                        				_v32 =  *[fs:0x0];
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &_v32;
                                                                                                                                                                                                                                                        				if(E00BE3850( &_v32) != 0) {
                                                                                                                                                                                                                                                        					if(_t104 == 0) {
                                                                                                                                                                                                                                                        						_v20 = 1;
                                                                                                                                                                                                                                                        						_v44 = E00BD1C40( &_v48);
                                                                                                                                                                                                                                                        						_t83 = E00BE3D00(E00BE3CC0(_a12, E00BE3CE0(( *_v44 & 0x0000ffff) + 0x00000004 + wcslen(_a8) * 0x00000002 & 0xfffffffe, 0)), _a12);
                                                                                                                                                                                                                                                        						_t104 = 0;
                                                                                                                                                                                                                                                        						if(_t83 != 0) {
                                                                                                                                                                                                                                                        							_v44 = E00BD1C40(_a12);
                                                                                                                                                                                                                                                        							_v52 = E00BD1C40( &_v48);
                                                                                                                                                                                                                                                        							_t90 = E00BE3980(_v44, (E00BD1C40( &_v48))[2],  *_v52 & 0x0000ffff);
                                                                                                                                                                                                                                                        							_t104 = _t90;
                                                                                                                                                                                                                                                        							if(_t90 >= 0) {
                                                                                                                                                                                                                                                        								_t120 =  *(E00BD1C40( &_v48)) & 0xfffe;
                                                                                                                                                                                                                                                        								_v52 = _t120;
                                                                                                                                                                                                                                                        								 *((short*)(_v44 + _t120)) = 0x5c;
                                                                                                                                                                                                                                                        								_t93 = wcslen(_a8);
                                                                                                                                                                                                                                                        								_v52 = _v44 + _v52 + 2;
                                                                                                                                                                                                                                                        								_t95 = E00BE3980(_v44 + _v52 + 2, _a8, _t93 + _t93);
                                                                                                                                                                                                                                                        								_t104 = _t95;
                                                                                                                                                                                                                                                        								if(_t95 >= 0) {
                                                                                                                                                                                                                                                        									_v44 = _t104;
                                                                                                                                                                                                                                                        									_t96 = wcslen(_a8);
                                                                                                                                                                                                                                                        									_t104 = _v44;
                                                                                                                                                                                                                                                        									 *((short*)(_v52 + _t96 * 2)) = 0;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_v44 = _t104;
                                                                                                                                                                                                                                                        					_v20 = 0;
                                                                                                                                                                                                                                                        					E00BE3D10( &_v48);
                                                                                                                                                                                                                                                        					_t130 = _v44;
                                                                                                                                                                                                                                                        					_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        					_t111 = _a12;
                                                                                                                                                                                                                                                        					if(_t130 < 0) {
                                                                                                                                                                                                                                                        						_t85 =  *_t111;
                                                                                                                                                                                                                                                        						if(_t85 != 0) {
                                                                                                                                                                                                                                                        							 *_t111 = 0;
                                                                                                                                                                                                                                                        							_v20 = 0xffffffff;
                                                                                                                                                                                                                                                        							_t112 =  *0xbfb67c; // 0x69d0000
                                                                                                                                                                                                                                                        							RtlFreeHeap(_t112, 0, _t85);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *[fs:0x0] = _v32;
                                                                                                                                                                                                                                                        				return _t130;
                                                                                                                                                                                                                                                        			}
























                                                                                                                                                                                                                                                        0x00be3a09
                                                                                                                                                                                                                                                        0x00be3a0c
                                                                                                                                                                                                                                                        0x00be3a13
                                                                                                                                                                                                                                                        0x00be3a1a
                                                                                                                                                                                                                                                        0x00be3a24
                                                                                                                                                                                                                                                        0x00be3a30
                                                                                                                                                                                                                                                        0x00be3a33
                                                                                                                                                                                                                                                        0x00be3a40
                                                                                                                                                                                                                                                        0x00be3ad9
                                                                                                                                                                                                                                                        0x00be3b5d
                                                                                                                                                                                                                                                        0x00be3b69
                                                                                                                                                                                                                                                        0x00be3ba0
                                                                                                                                                                                                                                                        0x00be3ba5
                                                                                                                                                                                                                                                        0x00be3ba9
                                                                                                                                                                                                                                                        0x00be3bb7
                                                                                                                                                                                                                                                        0x00be3bc2
                                                                                                                                                                                                                                                        0x00be3bda
                                                                                                                                                                                                                                                        0x00be3be2
                                                                                                                                                                                                                                                        0x00be3be6
                                                                                                                                                                                                                                                        0x00be3bfa
                                                                                                                                                                                                                                                        0x00be3bfd
                                                                                                                                                                                                                                                        0x00be3c00
                                                                                                                                                                                                                                                        0x00be3c09
                                                                                                                                                                                                                                                        0x00be3c22
                                                                                                                                                                                                                                                        0x00be3c26
                                                                                                                                                                                                                                                        0x00be3c2e
                                                                                                                                                                                                                                                        0x00be3c32
                                                                                                                                                                                                                                                        0x00be3c3b
                                                                                                                                                                                                                                                        0x00be3c3e
                                                                                                                                                                                                                                                        0x00be3c44
                                                                                                                                                                                                                                                        0x00be3c4d
                                                                                                                                                                                                                                                        0x00be3c4d
                                                                                                                                                                                                                                                        0x00be3c32
                                                                                                                                                                                                                                                        0x00be3be6
                                                                                                                                                                                                                                                        0x00be3ba9
                                                                                                                                                                                                                                                        0x00be3adb
                                                                                                                                                                                                                                                        0x00be3ae1
                                                                                                                                                                                                                                                        0x00be3ae8
                                                                                                                                                                                                                                                        0x00be3aed
                                                                                                                                                                                                                                                        0x00be3af0
                                                                                                                                                                                                                                                        0x00be3af7
                                                                                                                                                                                                                                                        0x00be3afc
                                                                                                                                                                                                                                                        0x00be3b35
                                                                                                                                                                                                                                                        0x00be3b39
                                                                                                                                                                                                                                                        0x00be3b3b
                                                                                                                                                                                                                                                        0x00be3b41
                                                                                                                                                                                                                                                        0x00be3b48
                                                                                                                                                                                                                                                        0x00be3b52
                                                                                                                                                                                                                                                        0x00be3b52
                                                                                                                                                                                                                                                        0x00be3b39
                                                                                                                                                                                                                                                        0x00be3afc
                                                                                                                                                                                                                                                        0x00be3b01
                                                                                                                                                                                                                                                        0x00be3b10

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL(069D0000,00000000,00000000), ref: 00BE3B52
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BE3B6F
                                                                                                                                                                                                                                                          • Part of subcall function 00BE3980: memcpy.NTDLL(00000000,00000000,FFFFFFFF), ref: 00BE39CF
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BE3C09
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BE3C3E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcslen$FreeHeapmemcpy
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 3314163836-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: 6d2c3a7ac5f21fcbcd06a698dc74167b83969f098f885b239ca8c8d4ac730839
                                                                                                                                                                                                                                                        • Instruction ID: fbc1e959ce8ae82847bdb794cc8080cd79295ee86402bec0d0d8e41edfeb94e8
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d2c3a7ac5f21fcbcd06a698dc74167b83969f098f885b239ca8c8d4ac730839
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B8618C70900249ABCB14DFA5DC59BEEBBF1FF04714F144269E8226B391EB719A14CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BDBAD0(char* __edx, intOrPtr _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				int _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				int _v32;
                                                                                                                                                                                                                                                        				int _v36;
                                                                                                                                                                                                                                                        				int _v40;
                                                                                                                                                                                                                                                        				int _v44;
                                                                                                                                                                                                                                                        				int _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				int _v56;
                                                                                                                                                                                                                                                        				int _v60;
                                                                                                                                                                                                                                                        				int _v64;
                                                                                                                                                                                                                                                        				int _v68;
                                                                                                                                                                                                                                                        				int _v72;
                                                                                                                                                                                                                                                        				int _v76;
                                                                                                                                                                                                                                                        				int _v80;
                                                                                                                                                                                                                                                        				short _v84;
                                                                                                                                                                                                                                                        				int _v88;
                                                                                                                                                                                                                                                        				int _v92;
                                                                                                                                                                                                                                                        				int _v96;
                                                                                                                                                                                                                                                        				int _v100;
                                                                                                                                                                                                                                                        				int _v104;
                                                                                                                                                                                                                                                        				int _v108;
                                                                                                                                                                                                                                                        				int _v112;
                                                                                                                                                                                                                                                        				int _v116;
                                                                                                                                                                                                                                                        				int _v120;
                                                                                                                                                                                                                                                        				char _v124;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        				intOrPtr _t38;
                                                                                                                                                                                                                                                        				intOrPtr* _t43;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				signed int _t46;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t42 = __edx;
                                                                                                                                                                                                                                                        				_t33 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t43 = _a12;
                                                                                                                                                                                                                                                        				_t45 = 0;
                                                                                                                                                                                                                                                        				_t34 = _t33 ^ _t46;
                                                                                                                                                                                                                                                        				_v20 = _t33 ^ _t46;
                                                                                                                                                                                                                                                        				if(_t43 != 0) {
                                                                                                                                                                                                                                                        					_t38 =  *_t43;
                                                                                                                                                                                                                                                        					if(_t38 == 0x48 || _t38 == 0x28) {
                                                                                                                                                                                                                                                        						_t42 =  &_v124;
                                                                                                                                                                                                                                                        						_v116 = 0;
                                                                                                                                                                                                                                                        						_v120 = 0;
                                                                                                                                                                                                                                                        						_v108 = 0;
                                                                                                                                                                                                                                                        						_v112 = 0;
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_v104 = 0;
                                                                                                                                                                                                                                                        						_v92 = 0;
                                                                                                                                                                                                                                                        						_v96 = 0;
                                                                                                                                                                                                                                                        						_v84 = 0;
                                                                                                                                                                                                                                                        						_v88 = 0;
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						_v80 = 0;
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_v72 = 0;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v64 = 0;
                                                                                                                                                                                                                                                        						_v52 = 0;
                                                                                                                                                                                                                                                        						_v56 = 0;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v28 = 0;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v24 = 0;
                                                                                                                                                                                                                                                        						_v124 = 0x68;
                                                                                                                                                                                                                                                        						_t34 = E00BDBC40(_a8,  &_v124, __eflags);
                                                                                                                                                                                                                                                        						_t45 = 0;
                                                                                                                                                                                                                                                        						__eflags = _t34;
                                                                                                                                                                                                                                                        						if(_t34 != 0) {
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x58]");
                                                                                                                                                                                                                                                        							__eflags = _t38 - 0x48;
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x20], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x60]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x18], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x68]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x10], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x78]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x70]");
                                                                                                                                                                                                                                                        							asm("movsd [edi+0x8], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        							if(_t38 != 0x48) {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t45 = 1;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t34 = WideCharToMultiByte(0, 0,  &_v84, 0xffffffff, _t43 + 0x28, 0x20, 0, 0);
                                                                                                                                                                                                                                                        								__eflags = _t34;
                                                                                                                                                                                                                                                        								if(_t34 != 0) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t34, _v20 ^ _t46, _t42);
                                                                                                                                                                                                                                                        				return _t45;
                                                                                                                                                                                                                                                        			}



































                                                                                                                                                                                                                                                        0x00bdbad0
                                                                                                                                                                                                                                                        0x00bdbad9
                                                                                                                                                                                                                                                        0x00bdbade
                                                                                                                                                                                                                                                        0x00bdbae1
                                                                                                                                                                                                                                                        0x00bdbae3
                                                                                                                                                                                                                                                        0x00bdbae7
                                                                                                                                                                                                                                                        0x00bdbaea
                                                                                                                                                                                                                                                        0x00bdbaec
                                                                                                                                                                                                                                                        0x00bdbaf1
                                                                                                                                                                                                                                                        0x00bdbb11
                                                                                                                                                                                                                                                        0x00bdbb14
                                                                                                                                                                                                                                                        0x00bdbb1b
                                                                                                                                                                                                                                                        0x00bdbb22
                                                                                                                                                                                                                                                        0x00bdbb29
                                                                                                                                                                                                                                                        0x00bdbb30
                                                                                                                                                                                                                                                        0x00bdbb37
                                                                                                                                                                                                                                                        0x00bdbb3e
                                                                                                                                                                                                                                                        0x00bdbb45
                                                                                                                                                                                                                                                        0x00bdbb4c
                                                                                                                                                                                                                                                        0x00bdbb53
                                                                                                                                                                                                                                                        0x00bdbb5a
                                                                                                                                                                                                                                                        0x00bdbb61
                                                                                                                                                                                                                                                        0x00bdbb68
                                                                                                                                                                                                                                                        0x00bdbb6f
                                                                                                                                                                                                                                                        0x00bdbb76
                                                                                                                                                                                                                                                        0x00bdbb7d
                                                                                                                                                                                                                                                        0x00bdbb84
                                                                                                                                                                                                                                                        0x00bdbb8b
                                                                                                                                                                                                                                                        0x00bdbb92
                                                                                                                                                                                                                                                        0x00bdbb99
                                                                                                                                                                                                                                                        0x00bdbba0
                                                                                                                                                                                                                                                        0x00bdbba7
                                                                                                                                                                                                                                                        0x00bdbbae
                                                                                                                                                                                                                                                        0x00bdbbb5
                                                                                                                                                                                                                                                        0x00bdbbbc
                                                                                                                                                                                                                                                        0x00bdbbc3
                                                                                                                                                                                                                                                        0x00bdbbca
                                                                                                                                                                                                                                                        0x00bdbbcf
                                                                                                                                                                                                                                                        0x00bdbbd1
                                                                                                                                                                                                                                                        0x00bdbbd3
                                                                                                                                                                                                                                                        0x00bdbbd9
                                                                                                                                                                                                                                                        0x00bdbbde
                                                                                                                                                                                                                                                        0x00bdbbe1
                                                                                                                                                                                                                                                        0x00bdbbe6
                                                                                                                                                                                                                                                        0x00bdbbeb
                                                                                                                                                                                                                                                        0x00bdbbf0
                                                                                                                                                                                                                                                        0x00bdbbf5
                                                                                                                                                                                                                                                        0x00bdbbfa
                                                                                                                                                                                                                                                        0x00bdbbff
                                                                                                                                                                                                                                                        0x00bdbc04
                                                                                                                                                                                                                                                        0x00bdbc09
                                                                                                                                                                                                                                                        0x00bdbc0d
                                                                                                                                                                                                                                                        0x00bdbc31
                                                                                                                                                                                                                                                        0x00bdbc31
                                                                                                                                                                                                                                                        0x00bdbc0f
                                                                                                                                                                                                                                                        0x00bdbc23
                                                                                                                                                                                                                                                        0x00bdbc29
                                                                                                                                                                                                                                                        0x00bdbc2b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdbc2b
                                                                                                                                                                                                                                                        0x00bdbc0d
                                                                                                                                                                                                                                                        0x00bdbbd3
                                                                                                                                                                                                                                                        0x00bdbaf1
                                                                                                                                                                                                                                                        0x00bdbafd
                                                                                                                                                                                                                                                        0x00bdbb0b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,?,00000020,00000000,00000000), ref: 00BDBC23
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide
                                                                                                                                                                                                                                                        • String ID: ($H$H$h
                                                                                                                                                                                                                                                        • API String ID: 626452242-1993871600
                                                                                                                                                                                                                                                        • Opcode ID: 569a58c332b4b36cfcf61be268b26ff264c41ef73bd986f985b1954b69291dd8
                                                                                                                                                                                                                                                        • Instruction ID: 5615bbb4462cee746b72093cd7b8c8dfda323263b9a05ae064ebac774272f29e
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 569a58c332b4b36cfcf61be268b26ff264c41ef73bd986f985b1954b69291dd8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5641C7B1D01719DAEB10CF95C89979EFBB5FF45748F214209D4143F280DBBA5549CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                                                                                                                        			E00BE5220(void* __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				void* _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				void* _t15;
                                                                                                                                                                                                                                                        				void** _t33;
                                                                                                                                                                                                                                                        				signed int _t39;
                                                                                                                                                                                                                                                        				void* _t45;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        				void** _t50;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t50 = (_t48 & 0xfffffff8) - 0xc8;
                                                                                                                                                                                                                                                        				_t15 = _a4;
                                                                                                                                                                                                                                                        				_t39 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t45 = __ecx;
                                                                                                                                                                                                                                                        				_v16 = _t39 ^ _t47;
                                                                                                                                                                                                                                                        				if(_t15 == 0) {
                                                                                                                                                                                                                                                        					_push("handle");
                                                                                                                                                                                                                                                        					E00BC1FF0(_t50, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x17f);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        					_t15 = _a4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v212 = 0xffffffff;
                                                                                                                                                                                                                                                        				if(_t15 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t41 = _t50;
                                                                                                                                                                                                                                                        					E00BC2030(_t50, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x180, E00BE5BD0( &_a4, _t50, __eflags));
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        					_t15 = _a4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(SetHandleInformation(_t15, 1, 1) == 0) {
                                                                                                                                                                                                                                                        					E00BC2150(_t50, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc", 0x185, 3, GetLastError());
                                                                                                                                                                                                                                                        					E00BBC940(__eflags,  &_v212, "Check failed: result. ");
                                                                                                                                                                                                                                                        					E00BC21A0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t33 =  *(_t45 + 0x9c);
                                                                                                                                                                                                                                                        				_t23 =  *((intOrPtr*)(_t45 + 0xa0));
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t45 + 0xa0)) == _t33) {
                                                                                                                                                                                                                                                        					_t41 =  &_a4;
                                                                                                                                                                                                                                                        					_t24 = E00BCF210(_t45 + 0x98, _t23,  &_a4);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t24 = _a4;
                                                                                                                                                                                                                                                        					 *_t33 = _a4;
                                                                                                                                                                                                                                                        					 *(_t45 + 0x9c) =  &(( *(_t45 + 0x9c))[1]);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_t24, _v16 ^ _t47, _t41);
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00be5228
                                                                                                                                                                                                                                                        0x00be522e
                                                                                                                                                                                                                                                        0x00be5231
                                                                                                                                                                                                                                                        0x00be5237
                                                                                                                                                                                                                                                        0x00be523d
                                                                                                                                                                                                                                                        0x00be5244
                                                                                                                                                                                                                                                        0x00be524a
                                                                                                                                                                                                                                                        0x00be5259
                                                                                                                                                                                                                                                        0x00be5260
                                                                                                                                                                                                                                                        0x00be5265
                                                                                                                                                                                                                                                        0x00be5265
                                                                                                                                                                                                                                                        0x00be526b
                                                                                                                                                                                                                                                        0x00be5272
                                                                                                                                                                                                                                                        0x00be52bd
                                                                                                                                                                                                                                                        0x00be52d3
                                                                                                                                                                                                                                                        0x00be52da
                                                                                                                                                                                                                                                        0x00be52df
                                                                                                                                                                                                                                                        0x00be52df
                                                                                                                                                                                                                                                        0x00be5281
                                                                                                                                                                                                                                                        0x00be52fa
                                                                                                                                                                                                                                                        0x00be5309
                                                                                                                                                                                                                                                        0x00be5313
                                                                                                                                                                                                                                                        0x00be5313
                                                                                                                                                                                                                                                        0x00be5283
                                                                                                                                                                                                                                                        0x00be5289
                                                                                                                                                                                                                                                        0x00be5291
                                                                                                                                                                                                                                                        0x00be5323
                                                                                                                                                                                                                                                        0x00be532a
                                                                                                                                                                                                                                                        0x00be5297
                                                                                                                                                                                                                                                        0x00be5297
                                                                                                                                                                                                                                                        0x00be529a
                                                                                                                                                                                                                                                        0x00be529c
                                                                                                                                                                                                                                                        0x00be529c
                                                                                                                                                                                                                                                        0x00be52b7

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SetHandleInformation.KERNEL32(?,00000001,00000001,/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc,00000180,00000000), ref: 00BE5279
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,00000002,00000001), ref: 00BE5C28
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z.MSVCP140(?,?,?,?,?,00000002,00000001), ref: 00BE5C40
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??2@YAPAXI@Z.MOZGLUE(00000018,?,?,?,?,?,?,00000002,00000001), ref: 00BE5C52
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140 ref: 00BE5C9A
                                                                                                                                                                                                                                                          • Part of subcall function 00BE5BD0: ??1ios_base@std@@UAE@XZ.MSVCP140 ref: 00BE5CA2
                                                                                                                                                                                                                                                          • Part of subcall function 00BC2030: ??3@YAXPAX@Z.MOZGLUE(?), ref: 00BC2077
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE52E4
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                          • Part of subcall function 00BBC940: ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                          • Part of subcall function 00BCF210: memmove.NTDLL(00000000,?,?,?,?,?,00BE4972,?,00BCCFC5), ref: 00BCF277
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$??1?$basic_streambuf@??6?$basic_ostream@?sputc@?$basic_streambuf@V01@$??1ios_base@std@@??2@??3@ErrorHandleInformationLastmemmovestrlen
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc$Check failed: result. $handle
                                                                                                                                                                                                                                                        • API String ID: 3438728347-1146809918
                                                                                                                                                                                                                                                        • Opcode ID: 87bc8899a1164109d01bbef198080b9936b9fbbd49534e271883bc258dcd0b49
                                                                                                                                                                                                                                                        • Instruction ID: a3daa634f72ebe12e979bd656ce353466da627a67719bb7d168bb02216e4c241
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 87bc8899a1164109d01bbef198080b9936b9fbbd49534e271883bc258dcd0b49
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DF21E230B40744ABDA24EB65C852FBE37E6EB80720F04459DBA999B2C1DF709905C792
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BD9BE0(signed int _a4, signed int _a8) {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				void* _t11;
                                                                                                                                                                                                                                                        				char _t12;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t21 = _a4;
                                                                                                                                                                                                                                                        				_t13 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t7 = _a8;
                                                                                                                                                                                                                                                        				_v16 = _t13 ^ _t23;
                                                                                                                                                                                                                                                        				_t20 = _t21 & 0xffff7fff | _a8;
                                                                                                                                                                                                                                                        				if((_t21 & 0xffff7fff | _a8) == 0) {
                                                                                                                                                                                                                                                        					_t7 = E00BCBDD0();
                                                                                                                                                                                                                                                        					_t12 = 1;
                                                                                                                                                                                                                                                        					if(_t7 >= 9 && _t21 < 0) {
                                                                                                                                                                                                                                                        						_v20 = 1;
                                                                                                                                                                                                                                                        						_t7 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "SetThreadInformation");
                                                                                                                                                                                                                                                        						if(_t7 == 0) {
                                                                                                                                                                                                                                                        							goto L1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t11 = GetCurrentThread();
                                                                                                                                                                                                                                                        							_push(4);
                                                                                                                                                                                                                                                        							_push( &_v20);
                                                                                                                                                                                                                                                        							_push(2);
                                                                                                                                                                                                                                                        							_push(_t11);
                                                                                                                                                                                                                                                        							if(_t7 == 0) {
                                                                                                                                                                                                                                                        								goto L1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t12 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t7, _v16 ^ _t23, _t20);
                                                                                                                                                                                                                                                        				return _t12;
                                                                                                                                                                                                                                                        			}










                                                                                                                                                                                                                                                        0x00bd9be8
                                                                                                                                                                                                                                                        0x00bd9beb
                                                                                                                                                                                                                                                        0x00bd9bf1
                                                                                                                                                                                                                                                        0x00bd9bfe
                                                                                                                                                                                                                                                        0x00bd9c01
                                                                                                                                                                                                                                                        0x00bd9c03
                                                                                                                                                                                                                                                        0x00bd9c1a
                                                                                                                                                                                                                                                        0x00bd9c1f
                                                                                                                                                                                                                                                        0x00bd9c24
                                                                                                                                                                                                                                                        0x00bd9c2b
                                                                                                                                                                                                                                                        0x00bd9c43
                                                                                                                                                                                                                                                        0x00bd9c4b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9c4d
                                                                                                                                                                                                                                                        0x00bd9c4f
                                                                                                                                                                                                                                                        0x00bd9c58
                                                                                                                                                                                                                                                        0x00bd9c5a
                                                                                                                                                                                                                                                        0x00bd9c5b
                                                                                                                                                                                                                                                        0x00bd9c5d
                                                                                                                                                                                                                                                        0x00bd9c62
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9c64
                                                                                                                                                                                                                                                        0x00bd9c62
                                                                                                                                                                                                                                                        0x00bd9c4b
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c05
                                                                                                                                                                                                                                                        0x00bd9c0c
                                                                                                                                                                                                                                                        0x00bd9c19

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00BD9C37
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetThreadInformation), ref: 00BD9C43
                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 00BD9C4F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcThread
                                                                                                                                                                                                                                                        • String ID: SetThreadInformation$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 2247210959-3009701951
                                                                                                                                                                                                                                                        • Opcode ID: 70a8db480ed869bce83e76d740390a38999cd3917952bce6fe495b788ea1e536
                                                                                                                                                                                                                                                        • Instruction ID: 894d6b15ac17b1d5ebf68d33a9173de912540df5ed6f28431cc4d342f42032ee
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 70a8db480ed869bce83e76d740390a38999cd3917952bce6fe495b788ea1e536
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F3018471B50209ABDF145FB1DC49ABBB7E8EF00354F0484AAE91A97380EE70980487A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BD9B70() {
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				char _v18;
                                                                                                                                                                                                                                                        				signed short _v20;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				signed int _t17;
                                                                                                                                                                                                                                                        				signed int _t18;
                                                                                                                                                                                                                                                        				signed char _t19;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				signed int _t29;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v16 = _t10 ^ _t27;
                                                                                                                                                                                                                                                        				_t13 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "IsWow64Process2");
                                                                                                                                                                                                                                                        				if(_t13 == 0) {
                                                                                                                                                                                                                                                        					_t19 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t16 = GetCurrentProcess();
                                                                                                                                                                                                                                                        					_t25 =  &_v18;
                                                                                                                                                                                                                                                        					_t17 =  *_t13(_t16,  &_v18,  &_v20);
                                                                                                                                                                                                                                                        					_t29 = _t17;
                                                                                                                                                                                                                                                        					_t13 = _t17 & 0xffffff00 | _t29 != 0x00000000;
                                                                                                                                                                                                                                                        					_t19 = (_t18 & 0xffffff00 | (_v20 & 0x0000ffff) == 0x0000aa64) & (_t17 & 0xffffff00 | _t29 != 0x00000000);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t13, _v16 ^ _t27, _t25);
                                                                                                                                                                                                                                                        				return _t19;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bd9b78
                                                                                                                                                                                                                                                        0x00bd9b7f
                                                                                                                                                                                                                                                        0x00bd9b93
                                                                                                                                                                                                                                                        0x00bd9b9b
                                                                                                                                                                                                                                                        0x00bd9bd7
                                                                                                                                                                                                                                                        0x00bd9b9d
                                                                                                                                                                                                                                                        0x00bd9b9f
                                                                                                                                                                                                                                                        0x00bd9ba8
                                                                                                                                                                                                                                                        0x00bd9bae
                                                                                                                                                                                                                                                        0x00bd9bb4
                                                                                                                                                                                                                                                        0x00bd9bb6
                                                                                                                                                                                                                                                        0x00bd9bc2
                                                                                                                                                                                                                                                        0x00bd9bc2
                                                                                                                                                                                                                                                        0x00bd9bc9
                                                                                                                                                                                                                                                        0x00bd9bd6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00BD9B87
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,IsWow64Process2), ref: 00BD9B93
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD9B9F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentHandleModuleProcProcess
                                                                                                                                                                                                                                                        • String ID: IsWow64Process2$kernel32.dll
                                                                                                                                                                                                                                                        • API String ID: 4190356694-2577318745
                                                                                                                                                                                                                                                        • Opcode ID: 5a2ebcd3476df2796dc29f28eff43b4eb9ed9de5eba7e67cd6a184508376032a
                                                                                                                                                                                                                                                        • Instruction ID: 2a471956d0a92dfea9ff690e4d29dcdf3b648b4e85c55cc68871ef648ec82559
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a2ebcd3476df2796dc29f28eff43b4eb9ed9de5eba7e67cd6a184508376032a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20F09C71B4021DAF9B005FB19C899BE77ECEF047057454469F50697190ED789908C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BB9890() {
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t1;
                                                                                                                                                                                                                                                        				int _t2;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 = LoadLibraryW(L"kernelbase.dll");
                                                                                                                                                                                                                                                        				 *0xbfa78c = _t1;
                                                                                                                                                                                                                                                        				 *0xbfa790 = 0;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t1 = GetProcAddress(_t1, "MapViewOfFile3");
                                                                                                                                                                                                                                                        					 *0xbfa790 = _t1;
                                                                                                                                                                                                                                                        					if(_t1 == 0) {
                                                                                                                                                                                                                                                        						_t2 = FreeLibrary( *0xbfa78c);
                                                                                                                                                                                                                                                        						 *0xbfa78c = 0;
                                                                                                                                                                                                                                                        						return _t2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bb9898
                                                                                                                                                                                                                                                        0x00bb98a0
                                                                                                                                                                                                                                                        0x00bb98a5
                                                                                                                                                                                                                                                        0x00bb98af
                                                                                                                                                                                                                                                        0x00bb98c7
                                                                                                                                                                                                                                                        0x00bb98c7
                                                                                                                                                                                                                                                        0x00bb98b1
                                                                                                                                                                                                                                                        0x00bb98b7
                                                                                                                                                                                                                                                        0x00bb98bf
                                                                                                                                                                                                                                                        0x00bb98c4
                                                                                                                                                                                                                                                        0x00bb98ce
                                                                                                                                                                                                                                                        0x00bb98d4
                                                                                                                                                                                                                                                        0x00bb98df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb98c4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernelbase.dll,?,00BB9788,?,?,?,?,?,?,?,?,?,?,?,?,00BB95D1), ref: 00BB9898
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,MapViewOfFile3), ref: 00BB98B7
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,00BB9788,?,?,?,?,?,?,?,?,?,?,?,?,00BB95D1,?), ref: 00BB98CE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                        • String ID: MapViewOfFile3$kernelbase.dll
                                                                                                                                                                                                                                                        • API String ID: 145871493-966841072
                                                                                                                                                                                                                                                        • Opcode ID: bc86c9762c308399154c17c6a39f386a12f2a200c694a942e2e639bb21419781
                                                                                                                                                                                                                                                        • Instruction ID: 5c60332457800dcc698a4456e83f842dc8ae5c09407a9206b0ba234eaf0c1e6d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bc86c9762c308399154c17c6a39f386a12f2a200c694a942e2e639bb21419781
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 30E075B05843049FD7156F66BC09B727BF8E705755F1040A5A50DC32A0DFB59854DB11
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BED090() {
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t1;
                                                                                                                                                                                                                                                        				int _t2;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 = LoadLibraryW(L"kernelbase.dll");
                                                                                                                                                                                                                                                        				 *0xbfb790 = _t1;
                                                                                                                                                                                                                                                        				 *0xbfb794 = 0;
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					L2:
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t1 = GetProcAddress(_t1, "VirtualAlloc2");
                                                                                                                                                                                                                                                        					 *0xbfb794 = _t1;
                                                                                                                                                                                                                                                        					if(_t1 == 0) {
                                                                                                                                                                                                                                                        						_t2 = FreeLibrary( *0xbfb790);
                                                                                                                                                                                                                                                        						 *0xbfb790 = 0;
                                                                                                                                                                                                                                                        						return _t2;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L2;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bed098
                                                                                                                                                                                                                                                        0x00bed0a0
                                                                                                                                                                                                                                                        0x00bed0a5
                                                                                                                                                                                                                                                        0x00bed0af
                                                                                                                                                                                                                                                        0x00bed0c7
                                                                                                                                                                                                                                                        0x00bed0c7
                                                                                                                                                                                                                                                        0x00bed0b1
                                                                                                                                                                                                                                                        0x00bed0b7
                                                                                                                                                                                                                                                        0x00bed0bf
                                                                                                                                                                                                                                                        0x00bed0c4
                                                                                                                                                                                                                                                        0x00bed0ce
                                                                                                                                                                                                                                                        0x00bed0d4
                                                                                                                                                                                                                                                        0x00bed0df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bed0c4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernelbase.dll,?,?,?,?,?,?,?,00000000,?,?,00BECEDA,00000000,?,?,?), ref: 00BED098
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,VirtualAlloc2), ref: 00BED0B7
                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,?,?,?,?,?,?,00000000,?,?,00BECEDA,00000000,?,?,?,?), ref: 00BED0CE
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                        • String ID: VirtualAlloc2$kernelbase.dll
                                                                                                                                                                                                                                                        • API String ID: 145871493-1188699709
                                                                                                                                                                                                                                                        • Opcode ID: 9dd334886cf66dff8350c090fe5ae2b5b7300d7ee1f13c8dda863973ef429eac
                                                                                                                                                                                                                                                        • Instruction ID: caefca4921efbe6cc7b0fbcda7615f39b4b231a40bdc34ee8220d3a976d8467f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9dd334886cf66dff8350c090fe5ae2b5b7300d7ee1f13c8dda863973ef429eac
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 77E07E70695248AED720AF66EC0AB323AE8EB94715F444095E40DC32B1DFB59868CB10
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 88%
                                                                                                                                                                                                                                                        			E00BB8B70(void* __ecx, intOrPtr* __edx, intOrPtr* _a4, intOrPtr _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v72;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed char _v104;
                                                                                                                                                                                                                                                        				char _v105;
                                                                                                                                                                                                                                                        				signed char _v106;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t197;
                                                                                                                                                                                                                                                        				signed int _t198;
                                                                                                                                                                                                                                                        				intOrPtr _t199;
                                                                                                                                                                                                                                                        				intOrPtr _t202;
                                                                                                                                                                                                                                                        				intOrPtr _t205;
                                                                                                                                                                                                                                                        				intOrPtr* _t206;
                                                                                                                                                                                                                                                        				void* _t210;
                                                                                                                                                                                                                                                        				void* _t211;
                                                                                                                                                                                                                                                        				void* _t214;
                                                                                                                                                                                                                                                        				intOrPtr _t216;
                                                                                                                                                                                                                                                        				char _t217;
                                                                                                                                                                                                                                                        				void* _t218;
                                                                                                                                                                                                                                                        				intOrPtr _t223;
                                                                                                                                                                                                                                                        				intOrPtr _t225;
                                                                                                                                                                                                                                                        				void* _t226;
                                                                                                                                                                                                                                                        				intOrPtr _t228;
                                                                                                                                                                                                                                                        				intOrPtr _t230;
                                                                                                                                                                                                                                                        				intOrPtr _t233;
                                                                                                                                                                                                                                                        				intOrPtr _t237;
                                                                                                                                                                                                                                                        				intOrPtr _t239;
                                                                                                                                                                                                                                                        				intOrPtr _t244;
                                                                                                                                                                                                                                                        				intOrPtr _t249;
                                                                                                                                                                                                                                                        				intOrPtr _t251;
                                                                                                                                                                                                                                                        				intOrPtr _t257;
                                                                                                                                                                                                                                                        				void* _t259;
                                                                                                                                                                                                                                                        				intOrPtr _t260;
                                                                                                                                                                                                                                                        				intOrPtr _t263;
                                                                                                                                                                                                                                                        				intOrPtr _t266;
                                                                                                                                                                                                                                                        				intOrPtr _t279;
                                                                                                                                                                                                                                                        				intOrPtr _t304;
                                                                                                                                                                                                                                                        				intOrPtr* _t315;
                                                                                                                                                                                                                                                        				intOrPtr _t316;
                                                                                                                                                                                                                                                        				intOrPtr* _t317;
                                                                                                                                                                                                                                                        				intOrPtr _t318;
                                                                                                                                                                                                                                                        				intOrPtr* _t319;
                                                                                                                                                                                                                                                        				intOrPtr _t323;
                                                                                                                                                                                                                                                        				intOrPtr _t329;
                                                                                                                                                                                                                                                        				intOrPtr* _t330;
                                                                                                                                                                                                                                                        				intOrPtr _t336;
                                                                                                                                                                                                                                                        				intOrPtr _t338;
                                                                                                                                                                                                                                                        				intOrPtr _t339;
                                                                                                                                                                                                                                                        				intOrPtr _t341;
                                                                                                                                                                                                                                                        				intOrPtr _t343;
                                                                                                                                                                                                                                                        				intOrPtr _t345;
                                                                                                                                                                                                                                                        				intOrPtr _t347;
                                                                                                                                                                                                                                                        				intOrPtr _t349;
                                                                                                                                                                                                                                                        				intOrPtr _t353;
                                                                                                                                                                                                                                                        				signed int _t357;
                                                                                                                                                                                                                                                        				intOrPtr _t358;
                                                                                                                                                                                                                                                        				intOrPtr _t360;
                                                                                                                                                                                                                                                        				intOrPtr _t364;
                                                                                                                                                                                                                                                        				intOrPtr _t366;
                                                                                                                                                                                                                                                        				intOrPtr _t367;
                                                                                                                                                                                                                                                        				intOrPtr _t370;
                                                                                                                                                                                                                                                        				intOrPtr* _t373;
                                                                                                                                                                                                                                                        				intOrPtr* _t376;
                                                                                                                                                                                                                                                        				intOrPtr* _t377;
                                                                                                                                                                                                                                                        				intOrPtr* _t378;
                                                                                                                                                                                                                                                        				intOrPtr* _t382;
                                                                                                                                                                                                                                                        				intOrPtr _t384;
                                                                                                                                                                                                                                                        				intOrPtr* _t385;
                                                                                                                                                                                                                                                        				signed char* _t386;
                                                                                                                                                                                                                                                        				signed int _t387;
                                                                                                                                                                                                                                                        				void* _t388;
                                                                                                                                                                                                                                                        				void* _t389;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t259 = __ecx;
                                                                                                                                                                                                                                                        				_t197 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t373 = __edx;
                                                                                                                                                                                                                                                        				_t315 = _a4;
                                                                                                                                                                                                                                                        				_t198 = _t197 ^ _t387;
                                                                                                                                                                                                                                                        				_v20 = _t198;
                                                                                                                                                                                                                                                        				 *_a12 = 0;
                                                                                                                                                                                                                                                        				if( *_t315 == 0 ||  *((intOrPtr*)(_t315 + 8)) != 0 &&  *((intOrPtr*)(_t315 + 0xc)) != 0 &&  *((intOrPtr*)(_t315 + 4)) != 0 &&  *((char*)(_t315 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        					_t376 = _t315;
                                                                                                                                                                                                                                                        					__imp__EncodePointer(_t259);
                                                                                                                                                                                                                                                        					_t8 = _t376 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        					_t260 =  *_t8;
                                                                                                                                                                                                                                                        					_t9 = _t260 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        					_t316 = _t9;
                                                                                                                                                                                                                                                        					if( *_t376 == 0) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t376 + 0x10)) = _t316;
                                                                                                                                                                                                                                                        						_t317 = _t376;
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						_t199 =  *_t373;
                                                                                                                                                                                                                                                        						_t377 = _t317;
                                                                                                                                                                                                                                                        						__imp__EncodePointer( *((intOrPtr*)(_t373 + 8)) +  *((intOrPtr*)(_t199 + 0x20)));
                                                                                                                                                                                                                                                        						_t23 = _t377 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        						_t318 =  *_t23;
                                                                                                                                                                                                                                                        						_t24 = _t318 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        						_t263 = _t24;
                                                                                                                                                                                                                                                        						if( *_t377 == 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t377 + 0x10)) = _t263;
                                                                                                                                                                                                                                                        							_t319 = _t377;
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t319 + 0x14)) = _t263;
                                                                                                                                                                                                                                                        							_t257 = 0xffffffff;
                                                                                                                                                                                                                                                        							_t200 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t373 + 8)) > 4) {
                                                                                                                                                                                                                                                        								L40:
                                                                                                                                                                                                                                                        								_t378 = _a4;
                                                                                                                                                                                                                                                        								E00BB9C70(_t378,  *((intOrPtr*)( *_t373 + 0x20)), _t200);
                                                                                                                                                                                                                                                        								_t321 = _t378;
                                                                                                                                                                                                                                                        								_t389 = _t388 + 4;
                                                                                                                                                                                                                                                        								_t202 =  *_t378;
                                                                                                                                                                                                                                                        								if(_t202 == 0 ||  *((intOrPtr*)(_t321 + 8)) != 0 &&  *((intOrPtr*)(_t321 + 0xc)) != 0 &&  *((intOrPtr*)(_t321 + 4)) != 0 &&  *((char*)(_t321 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t373 + 8)) > 0x64) {
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									if(_t257 >= 0) {
                                                                                                                                                                                                                                                        										_t131 = _t321 + 0x14; // 0xc758b00
                                                                                                                                                                                                                                                        										_t205 =  *_t131;
                                                                                                                                                                                                                                                        										_t133 = _t205 + 5; // 0x100000004
                                                                                                                                                                                                                                                        										_t134 = _t321 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        										__eflags = _t257 + _t133 -  *_t134;
                                                                                                                                                                                                                                                        										if(_t257 + _t133 <=  *_t134) {
                                                                                                                                                                                                                                                        											_t323 =  *_t373;
                                                                                                                                                                                                                                                        											_t168 = _t205 + 1; // 0x100000000
                                                                                                                                                                                                                                                        											_t169 = _t323 + 0x20; // 0x284d8b20
                                                                                                                                                                                                                                                        											_t206 = _a4;
                                                                                                                                                                                                                                                        											_t382 = _t206;
                                                                                                                                                                                                                                                        											_t171 = _t206 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        											_t172 = _t382 + 0xc; // 0x8b000005
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t171 + _t257 + _t168)) =  *((intOrPtr*)( *_t171 + _t257 + _t168)) +  *_t169 - _t205 -  *_t172;
                                                                                                                                                                                                                                                        											L52:
                                                                                                                                                                                                                                                        											_t321 = _t382;
                                                                                                                                                                                                                                                        											if( *((char*)(_t321 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        												goto L61;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L53:
                                                                                                                                                                                                                                                        											if( *_t321 != 0) {
                                                                                                                                                                                                                                                        												_t99 = _t321 + 0x14; // 0xc758b00
                                                                                                                                                                                                                                                        												_t100 = _t321 + 0xc; // 0x8b000005
                                                                                                                                                                                                                                                        												_t384 =  *_t99 +  *_t100;
                                                                                                                                                                                                                                                        												if(_t384 != 0) {
                                                                                                                                                                                                                                                        													_t327 =  &_v104;
                                                                                                                                                                                                                                                        													E00BB9CE0(_t373,  &_v104);
                                                                                                                                                                                                                                                        													if(_v44 != 0 && _v56 != 0) {
                                                                                                                                                                                                                                                        														_v105 = 0xe9;
                                                                                                                                                                                                                                                        														E00BBA2C0( &_v104,  &_v105);
                                                                                                                                                                                                                                                        														_t327 = _a8;
                                                                                                                                                                                                                                                        														E00BBA300( &_v104, _a8);
                                                                                                                                                                                                                                                        														_t214 = E00BB9DB0( &_v104);
                                                                                                                                                                                                                                                        														_t436 = _t214;
                                                                                                                                                                                                                                                        														if(_t214 != 0) {
                                                                                                                                                                                                                                                        															 *_a12 = _t384;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													E00BB9FC0( &_v52, _t327, _t436);
                                                                                                                                                                                                                                                        													_t210 = _v48;
                                                                                                                                                                                                                                                        													if(_t210 !=  &_v36) {
                                                                                                                                                                                                                                                        														free(_t210);
                                                                                                                                                                                                                                                        														_t389 = _t389 + 4;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t211 = _v84;
                                                                                                                                                                                                                                                        													_t321 = _a4;
                                                                                                                                                                                                                                                        													if(_t211 !=  &_v72) {
                                                                                                                                                                                                                                                        														free(_t211);
                                                                                                                                                                                                                                                        														_t321 = _a4;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L61;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L73:
                                                                                                                                                                                                                                                        										_t321 = _a4;
                                                                                                                                                                                                                                                        										 *((char*)(_t321 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t321 + 0x1c));
                                                                                                                                                                                                                                                        										if( *((char*)(_t321 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        											goto L53;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t82 = _t321 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        									_t216 =  *_t82;
                                                                                                                                                                                                                                                        									if(_t202 == 0) {
                                                                                                                                                                                                                                                        										_t138 = _t216 + 1; // 0xbfa01016
                                                                                                                                                                                                                                                        										_t217 = _t216 + 5;
                                                                                                                                                                                                                                                        										__eflags = _t217;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t321 + 0x10)) = _t138;
                                                                                                                                                                                                                                                        										_t279 = _t217;
                                                                                                                                                                                                                                                        										L76:
                                                                                                                                                                                                                                                        										_t321 = _a4;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t321 + 0x10)) = _t279;
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t321 + 0x1c));
                                                                                                                                                                                                                                                        										if( *((char*)(_t321 + 0x1c)) != 0) {
                                                                                                                                                                                                                                                        											goto L53;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L61;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t385 = _t321;
                                                                                                                                                                                                                                                        									_t83 = _t321 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        									_t329 =  *_t83;
                                                                                                                                                                                                                                                        									if(_t216 >= _t329) {
                                                                                                                                                                                                                                                        										 *((char*)(_t385 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        										_t144 = _t216 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        										__eflags = _t144 - _t329;
                                                                                                                                                                                                                                                        										if(_t144 <= _t329) {
                                                                                                                                                                                                                                                        											L51:
                                                                                                                                                                                                                                                        											_t330 = _a4;
                                                                                                                                                                                                                                                        											_t382 = _t330;
                                                                                                                                                                                                                                                        											_t93 = _t330 + 0xc; // 0x8b000005
                                                                                                                                                                                                                                                        											_t94 = _t330 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t94 + _t216)) =  *((intOrPtr*)( *_t373 + 0x20)) - _t216 +  *((intOrPtr*)(_t373 + 8)) -  *_t93 + 0xfffffffc;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t382 + 0x10)) =  *((intOrPtr*)(_t382 + 0x10)) + 4;
                                                                                                                                                                                                                                                        											goto L52;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L73;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t84 = _t385 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        									 *((char*)( *_t84 + _t216)) = 0xe9;
                                                                                                                                                                                                                                                        									_t86 = _t385 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        									_t87 =  *_t86 + 1; // 0xbfa01016
                                                                                                                                                                                                                                                        									_t216 = _t87;
                                                                                                                                                                                                                                                        									_t279 =  *_t86 + 5;
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t385 + 0x10)) = _t216;
                                                                                                                                                                                                                                                        									if( *_t385 == 0) {
                                                                                                                                                                                                                                                        										goto L76;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t89 = _t385 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        									if(_t279 >  *_t89) {
                                                                                                                                                                                                                                                        										goto L73;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L51;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L61;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t386 =  &_v104;
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									_t218 = E00BB9AB0(_t373, _t386);
                                                                                                                                                                                                                                                        									if(_t218 < 0 || (_v104 & 0x0000000c) != 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t373 + 8)) = _t218 +  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        									E00BB7F80(_t257,  *_t373, _t218 +  *((intOrPtr*)(_t373 + 8)), _t373, _t386);
                                                                                                                                                                                                                                                        									_t291 =  *_t373;
                                                                                                                                                                                                                                                        									_t335 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        									if( *((char*)( *((intOrPtr*)( *_t373 + 4)) +  *((intOrPtr*)(_t373 + 8)))) < 0x88) {
                                                                                                                                                                                                                                                        										L30:
                                                                                                                                                                                                                                                        										E00BB7F80(_t257, _t291, _t335, _t373, _t386);
                                                                                                                                                                                                                                                        										_t292 =  *_t373;
                                                                                                                                                                                                                                                        										_t336 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        										_t223 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t223 + _t336)) - 0xf;
                                                                                                                                                                                                                                                        										if( *((char*)(_t223 + _t336)) == 0xf) {
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t292, _t336 + 1, _t373, _t386);
                                                                                                                                                                                                                                                        											_t293 =  *_t373;
                                                                                                                                                                                                                                                        											_t338 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t225 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t225 + _t338 + 1)) - 0x10;
                                                                                                                                                                                                                                                        											if( *((char*)(_t225 + _t338 + 1)) == 0x10) {
                                                                                                                                                                                                                                                        												L71:
                                                                                                                                                                                                                                                        												_t339 = _t338 + 2;
                                                                                                                                                                                                                                                        												L26:
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t373 + 8)) = _t339;
                                                                                                                                                                                                                                                        												_t226 = E00BB9B40(_t373);
                                                                                                                                                                                                                                                        												if(_t226 < 0) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t200 = _t226 +  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        													L28:
                                                                                                                                                                                                                                                        													 *((intOrPtr*)(_t373 + 8)) = _t200;
                                                                                                                                                                                                                                                        													if(_t200 < 5) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L40;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t293, _t338 + 1, _t373, _t386);
                                                                                                                                                                                                                                                        											_t292 =  *_t373;
                                                                                                                                                                                                                                                        											_t338 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t228 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t228 + _t338 + 1)) - 0x11;
                                                                                                                                                                                                                                                        											if( *((char*)(_t228 + _t338 + 1)) != 0x11) {
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L71;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L31:
                                                                                                                                                                                                                                                        										E00BB7F80(_t257, _t292, _t338, _t373, _t386);
                                                                                                                                                                                                                                                        										_t295 =  *_t373;
                                                                                                                                                                                                                                                        										_t230 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        										_t341 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t341 + _t230)) - 0xa1;
                                                                                                                                                                                                                                                        										if( *((char*)(_t341 + _t230)) == 0xa1) {
                                                                                                                                                                                                                                                        											L33:
                                                                                                                                                                                                                                                        											_t200 = _t230 + 5;
                                                                                                                                                                                                                                                        											goto L28;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										E00BB7F80(_t257, _t295, _t230, _t373, _t386);
                                                                                                                                                                                                                                                        										_t296 =  *_t373;
                                                                                                                                                                                                                                                        										_t230 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        										_t343 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t343 + _t230)) - 0xb8;
                                                                                                                                                                                                                                                        										if( *((char*)(_t343 + _t230)) != 0xb8) {
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t296, _t230, _t373, _t386);
                                                                                                                                                                                                                                                        											_t297 =  *_t373;
                                                                                                                                                                                                                                                        											_t233 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t345 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t345 + _t233)) - 0x33;
                                                                                                                                                                                                                                                        											if( *((char*)(_t345 + _t233)) == 0x33) {
                                                                                                                                                                                                                                                        												E00BB7F80(_t257, _t297, _t233 + 1, _t373, _t386);
                                                                                                                                                                                                                                                        												_t297 =  *_t373;
                                                                                                                                                                                                                                                        												_t233 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        												_t347 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        												__eflags =  *((char*)(_t347 + _t233 + 1)) - 0xc0;
                                                                                                                                                                                                                                                        												if( *((char*)(_t347 + _t233 + 1)) >= 0xc0) {
                                                                                                                                                                                                                                                        													L90:
                                                                                                                                                                                                                                                        													_t200 = _t233 + 2;
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t297, _t233, _t373, _t386);
                                                                                                                                                                                                                                                        											_t298 =  *_t373;
                                                                                                                                                                                                                                                        											_t237 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t349 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags = ( *(_t349 + _t237) & 0xf8) - 0x40;
                                                                                                                                                                                                                                                        											if(( *(_t349 + _t237) & 0xf8) == 0x40) {
                                                                                                                                                                                                                                                        												L39:
                                                                                                                                                                                                                                                        												_t200 = _t237 + 1;
                                                                                                                                                                                                                                                        												goto L28;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t298, _t237, _t373, _t386);
                                                                                                                                                                                                                                                        											_t299 =  *_t373;
                                                                                                                                                                                                                                                        											_t353 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t239 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t239 + _t353)) - 0x83;
                                                                                                                                                                                                                                                        											if( *((char*)(_t239 + _t353)) == 0x83) {
                                                                                                                                                                                                                                                        												E00BB7F80(_t257, _t299, _t353 + 1, _t373, _t386);
                                                                                                                                                                                                                                                        												_v106 =  *( *((intOrPtr*)( *_t373 + 4)) +  *((intOrPtr*)(_t373 + 8)) + 1) & 0x000000ff;
                                                                                                                                                                                                                                                        												E00BB7F80(_t257,  *_t373,  *((intOrPtr*)(_t373 + 8)) + 1, _t373, _t386);
                                                                                                                                                                                                                                                        												_t357 = _v106 & 0x000000ff;
                                                                                                                                                                                                                                                        												_t244 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        												__eflags = _t357 - 0xc0;
                                                                                                                                                                                                                                                        												if(_t357 < 0xc0) {
                                                                                                                                                                                                                                                        													__eflags = (_t357 & 0x000000c0) - 0x40;
                                                                                                                                                                                                                                                        													if((_t357 & 0x000000c0) != 0x40) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t304 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        													__eflags = ( *(_t304 + _t244 + 1) & 7) - 4;
                                                                                                                                                                                                                                                        													if(( *(_t304 + _t244 + 1) & 7) == 4) {
                                                                                                                                                                                                                                                        														break;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t200 = _t244 + 4;
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t200 = _t244 + 3;
                                                                                                                                                                                                                                                        												goto L28;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t299, _t353, _t373, _t386);
                                                                                                                                                                                                                                                        											_t307 =  *_t373;
                                                                                                                                                                                                                                                        											_t230 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t358 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t358 + _t230)) - 0x68;
                                                                                                                                                                                                                                                        											if( *((char*)(_t358 + _t230)) == 0x68) {
                                                                                                                                                                                                                                                        												goto L33;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB7F80(_t257, _t307, _t230, _t373, _t386);
                                                                                                                                                                                                                                                        											_t308 =  *_t373;
                                                                                                                                                                                                                                                        											_t237 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        											_t360 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        											__eflags = ( *(_t360 + _t237) & 0xf0) - 0x50;
                                                                                                                                                                                                                                                        											if(( *(_t360 + _t237) & 0xf0) != 0x50) {
                                                                                                                                                                                                                                                        												E00BB7F80(_t257, _t308, _t237, _t373, _t386);
                                                                                                                                                                                                                                                        												_t309 =  *_t373;
                                                                                                                                                                                                                                                        												_t233 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        												_t364 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        												__eflags =  *((char*)(_t364 + _t233)) - 0x6a;
                                                                                                                                                                                                                                                        												if( *((char*)(_t364 + _t233)) != 0x6a) {
                                                                                                                                                                                                                                                        													E00BB7F80(_t257, _t309, _t233, _t373, _t386);
                                                                                                                                                                                                                                                        													_t310 =  *_t373;
                                                                                                                                                                                                                                                        													_t366 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        													_t249 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        													__eflags =  *((char*)(_t249 + _t366)) - 0xe9;
                                                                                                                                                                                                                                                        													if( *((char*)(_t249 + _t366)) != 0xe9) {
                                                                                                                                                                                                                                                        														E00BB7F80(_t257, _t310, _t366, _t373, _t386);
                                                                                                                                                                                                                                                        														_t311 =  *_t373;
                                                                                                                                                                                                                                                        														_t251 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        														_t367 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        														__eflags =  *((char*)(_t367 + _t251)) - 0xff;
                                                                                                                                                                                                                                                        														if( *((char*)(_t367 + _t251)) != 0xff) {
                                                                                                                                                                                                                                                        															L102:
                                                                                                                                                                                                                                                        															E00BB7F80(_t257, _t311, _t251, _t373, _t386);
                                                                                                                                                                                                                                                        															break;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														E00BB7F80(_t257, _t311, _t251 + 1, _t373, _t386);
                                                                                                                                                                                                                                                        														_t311 =  *_t373;
                                                                                                                                                                                                                                                        														_t251 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        														_t370 =  *((intOrPtr*)( *_t373 + 4));
                                                                                                                                                                                                                                                        														__eflags =  *((char*)(_t370 + _t251 + 1)) - 0x25;
                                                                                                                                                                                                                                                        														if( *((char*)(_t370 + _t251 + 1)) != 0x25) {
                                                                                                                                                                                                                                                        															goto L102;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_t200 = _t251 + 6;
                                                                                                                                                                                                                                                        														goto L28;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t200 = _t366 + 5;
                                                                                                                                                                                                                                                        													_t257 = _t366;
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L90;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L39;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L33;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									E00BB7F80(_t257, _t291, _t335, _t373, _t386);
                                                                                                                                                                                                                                                        									_t291 =  *_t373;
                                                                                                                                                                                                                                                        									_t335 =  *((intOrPtr*)(_t373 + 8));
                                                                                                                                                                                                                                                        									if( *((char*)( *((intOrPtr*)( *_t373 + 4)) + _t335)) > 0x8b) {
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t339 = _t335 + 1;
                                                                                                                                                                                                                                                        										goto L26;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t321 = _a4;
                                                                                                                                                                                                                                                        								L61:
                                                                                                                                                                                                                                                        								_t203 = _a12;
                                                                                                                                                                                                                                                        								if( *_t203 == 0) {
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t321 + 0x10)) = 0;
                                                                                                                                                                                                                                                        									_t379 = _t321;
                                                                                                                                                                                                                                                        									__imp__EncodePointer(0);
                                                                                                                                                                                                                                                        									_t147 = _t379 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        									_t266 =  *_t147;
                                                                                                                                                                                                                                                        									__eflags =  *_t321;
                                                                                                                                                                                                                                                        									_t148 = _t266 + 4; // 0xbfa01019
                                                                                                                                                                                                                                                        									_t321 = _t148;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										_t203 = _a4;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_a4 + 0x10)) = _t321;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t150 = _a4 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        										__eflags = _t321 -  *_t150;
                                                                                                                                                                                                                                                        										if(_t321 <=  *_t150) {
                                                                                                                                                                                                                                                        											_t322 = _a4;
                                                                                                                                                                                                                                                        											_t178 = _t322 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        											_t321 =  *_t178;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t178 + _t266)) = _t203;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_a4 + 0x10)) =  *((intOrPtr*)(_a4 + 0x10)) + 4;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t203 = _a4;
                                                                                                                                                                                                                                                        											 *((char*)(_a4 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L62;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t25 = _t377 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        						if(_t263 >  *_t25) {
                                                                                                                                                                                                                                                        							_t263 = _t318;
                                                                                                                                                                                                                                                        							 *((char*)(_t377 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        							_t321 = _t377;
                                                                                                                                                                                                                                                        							__eflags =  *((intOrPtr*)(_t321 + 8));
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t321 + 8)) != 0) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t321 + 0xc)) == 0 ||  *((intOrPtr*)(_t321 + 4)) == 0 ||  *((char*)(_t321 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        									goto L61;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									goto L19;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L61;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t26 = _t377 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *_t26 + _t318)) = _t199;
                                                                                                                                                                                                                                                        						_t319 = _t377;
                                                                                                                                                                                                                                                        						_t28 = _t377 + 0x10; // 0xbfa01015
                                                                                                                                                                                                                                                        						_t263 =  *_t28 + 4;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t377 + 0x10)) = _t263;
                                                                                                                                                                                                                                                        						if( *_t377 == 0) {
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t319 + 8)) == 0) {
                                                                                                                                                                                                                                                        							goto L61;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t10 = _t376 + 0x18; // 0x8b1c7d8b
                                                                                                                                                                                                                                                        					if(_t316 >  *_t10) {
                                                                                                                                                                                                                                                        						_t321 = _t376;
                                                                                                                                                                                                                                                        						 *((char*)(_t376 + 0x1c)) = 0;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(_t321 + 8));
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t321 + 8)) != 0) {
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t321 + 0xc)) == 0 ||  *((intOrPtr*)(_t321 + 4)) == 0 ||  *((char*)(_t321 + 0x1c)) == 0) {
                                                                                                                                                                                                                                                        								goto L62;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L62;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t12 = _a4 + 8; // 0xe8ec81f8
                                                                                                                                                                                                                                                        					 *( *_t12 + _t260) = _t198;
                                                                                                                                                                                                                                                        					_t317 = _a4;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t317 + 0x10)) =  *((intOrPtr*)(_t317 + 0x10)) + 4;
                                                                                                                                                                                                                                                        					if( *_t317 == 0) {
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t317 + 8)) == 0) {
                                                                                                                                                                                                                                                        						goto L62;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L62:
                                                                                                                                                                                                                                                        					return E00BEECB0(_t203, _v20 ^ _t387, _t321);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}


















































































                                                                                                                                                                                                                                                        0x00bb8b70
                                                                                                                                                                                                                                                        0x00bb8b79
                                                                                                                                                                                                                                                        0x00bb8b81
                                                                                                                                                                                                                                                        0x00bb8b83
                                                                                                                                                                                                                                                        0x00bb8b86
                                                                                                                                                                                                                                                        0x00bb8b88
                                                                                                                                                                                                                                                        0x00bb8b8b
                                                                                                                                                                                                                                                        0x00bb8b94
                                                                                                                                                                                                                                                        0x00bb8bbf
                                                                                                                                                                                                                                                        0x00bb8bc1
                                                                                                                                                                                                                                                        0x00bb8bc7
                                                                                                                                                                                                                                                        0x00bb8bc7
                                                                                                                                                                                                                                                        0x00bb8bcd
                                                                                                                                                                                                                                                        0x00bb8bcd
                                                                                                                                                                                                                                                        0x00bb8bd0
                                                                                                                                                                                                                                                        0x00bb8f35
                                                                                                                                                                                                                                                        0x00bb8f38
                                                                                                                                                                                                                                                        0x00bb8c1c
                                                                                                                                                                                                                                                        0x00bb8c1c
                                                                                                                                                                                                                                                        0x00bb8c25
                                                                                                                                                                                                                                                        0x00bb8c27
                                                                                                                                                                                                                                                        0x00bb8c2d
                                                                                                                                                                                                                                                        0x00bb8c2d
                                                                                                                                                                                                                                                        0x00bb8c33
                                                                                                                                                                                                                                                        0x00bb8c33
                                                                                                                                                                                                                                                        0x00bb8c36
                                                                                                                                                                                                                                                        0x00bb8f51
                                                                                                                                                                                                                                                        0x00bb8f54
                                                                                                                                                                                                                                                        0x00bb8c83
                                                                                                                                                                                                                                                        0x00bb8c83
                                                                                                                                                                                                                                                        0x00bb8c86
                                                                                                                                                                                                                                                        0x00bb8c8b
                                                                                                                                                                                                                                                        0x00bb8c91
                                                                                                                                                                                                                                                        0x00bb8de5
                                                                                                                                                                                                                                                        0x00bb8de7
                                                                                                                                                                                                                                                        0x00bb8df0
                                                                                                                                                                                                                                                        0x00bb8df5
                                                                                                                                                                                                                                                        0x00bb8df7
                                                                                                                                                                                                                                                        0x00bb8dfa
                                                                                                                                                                                                                                                        0x00bb8dfe
                                                                                                                                                                                                                                                        0x00bb8e2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8e34
                                                                                                                                                                                                                                                        0x00bb8fa5
                                                                                                                                                                                                                                                        0x00bb8fa5
                                                                                                                                                                                                                                                        0x00bb8fa8
                                                                                                                                                                                                                                                        0x00bb8fac
                                                                                                                                                                                                                                                        0x00bb8fac
                                                                                                                                                                                                                                                        0x00bb8faf
                                                                                                                                                                                                                                                        0x00bb90be
                                                                                                                                                                                                                                                        0x00bb90c0
                                                                                                                                                                                                                                                        0x00bb90c4
                                                                                                                                                                                                                                                        0x00bb90c9
                                                                                                                                                                                                                                                        0x00bb90cc
                                                                                                                                                                                                                                                        0x00bb90ce
                                                                                                                                                                                                                                                        0x00bb90d1
                                                                                                                                                                                                                                                        0x00bb90d4
                                                                                                                                                                                                                                                        0x00bb8e98
                                                                                                                                                                                                                                                        0x00bb8e98
                                                                                                                                                                                                                                                        0x00bb8e9e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ea0
                                                                                                                                                                                                                                                        0x00bb8ea3
                                                                                                                                                                                                                                                        0x00bb8ea5
                                                                                                                                                                                                                                                        0x00bb8ea8
                                                                                                                                                                                                                                                        0x00bb8ea8
                                                                                                                                                                                                                                                        0x00bb8eab
                                                                                                                                                                                                                                                        0x00bb8ead
                                                                                                                                                                                                                                                        0x00bb8eb2
                                                                                                                                                                                                                                                        0x00bb8ebb
                                                                                                                                                                                                                                                        0x00bb8ecc
                                                                                                                                                                                                                                                        0x00bb8ed2
                                                                                                                                                                                                                                                        0x00bb8ed9
                                                                                                                                                                                                                                                        0x00bb8edb
                                                                                                                                                                                                                                                        0x00bb8ee2
                                                                                                                                                                                                                                                        0x00bb8ee7
                                                                                                                                                                                                                                                        0x00bb8ee9
                                                                                                                                                                                                                                                        0x00bb8eee
                                                                                                                                                                                                                                                        0x00bb8eee
                                                                                                                                                                                                                                                        0x00bb8ee9
                                                                                                                                                                                                                                                        0x00bb8ef3
                                                                                                                                                                                                                                                        0x00bb8ef8
                                                                                                                                                                                                                                                        0x00bb8f00
                                                                                                                                                                                                                                                        0x00bb8ffd
                                                                                                                                                                                                                                                        0x00bb9003
                                                                                                                                                                                                                                                        0x00bb9003
                                                                                                                                                                                                                                                        0x00bb8f06
                                                                                                                                                                                                                                                        0x00bb8f09
                                                                                                                                                                                                                                                        0x00bb8f11
                                                                                                                                                                                                                                                        0x00bb900c
                                                                                                                                                                                                                                                        0x00bb9012
                                                                                                                                                                                                                                                        0x00bb9015
                                                                                                                                                                                                                                                        0x00bb8f11
                                                                                                                                                                                                                                                        0x00bb8eab
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ea3
                                                                                                                                                                                                                                                        0x00bb8fb5
                                                                                                                                                                                                                                                        0x00bb8fb5
                                                                                                                                                                                                                                                        0x00bb8fb8
                                                                                                                                                                                                                                                        0x00bb8fbc
                                                                                                                                                                                                                                                        0x00bb8fc0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8fc6
                                                                                                                                                                                                                                                        0x00bb8e3c
                                                                                                                                                                                                                                                        0x00bb8e3c
                                                                                                                                                                                                                                                        0x00bb8e3f
                                                                                                                                                                                                                                                        0x00bb8fcb
                                                                                                                                                                                                                                                        0x00bb8fce
                                                                                                                                                                                                                                                        0x00bb8fce
                                                                                                                                                                                                                                                        0x00bb8fd1
                                                                                                                                                                                                                                                        0x00bb8fd4
                                                                                                                                                                                                                                                        0x00bb8fd6
                                                                                                                                                                                                                                                        0x00bb8fd6
                                                                                                                                                                                                                                                        0x00bb8fd9
                                                                                                                                                                                                                                                        0x00bb8fdc
                                                                                                                                                                                                                                                        0x00bb8fe0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8fe6
                                                                                                                                                                                                                                                        0x00bb8e45
                                                                                                                                                                                                                                                        0x00bb8e47
                                                                                                                                                                                                                                                        0x00bb8e47
                                                                                                                                                                                                                                                        0x00bb8e4c
                                                                                                                                                                                                                                                        0x00bb8feb
                                                                                                                                                                                                                                                        0x00bb8fef
                                                                                                                                                                                                                                                        0x00bb8ff2
                                                                                                                                                                                                                                                        0x00bb8ff4
                                                                                                                                                                                                                                                        0x00bb8e79
                                                                                                                                                                                                                                                        0x00bb8e7b
                                                                                                                                                                                                                                                        0x00bb8e81
                                                                                                                                                                                                                                                        0x00bb8e88
                                                                                                                                                                                                                                                        0x00bb8e8b
                                                                                                                                                                                                                                                        0x00bb8e91
                                                                                                                                                                                                                                                        0x00bb8e94
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8e94
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ffa
                                                                                                                                                                                                                                                        0x00bb8e52
                                                                                                                                                                                                                                                        0x00bb8e55
                                                                                                                                                                                                                                                        0x00bb8e59
                                                                                                                                                                                                                                                        0x00bb8e5c
                                                                                                                                                                                                                                                        0x00bb8e5c
                                                                                                                                                                                                                                                        0x00bb8e5f
                                                                                                                                                                                                                                                        0x00bb8e62
                                                                                                                                                                                                                                                        0x00bb8e68
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8e6e
                                                                                                                                                                                                                                                        0x00bb8e73
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c97
                                                                                                                                                                                                                                                        0x00bb8c97
                                                                                                                                                                                                                                                        0x00bb8c9a
                                                                                                                                                                                                                                                        0x00bb8c9e
                                                                                                                                                                                                                                                        0x00bb8ca5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8cb8
                                                                                                                                                                                                                                                        0x00bb8cbf
                                                                                                                                                                                                                                                        0x00bb8cc4
                                                                                                                                                                                                                                                        0x00bb8cc6
                                                                                                                                                                                                                                                        0x00bb8cd0
                                                                                                                                                                                                                                                        0x00bb8d10
                                                                                                                                                                                                                                                        0x00bb8d10
                                                                                                                                                                                                                                                        0x00bb8d15
                                                                                                                                                                                                                                                        0x00bb8d17
                                                                                                                                                                                                                                                        0x00bb8d1a
                                                                                                                                                                                                                                                        0x00bb8d1d
                                                                                                                                                                                                                                                        0x00bb8d21
                                                                                                                                                                                                                                                        0x00bb8f70
                                                                                                                                                                                                                                                        0x00bb8f75
                                                                                                                                                                                                                                                        0x00bb8f77
                                                                                                                                                                                                                                                        0x00bb8f7a
                                                                                                                                                                                                                                                        0x00bb8f7d
                                                                                                                                                                                                                                                        0x00bb8f82
                                                                                                                                                                                                                                                        0x00bb8f9d
                                                                                                                                                                                                                                                        0x00bb8f9d
                                                                                                                                                                                                                                                        0x00bb8ce6
                                                                                                                                                                                                                                                        0x00bb8ce8
                                                                                                                                                                                                                                                        0x00bb8ceb
                                                                                                                                                                                                                                                        0x00bb8cf2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8cf8
                                                                                                                                                                                                                                                        0x00bb8cf8
                                                                                                                                                                                                                                                        0x00bb8cfb
                                                                                                                                                                                                                                                        0x00bb8cfe
                                                                                                                                                                                                                                                        0x00bb8d01
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d03
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d03
                                                                                                                                                                                                                                                        0x00bb8d01
                                                                                                                                                                                                                                                        0x00bb8cf2
                                                                                                                                                                                                                                                        0x00bb8f85
                                                                                                                                                                                                                                                        0x00bb8f8a
                                                                                                                                                                                                                                                        0x00bb8f8c
                                                                                                                                                                                                                                                        0x00bb8f8f
                                                                                                                                                                                                                                                        0x00bb8f92
                                                                                                                                                                                                                                                        0x00bb8f97
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f97
                                                                                                                                                                                                                                                        0x00bb8d27
                                                                                                                                                                                                                                                        0x00bb8d27
                                                                                                                                                                                                                                                        0x00bb8d2c
                                                                                                                                                                                                                                                        0x00bb8d2e
                                                                                                                                                                                                                                                        0x00bb8d31
                                                                                                                                                                                                                                                        0x00bb8d34
                                                                                                                                                                                                                                                        0x00bb8d38
                                                                                                                                                                                                                                                        0x00bb8d4f
                                                                                                                                                                                                                                                        0x00bb8d4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d4f
                                                                                                                                                                                                                                                        0x00bb8d3c
                                                                                                                                                                                                                                                        0x00bb8d41
                                                                                                                                                                                                                                                        0x00bb8d43
                                                                                                                                                                                                                                                        0x00bb8d46
                                                                                                                                                                                                                                                        0x00bb8d49
                                                                                                                                                                                                                                                        0x00bb8d4d
                                                                                                                                                                                                                                                        0x00bb8d62
                                                                                                                                                                                                                                                        0x00bb8d67
                                                                                                                                                                                                                                                        0x00bb8d69
                                                                                                                                                                                                                                                        0x00bb8d6c
                                                                                                                                                                                                                                                        0x00bb8d6f
                                                                                                                                                                                                                                                        0x00bb8d73
                                                                                                                                                                                                                                                        0x00bb9058
                                                                                                                                                                                                                                                        0x00bb905d
                                                                                                                                                                                                                                                        0x00bb905f
                                                                                                                                                                                                                                                        0x00bb9062
                                                                                                                                                                                                                                                        0x00bb9065
                                                                                                                                                                                                                                                        0x00bb906a
                                                                                                                                                                                                                                                        0x00bb90b6
                                                                                                                                                                                                                                                        0x00bb90b6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb90b6
                                                                                                                                                                                                                                                        0x00bb906c
                                                                                                                                                                                                                                                        0x00bb8d7b
                                                                                                                                                                                                                                                        0x00bb8d80
                                                                                                                                                                                                                                                        0x00bb8d82
                                                                                                                                                                                                                                                        0x00bb8d85
                                                                                                                                                                                                                                                        0x00bb8d8f
                                                                                                                                                                                                                                                        0x00bb8d92
                                                                                                                                                                                                                                                        0x00bb8ddf
                                                                                                                                                                                                                                                        0x00bb8ddf
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ddf
                                                                                                                                                                                                                                                        0x00bb8d96
                                                                                                                                                                                                                                                        0x00bb8d9b
                                                                                                                                                                                                                                                        0x00bb8d9d
                                                                                                                                                                                                                                                        0x00bb8da0
                                                                                                                                                                                                                                                        0x00bb8da3
                                                                                                                                                                                                                                                        0x00bb8da7
                                                                                                                                                                                                                                                        0x00bb9072
                                                                                                                                                                                                                                                        0x00bb9085
                                                                                                                                                                                                                                                        0x00bb9088
                                                                                                                                                                                                                                                        0x00bb908d
                                                                                                                                                                                                                                                        0x00bb9091
                                                                                                                                                                                                                                                        0x00bb9094
                                                                                                                                                                                                                                                        0x00bb9097
                                                                                                                                                                                                                                                        0x00bb9100
                                                                                                                                                                                                                                                        0x00bb9103
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9107
                                                                                                                                                                                                                                                        0x00bb9112
                                                                                                                                                                                                                                                        0x00bb9115
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9117
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9117
                                                                                                                                                                                                                                                        0x00bb9099
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9099
                                                                                                                                                                                                                                                        0x00bb8dad
                                                                                                                                                                                                                                                        0x00bb8db2
                                                                                                                                                                                                                                                        0x00bb8db4
                                                                                                                                                                                                                                                        0x00bb8db7
                                                                                                                                                                                                                                                        0x00bb8dba
                                                                                                                                                                                                                                                        0x00bb8dbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8dc2
                                                                                                                                                                                                                                                        0x00bb8dc7
                                                                                                                                                                                                                                                        0x00bb8dc9
                                                                                                                                                                                                                                                        0x00bb8dcc
                                                                                                                                                                                                                                                        0x00bb8dd6
                                                                                                                                                                                                                                                        0x00bb8dd9
                                                                                                                                                                                                                                                        0x00bb90a3
                                                                                                                                                                                                                                                        0x00bb90a8
                                                                                                                                                                                                                                                        0x00bb90aa
                                                                                                                                                                                                                                                        0x00bb90ad
                                                                                                                                                                                                                                                        0x00bb90b0
                                                                                                                                                                                                                                                        0x00bb90b4
                                                                                                                                                                                                                                                        0x00bb9121
                                                                                                                                                                                                                                                        0x00bb9126
                                                                                                                                                                                                                                                        0x00bb9128
                                                                                                                                                                                                                                                        0x00bb912b
                                                                                                                                                                                                                                                        0x00bb912e
                                                                                                                                                                                                                                                        0x00bb9132
                                                                                                                                                                                                                                                        0x00bb913e
                                                                                                                                                                                                                                                        0x00bb9143
                                                                                                                                                                                                                                                        0x00bb9145
                                                                                                                                                                                                                                                        0x00bb9148
                                                                                                                                                                                                                                                        0x00bb914b
                                                                                                                                                                                                                                                        0x00bb914f
                                                                                                                                                                                                                                                        0x00bb9170
                                                                                                                                                                                                                                                        0x00bb9172
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9172
                                                                                                                                                                                                                                                        0x00bb9154
                                                                                                                                                                                                                                                        0x00bb9159
                                                                                                                                                                                                                                                        0x00bb915b
                                                                                                                                                                                                                                                        0x00bb915e
                                                                                                                                                                                                                                                        0x00bb9161
                                                                                                                                                                                                                                                        0x00bb9166
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9168
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9168
                                                                                                                                                                                                                                                        0x00bb9134
                                                                                                                                                                                                                                                        0x00bb9137
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb9137
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb90b4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8dd9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8d4d
                                                                                                                                                                                                                                                        0x00bb8cd2
                                                                                                                                                                                                                                                        0x00bb8cd7
                                                                                                                                                                                                                                                        0x00bb8cd9
                                                                                                                                                                                                                                                        0x00bb8ce3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ce5
                                                                                                                                                                                                                                                        0x00bb8ce5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8ce5
                                                                                                                                                                                                                                                        0x00bb8ce3
                                                                                                                                                                                                                                                        0x00bb9177
                                                                                                                                                                                                                                                        0x00bb8f17
                                                                                                                                                                                                                                                        0x00bb8f17
                                                                                                                                                                                                                                                        0x00bb8f1d
                                                                                                                                                                                                                                                        0x00bb901d
                                                                                                                                                                                                                                                        0x00bb9026
                                                                                                                                                                                                                                                        0x00bb9028
                                                                                                                                                                                                                                                        0x00bb902e
                                                                                                                                                                                                                                                        0x00bb902e
                                                                                                                                                                                                                                                        0x00bb9031
                                                                                                                                                                                                                                                        0x00bb9034
                                                                                                                                                                                                                                                        0x00bb9034
                                                                                                                                                                                                                                                        0x00bb9037
                                                                                                                                                                                                                                                        0x00bb90dc
                                                                                                                                                                                                                                                        0x00bb90df
                                                                                                                                                                                                                                                        0x00bb903d
                                                                                                                                                                                                                                                        0x00bb9040
                                                                                                                                                                                                                                                        0x00bb9040
                                                                                                                                                                                                                                                        0x00bb9043
                                                                                                                                                                                                                                                        0x00bb90e7
                                                                                                                                                                                                                                                        0x00bb90ec
                                                                                                                                                                                                                                                        0x00bb90ec
                                                                                                                                                                                                                                                        0x00bb90ef
                                                                                                                                                                                                                                                        0x00bb90f2
                                                                                                                                                                                                                                                        0x00bb9049
                                                                                                                                                                                                                                                        0x00bb9049
                                                                                                                                                                                                                                                        0x00bb904c
                                                                                                                                                                                                                                                        0x00bb904c
                                                                                                                                                                                                                                                        0x00bb9043
                                                                                                                                                                                                                                                        0x00bb9037
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f1d
                                                                                                                                                                                                                                                        0x00bb8c91
                                                                                                                                                                                                                                                        0x00bb8c3c
                                                                                                                                                                                                                                                        0x00bb8c3f
                                                                                                                                                                                                                                                        0x00bb8f5b
                                                                                                                                                                                                                                                        0x00bb8f5d
                                                                                                                                                                                                                                                        0x00bb8f61
                                                                                                                                                                                                                                                        0x00bb8f63
                                                                                                                                                                                                                                                        0x00bb8f67
                                                                                                                                                                                                                                                        0x00bb8c65
                                                                                                                                                                                                                                                        0x00bb8c69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c69
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f6d
                                                                                                                                                                                                                                                        0x00bb8c45
                                                                                                                                                                                                                                                        0x00bb8c48
                                                                                                                                                                                                                                                        0x00bb8c4b
                                                                                                                                                                                                                                                        0x00bb8c4d
                                                                                                                                                                                                                                                        0x00bb8c50
                                                                                                                                                                                                                                                        0x00bb8c53
                                                                                                                                                                                                                                                        0x00bb8c59
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c5f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c5f
                                                                                                                                                                                                                                                        0x00bb8bd6
                                                                                                                                                                                                                                                        0x00bb8bd9
                                                                                                                                                                                                                                                        0x00bb8f3f
                                                                                                                                                                                                                                                        0x00bb8f41
                                                                                                                                                                                                                                                        0x00bb8f45
                                                                                                                                                                                                                                                        0x00bb8f49
                                                                                                                                                                                                                                                        0x00bb8bfe
                                                                                                                                                                                                                                                        0x00bb8c02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8c02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f4f
                                                                                                                                                                                                                                                        0x00bb8be2
                                                                                                                                                                                                                                                        0x00bb8be5
                                                                                                                                                                                                                                                        0x00bb8be8
                                                                                                                                                                                                                                                        0x00bb8beb
                                                                                                                                                                                                                                                        0x00bb8bf2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8bf8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb8f23
                                                                                                                                                                                                                                                        0x00bb8f23
                                                                                                                                                                                                                                                        0x00bb8f34
                                                                                                                                                                                                                                                        0x00bb8f34

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(?), ref: 00BB8BC1
                                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(?), ref: 00BB8C27
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: EncodePointer
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2118026453-0
                                                                                                                                                                                                                                                        • Opcode ID: dbee47bde88160b27cd48aa2313feacdff293036967bc5ce45df64bd9fc4954a
                                                                                                                                                                                                                                                        • Instruction ID: 9a87f16bd14b007c228dc0d68d73d5d94b879c00a0576f437ec0161223b61ceb
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dbee47bde88160b27cd48aa2313feacdff293036967bc5ce45df64bd9fc4954a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B7123C70604642DBD725DF28C084AB5FBE6FF45314F288AD8D55A4B296CBB4ED86CBC0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BDF410(intOrPtr* _a4, long _a8, long _a12, long _a16, long _a20, char _a24, long _a28) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				long _t61;
                                                                                                                                                                                                                                                        				long* _t64;
                                                                                                                                                                                                                                                        				long _t65;
                                                                                                                                                                                                                                                        				long _t66;
                                                                                                                                                                                                                                                        				long _t67;
                                                                                                                                                                                                                                                        				long _t69;
                                                                                                                                                                                                                                                        				long _t72;
                                                                                                                                                                                                                                                        				long _t75;
                                                                                                                                                                                                                                                        				long _t78;
                                                                                                                                                                                                                                                        				long _t80;
                                                                                                                                                                                                                                                        				long _t82;
                                                                                                                                                                                                                                                        				long _t84;
                                                                                                                                                                                                                                                        				long _t85;
                                                                                                                                                                                                                                                        				intOrPtr* _t86;
                                                                                                                                                                                                                                                        				char _t91;
                                                                                                                                                                                                                                                        				long _t92;
                                                                                                                                                                                                                                                        				long _t94;
                                                                                                                                                                                                                                                        				long _t106;
                                                                                                                                                                                                                                                        				intOrPtr* _t108;
                                                                                                                                                                                                                                                        				long* _t110;
                                                                                                                                                                                                                                                        				long _t111;
                                                                                                                                                                                                                                                        				signed int _t112;
                                                                                                                                                                                                                                                        				long _t114;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t114 = (_t112 & 0xfffffff0) - 0x80;
                                                                                                                                                                                                                                                        				_t110 = _t114;
                                                                                                                                                                                                                                                        				_t110[0x18] = _t111;
                                                                                                                                                                                                                                                        				_t110[0x19] = _t114;
                                                                                                                                                                                                                                                        				_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        				_t110[0x1d] = 0xbf96e0;
                                                                                                                                                                                                                                                        				_t110[0x1c] = 0xbef860;
                                                                                                                                                                                                                                                        				_t91 = _a24;
                                                                                                                                                                                                                                                        				_t94 = _a28;
                                                                                                                                                                                                                                                        				_t106 = _a20;
                                                                                                                                                                                                                                                        				_t110[0x1b] =  *[fs:0x0];
                                                                                                                                                                                                                                                        				 *[fs:0x0] =  &(_t110[0x1b]);
                                                                                                                                                                                                                                                        				if( *0xbfb618 == 0) {
                                                                                                                                                                                                                                                        					_t108 = 0;
                                                                                                                                                                                                                                                        					 *_t110 = 0;
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_t61 =  *_a4(_a8, _a12, _a16, _t106, _t91, _t94);
                                                                                                                                                                                                                                                        					if(_t61 != 0) {
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						 *[fs:0x0] = _t110[0x1b];
                                                                                                                                                                                                                                                        						return _t61;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t92 = GetLastError();
                                                                                                                                                                                                                                                        					if( *_t110 != 0) {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_t64 =  *((intOrPtr*)( *_t108 + 8))();
                                                                                                                                                                                                                                                        						__eflags =  *_t64;
                                                                                                                                                                                                                                                        						if( *_t64 <= 0) {
                                                                                                                                                                                                                                                        							L16:
                                                                                                                                                                                                                                                        							_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        							SetLastError(_t92);
                                                                                                                                                                                                                                                        							_t61 = 0;
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t65 = _a28;
                                                                                                                                                                                                                                                        						__eflags = _t65;
                                                                                                                                                                                                                                                        						if(_t65 == 0) {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							__eflags = _a8;
                                                                                                                                                                                                                                                        							_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        							if(_a8 != 0) {
                                                                                                                                                                                                                                                        								goto L16;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _a16;
                                                                                                                                                                                                                                                        							if(_a16 != 0) {
                                                                                                                                                                                                                                                        								_t66 = E00BE3790();
                                                                                                                                                                                                                                                        								__eflags = _t66;
                                                                                                                                                                                                                                                        								if(_t66 == 0) {
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t67 =  *0xbfb68c; // 0x830000
                                                                                                                                                                                                                                                        								__eflags = _t67;
                                                                                                                                                                                                                                                        								if(__eflags == 0) {
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110[1] = _t67;
                                                                                                                                                                                                                                                        								asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        								asm("movaps [esi+0x40], xmm0");
                                                                                                                                                                                                                                                        								asm("movaps [esi+0x30], xmm0");
                                                                                                                                                                                                                                                        								asm("movaps [esi+0x20], xmm0");
                                                                                                                                                                                                                                                        								_t110[0x14] = 0;
                                                                                                                                                                                                                                                        								_t110[2] = _t67 +  *((intOrPtr*)(_t67 + 8));
                                                                                                                                                                                                                                                        								_t69 = E00BE6680( &(_t110[1]), __eflags);
                                                                                                                                                                                                                                                        								__eflags = _t69;
                                                                                                                                                                                                                                                        								if(_t69 == 0) {
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t109 = _t69;
                                                                                                                                                                                                                                                        								 *_t69 = 0x16;
                                                                                                                                                                                                                                                        								 *(_t69 + 4) = 0;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t69 + 0x3c)) = 4;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t69 + 0x44)) = 0x7c;
                                                                                                                                                                                                                                                        								_t110[5] = _a12;
                                                                                                                                                                                                                                                        								_t72 = E00BD55B0(_t69, 0,  &(_t110[5]), 4, 0, 4);
                                                                                                                                                                                                                                                        								__eflags = _t72;
                                                                                                                                                                                                                                                        								if(_t72 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110[4] = _a16;
                                                                                                                                                                                                                                                        								_t75 = E00BD55B0(_t109, 1,  &(_t110[4]), 4, 0, 4);
                                                                                                                                                                                                                                                        								__eflags = _t75;
                                                                                                                                                                                                                                                        								if(_t75 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t110[3] = _a20;
                                                                                                                                                                                                                                                        								_t78 = E00BD55B0(_t109, 2,  &(_t110[3]), 4, 0, 4);
                                                                                                                                                                                                                                                        								__eflags = _t78;
                                                                                                                                                                                                                                                        								if(_t78 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t80 = E00BD55B0(_t109, 3,  &_a24, 4, 0, 2);
                                                                                                                                                                                                                                                        								__eflags = _t80;
                                                                                                                                                                                                                                                        								if(_t80 == 0) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								 *_t110 = _t92;
                                                                                                                                                                                                                                                        								_t82 = E00BE67F0( &(_t110[1]), _t109,  &(_t110[8]));
                                                                                                                                                                                                                                                        								__eflags = _t82 - 0xa;
                                                                                                                                                                                                                                                        								if(_t82 != 0xa) {
                                                                                                                                                                                                                                                        									E00BE67B0( &(_t110[1]), _t109);
                                                                                                                                                                                                                                                        									__eflags = _t82;
                                                                                                                                                                                                                                                        									_t92 =  *_t110;
                                                                                                                                                                                                                                                        									if(_t82 == 0) {
                                                                                                                                                                                                                                                        										SetLastError(_t110[0xa]);
                                                                                                                                                                                                                                                        										_t61 = 0;
                                                                                                                                                                                                                                                        										__eflags = _t110[0xa];
                                                                                                                                                                                                                                                        										if(_t110[0xa] != 0) {
                                                                                                                                                                                                                                                        											goto L17;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										__eflags = _a28;
                                                                                                                                                                                                                                                        										if(_a28 != 0) {
                                                                                                                                                                                                                                                        											_t84 = _t110[0xc];
                                                                                                                                                                                                                                                        											_t110[0x1e] = 1;
                                                                                                                                                                                                                                                        											__imp__GetThreadId(_t84);
                                                                                                                                                                                                                                                        											 *_a28 = _t84;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t61 = _t110[0xc];
                                                                                                                                                                                                                                                        										_t110[0x1e] = 0xffffffff;
                                                                                                                                                                                                                                                        										goto L17;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t92 =  *_t110;
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t110 = _t92;
                                                                                                                                                                                                                                                        						_t110[0x1e] = 0;
                                                                                                                                                                                                                                                        						_t85 = E00BE3900(_t65, 4, 1);
                                                                                                                                                                                                                                                        						_t92 =  *_t110;
                                                                                                                                                                                                                                                        						__eflags = _t85;
                                                                                                                                                                                                                                                        						if(_t85 == 0) {
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L16;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t86 = E00BE9C20();
                                                                                                                                                                                                                                                        				if(_t86 == 0) {
                                                                                                                                                                                                                                                        					_t108 = 0;
                                                                                                                                                                                                                                                        					__eflags = 0;
                                                                                                                                                                                                                                                        					 *_t110 = 0;
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t94 = _a28;
                                                                                                                                                                                                                                                        					_t106 = _a20;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t108 = _t86;
                                                                                                                                                                                                                                                        				if( *((char*)( *((intOrPtr*)( *_t86 + 8))() + 4)) == 0) {
                                                                                                                                                                                                                                                        					_t92 = GetLastError();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t91 = _a24;
                                                                                                                                                                                                                                                        				 *_t110 = 1;
                                                                                                                                                                                                                                                        				goto L6;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00bdf419
                                                                                                                                                                                                                                                        0x00bdf41f
                                                                                                                                                                                                                                                        0x00bdf421
                                                                                                                                                                                                                                                        0x00bdf424
                                                                                                                                                                                                                                                        0x00bdf427
                                                                                                                                                                                                                                                        0x00bdf42e
                                                                                                                                                                                                                                                        0x00bdf435
                                                                                                                                                                                                                                                        0x00bdf43f
                                                                                                                                                                                                                                                        0x00bdf442
                                                                                                                                                                                                                                                        0x00bdf445
                                                                                                                                                                                                                                                        0x00bdf44e
                                                                                                                                                                                                                                                        0x00bdf451
                                                                                                                                                                                                                                                        0x00bdf45f
                                                                                                                                                                                                                                                        0x00bdf482
                                                                                                                                                                                                                                                        0x00bdf484
                                                                                                                                                                                                                                                        0x00bdf49a
                                                                                                                                                                                                                                                        0x00bdf4a9
                                                                                                                                                                                                                                                        0x00bdf4ad
                                                                                                                                                                                                                                                        0x00bdf518
                                                                                                                                                                                                                                                        0x00bdf51b
                                                                                                                                                                                                                                                        0x00bdf529
                                                                                                                                                                                                                                                        0x00bdf529
                                                                                                                                                                                                                                                        0x00bdf4b8
                                                                                                                                                                                                                                                        0x00bdf4ba
                                                                                                                                                                                                                                                        0x00bdf4c6
                                                                                                                                                                                                                                                        0x00bdf4ca
                                                                                                                                                                                                                                                        0x00bdf4cd
                                                                                                                                                                                                                                                        0x00bdf4d0
                                                                                                                                                                                                                                                        0x00bdf508
                                                                                                                                                                                                                                                        0x00bdf508
                                                                                                                                                                                                                                                        0x00bdf510
                                                                                                                                                                                                                                                        0x00bdf516
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf516
                                                                                                                                                                                                                                                        0x00bdf4d2
                                                                                                                                                                                                                                                        0x00bdf4d5
                                                                                                                                                                                                                                                        0x00bdf4d7
                                                                                                                                                                                                                                                        0x00bdf4f5
                                                                                                                                                                                                                                                        0x00bdf4f5
                                                                                                                                                                                                                                                        0x00bdf4f9
                                                                                                                                                                                                                                                        0x00bdf500
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf502
                                                                                                                                                                                                                                                        0x00bdf506
                                                                                                                                                                                                                                                        0x00bdf52c
                                                                                                                                                                                                                                                        0x00bdf531
                                                                                                                                                                                                                                                        0x00bdf533
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf535
                                                                                                                                                                                                                                                        0x00bdf53a
                                                                                                                                                                                                                                                        0x00bdf53c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf53e
                                                                                                                                                                                                                                                        0x00bdf544
                                                                                                                                                                                                                                                        0x00bdf54a
                                                                                                                                                                                                                                                        0x00bdf54e
                                                                                                                                                                                                                                                        0x00bdf552
                                                                                                                                                                                                                                                        0x00bdf556
                                                                                                                                                                                                                                                        0x00bdf55d
                                                                                                                                                                                                                                                        0x00bdf560
                                                                                                                                                                                                                                                        0x00bdf565
                                                                                                                                                                                                                                                        0x00bdf567
                                                                                                                                                                                                                                                        0x00bdf621
                                                                                                                                                                                                                                                        0x00bdf621
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf621
                                                                                                                                                                                                                                                        0x00bdf56d
                                                                                                                                                                                                                                                        0x00bdf56f
                                                                                                                                                                                                                                                        0x00bdf575
                                                                                                                                                                                                                                                        0x00bdf57c
                                                                                                                                                                                                                                                        0x00bdf583
                                                                                                                                                                                                                                                        0x00bdf58f
                                                                                                                                                                                                                                                        0x00bdf59e
                                                                                                                                                                                                                                                        0x00bdf5a3
                                                                                                                                                                                                                                                        0x00bdf5a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5ac
                                                                                                                                                                                                                                                        0x00bdf5bb
                                                                                                                                                                                                                                                        0x00bdf5c0
                                                                                                                                                                                                                                                        0x00bdf5c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5c9
                                                                                                                                                                                                                                                        0x00bdf5d8
                                                                                                                                                                                                                                                        0x00bdf5dd
                                                                                                                                                                                                                                                        0x00bdf5df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5ef
                                                                                                                                                                                                                                                        0x00bdf5f4
                                                                                                                                                                                                                                                        0x00bdf5f6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf5fb
                                                                                                                                                                                                                                                        0x00bdf602
                                                                                                                                                                                                                                                        0x00bdf607
                                                                                                                                                                                                                                                        0x00bdf60a
                                                                                                                                                                                                                                                        0x00bdf616
                                                                                                                                                                                                                                                        0x00bdf61b
                                                                                                                                                                                                                                                        0x00bdf61d
                                                                                                                                                                                                                                                        0x00bdf61f
                                                                                                                                                                                                                                                        0x00bdf630
                                                                                                                                                                                                                                                        0x00bdf636
                                                                                                                                                                                                                                                        0x00bdf638
                                                                                                                                                                                                                                                        0x00bdf63c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf642
                                                                                                                                                                                                                                                        0x00bdf646
                                                                                                                                                                                                                                                        0x00bdf648
                                                                                                                                                                                                                                                        0x00bdf64b
                                                                                                                                                                                                                                                        0x00bdf653
                                                                                                                                                                                                                                                        0x00bdf65c
                                                                                                                                                                                                                                                        0x00bdf65c
                                                                                                                                                                                                                                                        0x00bdf65e
                                                                                                                                                                                                                                                        0x00bdf661
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf661
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf61f
                                                                                                                                                                                                                                                        0x00bdf60c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf60c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf506
                                                                                                                                                                                                                                                        0x00bdf4d9
                                                                                                                                                                                                                                                        0x00bdf4db
                                                                                                                                                                                                                                                        0x00bdf4e7
                                                                                                                                                                                                                                                        0x00bdf4ef
                                                                                                                                                                                                                                                        0x00bdf4f1
                                                                                                                                                                                                                                                        0x00bdf4f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf4f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf4bc
                                                                                                                                                                                                                                                        0x00bdf461
                                                                                                                                                                                                                                                        0x00bdf468
                                                                                                                                                                                                                                                        0x00bdf48c
                                                                                                                                                                                                                                                        0x00bdf48c
                                                                                                                                                                                                                                                        0x00bdf48e
                                                                                                                                                                                                                                                        0x00bdf494
                                                                                                                                                                                                                                                        0x00bdf494
                                                                                                                                                                                                                                                        0x00bdf497
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf497
                                                                                                                                                                                                                                                        0x00bdf46a
                                                                                                                                                                                                                                                        0x00bdf477
                                                                                                                                                                                                                                                        0x00bdf4c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdf4c4
                                                                                                                                                                                                                                                        0x00bdf479
                                                                                                                                                                                                                                                        0x00bdf47e
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDF4AF
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BDF4BE
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00BDF510
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?,00000000,00000000,?,00000003,?,00000004,00000000,00000002,00000002,?,00000004,00000000,00000004,00000001,?), ref: 00BDF630
                                                                                                                                                                                                                                                        • GetThreadId.KERNEL32(?), ref: 00BDF653
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Thread
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1128930793-0
                                                                                                                                                                                                                                                        • Opcode ID: 7b4a8f76a58a6502b9878a0fddff6938035534cebae31bf241a8b76eb102d46f
                                                                                                                                                                                                                                                        • Instruction ID: 88f82c4a89e9faf8e59c39ae0711b17d4a029dbc46107ec9c79ce49a7080e550
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7b4a8f76a58a6502b9878a0fddff6938035534cebae31bf241a8b76eb102d46f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95719DB02047019FEB31CF25D885BA6B7E4FF54714F1046AAEA928B7E1EB74E840CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 26%
                                                                                                                                                                                                                                                        			E00BBC940(void* __eflags, signed int _a4, char* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				char _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _t65;
                                                                                                                                                                                                                                                        				int _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t76;
                                                                                                                                                                                                                                                        				intOrPtr _t82;
                                                                                                                                                                                                                                                        				void* _t88;
                                                                                                                                                                                                                                                        				char _t90;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				intOrPtr _t97;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				intOrPtr* _t110;
                                                                                                                                                                                                                                                        				signed int _t121;
                                                                                                                                                                                                                                                        				signed int _t123;
                                                                                                                                                                                                                                                        				intOrPtr* _t126;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				intOrPtr* _t130;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				void* _t134;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t134 = __eflags;
                                                                                                                                                                                                                                                        				_t65 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t126 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t65 ^ _t131;
                                                                                                                                                                                                                                                        				_t67 = strlen(_a8);
                                                                                                                                                                                                                                                        				_v36 = _t67;
                                                                                                                                                                                                                                                        				_t99 =  *((intOrPtr*)( *_t126 + 4));
                                                                                                                                                                                                                                                        				asm("sbb ecx, edi");
                                                                                                                                                                                                                                                        				_v32 = _t134 < 0;
                                                                                                                                                                                                                                                        				asm("sbb ecx, edi");
                                                                                                                                                                                                                                                        				_t96 =  *((intOrPtr*)(_t126 + _t99 + 0x20)) - _t67;
                                                                                                                                                                                                                                                        				asm("sbb edi, 0x0");
                                                                                                                                                                                                                                                        				_t128 =  !=  ?  *((intOrPtr*)(_t126 + _t99 + 0x24)) : 0;
                                                                                                                                                                                                                                                        				_t120 =  !=  ? _t96 : 0;
                                                                                                                                                                                                                                                        				_v32 =  !=  ? _t96 : 0;
                                                                                                                                                                                                                                                        				E00BBD780( &_v28, _a4);
                                                                                                                                                                                                                                                        				if(_v24 == 0) {
                                                                                                                                                                                                                                                        					_t129 = _a4;
                                                                                                                                                                                                                                                        					_t121 = 4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t123 = _a4;
                                                                                                                                                                                                                                                        					asm("sbb ecx, 0x0");
                                                                                                                                                                                                                                                        					_t76 =  *((intOrPtr*)( *_t123 + 4));
                                                                                                                                                                                                                                                        					if(_v32 < 1) {
                                                                                                                                                                                                                                                        						_t97 = _v32;
                                                                                                                                                                                                                                                        						_t129 = _t123;
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if((0x000001c0 &  *(_t123 + _t76 + 0x14)) == 0x40) {
                                                                                                                                                                                                                                                        							_t97 = _v32;
                                                                                                                                                                                                                                                        							_t129 = _a4;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t129 = _a4;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t90 =  *((char*)(_t129 + _t76 + 0x40));
                                                                                                                                                                                                                                                        								__imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z(_t90);
                                                                                                                                                                                                                                                        								if(_t90 == 0xffffffff) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t96 = _t96 + 0xffffffff;
                                                                                                                                                                                                                                                        								asm("adc edi, 0xffffffff");
                                                                                                                                                                                                                                                        								asm("sbb eax, edi");
                                                                                                                                                                                                                                                        								_t76 =  *((intOrPtr*)( *_t129 + 4));
                                                                                                                                                                                                                                                        								if(_t96 < 0) {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L10:
                                                                                                                                                                                                                                                        									_push(0);
                                                                                                                                                                                                                                                        									_push(_v36);
                                                                                                                                                                                                                                                        									_push(_a8);
                                                                                                                                                                                                                                                        									if(( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t129 + _t76 + 0x38)))) + 0x24))() ^ _v36 | _t123) != 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										asm("sbb eax, 0x0");
                                                                                                                                                                                                                                                        										if(_t97 < 1) {
                                                                                                                                                                                                                                                        											L16:
                                                                                                                                                                                                                                                        											_t121 = 0;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t130 = __imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z;
                                                                                                                                                                                                                                                        											while(1) {
                                                                                                                                                                                                                                                        												_t88 =  *_t130( *((char*)(_a4 +  *((intOrPtr*)( *_a4 + 4)) + 0x40)));
                                                                                                                                                                                                                                                        												_t97 = _t97 + 0xffffffff;
                                                                                                                                                                                                                                                        												asm("adc edi, 0xffffffff");
                                                                                                                                                                                                                                                        												if(_t88 == 0xffffffff) {
                                                                                                                                                                                                                                                        													break;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												asm("sbb eax, 0x0");
                                                                                                                                                                                                                                                        												if(_t97 >= 1) {
                                                                                                                                                                                                                                                        													continue;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t129 = _a4;
                                                                                                                                                                                                                                                        													goto L16;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L19;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_t129 = _a4;
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t121 = 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L19:
                                                                                                                                                                                                                                                        					_t82 =  *((intOrPtr*)( *_t129 + 4));
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t129 + _t82 + 0x24)) = 0;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t129 + _t82 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t70 =  *((intOrPtr*)( *_t129 + 4));
                                                                                                                                                                                                                                                        				_t122 = _t121 |  *(_t129 + _t70 + 0xc);
                                                                                                                                                                                                                                                        				__imp__?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z(_t121 |  *(_t129 + _t70 + 0xc), 0);
                                                                                                                                                                                                                                                        				__imp__?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ();
                                                                                                                                                                                                                                                        				_t71 = _v28;
                                                                                                                                                                                                                                                        				_t110 =  *((intOrPtr*)(_v28 +  *((intOrPtr*)( *_v28 + 4)) + 0x38));
                                                                                                                                                                                                                                                        				if(_t110 != 0) {
                                                                                                                                                                                                                                                        					_t71 =  *((intOrPtr*)( *_t110 + 8))();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t71, _v20 ^ _t131, _t122);
                                                                                                                                                                                                                                                        				return _t129;
                                                                                                                                                                                                                                                        			}



























                                                                                                                                                                                                                                                        0x00bbc940
                                                                                                                                                                                                                                                        0x00bbc949
                                                                                                                                                                                                                                                        0x00bbc94e
                                                                                                                                                                                                                                                        0x00bbc953
                                                                                                                                                                                                                                                        0x00bbc959
                                                                                                                                                                                                                                                        0x00bbc965
                                                                                                                                                                                                                                                        0x00bbc968
                                                                                                                                                                                                                                                        0x00bbc981
                                                                                                                                                                                                                                                        0x00bbc988
                                                                                                                                                                                                                                                        0x00bbc98e
                                                                                                                                                                                                                                                        0x00bbc993
                                                                                                                                                                                                                                                        0x00bbc995
                                                                                                                                                                                                                                                        0x00bbc99e
                                                                                                                                                                                                                                                        0x00bbc9a1
                                                                                                                                                                                                                                                        0x00bbc9a4
                                                                                                                                                                                                                                                        0x00bbc9aa
                                                                                                                                                                                                                                                        0x00bbc9b3
                                                                                                                                                                                                                                                        0x00bbca13
                                                                                                                                                                                                                                                        0x00bbca16
                                                                                                                                                                                                                                                        0x00bbc9b5
                                                                                                                                                                                                                                                        0x00bbc9b5
                                                                                                                                                                                                                                                        0x00bbc9c0
                                                                                                                                                                                                                                                        0x00bbc9c3
                                                                                                                                                                                                                                                        0x00bbc9c6
                                                                                                                                                                                                                                                        0x00bbca20
                                                                                                                                                                                                                                                        0x00bbca25
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbc9c8
                                                                                                                                                                                                                                                        0x00bbc9d4
                                                                                                                                                                                                                                                        0x00bbca2b
                                                                                                                                                                                                                                                        0x00bbca2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbc9d6
                                                                                                                                                                                                                                                        0x00bbc9d6
                                                                                                                                                                                                                                                        0x00bbc9e0
                                                                                                                                                                                                                                                        0x00bbc9e4
                                                                                                                                                                                                                                                        0x00bbc9ea
                                                                                                                                                                                                                                                        0x00bbc9f3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbc9f9
                                                                                                                                                                                                                                                        0x00bbc9fe
                                                                                                                                                                                                                                                        0x00bbca08
                                                                                                                                                                                                                                                        0x00bbca0c
                                                                                                                                                                                                                                                        0x00bbca0f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca11
                                                                                                                                                                                                                                                        0x00bbca31
                                                                                                                                                                                                                                                        0x00bbca37
                                                                                                                                                                                                                                                        0x00bbca39
                                                                                                                                                                                                                                                        0x00bbca3c
                                                                                                                                                                                                                                                        0x00bbca47
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca49
                                                                                                                                                                                                                                                        0x00bbca4e
                                                                                                                                                                                                                                                        0x00bbca51
                                                                                                                                                                                                                                                        0x00bbca8e
                                                                                                                                                                                                                                                        0x00bbca8e
                                                                                                                                                                                                                                                        0x00bbca53
                                                                                                                                                                                                                                                        0x00bbca53
                                                                                                                                                                                                                                                        0x00bbca60
                                                                                                                                                                                                                                                        0x00bbca74
                                                                                                                                                                                                                                                        0x00bbca76
                                                                                                                                                                                                                                                        0x00bbca79
                                                                                                                                                                                                                                                        0x00bbca7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca86
                                                                                                                                                                                                                                                        0x00bbca89
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca8b
                                                                                                                                                                                                                                                        0x00bbca8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca8b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca89
                                                                                                                                                                                                                                                        0x00bbca92
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca92
                                                                                                                                                                                                                                                        0x00bbca51
                                                                                                                                                                                                                                                        0x00bbca47
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbca0f
                                                                                                                                                                                                                                                        0x00bbca95
                                                                                                                                                                                                                                                        0x00bbca95
                                                                                                                                                                                                                                                        0x00bbc9d4
                                                                                                                                                                                                                                                        0x00bbca9a
                                                                                                                                                                                                                                                        0x00bbca9c
                                                                                                                                                                                                                                                        0x00bbca9f
                                                                                                                                                                                                                                                        0x00bbcaa7
                                                                                                                                                                                                                                                        0x00bbcaa7
                                                                                                                                                                                                                                                        0x00bbcab1
                                                                                                                                                                                                                                                        0x00bbcab4
                                                                                                                                                                                                                                                        0x00bbcabe
                                                                                                                                                                                                                                                        0x00bbcac7
                                                                                                                                                                                                                                                        0x00bbcacd
                                                                                                                                                                                                                                                        0x00bbcad5
                                                                                                                                                                                                                                                        0x00bbcadb
                                                                                                                                                                                                                                                        0x00bbcadf
                                                                                                                                                                                                                                                        0x00bbcadf
                                                                                                                                                                                                                                                        0x00bbcae7
                                                                                                                                                                                                                                                        0x00bbcaf5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBC959
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(00000002,?,?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7A7
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7C9
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?,00000002), ref: 00BBC9EA
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBCA74
                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,00000002,?), ref: 00BBCABE
                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBCAC7
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?good@ios_base@std@@?sputc@?$basic_streambuf@$?clear@?$basic_ios@Osfx@?$basic_ostream@strlen
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1759040666-0
                                                                                                                                                                                                                                                        • Opcode ID: f5a161b00a6ade442c1edc30aca466855b434b59cb364b2ec5d2c3c1dfb8fb7c
                                                                                                                                                                                                                                                        • Instruction ID: 889d17b44d90deada23e3a974090d9da3a53ad5c861d77f50cbd07e77d91dfaf
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f5a161b00a6ade442c1edc30aca466855b434b59cb364b2ec5d2c3c1dfb8fb7c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6F518331A001199FDB14CF28C894BBABBE1FF48324F5986A8E9569B3D5C771EC41CB80
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(00000002,?,?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7A7
                                                                                                                                                                                                                                                          • Part of subcall function 00BBD780: ?good@ios_base@std@@QBE_NXZ.MSVCP140(?,00BBC9AF,00000002,?,?,00BCA153,?,GetTlsVectorStateAndValue(key) == TlsVectorState::kUninitialized,00000002,00000001), ref: 00BBD7C9
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBDB4A
                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000), ref: 00BBDB98
                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BBDBA1
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(0000002E), ref: 00BBDBE4
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(?), ref: 00BBDC1F
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?sputc@?$basic_streambuf@$?good@ios_base@std@@$?clear@?$basic_ios@Osfx@?$basic_ostream@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1634116027-0
                                                                                                                                                                                                                                                        • Opcode ID: b7567cfd7a58ff9fabc573b0d1336d0a45907160502cc480a94fff2ff892210b
                                                                                                                                                                                                                                                        • Instruction ID: 5ff0e75a15c9ab0b2aaa2f8e1edd064c272a9afdc3560c2ca6136b1f9c45cbb9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b7567cfd7a58ff9fabc573b0d1336d0a45907160502cc480a94fff2ff892210b
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4D415F356006008FD738CB38C994E7A7BE6EF89324F154798E9A6873E5DB74E845CB40
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 69%
                                                                                                                                                                                                                                                        			E00BD3070(intOrPtr _a4, void* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				void* _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t30;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				int _t41;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				signed int _t47;
                                                                                                                                                                                                                                                        				void* _t56;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				signed int _t60;
                                                                                                                                                                                                                                                        				signed int* _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t30 ^ _t60;
                                                                                                                                                                                                                                                        				if( *0xbfb500 == 0) {
                                                                                                                                                                                                                                                        					E00BEB3D0("NtQueryObject", 0xbfb500);
                                                                                                                                                                                                                                                        					_t61 =  &(_t61[2]);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t57 = 0;
                                                                                                                                                                                                                                                        				_t41 = 0x104;
                                                                                                                                                                                                                                                        				_v28 = 0x104;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t32 = malloc(_t41);
                                                                                                                                                                                                                                                        					_t61 =  &(_t61[1]);
                                                                                                                                                                                                                                                        					_t56 = _t32;
                                                                                                                                                                                                                                                        					if(_t57 != 0) {
                                                                                                                                                                                                                                                        						free(_t57);
                                                                                                                                                                                                                                                        						_t61 =  &(_t61[1]);
                                                                                                                                                                                                                                                        						_t41 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t34 =  *0xbfb500(_a4, 1, _t56, _t41,  &_v28);
                                                                                                                                                                                                                                                        					if(_t34 == 0xc0000004) {
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t42 = _t34;
                                                                                                                                                                                                                                                        					if(_t34 == 0x80000005) {
                                                                                                                                                                                                                                                        						goto L3;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t42 < 0) {
                                                                                                                                                                                                                                                        						L15:
                                                                                                                                                                                                                                                        						_t44 = _a8;
                                                                                                                                                                                                                                                        						_t35 = _t44;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t44 + 0x14)) >= 8) {
                                                                                                                                                                                                                                                        							_t35 =  *_t44;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t44 + 0x10)) = 0;
                                                                                                                                                                                                                                                        						 *_t35 = 0;
                                                                                                                                                                                                                                                        						if(_t56 == 0) {
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							E00BEECB0(_t35, _v20 ^ _t60, _t51);
                                                                                                                                                                                                                                                        							return _t42 & 0xffffff00 | _t42 > 0x00000000;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L18:
                                                                                                                                                                                                                                                        							free(_t56);
                                                                                                                                                                                                                                                        							goto L19;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t38 =  *(_t56 + 4);
                                                                                                                                                                                                                                                        					if(_t38 == 0) {
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t47 =  *_t56 & 0x0000ffff;
                                                                                                                                                                                                                                                        					if(_t47 == 0) {
                                                                                                                                                                                                                                                        						goto L15;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t59 = _t47 >> 1;
                                                                                                                                                                                                                                                        					_t51 =  *((intOrPtr*)(_a8 + 0x14));
                                                                                                                                                                                                                                                        					if(_t51 < _t59) {
                                                                                                                                                                                                                                                        						_t61 = _t61 - 0xc;
                                                                                                                                                                                                                                                        						_v60 = _v24;
                                                                                                                                                                                                                                                        						_v56 = _t38;
                                                                                                                                                                                                                                                        						 *_t61 = _t59;
                                                                                                                                                                                                                                                        						_t35 = E00BBA7D0(_t42, _a8, _t56, _t59);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v32 = _a8;
                                                                                                                                                                                                                                                        						if(_t51 >= 8) {
                                                                                                                                                                                                                                                        							_v32 =  *_a8;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t51 = _a8;
                                                                                                                                                                                                                                                        						 *(_a8 + 0x10) = _t59;
                                                                                                                                                                                                                                                        						memmove(_v32, _t38, _t47 & 0xfffffffe);
                                                                                                                                                                                                                                                        						_t61 =  &(_t61[3]);
                                                                                                                                                                                                                                                        						_t35 = _v32;
                                                                                                                                                                                                                                                        						 *((short*)(_v32 + _t59 * 2)) = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L18;
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					_t41 = _v28;
                                                                                                                                                                                                                                                        					_t57 = _t56;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00bd3079
                                                                                                                                                                                                                                                        0x00bd3080
                                                                                                                                                                                                                                                        0x00bd308a
                                                                                                                                                                                                                                                        0x00bd3096
                                                                                                                                                                                                                                                        0x00bd309b
                                                                                                                                                                                                                                                        0x00bd309b
                                                                                                                                                                                                                                                        0x00bd309e
                                                                                                                                                                                                                                                        0x00bd30a0
                                                                                                                                                                                                                                                        0x00bd30a5
                                                                                                                                                                                                                                                        0x00bd30b5
                                                                                                                                                                                                                                                        0x00bd30b6
                                                                                                                                                                                                                                                        0x00bd30bc
                                                                                                                                                                                                                                                        0x00bd30bf
                                                                                                                                                                                                                                                        0x00bd30c3
                                                                                                                                                                                                                                                        0x00bd30c6
                                                                                                                                                                                                                                                        0x00bd30cc
                                                                                                                                                                                                                                                        0x00bd30cf
                                                                                                                                                                                                                                                        0x00bd30cf
                                                                                                                                                                                                                                                        0x00bd30dd
                                                                                                                                                                                                                                                        0x00bd30e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30ea
                                                                                                                                                                                                                                                        0x00bd30f1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30f5
                                                                                                                                                                                                                                                        0x00bd3147
                                                                                                                                                                                                                                                        0x00bd3147
                                                                                                                                                                                                                                                        0x00bd314e
                                                                                                                                                                                                                                                        0x00bd3150
                                                                                                                                                                                                                                                        0x00bd3152
                                                                                                                                                                                                                                                        0x00bd3152
                                                                                                                                                                                                                                                        0x00bd3156
                                                                                                                                                                                                                                                        0x00bd315d
                                                                                                                                                                                                                                                        0x00bd3162
                                                                                                                                                                                                                                                        0x00bd316e
                                                                                                                                                                                                                                                        0x00bd3178
                                                                                                                                                                                                                                                        0x00bd3186
                                                                                                                                                                                                                                                        0x00bd3164
                                                                                                                                                                                                                                                        0x00bd3164
                                                                                                                                                                                                                                                        0x00bd3165
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd316b
                                                                                                                                                                                                                                                        0x00bd3162
                                                                                                                                                                                                                                                        0x00bd30f7
                                                                                                                                                                                                                                                        0x00bd30fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30fe
                                                                                                                                                                                                                                                        0x00bd3103
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd310a
                                                                                                                                                                                                                                                        0x00bd310c
                                                                                                                                                                                                                                                        0x00bd3111
                                                                                                                                                                                                                                                        0x00bd3187
                                                                                                                                                                                                                                                        0x00bd318d
                                                                                                                                                                                                                                                        0x00bd3194
                                                                                                                                                                                                                                                        0x00bd3198
                                                                                                                                                                                                                                                        0x00bd319b
                                                                                                                                                                                                                                                        0x00bd3113
                                                                                                                                                                                                                                                        0x00bd3119
                                                                                                                                                                                                                                                        0x00bd311c
                                                                                                                                                                                                                                                        0x00bd3123
                                                                                                                                                                                                                                                        0x00bd3123
                                                                                                                                                                                                                                                        0x00bd3126
                                                                                                                                                                                                                                                        0x00bd312c
                                                                                                                                                                                                                                                        0x00bd3134
                                                                                                                                                                                                                                                        0x00bd3139
                                                                                                                                                                                                                                                        0x00bd313c
                                                                                                                                                                                                                                                        0x00bd313f
                                                                                                                                                                                                                                                        0x00bd313f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd30b0
                                                                                                                                                                                                                                                        0x00bd30b0
                                                                                                                                                                                                                                                        0x00bd30b3
                                                                                                                                                                                                                                                        0x00bd30b3

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000104), ref: 00BD30B6
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BD30C6
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?), ref: 00BD3134
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BD3165
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: free$AddressProcmallocmemmove
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 1959892876-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: cb0537141e49864d913407cc303472be5bdc8ef10d1a52b387d71dbfe36ebabe
                                                                                                                                                                                                                                                        • Instruction ID: c93663a16e40e10ade19a20356b4f4023fa4b963e316c500f37349b5debfaa18
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cb0537141e49864d913407cc303472be5bdc8ef10d1a52b387d71dbfe36ebabe
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B831D370A0021A9BDB148F58DC85ABFBBF5EF40B00F14816AE9159B352EB74DE45CBD2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BD5AC0(void* __eax, void* __ecx) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				intOrPtr _v4;
                                                                                                                                                                                                                                                        				char _v8;
                                                                                                                                                                                                                                                        				intOrPtr _v12;
                                                                                                                                                                                                                                                        				intOrPtr _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				signed int _v72;
                                                                                                                                                                                                                                                        				signed int _v76;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				intOrPtr _v96;
                                                                                                                                                                                                                                                        				char _v100;
                                                                                                                                                                                                                                                        				char _v116;
                                                                                                                                                                                                                                                        				intOrPtr _v120;
                                                                                                                                                                                                                                                        				char _v124;
                                                                                                                                                                                                                                                        				signed int _v140;
                                                                                                                                                                                                                                                        				intOrPtr _v144;
                                                                                                                                                                                                                                                        				signed int _v148;
                                                                                                                                                                                                                                                        				char _v152;
                                                                                                                                                                                                                                                        				char _v168;
                                                                                                                                                                                                                                                        				signed int _v172;
                                                                                                                                                                                                                                                        				char _v176;
                                                                                                                                                                                                                                                        				char _v192;
                                                                                                                                                                                                                                                        				intOrPtr _v196;
                                                                                                                                                                                                                                                        				char _v200;
                                                                                                                                                                                                                                                        				char _v216;
                                                                                                                                                                                                                                                        				char _v224;
                                                                                                                                                                                                                                                        				signed int _v244;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				intOrPtr* _t106;
                                                                                                                                                                                                                                                        				intOrPtr _t107;
                                                                                                                                                                                                                                                        				intOrPtr _t108;
                                                                                                                                                                                                                                                        				intOrPtr _t115;
                                                                                                                                                                                                                                                        				intOrPtr _t121;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				intOrPtr _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				intOrPtr _t135;
                                                                                                                                                                                                                                                        				void* _t136;
                                                                                                                                                                                                                                                        				intOrPtr _t140;
                                                                                                                                                                                                                                                        				intOrPtr* _t142;
                                                                                                                                                                                                                                                        				char* _t144;
                                                                                                                                                                                                                                                        				signed int _t145;
                                                                                                                                                                                                                                                        				intOrPtr* _t150;
                                                                                                                                                                                                                                                        				intOrPtr _t151;
                                                                                                                                                                                                                                                        				void* _t153;
                                                                                                                                                                                                                                                        				signed int _t154;
                                                                                                                                                                                                                                                        				signed int _t162;
                                                                                                                                                                                                                                                        				void* _t164;
                                                                                                                                                                                                                                                        				signed int _t165;
                                                                                                                                                                                                                                                        				signed int _t170;
                                                                                                                                                                                                                                                        				intOrPtr* _t172;
                                                                                                                                                                                                                                                        				signed int _t179;
                                                                                                                                                                                                                                                        				signed int _t184;
                                                                                                                                                                                                                                                        				intOrPtr _t190;
                                                                                                                                                                                                                                                        				intOrPtr _t192;
                                                                                                                                                                                                                                                        				intOrPtr _t193;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				signed int _t197;
                                                                                                                                                                                                                                                        				intOrPtr _t202;
                                                                                                                                                                                                                                                        				intOrPtr* _t204;
                                                                                                                                                                                                                                                        				char* _t206;
                                                                                                                                                                                                                                                        				char* _t207;
                                                                                                                                                                                                                                                        				signed int _t208;
                                                                                                                                                                                                                                                        				intOrPtr* _t214;
                                                                                                                                                                                                                                                        				void* _t215;
                                                                                                                                                                                                                                                        				intOrPtr _t216;
                                                                                                                                                                                                                                                        				intOrPtr _t219;
                                                                                                                                                                                                                                                        				signed int _t225;
                                                                                                                                                                                                                                                        				signed int _t227;
                                                                                                                                                                                                                                                        				signed int _t228;
                                                                                                                                                                                                                                                        				signed int _t229;
                                                                                                                                                                                                                                                        				signed int _t233;
                                                                                                                                                                                                                                                        				signed int _t236;
                                                                                                                                                                                                                                                        				signed int _t238;
                                                                                                                                                                                                                                                        				void* _t239;
                                                                                                                                                                                                                                                        				void* _t241;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t150 = __ecx + 4;
                                                                                                                                                                                                                                                        				_t225 = _t233;
                                                                                                                                                                                                                                                        				_push(__eax);
                                                                                                                                                                                                                                                        				_t106 =  *_t150;
                                                                                                                                                                                                                                                        				_t204 =  *_t106;
                                                                                                                                                                                                                                                        				 *_t106 = _t106;
                                                                                                                                                                                                                                                        				_t107 =  *_t150;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t107 + 4)) = _t107;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t150 + 4)) = 0;
                                                                                                                                                                                                                                                        				if(_t204 ==  *_t150) {
                                                                                                                                                                                                                                                        					_t142 = _t204;
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t214 = _t150;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t108 =  *((intOrPtr*)(_t204 + 0x54));
                                                                                                                                                                                                                                                        						_t142 =  *_t204;
                                                                                                                                                                                                                                                        						if(_t108 >= 0x10) {
                                                                                                                                                                                                                                                        							_t151 =  *((intOrPtr*)(_t204 + 0x40));
                                                                                                                                                                                                                                                        							_t192 = _t108 + 1;
                                                                                                                                                                                                                                                        							__eflags = _t192 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t192 >= 0x1000) {
                                                                                                                                                                                                                                                        								_t193 =  *((intOrPtr*)(_t151 - 4));
                                                                                                                                                                                                                                                        								_t153 = _t151 + 0xfffffffc - _t193;
                                                                                                                                                                                                                                                        								_v20 = _t193;
                                                                                                                                                                                                                                                        								__eflags = _t153 - 0x20;
                                                                                                                                                                                                                                                        								if(_t153 >= 0x20) {
                                                                                                                                                                                                                                                        									goto L16;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t151 = _v20;
                                                                                                                                                                                                                                                        									_t192 = _t108 + 0x24;
                                                                                                                                                                                                                                                        									goto L10;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								L10:
                                                                                                                                                                                                                                                        								_push(_t192);
                                                                                                                                                                                                                                                        								_push(_t151);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								_t233 = _t233 + 8;
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t204 + 0x50)) = 0;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t204 + 0x54)) = 0xf;
                                                                                                                                                                                                                                                        							 *((char*)(_t204 + 0x40)) = 0;
                                                                                                                                                                                                                                                        							_t140 =  *((intOrPtr*)(_t204 + 0x3c));
                                                                                                                                                                                                                                                        							if(_t140 < 0x10) {
                                                                                                                                                                                                                                                        								goto L4;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t190 =  *((intOrPtr*)(_t204 + 0x28));
                                                                                                                                                                                                                                                        								_t13 = _t140 + 1; // 0x10
                                                                                                                                                                                                                                                        								if(_t13 >= 0x1000) {
                                                                                                                                                                                                                                                        									_t202 =  *((intOrPtr*)(_t190 - 4));
                                                                                                                                                                                                                                                        									_t153 = _t190 + 0xfffffffc - _t202;
                                                                                                                                                                                                                                                        									_v20 = _t202;
                                                                                                                                                                                                                                                        									__eflags = _t153 - 0x20;
                                                                                                                                                                                                                                                        									if(_t153 >= 0x20) {
                                                                                                                                                                                                                                                        										L16:
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(_t225);
                                                                                                                                                                                                                                                        										_t227 = _t233;
                                                                                                                                                                                                                                                        										_push(_t142);
                                                                                                                                                                                                                                                        										_push(_t204);
                                                                                                                                                                                                                                                        										_push(_t214);
                                                                                                                                                                                                                                                        										_t215 = _t153;
                                                                                                                                                                                                                                                        										_t154 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        										_t206 =  &_v92;
                                                                                                                                                                                                                                                        										_t144 =  &_v68;
                                                                                                                                                                                                                                                        										_v40 = _t154 ^ _t227;
                                                                                                                                                                                                                                                        										_v96 = 7;
                                                                                                                                                                                                                                                        										_v100 = 0;
                                                                                                                                                                                                                                                        										_v116 = 0;
                                                                                                                                                                                                                                                        										_v72 = 0xf;
                                                                                                                                                                                                                                                        										_v76 = 0;
                                                                                                                                                                                                                                                        										_v92 = 0;
                                                                                                                                                                                                                                                        										_v48 = 0xf;
                                                                                                                                                                                                                                                        										_v52 = 0;
                                                                                                                                                                                                                                                        										_v68 = 0;
                                                                                                                                                                                                                                                        										_v124 = _v8;
                                                                                                                                                                                                                                                        										_v120 = _v0;
                                                                                                                                                                                                                                                        										E00BBA740( &_v116, _v16);
                                                                                                                                                                                                                                                        										E00BBD9B0(_t206, _v12);
                                                                                                                                                                                                                                                        										E00BBD9B0(_t144, _v4);
                                                                                                                                                                                                                                                        										_v44 = 0;
                                                                                                                                                                                                                                                        										_push( &_v124);
                                                                                                                                                                                                                                                        										E00BD6AD0( &_v124, _t144, _t215 + 4,  *((intOrPtr*)(_t215 + 4)), _t206, _t215);
                                                                                                                                                                                                                                                        										_t236 = _t233 - 0x58 + 4;
                                                                                                                                                                                                                                                        										 *((char*)(_t215 + 0xc)) = 1;
                                                                                                                                                                                                                                                        										_t115 = _v48;
                                                                                                                                                                                                                                                        										__eflags = _t115 - 0x10;
                                                                                                                                                                                                                                                        										if(_t115 >= 0x10) {
                                                                                                                                                                                                                                                        											_t162 = _v52;
                                                                                                                                                                                                                                                        											_t58 = _t115 + 1; // 0x10
                                                                                                                                                                                                                                                        											_t216 = _t58;
                                                                                                                                                                                                                                                        											__eflags = _t216 - 0x1000;
                                                                                                                                                                                                                                                        											if(_t216 >= 0x1000) {
                                                                                                                                                                                                                                                        												_t195 =  *((intOrPtr*)(_t162 - 4));
                                                                                                                                                                                                                                                        												_t164 = _t162 + 0xfffffffc - _t195;
                                                                                                                                                                                                                                                        												__eflags = _t164 - 0x20;
                                                                                                                                                                                                                                                        												if(_t164 >= 0x20) {
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t162 = _t195;
                                                                                                                                                                                                                                                        													_t216 = _t115 + 0x24;
                                                                                                                                                                                                                                                        													goto L21;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L21:
                                                                                                                                                                                                                                                        												_push(_t216);
                                                                                                                                                                                                                                                        												_push(_t162);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t236 = _t236 + 8;
                                                                                                                                                                                                                                                        												goto L18;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L18:
                                                                                                                                                                                                                                                        											_v36 = 0;
                                                                                                                                                                                                                                                        											_v32 = 0xf;
                                                                                                                                                                                                                                                        											_v52 = 0;
                                                                                                                                                                                                                                                        											_t135 = _v56;
                                                                                                                                                                                                                                                        											__eflags = _t135 - 0x10;
                                                                                                                                                                                                                                                        											if(_t135 >= 0x10) {
                                                                                                                                                                                                                                                        												_t184 = _v76;
                                                                                                                                                                                                                                                        												_t60 = _t135 + 1; // 0x10
                                                                                                                                                                                                                                                        												_t216 = _t60;
                                                                                                                                                                                                                                                        												__eflags = _t216 - 0x1000;
                                                                                                                                                                                                                                                        												if(_t216 >= 0x1000) {
                                                                                                                                                                                                                                                        													_t195 =  *((intOrPtr*)(_t184 - 4));
                                                                                                                                                                                                                                                        													_t164 = _t184 + 0xfffffffc - _t195;
                                                                                                                                                                                                                                                        													__eflags = _t164 - 0x20;
                                                                                                                                                                                                                                                        													if(_t164 >= 0x20) {
                                                                                                                                                                                                                                                        														L28:
                                                                                                                                                                                                                                                        														__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														_push(_t227);
                                                                                                                                                                                                                                                        														_t228 = _t236;
                                                                                                                                                                                                                                                        														_push(_t206);
                                                                                                                                                                                                                                                        														_push(_t216);
                                                                                                                                                                                                                                                        														_t165 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        														_t207 =  &_v192;
                                                                                                                                                                                                                                                        														_v140 = _t165 ^ _t228;
                                                                                                                                                                                                                                                        														_v196 = 7;
                                                                                                                                                                                                                                                        														_v200 = 0;
                                                                                                                                                                                                                                                        														_v216 = 0;
                                                                                                                                                                                                                                                        														_v172 = 0xf;
                                                                                                                                                                                                                                                        														_v176 = 0;
                                                                                                                                                                                                                                                        														_v192 = 0;
                                                                                                                                                                                                                                                        														_v148 = 0xf;
                                                                                                                                                                                                                                                        														_v152 = 0;
                                                                                                                                                                                                                                                        														_v168 = 0;
                                                                                                                                                                                                                                                        														_v224 = 5;
                                                                                                                                                                                                                                                        														E00BBA740( &_v216, _v120);
                                                                                                                                                                                                                                                        														E00BBD9B0(_t207, L"@ntdll.dll");
                                                                                                                                                                                                                                                        														_v144 = 1;
                                                                                                                                                                                                                                                        														_push( &_v224);
                                                                                                                                                                                                                                                        														E00BD6AD0( &_v224, _t144, _t164 + 4,  *((intOrPtr*)(_t164 + 4)), _t207, _t164 + 4);
                                                                                                                                                                                                                                                        														_t238 = _t236 - 0x58 + 4;
                                                                                                                                                                                                                                                        														_t121 = _v148;
                                                                                                                                                                                                                                                        														__eflags = _t121 - 0x10;
                                                                                                                                                                                                                                                        														if(_t121 >= 0x10) {
                                                                                                                                                                                                                                                        															_t170 = _v52;
                                                                                                                                                                                                                                                        															_t91 = _t121 + 1; // 0x10
                                                                                                                                                                                                                                                        															_t219 = _t91;
                                                                                                                                                                                                                                                        															__eflags = _t219 - 0x1000;
                                                                                                                                                                                                                                                        															if(_t219 >= 0x1000) {
                                                                                                                                                                                                                                                        																_t197 =  *(_t170 - 4);
                                                                                                                                                                                                                                                        																_t172 = _t170 + 0xfffffffc - _t197;
                                                                                                                                                                                                                                                        																__eflags = _t172 - 0x20;
                                                                                                                                                                                                                                                        																if(_t172 >= 0x20) {
                                                                                                                                                                                                                                                        																	goto L40;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t170 = _t197;
                                                                                                                                                                                                                                                        																	_t219 = _t121 + 0x24;
                                                                                                                                                                                                                                                        																	goto L33;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																L33:
                                                                                                                                                                                                                                                        																_push(_t219);
                                                                                                                                                                                                                                                        																_push(_t170);
                                                                                                                                                                                                                                                        																L00BEF6C6();
                                                                                                                                                                                                                                                        																_t238 = _t238 + 8;
                                                                                                                                                                                                                                                        																goto L30;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L30:
                                                                                                                                                                                                                                                        															_v36 = 0;
                                                                                                                                                                                                                                                        															_v32 = 0xf;
                                                                                                                                                                                                                                                        															_v52 = 0;
                                                                                                                                                                                                                                                        															_t130 = _v56;
                                                                                                                                                                                                                                                        															__eflags = _t130 - 0x10;
                                                                                                                                                                                                                                                        															if(_t130 >= 0x10) {
                                                                                                                                                                                                                                                        																_t179 = _v76;
                                                                                                                                                                                                                                                        																_t93 = _t130 + 1; // 0x10
                                                                                                                                                                                                                                                        																_t219 = _t93;
                                                                                                                                                                                                                                                        																__eflags = _t219 - 0x1000;
                                                                                                                                                                                                                                                        																if(_t219 >= 0x1000) {
                                                                                                                                                                                                                                                        																	_t197 =  *(_t179 - 4);
                                                                                                                                                                                                                                                        																	_t172 = _t179 + 0xfffffffc - _t197;
                                                                                                                                                                                                                                                        																	__eflags = _t172 - 0x20;
                                                                                                                                                                                                                                                        																	if(_t172 >= 0x20) {
                                                                                                                                                                                                                                                        																		L40:
                                                                                                                                                                                                                                                        																		__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		asm("int3");
                                                                                                                                                                                                                                                        																		_push(_t228);
                                                                                                                                                                                                                                                        																		_t229 = _t238;
                                                                                                                                                                                                                                                        																		_push(_t144);
                                                                                                                                                                                                                                                        																		_push(_t207);
                                                                                                                                                                                                                                                        																		_push(_t219);
                                                                                                                                                                                                                                                        																		_t239 = _t238 - 0xc;
                                                                                                                                                                                                                                                        																		_t122 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        																		_t145 = 0;
                                                                                                                                                                                                                                                        																		_t123 = _t122 ^ _t229;
                                                                                                                                                                                                                                                        																		_v244 = _t122 ^ _t229;
                                                                                                                                                                                                                                                        																		__eflags =  *(_t172 + 8);
                                                                                                                                                                                                                                                        																		if(__eflags != 0) {
                                                                                                                                                                                                                                                        																			_t220 = _t172;
                                                                                                                                                                                                                                                        																			_t124 = E00BD5F40(_t172, __eflags);
                                                                                                                                                                                                                                                        																			_t208 = _t124;
                                                                                                                                                                                                                                                        																			_push(_t124);
                                                                                                                                                                                                                                                        																			L00BEF6CC();
                                                                                                                                                                                                                                                        																			_t123 = E00BD6040(_t172, _t124, _t208);
                                                                                                                                                                                                                                                        																			_t197 = _t124;
                                                                                                                                                                                                                                                        																			_t241 = _t239 + 8;
                                                                                                                                                                                                                                                        																			_t145 = 0x26;
                                                                                                                                                                                                                                                        																			__eflags = _t123;
                                                                                                                                                                                                                                                        																			if(_t123 != 0) {
                                                                                                                                                                                                                                                        																				_t145 = 0x27;
                                                                                                                                                                                                                                                        																				_v40 = _t197;
                                                                                                                                                                                                                                                        																				_t123 = E00BEB4E0( *((intOrPtr*)( *_t220)), _t197, _t208,  &_v36);
                                                                                                                                                                                                                                                        																				_t241 = _t241 + 0x10;
                                                                                                                                                                                                                                                        																				__eflags = _t123;
                                                                                                                                                                                                                                                        																				if(_t123 != 0) {
                                                                                                                                                                                                                                                        																					__eflags = _t208;
                                                                                                                                                                                                                                                        																					_t200 = 0 | _t208 != 0x00000000;
                                                                                                                                                                                                                                                        																					_t123 = E00BD6270(_t220, _t208 != 0);
                                                                                                                                                                                                                                                        																					_t145 = _t123;
                                                                                                                                                                                                                                                        																					__eflags = _t123;
                                                                                                                                                                                                                                                        																					if(__eflags == 0) {
                                                                                                                                                                                                                                                        																						 *0xbfb5bc = _v36;
                                                                                                                                                                                                                                                        																						_t145 = E00BE9630( *_t220, _t200, __eflags, "g_interceptions", "true", 4);
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				_t197 = _v40;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_push(_t197);
                                                                                                                                                                                                                                                        																			L00BEF6D2();
                                                                                                                                                                                                                                                        																			_t239 = _t241 + 4;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		__eflags = _v32 ^ _t229;
                                                                                                                                                                                                                                                        																		E00BEECB0(_t123, _v32 ^ _t229, _t197);
                                                                                                                                                                                                                                                        																		return _t145;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t130 = _t130 + 0x24;
                                                                                                                                                                                                                                                        																		_t179 = _t197;
                                                                                                                                                                                                                                                        																		_t219 = _t130;
                                                                                                                                                                                                                                                        																		goto L35;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	L35:
                                                                                                                                                                                                                                                        																	_push(_t219);
                                                                                                                                                                                                                                                        																	_push(_t179);
                                                                                                                                                                                                                                                        																	L00BEF6C6();
                                                                                                                                                                                                                                                        																	_t238 = _t238 + 8;
                                                                                                                                                                                                                                                        																	goto L31;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																L31:
                                                                                                                                                                                                                                                        																_v60 = 0;
                                                                                                                                                                                                                                                        																_v56 = 0xf;
                                                                                                                                                                                                                                                        																_v76 = 0;
                                                                                                                                                                                                                                                        																_t131 = E00BBDF30(_t130,  &_v100, _t197);
                                                                                                                                                                                                                                                        																__eflags = _v24 ^ _t228;
                                                                                                                                                                                                                                                        																E00BEECB0(_t131, _v24 ^ _t228, _t197);
                                                                                                                                                                                                                                                        																return 1;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t135 = _t135 + 0x24;
                                                                                                                                                                                                                                                        														_t184 = _t195;
                                                                                                                                                                                                                                                        														_t216 = _t135;
                                                                                                                                                                                                                                                        														goto L23;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													L23:
                                                                                                                                                                                                                                                        													_push(_t216);
                                                                                                                                                                                                                                                        													_push(_t184);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t236 = _t236 + 8;
                                                                                                                                                                                                                                                        													goto L19;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												L19:
                                                                                                                                                                                                                                                        												_v60 = 0;
                                                                                                                                                                                                                                                        												_v56 = 0xf;
                                                                                                                                                                                                                                                        												_v76 = 0;
                                                                                                                                                                                                                                                        												_t136 = E00BBDF30(_t135,  &_v100, _t195);
                                                                                                                                                                                                                                                        												__eflags = _v24 ^ _t227;
                                                                                                                                                                                                                                                        												E00BEECB0(_t136, _v24 ^ _t227, _t195);
                                                                                                                                                                                                                                                        												return 1;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t190 = _v20;
                                                                                                                                                                                                                                                        										_t192 = _t140;
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L8:
                                                                                                                                                                                                                                                        									_push(_t192);
                                                                                                                                                                                                                                                        									_push(_t190);
                                                                                                                                                                                                                                                        									L00BEF6C6();
                                                                                                                                                                                                                                                        									_t233 = _t233 + 8;
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L49;
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						_t3 = _t204 + 0x10; // 0x2d
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t204 + 0x38)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t204 + 0x3c)) = 0xf;
                                                                                                                                                                                                                                                        						 *((char*)(_t204 + 0x28)) = 0;
                                                                                                                                                                                                                                                        						_t107 = E00BBDF30(_t140, _t3, _t192);
                                                                                                                                                                                                                                                        						_push(0x5c);
                                                                                                                                                                                                                                                        						_push(_t204);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t233 = _t233 + 8;
                                                                                                                                                                                                                                                        						_t204 = _t142;
                                                                                                                                                                                                                                                        					} while (_t142 !=  *_t214);
                                                                                                                                                                                                                                                        					L11:
                                                                                                                                                                                                                                                        					_push(0x5c);
                                                                                                                                                                                                                                                        					_push(_t142);
                                                                                                                                                                                                                                                        					L00BEF6C6();
                                                                                                                                                                                                                                                        					return _t107;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L49:
                                                                                                                                                                                                                                                        			}




























































































                                                                                                                                                                                                                                                        0x00bd5ac0
                                                                                                                                                                                                                                                        0x00bd5ad1
                                                                                                                                                                                                                                                        0x00bd5ad6
                                                                                                                                                                                                                                                        0x00bd5ad7
                                                                                                                                                                                                                                                        0x00bd5ad9
                                                                                                                                                                                                                                                        0x00bd5adb
                                                                                                                                                                                                                                                        0x00bd5add
                                                                                                                                                                                                                                                        0x00bd5adf
                                                                                                                                                                                                                                                        0x00bd5ae2
                                                                                                                                                                                                                                                        0x00bd5aeb
                                                                                                                                                                                                                                                        0x00bd5af1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5aed
                                                                                                                                                                                                                                                        0x00bd5aed
                                                                                                                                                                                                                                                        0x00bd5b2b
                                                                                                                                                                                                                                                        0x00bd5b2b
                                                                                                                                                                                                                                                        0x00bd5b2e
                                                                                                                                                                                                                                                        0x00bd5b33
                                                                                                                                                                                                                                                        0x00bd5b69
                                                                                                                                                                                                                                                        0x00bd5b6c
                                                                                                                                                                                                                                                        0x00bd5b6f
                                                                                                                                                                                                                                                        0x00bd5b75
                                                                                                                                                                                                                                                        0x00bd5bad
                                                                                                                                                                                                                                                        0x00bd5bb3
                                                                                                                                                                                                                                                        0x00bd5bb5
                                                                                                                                                                                                                                                        0x00bd5bb8
                                                                                                                                                                                                                                                        0x00bd5bbb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5bbd
                                                                                                                                                                                                                                                        0x00bd5bbd
                                                                                                                                                                                                                                                        0x00bd5bc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5bc3
                                                                                                                                                                                                                                                        0x00bd5b77
                                                                                                                                                                                                                                                        0x00bd5b77
                                                                                                                                                                                                                                                        0x00bd5b77
                                                                                                                                                                                                                                                        0x00bd5b78
                                                                                                                                                                                                                                                        0x00bd5b79
                                                                                                                                                                                                                                                        0x00bd5b7e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b7e
                                                                                                                                                                                                                                                        0x00bd5b35
                                                                                                                                                                                                                                                        0x00bd5b35
                                                                                                                                                                                                                                                        0x00bd5b35
                                                                                                                                                                                                                                                        0x00bd5b3c
                                                                                                                                                                                                                                                        0x00bd5b43
                                                                                                                                                                                                                                                        0x00bd5b47
                                                                                                                                                                                                                                                        0x00bd5b4d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b4f
                                                                                                                                                                                                                                                        0x00bd5b4f
                                                                                                                                                                                                                                                        0x00bd5b52
                                                                                                                                                                                                                                                        0x00bd5b5b
                                                                                                                                                                                                                                                        0x00bd5b93
                                                                                                                                                                                                                                                        0x00bd5b99
                                                                                                                                                                                                                                                        0x00bd5b9b
                                                                                                                                                                                                                                                        0x00bd5b9e
                                                                                                                                                                                                                                                        0x00bd5ba1
                                                                                                                                                                                                                                                        0x00bd5bc7
                                                                                                                                                                                                                                                        0x00bd5bc7
                                                                                                                                                                                                                                                        0x00bd5bcd
                                                                                                                                                                                                                                                        0x00bd5bce
                                                                                                                                                                                                                                                        0x00bd5bcf
                                                                                                                                                                                                                                                        0x00bd5bd0
                                                                                                                                                                                                                                                        0x00bd5bd1
                                                                                                                                                                                                                                                        0x00bd5bd3
                                                                                                                                                                                                                                                        0x00bd5bd4
                                                                                                                                                                                                                                                        0x00bd5bd5
                                                                                                                                                                                                                                                        0x00bd5bd9
                                                                                                                                                                                                                                                        0x00bd5bdb
                                                                                                                                                                                                                                                        0x00bd5be4
                                                                                                                                                                                                                                                        0x00bd5be7
                                                                                                                                                                                                                                                        0x00bd5bec
                                                                                                                                                                                                                                                        0x00bd5bf2
                                                                                                                                                                                                                                                        0x00bd5bf9
                                                                                                                                                                                                                                                        0x00bd5c00
                                                                                                                                                                                                                                                        0x00bd5c06
                                                                                                                                                                                                                                                        0x00bd5c0d
                                                                                                                                                                                                                                                        0x00bd5c14
                                                                                                                                                                                                                                                        0x00bd5c18
                                                                                                                                                                                                                                                        0x00bd5c1f
                                                                                                                                                                                                                                                        0x00bd5c26
                                                                                                                                                                                                                                                        0x00bd5c2a
                                                                                                                                                                                                                                                        0x00bd5c30
                                                                                                                                                                                                                                                        0x00bd5c37
                                                                                                                                                                                                                                                        0x00bd5c41
                                                                                                                                                                                                                                                        0x00bd5c4b
                                                                                                                                                                                                                                                        0x00bd5c50
                                                                                                                                                                                                                                                        0x00bd5c60
                                                                                                                                                                                                                                                        0x00bd5c61
                                                                                                                                                                                                                                                        0x00bd5c66
                                                                                                                                                                                                                                                        0x00bd5c69
                                                                                                                                                                                                                                                        0x00bd5c6d
                                                                                                                                                                                                                                                        0x00bd5c70
                                                                                                                                                                                                                                                        0x00bd5c73
                                                                                                                                                                                                                                                        0x00bd5cbf
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc2
                                                                                                                                                                                                                                                        0x00bd5cc5
                                                                                                                                                                                                                                                        0x00bd5ccb
                                                                                                                                                                                                                                                        0x00bd5cf3
                                                                                                                                                                                                                                                        0x00bd5cf9
                                                                                                                                                                                                                                                        0x00bd5cfb
                                                                                                                                                                                                                                                        0x00bd5cfe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d00
                                                                                                                                                                                                                                                        0x00bd5d03
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d05
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5ccd
                                                                                                                                                                                                                                                        0x00bd5cce
                                                                                                                                                                                                                                                        0x00bd5ccf
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cd4
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c75
                                                                                                                                                                                                                                                        0x00bd5c7c
                                                                                                                                                                                                                                                        0x00bd5c83
                                                                                                                                                                                                                                                        0x00bd5c87
                                                                                                                                                                                                                                                        0x00bd5c8a
                                                                                                                                                                                                                                                        0x00bd5c8d
                                                                                                                                                                                                                                                        0x00bd5cd9
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdc
                                                                                                                                                                                                                                                        0x00bd5cdf
                                                                                                                                                                                                                                                        0x00bd5ce5
                                                                                                                                                                                                                                                        0x00bd5d09
                                                                                                                                                                                                                                                        0x00bd5d0f
                                                                                                                                                                                                                                                        0x00bd5d11
                                                                                                                                                                                                                                                        0x00bd5d14
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d1f
                                                                                                                                                                                                                                                        0x00bd5d25
                                                                                                                                                                                                                                                        0x00bd5d26
                                                                                                                                                                                                                                                        0x00bd5d27
                                                                                                                                                                                                                                                        0x00bd5d28
                                                                                                                                                                                                                                                        0x00bd5d29
                                                                                                                                                                                                                                                        0x00bd5d2a
                                                                                                                                                                                                                                                        0x00bd5d2b
                                                                                                                                                                                                                                                        0x00bd5d2c
                                                                                                                                                                                                                                                        0x00bd5d2d
                                                                                                                                                                                                                                                        0x00bd5d2e
                                                                                                                                                                                                                                                        0x00bd5d2f
                                                                                                                                                                                                                                                        0x00bd5d30
                                                                                                                                                                                                                                                        0x00bd5d31
                                                                                                                                                                                                                                                        0x00bd5d33
                                                                                                                                                                                                                                                        0x00bd5d34
                                                                                                                                                                                                                                                        0x00bd5d3a
                                                                                                                                                                                                                                                        0x00bd5d43
                                                                                                                                                                                                                                                        0x00bd5d48
                                                                                                                                                                                                                                                        0x00bd5d4e
                                                                                                                                                                                                                                                        0x00bd5d55
                                                                                                                                                                                                                                                        0x00bd5d5c
                                                                                                                                                                                                                                                        0x00bd5d62
                                                                                                                                                                                                                                                        0x00bd5d69
                                                                                                                                                                                                                                                        0x00bd5d70
                                                                                                                                                                                                                                                        0x00bd5d74
                                                                                                                                                                                                                                                        0x00bd5d7b
                                                                                                                                                                                                                                                        0x00bd5d82
                                                                                                                                                                                                                                                        0x00bd5d86
                                                                                                                                                                                                                                                        0x00bd5d8e
                                                                                                                                                                                                                                                        0x00bd5d9a
                                                                                                                                                                                                                                                        0x00bd5d9f
                                                                                                                                                                                                                                                        0x00bd5db1
                                                                                                                                                                                                                                                        0x00bd5db2
                                                                                                                                                                                                                                                        0x00bd5db7
                                                                                                                                                                                                                                                        0x00bd5dba
                                                                                                                                                                                                                                                        0x00bd5dbd
                                                                                                                                                                                                                                                        0x00bd5dc0
                                                                                                                                                                                                                                                        0x00bd5e0b
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e0e
                                                                                                                                                                                                                                                        0x00bd5e11
                                                                                                                                                                                                                                                        0x00bd5e17
                                                                                                                                                                                                                                                        0x00bd5e3f
                                                                                                                                                                                                                                                        0x00bd5e45
                                                                                                                                                                                                                                                        0x00bd5e47
                                                                                                                                                                                                                                                        0x00bd5e4a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e4c
                                                                                                                                                                                                                                                        0x00bd5e4f
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e51
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e19
                                                                                                                                                                                                                                                        0x00bd5e1a
                                                                                                                                                                                                                                                        0x00bd5e1b
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e20
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc2
                                                                                                                                                                                                                                                        0x00bd5dc9
                                                                                                                                                                                                                                                        0x00bd5dd0
                                                                                                                                                                                                                                                        0x00bd5dd4
                                                                                                                                                                                                                                                        0x00bd5dd7
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5e25
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e28
                                                                                                                                                                                                                                                        0x00bd5e2b
                                                                                                                                                                                                                                                        0x00bd5e31
                                                                                                                                                                                                                                                        0x00bd5e55
                                                                                                                                                                                                                                                        0x00bd5e5b
                                                                                                                                                                                                                                                        0x00bd5e5d
                                                                                                                                                                                                                                                        0x00bd5e60
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e6b
                                                                                                                                                                                                                                                        0x00bd5e71
                                                                                                                                                                                                                                                        0x00bd5e72
                                                                                                                                                                                                                                                        0x00bd5e73
                                                                                                                                                                                                                                                        0x00bd5e74
                                                                                                                                                                                                                                                        0x00bd5e75
                                                                                                                                                                                                                                                        0x00bd5e76
                                                                                                                                                                                                                                                        0x00bd5e77
                                                                                                                                                                                                                                                        0x00bd5e78
                                                                                                                                                                                                                                                        0x00bd5e79
                                                                                                                                                                                                                                                        0x00bd5e7a
                                                                                                                                                                                                                                                        0x00bd5e7b
                                                                                                                                                                                                                                                        0x00bd5e7c
                                                                                                                                                                                                                                                        0x00bd5e7d
                                                                                                                                                                                                                                                        0x00bd5e7e
                                                                                                                                                                                                                                                        0x00bd5e7f
                                                                                                                                                                                                                                                        0x00bd5e80
                                                                                                                                                                                                                                                        0x00bd5e81
                                                                                                                                                                                                                                                        0x00bd5e83
                                                                                                                                                                                                                                                        0x00bd5e84
                                                                                                                                                                                                                                                        0x00bd5e85
                                                                                                                                                                                                                                                        0x00bd5e86
                                                                                                                                                                                                                                                        0x00bd5e89
                                                                                                                                                                                                                                                        0x00bd5e8e
                                                                                                                                                                                                                                                        0x00bd5e90
                                                                                                                                                                                                                                                        0x00bd5e92
                                                                                                                                                                                                                                                        0x00bd5e95
                                                                                                                                                                                                                                                        0x00bd5e99
                                                                                                                                                                                                                                                        0x00bd5eaf
                                                                                                                                                                                                                                                        0x00bd5eb1
                                                                                                                                                                                                                                                        0x00bd5eb6
                                                                                                                                                                                                                                                        0x00bd5eb8
                                                                                                                                                                                                                                                        0x00bd5eb9
                                                                                                                                                                                                                                                        0x00bd5ec8
                                                                                                                                                                                                                                                        0x00bd5ecd
                                                                                                                                                                                                                                                        0x00bd5ecf
                                                                                                                                                                                                                                                        0x00bd5ed2
                                                                                                                                                                                                                                                        0x00bd5ed7
                                                                                                                                                                                                                                                        0x00bd5ed9
                                                                                                                                                                                                                                                        0x00bd5ee0
                                                                                                                                                                                                                                                        0x00bd5ee7
                                                                                                                                                                                                                                                        0x00bd5eed
                                                                                                                                                                                                                                                        0x00bd5ef2
                                                                                                                                                                                                                                                        0x00bd5ef5
                                                                                                                                                                                                                                                        0x00bd5ef7
                                                                                                                                                                                                                                                        0x00bd5f09
                                                                                                                                                                                                                                                        0x00bd5f0d
                                                                                                                                                                                                                                                        0x00bd5f10
                                                                                                                                                                                                                                                        0x00bd5f15
                                                                                                                                                                                                                                                        0x00bd5f17
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5f1e
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f36
                                                                                                                                                                                                                                                        0x00bd5f19
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5ef9
                                                                                                                                                                                                                                                        0x00bd5efc
                                                                                                                                                                                                                                                        0x00bd5efd
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5f02
                                                                                                                                                                                                                                                        0x00bd5e9e
                                                                                                                                                                                                                                                        0x00bd5ea0
                                                                                                                                                                                                                                                        0x00bd5eae
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e62
                                                                                                                                                                                                                                                        0x00bd5e65
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e67
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e33
                                                                                                                                                                                                                                                        0x00bd5e34
                                                                                                                                                                                                                                                        0x00bd5e35
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5e3a
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddc
                                                                                                                                                                                                                                                        0x00bd5ddf
                                                                                                                                                                                                                                                        0x00bd5de6
                                                                                                                                                                                                                                                        0x00bd5ded
                                                                                                                                                                                                                                                        0x00bd5df1
                                                                                                                                                                                                                                                        0x00bd5df9
                                                                                                                                                                                                                                                        0x00bd5dfb
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5e08
                                                                                                                                                                                                                                                        0x00bd5dda
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d16
                                                                                                                                                                                                                                                        0x00bd5d19
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5d1b
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce7
                                                                                                                                                                                                                                                        0x00bd5ce8
                                                                                                                                                                                                                                                        0x00bd5ce9
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5cee
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c8f
                                                                                                                                                                                                                                                        0x00bd5c92
                                                                                                                                                                                                                                                        0x00bd5c99
                                                                                                                                                                                                                                                        0x00bd5ca0
                                                                                                                                                                                                                                                        0x00bd5ca4
                                                                                                                                                                                                                                                        0x00bd5cac
                                                                                                                                                                                                                                                        0x00bd5cae
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5cbc
                                                                                                                                                                                                                                                        0x00bd5c8d
                                                                                                                                                                                                                                                        0x00bd5ba3
                                                                                                                                                                                                                                                        0x00bd5ba3
                                                                                                                                                                                                                                                        0x00bd5ba9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5ba9
                                                                                                                                                                                                                                                        0x00bd5b5d
                                                                                                                                                                                                                                                        0x00bd5b5d
                                                                                                                                                                                                                                                        0x00bd5b5d
                                                                                                                                                                                                                                                        0x00bd5b5e
                                                                                                                                                                                                                                                        0x00bd5b5f
                                                                                                                                                                                                                                                        0x00bd5b64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b64
                                                                                                                                                                                                                                                        0x00bd5b5b
                                                                                                                                                                                                                                                        0x00bd5b4d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5b00
                                                                                                                                                                                                                                                        0x00bd5b00
                                                                                                                                                                                                                                                        0x00bd5b03
                                                                                                                                                                                                                                                        0x00bd5b0a
                                                                                                                                                                                                                                                        0x00bd5b11
                                                                                                                                                                                                                                                        0x00bd5b15
                                                                                                                                                                                                                                                        0x00bd5b1a
                                                                                                                                                                                                                                                        0x00bd5b1c
                                                                                                                                                                                                                                                        0x00bd5b1d
                                                                                                                                                                                                                                                        0x00bd5b22
                                                                                                                                                                                                                                                        0x00bd5b27
                                                                                                                                                                                                                                                        0x00bd5b27
                                                                                                                                                                                                                                                        0x00bd5b83
                                                                                                                                                                                                                                                        0x00bd5b83
                                                                                                                                                                                                                                                        0x00bd5b85
                                                                                                                                                                                                                                                        0x00bd5b86
                                                                                                                                                                                                                                                        0x00bd5b92
                                                                                                                                                                                                                                                        0x00bd5b92
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(0000001D,0000005C), ref: 00BD5B1D
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,-00000015), ref: 00BD5B5F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(0000001D,?,00000000,?,0000001D,?,?,00BE5896,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD5B79
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(0000001D,0000005C,00000000,?,0000001D,?,?,00BE5896,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD5B86
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,?,0000001D,?,?,00BE5896,00000000,?,?,?,00000000,0000001C,?,00BE569E), ref: 00BD5BC7
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 417036301-0
                                                                                                                                                                                                                                                        • Opcode ID: 33c219f3360e67b87da13ff37cd6a4f4c2453be0ededc235443d61569a548fc5
                                                                                                                                                                                                                                                        • Instruction ID: 82b5924cd52322402afbaaa0cf54e3f146a0a19ad17c8bc09029a8815749a0d2
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33c219f3360e67b87da13ff37cd6a4f4c2453be0ededc235443d61569a548fc5
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1931D371200A46AFD724DF24CCC4B79BBE2FB85314F2446ABE1064BB91E772A850CB94
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BBCB00(void** __ecx, short* __edx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				void** _v20;
                                                                                                                                                                                                                                                        				short* _v24;
                                                                                                                                                                                                                                                        				int _t9;
                                                                                                                                                                                                                                                        				int _t12;
                                                                                                                                                                                                                                                        				void* _t14;
                                                                                                                                                                                                                                                        				int _t18;
                                                                                                                                                                                                                                                        				void** _t19;
                                                                                                                                                                                                                                                        				int _t21;
                                                                                                                                                                                                                                                        				char* _t22;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t19 = __ecx;
                                                                                                                                                                                                                                                        				_t18 =  <  ? _a4 : 0x50;
                                                                                                                                                                                                                                                        				_v24 = __edx;
                                                                                                                                                                                                                                                        				_t9 = WideCharToMultiByte(0xfde9, 0, __edx, 0x50, 0, 0, 0, 0);
                                                                                                                                                                                                                                                        				if(_t9 == 0) {
                                                                                                                                                                                                                                                        					 *_t19 = 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_v20 = _t19;
                                                                                                                                                                                                                                                        					_t21 = _t9 + 1;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(_t21);
                                                                                                                                                                                                                                                        					_t22 = _t9;
                                                                                                                                                                                                                                                        					memset(_t9, 0, _t21);
                                                                                                                                                                                                                                                        					_t14 = _t22;
                                                                                                                                                                                                                                                        					_t12 = WideCharToMultiByte(0xfde9, 0, _v24, _t18, _t22, _t9, 0, 0);
                                                                                                                                                                                                                                                        					if(_t12 == 0) {
                                                                                                                                                                                                                                                        						_t19 = _v20;
                                                                                                                                                                                                                                                        						 *_t19 = 0;
                                                                                                                                                                                                                                                        						free(_t14);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t19 = _v20;
                                                                                                                                                                                                                                                        						 *((char*)(_t14 + _t12)) = 0;
                                                                                                                                                                                                                                                        						 *_t19 = _t14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t19;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bbcb11
                                                                                                                                                                                                                                                        0x00bbcb16
                                                                                                                                                                                                                                                        0x00bbcb22
                                                                                                                                                                                                                                                        0x00bbcb2d
                                                                                                                                                                                                                                                        0x00bbcb35
                                                                                                                                                                                                                                                        0x00bbcb7f
                                                                                                                                                                                                                                                        0x00bbcb37
                                                                                                                                                                                                                                                        0x00bbcb37
                                                                                                                                                                                                                                                        0x00bbcb3e
                                                                                                                                                                                                                                                        0x00bbcb40
                                                                                                                                                                                                                                                        0x00bbcb4d
                                                                                                                                                                                                                                                        0x00bbcb4f
                                                                                                                                                                                                                                                        0x00bbcb5c
                                                                                                                                                                                                                                                        0x00bbcb6a
                                                                                                                                                                                                                                                        0x00bbcb72
                                                                                                                                                                                                                                                        0x00bbcb8f
                                                                                                                                                                                                                                                        0x00bbcb92
                                                                                                                                                                                                                                                        0x00bbcb99
                                                                                                                                                                                                                                                        0x00bbcb74
                                                                                                                                                                                                                                                        0x00bbcb74
                                                                                                                                                                                                                                                        0x00bbcb77
                                                                                                                                                                                                                                                        0x00bbcb7b
                                                                                                                                                                                                                                                        0x00bbcb7b
                                                                                                                                                                                                                                                        0x00bbcb72
                                                                                                                                                                                                                                                        0x00bbcb8e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000050,00000000,00000000,00000000,00000000), ref: 00BBCB2D
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001), ref: 00BBCB40
                                                                                                                                                                                                                                                        • memset.NTDLL ref: 00BBCB4F
                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000050,00000000,00000000,00000000,00000000), ref: 00BBCB6A
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 00BBCB99
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide$freememsetmoz_xmalloc
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3915892875-0
                                                                                                                                                                                                                                                        • Opcode ID: 9656188f7fbba72b51f02686ba54c8a4d548e61d252870f3dc6e6169045163d1
                                                                                                                                                                                                                                                        • Instruction ID: 0b8f63b7dd2fa9d526f3e9b94ccb7c2f072c5717efd9925a6fcbd11ab7c5a3f9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9656188f7fbba72b51f02686ba54c8a4d548e61d252870f3dc6e6169045163d1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C7110271A403156BE7305B659C46F7B7FA8DB41B60F240065F908AB2C0E6B16C04C7FA
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BE12C0(void* __ecx, void* _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				void* _v24;
                                                                                                                                                                                                                                                        				signed int _t10;
                                                                                                                                                                                                                                                        				void* _t18;
                                                                                                                                                                                                                                                        				void* _t24;
                                                                                                                                                                                                                                                        				long _t25;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				signed int _t28;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t10 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t25 = 0x4df;
                                                                                                                                                                                                                                                        				_t11 = _t10 ^ _t28;
                                                                                                                                                                                                                                                        				_v20 = _t10 ^ _t28;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x38)) == 0) {
                                                                                                                                                                                                                                                        					_t18 = _a4;
                                                                                                                                                                                                                                                        					_t27 = __ecx;
                                                                                                                                                                                                                                                        					_t26 = GetCurrentProcess();
                                                                                                                                                                                                                                                        					if(_t18 == 0) {
                                                                                                                                                                                                                                                        						if(OpenProcessToken(_t26, 0xf01ff,  &_v24) == 0) {
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L6;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _t18, _t26,  &_v24, 0, 0, 2) != 0) {
                                                                                                                                                                                                                                                        							L6:
                                                                                                                                                                                                                                                        							_t11 = E00BC5200(_t14, _t27 + 0x30, _v24);
                                                                                                                                                                                                                                                        							_t25 = 0;
                                                                                                                                                                                                                                                        							 *((char*)(_t27 + 0x38)) = 1;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							_t25 = GetLastError();
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t11, _v20 ^ _t28, _t24);
                                                                                                                                                                                                                                                        				return _t25;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00be12c9
                                                                                                                                                                                                                                                        0x00be12ce
                                                                                                                                                                                                                                                        0x00be12d3
                                                                                                                                                                                                                                                        0x00be12d5
                                                                                                                                                                                                                                                        0x00be12dc
                                                                                                                                                                                                                                                        0x00be12f4
                                                                                                                                                                                                                                                        0x00be12f7
                                                                                                                                                                                                                                                        0x00be12ff
                                                                                                                                                                                                                                                        0x00be1303
                                                                                                                                                                                                                                                        0x00be133e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be1305
                                                                                                                                                                                                                                                        0x00be1320
                                                                                                                                                                                                                                                        0x00be1340
                                                                                                                                                                                                                                                        0x00be1346
                                                                                                                                                                                                                                                        0x00be134b
                                                                                                                                                                                                                                                        0x00be134d
                                                                                                                                                                                                                                                        0x00be1322
                                                                                                                                                                                                                                                        0x00be1322
                                                                                                                                                                                                                                                        0x00be1328
                                                                                                                                                                                                                                                        0x00be1328
                                                                                                                                                                                                                                                        0x00be1320
                                                                                                                                                                                                                                                        0x00be1303
                                                                                                                                                                                                                                                        0x00be12e3
                                                                                                                                                                                                                                                        0x00be12f1

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(00BE21F1,?), ref: 00BE12F9
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BE1305
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00BE21F1,00000000,?,00000000,00000000,00000002), ref: 00BE1318
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BE1322
                                                                                                                                                                                                                                                        • OpenProcessToken.ADVAPI32(00000000,000F01FF,?), ref: 00BE1336
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$Current$DuplicateErrorHandleLastOpenToken
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1850537763-0
                                                                                                                                                                                                                                                        • Opcode ID: 23f6362555357bfc4a46a3d553482c0c16e9201de028ed3da6d049f993e961e4
                                                                                                                                                                                                                                                        • Instruction ID: 4f9d5c74e254ecb7a3049d5cd2ea408006bdbcc8bf39d3a3217872c18cb65694
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 23f6362555357bfc4a46a3d553482c0c16e9201de028ed3da6d049f993e961e4
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AA11E171600285ABD7209B7ADC89FBB7BA8EF44340F600869EA0697280DF70EC04C724
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BE9180(intOrPtr* __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				intOrPtr _v8;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				void** __esi;
                                                                                                                                                                                                                                                        				void* _t19;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t22;
                                                                                                                                                                                                                                                        				intOrPtr* _t24;
                                                                                                                                                                                                                                                        				intOrPtr* _t34;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t52;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				intOrPtr* _t54;
                                                                                                                                                                                                                                                        				intOrPtr* _t55;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				void* _t58;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t29 = __ecx;
                                                                                                                                                                                                                                                        				_push(_t43);
                                                                                                                                                                                                                                                        				_t52 = __ecx;
                                                                                                                                                                                                                                                        				if(E00BCB550(__ecx) != 0) {
                                                                                                                                                                                                                                                        					WaitForSingleObject( *__esi, 0x32);
                                                                                                                                                                                                                                                        					TerminateProcess( *__esi, 1);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t44 =  *((intOrPtr*)(_t52 + 0x20));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t52 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				if(_t44 != 0) {
                                                                                                                                                                                                                                                        					E00BE6A50(_t44);
                                                                                                                                                                                                                                                        					_push(_t44);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BC3010(_t52 + 0x30);
                                                                                                                                                                                                                                                        				_t16 =  *(_t52 + 0x2c);
                                                                                                                                                                                                                                                        				if(_t16 != 0) {
                                                                                                                                                                                                                                                        					free(_t16);
                                                                                                                                                                                                                                                        					_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t45 =  *((intOrPtr*)(_t52 + 0x20));
                                                                                                                                                                                                                                                        				if(_t45 != 0) {
                                                                                                                                                                                                                                                        					_t16 = E00BE6A50(_t45);
                                                                                                                                                                                                                                                        					_push(_t45);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t61 = _t61 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				_t34 = _t52;
                                                                                                                                                                                                                                                        				_pop(_t53);
                                                                                                                                                                                                                                                        				_pop(_t46);
                                                                                                                                                                                                                                                        				_pop(_t58);
                                                                                                                                                                                                                                                        				_t54 = _t34;
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t54 + 8)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t54 + 0xc)) = 0;
                                                                                                                                                                                                                                                        				L1();
                                                                                                                                                                                                                                                        				_t29 = _t54;
                                                                                                                                                                                                                                                        				_t52 = _t53;
                                                                                                                                                                                                                                                        				_t43 = _t46;
                                                                                                                                                                                                                                                        				_t57 = _t58;
                                                                                                                                                                                                                                                        				_push(_t57);
                                                                                                                                                                                                                                                        				_push(_t43);
                                                                                                                                                                                                                                                        				_push(_t52);
                                                                                                                                                                                                                                                        				_push(_t16);
                                                                                                                                                                                                                                                        				_t19 =  *_t29 + 1;
                                                                                                                                                                                                                                                        				if(_t19 >= 2) {
                                                                                                                                                                                                                                                        					_t55 = _t29;
                                                                                                                                                                                                                                                        					_t20 = E00BC50B0();
                                                                                                                                                                                                                                                        					_v28 =  *_t55;
                                                                                                                                                                                                                                                        					_t22 = E00BCAB90();
                                                                                                                                                                                                                                                        					 *((intOrPtr*)( *_t22 + 8))(_v28, _t55, _v8, _t20);
                                                                                                                                                                                                                                                        					_t24 = E00BCAB90();
                                                                                                                                                                                                                                                        					_t19 =  *((intOrPtr*)( *_t24))( *_t55); // executed
                                                                                                                                                                                                                                                        					 *_t55 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t19;
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00be9180
                                                                                                                                                                                                                                                        0x00be9183
                                                                                                                                                                                                                                                        0x00be9185
                                                                                                                                                                                                                                                        0x00be918e
                                                                                                                                                                                                                                                        0x00be9194
                                                                                                                                                                                                                                                        0x00be919e
                                                                                                                                                                                                                                                        0x00be919e
                                                                                                                                                                                                                                                        0x00be91a4
                                                                                                                                                                                                                                                        0x00be91a7
                                                                                                                                                                                                                                                        0x00be91b0
                                                                                                                                                                                                                                                        0x00be91b4
                                                                                                                                                                                                                                                        0x00be91b9
                                                                                                                                                                                                                                                        0x00be91ba
                                                                                                                                                                                                                                                        0x00be91bf
                                                                                                                                                                                                                                                        0x00be91bf
                                                                                                                                                                                                                                                        0x00be91c5
                                                                                                                                                                                                                                                        0x00be91ca
                                                                                                                                                                                                                                                        0x00be91cf
                                                                                                                                                                                                                                                        0x00be91d2
                                                                                                                                                                                                                                                        0x00be91d8
                                                                                                                                                                                                                                                        0x00be91d8
                                                                                                                                                                                                                                                        0x00be91db
                                                                                                                                                                                                                                                        0x00be91e0
                                                                                                                                                                                                                                                        0x00be91e4
                                                                                                                                                                                                                                                        0x00be91e9
                                                                                                                                                                                                                                                        0x00be91ea
                                                                                                                                                                                                                                                        0x00be91ef
                                                                                                                                                                                                                                                        0x00be91ef
                                                                                                                                                                                                                                                        0x00be91f5
                                                                                                                                                                                                                                                        0x00be91fd
                                                                                                                                                                                                                                                        0x00be9205
                                                                                                                                                                                                                                                        0x00be920a
                                                                                                                                                                                                                                                        0x00be920c
                                                                                                                                                                                                                                                        0x00be920d
                                                                                                                                                                                                                                                        0x00be920e
                                                                                                                                                                                                                                                        0x00bcb515
                                                                                                                                                                                                                                                        0x00bcb517
                                                                                                                                                                                                                                                        0x00bcb521
                                                                                                                                                                                                                                                        0x00bcb528
                                                                                                                                                                                                                                                        0x00bcb52f
                                                                                                                                                                                                                                                        0x00bcb536
                                                                                                                                                                                                                                                        0x00bcb53b
                                                                                                                                                                                                                                                        0x00bcb53d
                                                                                                                                                                                                                                                        0x00bcb53e
                                                                                                                                                                                                                                                        0x00bcb53f
                                                                                                                                                                                                                                                        0x00bc51b0
                                                                                                                                                                                                                                                        0x00bc51b4
                                                                                                                                                                                                                                                        0x00bc51b5
                                                                                                                                                                                                                                                        0x00bc51b6
                                                                                                                                                                                                                                                        0x00bc51b9
                                                                                                                                                                                                                                                        0x00bc51bd
                                                                                                                                                                                                                                                        0x00bc51c7
                                                                                                                                                                                                                                                        0x00bc51c9
                                                                                                                                                                                                                                                        0x00bc51d5
                                                                                                                                                                                                                                                        0x00bc51d8
                                                                                                                                                                                                                                                        0x00bc51e7
                                                                                                                                                                                                                                                        0x00bc51ec
                                                                                                                                                                                                                                                        0x00bc51f6
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51f8
                                                                                                                                                                                                                                                        0x00bc51c6

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,00000032,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE9194
                                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(?,00000001,?,00BE5934,?,00BCCFC5), ref: 00BE919E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE91BA
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE91D2
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,?,?,?,00BE5934,?,00BCCFC5), ref: 00BE91EA
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@$ObjectProcessSingleTerminateWaitfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 800840640-0
                                                                                                                                                                                                                                                        • Opcode ID: 8fe430d3a86f1ffb8ce2cf87945e684668cee73d72be726787921d5edcd3d026
                                                                                                                                                                                                                                                        • Instruction ID: bcd6ebdb0302c3d7006669e7fe87bb1b965a8e0561908749d50828e5c2faeec5
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8fe430d3a86f1ffb8ce2cf87945e684668cee73d72be726787921d5edcd3d026
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 610196751006405BD634FB21D85AF7A73E5BF90B00B4809ACF583636A1EF61F908D692
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 86%
                                                                                                                                                                                                                                                        			E00BD29D0(signed int __edx, wchar_t* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				short _v28;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				short _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				short _v60;
                                                                                                                                                                                                                                                        				char _v76;
                                                                                                                                                                                                                                                        				char _v80;
                                                                                                                                                                                                                                                        				char _v84;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				short _v96;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				intOrPtr _v104;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				char* _v112;
                                                                                                                                                                                                                                                        				short _v116;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				intOrPtr _t95;
                                                                                                                                                                                                                                                        				void* _t106;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        				void* _t113;
                                                                                                                                                                                                                                                        				int _t119;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				wchar_t* _t126;
                                                                                                                                                                                                                                                        				intOrPtr* _t128;
                                                                                                                                                                                                                                                        				intOrPtr _t146;
                                                                                                                                                                                                                                                        				signed int _t152;
                                                                                                                                                                                                                                                        				signed int _t155;
                                                                                                                                                                                                                                                        				intOrPtr _t157;
                                                                                                                                                                                                                                                        				char* _t159;
                                                                                                                                                                                                                                                        				char* _t161;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				intOrPtr* _t163;
                                                                                                                                                                                                                                                        				intOrPtr _t164;
                                                                                                                                                                                                                                                        				signed int _t166;
                                                                                                                                                                                                                                                        				intOrPtr _t167;
                                                                                                                                                                                                                                                        				void* _t171;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t153 = __edx;
                                                                                                                                                                                                                                                        				_t93 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t126 = _a4;
                                                                                                                                                                                                                                                        				_t155 = 2;
                                                                                                                                                                                                                                                        				_t94 = _t93 ^ _t166;
                                                                                                                                                                                                                                                        				_v20 = _t93 ^ _t166;
                                                                                                                                                                                                                                                        				if(_t126 != 0) {
                                                                                                                                                                                                                                                        					_t163 = _t128;
                                                                                                                                                                                                                                                        					_t95 = 7;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					if(_a8 == 0) {
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						_v56 = _t95;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						E00BBA740( &_v76, _t126);
                                                                                                                                                                                                                                                        						_t99 = E00BBDF30(E00BD2C90( &_v84, _t163,  &_v84,  &_v76),  &_v76, _t153);
                                                                                                                                                                                                                                                        						_t157 = _v84;
                                                                                                                                                                                                                                                        						if(_t157 !=  *_t163) {
                                                                                                                                                                                                                                                        							if(_a8 == 0) {
                                                                                                                                                                                                                                                        								_t164 =  *((intOrPtr*)(_t157 + 0x28));
                                                                                                                                                                                                                                                        								E00BD3F10(_t99, _t157 + 0x28, _t153,  *((intOrPtr*)(_t164 + 4)));
                                                                                                                                                                                                                                                        								 *((intOrPtr*)( *((intOrPtr*)(_t157 + 0x28)) + 4)) = _t164;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)( *((intOrPtr*)(_t157 + 0x28)))) = _t164;
                                                                                                                                                                                                                                                        								_t99 =  *((intOrPtr*)(_t157 + 0x28));
                                                                                                                                                                                                                                                        								 *((intOrPtr*)( *((intOrPtr*)(_t157 + 0x28)) + 8)) = _t164;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t157 + 0x2c)) = 0;
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t155 = 0;
                                                                                                                                                                                                                                                        								L18:
                                                                                                                                                                                                                                                        								_t94 = E00BBDF30(_t99,  &_v44, _t153);
                                                                                                                                                                                                                                                        								goto L1;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t157 + 0x2c)) == 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t153 =  &_v44;
                                                                                                                                                                                                                                                        							_v108 = _v92;
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t167 - 0x10)) =  &_v76;
                                                                                                                                                                                                                                                        							_t137 = _t157 + 0x28;
                                                                                                                                                                                                                                                        							_v112 =  &_v44;
                                                                                                                                                                                                                                                        							L16:
                                                                                                                                                                                                                                                        							_v116 = 0;
                                                                                                                                                                                                                                                        							_t99 = E00BD3C40(_t137);
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v100 = 0;
                                                                                                                                                                                                                                                        						_v96 = 0;
                                                                                                                                                                                                                                                        						_t106 = E00BD3710(1);
                                                                                                                                                                                                                                                        						_t159 =  &_v76;
                                                                                                                                                                                                                                                        						 *_t106 = _t106;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t106 + 4)) = _t106;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t106 + 8)) = _t106;
                                                                                                                                                                                                                                                        						 *((short*)(_t106 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        						_v100 = _t106;
                                                                                                                                                                                                                                                        						_v60 = 0;
                                                                                                                                                                                                                                                        						_v56 = 7;
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						E00BBA740(_t159, _t126);
                                                                                                                                                                                                                                                        						_v52 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_t109 = E00BD3710(1);
                                                                                                                                                                                                                                                        						 *_t109 = _t109;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t109 + 4)) = _t109;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t109 + 8)) = _t109;
                                                                                                                                                                                                                                                        						 *((short*)(_t109 + 0xc)) = 0x101;
                                                                                                                                                                                                                                                        						_v100 = _t109;
                                                                                                                                                                                                                                                        						_v52 = _v100;
                                                                                                                                                                                                                                                        						_v48 = _v96;
                                                                                                                                                                                                                                                        						_t153 =  &_v92;
                                                                                                                                                                                                                                                        						_v96 = _v48;
                                                                                                                                                                                                                                                        						E00BD3920(_t163,  &_v92, _t159);
                                                                                                                                                                                                                                                        						_t113 = E00BD3770( &_v52,  &_v80,  *_v52, _v52);
                                                                                                                                                                                                                                                        						_push(0x28);
                                                                                                                                                                                                                                                        						_push(_v52);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						E00BBDF30(_t113, _t159,  &_v92);
                                                                                                                                                                                                                                                        						_t99 = E00BD3770( &_v100,  &_v80,  *_v100, _v100);
                                                                                                                                                                                                                                                        						_push(0x28);
                                                                                                                                                                                                                                                        						_push(_v100);
                                                                                                                                                                                                                                                        						L00BEF6C6();
                                                                                                                                                                                                                                                        						_t171 = _t167 + 0x14;
                                                                                                                                                                                                                                                        						_t146 = _v92;
                                                                                                                                                                                                                                                        						_v84 = _t146;
                                                                                                                                                                                                                                                        						if(_a8 == 0) {
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t137 = _t146 + 0x28;
                                                                                                                                                                                                                                                        						_t153 =  &_v44;
                                                                                                                                                                                                                                                        						_v108 = _v100;
                                                                                                                                                                                                                                                        						_v112 =  &_v44;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t171 - 0x10)) = _t159;
                                                                                                                                                                                                                                                        						goto L16;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BBA740( &_v44, _a8);
                                                                                                                                                                                                                                                        					_v56 = 7;
                                                                                                                                                                                                                                                        					_t161 =  &_v76;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_v76 = 0;
                                                                                                                                                                                                                                                        					E00BBA740(_t161, "Key");
                                                                                                                                                                                                                                                        					_t119 = wcslen(_t126);
                                                                                                                                                                                                                                                        					_t167 = _t167 + 4;
                                                                                                                                                                                                                                                        					if(_v60 != _t119) {
                                                                                                                                                                                                                                                        						L12:
                                                                                                                                                                                                                                                        						E00BBDF30(_t119,  &_v76, _t153);
                                                                                                                                                                                                                                                        						_t95 = 7;
                                                                                                                                                                                                                                                        						goto L13;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_t119 == 0) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						E00BBDF30(_t119,  &_v76, _t153);
                                                                                                                                                                                                                                                        						_v104 = _t167;
                                                                                                                                                                                                                                                        						_t162 = _t167 - 0x1c;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t162 + 0x10)) = 0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t162 + 0x14)) = 0;
                                                                                                                                                                                                                                                        						E00BC1CE0(_t162,  &_v44);
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t162 + 0x18)) =  &_v44;
                                                                                                                                                                                                                                                        						_t125 = E00BEA340();
                                                                                                                                                                                                                                                        						_t155 = 2;
                                                                                                                                                                                                                                                        						_t167 = _v104;
                                                                                                                                                                                                                                                        						_t95 = 7;
                                                                                                                                                                                                                                                        						if(_t125 != 0) {
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					if(_v56 > 7) {
                                                                                                                                                                                                                                                        						_t161 = _v76;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t152 = 0;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t153 =  *(_t161 + _t152 * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        						if(( *(_t161 + _t152 * 2) & 0x0000ffff) !=  *((intOrPtr*)(_t126 + _t152 * 2))) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t152 = _t152 + 1;
                                                                                                                                                                                                                                                        						if(_t119 != _t152) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L12;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_t94, _v20 ^ _t166, _t153);
                                                                                                                                                                                                                                                        				return _t155;
                                                                                                                                                                                                                                                        			}











































                                                                                                                                                                                                                                                        0x00bd29d0
                                                                                                                                                                                                                                                        0x00bd29d9
                                                                                                                                                                                                                                                        0x00bd29de
                                                                                                                                                                                                                                                        0x00bd29e1
                                                                                                                                                                                                                                                        0x00bd29e6
                                                                                                                                                                                                                                                        0x00bd29ea
                                                                                                                                                                                                                                                        0x00bd29ed
                                                                                                                                                                                                                                                        0x00bd2a09
                                                                                                                                                                                                                                                        0x00bd2a0b
                                                                                                                                                                                                                                                        0x00bd2a10
                                                                                                                                                                                                                                                        0x00bd2a17
                                                                                                                                                                                                                                                        0x00bd2a1e
                                                                                                                                                                                                                                                        0x00bd2a24
                                                                                                                                                                                                                                                        0x00bd2ae9
                                                                                                                                                                                                                                                        0x00bd2aec
                                                                                                                                                                                                                                                        0x00bd2aef
                                                                                                                                                                                                                                                        0x00bd2af6
                                                                                                                                                                                                                                                        0x00bd2aff
                                                                                                                                                                                                                                                        0x00bd2b12
                                                                                                                                                                                                                                                        0x00bd2b17
                                                                                                                                                                                                                                                        0x00bd2b1c
                                                                                                                                                                                                                                                        0x00bd2c3d
                                                                                                                                                                                                                                                        0x00bd2c60
                                                                                                                                                                                                                                                        0x00bd2c69
                                                                                                                                                                                                                                                        0x00bd2c71
                                                                                                                                                                                                                                                        0x00bd2c77
                                                                                                                                                                                                                                                        0x00bd2c79
                                                                                                                                                                                                                                                        0x00bd2c7c
                                                                                                                                                                                                                                                        0x00bd2c7f
                                                                                                                                                                                                                                                        0x00bd2c27
                                                                                                                                                                                                                                                        0x00bd2c27
                                                                                                                                                                                                                                                        0x00bd2c29
                                                                                                                                                                                                                                                        0x00bd2c2c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c2c
                                                                                                                                                                                                                                                        0x00bd2c43
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c4e
                                                                                                                                                                                                                                                        0x00bd2c51
                                                                                                                                                                                                                                                        0x00bd2c55
                                                                                                                                                                                                                                                        0x00bd2c58
                                                                                                                                                                                                                                                        0x00bd2c5a
                                                                                                                                                                                                                                                        0x00bd2c1a
                                                                                                                                                                                                                                                        0x00bd2c1a
                                                                                                                                                                                                                                                        0x00bd2c22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c22
                                                                                                                                                                                                                                                        0x00bd2b25
                                                                                                                                                                                                                                                        0x00bd2b2c
                                                                                                                                                                                                                                                        0x00bd2b35
                                                                                                                                                                                                                                                        0x00bd2b3a
                                                                                                                                                                                                                                                        0x00bd2b3d
                                                                                                                                                                                                                                                        0x00bd2b3f
                                                                                                                                                                                                                                                        0x00bd2b42
                                                                                                                                                                                                                                                        0x00bd2b45
                                                                                                                                                                                                                                                        0x00bd2b4b
                                                                                                                                                                                                                                                        0x00bd2b53
                                                                                                                                                                                                                                                        0x00bd2b5c
                                                                                                                                                                                                                                                        0x00bd2b5f
                                                                                                                                                                                                                                                        0x00bd2b66
                                                                                                                                                                                                                                                        0x00bd2b6e
                                                                                                                                                                                                                                                        0x00bd2b75
                                                                                                                                                                                                                                                        0x00bd2b80
                                                                                                                                                                                                                                                        0x00bd2b85
                                                                                                                                                                                                                                                        0x00bd2b87
                                                                                                                                                                                                                                                        0x00bd2b8a
                                                                                                                                                                                                                                                        0x00bd2b8d
                                                                                                                                                                                                                                                        0x00bd2b99
                                                                                                                                                                                                                                                        0x00bd2b9c
                                                                                                                                                                                                                                                        0x00bd2ba4
                                                                                                                                                                                                                                                        0x00bd2ba7
                                                                                                                                                                                                                                                        0x00bd2baa
                                                                                                                                                                                                                                                        0x00bd2bae
                                                                                                                                                                                                                                                        0x00bd2bc2
                                                                                                                                                                                                                                                        0x00bd2bc7
                                                                                                                                                                                                                                                        0x00bd2bc9
                                                                                                                                                                                                                                                        0x00bd2bcc
                                                                                                                                                                                                                                                        0x00bd2bd6
                                                                                                                                                                                                                                                        0x00bd2be5
                                                                                                                                                                                                                                                        0x00bd2bea
                                                                                                                                                                                                                                                        0x00bd2bec
                                                                                                                                                                                                                                                        0x00bd2bef
                                                                                                                                                                                                                                                        0x00bd2bf4
                                                                                                                                                                                                                                                        0x00bd2bf7
                                                                                                                                                                                                                                                        0x00bd2bfe
                                                                                                                                                                                                                                                        0x00bd2c01
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c03
                                                                                                                                                                                                                                                        0x00bd2c0c
                                                                                                                                                                                                                                                        0x00bd2c0f
                                                                                                                                                                                                                                                        0x00bd2c13
                                                                                                                                                                                                                                                        0x00bd2c17
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2c17
                                                                                                                                                                                                                                                        0x00bd2a35
                                                                                                                                                                                                                                                        0x00bd2a3a
                                                                                                                                                                                                                                                        0x00bd2a3d
                                                                                                                                                                                                                                                        0x00bd2a40
                                                                                                                                                                                                                                                        0x00bd2a47
                                                                                                                                                                                                                                                        0x00bd2a54
                                                                                                                                                                                                                                                        0x00bd2a5a
                                                                                                                                                                                                                                                        0x00bd2a5f
                                                                                                                                                                                                                                                        0x00bd2a65
                                                                                                                                                                                                                                                        0x00bd2adc
                                                                                                                                                                                                                                                        0x00bd2adf
                                                                                                                                                                                                                                                        0x00bd2ae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2ae4
                                                                                                                                                                                                                                                        0x00bd2a69
                                                                                                                                                                                                                                                        0x00bd2a8f
                                                                                                                                                                                                                                                        0x00bd2a92
                                                                                                                                                                                                                                                        0x00bd2a97
                                                                                                                                                                                                                                                        0x00bd2a9d
                                                                                                                                                                                                                                                        0x00bd2aa2
                                                                                                                                                                                                                                                        0x00bd2aa9
                                                                                                                                                                                                                                                        0x00bd2ab3
                                                                                                                                                                                                                                                        0x00bd2abb
                                                                                                                                                                                                                                                        0x00bd2abe
                                                                                                                                                                                                                                                        0x00bd2ac6
                                                                                                                                                                                                                                                        0x00bd2acb
                                                                                                                                                                                                                                                        0x00bd2ad0
                                                                                                                                                                                                                                                        0x00bd2ad5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2ad7
                                                                                                                                                                                                                                                        0x00bd2a6f
                                                                                                                                                                                                                                                        0x00bd2a71
                                                                                                                                                                                                                                                        0x00bd2a71
                                                                                                                                                                                                                                                        0x00bd2a74
                                                                                                                                                                                                                                                        0x00bd2a76
                                                                                                                                                                                                                                                        0x00bd2a80
                                                                                                                                                                                                                                                        0x00bd2a80
                                                                                                                                                                                                                                                        0x00bd2a88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2a8a
                                                                                                                                                                                                                                                        0x00bd2a8d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2a8d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd2a80
                                                                                                                                                                                                                                                        0x00bd29ef
                                                                                                                                                                                                                                                        0x00bd29f4
                                                                                                                                                                                                                                                        0x00bd2a02

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?,Key,00000000), ref: 00BD2A5A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcslen
                                                                                                                                                                                                                                                        • String ID: Key
                                                                                                                                                                                                                                                        • API String ID: 4088430540-3000888649
                                                                                                                                                                                                                                                        • Opcode ID: 0a9e1b46d02ffd987b35b2779d455db89a8611bb5abf627a2656855bd5ae8cde
                                                                                                                                                                                                                                                        • Instruction ID: 66970f848091dedacbbd36f18b80b7918a935dec94b2f0367fc311a01de7c70c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0a9e1b46d02ffd987b35b2779d455db89a8611bb5abf627a2656855bd5ae8cde
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BD8147B0D102489FCB14DF94C885BEDBBF5FF58314F0880AAE409AB351EB74A949CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 47%
                                                                                                                                                                                                                                                        			E00BB7B70(signed short* __eax, intOrPtr __ecx, signed short __edx, signed short _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				signed short _v28;
                                                                                                                                                                                                                                                        				signed short* _v32;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed short* _t71;
                                                                                                                                                                                                                                                        				signed short* _t80;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				intOrPtr _t96;
                                                                                                                                                                                                                                                        				intOrPtr* _t98;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				signed short _t129;
                                                                                                                                                                                                                                                        				signed short _t130;
                                                                                                                                                                                                                                                        				signed short* _t136;
                                                                                                                                                                                                                                                        				signed short* _t137;
                                                                                                                                                                                                                                                        				signed int _t138;
                                                                                                                                                                                                                                                        				void* _t161;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t71 = __eax;
                                                                                                                                                                                                                                                        				_t129 = _a4;
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				__imp__moz_xmalloc(0x30);
                                                                                                                                                                                                                                                        				__eax[2] = 1;
                                                                                                                                                                                                                                                        				__eax[4] = 1;
                                                                                                                                                                                                                                                        				 *__eax = 0xbf0238;
                                                                                                                                                                                                                                                        				__eax[6] = _t129;
                                                                                                                                                                                                                                                        				__eax[0xa] = 0;
                                                                                                                                                                                                                                                        				_t98 = __eax;
                                                                                                                                                                                                                                                        				_t7 =  &(_t71[6]); // 0xc
                                                                                                                                                                                                                                                        				__eax[0xc] = 0x10;
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				__eax[8] =  &(__eax[0xe]);
                                                                                                                                                                                                                                                        				__eax[0x16] = __edx;
                                                                                                                                                                                                                                                        				E00BB7F80(__eax, _t7, 0x40, _t129, __edx);
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t98 + 0x2c)) == 0 ||  *((intOrPtr*)(_t98 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        					L29:
                                                                                                                                                                                                                                                        					E00BB7DF0(_v20, _t129);
                                                                                                                                                                                                                                                        					asm("lock dec dword [ebx+0x4]");
                                                                                                                                                                                                                                                        					if(__eflags == 0) {
                                                                                                                                                                                                                                                        						goto L25;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L27;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t80 =  *(_t98 + 0x10);
                                                                                                                                                                                                                                                        					if(_t80 == 0 || ( *_t80 & 0x0000ffff) != 0x5a4d) {
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						__imp__moz_xmalloc(0x30);
                                                                                                                                                                                                                                                        						_t18 =  &(_t80[0xe]); // 0x1c
                                                                                                                                                                                                                                                        						_t80[2] = 1;
                                                                                                                                                                                                                                                        						_t80[4] = 1;
                                                                                                                                                                                                                                                        						 *_t80 = 0xbf0238;
                                                                                                                                                                                                                                                        						_t80[6] = _t129;
                                                                                                                                                                                                                                                        						_t80[0xa] = 0;
                                                                                                                                                                                                                                                        						_t80[0xc] = 0x10;
                                                                                                                                                                                                                                                        						_t24 =  &(_t80[6]); // 0xc
                                                                                                                                                                                                                                                        						_t80[8] = _t18;
                                                                                                                                                                                                                                                        						_t80[0x16] = _t80[0x1e] + _v28;
                                                                                                                                                                                                                                                        						_t136 = _t80;
                                                                                                                                                                                                                                                        						E00BB7F80(_t98, _t24, 0xf8, _t129, _t136);
                                                                                                                                                                                                                                                        						_v32 = _t136;
                                                                                                                                                                                                                                                        						if(_t136[0x16] == 0 || _t136[0xa] == 0) {
                                                                                                                                                                                                                                                        							L28:
                                                                                                                                                                                                                                                        							E00BB7DF0(_v20, _a4);
                                                                                                                                                                                                                                                        							goto L21;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t130 = _t136[8];
                                                                                                                                                                                                                                                        							if(_t130 == 0 ||  *_t130 != 0x4550) {
                                                                                                                                                                                                                                                        								goto L28;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t87 =  *(_t130 + 0x18) & 0x0000ffff;
                                                                                                                                                                                                                                                        								if(_t87 != 0x10b ||  *((intOrPtr*)(_t130 + 0x50)) <= 0x137) {
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v24 = _t98;
                                                                                                                                                                                                                                                        									if( *((intOrPtr*)(_t130 + 0x74)) == 0) {
                                                                                                                                                                                                                                                        										L32:
                                                                                                                                                                                                                                                        										E00BB7DF0(_v20, _a4);
                                                                                                                                                                                                                                                        										_t98 = _v24;
                                                                                                                                                                                                                                                        										L21:
                                                                                                                                                                                                                                                        										_t137 = _v32;
                                                                                                                                                                                                                                                        										asm("lock dec dword [esi+0x4]");
                                                                                                                                                                                                                                                        										if(_t161 == 0) {
                                                                                                                                                                                                                                                        											 *( *_t137)();
                                                                                                                                                                                                                                                        											asm("lock dec dword [esi+0x8]");
                                                                                                                                                                                                                                                        											if(_t161 == 0) {
                                                                                                                                                                                                                                                        												 *((intOrPtr*)( *_t137 + 4))();
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										asm("lock dec dword [ebx+0x4]");
                                                                                                                                                                                                                                                        										if(_t161 != 0) {
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											return _v20;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L25:
                                                                                                                                                                                                                                                        											 *((intOrPtr*)( *_t98))();
                                                                                                                                                                                                                                                        											asm("lock dec dword [ebx+0x8]");
                                                                                                                                                                                                                                                        											if(_t161 == 0) {
                                                                                                                                                                                                                                                        												 *((intOrPtr*)( *_t98 + 4))();
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t99 =  *((intOrPtr*)(_t130 + 0x78));
                                                                                                                                                                                                                                                        									if(_t99 == 0 ||  *((intOrPtr*)(_t130 + 0x7c)) == 0) {
                                                                                                                                                                                                                                                        										goto L32;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										__imp__moz_xmalloc(0x30);
                                                                                                                                                                                                                                                        										_t138 = _t87;
                                                                                                                                                                                                                                                        										 *(_t87 + 4) = 1;
                                                                                                                                                                                                                                                        										 *(_t87 + 8) = 1;
                                                                                                                                                                                                                                                        										 *_t87 = 0xbf0238;
                                                                                                                                                                                                                                                        										_t40 = _t87 + 0xc; // 0xc
                                                                                                                                                                                                                                                        										_t42 = _t138 + 0x1c; // 0x1c
                                                                                                                                                                                                                                                        										 *(_t138 + 0xc) = _a4;
                                                                                                                                                                                                                                                        										 *(_t138 + 0x14) = 0;
                                                                                                                                                                                                                                                        										 *(_t138 + 0x18) = 0x10;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t138 + 0x10)) = _t42;
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t138 + 0x2c)) = _t99 + _v28;
                                                                                                                                                                                                                                                        										E00BB7F80(_t99 + _v28, _t40, 0x28, _t130, _t138);
                                                                                                                                                                                                                                                        										if( *((intOrPtr*)(_t138 + 0x2c)) == 0 ||  *(_t138 + 0x14) == 0) {
                                                                                                                                                                                                                                                        											L31:
                                                                                                                                                                                                                                                        											E00BB7DF0(_v20, _a4);
                                                                                                                                                                                                                                                        											goto L18;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t96 =  *((intOrPtr*)(_t138 + 0x10));
                                                                                                                                                                                                                                                        											if(_t96 == 0 ||  *((intOrPtr*)(_t96 + 0x14)) == 0) {
                                                                                                                                                                                                                                                        												goto L31;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t161 =  *((intOrPtr*)(_t130 + 0x7c)) +  *((intOrPtr*)(_t130 + 0x78));
                                                                                                                                                                                                                                                        												E00BB7F10(_v20, _a4, _t161, _v28,  *((intOrPtr*)(_t130 + 0x78)),  *((intOrPtr*)(_t130 + 0x7c)) +  *((intOrPtr*)(_t130 + 0x78)), _t96);
                                                                                                                                                                                                                                                        												L18:
                                                                                                                                                                                                                                                        												asm("lock dec dword [esi+0x4]");
                                                                                                                                                                                                                                                        												_t98 = _v24;
                                                                                                                                                                                                                                                        												if(_t161 == 0) {
                                                                                                                                                                                                                                                        													 *((intOrPtr*)( *_t138))();
                                                                                                                                                                                                                                                        													asm("lock dec dword [esi+0x8]");
                                                                                                                                                                                                                                                        													if(_t161 == 0) {
                                                                                                                                                                                                                                                        														 *((intOrPtr*)( *_t138 + 4))();
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L21;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






















                                                                                                                                                                                                                                                        0x00bb7b70
                                                                                                                                                                                                                                                        0x00bb7b79
                                                                                                                                                                                                                                                        0x00bb7b7e
                                                                                                                                                                                                                                                        0x00bb7b83
                                                                                                                                                                                                                                                        0x00bb7b8c
                                                                                                                                                                                                                                                        0x00bb7b93
                                                                                                                                                                                                                                                        0x00bb7b9a
                                                                                                                                                                                                                                                        0x00bb7ba0
                                                                                                                                                                                                                                                        0x00bb7ba3
                                                                                                                                                                                                                                                        0x00bb7baa
                                                                                                                                                                                                                                                        0x00bb7bac
                                                                                                                                                                                                                                                        0x00bb7baf
                                                                                                                                                                                                                                                        0x00bb7bbe
                                                                                                                                                                                                                                                        0x00bb7bc1
                                                                                                                                                                                                                                                        0x00bb7bc4
                                                                                                                                                                                                                                                        0x00bb7bc7
                                                                                                                                                                                                                                                        0x00bb7bd0
                                                                                                                                                                                                                                                        0x00bb7db0
                                                                                                                                                                                                                                                        0x00bb7db5
                                                                                                                                                                                                                                                        0x00bb7dba
                                                                                                                                                                                                                                                        0x00bb7dbe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7be0
                                                                                                                                                                                                                                                        0x00bb7be0
                                                                                                                                                                                                                                                        0x00bb7be5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7bfa
                                                                                                                                                                                                                                                        0x00bb7c02
                                                                                                                                                                                                                                                        0x00bb7c0b
                                                                                                                                                                                                                                                        0x00bb7c0e
                                                                                                                                                                                                                                                        0x00bb7c15
                                                                                                                                                                                                                                                        0x00bb7c1c
                                                                                                                                                                                                                                                        0x00bb7c22
                                                                                                                                                                                                                                                        0x00bb7c25
                                                                                                                                                                                                                                                        0x00bb7c2c
                                                                                                                                                                                                                                                        0x00bb7c33
                                                                                                                                                                                                                                                        0x00bb7c36
                                                                                                                                                                                                                                                        0x00bb7c3e
                                                                                                                                                                                                                                                        0x00bb7c41
                                                                                                                                                                                                                                                        0x00bb7c43
                                                                                                                                                                                                                                                        0x00bb7c4c
                                                                                                                                                                                                                                                        0x00bb7c4f
                                                                                                                                                                                                                                                        0x00bb7da3
                                                                                                                                                                                                                                                        0x00bb7da9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7c5f
                                                                                                                                                                                                                                                        0x00bb7c5f
                                                                                                                                                                                                                                                        0x00bb7c64
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7c76
                                                                                                                                                                                                                                                        0x00bb7c76
                                                                                                                                                                                                                                                        0x00bb7c7f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7c92
                                                                                                                                                                                                                                                        0x00bb7c96
                                                                                                                                                                                                                                                        0x00bb7c99
                                                                                                                                                                                                                                                        0x00bb7dd2
                                                                                                                                                                                                                                                        0x00bb7dd8
                                                                                                                                                                                                                                                        0x00bb7ddd
                                                                                                                                                                                                                                                        0x00bb7d63
                                                                                                                                                                                                                                                        0x00bb7d63
                                                                                                                                                                                                                                                        0x00bb7d66
                                                                                                                                                                                                                                                        0x00bb7d6a
                                                                                                                                                                                                                                                        0x00bb7d70
                                                                                                                                                                                                                                                        0x00bb7d72
                                                                                                                                                                                                                                                        0x00bb7d76
                                                                                                                                                                                                                                                        0x00bb7d7c
                                                                                                                                                                                                                                                        0x00bb7d7c
                                                                                                                                                                                                                                                        0x00bb7d76
                                                                                                                                                                                                                                                        0x00bb7d7f
                                                                                                                                                                                                                                                        0x00bb7d83
                                                                                                                                                                                                                                                        0x00bb7d98
                                                                                                                                                                                                                                                        0x00bb7da2
                                                                                                                                                                                                                                                        0x00bb7d85
                                                                                                                                                                                                                                                        0x00bb7d85
                                                                                                                                                                                                                                                        0x00bb7d89
                                                                                                                                                                                                                                                        0x00bb7d8b
                                                                                                                                                                                                                                                        0x00bb7d8f
                                                                                                                                                                                                                                                        0x00bb7d95
                                                                                                                                                                                                                                                        0x00bb7d95
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d8f
                                                                                                                                                                                                                                                        0x00bb7d83
                                                                                                                                                                                                                                                        0x00bb7c9f
                                                                                                                                                                                                                                                        0x00bb7ca4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7cb4
                                                                                                                                                                                                                                                        0x00bb7cb9
                                                                                                                                                                                                                                                        0x00bb7cc2
                                                                                                                                                                                                                                                        0x00bb7cc4
                                                                                                                                                                                                                                                        0x00bb7ccb
                                                                                                                                                                                                                                                        0x00bb7cd2
                                                                                                                                                                                                                                                        0x00bb7cd8
                                                                                                                                                                                                                                                        0x00bb7cde
                                                                                                                                                                                                                                                        0x00bb7ce1
                                                                                                                                                                                                                                                        0x00bb7ce4
                                                                                                                                                                                                                                                        0x00bb7ceb
                                                                                                                                                                                                                                                        0x00bb7cf2
                                                                                                                                                                                                                                                        0x00bb7cfa
                                                                                                                                                                                                                                                        0x00bb7cfd
                                                                                                                                                                                                                                                        0x00bb7d06
                                                                                                                                                                                                                                                        0x00bb7dc2
                                                                                                                                                                                                                                                        0x00bb7dc8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d16
                                                                                                                                                                                                                                                        0x00bb7d16
                                                                                                                                                                                                                                                        0x00bb7d1b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d2b
                                                                                                                                                                                                                                                        0x00bb7d37
                                                                                                                                                                                                                                                        0x00bb7d3f
                                                                                                                                                                                                                                                        0x00bb7d47
                                                                                                                                                                                                                                                        0x00bb7d47
                                                                                                                                                                                                                                                        0x00bb7d4b
                                                                                                                                                                                                                                                        0x00bb7d4e
                                                                                                                                                                                                                                                        0x00bb7d54
                                                                                                                                                                                                                                                        0x00bb7d56
                                                                                                                                                                                                                                                        0x00bb7d5a
                                                                                                                                                                                                                                                        0x00bb7d60
                                                                                                                                                                                                                                                        0x00bb7d60
                                                                                                                                                                                                                                                        0x00bb7d5a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb7d4e
                                                                                                                                                                                                                                                        0x00bb7d1b
                                                                                                                                                                                                                                                        0x00bb7d06
                                                                                                                                                                                                                                                        0x00bb7ca4
                                                                                                                                                                                                                                                        0x00bb7c7f
                                                                                                                                                                                                                                                        0x00bb7c64
                                                                                                                                                                                                                                                        0x00bb7c4f
                                                                                                                                                                                                                                                        0x00bb7be5

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,00BB7A50,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BB7B83
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,00BB7A50,?,?,?,?,?,?,?,?,?,?,?), ref: 00BB7C02
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: memset.NTDLL ref: 00BB8004
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: ReadProcessMemory.KERNEL32(0000000C,?,?,?,00000000), ref: 00BB803B
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: memset.NTDLL ref: 00BB807F
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000030,?,?,?,?,00BB7A50,?,?,?,?,?,?,?,?,?,?), ref: 00BB7CB9
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: ReadProcessMemory.KERNEL32(?,?,?,?,?,?,?,?), ref: 00BB80B8
                                                                                                                                                                                                                                                          • Part of subcall function 00BB7F80: free.MOZGLUE(?,?,?,?,00BB7A50,00000000,?,00BB7BCC,?,?,?,00BB7A50,?), ref: 00BB811E
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$MemoryProcessReadmemset$free
                                                                                                                                                                                                                                                        • String ID: NtMapViewOfSection
                                                                                                                                                                                                                                                        • API String ID: 2551268302-2752921276
                                                                                                                                                                                                                                                        • Opcode ID: 120ab2e4bf95879f02a3f0eedbecbb39b24feff135f99d3a25f9ba9dfd1f1225
                                                                                                                                                                                                                                                        • Instruction ID: 596246166a6bcdd5361397ccf696a87b269008602b8ed4dff588c90fdc434935
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 120ab2e4bf95879f02a3f0eedbecbb39b24feff135f99d3a25f9ba9dfd1f1225
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 887143B0644604CFDB25DF14C488BBABBF1FF84344F0588AAD8095B3A2CBB5E945CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 38%
                                                                                                                                                                                                                                                        			E00BC48F0(intOrPtr _a4, void* _a8, signed short _a12) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				intOrPtr _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				void _v60;
                                                                                                                                                                                                                                                        				void* _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				void* _v76;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				intOrPtr* _t47;
                                                                                                                                                                                                                                                        				intOrPtr _t48;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				void* _t57;
                                                                                                                                                                                                                                                        				signed int _t62;
                                                                                                                                                                                                                                                        				void _t65;
                                                                                                                                                                                                                                                        				void* _t66;
                                                                                                                                                                                                                                                        				intOrPtr _t74;
                                                                                                                                                                                                                                                        				unsigned int _t77;
                                                                                                                                                                                                                                                        				void* _t78;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				char* _t85;
                                                                                                                                                                                                                                                        				intOrPtr _t86;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				void* _t91;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int* _t94;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t92 = _t91 - 0x34;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t41 = _t40 ^ _t89;
                                                                                                                                                                                                                                                        				_v12 = _t40 ^ _t89;
                                                                                                                                                                                                                                                        				if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        					L12:
                                                                                                                                                                                                                                                        					return E00BEECB0(_t41, _v12 ^ _t89, _t76);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t62 = _a12 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t43 = _a8;
                                                                                                                                                                                                                                                        					_v40 = 7;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_t77 = _t62 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t84 = _t77 >> 1;
                                                                                                                                                                                                                                                        					if(_t77 > 0xf) {
                                                                                                                                                                                                                                                        						_t94 = _t92 - 0xc;
                                                                                                                                                                                                                                                        						_v68 = _v36;
                                                                                                                                                                                                                                                        						_v64 = _t43;
                                                                                                                                                                                                                                                        						 *_t94 = _t84;
                                                                                                                                                                                                                                                        						E00BBA7D0(_t57,  &_v60, _t78, _t84);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v44 = _t84;
                                                                                                                                                                                                                                                        						_t76 =  &_v60;
                                                                                                                                                                                                                                                        						memcpy( &_v60, _t43, _t62 & 0x0000fffe);
                                                                                                                                                                                                                                                        						_t94 = _t92 + 0xc;
                                                                                                                                                                                                                                                        						 *((short*)(_t89 + _t84 * 2 - 0x38)) = 0;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t45 = _v44;
                                                                                                                                                                                                                                                        					if(_v40 <= 7) {
                                                                                                                                                                                                                                                        						_t65 =  &_v60;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t65 = _v60;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t85 =  &_v36;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t85, _t65, _t45);
                                                                                                                                                                                                                                                        					_t92 =  &(_t94[3]);
                                                                                                                                                                                                                                                        					_t47 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t47 != 0) {
                                                                                                                                                                                                                                                        						_t74 = _a4;
                                                                                                                                                                                                                                                        						if(_v16 > 0xf) {
                                                                                                                                                                                                                                                        							_t85 = _v36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t47("Broker ALLOWED", _t74, _t85, 0, 0);
                                                                                                                                                                                                                                                        						_t92 = _t92 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t48 = _v16;
                                                                                                                                                                                                                                                        					if(_t48 >= 0x10) {
                                                                                                                                                                                                                                                        						_t66 = _v36;
                                                                                                                                                                                                                                                        						_t86 = _t48 + 1;
                                                                                                                                                                                                                                                        						if(_t86 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t76 =  *((intOrPtr*)(_t66 - 4));
                                                                                                                                                                                                                                                        							if(_t66 + 0xfffffffc - _t76 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t89);
                                                                                                                                                                                                                                                        								_push(_t57);
                                                                                                                                                                                                                                                        								_push(_t78);
                                                                                                                                                                                                                                                        								_push(_t86);
                                                                                                                                                                                                                                                        								_push(_t48);
                                                                                                                                                                                                                                                        								_t49 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        								_t50 = _t49 ^ _t92;
                                                                                                                                                                                                                                                        								_v80 = _t50;
                                                                                                                                                                                                                                                        								_push(_t50);
                                                                                                                                                                                                                                                        								_push(0x18);
                                                                                                                                                                                                                                                        								L00BEF6BA();
                                                                                                                                                                                                                                                        								_t79 = _t50;
                                                                                                                                                                                                                                                        								E00BC4BB0(_t50, E00BC4B80, E00BC4BA0);
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t79 + 0x10)) = _v56;
                                                                                                                                                                                                                                                        								 *_t92 = _t79;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t79 + 0x14)) = _v52;
                                                                                                                                                                                                                                                        								return E00BEECB0(E00BC4BE0(_t92), _v80 ^ _t92, _t76);
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t48 = _t48 + 0x24;
                                                                                                                                                                                                                                                        								_t66 = _t76;
                                                                                                                                                                                                                                                        								_t86 = _t48;
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L14:
                                                                                                                                                                                                                                                        							_push(_t86);
                                                                                                                                                                                                                                                        							_push(_t66);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t92 = _t92 + 8;
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_v20 = 0;
                                                                                                                                                                                                                                                        						_v16 = 0xf;
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_t41 = E00BBDF30(_t48,  &_v60, _t76);
                                                                                                                                                                                                                                                        						goto L12;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}









































                                                                                                                                                                                                                                                        0x00bc48f4
                                                                                                                                                                                                                                                        0x00bc48f7
                                                                                                                                                                                                                                                        0x00bc48fc
                                                                                                                                                                                                                                                        0x00bc48fe
                                                                                                                                                                                                                                                        0x00bc4908
                                                                                                                                                                                                                                                        0x00bc49be
                                                                                                                                                                                                                                                        0x00bc49cd
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc4912
                                                                                                                                                                                                                                                        0x00bc4915
                                                                                                                                                                                                                                                        0x00bc491c
                                                                                                                                                                                                                                                        0x00bc4923
                                                                                                                                                                                                                                                        0x00bc4929
                                                                                                                                                                                                                                                        0x00bc492e
                                                                                                                                                                                                                                                        0x00bc4934
                                                                                                                                                                                                                                                        0x00bc49e8
                                                                                                                                                                                                                                                        0x00bc49ee
                                                                                                                                                                                                                                                        0x00bc49f5
                                                                                                                                                                                                                                                        0x00bc49f9
                                                                                                                                                                                                                                                        0x00bc49fc
                                                                                                                                                                                                                                                        0x00bc493a
                                                                                                                                                                                                                                                        0x00bc4940
                                                                                                                                                                                                                                                        0x00bc4943
                                                                                                                                                                                                                                                        0x00bc4949
                                                                                                                                                                                                                                                        0x00bc494e
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4958
                                                                                                                                                                                                                                                        0x00bc495f
                                                                                                                                                                                                                                                        0x00bc4966
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4969
                                                                                                                                                                                                                                                        0x00bc496f
                                                                                                                                                                                                                                                        0x00bc4974
                                                                                                                                                                                                                                                        0x00bc4977
                                                                                                                                                                                                                                                        0x00bc497e
                                                                                                                                                                                                                                                        0x00bc4980
                                                                                                                                                                                                                                                        0x00bc4987
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4997
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc499c
                                                                                                                                                                                                                                                        0x00bc49a2
                                                                                                                                                                                                                                                        0x00bc49ce
                                                                                                                                                                                                                                                        0x00bc49d1
                                                                                                                                                                                                                                                        0x00bc49da
                                                                                                                                                                                                                                                        0x00bc4a06
                                                                                                                                                                                                                                                        0x00bc4a11
                                                                                                                                                                                                                                                        0x00bc4a1c
                                                                                                                                                                                                                                                        0x00bc4a22
                                                                                                                                                                                                                                                        0x00bc4a23
                                                                                                                                                                                                                                                        0x00bc4a24
                                                                                                                                                                                                                                                        0x00bc4a25
                                                                                                                                                                                                                                                        0x00bc4a26
                                                                                                                                                                                                                                                        0x00bc4a27
                                                                                                                                                                                                                                                        0x00bc4a28
                                                                                                                                                                                                                                                        0x00bc4a29
                                                                                                                                                                                                                                                        0x00bc4a2a
                                                                                                                                                                                                                                                        0x00bc4a2b
                                                                                                                                                                                                                                                        0x00bc4a2c
                                                                                                                                                                                                                                                        0x00bc4a2d
                                                                                                                                                                                                                                                        0x00bc4a2e
                                                                                                                                                                                                                                                        0x00bc4a2f
                                                                                                                                                                                                                                                        0x00bc4a30
                                                                                                                                                                                                                                                        0x00bc4a33
                                                                                                                                                                                                                                                        0x00bc4a34
                                                                                                                                                                                                                                                        0x00bc4a35
                                                                                                                                                                                                                                                        0x00bc4a36
                                                                                                                                                                                                                                                        0x00bc4a37
                                                                                                                                                                                                                                                        0x00bc4a3f
                                                                                                                                                                                                                                                        0x00bc4a41
                                                                                                                                                                                                                                                        0x00bc4a44
                                                                                                                                                                                                                                                        0x00bc4a47
                                                                                                                                                                                                                                                        0x00bc4a49
                                                                                                                                                                                                                                                        0x00bc4a51
                                                                                                                                                                                                                                                        0x00bc4a5f
                                                                                                                                                                                                                                                        0x00bc4a69
                                                                                                                                                                                                                                                        0x00bc4a6c
                                                                                                                                                                                                                                                        0x00bc4a6e
                                                                                                                                                                                                                                                        0x00bc4a87
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a16
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dd
                                                                                                                                                                                                                                                        0x00bc49de
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a7
                                                                                                                                                                                                                                                        0x00bc49ae
                                                                                                                                                                                                                                                        0x00bc49b5
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00bc49a2

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?), ref: 00BC4949
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BC49DE
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC4A1C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturnmemcpy
                                                                                                                                                                                                                                                        • String ID: Broker ALLOWED
                                                                                                                                                                                                                                                        • API String ID: 1214998048-3284428901
                                                                                                                                                                                                                                                        • Opcode ID: 5a354f2a45e49a3e07cfad1b50765d82bd20c60e5af87e8b9ba9aaa1f0df31cc
                                                                                                                                                                                                                                                        • Instruction ID: 7cb1529ab08b33d69732ad7cf0118a63a12eb51b579fdbbc9b16cdbec38d6d3c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5a354f2a45e49a3e07cfad1b50765d82bd20c60e5af87e8b9ba9aaa1f0df31cc
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8331B2B1C00128AFCB14DF94D895BFEBBF4EF44310F1445ACE8566B290D7795A88CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BD5240(intOrPtr __ecx, intOrPtr _a4, void* _a8, long _a12, long _a16, signed int _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v176;
                                                                                                                                                                                                                                                        				signed short _v180;
                                                                                                                                                                                                                                                        				char _v200;
                                                                                                                                                                                                                                                        				void* _v204;
                                                                                                                                                                                                                                                        				long _v208;
                                                                                                                                                                                                                                                        				char _v212;
                                                                                                                                                                                                                                                        				intOrPtr _v216;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				intOrPtr _t39;
                                                                                                                                                                                                                                                        				signed int _t52;
                                                                                                                                                                                                                                                        				void* _t53;
                                                                                                                                                                                                                                                        				signed int _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t69;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				void* _t71;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v216 = __ecx;
                                                                                                                                                                                                                                                        				_t67 = _a20;
                                                                                                                                                                                                                                                        				_t69 = _a4;
                                                                                                                                                                                                                                                        				_t32 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t32 ^ _t70;
                                                                                                                                                                                                                                                        				if( *0xbfb50c == 0) {
                                                                                                                                                                                                                                                        					E00BEB3D0("NtQueryObject", 0xbfb50c);
                                                                                                                                                                                                                                                        					_t71 = _t71 + 8;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t34 = GetCurrentProcess();
                                                                                                                                                                                                                                                        				_t66 =  &_v204;
                                                                                                                                                                                                                                                        				if(DuplicateHandle( *( *(_t69 + 4)), _a8, _t34,  &_v204, 0, 0, _t67 | 0x00000002) != 0) {
                                                                                                                                                                                                                                                        					_t52 = _t67;
                                                                                                                                                                                                                                                        					_v208 = 0;
                                                                                                                                                                                                                                                        					E00BC5200(_v204,  &_v208, _v204);
                                                                                                                                                                                                                                                        					_v212 = 0x9e;
                                                                                                                                                                                                                                                        					_t39 =  *0xbfb50c(_v208, 2,  &_v180, 0x9e,  &_v212);
                                                                                                                                                                                                                                                        					if(_t39 < 0) {
                                                                                                                                                                                                                                                        						_t53 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						 *((short*)(_v176 + (_v180 & 0xfffe))) = 0;
                                                                                                                                                                                                                                                        						_v200 = 2;
                                                                                                                                                                                                                                                        						asm("movd xmm0, eax");
                                                                                                                                                                                                                                                        						asm("movd xmm1, eax");
                                                                                                                                                                                                                                                        						asm("punpcklqdq xmm1, xmm0");
                                                                                                                                                                                                                                                        						asm("psllq xmm1, 0x20");
                                                                                                                                                                                                                                                        						asm("por xmm1, [0xbf12d0]");
                                                                                                                                                                                                                                                        						asm("movdqu [ebp-0xc0], xmm1");
                                                                                                                                                                                                                                                        						_t39 = E00BD5740(E00BE5950( *((intOrPtr*)(_v216 + 0x10)), 0x12,  &_v200), _v208, _a12, _t69 + 0x18, _a16, _t52 & 0xfffffffe);
                                                                                                                                                                                                                                                        						_t53 = 1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t69 + 0x10)) = _t39;
                                                                                                                                                                                                                                                        					_t40 = E00BC51B0(_t39,  &_v208);
                                                                                                                                                                                                                                                        					goto L4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t69 + 0x10)) = GetLastError();
                                                                                                                                                                                                                                                        					_t53 = 0;
                                                                                                                                                                                                                                                        					L4:
                                                                                                                                                                                                                                                        					E00BEECB0(_t40, _v20 ^ _t70, _t66);
                                                                                                                                                                                                                                                        					return _t53;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bd524c
                                                                                                                                                                                                                                                        0x00bd5252
                                                                                                                                                                                                                                                        0x00bd5255
                                                                                                                                                                                                                                                        0x00bd5258
                                                                                                                                                                                                                                                        0x00bd525f
                                                                                                                                                                                                                                                        0x00bd5269
                                                                                                                                                                                                                                                        0x00bd5275
                                                                                                                                                                                                                                                        0x00bd527a
                                                                                                                                                                                                                                                        0x00bd527a
                                                                                                                                                                                                                                                        0x00bd5282
                                                                                                                                                                                                                                                        0x00bd528b
                                                                                                                                                                                                                                                        0x00bd52a5
                                                                                                                                                                                                                                                        0x00bd52d1
                                                                                                                                                                                                                                                        0x00bd52d3
                                                                                                                                                                                                                                                        0x00bd52e4
                                                                                                                                                                                                                                                        0x00bd52ef
                                                                                                                                                                                                                                                        0x00bd530e
                                                                                                                                                                                                                                                        0x00bd5316
                                                                                                                                                                                                                                                        0x00bd539f
                                                                                                                                                                                                                                                        0x00bd531c
                                                                                                                                                                                                                                                        0x00bd5332
                                                                                                                                                                                                                                                        0x00bd533b
                                                                                                                                                                                                                                                        0x00bd5345
                                                                                                                                                                                                                                                        0x00bd534f
                                                                                                                                                                                                                                                        0x00bd5359
                                                                                                                                                                                                                                                        0x00bd535d
                                                                                                                                                                                                                                                        0x00bd5362
                                                                                                                                                                                                                                                        0x00bd536a
                                                                                                                                                                                                                                                        0x00bd5393
                                                                                                                                                                                                                                                        0x00bd539b
                                                                                                                                                                                                                                                        0x00bd539b
                                                                                                                                                                                                                                                        0x00bd53a7
                                                                                                                                                                                                                                                        0x00bd53aa
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd52a7
                                                                                                                                                                                                                                                        0x00bd52ad
                                                                                                                                                                                                                                                        0x00bd52b0
                                                                                                                                                                                                                                                        0x00bd52b2
                                                                                                                                                                                                                                                        0x00bd52b7
                                                                                                                                                                                                                                                        0x00bd52c8
                                                                                                                                                                                                                                                        0x00bd52c8

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD5282
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(?,?,00000000,?,00000000,00000000,?), ref: 00BD529D
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD52A7
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetLastError.KERNEL32(00000000,?,00004000,?,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5210
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: GetHandleVerifier.FLASHPLAYER(?,00BDC412,00000000,?,00BDBECC), ref: 00BC5234
                                                                                                                                                                                                                                                          • Part of subcall function 00BC5200: SetLastError.KERNEL32(00BDC412,?,00BDC412,00000000,?,00BDBECC), ref: 00BC5249
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast$Handle$AddressCurrentDuplicateProcProcessVerifier
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 3306402287-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: 6a95fabe0cf2d927df8da5fe29cd75ac7839f25ba88db2fd7f7d83bc4d9e1ecf
                                                                                                                                                                                                                                                        • Instruction ID: d59ba5810e644fe9cdc4200845f68d000236bff4a4067139f3abe8532592fea4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6a95fabe0cf2d927df8da5fe29cd75ac7839f25ba88db2fd7f7d83bc4d9e1ecf
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F5416D719003199FEB20DF64DC45FAAB7B8FF45310F0046D9E919A7291EB70AA88CF60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE8A40(intOrPtr* __ecx, char* __edx) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				short _v40;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v72;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				short _v96;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				char _v112;
                                                                                                                                                                                                                                                        				intOrPtr _v116;
                                                                                                                                                                                                                                                        				signed int _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t27;
                                                                                                                                                                                                                                                        				long _t30;
                                                                                                                                                                                                                                                        				intOrPtr _t36;
                                                                                                                                                                                                                                                        				char* _t40;
                                                                                                                                                                                                                                                        				char* _t43;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				signed int _t58;
                                                                                                                                                                                                                                                        				signed int _t59;
                                                                                                                                                                                                                                                        				void* _t61;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t54 = __edx;
                                                                                                                                                                                                                                                        				_t61 = (_t59 & 0xfffffff0) - 0x60;
                                                                                                                                                                                                                                                        				_t25 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t57 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t25 ^ _t58;
                                                                                                                                                                                                                                                        				_t27 =  *0xbfb6b4; // 0x0
                                                                                                                                                                                                                                                        				if(_t27 == 0) {
                                                                                                                                                                                                                                                        					_v108 = 0;
                                                                                                                                                                                                                                                        					E00BEB3D0("NtOpenDirectoryObject",  &_v108);
                                                                                                                                                                                                                                                        					_t62 = _t61 + 8;
                                                                                                                                                                                                                                                        					_v112 = 0;
                                                                                                                                                                                                                                                        					_t30 = GetCurrentProcessId();
                                                                                                                                                                                                                                                        					__imp__ProcessIdToSessionId(_t30, _t61 + 8);
                                                                                                                                                                                                                                                        					_t43 =  &_v88;
                                                                                                                                                                                                                                                        					_v36 = 7;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v56 = 0;
                                                                                                                                                                                                                                                        					E00BC7590(__eflags, _t43, L"%d",  *_t62);
                                                                                                                                                                                                                                                        					_t55 =  &_v112;
                                                                                                                                                                                                                                                        					_v92 = 7;
                                                                                                                                                                                                                                                        					_v96 = 0;
                                                                                                                                                                                                                                                        					_v112 = 0;
                                                                                                                                                                                                                                                        					E00BBA740( &_v112, L"\\Sessions\\BNOLINKS");
                                                                                                                                                                                                                                                        					_t54 = _t43;
                                                                                                                                                                                                                                                        					_t44 = E00BE8770( &_v112, _t43, __eflags,  &_v60);
                                                                                                                                                                                                                                                        					_t36 = E00BBDF30(E00BBDF30(_t34, _t55, _t43),  &_v92, _t43);
                                                                                                                                                                                                                                                        					__eflags = _t44;
                                                                                                                                                                                                                                                        					if(_t44 >= 0) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v108 = 0;
                                                                                                                                                                                                                                                        						_v112 = 0;
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_v72 = 0;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        						_t40 =  &_v88;
                                                                                                                                                                                                                                                        						E00BE5CE0( &_v56, 0x40, 0, _t40,  &_v112, 0);
                                                                                                                                                                                                                                                        						_t36 = _v116(0xbfb6b4, 0xf, _t40);
                                                                                                                                                                                                                                                        						_t44 = _t36;
                                                                                                                                                                                                                                                        						__eflags = _t36;
                                                                                                                                                                                                                                                        						if(_t36 >= 0) {
                                                                                                                                                                                                                                                        							_t36 =  *0xbfb6b4; // 0x0
                                                                                                                                                                                                                                                        							 *_t57 = _t36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t27 = E00BBDF30(_t36,  &_v56, _t54);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *__ecx = _t27;
                                                                                                                                                                                                                                                        					_t44 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t27, _v32 ^ _t58, _t54);
                                                                                                                                                                                                                                                        				return _t44;
                                                                                                                                                                                                                                                        			}




























                                                                                                                                                                                                                                                        0x00be8a40
                                                                                                                                                                                                                                                        0x00be8a49
                                                                                                                                                                                                                                                        0x00be8a4c
                                                                                                                                                                                                                                                        0x00be8a51
                                                                                                                                                                                                                                                        0x00be8a55
                                                                                                                                                                                                                                                        0x00be8a59
                                                                                                                                                                                                                                                        0x00be8a60
                                                                                                                                                                                                                                                        0x00be8a7f
                                                                                                                                                                                                                                                        0x00be8a8d
                                                                                                                                                                                                                                                        0x00be8a92
                                                                                                                                                                                                                                                        0x00be8a95
                                                                                                                                                                                                                                                        0x00be8a9c
                                                                                                                                                                                                                                                        0x00be8aa6
                                                                                                                                                                                                                                                        0x00be8aac
                                                                                                                                                                                                                                                        0x00be8ab0
                                                                                                                                                                                                                                                        0x00be8ab8
                                                                                                                                                                                                                                                        0x00be8ac0
                                                                                                                                                                                                                                                        0x00be8ad0
                                                                                                                                                                                                                                                        0x00be8ad8
                                                                                                                                                                                                                                                        0x00be8adc
                                                                                                                                                                                                                                                        0x00be8ae4
                                                                                                                                                                                                                                                        0x00be8aec
                                                                                                                                                                                                                                                        0x00be8afa
                                                                                                                                                                                                                                                        0x00be8b05
                                                                                                                                                                                                                                                        0x00be8b12
                                                                                                                                                                                                                                                        0x00be8b1d
                                                                                                                                                                                                                                                        0x00be8b22
                                                                                                                                                                                                                                                        0x00be8b24
                                                                                                                                                                                                                                                        0x00be8b26
                                                                                                                                                                                                                                                        0x00be8b29
                                                                                                                                                                                                                                                        0x00be8b31
                                                                                                                                                                                                                                                        0x00be8b39
                                                                                                                                                                                                                                                        0x00be8b41
                                                                                                                                                                                                                                                        0x00be8b49
                                                                                                                                                                                                                                                        0x00be8b55
                                                                                                                                                                                                                                                        0x00be8b65
                                                                                                                                                                                                                                                        0x00be8b75
                                                                                                                                                                                                                                                        0x00be8b79
                                                                                                                                                                                                                                                        0x00be8b7b
                                                                                                                                                                                                                                                        0x00be8b7d
                                                                                                                                                                                                                                                        0x00be8b7f
                                                                                                                                                                                                                                                        0x00be8b84
                                                                                                                                                                                                                                                        0x00be8b84
                                                                                                                                                                                                                                                        0x00be8b7d
                                                                                                                                                                                                                                                        0x00be8b8a
                                                                                                                                                                                                                                                        0x00be8a62
                                                                                                                                                                                                                                                        0x00be8a62
                                                                                                                                                                                                                                                        0x00be8a64
                                                                                                                                                                                                                                                        0x00be8a64
                                                                                                                                                                                                                                                        0x00be8a6c
                                                                                                                                                                                                                                                        0x00be8a7a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetCurrentProcessId.KERNEL32 ref: 00BE8A9C
                                                                                                                                                                                                                                                        • ProcessIdToSessionId.KERNEL32(00000000), ref: 00BE8AA6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Process$CurrentSession
                                                                                                                                                                                                                                                        • String ID: NtOpenDirectoryObject$\Sessions\BNOLINKS
                                                                                                                                                                                                                                                        • API String ID: 2701954971-2858905111
                                                                                                                                                                                                                                                        • Opcode ID: 331bc24024b6d320a20e6c81263626c03bcc75a1e8610febc8f3f6791f665d7a
                                                                                                                                                                                                                                                        • Instruction ID: 28fc2af018cee43f19036c070fe490514bcbb2ca2176e952f6d733e263ee8ffb
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 331bc24024b6d320a20e6c81263626c03bcc75a1e8610febc8f3f6791f665d7a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F631C4B0608385ABD310DF61D845B6BBBE8EF84314F00496DF58997291EFB5D908CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 48%
                                                                                                                                                                                                                                                        			E00BEA450(int __edx, void* __eflags, intOrPtr _a4, void* _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				void* _v44;
                                                                                                                                                                                                                                                        				void* _v68;
                                                                                                                                                                                                                                                        				char _v72;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				void* _t35;
                                                                                                                                                                                                                                                        				void* _t36;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				signed int _t42;
                                                                                                                                                                                                                                                        				intOrPtr* _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				char _t46;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				signed int _t48;
                                                                                                                                                                                                                                                        				void* _t49;
                                                                                                                                                                                                                                                        				signed int* _t50;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t41 = __edx;
                                                                                                                                                                                                                                                        				_t24 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t24 ^ _t48;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtQueryObject",  &_v28);
                                                                                                                                                                                                                                                        				_t50 = _t49 + 8;
                                                                                                                                                                                                                                                        				_t43 = _v28;
                                                                                                                                                                                                                                                        				_t34 =  &_v36;
                                                                                                                                                                                                                                                        				_v40 = 8;
                                                                                                                                                                                                                                                        				_t29 =  *_t43(_a4, 1, _t34, 8,  &_v40);
                                                                                                                                                                                                                                                        				_t46 = _v40;
                                                                                                                                                                                                                                                        				if(_t46 == 0) {
                                                                                                                                                                                                                                                        					_t37 = 0;
                                                                                                                                                                                                                                                        					if(_t29 != 0) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						_t35 = 0;
                                                                                                                                                                                                                                                        						if(_t37 == 0) {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							E00BEECB0(_t29, _v20 ^ _t48, _t41);
                                                                                                                                                                                                                                                        							return _t35;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L3:
                                                                                                                                                                                                                                                        						_push(_t37);
                                                                                                                                                                                                                                                        						L00BEF6D2();
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_v44 = _t37;
                                                                                                                                                                                                                                                        					_t40 = _a8;
                                                                                                                                                                                                                                                        					_t42 =  *_t34 & 0x0000ffff;
                                                                                                                                                                                                                                                        					_t32 =  *(_t34 + 4);
                                                                                                                                                                                                                                                        					_t16 = _t40 + 0x14; // 0xc045c766
                                                                                                                                                                                                                                                        					_t47 =  *_t16;
                                                                                                                                                                                                                                                        					_t45 = _t42 >> 1;
                                                                                                                                                                                                                                                        					if(_t47 < _t45) {
                                                                                                                                                                                                                                                        						_t50 = _t50 - 0xc;
                                                                                                                                                                                                                                                        						_t41 = _v24;
                                                                                                                                                                                                                                                        						_v72 = _v24;
                                                                                                                                                                                                                                                        						_v68 = _t32;
                                                                                                                                                                                                                                                        						 *_t50 = _t45;
                                                                                                                                                                                                                                                        						_t29 = E00BBA7D0(_t34, _t40, _t45, _t47);
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t37 = _v44;
                                                                                                                                                                                                                                                        						_t35 = 1;
                                                                                                                                                                                                                                                        						if(_t37 != 0) {
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L4;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t36 = _t40;
                                                                                                                                                                                                                                                        					if(_t47 >= 8) {
                                                                                                                                                                                                                                                        						_t36 =  *_t40;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t41 = _t42 & 0xfffffffe;
                                                                                                                                                                                                                                                        					 *(_t40 + 0x10) = _t45;
                                                                                                                                                                                                                                                        					_t29 = memmove(_t36, _t32, _t42 & 0xfffffffe);
                                                                                                                                                                                                                                                        					_t50 =  &(_t50[3]);
                                                                                                                                                                                                                                                        					 *((short*)(_t36 + _t45 * 2)) = 0;
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L00BEF6CC();
                                                                                                                                                                                                                                                        				_t50 =  &(_t50[1]);
                                                                                                                                                                                                                                                        				_t34 = _t29;
                                                                                                                                                                                                                                                        				_t29 =  *_t43(_a4, 1, _t34, _t46,  &_v40, _t46);
                                                                                                                                                                                                                                                        				_t37 = _t34;
                                                                                                                                                                                                                                                        				if(_t29 == 0) {
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L2;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bea450
                                                                                                                                                                                                                                                        0x00bea459
                                                                                                                                                                                                                                                        0x00bea460
                                                                                                                                                                                                                                                        0x00bea466
                                                                                                                                                                                                                                                        0x00bea473
                                                                                                                                                                                                                                                        0x00bea478
                                                                                                                                                                                                                                                        0x00bea47b
                                                                                                                                                                                                                                                        0x00bea481
                                                                                                                                                                                                                                                        0x00bea484
                                                                                                                                                                                                                                                        0x00bea494
                                                                                                                                                                                                                                                        0x00bea496
                                                                                                                                                                                                                                                        0x00bea49b
                                                                                                                                                                                                                                                        0x00bea4de
                                                                                                                                                                                                                                                        0x00bea4e2
                                                                                                                                                                                                                                                        0x00bea4bb
                                                                                                                                                                                                                                                        0x00bea4bb
                                                                                                                                                                                                                                                        0x00bea4bf
                                                                                                                                                                                                                                                        0x00bea4ca
                                                                                                                                                                                                                                                        0x00bea4cf
                                                                                                                                                                                                                                                        0x00bea4dd
                                                                                                                                                                                                                                                        0x00bea4dd
                                                                                                                                                                                                                                                        0x00bea4c1
                                                                                                                                                                                                                                                        0x00bea4c1
                                                                                                                                                                                                                                                        0x00bea4c2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea4c7
                                                                                                                                                                                                                                                        0x00bea4e4
                                                                                                                                                                                                                                                        0x00bea4e4
                                                                                                                                                                                                                                                        0x00bea4e7
                                                                                                                                                                                                                                                        0x00bea4ea
                                                                                                                                                                                                                                                        0x00bea4ed
                                                                                                                                                                                                                                                        0x00bea4f0
                                                                                                                                                                                                                                                        0x00bea4f0
                                                                                                                                                                                                                                                        0x00bea4f5
                                                                                                                                                                                                                                                        0x00bea4f9
                                                                                                                                                                                                                                                        0x00bea526
                                                                                                                                                                                                                                                        0x00bea529
                                                                                                                                                                                                                                                        0x00bea52c
                                                                                                                                                                                                                                                        0x00bea530
                                                                                                                                                                                                                                                        0x00bea534
                                                                                                                                                                                                                                                        0x00bea537
                                                                                                                                                                                                                                                        0x00bea51b
                                                                                                                                                                                                                                                        0x00bea51b
                                                                                                                                                                                                                                                        0x00bea51e
                                                                                                                                                                                                                                                        0x00bea522
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea524
                                                                                                                                                                                                                                                        0x00bea4fe
                                                                                                                                                                                                                                                        0x00bea500
                                                                                                                                                                                                                                                        0x00bea502
                                                                                                                                                                                                                                                        0x00bea502
                                                                                                                                                                                                                                                        0x00bea504
                                                                                                                                                                                                                                                        0x00bea507
                                                                                                                                                                                                                                                        0x00bea50d
                                                                                                                                                                                                                                                        0x00bea512
                                                                                                                                                                                                                                                        0x00bea515
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea515
                                                                                                                                                                                                                                                        0x00bea49e
                                                                                                                                                                                                                                                        0x00bea4a3
                                                                                                                                                                                                                                                        0x00bea4a6
                                                                                                                                                                                                                                                        0x00bea4b3
                                                                                                                                                                                                                                                        0x00bea4b5
                                                                                                                                                                                                                                                        0x00bea4b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000008), ref: 00BEA49E
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BEA4C2
                                                                                                                                                                                                                                                        • memmove.NTDLL(00BEA9B5,?), ref: 00BEA50D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@AddressProcmemmove
                                                                                                                                                                                                                                                        • String ID: NtQueryObject
                                                                                                                                                                                                                                                        • API String ID: 634340399-1504830893
                                                                                                                                                                                                                                                        • Opcode ID: fb65e2cfacba6ec6515705740b7217e99f0119029e9b5ff3562cb3f90a8ae2ff
                                                                                                                                                                                                                                                        • Instruction ID: 99b0279f76d64dab762dbdbed6c140c1271c6977722c743839a4920179657989
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb65e2cfacba6ec6515705740b7217e99f0119029e9b5ff3562cb3f90a8ae2ff
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1331A4B1A00249ABDF109F65CC91AFF7BF9EF54310F1440A9E809AB391D775AD05C7A2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BD2290(HANDLE* __ecx, signed int __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, void* _a28) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				HANDLE* _v32;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				int _t26;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				int _t39;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t37 = __edx;
                                                                                                                                                                                                                                                        				_v32 = __ecx;
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t21 ^ _t45;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				E00BEB3D0("NtCreateFile",  &_v24);
                                                                                                                                                                                                                                                        				_v28 = 0xffffffff;
                                                                                                                                                                                                                                                        				_t43 = _a4;
                                                                                                                                                                                                                                                        				_t26 = _v24( &_v28, __edx, _a4, _a8, 0, _a12, _a16, _a20, _a24, 0, 0);
                                                                                                                                                                                                                                                        				_t50 = _t26;
                                                                                                                                                                                                                                                        				if(_t26 < 0) {
                                                                                                                                                                                                                                                        					_t39 = _t26;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t30 = E00BEA920(__edx, _t50, _v28,  *((intOrPtr*)( *((intOrPtr*)(_t43 + 8)) + 4)));
                                                                                                                                                                                                                                                        					_t40 = _v28;
                                                                                                                                                                                                                                                        					if(_t30 == 0) {
                                                                                                                                                                                                                                                        						_t26 = CloseHandle(_t40);
                                                                                                                                                                                                                                                        						_t39 = 0xc0000022;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t26 = DuplicateHandle(GetCurrentProcess(), _t40, _a28, _v32, 0, 0, 3);
                                                                                                                                                                                                                                                        						_t39 =  !=  ? 0 : 0xc0000022;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t26, _v20 ^ _t45, _t37);
                                                                                                                                                                                                                                                        				return _t39;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bd2290
                                                                                                                                                                                                                                                        0x00bd2299
                                                                                                                                                                                                                                                        0x00bd22a4
                                                                                                                                                                                                                                                        0x00bd22ab
                                                                                                                                                                                                                                                        0x00bd22b1
                                                                                                                                                                                                                                                        0x00bd22be
                                                                                                                                                                                                                                                        0x00bd22c9
                                                                                                                                                                                                                                                        0x00bd22d6
                                                                                                                                                                                                                                                        0x00bd22e7
                                                                                                                                                                                                                                                        0x00bd22ea
                                                                                                                                                                                                                                                        0x00bd22ec
                                                                                                                                                                                                                                                        0x00bd232f
                                                                                                                                                                                                                                                        0x00bd22ee
                                                                                                                                                                                                                                                        0x00bd22f7
                                                                                                                                                                                                                                                        0x00bd22ff
                                                                                                                                                                                                                                                        0x00bd2304
                                                                                                                                                                                                                                                        0x00bd2334
                                                                                                                                                                                                                                                        0x00bd233a
                                                                                                                                                                                                                                                        0x00bd2306
                                                                                                                                                                                                                                                        0x00bd231b
                                                                                                                                                                                                                                                        0x00bd232a
                                                                                                                                                                                                                                                        0x00bd232a
                                                                                                                                                                                                                                                        0x00bd2304
                                                                                                                                                                                                                                                        0x00bd2344
                                                                                                                                                                                                                                                        0x00bd2352

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BD2309
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,FFFFFFFF,?,?,00000000,00000000,00000003), ref: 00BD231B
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(FFFFFFFF), ref: 00BD2334
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: Handle$AddressCloseCurrentDuplicateProcProcess
                                                                                                                                                                                                                                                        • String ID: NtCreateFile
                                                                                                                                                                                                                                                        • API String ID: 1945942884-1055312982
                                                                                                                                                                                                                                                        • Opcode ID: b03dfd75dce5ceae37061353bb95f3b2b04c6287f46944d6192895568f4659ee
                                                                                                                                                                                                                                                        • Instruction ID: 55e5e9be24771ea801f1bcd0285839b15e2e086baa62177e2022429facb8dbe9
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b03dfd75dce5ceae37061353bb95f3b2b04c6287f46944d6192895568f4659ee
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B521A472A0020AAFDF109FA5DC09FAF7BB9EF48720F150455FA14A7391DB34A911CBA4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 41%
                                                                                                                                                                                                                                                        			E00BC38A0(intOrPtr __eax, intOrPtr* __ecx, void* __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				intOrPtr* _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr* _v40;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				signed int _v80;
                                                                                                                                                                                                                                                        				unsigned int _v84;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				intOrPtr* _t67;
                                                                                                                                                                                                                                                        				intOrPtr _t68;
                                                                                                                                                                                                                                                        				signed int _t69;
                                                                                                                                                                                                                                                        				intOrPtr* _t79;
                                                                                                                                                                                                                                                        				void* _t84;
                                                                                                                                                                                                                                                        				intOrPtr _t89;
                                                                                                                                                                                                                                                        				unsigned int _t95;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				intOrPtr* _t100;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				intOrPtr _t106;
                                                                                                                                                                                                                                                        				intOrPtr* _t107;
                                                                                                                                                                                                                                                        				void* _t109;
                                                                                                                                                                                                                                                        				intOrPtr* _t112;
                                                                                                                                                                                                                                                        				unsigned int _t119;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				void* _t123;
                                                                                                                                                                                                                                                        				intOrPtr _t125;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				intOrPtr* _t128;
                                                                                                                                                                                                                                                        				intOrPtr* _t129;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				void* _t133;
                                                                                                                                                                                                                                                        				intOrPtr* _t134;
                                                                                                                                                                                                                                                        				signed int _t136;
                                                                                                                                                                                                                                                        				signed int _t137;
                                                                                                                                                                                                                                                        				intOrPtr* _t140;
                                                                                                                                                                                                                                                        				void* _t141;
                                                                                                                                                                                                                                                        				signed int _t143;
                                                                                                                                                                                                                                                        				void* _t144;
                                                                                                                                                                                                                                                        				void* _t146;
                                                                                                                                                                                                                                                        				signed int _t149;
                                                                                                                                                                                                                                                        				void* _t150;
                                                                                                                                                                                                                                                        				void* _t153;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t131 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x2c);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t90 = __eax;
                                                                                                                                                                                                                                                        				_v24 = _t131;
                                                                                                                                                                                                                                                        				_t64 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t132 =  ==  ? __eax : _t131;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t131;
                                                                                                                                                                                                                                                        				_t6 = _t90 + 0xc; // 0xc
                                                                                                                                                                                                                                                        				_t133 = _t6;
                                                                                                                                                                                                                                                        				_t67 =  *((intOrPtr*)( *_a4));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 8)) = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0xc)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x14)) = 0;
                                                                                                                                                                                                                                                        				_push(0x24);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t149 = _t146 - 8 + 8;
                                                                                                                                                                                                                                                        				 *_t67 = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x10)) = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x18)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x20)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t67 + 4)) = _t67;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0xc)) = 0x3f800000;
                                                                                                                                                                                                                                                        				L3();
                                                                                                                                                                                                                                                        				_t100 = _v20;
                                                                                                                                                                                                                                                        				_t68 =  *((intOrPtr*)(_t100 + 4));
                                                                                                                                                                                                                                                        				if(_t68 == 0x5d1745c) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t143 = _t149;
                                                                                                                                                                                                                                                        					_push(__eax);
                                                                                                                                                                                                                                                        					_push(_t133);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_t150 = _t149 - 8;
                                                                                                                                                                                                                                                        					_t69 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        					_t134 = _t100;
                                                                                                                                                                                                                                                        					_v48 = _t69 ^ _t143;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t100 + 0x14)) -  *((intOrPtr*)(_t100 + 0xc)) >> 2 >= 0x10) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						_v28 =  *((intOrPtr*)(_t134 + 4));
                                                                                                                                                                                                                                                        						_push( &_v28);
                                                                                                                                                                                                                                                        						L8();
                                                                                                                                                                                                                                                        						_t31 = 8 - 1; // 0x7
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t134 + 0x18)) = _t31;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t134 + 0x1c)) = 8;
                                                                                                                                                                                                                                                        						return E00BEECB0(_t31, _v24 ^ _t143, 0x10);
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(0x10 >= 0x40000000) {
                                                                                                                                                                                                                                                        							E00BC14B0(0x10, _t100);
                                                                                                                                                                                                                                                        							_push(_t143);
                                                                                                                                                                                                                                                        							_t144 = _t150;
                                                                                                                                                                                                                                                        							_push(0x10);
                                                                                                                                                                                                                                                        							_push(_t134);
                                                                                                                                                                                                                                                        							_push(8);
                                                                                                                                                                                                                                                        							_t153 = _t150 - 8;
                                                                                                                                                                                                                                                        							_t92 = _t100;
                                                                                                                                                                                                                                                        							_t79 =  *_t100;
                                                                                                                                                                                                                                                        							_t140 = _v40;
                                                                                                                                                                                                                                                        							_t135 = 8;
                                                                                                                                                                                                                                                        							_t105 =  *((intOrPtr*)(_t100 + 8)) - _t79;
                                                                                                                                                                                                                                                        							_t119 = _t105 >> 2;
                                                                                                                                                                                                                                                        							if(_t119 >= 8) {
                                                                                                                                                                                                                                                        								_t106 =  *((intOrPtr*)(_t92 + 4));
                                                                                                                                                                                                                                                        								_t122 = _t106 - _t79 >> 2;
                                                                                                                                                                                                                                                        								_v28 = _t122;
                                                                                                                                                                                                                                                        								_t123 = _t122 - 8;
                                                                                                                                                                                                                                                        								if(_t123 >= 0) {
                                                                                                                                                                                                                                                        									_t107 = _t79 + 0x20;
                                                                                                                                                                                                                                                        									if(8 != 0) {
                                                                                                                                                                                                                                                        										_t136 = 8 << 2;
                                                                                                                                                                                                                                                        										asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											 *_t79 =  *_t140;
                                                                                                                                                                                                                                                        											_t79 = _t79 + 4;
                                                                                                                                                                                                                                                        											_t136 = _t136 + 0xfffffffc;
                                                                                                                                                                                                                                                        										} while (_t136 != 0);
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t79 == _t106) {
                                                                                                                                                                                                                                                        										_t107 = _t79;
                                                                                                                                                                                                                                                        										if(8 != _v28) {
                                                                                                                                                                                                                                                        											asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        											goto L30;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v32 = _t92;
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											 *_t79 =  *_t140;
                                                                                                                                                                                                                                                        											_t79 = _t79 + 4;
                                                                                                                                                                                                                                                        										} while (_t106 != _t79);
                                                                                                                                                                                                                                                        										_t92 = _v32;
                                                                                                                                                                                                                                                        										_t107 =  *((intOrPtr*)(_t92 + 4));
                                                                                                                                                                                                                                                        										if(8 != _v28) {
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												L30:
                                                                                                                                                                                                                                                        												_t79 =  *_t140;
                                                                                                                                                                                                                                                        												 *_t107 = _t79;
                                                                                                                                                                                                                                                        												_t107 = _t107 + 4;
                                                                                                                                                                                                                                                        												_t123 = _t123 + 1;
                                                                                                                                                                                                                                                        											} while (_t123 != 0);
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v32 = _t92;
                                                                                                                                                                                                                                                        								if(8 >= 0x40000000) {
                                                                                                                                                                                                                                                        									E00BC14B0(_t92, _t105);
                                                                                                                                                                                                                                                        									goto L34;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_v28 = 0x3fffffff;
                                                                                                                                                                                                                                                        									_t95 = _t119 >> 1;
                                                                                                                                                                                                                                                        									_v28 = _v28 - _t95;
                                                                                                                                                                                                                                                        									_t96 = _t95 + _t119;
                                                                                                                                                                                                                                                        									_t97 =  <  ? 8 : _t96;
                                                                                                                                                                                                                                                        									_t92 =  >  ? 8 :  <  ? 8 : _t96;
                                                                                                                                                                                                                                                        									if(_t79 == 0) {
                                                                                                                                                                                                                                                        										L15:
                                                                                                                                                                                                                                                        										_t128 = _t92;
                                                                                                                                                                                                                                                        										_t92 = _v32;
                                                                                                                                                                                                                                                        										E00BC3C20(_t92, _v32, _t128);
                                                                                                                                                                                                                                                        										_t112 =  *_t92;
                                                                                                                                                                                                                                                        										asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        										do {
                                                                                                                                                                                                                                                        											_t79 =  *_t140;
                                                                                                                                                                                                                                                        											 *_t112 = _t79;
                                                                                                                                                                                                                                                        											_t112 = _t112 + 4;
                                                                                                                                                                                                                                                        											_t135 = _t135 - 1;
                                                                                                                                                                                                                                                        										} while (_t135 != 0);
                                                                                                                                                                                                                                                        										L17:
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t92 + 4)) = _t107;
                                                                                                                                                                                                                                                        										return _t79;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										if(_t105 < 0x1000) {
                                                                                                                                                                                                                                                        											_t129 = _t79;
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t119 =  *(_t79 - 4);
                                                                                                                                                                                                                                                        											if(_t79 + 0xfffffffc - _t119 >= 0x20) {
                                                                                                                                                                                                                                                        												L34:
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t144);
                                                                                                                                                                                                                                                        												_push(_t92);
                                                                                                                                                                                                                                                        												_push(_t135);
                                                                                                                                                                                                                                                        												_push(_t140);
                                                                                                                                                                                                                                                        												_t137 = _t105;
                                                                                                                                                                                                                                                        												_v84 = _t119;
                                                                                                                                                                                                                                                        												_v80 =  *((intOrPtr*)(_t105 + 4)) -  *_t105 >> 2;
                                                                                                                                                                                                                                                        												_t84 = E00BC3B70(_t119);
                                                                                                                                                                                                                                                        												_t109 =  *_t137;
                                                                                                                                                                                                                                                        												_t125 =  *((intOrPtr*)(_t137 + 4));
                                                                                                                                                                                                                                                        												if(_t109 != _t125) {
                                                                                                                                                                                                                                                        													_t127 = _t125 - _t109;
                                                                                                                                                                                                                                                        													_t141 = 0;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														_t92 =  *((intOrPtr*)(_t109 + _t141));
                                                                                                                                                                                                                                                        														 *((intOrPtr*)(_t84 + _t141)) =  *((intOrPtr*)(_t109 + _t141));
                                                                                                                                                                                                                                                        														_t141 = _t141 + 4;
                                                                                                                                                                                                                                                        													} while (_t127 != _t141);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												return E00BC3BC0(_t92, _t137, _t84, _v32, _v36);
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t105 = _t105 + 0x23;
                                                                                                                                                                                                                                                        												L14:
                                                                                                                                                                                                                                                        												_push(_t105);
                                                                                                                                                                                                                                                        												_push(_t129);
                                                                                                                                                                                                                                                        												L00BEF6C6();
                                                                                                                                                                                                                                                        												_t153 = _t153 + 8;
                                                                                                                                                                                                                                                        												goto L15;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L35();
                                                                                                                                                                                                                                                        							goto L6;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t89 = _t68 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t100 + 4)) = _t89;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_v24 = __eax;
                                                                                                                                                                                                                                                        					return _t89;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















































                                                                                                                                                                                                                                                        0x00bc38a9
                                                                                                                                                                                                                                                        0x00bc38ae
                                                                                                                                                                                                                                                        0x00bc38b1
                                                                                                                                                                                                                                                        0x00bc38b3
                                                                                                                                                                                                                                                        0x00bc38bb
                                                                                                                                                                                                                                                        0x00bc38c1
                                                                                                                                                                                                                                                        0x00bc38c4
                                                                                                                                                                                                                                                        0x00bc38c7
                                                                                                                                                                                                                                                        0x00bc38ca
                                                                                                                                                                                                                                                        0x00bc38cf
                                                                                                                                                                                                                                                        0x00bc38d2
                                                                                                                                                                                                                                                        0x00bc38d2
                                                                                                                                                                                                                                                        0x00bc38d7
                                                                                                                                                                                                                                                        0x00bc38d9
                                                                                                                                                                                                                                                        0x00bc38dc
                                                                                                                                                                                                                                                        0x00bc38e3
                                                                                                                                                                                                                                                        0x00bc38ea
                                                                                                                                                                                                                                                        0x00bc38f1
                                                                                                                                                                                                                                                        0x00bc38f3
                                                                                                                                                                                                                                                        0x00bc38f8
                                                                                                                                                                                                                                                        0x00bc3902
                                                                                                                                                                                                                                                        0x00bc3904
                                                                                                                                                                                                                                                        0x00bc3907
                                                                                                                                                                                                                                                        0x00bc390e
                                                                                                                                                                                                                                                        0x00bc3915
                                                                                                                                                                                                                                                        0x00bc391c
                                                                                                                                                                                                                                                        0x00bc391f
                                                                                                                                                                                                                                                        0x00bc3926
                                                                                                                                                                                                                                                        0x00bc392b
                                                                                                                                                                                                                                                        0x00bc392e
                                                                                                                                                                                                                                                        0x00bc3936
                                                                                                                                                                                                                                                        0x00bc394c
                                                                                                                                                                                                                                                        0x00bc3951
                                                                                                                                                                                                                                                        0x00bc3956
                                                                                                                                                                                                                                                        0x00bc3957
                                                                                                                                                                                                                                                        0x00bc3958
                                                                                                                                                                                                                                                        0x00bc3959
                                                                                                                                                                                                                                                        0x00bc395a
                                                                                                                                                                                                                                                        0x00bc395b
                                                                                                                                                                                                                                                        0x00bc395c
                                                                                                                                                                                                                                                        0x00bc395d
                                                                                                                                                                                                                                                        0x00bc395e
                                                                                                                                                                                                                                                        0x00bc395f
                                                                                                                                                                                                                                                        0x00bc3961
                                                                                                                                                                                                                                                        0x00bc3963
                                                                                                                                                                                                                                                        0x00bc3964
                                                                                                                                                                                                                                                        0x00bc3965
                                                                                                                                                                                                                                                        0x00bc3966
                                                                                                                                                                                                                                                        0x00bc3969
                                                                                                                                                                                                                                                        0x00bc3973
                                                                                                                                                                                                                                                        0x00bc3977
                                                                                                                                                                                                                                                        0x00bc3985
                                                                                                                                                                                                                                                        0x00bc3999
                                                                                                                                                                                                                                                        0x00bc39a1
                                                                                                                                                                                                                                                        0x00bc39a7
                                                                                                                                                                                                                                                        0x00bc39a8
                                                                                                                                                                                                                                                        0x00bc39b0
                                                                                                                                                                                                                                                        0x00bc39b3
                                                                                                                                                                                                                                                        0x00bc39b6
                                                                                                                                                                                                                                                        0x00bc39ca
                                                                                                                                                                                                                                                        0x00bc3987
                                                                                                                                                                                                                                                        0x00bc398d
                                                                                                                                                                                                                                                        0x00bc39cb
                                                                                                                                                                                                                                                        0x00bc39d0
                                                                                                                                                                                                                                                        0x00bc39d1
                                                                                                                                                                                                                                                        0x00bc39d3
                                                                                                                                                                                                                                                        0x00bc39d4
                                                                                                                                                                                                                                                        0x00bc39d5
                                                                                                                                                                                                                                                        0x00bc39d6
                                                                                                                                                                                                                                                        0x00bc39d9
                                                                                                                                                                                                                                                        0x00bc39db
                                                                                                                                                                                                                                                        0x00bc39e0
                                                                                                                                                                                                                                                        0x00bc39e3
                                                                                                                                                                                                                                                        0x00bc39e5
                                                                                                                                                                                                                                                        0x00bc39e9
                                                                                                                                                                                                                                                        0x00bc39ee
                                                                                                                                                                                                                                                        0x00bc3a75
                                                                                                                                                                                                                                                        0x00bc3a7c
                                                                                                                                                                                                                                                        0x00bc3a7f
                                                                                                                                                                                                                                                        0x00bc3a82
                                                                                                                                                                                                                                                        0x00bc3a84
                                                                                                                                                                                                                                                        0x00bc3aa8
                                                                                                                                                                                                                                                        0x00bc3aad
                                                                                                                                                                                                                                                        0x00bc3aaf
                                                                                                                                                                                                                                                        0x00bc3ab2
                                                                                                                                                                                                                                                        0x00bc3ac0
                                                                                                                                                                                                                                                        0x00bc3ac2
                                                                                                                                                                                                                                                        0x00bc3ac4
                                                                                                                                                                                                                                                        0x00bc3ac7
                                                                                                                                                                                                                                                        0x00bc3ac7
                                                                                                                                                                                                                                                        0x00bc3acc
                                                                                                                                                                                                                                                        0x00bc3a86
                                                                                                                                                                                                                                                        0x00bc3a88
                                                                                                                                                                                                                                                        0x00bc3ace
                                                                                                                                                                                                                                                        0x00bc3ad3
                                                                                                                                                                                                                                                        0x00bc3ad5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3ad5
                                                                                                                                                                                                                                                        0x00bc3a8a
                                                                                                                                                                                                                                                        0x00bc3a8a
                                                                                                                                                                                                                                                        0x00bc3a90
                                                                                                                                                                                                                                                        0x00bc3a92
                                                                                                                                                                                                                                                        0x00bc3a94
                                                                                                                                                                                                                                                        0x00bc3a97
                                                                                                                                                                                                                                                        0x00bc3a9b
                                                                                                                                                                                                                                                        0x00bc3a9e
                                                                                                                                                                                                                                                        0x00bc3aa4
                                                                                                                                                                                                                                                        0x00bc3ae0
                                                                                                                                                                                                                                                        0x00bc3ae0
                                                                                                                                                                                                                                                        0x00bc3ae0
                                                                                                                                                                                                                                                        0x00bc3ae2
                                                                                                                                                                                                                                                        0x00bc3ae4
                                                                                                                                                                                                                                                        0x00bc3ae7
                                                                                                                                                                                                                                                        0x00bc3ae7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3aa6
                                                                                                                                                                                                                                                        0x00bc3aa4
                                                                                                                                                                                                                                                        0x00bc3a88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc39f4
                                                                                                                                                                                                                                                        0x00bc39fa
                                                                                                                                                                                                                                                        0x00bc39fd
                                                                                                                                                                                                                                                        0x00bc3af6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3a03
                                                                                                                                                                                                                                                        0x00bc3a05
                                                                                                                                                                                                                                                        0x00bc3a0c
                                                                                                                                                                                                                                                        0x00bc3a0e
                                                                                                                                                                                                                                                        0x00bc3a11
                                                                                                                                                                                                                                                        0x00bc3a15
                                                                                                                                                                                                                                                        0x00bc3a1b
                                                                                                                                                                                                                                                        0x00bc3a20
                                                                                                                                                                                                                                                        0x00bc3a4c
                                                                                                                                                                                                                                                        0x00bc3a4f
                                                                                                                                                                                                                                                        0x00bc3a51
                                                                                                                                                                                                                                                        0x00bc3a53
                                                                                                                                                                                                                                                        0x00bc3a58
                                                                                                                                                                                                                                                        0x00bc3a5a
                                                                                                                                                                                                                                                        0x00bc3a60
                                                                                                                                                                                                                                                        0x00bc3a60
                                                                                                                                                                                                                                                        0x00bc3a62
                                                                                                                                                                                                                                                        0x00bc3a64
                                                                                                                                                                                                                                                        0x00bc3a67
                                                                                                                                                                                                                                                        0x00bc3a67
                                                                                                                                                                                                                                                        0x00bc3a6a
                                                                                                                                                                                                                                                        0x00bc3a6a
                                                                                                                                                                                                                                                        0x00bc3a74
                                                                                                                                                                                                                                                        0x00bc3a22
                                                                                                                                                                                                                                                        0x00bc3a28
                                                                                                                                                                                                                                                        0x00bc3aef
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3a2e
                                                                                                                                                                                                                                                        0x00bc3a2e
                                                                                                                                                                                                                                                        0x00bc3a39
                                                                                                                                                                                                                                                        0x00bc3afb
                                                                                                                                                                                                                                                        0x00bc3afb
                                                                                                                                                                                                                                                        0x00bc3b01
                                                                                                                                                                                                                                                        0x00bc3b02
                                                                                                                                                                                                                                                        0x00bc3b03
                                                                                                                                                                                                                                                        0x00bc3b04
                                                                                                                                                                                                                                                        0x00bc3b05
                                                                                                                                                                                                                                                        0x00bc3b06
                                                                                                                                                                                                                                                        0x00bc3b07
                                                                                                                                                                                                                                                        0x00bc3b08
                                                                                                                                                                                                                                                        0x00bc3b09
                                                                                                                                                                                                                                                        0x00bc3b0a
                                                                                                                                                                                                                                                        0x00bc3b0b
                                                                                                                                                                                                                                                        0x00bc3b0c
                                                                                                                                                                                                                                                        0x00bc3b0d
                                                                                                                                                                                                                                                        0x00bc3b0e
                                                                                                                                                                                                                                                        0x00bc3b0f
                                                                                                                                                                                                                                                        0x00bc3b10
                                                                                                                                                                                                                                                        0x00bc3b13
                                                                                                                                                                                                                                                        0x00bc3b14
                                                                                                                                                                                                                                                        0x00bc3b15
                                                                                                                                                                                                                                                        0x00bc3b1c
                                                                                                                                                                                                                                                        0x00bc3b1e
                                                                                                                                                                                                                                                        0x00bc3b28
                                                                                                                                                                                                                                                        0x00bc3b2b
                                                                                                                                                                                                                                                        0x00bc3b30
                                                                                                                                                                                                                                                        0x00bc3b32
                                                                                                                                                                                                                                                        0x00bc3b37
                                                                                                                                                                                                                                                        0x00bc3b39
                                                                                                                                                                                                                                                        0x00bc3b3b
                                                                                                                                                                                                                                                        0x00bc3b40
                                                                                                                                                                                                                                                        0x00bc3b40
                                                                                                                                                                                                                                                        0x00bc3b43
                                                                                                                                                                                                                                                        0x00bc3b46
                                                                                                                                                                                                                                                        0x00bc3b49
                                                                                                                                                                                                                                                        0x00bc3b40
                                                                                                                                                                                                                                                        0x00bc3b63
                                                                                                                                                                                                                                                        0x00bc3a3f
                                                                                                                                                                                                                                                        0x00bc3a3f
                                                                                                                                                                                                                                                        0x00bc3a42
                                                                                                                                                                                                                                                        0x00bc3a42
                                                                                                                                                                                                                                                        0x00bc3a43
                                                                                                                                                                                                                                                        0x00bc3a44
                                                                                                                                                                                                                                                        0x00bc3a49
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3a49
                                                                                                                                                                                                                                                        0x00bc3a39
                                                                                                                                                                                                                                                        0x00bc3a28
                                                                                                                                                                                                                                                        0x00bc3a20
                                                                                                                                                                                                                                                        0x00bc39fd
                                                                                                                                                                                                                                                        0x00bc398f
                                                                                                                                                                                                                                                        0x00bc3994
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3994
                                                                                                                                                                                                                                                        0x00bc398d
                                                                                                                                                                                                                                                        0x00bc3938
                                                                                                                                                                                                                                                        0x00bc3938
                                                                                                                                                                                                                                                        0x00bc3939
                                                                                                                                                                                                                                                        0x00bc393f
                                                                                                                                                                                                                                                        0x00bc3942
                                                                                                                                                                                                                                                        0x00bc394b
                                                                                                                                                                                                                                                        0x00bc394b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000002C,00BC3721,?,?,?,00BC3524,?), ref: 00BC38B3
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000024,?,00BC3721,?,?,?,00BC3524,?), ref: 00BC38F3
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?,?,00BC3721,?,?,?,00BC3524,?), ref: 00BC3951
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@$Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 4208904865-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 641f7ef110d75e050ad87f7b8ab4c2955cb1c2cf8013fcfdeb6c8993caa826c2
                                                                                                                                                                                                                                                        • Instruction ID: fe89da1b736ec2ac35909cf7fbd83d2cd05540a8aaec20fbb690922b7ffb9786
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 641f7ef110d75e050ad87f7b8ab4c2955cb1c2cf8013fcfdeb6c8993caa826c2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 782123B1A002059FDB44DF59C88975ABBF1FF48310F5481A9EC099F356D3B2E909CBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BCC020(void* __edx, void* _a4, intOrPtr _a8) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				long _v92;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				void* _t23;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				void* _t25;
                                                                                                                                                                                                                                                        				void* _t26;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t21 = __edx;
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t16 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t8 ^ _t24;
                                                                                                                                                                                                                                                        				_v92 = 0x4c;
                                                                                                                                                                                                                                                        				_t10 = malloc(0x4c);
                                                                                                                                                                                                                                                        				_t26 = _t25 + 4;
                                                                                                                                                                                                                                                        				_t23 = _t10;
                                                                                                                                                                                                                                                        				if(GetTokenInformation(_a4, 1, _t23, 0x4c,  &_v92) != 0) {
                                                                                                                                                                                                                                                        					E00BE7140( &_v88,  *_t23);
                                                                                                                                                                                                                                                        					_t12 = E00BCBE80(_t21, _t16,  &_v88, 1, _a8);
                                                                                                                                                                                                                                                        					_t26 = _t26 + 0x10;
                                                                                                                                                                                                                                                        					_t17 = _t12;
                                                                                                                                                                                                                                                        					goto L2;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t17 = 0;
                                                                                                                                                                                                                                                        					if(_t23 != 0) {
                                                                                                                                                                                                                                                        						L2:
                                                                                                                                                                                                                                                        						free(_t23);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t12, _v20 ^ _t24, _t21);
                                                                                                                                                                                                                                                        				return _t17;
                                                                                                                                                                                                                                                        			}














                                                                                                                                                                                                                                                        0x00bcc020
                                                                                                                                                                                                                                                        0x00bcc029
                                                                                                                                                                                                                                                        0x00bcc02e
                                                                                                                                                                                                                                                        0x00bcc033
                                                                                                                                                                                                                                                        0x00bcc036
                                                                                                                                                                                                                                                        0x00bcc03f
                                                                                                                                                                                                                                                        0x00bcc045
                                                                                                                                                                                                                                                        0x00bcc048
                                                                                                                                                                                                                                                        0x00bcc05c
                                                                                                                                                                                                                                                        0x00bcc089
                                                                                                                                                                                                                                                        0x00bcc095
                                                                                                                                                                                                                                                        0x00bcc09a
                                                                                                                                                                                                                                                        0x00bcc09d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcc05e
                                                                                                                                                                                                                                                        0x00bcc05e
                                                                                                                                                                                                                                                        0x00bcc062
                                                                                                                                                                                                                                                        0x00bcc064
                                                                                                                                                                                                                                                        0x00bcc065
                                                                                                                                                                                                                                                        0x00bcc06b
                                                                                                                                                                                                                                                        0x00bcc062
                                                                                                                                                                                                                                                        0x00bcc073
                                                                                                                                                                                                                                                        0x00bcc081

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • malloc.MOZGLUE(0000004C), ref: 00BCC03F
                                                                                                                                                                                                                                                        • GetTokenInformation.ADVAPI32(?,00000001(TokenIntegrityLevel),00000000,0000004C,?), ref: 00BCC054
                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,00000000), ref: 00BCC065
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: InformationTokenfreemalloc
                                                                                                                                                                                                                                                        • String ID: L
                                                                                                                                                                                                                                                        • API String ID: 987351147-2909332022
                                                                                                                                                                                                                                                        • Opcode ID: fc2ae06d559d4b216827ce21b7ab3b39010c0c3ff15cd3354d11c22bb5a2dd41
                                                                                                                                                                                                                                                        • Instruction ID: cefaea47e0cca75ebe27befdaed12b37983ebc8a6c3410cad55dbaeac4315ca0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fc2ae06d559d4b216827ce21b7ab3b39010c0c3ff15cd3354d11c22bb5a2dd41
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8901D8B1600304ABDB109FA5DC86FEF7FA9EF44744F000428FE09AB242DA765904C6A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE060(intOrPtr* __ecx, intOrPtr* __edx) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				signed int _t13;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t14;
                                                                                                                                                                                                                                                        				struct _EXCEPTION_RECORD _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t21;
                                                                                                                                                                                                                                                        				signed int _t23;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t19 = __edx;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t10 = _t9 ^ _t23;
                                                                                                                                                                                                                                                        				_v20 = _t9 ^ _t23;
                                                                                                                                                                                                                                                        				if( *((char*)(__ecx + 0x10)) == 0) {
                                                                                                                                                                                                                                                        					_t21 = __edx;
                                                                                                                                                                                                                                                        					if( *((char*)(__edx + 0x10)) != 0 ||  *__ecx != 0 ||  *__edx != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t20 =  &_v28;
                                                                                                                                                                                                                                                        						RtlInitUnicodeString(_t20, __ecx + 0x14);
                                                                                                                                                                                                                                                        						_t14 =  &_v36;
                                                                                                                                                                                                                                                        						RtlInitUnicodeString(_t14, _t21 + 0x14);
                                                                                                                                                                                                                                                        						_t13 = _t14 & 0xffffff00 | RtlEqualUnicodeString(_t20, _t14, 1) != 0x00000000;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					_t13 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t10, _v20 ^ _t23, _t19);
                                                                                                                                                                                                                                                        				return _t13;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bbe060
                                                                                                                                                                                                                                                        0x00bbe069
                                                                                                                                                                                                                                                        0x00bbe06e
                                                                                                                                                                                                                                                        0x00bbe070
                                                                                                                                                                                                                                                        0x00bbe077
                                                                                                                                                                                                                                                        0x00bbe093
                                                                                                                                                                                                                                                        0x00bbe095
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bbe0a1
                                                                                                                                                                                                                                                        0x00bbe0a4
                                                                                                                                                                                                                                                        0x00bbe0a9
                                                                                                                                                                                                                                                        0x00bbe0b1
                                                                                                                                                                                                                                                        0x00bbe0b6
                                                                                                                                                                                                                                                        0x00bbe0c6
                                                                                                                                                                                                                                                        0x00bbe0c6
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe079
                                                                                                                                                                                                                                                        0x00bbe080
                                                                                                                                                                                                                                                        0x00bbe08e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,?), ref: 00BBE0A9
                                                                                                                                                                                                                                                        • RtlInitUnicodeString.NTDLL(?,?), ref: 00BBE0B6
                                                                                                                                                                                                                                                        • RtlEqualUnicodeString.NTDLL ref: 00BBE0BF
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h, xrefs: 00BBE063
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: StringUnicode$Init$Equal
                                                                                                                                                                                                                                                        • String ID: /builds/worker/workspace/obj-build/dist/include/mozilla/NativeNt.h
                                                                                                                                                                                                                                                        • API String ID: 1551056730-3364526140
                                                                                                                                                                                                                                                        • Opcode ID: 2e6155fd7b78d422a000c126f7c96cd775041949389652b1b2ad5f73ea6adb68
                                                                                                                                                                                                                                                        • Instruction ID: 3bb2c1b0a3ad24020bfa37d6bd21256b2d6acacf2de45f3bd0af732bbe8b0383
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2e6155fd7b78d422a000c126f7c96cd775041949389652b1b2ad5f73ea6adb68
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21F044719002196BDB107B698C86BFB77E8EB01318FC109FCE4252B142D7F4CC89C2A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BE5CE0(intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr* _a16, intOrPtr _a20, intOrPtr _a24) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t13;
                                                                                                                                                                                                                                                        				intOrPtr _t15;
                                                                                                                                                                                                                                                        				intOrPtr* _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t18;
                                                                                                                                                                                                                                                        				intOrPtr _t20;
                                                                                                                                                                                                                                                        				intOrPtr* _t21;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t13 =  *0xbfb6ac; // 0x0
                                                                                                                                                                                                                                                        				_t21 = _a4;
                                                                                                                                                                                                                                                        				if(_t13 == 0) {
                                                                                                                                                                                                                                                        					_t13 = GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "RtlInitUnicodeString");
                                                                                                                                                                                                                                                        					 *0xbfb6ac = _t13;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t18 = _a20;
                                                                                                                                                                                                                                                        				_t17 = _a16;
                                                                                                                                                                                                                                                        				_t20 = _a12;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t21 + 0x14)) > 7) {
                                                                                                                                                                                                                                                        					_t21 =  *_t21;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *_t13(_t18, _t21);
                                                                                                                                                                                                                                                        				_t15 = _a8;
                                                                                                                                                                                                                                                        				 *_t17 = 0x18;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 4)) = _t20;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 0xc)) = _t15;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 8)) = _t18;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t17 + 0x14)) = _a24;
                                                                                                                                                                                                                                                        				return _t15;
                                                                                                                                                                                                                                                        			}









                                                                                                                                                                                                                                                        0x00be5ce6
                                                                                                                                                                                                                                                        0x00be5ceb
                                                                                                                                                                                                                                                        0x00be5cf0
                                                                                                                                                                                                                                                        0x00be5d03
                                                                                                                                                                                                                                                        0x00be5d09
                                                                                                                                                                                                                                                        0x00be5d09
                                                                                                                                                                                                                                                        0x00be5d0e
                                                                                                                                                                                                                                                        0x00be5d11
                                                                                                                                                                                                                                                        0x00be5d14
                                                                                                                                                                                                                                                        0x00be5d1b
                                                                                                                                                                                                                                                        0x00be5d1d
                                                                                                                                                                                                                                                        0x00be5d1d
                                                                                                                                                                                                                                                        0x00be5d23
                                                                                                                                                                                                                                                        0x00be5d25
                                                                                                                                                                                                                                                        0x00be5d2b
                                                                                                                                                                                                                                                        0x00be5d31
                                                                                                                                                                                                                                                        0x00be5d34
                                                                                                                                                                                                                                                        0x00be5d37
                                                                                                                                                                                                                                                        0x00be5d3a
                                                                                                                                                                                                                                                        0x00be5d41
                                                                                                                                                                                                                                                        0x00be5d48

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,?,00000000,?,?,00BE33B2,?,00000000,00000000,?,?,00000000), ref: 00BE5CF7
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,RtlInitUnicodeString), ref: 00BE5D03
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: RtlInitUnicodeString$ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-760228555
                                                                                                                                                                                                                                                        • Opcode ID: 2f884789e59ddd3173961b52ed4eafd03b535fcda6e0a0237249673ebdf79828
                                                                                                                                                                                                                                                        • Instruction ID: 1a75d3dee28b576c02f7330a3ac924652265fe783aa12dea5eb58dcf23803109
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2f884789e59ddd3173961b52ed4eafd03b535fcda6e0a0237249673ebdf79828
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EA01E8B1504218AFCB14CF59DC84956BBE8EF48354B04849AED059B341CB71E800CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD860(intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t8;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfb600; // 0x0
                                                                                                                                                                                                                                                        				if(_t8 == 0) {
                                                                                                                                                                                                                                                        					_t5 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetCertificateByHandle");
                                                                                                                                                                                                                                                        					_t8 = _t5;
                                                                                                                                                                                                                                                        					 *0xbfb600 = _t5;
                                                                                                                                                                                                                                                        					if(_t5 != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						return 0xc0000002;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					return  *_t8(_a8, 0, _a12, _a16);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd863
                                                                                                                                                                                                                                                        0x00bdd86b
                                                                                                                                                                                                                                                        0x00bdd88d
                                                                                                                                                                                                                                                        0x00bdd893
                                                                                                                                                                                                                                                        0x00bdd897
                                                                                                                                                                                                                                                        0x00bdd89c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd89e
                                                                                                                                                                                                                                                        0x00bdd8a4
                                                                                                                                                                                                                                                        0x00bdd8a4
                                                                                                                                                                                                                                                        0x00bdd86d
                                                                                                                                                                                                                                                        0x00bdd86d
                                                                                                                                                                                                                                                        0x00bdd87b
                                                                                                                                                                                                                                                        0x00bdd87b

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,00BDAAC7,?,?,?,?), ref: 00BDD881
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetCertificateByHandle), ref: 00BDD88D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetCertificateByHandle$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-467210491
                                                                                                                                                                                                                                                        • Opcode ID: f3800c7c4f740a64979d1e7eb4ec7f825ad70151707d0117b10de99cabd48021
                                                                                                                                                                                                                                                        • Instruction ID: 6a24e7cedb50a87abf5fa20351f66133014e7fe4f2ff343e115ac7e4402454d0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f3800c7c4f740a64979d1e7eb4ec7f825ad70151707d0117b10de99cabd48021
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B3E09A7128430DBBDF159FA9AC15E7A7B99AB48725F008099BA09D7261EF729810D710
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD8B0(intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t6;
                                                                                                                                                                                                                                                        				intOrPtr _t7;
                                                                                                                                                                                                                                                        				intOrPtr _t8;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t6 =  *0xbfb604; // 0x0
                                                                                                                                                                                                                                                        				_t7 = _a12;
                                                                                                                                                                                                                                                        				_t8 = _a8;
                                                                                                                                                                                                                                                        				if(_t6 == 0) {
                                                                                                                                                                                                                                                        					_t5 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetOPMRandomNumber");
                                                                                                                                                                                                                                                        					_t6 = _t5;
                                                                                                                                                                                                                                                        					 *0xbfb604 = _t5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t6(_t8, _t7);
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00bdd8b5
                                                                                                                                                                                                                                                        0x00bdd8bb
                                                                                                                                                                                                                                                        0x00bdd8be
                                                                                                                                                                                                                                                        0x00bdd8c3
                                                                                                                                                                                                                                                        0x00bdd8d6
                                                                                                                                                                                                                                                        0x00bdd8dc
                                                                                                                                                                                                                                                        0x00bdd8de
                                                                                                                                                                                                                                                        0x00bdd8de
                                                                                                                                                                                                                                                        0x00bdd8ea

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,00BDABE3,?,?,?), ref: 00BDD8CA
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetOPMRandomNumber), ref: 00BDD8D6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetOPMRandomNumber$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1331891004
                                                                                                                                                                                                                                                        • Opcode ID: 9bc0691f5599df7bfeefe4924af6ab22ba65f680b393ccb2c9a5762730eb4705
                                                                                                                                                                                                                                                        • Instruction ID: 12c6c43c50e4810089248dadfc3e5807e744b7c95a681c6b52844c8720724139
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9bc0691f5599df7bfeefe4924af6ab22ba65f680b393ccb2c9a5762730eb4705
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 68E0BF352453547B9E149F66ED09C7B77A8EA9576130040A9FA05D3350DF716801C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD8F0(intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t6;
                                                                                                                                                                                                                                                        				intOrPtr _t7;
                                                                                                                                                                                                                                                        				intOrPtr _t8;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t6 =  *0xbfb608; // 0x0
                                                                                                                                                                                                                                                        				_t7 = _a12;
                                                                                                                                                                                                                                                        				_t8 = _a8;
                                                                                                                                                                                                                                                        				if(_t6 == 0) {
                                                                                                                                                                                                                                                        					_t5 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "SetOPMSigningKeyAndSequenceNumbers");
                                                                                                                                                                                                                                                        					_t6 = _t5;
                                                                                                                                                                                                                                                        					 *0xbfb608 = _t5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t6(_t8, _t7);
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00bdd8f5
                                                                                                                                                                                                                                                        0x00bdd8fb
                                                                                                                                                                                                                                                        0x00bdd8fe
                                                                                                                                                                                                                                                        0x00bdd903
                                                                                                                                                                                                                                                        0x00bdd916
                                                                                                                                                                                                                                                        0x00bdd91c
                                                                                                                                                                                                                                                        0x00bdd91e
                                                                                                                                                                                                                                                        0x00bdd91e
                                                                                                                                                                                                                                                        0x00bdd92a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,?,00BDAC86,?,?,?), ref: 00BDD90A
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetOPMSigningKeyAndSequenceNumbers), ref: 00BDD916
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: SetOPMSigningKeyAndSequenceNumbers$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1511089670
                                                                                                                                                                                                                                                        • Opcode ID: 1ec1add535d90977c9a31fda6fc66e4d9775aaf9aad21131449f148f6ccf5978
                                                                                                                                                                                                                                                        • Instruction ID: 548cfac340aafa60f5a1c4e7df9e25b5f640c3baf22a5b2b5585eb364523a2ba
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1ec1add535d90977c9a31fda6fc66e4d9775aaf9aad21131449f148f6ccf5978
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45E04F322453047F8F049F66EC08C7B77A8EA856213004099FD05D3310DF346801C760
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDD810(intOrPtr _a8, intOrPtr _a12) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t4;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t7;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t7 =  *0xbfb5fc; // 0x0
                                                                                                                                                                                                                                                        				if(_t7 == 0) {
                                                                                                                                                                                                                                                        					_t4 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "GetCertificateSizeByHandle");
                                                                                                                                                                                                                                                        					_t7 = _t4;
                                                                                                                                                                                                                                                        					 *0xbfb5fc = _t4;
                                                                                                                                                                                                                                                        					if(_t4 != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						return 0xc0000002;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L1:
                                                                                                                                                                                                                                                        					return  *_t7(_a8, 0, _a12);
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd813
                                                                                                                                                                                                                                                        0x00bdd81b
                                                                                                                                                                                                                                                        0x00bdd83a
                                                                                                                                                                                                                                                        0x00bdd840
                                                                                                                                                                                                                                                        0x00bdd844
                                                                                                                                                                                                                                                        0x00bdd849
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bdd84b
                                                                                                                                                                                                                                                        0x00bdd851
                                                                                                                                                                                                                                                        0x00bdd851
                                                                                                                                                                                                                                                        0x00bdd81d
                                                                                                                                                                                                                                                        0x00bdd81d
                                                                                                                                                                                                                                                        0x00bdd828
                                                                                                                                                                                                                                                        0x00bdd828

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,00BDA9A0,?,?,?), ref: 00BDD82E
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetCertificateSizeByHandle), ref: 00BDD83A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: GetCertificateSizeByHandle$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1777644256
                                                                                                                                                                                                                                                        • Opcode ID: c87e90a58e7620152599c7355ab647666f6d9e0b12403847a3ede7b10d2231ad
                                                                                                                                                                                                                                                        • Instruction ID: dd0f667a59ca0b46aa23b1de6e131774bdc7dde92b3dfb7a370f808daa672728
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c87e90a58e7620152599c7355ab647666f6d9e0b12403847a3ede7b10d2231ad
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B8E08671284309AFDF055FA5BC15F3A77D9AB04720F0080A9F909C3660EF359410DF00
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                                                                                                                        			E00BDDB60(intOrPtr _a4) {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t4;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t5;
                                                                                                                                                                                                                                                        				intOrPtr _t6;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t5 =  *0xbfb614; // 0x0
                                                                                                                                                                                                                                                        				_t6 = _a4;
                                                                                                                                                                                                                                                        				if(_t5 == 0) {
                                                                                                                                                                                                                                                        					_t4 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "DestroyOPMProtectedOutput");
                                                                                                                                                                                                                                                        					_t5 = _t4;
                                                                                                                                                                                                                                                        					 *0xbfb614 = _t4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return  *_t5(_t6);
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00bddb64
                                                                                                                                                                                                                                                        0x00bddb6a
                                                                                                                                                                                                                                                        0x00bddb6f
                                                                                                                                                                                                                                                        0x00bddb82
                                                                                                                                                                                                                                                        0x00bddb88
                                                                                                                                                                                                                                                        0x00bddb8a
                                                                                                                                                                                                                                                        0x00bddb8a
                                                                                                                                                                                                                                                        0x00bddb94

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,?,00BDB395,?,?,?,?,?,?,00BDA145,?,?), ref: 00BDDB76
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,DestroyOPMProtectedOutput), ref: 00BDDB82
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: DestroyOPMProtectedOutput$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-3495823380
                                                                                                                                                                                                                                                        • Opcode ID: 460c8b5ae54b7be2dc8fc6c4b6f5fa2affeea6b4fc4b0d0c3ac198fc07ef6d76
                                                                                                                                                                                                                                                        • Instruction ID: a249f85220db648db69688ece46dd6fc973a270a224b5a35ea6014a5f49a5509
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 460c8b5ae54b7be2dc8fc6c4b6f5fa2affeea6b4fc4b0d0c3ac198fc07ef6d76
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BFD012312453147F9B085B64EC05D7A77D8DA08621700009AFA09D3250DF705901CBA5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BDD9F0() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t1;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t3;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 =  *0xbfb60c; // 0x0
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					_t3 = GetProcAddress(GetModuleHandleW(L"gdi32.dll"), "ConfigureOPMProtectedOutput");
                                                                                                                                                                                                                                                        					 *0xbfb60c = _t3;
                                                                                                                                                                                                                                                        					return _t3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd9f3
                                                                                                                                                                                                                                                        0x00bdd9fa
                                                                                                                                                                                                                                                        0x00bdda0f
                                                                                                                                                                                                                                                        0x00bdda15
                                                                                                                                                                                                                                                        0x00bdda1b
                                                                                                                                                                                                                                                        0x00bdd9fd
                                                                                                                                                                                                                                                        0x00bdd9fd
                                                                                                                                                                                                                                                        0x00bdd9fd

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(gdi32.dll,?,00BDD9D6), ref: 00BDDA03
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,ConfigureOPMProtectedOutput), ref: 00BDDA0F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: ConfigureOPMProtectedOutput$gdi32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-1355904375
                                                                                                                                                                                                                                                        • Opcode ID: a9c2e3ce859bdf7faf02edcac74f7163bf330c854453faaaa8866ceccf9c6b99
                                                                                                                                                                                                                                                        • Instruction ID: 1b3900331a860a546864987225d63fe933c8f5eb244b91cb2633d08f190d8c3c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a9c2e3ce859bdf7faf02edcac74f7163bf330c854453faaaa8866ceccf9c6b99
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 88D0C9712C4308AFAA009BFAFC09C36B7DCAE04B6130081D2BA0CC3660DF759400CB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BDD300() {
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t1;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t3;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 =  *0xbfb5e8; // 0x0
                                                                                                                                                                                                                                                        				if(_t1 == 0) {
                                                                                                                                                                                                                                                        					_t3 = GetProcAddress(GetModuleHandleW(L"user32.dll"), "EnumDisplayMonitors");
                                                                                                                                                                                                                                                        					 *0xbfb5e8 = _t3;
                                                                                                                                                                                                                                                        					return _t3;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					return _t1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bdd303
                                                                                                                                                                                                                                                        0x00bdd30a
                                                                                                                                                                                                                                                        0x00bdd31f
                                                                                                                                                                                                                                                        0x00bdd325
                                                                                                                                                                                                                                                        0x00bdd32b
                                                                                                                                                                                                                                                        0x00bdd30d
                                                                                                                                                                                                                                                        0x00bdd30d
                                                                                                                                                                                                                                                        0x00bdd30d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(user32.dll,?,00BDD2DA,00BDA711), ref: 00BDD313
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumDisplayMonitors), ref: 00BDD31F
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: EnumDisplayMonitors$user32.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-2459821190
                                                                                                                                                                                                                                                        • Opcode ID: f8012c29e64a79dd3f008eb67540c2e022861f0d12ff5a5db56f23b28b4a410d
                                                                                                                                                                                                                                                        • Instruction ID: 888acf0126143b0352e76a79745a4a2183db1607a5c2b538aaf5906af9c132b6
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f8012c29e64a79dd3f008eb67540c2e022861f0d12ff5a5db56f23b28b4a410d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9FD0C9712843089F96009BE4BD49D3277DCBA04B1130004E2FA08C7660DF749450C725
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BC6CB0(signed int __ecx, signed int _a4, signed int _a8, signed int _a12, void* _a16, signed int _a20) {
                                                                                                                                                                                                                                                        				int _v0;
                                                                                                                                                                                                                                                        				signed int _v4;
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				void* _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				signed int _v60;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				signed int _v88;
                                                                                                                                                                                                                                                        				void* _v104;
                                                                                                                                                                                                                                                        				signed int _v112;
                                                                                                                                                                                                                                                        				signed int _v116;
                                                                                                                                                                                                                                                        				intOrPtr _v120;
                                                                                                                                                                                                                                                        				signed int _v124;
                                                                                                                                                                                                                                                        				char _v128;
                                                                                                                                                                                                                                                        				signed int _v132;
                                                                                                                                                                                                                                                        				int _v136;
                                                                                                                                                                                                                                                        				signed int _v160;
                                                                                                                                                                                                                                                        				int _v168;
                                                                                                                                                                                                                                                        				int _v172;
                                                                                                                                                                                                                                                        				char _v176;
                                                                                                                                                                                                                                                        				signed int _t225;
                                                                                                                                                                                                                                                        				signed int _t227;
                                                                                                                                                                                                                                                        				signed int _t232;
                                                                                                                                                                                                                                                        				intOrPtr _t234;
                                                                                                                                                                                                                                                        				int _t239;
                                                                                                                                                                                                                                                        				signed int _t244;
                                                                                                                                                                                                                                                        				void* _t246;
                                                                                                                                                                                                                                                        				signed int _t250;
                                                                                                                                                                                                                                                        				signed int _t257;
                                                                                                                                                                                                                                                        				void* _t260;
                                                                                                                                                                                                                                                        				void* _t265;
                                                                                                                                                                                                                                                        				signed int _t267;
                                                                                                                                                                                                                                                        				signed int _t272;
                                                                                                                                                                                                                                                        				signed int _t276;
                                                                                                                                                                                                                                                        				signed int _t277;
                                                                                                                                                                                                                                                        				signed int _t279;
                                                                                                                                                                                                                                                        				void* _t281;
                                                                                                                                                                                                                                                        				signed int _t303;
                                                                                                                                                                                                                                                        				void* _t315;
                                                                                                                                                                                                                                                        				signed int _t317;
                                                                                                                                                                                                                                                        				signed int _t318;
                                                                                                                                                                                                                                                        				signed int _t322;
                                                                                                                                                                                                                                                        				signed int _t324;
                                                                                                                                                                                                                                                        				signed int _t329;
                                                                                                                                                                                                                                                        				void* _t332;
                                                                                                                                                                                                                                                        				intOrPtr _t333;
                                                                                                                                                                                                                                                        				intOrPtr _t334;
                                                                                                                                                                                                                                                        				intOrPtr _t335;
                                                                                                                                                                                                                                                        				signed int _t336;
                                                                                                                                                                                                                                                        				void* _t337;
                                                                                                                                                                                                                                                        				void* _t338;
                                                                                                                                                                                                                                                        				int _t341;
                                                                                                                                                                                                                                                        				intOrPtr _t342;
                                                                                                                                                                                                                                                        				void* _t343;
                                                                                                                                                                                                                                                        				void* _t345;
                                                                                                                                                                                                                                                        				void* _t349;
                                                                                                                                                                                                                                                        				void* _t350;
                                                                                                                                                                                                                                                        				unsigned int _t352;
                                                                                                                                                                                                                                                        				void* _t353;
                                                                                                                                                                                                                                                        				void* _t356;
                                                                                                                                                                                                                                                        				void* _t358;
                                                                                                                                                                                                                                                        				signed int _t361;
                                                                                                                                                                                                                                                        				intOrPtr _t363;
                                                                                                                                                                                                                                                        				int _t374;
                                                                                                                                                                                                                                                        				signed int _t379;
                                                                                                                                                                                                                                                        				void* _t380;
                                                                                                                                                                                                                                                        				void* _t383;
                                                                                                                                                                                                                                                        				void* _t385;
                                                                                                                                                                                                                                                        				void* _t396;
                                                                                                                                                                                                                                                        				signed int _t397;
                                                                                                                                                                                                                                                        				signed int _t408;
                                                                                                                                                                                                                                                        				signed int _t417;
                                                                                                                                                                                                                                                        				signed int _t428;
                                                                                                                                                                                                                                                        				signed int _t430;
                                                                                                                                                                                                                                                        				int _t433;
                                                                                                                                                                                                                                                        				signed int _t436;
                                                                                                                                                                                                                                                        				signed int _t437;
                                                                                                                                                                                                                                                        				unsigned int _t440;
                                                                                                                                                                                                                                                        				signed int _t443;
                                                                                                                                                                                                                                                        				void* _t446;
                                                                                                                                                                                                                                                        				signed int _t450;
                                                                                                                                                                                                                                                        				void* _t457;
                                                                                                                                                                                                                                                        				unsigned int _t458;
                                                                                                                                                                                                                                                        				signed int _t461;
                                                                                                                                                                                                                                                        				void* _t462;
                                                                                                                                                                                                                                                        				signed int _t464;
                                                                                                                                                                                                                                                        				void* _t466;
                                                                                                                                                                                                                                                        				intOrPtr _t467;
                                                                                                                                                                                                                                                        				unsigned int _t468;
                                                                                                                                                                                                                                                        				int _t469;
                                                                                                                                                                                                                                                        				int _t474;
                                                                                                                                                                                                                                                        				int _t475;
                                                                                                                                                                                                                                                        				signed int _t477;
                                                                                                                                                                                                                                                        				signed int _t479;
                                                                                                                                                                                                                                                        				unsigned int _t480;
                                                                                                                                                                                                                                                        				void* _t481;
                                                                                                                                                                                                                                                        				void _t482;
                                                                                                                                                                                                                                                        				void* _t483;
                                                                                                                                                                                                                                                        				void* _t484;
                                                                                                                                                                                                                                                        				signed int _t485;
                                                                                                                                                                                                                                                        				signed int _t486;
                                                                                                                                                                                                                                                        				void* _t490;
                                                                                                                                                                                                                                                        				void* _t493;
                                                                                                                                                                                                                                                        				signed int _t494;
                                                                                                                                                                                                                                                        				signed int _t495;
                                                                                                                                                                                                                                                        				void* _t498;
                                                                                                                                                                                                                                                        				void _t500;
                                                                                                                                                                                                                                                        				void* _t502;
                                                                                                                                                                                                                                                        				signed int _t503;
                                                                                                                                                                                                                                                        				signed int _t504;
                                                                                                                                                                                                                                                        				signed int _t507;
                                                                                                                                                                                                                                                        				void* _t508;
                                                                                                                                                                                                                                                        				unsigned int _t510;
                                                                                                                                                                                                                                                        				void* _t511;
                                                                                                                                                                                                                                                        				void* _t512;
                                                                                                                                                                                                                                                        				void* _t513;
                                                                                                                                                                                                                                                        				signed int _t515;
                                                                                                                                                                                                                                                        				signed int _t516;
                                                                                                                                                                                                                                                        				signed int _t518;
                                                                                                                                                                                                                                                        				signed int _t521;
                                                                                                                                                                                                                                                        				void* _t522;
                                                                                                                                                                                                                                                        				signed int _t523;
                                                                                                                                                                                                                                                        				void* _t524;
                                                                                                                                                                                                                                                        				signed int _t525;
                                                                                                                                                                                                                                                        				void* _t526;
                                                                                                                                                                                                                                                        				void* _t527;
                                                                                                                                                                                                                                                        				signed int _t528;
                                                                                                                                                                                                                                                        				void* _t529;
                                                                                                                                                                                                                                                        				signed int _t530;
                                                                                                                                                                                                                                                        				void* _t531;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t360 = __ecx;
                                                                                                                                                                                                                                                        				_t527 = _t526 - 0x1c;
                                                                                                                                                                                                                                                        				_t225 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v20 = _t225 ^ _t521;
                                                                                                                                                                                                                                                        				_t227 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        				_t332 = _t227 - _a4;
                                                                                                                                                                                                                                                        				if(_t332 < 0) {
                                                                                                                                                                                                                                                        					E00BBDAC0(__ecx, __eflags);
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t521);
                                                                                                                                                                                                                                                        					_t522 = _t527;
                                                                                                                                                                                                                                                        					_push(_t332);
                                                                                                                                                                                                                                                        					_t528 = _t527 - 0xc;
                                                                                                                                                                                                                                                        					_t428 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        					_t464 = _v40;
                                                                                                                                                                                                                                                        					_t333 = 0x7ffffffe;
                                                                                                                                                                                                                                                        					__eflags = 0x7ffffffe - _t428 - _t464;
                                                                                                                                                                                                                                                        					if(0x7ffffffe - _t428 < _t464) {
                                                                                                                                                                                                                                                        						E00BBA890();
                                                                                                                                                                                                                                                        						goto L32;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t479 = _t464 + _t428;
                                                                                                                                                                                                                                                        						_t510 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        						_v28 = _t428;
                                                                                                                                                                                                                                                        						_v32 = __ecx;
                                                                                                                                                                                                                                                        						_v24 = _t479;
                                                                                                                                                                                                                                                        						_t279 = _t479 | 0x00000007;
                                                                                                                                                                                                                                                        						__eflags = _t279 - 0x7ffffffe;
                                                                                                                                                                                                                                                        						if(_t279 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        							_t352 = _t510 >> 1;
                                                                                                                                                                                                                                                        							_t353 = _t352 + _t510;
                                                                                                                                                                                                                                                        							__eflags = _t279 - _t353;
                                                                                                                                                                                                                                                        							_t354 =  >=  ? _t279 : _t353;
                                                                                                                                                                                                                                                        							__eflags = _t510 - 0x7ffffffe - _t352;
                                                                                                                                                                                                                                                        							_t333 =  >  ? 0x7ffffffe :  >=  ? _t279 : _t353;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t480 = _t510;
                                                                                                                                                                                                                                                        						_t511 = _v32;
                                                                                                                                                                                                                                                        						_t83 = _t333 + 1; // 0x11
                                                                                                                                                                                                                                                        						_t281 = E00BBA8A0(_t83);
                                                                                                                                                                                                                                                        						__eflags = _t480 - 8;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t511 + 0x10)) = _v24;
                                                                                                                                                                                                                                                        						_t396 = _t511;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t511 + 0x14)) = _t333;
                                                                                                                                                                                                                                                        						if(_t480 < 8) {
                                                                                                                                                                                                                                                        							_t512 = _t396;
                                                                                                                                                                                                                                                        							_t349 = _t281;
                                                                                                                                                                                                                                                        							memcpy(_t281, _t396, _a8 + _a8);
                                                                                                                                                                                                                                                        							_t481 = _t349 + _a8 * 2;
                                                                                                                                                                                                                                                        							memcpy(_t481, _a16, _a20 + _a20);
                                                                                                                                                                                                                                                        							_t397 = _a8;
                                                                                                                                                                                                                                                        							_t450 = _v28 - _a12 + _t397;
                                                                                                                                                                                                                                                        							__eflags = _t450;
                                                                                                                                                                                                                                                        							memcpy(_t481 + _a20 * 2, _t512 + _t397 * 2 + _a12 * 2, _t450 + _t450 + 2);
                                                                                                                                                                                                                                                        							_t482 = _t349;
                                                                                                                                                                                                                                                        							goto L30;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t350 =  *_t396;
                                                                                                                                                                                                                                                        							_t513 = _t281;
                                                                                                                                                                                                                                                        							_v24 = _t480;
                                                                                                                                                                                                                                                        							memcpy(_t281, _t350, _a8 + _a8);
                                                                                                                                                                                                                                                        							_t483 = _t513 + _a8 * 2;
                                                                                                                                                                                                                                                        							memcpy(_t483, _a16, _a20 + _a20);
                                                                                                                                                                                                                                                        							memcpy(_t483 + _a20 * 2, _t350 + _a8 * 2 + _a12 * 2, _v28 - _a12 + _a8 + _v28 - _a12 + _a8 + 2);
                                                                                                                                                                                                                                                        							_t528 = _t528 + 0x24;
                                                                                                                                                                                                                                                        							_t360 = _v24;
                                                                                                                                                                                                                                                        							_t482 = _t513;
                                                                                                                                                                                                                                                        							_t512 = _v32;
                                                                                                                                                                                                                                                        							_t110 = _t360 + 2; // 0x13
                                                                                                                                                                                                                                                        							_t303 = _t360 + _t110;
                                                                                                                                                                                                                                                        							__eflags = _t303 - 0x1000;
                                                                                                                                                                                                                                                        							if(_t303 < 0x1000) {
                                                                                                                                                                                                                                                        								L28:
                                                                                                                                                                                                                                                        								_push(_t303);
                                                                                                                                                                                                                                                        								_push(_t350);
                                                                                                                                                                                                                                                        								L00BEF6C6();
                                                                                                                                                                                                                                                        								L30:
                                                                                                                                                                                                                                                        								 *_t512 = _t482;
                                                                                                                                                                                                                                                        								return _t512;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t333 =  *((intOrPtr*)(_t350 - 4));
                                                                                                                                                                                                                                                        								__eflags = _t350 + 0xfffffffc - _t333 - 0x20;
                                                                                                                                                                                                                                                        								if(_t350 + 0xfffffffc - _t333 >= 0x20) {
                                                                                                                                                                                                                                                        									L32:
                                                                                                                                                                                                                                                        									__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									asm("int3");
                                                                                                                                                                                                                                                        									_push(_t522);
                                                                                                                                                                                                                                                        									_t523 = _t528;
                                                                                                                                                                                                                                                        									_push(_t333);
                                                                                                                                                                                                                                                        									_push(_t464);
                                                                                                                                                                                                                                                        									_push(_t492);
                                                                                                                                                                                                                                                        									_t529 = _t528 - 0x18;
                                                                                                                                                                                                                                                        									_t232 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        									_t429 = _v64;
                                                                                                                                                                                                                                                        									_v88 = _t232 ^ _t523;
                                                                                                                                                                                                                                                        									_t234 =  *((intOrPtr*)(_t360 + 0x10));
                                                                                                                                                                                                                                                        									_t466 = _t234 - _t429;
                                                                                                                                                                                                                                                        									__eflags = _t466;
                                                                                                                                                                                                                                                        									if(__eflags < 0) {
                                                                                                                                                                                                                                                        										E00BBDAC0(_t360, __eflags);
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(_t523);
                                                                                                                                                                                                                                                        										_t524 = _t529;
                                                                                                                                                                                                                                                        										_push(_t333);
                                                                                                                                                                                                                                                        										_push(_t466);
                                                                                                                                                                                                                                                        										_push(_t492);
                                                                                                                                                                                                                                                        										_t530 = _t529 - 0x14;
                                                                                                                                                                                                                                                        										_t430 =  *((intOrPtr*)(_t360 + 0x10));
                                                                                                                                                                                                                                                        										_t493 = _v104;
                                                                                                                                                                                                                                                        										_t334 = 0x7fffffff;
                                                                                                                                                                                                                                                        										__eflags = 0x7fffffff - _t430 - _t493;
                                                                                                                                                                                                                                                        										if(0x7fffffff - _t430 < _t493) {
                                                                                                                                                                                                                                                        											E00BBA890();
                                                                                                                                                                                                                                                        											goto L65;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t468 =  *(_t360 + 0x14);
                                                                                                                                                                                                                                                        											_t495 = _t493 + _t430;
                                                                                                                                                                                                                                                        											_v36 = _t430;
                                                                                                                                                                                                                                                        											_v44 = _t360;
                                                                                                                                                                                                                                                        											_v48 = _t495;
                                                                                                                                                                                                                                                        											_t244 = _t495 | 0x0000000f;
                                                                                                                                                                                                                                                        											__eflags = _t244;
                                                                                                                                                                                                                                                        											if(_t244 >= 0) {
                                                                                                                                                                                                                                                        												_t379 = _t468 >> 1;
                                                                                                                                                                                                                                                        												_t380 = _t379 + _t468;
                                                                                                                                                                                                                                                        												__eflags = _t244 - _t380;
                                                                                                                                                                                                                                                        												_t381 =  >=  ? _t244 : _t380;
                                                                                                                                                                                                                                                        												__eflags = _t468 - (_t379 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        												_t334 =  <=  ?  >=  ? _t244 : _t380 : 0x7fffffff;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v40 = _t468;
                                                                                                                                                                                                                                                        											_t469 = _v0;
                                                                                                                                                                                                                                                        											_t188 = _t334 + 1; // 0x80000000
                                                                                                                                                                                                                                                        											_t337 = _v44;
                                                                                                                                                                                                                                                        											_t246 = E00BBD730(_t188);
                                                                                                                                                                                                                                                        											__eflags = _v40 - 0x10;
                                                                                                                                                                                                                                                        											_v32 = _t246;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t337 + 0x10)) = _v48;
                                                                                                                                                                                                                                                        											 *((intOrPtr*)(_t337 + 0x14)) = _t334;
                                                                                                                                                                                                                                                        											if(_v40 < 0x10) {
                                                                                                                                                                                                                                                        												memcpy(_t246, _t337, _t469);
                                                                                                                                                                                                                                                        												_t498 = _v32 + _t469;
                                                                                                                                                                                                                                                        												memcpy(_t498, _a8, _a12);
                                                                                                                                                                                                                                                        												_t250 = _a4;
                                                                                                                                                                                                                                                        												_t374 = _v36 - _t250 + _t469 + 1;
                                                                                                                                                                                                                                                        												__eflags = _t374;
                                                                                                                                                                                                                                                        												_t500 = _v32;
                                                                                                                                                                                                                                                        												memcpy(_t498 + _a12, _t337 + _t469 + _t250, _t374);
                                                                                                                                                                                                                                                        												goto L63;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t338 =  *_t337;
                                                                                                                                                                                                                                                        												memcpy(_t246, _t338, _t469);
                                                                                                                                                                                                                                                        												_t502 = _t246 + _t469;
                                                                                                                                                                                                                                                        												memcpy(_t502, _a8, _a12);
                                                                                                                                                                                                                                                        												_t257 = _a4;
                                                                                                                                                                                                                                                        												_t493 = _t502 + _a12;
                                                                                                                                                                                                                                                        												_t466 = _t338 + _t469 + _t257;
                                                                                                                                                                                                                                                        												memcpy(_t493, _t466, _v36 - _t257 + _t469 + 1);
                                                                                                                                                                                                                                                        												_t530 = _t530 + 0x24;
                                                                                                                                                                                                                                                        												_t436 = _v40;
                                                                                                                                                                                                                                                        												_t201 = _t436 + 1; // 0x11
                                                                                                                                                                                                                                                        												_t360 = _t201;
                                                                                                                                                                                                                                                        												__eflags = _t360 - 0x1000;
                                                                                                                                                                                                                                                        												if(_t360 < 0x1000) {
                                                                                                                                                                                                                                                        													L61:
                                                                                                                                                                                                                                                        													_push(_t360);
                                                                                                                                                                                                                                                        													_push(_t338);
                                                                                                                                                                                                                                                        													L00BEF6C6();
                                                                                                                                                                                                                                                        													_t500 = _v32;
                                                                                                                                                                                                                                                        													_t337 = _v44;
                                                                                                                                                                                                                                                        													L63:
                                                                                                                                                                                                                                                        													 *_t337 = _t500;
                                                                                                                                                                                                                                                        													return _t337;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t260 =  *(_t338 - 4);
                                                                                                                                                                                                                                                        													_t334 = _t338 + 0xfffffffc - _t260;
                                                                                                                                                                                                                                                        													__eflags = _t334 - 0x20;
                                                                                                                                                                                                                                                        													if(_t334 >= 0x20) {
                                                                                                                                                                                                                                                        														L65:
                                                                                                                                                                                                                                                        														__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														asm("int3");
                                                                                                                                                                                                                                                        														_push(_t524);
                                                                                                                                                                                                                                                        														_t525 = _t530;
                                                                                                                                                                                                                                                        														_push(_t334);
                                                                                                                                                                                                                                                        														_push(_t466);
                                                                                                                                                                                                                                                        														_push(_t493);
                                                                                                                                                                                                                                                        														_t531 = _t530 - 8;
                                                                                                                                                                                                                                                        														_t494 = _t360;
                                                                                                                                                                                                                                                        														_t361 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        														_t239 = _v136;
                                                                                                                                                                                                                                                        														_v160 = _t361 ^ _t525;
                                                                                                                                                                                                                                                        														_t335 =  *((intOrPtr*)(_t494 + 0x14));
                                                                                                                                                                                                                                                        														_t363 =  *((intOrPtr*)(_t494 + 0x10));
                                                                                                                                                                                                                                                        														__eflags = _t335 - _t363 - _t239;
                                                                                                                                                                                                                                                        														_t433 = _v132;
                                                                                                                                                                                                                                                        														if(_t335 - _t363 >= _t239) {
                                                                                                                                                                                                                                                        															_t467 = _t363 + _t239;
                                                                                                                                                                                                                                                        															__eflags = _t335 - 0x10;
                                                                                                                                                                                                                                                        															_t336 = _t494;
                                                                                                                                                                                                                                                        															 *((intOrPtr*)(_t494 + 0x10)) = _t467;
                                                                                                                                                                                                                                                        															if(_t335 >= 0x10) {
                                                                                                                                                                                                                                                        																_t336 =  *_t494;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															_t240 = memset(_t363 + _t336, _t433, _t239);
                                                                                                                                                                                                                                                        															 *((char*)(_t336 + _t467)) = 0;
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_v176 = _v40;
                                                                                                                                                                                                                                                        															_v172 = _t239;
                                                                                                                                                                                                                                                        															 *(_t531 - 0x10) = _t239;
                                                                                                                                                                                                                                                        															_v168 = _t433;
                                                                                                                                                                                                                                                        															_t494 = E00BC7330(_t494);
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														__eflags = _v36 ^ _t525;
                                                                                                                                                                                                                                                        														E00BEECB0(_t240, _v36 ^ _t525, _t433);
                                                                                                                                                                                                                                                        														return _t494;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t437 = _t436 + 0x24;
                                                                                                                                                                                                                                                        														__eflags = _t437;
                                                                                                                                                                                                                                                        														_t338 = _t260;
                                                                                                                                                                                                                                                        														_t360 = _t437;
                                                                                                                                                                                                                                                        														goto L61;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t341 = _v0;
                                                                                                                                                                                                                                                        										_t503 = _a8;
                                                                                                                                                                                                                                                        										__eflags = _t466 - _t341;
                                                                                                                                                                                                                                                        										_t342 =  <  ? _t466 : _t341;
                                                                                                                                                                                                                                                        										__eflags = _t342 - _t503;
                                                                                                                                                                                                                                                        										if(_t342 != _t503) {
                                                                                                                                                                                                                                                        											_t474 = _t466 - _t342 + 1;
                                                                                                                                                                                                                                                        											_t504 = _t503 - _t342;
                                                                                                                                                                                                                                                        											__eflags = _t504;
                                                                                                                                                                                                                                                        											if(_t504 >= 0) {
                                                                                                                                                                                                                                                        												_t440 =  *(_t360 + 0x14);
                                                                                                                                                                                                                                                        												_v36 = _t440;
                                                                                                                                                                                                                                                        												_t441 = _t440 - _t234;
                                                                                                                                                                                                                                                        												__eflags = _t504 - _t440 - _t234;
                                                                                                                                                                                                                                                        												if(_t504 <= _t440 - _t234) {
                                                                                                                                                                                                                                                        													__eflags = _v36 - 0x10;
                                                                                                                                                                                                                                                        													 *((intOrPtr*)(_t360 + 0x10)) = _t504 + _t234;
                                                                                                                                                                                                                                                        													_t443 = _t360;
                                                                                                                                                                                                                                                        													if(_v36 >= 0x10) {
                                                                                                                                                                                                                                                        														_t443 =  *_t360;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v36 = _t360;
                                                                                                                                                                                                                                                        													_v48 = _t443;
                                                                                                                                                                                                                                                        													_t383 = _v4 + _t443;
                                                                                                                                                                                                                                                        													_v44 = _t383;
                                                                                                                                                                                                                                                        													_t343 = _t342 + _t383;
                                                                                                                                                                                                                                                        													_t385 = _a4;
                                                                                                                                                                                                                                                        													__eflags = _a8 + _a4 - _v44;
                                                                                                                                                                                                                                                        													_t429 = _a8;
                                                                                                                                                                                                                                                        													_v40 = _a8;
                                                                                                                                                                                                                                                        													if(_a8 + _a4 > _v44) {
                                                                                                                                                                                                                                                        														_t446 = _t385;
                                                                                                                                                                                                                                                        														__eflags = _v48 + _t234 - _t446;
                                                                                                                                                                                                                                                        														_t385 = _t446;
                                                                                                                                                                                                                                                        														_t429 = _a8;
                                                                                                                                                                                                                                                        														_v40 = _a8;
                                                                                                                                                                                                                                                        														if(_v48 + _t234 >= _t446) {
                                                                                                                                                                                                                                                        															_t429 = 0;
                                                                                                                                                                                                                                                        															_t477 = _t343 - _t385;
                                                                                                                                                                                                                                                        															__eflags = _t477;
                                                                                                                                                                                                                                                        															_t478 =  <=  ? 0 : _t477;
                                                                                                                                                                                                                                                        															_v40 =  <=  ? 0 : _t477;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_t345 = _t385;
                                                                                                                                                                                                                                                        													memmove(_t343 + _t504, _t343, _t474);
                                                                                                                                                                                                                                                        													_t475 = _v40;
                                                                                                                                                                                                                                                        													memmove(_v44, _t345, _t475);
                                                                                                                                                                                                                                                        													_t529 = _t529 + 0x18;
                                                                                                                                                                                                                                                        													_t265 = memcpy(_v44 + _t475, _t345 + _t504 + _t475, _a8 - _t475);
                                                                                                                                                                                                                                                        													goto L39;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_v128 = _v32;
                                                                                                                                                                                                                                                        													_v120 = _t342;
                                                                                                                                                                                                                                                        													_v132 = _t504;
                                                                                                                                                                                                                                                        													_v112 = _a8;
                                                                                                                                                                                                                                                        													_v116 = _a4;
                                                                                                                                                                                                                                                        													_t272 = _v4;
                                                                                                                                                                                                                                                        													_v124 = _t272;
                                                                                                                                                                                                                                                        													L54();
                                                                                                                                                                                                                                                        													E00BEECB0(_t272, _v28 ^ _t523, _t441);
                                                                                                                                                                                                                                                        													_t267 = _t272;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t360 + 0x10)) = _t504 + _t234;
                                                                                                                                                                                                                                                        												_t507 = _t360;
                                                                                                                                                                                                                                                        												__eflags =  *(_t360 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        												if( *(_t360 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        													_t507 =  *_t360;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v36 = _t360;
                                                                                                                                                                                                                                                        												_t508 = _t507 + _t429;
                                                                                                                                                                                                                                                        												memmove(_t508, _a4, _a8);
                                                                                                                                                                                                                                                        												_t529 = _t529 + 0xc;
                                                                                                                                                                                                                                                        												_push(_t474);
                                                                                                                                                                                                                                                        												_push(_t342 + _t508);
                                                                                                                                                                                                                                                        												_push(_t508 + _a8);
                                                                                                                                                                                                                                                        												goto L38;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											__eflags =  *(_t360 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        											_t276 = _t360;
                                                                                                                                                                                                                                                        											if( *(_t360 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        												_t276 =  *_t360;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											_v36 = _t360;
                                                                                                                                                                                                                                                        											_t277 = _t276 + _t429;
                                                                                                                                                                                                                                                        											__eflags = _t277;
                                                                                                                                                                                                                                                        											_push(_t503);
                                                                                                                                                                                                                                                        											_push(_a4);
                                                                                                                                                                                                                                                        											_push(_t277);
                                                                                                                                                                                                                                                        											L38:
                                                                                                                                                                                                                                                        											_t265 = memmove();
                                                                                                                                                                                                                                                        											L39:
                                                                                                                                                                                                                                                        											__eflags = _v28 ^ _t523;
                                                                                                                                                                                                                                                        											E00BEECB0(_t265, _v28 ^ _t523, _t429);
                                                                                                                                                                                                                                                        											_t267 = _v36;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										return _t267;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t408 = _t360 + _t360 + 0x25;
                                                                                                                                                                                                                                                        									__eflags = _t408;
                                                                                                                                                                                                                                                        									_t303 = _t408;
                                                                                                                                                                                                                                                        									goto L28;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t484 = _a16;
                                                                                                                                                                                                                                                        					_t457 = _a12;
                                                                                                                                                                                                                                                        					_t515 =  <  ? _t332 : _a8;
                                                                                                                                                                                                                                                        					if(_t515 != _t484) {
                                                                                                                                                                                                                                                        						_t356 = _t332 - _t515 + 1;
                                                                                                                                                                                                                                                        						_t485 = _t484 - _t515;
                                                                                                                                                                                                                                                        						__eflags = _t485;
                                                                                                                                                                                                                                                        						if(_t485 >= 0) {
                                                                                                                                                                                                                                                        							_t458 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        							_v28 = _t458;
                                                                                                                                                                                                                                                        							_t459 = _t458 - _t227;
                                                                                                                                                                                                                                                        							__eflags = _t485 - _t458 - _t227;
                                                                                                                                                                                                                                                        							if(_t485 <= _t458 - _t227) {
                                                                                                                                                                                                                                                        								__eflags = _v28 - 8;
                                                                                                                                                                                                                                                        								_v32 = _t485;
                                                                                                                                                                                                                                                        								 *(__ecx + 0x10) = _t485 + _t227;
                                                                                                                                                                                                                                                        								_t461 = __ecx;
                                                                                                                                                                                                                                                        								if(_v28 >= 8) {
                                                                                                                                                                                                                                                        									_t461 =  *__ecx;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_v28 = _t360;
                                                                                                                                                                                                                                                        								_v36 = _t461;
                                                                                                                                                                                                                                                        								_t486 = _a16;
                                                                                                                                                                                                                                                        								_t462 = _t461 + _a4 * 2;
                                                                                                                                                                                                                                                        								_t516 = _a12;
                                                                                                                                                                                                                                                        								_v44 = _t462;
                                                                                                                                                                                                                                                        								_v40 = _t462 + _t515 * 2;
                                                                                                                                                                                                                                                        								__eflags = _t516 + _t486 * 2 - _t462;
                                                                                                                                                                                                                                                        								_t457 = _v40;
                                                                                                                                                                                                                                                        								_t518 = _t486;
                                                                                                                                                                                                                                                        								if(_t516 + _t486 * 2 > _t462) {
                                                                                                                                                                                                                                                        									_t417 = _v36;
                                                                                                                                                                                                                                                        									_t518 = _t486;
                                                                                                                                                                                                                                                        									__eflags = _t417 + _t227 * 2 - _a12;
                                                                                                                                                                                                                                                        									if(_t417 + _t227 * 2 >= _a12) {
                                                                                                                                                                                                                                                        										_t318 = _a12;
                                                                                                                                                                                                                                                        										__eflags = _t457 - _t318;
                                                                                                                                                                                                                                                        										_t518 =  >  ? _t457 - _t318 >> 1 : 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								memmove(_t457 + _v32 * 2, _t457, _t356 + _t356);
                                                                                                                                                                                                                                                        								_t358 = _v44;
                                                                                                                                                                                                                                                        								memmove(_t358, _a12, _t518 + _t518);
                                                                                                                                                                                                                                                        								_t527 = _t527 + 0x18;
                                                                                                                                                                                                                                                        								_t315 = memcpy(_t358 + _t518 * 2, _a12 + _v32 * 2 + _t518 * 2, _t486 - _t518 + _t486 - _t518);
                                                                                                                                                                                                                                                        								goto L6;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v64 = _v24;
                                                                                                                                                                                                                                                        								_v56 = _t515;
                                                                                                                                                                                                                                                        								 *(_t527 - 0x18) = _t485;
                                                                                                                                                                                                                                                        								_v48 = _a16;
                                                                                                                                                                                                                                                        								_v52 = _a12;
                                                                                                                                                                                                                                                        								_t322 = _a4;
                                                                                                                                                                                                                                                        								_v60 = _t322;
                                                                                                                                                                                                                                                        								L21();
                                                                                                                                                                                                                                                        								E00BEECB0(_t322, _v20 ^ _t521, _t459);
                                                                                                                                                                                                                                                        								_t317 = _t322;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t324 = __ecx;
                                                                                                                                                                                                                                                        							 *(__ecx + 0x10) = _t485 + _t227;
                                                                                                                                                                                                                                                        							__eflags =  *(__ecx + 0x14) - 8;
                                                                                                                                                                                                                                                        							if( *(__ecx + 0x14) >= 8) {
                                                                                                                                                                                                                                                        								_t324 =  *__ecx;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_v28 = _t360;
                                                                                                                                                                                                                                                        							_t490 = _t324 + _a4 * 2;
                                                                                                                                                                                                                                                        							memmove(_t490, _t457, _a16 + _a16);
                                                                                                                                                                                                                                                        							_t527 = _t527 + 0xc;
                                                                                                                                                                                                                                                        							_push(_t356 + _t356);
                                                                                                                                                                                                                                                        							_push(_t490 + _t515 * 2);
                                                                                                                                                                                                                                                        							_push(_t490 + _a16 * 2);
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t329 = __ecx;
                                                                                                                                                                                                                                                        						if( *(__ecx + 0x14) >= 8) {
                                                                                                                                                                                                                                                        							_t329 =  *__ecx;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v28 = _t360;
                                                                                                                                                                                                                                                        						_push(_t484 + _t484);
                                                                                                                                                                                                                                                        						_push(_t457);
                                                                                                                                                                                                                                                        						_push(_t329 + _a4 * 2);
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_t315 = memmove();
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						E00BEECB0(_t315, _v20 ^ _t521, _t457);
                                                                                                                                                                                                                                                        						_t317 = _v28;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return _t317;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}












































































































































                                                                                                                                                                                                                                                        0x00bc6cb0
                                                                                                                                                                                                                                                        0x00bc6cb6
                                                                                                                                                                                                                                                        0x00bc6cb9
                                                                                                                                                                                                                                                        0x00bc6cc0
                                                                                                                                                                                                                                                        0x00bc6cc3
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6ccb
                                                                                                                                                                                                                                                        0x00bc6e42
                                                                                                                                                                                                                                                        0x00bc6e47
                                                                                                                                                                                                                                                        0x00bc6e48
                                                                                                                                                                                                                                                        0x00bc6e49
                                                                                                                                                                                                                                                        0x00bc6e4a
                                                                                                                                                                                                                                                        0x00bc6e4b
                                                                                                                                                                                                                                                        0x00bc6e4c
                                                                                                                                                                                                                                                        0x00bc6e4d
                                                                                                                                                                                                                                                        0x00bc6e4e
                                                                                                                                                                                                                                                        0x00bc6e4f
                                                                                                                                                                                                                                                        0x00bc6e50
                                                                                                                                                                                                                                                        0x00bc6e51
                                                                                                                                                                                                                                                        0x00bc6e53
                                                                                                                                                                                                                                                        0x00bc6e56
                                                                                                                                                                                                                                                        0x00bc6e59
                                                                                                                                                                                                                                                        0x00bc6e5c
                                                                                                                                                                                                                                                        0x00bc6e64
                                                                                                                                                                                                                                                        0x00bc6e6b
                                                                                                                                                                                                                                                        0x00bc6e6d
                                                                                                                                                                                                                                                        0x00bc6fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e75
                                                                                                                                                                                                                                                        0x00bc6e78
                                                                                                                                                                                                                                                        0x00bc6e7b
                                                                                                                                                                                                                                                        0x00bc6e80
                                                                                                                                                                                                                                                        0x00bc6e83
                                                                                                                                                                                                                                                        0x00bc6e86
                                                                                                                                                                                                                                                        0x00bc6e8b
                                                                                                                                                                                                                                                        0x00bc6e99
                                                                                                                                                                                                                                                        0x00bc6e9d
                                                                                                                                                                                                                                                        0x00bc6e9f
                                                                                                                                                                                                                                                        0x00bc6ea1
                                                                                                                                                                                                                                                        0x00bc6ea4
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea9
                                                                                                                                                                                                                                                        0x00bc6eab
                                                                                                                                                                                                                                                        0x00bc6eae
                                                                                                                                                                                                                                                        0x00bc6eb4
                                                                                                                                                                                                                                                        0x00bc6ebc
                                                                                                                                                                                                                                                        0x00bc6ebf
                                                                                                                                                                                                                                                        0x00bc6ec2
                                                                                                                                                                                                                                                        0x00bc6ec4
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6f62
                                                                                                                                                                                                                                                        0x00bc6f66
                                                                                                                                                                                                                                                        0x00bc6f68
                                                                                                                                                                                                                                                        0x00bc6f73
                                                                                                                                                                                                                                                        0x00bc6f80
                                                                                                                                                                                                                                                        0x00bc6f8b
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6fab
                                                                                                                                                                                                                                                        0x00bc6fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ed7
                                                                                                                                                                                                                                                        0x00bc6ed9
                                                                                                                                                                                                                                                        0x00bc6edc
                                                                                                                                                                                                                                                        0x00bc6ee7
                                                                                                                                                                                                                                                        0x00bc6ef4
                                                                                                                                                                                                                                                        0x00bc6f1f
                                                                                                                                                                                                                                                        0x00bc6f24
                                                                                                                                                                                                                                                        0x00bc6f27
                                                                                                                                                                                                                                                        0x00bc6f2a
                                                                                                                                                                                                                                                        0x00bc6f2c
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f33
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f51
                                                                                                                                                                                                                                                        0x00bc6f52
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fc0
                                                                                                                                                                                                                                                        0x00bc6f3a
                                                                                                                                                                                                                                                        0x00bc6f3c
                                                                                                                                                                                                                                                        0x00bc6f44
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fce
                                                                                                                                                                                                                                                        0x00bc6fcf
                                                                                                                                                                                                                                                        0x00bc6fd0
                                                                                                                                                                                                                                                        0x00bc6fd1
                                                                                                                                                                                                                                                        0x00bc6fd3
                                                                                                                                                                                                                                                        0x00bc6fd4
                                                                                                                                                                                                                                                        0x00bc6fd5
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7153
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7155
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ff9
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc6ffe
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7021
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc6f49
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd4
                                                                                                                                                                                                                                                        0x00bc6cd7
                                                                                                                                                                                                                                                        0x00bc6cdc
                                                                                                                                                                                                                                                        0x00bc6ce1
                                                                                                                                                                                                                                                        0x00bc6d1c
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1f
                                                                                                                                                                                                                                                        0x00bc6d5a
                                                                                                                                                                                                                                                        0x00bc6d5d
                                                                                                                                                                                                                                                        0x00bc6d60
                                                                                                                                                                                                                                                        0x00bc6d62
                                                                                                                                                                                                                                                        0x00bc6d64
                                                                                                                                                                                                                                                        0x00bc6da4
                                                                                                                                                                                                                                                        0x00bc6dab
                                                                                                                                                                                                                                                        0x00bc6dae
                                                                                                                                                                                                                                                        0x00bc6db1
                                                                                                                                                                                                                                                        0x00bc6db3
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db7
                                                                                                                                                                                                                                                        0x00bc6dbd
                                                                                                                                                                                                                                                        0x00bc6dc0
                                                                                                                                                                                                                                                        0x00bc6dc3
                                                                                                                                                                                                                                                        0x00bc6dc9
                                                                                                                                                                                                                                                        0x00bc6dcc
                                                                                                                                                                                                                                                        0x00bc6dcf
                                                                                                                                                                                                                                                        0x00bc6dd5
                                                                                                                                                                                                                                                        0x00bc6dd7
                                                                                                                                                                                                                                                        0x00bc6dda
                                                                                                                                                                                                                                                        0x00bc6ddc
                                                                                                                                                                                                                                                        0x00bc6dde
                                                                                                                                                                                                                                                        0x00bc6de1
                                                                                                                                                                                                                                                        0x00bc6de6
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6deb
                                                                                                                                                                                                                                                        0x00bc6df6
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6e06
                                                                                                                                                                                                                                                        0x00bc6e16
                                                                                                                                                                                                                                                        0x00bc6e1a
                                                                                                                                                                                                                                                        0x00bc6e1f
                                                                                                                                                                                                                                                        0x00bc6e38
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d66
                                                                                                                                                                                                                                                        0x00bc6d6c
                                                                                                                                                                                                                                                        0x00bc6d73
                                                                                                                                                                                                                                                        0x00bc6d77
                                                                                                                                                                                                                                                        0x00bc6d7a
                                                                                                                                                                                                                                                        0x00bc6d81
                                                                                                                                                                                                                                                        0x00bc6d85
                                                                                                                                                                                                                                                        0x00bc6d88
                                                                                                                                                                                                                                                        0x00bc6d8c
                                                                                                                                                                                                                                                        0x00bc6d98
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d21
                                                                                                                                                                                                                                                        0x00bc6d23
                                                                                                                                                                                                                                                        0x00bc6d25
                                                                                                                                                                                                                                                        0x00bc6d28
                                                                                                                                                                                                                                                        0x00bc6d2c
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d30
                                                                                                                                                                                                                                                        0x00bc6d36
                                                                                                                                                                                                                                                        0x00bc6d42
                                                                                                                                                                                                                                                        0x00bc6d47
                                                                                                                                                                                                                                                        0x00bc6d55
                                                                                                                                                                                                                                                        0x00bc6d56
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce7
                                                                                                                                                                                                                                                        0x00bc6ce9
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ced
                                                                                                                                                                                                                                                        0x00bc6cf8
                                                                                                                                                                                                                                                        0x00bc6cf9
                                                                                                                                                                                                                                                        0x00bc6cfa
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6d00
                                                                                                                                                                                                                                                        0x00bc6d08
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6d17

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,00000000,?), ref: 00BC6CFB
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC6D42
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,?), ref: 00BC6E06
                                                                                                                                                                                                                                                        • memmove.NTDLL(?,?,00000000), ref: 00BC6E1A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?), ref: 00BC6E38
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memmove$memcpy
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3033661859-0
                                                                                                                                                                                                                                                        • Opcode ID: 9c58cbdc8a7843fd2370edc8d9126b4927223b4a58846100d1dc1c127a570372
                                                                                                                                                                                                                                                        • Instruction ID: cefdd99787e1e6717a075777cf00a6fa3e3d72d6d64b050e1858d8bf6e394526
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9c58cbdc8a7843fd2370edc8d9126b4927223b4a58846100d1dc1c127a570372
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45516BB5A0020A9FCB14DF68C880CAE7BF5FF88304B5145ADE8569B315DB31AD15CBE1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BC58B0(short* _a4, void* _a8, signed int* _a12) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _v212;
                                                                                                                                                                                                                                                        				signed int _v216;
                                                                                                                                                                                                                                                        				signed int _v232;
                                                                                                                                                                                                                                                        				char _v236;
                                                                                                                                                                                                                                                        				void* _v244;
                                                                                                                                                                                                                                                        				char _v248;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t73;
                                                                                                                                                                                                                                                        				signed int _t76;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				signed int _t78;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				signed int _t82;
                                                                                                                                                                                                                                                        				intOrPtr* _t85;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				signed int _t92;
                                                                                                                                                                                                                                                        				signed int _t97;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				intOrPtr* _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        				short* _t112;
                                                                                                                                                                                                                                                        				short* _t113;
                                                                                                                                                                                                                                                        				short* _t114;
                                                                                                                                                                                                                                                        				intOrPtr* _t119;
                                                                                                                                                                                                                                                        				void* _t127;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				short* _t135;
                                                                                                                                                                                                                                                        				short* _t136;
                                                                                                                                                                                                                                                        				void* _t139;
                                                                                                                                                                                                                                                        				intOrPtr* _t140;
                                                                                                                                                                                                                                                        				intOrPtr* _t142;
                                                                                                                                                                                                                                                        				intOrPtr _t143;
                                                                                                                                                                                                                                                        				signed int _t145;
                                                                                                                                                                                                                                                        				signed int _t146;
                                                                                                                                                                                                                                                        				signed int _t147;
                                                                                                                                                                                                                                                        				signed int* _t149;
                                                                                                                                                                                                                                                        				signed int* _t151;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t149 = (_t147 & 0xfffffff8) - 0xe0;
                                                                                                                                                                                                                                                        				_t73 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t112 = _a4;
                                                                                                                                                                                                                                                        				_t139 = _a8;
                                                                                                                                                                                                                                                        				_v24 = _t73 ^ _t146;
                                                                                                                                                                                                                                                        				 *(_t112 + 0x14) = 7;
                                                                                                                                                                                                                                                        				 *(_t112 + 0x10) = 0;
                                                                                                                                                                                                                                                        				 *_t112 = 0;
                                                                                                                                                                                                                                                        				if( *_t139 == 0) {
                                                                                                                                                                                                                                                        					L14:
                                                                                                                                                                                                                                                        					_t76 =  *_a12;
                                                                                                                                                                                                                                                        					_t110 =  *_t76;
                                                                                                                                                                                                                                                        					 *_t149 = _t76;
                                                                                                                                                                                                                                                        					__eflags = _t110 - _t76;
                                                                                                                                                                                                                                                        					if(_t110 != _t76) {
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t77 =  *(_t110 + 0x20);
                                                                                                                                                                                                                                                        							__eflags =  *((intOrPtr*)(_t110 + 0x24)) - 8;
                                                                                                                                                                                                                                                        							_t140 = _t110 + 0x10;
                                                                                                                                                                                                                                                        							_t113 = _t140;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t110 + 0x24)) >= 8) {
                                                                                                                                                                                                                                                        								_t113 =  *_t140;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _t77;
                                                                                                                                                                                                                                                        							if(_t77 == 0) {
                                                                                                                                                                                                                                                        								L23:
                                                                                                                                                                                                                                                        								_v232 = 0xffffffff;
                                                                                                                                                                                                                                                        								goto L24;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t135 = _t113;
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								while(1) {
                                                                                                                                                                                                                                                        									__eflags =  *_t135;
                                                                                                                                                                                                                                                        									if( *_t135 == 0) {
                                                                                                                                                                                                                                                        										break;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t135 = _t135 + 2;
                                                                                                                                                                                                                                                        									_t77 = _t77 - 1;
                                                                                                                                                                                                                                                        									__eflags = _t77;
                                                                                                                                                                                                                                                        									if(_t77 != 0) {
                                                                                                                                                                                                                                                        										continue;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L23;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t134 = _t135 - _t113;
                                                                                                                                                                                                                                                        								__eflags = _t134 - 0xfffffffe;
                                                                                                                                                                                                                                                        								_v232 = _t134 >> 1;
                                                                                                                                                                                                                                                        								if(__eflags != 0) {
                                                                                                                                                                                                                                                        									_t97 = E00BC4A90(_t134, __eflags, 0xbf0f60,  &_v232, "std::wstring::npos == i.first.find(L\'\\0\')");
                                                                                                                                                                                                                                                        									_t149 =  &(_t149[3]);
                                                                                                                                                                                                                                                        									__eflags = _t97;
                                                                                                                                                                                                                                                        									if(__eflags != 0) {
                                                                                                                                                                                                                                                        										E00BC2030( &_v232, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc", 0x6e, _t97);
                                                                                                                                                                                                                                                        										E00BC20C0();
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L24:
                                                                                                                                                                                                                                                        								_t78 =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        								__eflags =  *((intOrPtr*)(_t110 + 0x3c)) - 8;
                                                                                                                                                                                                                                                        								_t142 = _t110 + 0x28;
                                                                                                                                                                                                                                                        								_t114 = _t142;
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t110 + 0x3c)) >= 8) {
                                                                                                                                                                                                                                                        									_t114 =  *_t142;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								__eflags = _t78;
                                                                                                                                                                                                                                                        								if(_t78 == 0) {
                                                                                                                                                                                                                                                        									L30:
                                                                                                                                                                                                                                                        									_v232 = 0xffffffff;
                                                                                                                                                                                                                                                        									goto L31;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t136 = _t114;
                                                                                                                                                                                                                                                        									while(1) {
                                                                                                                                                                                                                                                        										__eflags =  *_t136;
                                                                                                                                                                                                                                                        										if( *_t136 == 0) {
                                                                                                                                                                                                                                                        											break;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										_t136 = _t136 + 2;
                                                                                                                                                                                                                                                        										_t78 = _t78 - 1;
                                                                                                                                                                                                                                                        										__eflags = _t78;
                                                                                                                                                                                                                                                        										if(_t78 != 0) {
                                                                                                                                                                                                                                                        											continue;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L30;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t134 = _t136 - _t114;
                                                                                                                                                                                                                                                        									__eflags = _t134 - 0xfffffffe;
                                                                                                                                                                                                                                                        									_v232 = _t134 >> 1;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										L31:
                                                                                                                                                                                                                                                        										__eflags =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        										if( *(_t110 + 0x38) != 0) {
                                                                                                                                                                                                                                                        											L45:
                                                                                                                                                                                                                                                        											_t79 =  *(_t110 + 0x20);
                                                                                                                                                                                                                                                        											__eflags =  *((intOrPtr*)(_t110 + 0x24)) - 7;
                                                                                                                                                                                                                                                        											if( *((intOrPtr*)(_t110 + 0x24)) > 7) {
                                                                                                                                                                                                                                                        												_t140 =  *((intOrPtr*)(_t110 + 0x10));
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB73B0(_a4, _t140, _t79);
                                                                                                                                                                                                                                                        											E00BC5CD0(_t110, _a4, 0x3d);
                                                                                                                                                                                                                                                        											_t82 =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        											__eflags =  *((intOrPtr*)(_t110 + 0x3c)) - 7;
                                                                                                                                                                                                                                                        											if( *((intOrPtr*)(_t110 + 0x3c)) > 7) {
                                                                                                                                                                                                                                                        												_t142 =  *((intOrPtr*)(_t110 + 0x28));
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											E00BB73B0(_a4, _t142, _t82);
                                                                                                                                                                                                                                                        											E00BC5CD0(_t110, _a4, 0);
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										L32:
                                                                                                                                                                                                                                                        										_t119 =  *((intOrPtr*)(_t110 + 8));
                                                                                                                                                                                                                                                        										__eflags =  *((char*)(_t119 + 0xd));
                                                                                                                                                                                                                                                        										if( *((char*)(_t119 + 0xd)) == 0) {
                                                                                                                                                                                                                                                        											do {
                                                                                                                                                                                                                                                        												_t85 = _t119;
                                                                                                                                                                                                                                                        												_t119 =  *_t119;
                                                                                                                                                                                                                                                        												__eflags =  *((char*)(_t119 + 0xd));
                                                                                                                                                                                                                                                        											} while ( *((char*)(_t119 + 0xd)) == 0);
                                                                                                                                                                                                                                                        											goto L16;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										while(1) {
                                                                                                                                                                                                                                                        											_t85 =  *((intOrPtr*)(_t110 + 4));
                                                                                                                                                                                                                                                        											__eflags =  *((char*)(_t85 + 0xd));
                                                                                                                                                                                                                                                        											if( *((char*)(_t85 + 0xd)) != 0) {
                                                                                                                                                                                                                                                        												goto L16;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											__eflags = _t110 -  *((intOrPtr*)(_t85 + 8));
                                                                                                                                                                                                                                                        											_t110 = _t85;
                                                                                                                                                                                                                                                        											if(__eflags == 0) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L16;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L16;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t92 = E00BC4A90(_t134, __eflags, 0xbf0f60,  &_v232, "std::wstring::npos == i.second.find(L\'\\0\')");
                                                                                                                                                                                                                                                        									_t149 =  &(_t149[3]);
                                                                                                                                                                                                                                                        									__eflags = _t92;
                                                                                                                                                                                                                                                        									if(__eflags == 0) {
                                                                                                                                                                                                                                                        										goto L31;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									E00BC2030( &_v232, __eflags, "/builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc", 0x6f, _t92);
                                                                                                                                                                                                                                                        									E00BC20C0();
                                                                                                                                                                                                                                                        									__eflags =  *(_t110 + 0x38);
                                                                                                                                                                                                                                                        									if( *(_t110 + 0x38) == 0) {
                                                                                                                                                                                                                                                        										goto L32;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									goto L45;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L16:
                                                                                                                                                                                                                                                        							__eflags = _t85 -  *_t149;
                                                                                                                                                                                                                                                        							_t110 = _t85;
                                                                                                                                                                                                                                                        						} while (_t85 !=  *_t149);
                                                                                                                                                                                                                                                        						L50:
                                                                                                                                                                                                                                                        						_t143 = _a4;
                                                                                                                                                                                                                                                        						_t86 = E00BC5CD0(_t110, _t143, 0);
                                                                                                                                                                                                                                                        						__eflags = _v28 ^ _t146;
                                                                                                                                                                                                                                                        						E00BEECB0(_t86, _v28 ^ _t146, _t134);
                                                                                                                                                                                                                                                        						return _t143;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L50;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t127 =  &_v232;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t111 = _t139;
                                                                                                                                                                                                                                                        						_t145 = 0;
                                                                                                                                                                                                                                                        						_v28 = 7;
                                                                                                                                                                                                                                                        						_v32 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						while(1) {
                                                                                                                                                                                                                                                        							_t99 =  *(_t111 + _t145 * 2) & 0x0000ffff;
                                                                                                                                                                                                                                                        							if(_t99 == 0 || _t99 == 0x3d) {
                                                                                                                                                                                                                                                        								break;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t145 = _t145 + 1;
                                                                                                                                                                                                                                                        							_t139 = _t139 + 2;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _t145 - 7;
                                                                                                                                                                                                                                                        						_v212 = 7;
                                                                                                                                                                                                                                                        						_v216 = 0;
                                                                                                                                                                                                                                                        						_v232 = 0;
                                                                                                                                                                                                                                                        						if(_t145 <= 7) {
                                                                                                                                                                                                                                                        							_v216 = _t145;
                                                                                                                                                                                                                                                        							_t101 = memmove(_t127, _t111, _t145 + _t145);
                                                                                                                                                                                                                                                        							_t151 =  &(_t149[3]);
                                                                                                                                                                                                                                                        							 *((short*)(_t151 + 8 + _t145 * 2)) = 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t151 = _t149 - 0xc;
                                                                                                                                                                                                                                                        							_v248 = _v236;
                                                                                                                                                                                                                                                        							_v244 = _t111;
                                                                                                                                                                                                                                                        							 *_t151 = _t145;
                                                                                                                                                                                                                                                        							_t101 = E00BBA7D0(_t111, _t127, _t139, _t145);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t102 = E00BBDF30(_t101,  &_v48, 7);
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [esp+0x18]");
                                                                                                                                                                                                                                                        						asm("movsd xmm2, [esp+0x8]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [esp+0x10]");
                                                                                                                                                                                                                                                        						_v216 = 0;
                                                                                                                                                                                                                                                        						_v212 = 7;
                                                                                                                                                                                                                                                        						_v232 = 0;
                                                                                                                                                                                                                                                        						asm("movsd [esp+0xd0], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0xc8], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [esp+0xc0], xmm2");
                                                                                                                                                                                                                                                        						E00BBDF30(_t102,  &_v232, 7);
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t145 = _t145 + 1;
                                                                                                                                                                                                                                                        							__eflags =  *_t139;
                                                                                                                                                                                                                                                        							_t139 = _t139 + 2;
                                                                                                                                                                                                                                                        						} while (__eflags != 0);
                                                                                                                                                                                                                                                        						_t138 =  &_v232;
                                                                                                                                                                                                                                                        						E00BC5C60( &_v48, _a12,  &_v232,  &_v48);
                                                                                                                                                                                                                                                        						_t149 =  &(_t151[1]);
                                                                                                                                                                                                                                                        						_t107 = _v232;
                                                                                                                                                                                                                                                        						__eflags = _v232 -  *_a12;
                                                                                                                                                                                                                                                        						if(_v232 ==  *_a12) {
                                                                                                                                                                                                                                                        							_t107 = E00BB73B0(_a4, _t111, _t145);
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						E00BBDF30(_t107,  &_v48, _t138);
                                                                                                                                                                                                                                                        						__eflags =  *_t139;
                                                                                                                                                                                                                                                        						_t134 = 7;
                                                                                                                                                                                                                                                        						_t127 =  &_v232;
                                                                                                                                                                                                                                                        					} while ( *_t139 != 0);
                                                                                                                                                                                                                                                        					goto L14;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

















































                                                                                                                                                                                                                                                        0x00bc58b9
                                                                                                                                                                                                                                                        0x00bc58bf
                                                                                                                                                                                                                                                        0x00bc58c4
                                                                                                                                                                                                                                                        0x00bc58c7
                                                                                                                                                                                                                                                        0x00bc58cc
                                                                                                                                                                                                                                                        0x00bc58d3
                                                                                                                                                                                                                                                        0x00bc58da
                                                                                                                                                                                                                                                        0x00bc58e1
                                                                                                                                                                                                                                                        0x00bc58ea
                                                                                                                                                                                                                                                        0x00bc5a61
                                                                                                                                                                                                                                                        0x00bc5a64
                                                                                                                                                                                                                                                        0x00bc5a66
                                                                                                                                                                                                                                                        0x00bc5a68
                                                                                                                                                                                                                                                        0x00bc5a6b
                                                                                                                                                                                                                                                        0x00bc5a6d
                                                                                                                                                                                                                                                        0x00bc5a8b
                                                                                                                                                                                                                                                        0x00bc5a8b
                                                                                                                                                                                                                                                        0x00bc5a8e
                                                                                                                                                                                                                                                        0x00bc5a92
                                                                                                                                                                                                                                                        0x00bc5a95
                                                                                                                                                                                                                                                        0x00bc5a97
                                                                                                                                                                                                                                                        0x00bc5a99
                                                                                                                                                                                                                                                        0x00bc5a99
                                                                                                                                                                                                                                                        0x00bc5a9b
                                                                                                                                                                                                                                                        0x00bc5a9d
                                                                                                                                                                                                                                                        0x00bc5ac0
                                                                                                                                                                                                                                                        0x00bc5ac0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5a9f
                                                                                                                                                                                                                                                        0x00bc5a9f
                                                                                                                                                                                                                                                        0x00bc5aa1
                                                                                                                                                                                                                                                        0x00bc5ab0
                                                                                                                                                                                                                                                        0x00bc5ab0
                                                                                                                                                                                                                                                        0x00bc5ab4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5aba
                                                                                                                                                                                                                                                        0x00bc5abd
                                                                                                                                                                                                                                                        0x00bc5abd
                                                                                                                                                                                                                                                        0x00bc5abe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5abe
                                                                                                                                                                                                                                                        0x00bc5b40
                                                                                                                                                                                                                                                        0x00bc5b46
                                                                                                                                                                                                                                                        0x00bc5b49
                                                                                                                                                                                                                                                        0x00bc5b4d
                                                                                                                                                                                                                                                        0x00bc5b62
                                                                                                                                                                                                                                                        0x00bc5b67
                                                                                                                                                                                                                                                        0x00bc5b6a
                                                                                                                                                                                                                                                        0x00bc5b6c
                                                                                                                                                                                                                                                        0x00bc5b80
                                                                                                                                                                                                                                                        0x00bc5b87
                                                                                                                                                                                                                                                        0x00bc5b87
                                                                                                                                                                                                                                                        0x00bc5b6c
                                                                                                                                                                                                                                                        0x00bc5ac8
                                                                                                                                                                                                                                                        0x00bc5ac8
                                                                                                                                                                                                                                                        0x00bc5acb
                                                                                                                                                                                                                                                        0x00bc5acf
                                                                                                                                                                                                                                                        0x00bc5ad2
                                                                                                                                                                                                                                                        0x00bc5ad4
                                                                                                                                                                                                                                                        0x00bc5ad6
                                                                                                                                                                                                                                                        0x00bc5ad6
                                                                                                                                                                                                                                                        0x00bc5ad8
                                                                                                                                                                                                                                                        0x00bc5ada
                                                                                                                                                                                                                                                        0x00bc5af0
                                                                                                                                                                                                                                                        0x00bc5af0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5adc
                                                                                                                                                                                                                                                        0x00bc5adc
                                                                                                                                                                                                                                                        0x00bc5ae0
                                                                                                                                                                                                                                                        0x00bc5ae0
                                                                                                                                                                                                                                                        0x00bc5ae4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5aea
                                                                                                                                                                                                                                                        0x00bc5aed
                                                                                                                                                                                                                                                        0x00bc5aed
                                                                                                                                                                                                                                                        0x00bc5aee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5aee
                                                                                                                                                                                                                                                        0x00bc5ba0
                                                                                                                                                                                                                                                        0x00bc5ba6
                                                                                                                                                                                                                                                        0x00bc5ba9
                                                                                                                                                                                                                                                        0x00bc5bad
                                                                                                                                                                                                                                                        0x00bc5af8
                                                                                                                                                                                                                                                        0x00bc5af8
                                                                                                                                                                                                                                                        0x00bc5afc
                                                                                                                                                                                                                                                        0x00bc5bf6
                                                                                                                                                                                                                                                        0x00bc5bf6
                                                                                                                                                                                                                                                        0x00bc5bf9
                                                                                                                                                                                                                                                        0x00bc5bfd
                                                                                                                                                                                                                                                        0x00bc5bff
                                                                                                                                                                                                                                                        0x00bc5bff
                                                                                                                                                                                                                                                        0x00bc5c07
                                                                                                                                                                                                                                                        0x00bc5c11
                                                                                                                                                                                                                                                        0x00bc5c16
                                                                                                                                                                                                                                                        0x00bc5c19
                                                                                                                                                                                                                                                        0x00bc5c1d
                                                                                                                                                                                                                                                        0x00bc5c1f
                                                                                                                                                                                                                                                        0x00bc5c1f
                                                                                                                                                                                                                                                        0x00bc5c29
                                                                                                                                                                                                                                                        0x00bc5c32
                                                                                                                                                                                                                                                        0x00bc5c32
                                                                                                                                                                                                                                                        0x00bc5b02
                                                                                                                                                                                                                                                        0x00bc5b02
                                                                                                                                                                                                                                                        0x00bc5b05
                                                                                                                                                                                                                                                        0x00bc5b09
                                                                                                                                                                                                                                                        0x00bc5b30
                                                                                                                                                                                                                                                        0x00bc5b30
                                                                                                                                                                                                                                                        0x00bc5b32
                                                                                                                                                                                                                                                        0x00bc5b34
                                                                                                                                                                                                                                                        0x00bc5b34
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b3a
                                                                                                                                                                                                                                                        0x00bc5b10
                                                                                                                                                                                                                                                        0x00bc5b10
                                                                                                                                                                                                                                                        0x00bc5b13
                                                                                                                                                                                                                                                        0x00bc5b17
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b1d
                                                                                                                                                                                                                                                        0x00bc5b20
                                                                                                                                                                                                                                                        0x00bc5b22
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b24
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5b10
                                                                                                                                                                                                                                                        0x00bc5bc2
                                                                                                                                                                                                                                                        0x00bc5bc7
                                                                                                                                                                                                                                                        0x00bc5bca
                                                                                                                                                                                                                                                        0x00bc5bcc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5bde
                                                                                                                                                                                                                                                        0x00bc5be7
                                                                                                                                                                                                                                                        0x00bc5bec
                                                                                                                                                                                                                                                        0x00bc5bf0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc5bf0
                                                                                                                                                                                                                                                        0x00bc5ada
                                                                                                                                                                                                                                                        0x00bc5a80
                                                                                                                                                                                                                                                        0x00bc5a80
                                                                                                                                                                                                                                                        0x00bc5a83
                                                                                                                                                                                                                                                        0x00bc5a83
                                                                                                                                                                                                                                                        0x00bc5c3c
                                                                                                                                                                                                                                                        0x00bc5c3c
                                                                                                                                                                                                                                                        0x00bc5c43
                                                                                                                                                                                                                                                        0x00bc5c4f
                                                                                                                                                                                                                                                        0x00bc5c51
                                                                                                                                                                                                                                                        0x00bc5c5f
                                                                                                                                                                                                                                                        0x00bc5c5f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc58f0
                                                                                                                                                                                                                                                        0x00bc58f5
                                                                                                                                                                                                                                                        0x00bc591f
                                                                                                                                                                                                                                                        0x00bc591f
                                                                                                                                                                                                                                                        0x00bc5921
                                                                                                                                                                                                                                                        0x00bc5923
                                                                                                                                                                                                                                                        0x00bc592a
                                                                                                                                                                                                                                                        0x00bc5935
                                                                                                                                                                                                                                                        0x00bc5940
                                                                                                                                                                                                                                                        0x00bc5940
                                                                                                                                                                                                                                                        0x00bc5947
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc594f
                                                                                                                                                                                                                                                        0x00bc5950
                                                                                                                                                                                                                                                        0x00bc5950
                                                                                                                                                                                                                                                        0x00bc5960
                                                                                                                                                                                                                                                        0x00bc5963
                                                                                                                                                                                                                                                        0x00bc5967
                                                                                                                                                                                                                                                        0x00bc596f
                                                                                                                                                                                                                                                        0x00bc5976
                                                                                                                                                                                                                                                        0x00bc59a3
                                                                                                                                                                                                                                                        0x00bc59aa
                                                                                                                                                                                                                                                        0x00bc59af
                                                                                                                                                                                                                                                        0x00bc59b2
                                                                                                                                                                                                                                                        0x00bc5978
                                                                                                                                                                                                                                                        0x00bc5978
                                                                                                                                                                                                                                                        0x00bc597f
                                                                                                                                                                                                                                                        0x00bc5983
                                                                                                                                                                                                                                                        0x00bc5987
                                                                                                                                                                                                                                                        0x00bc598a
                                                                                                                                                                                                                                                        0x00bc598a
                                                                                                                                                                                                                                                        0x00bc59c0
                                                                                                                                                                                                                                                        0x00bc59c5
                                                                                                                                                                                                                                                        0x00bc59cb
                                                                                                                                                                                                                                                        0x00bc59d1
                                                                                                                                                                                                                                                        0x00bc59db
                                                                                                                                                                                                                                                        0x00bc59e3
                                                                                                                                                                                                                                                        0x00bc59eb
                                                                                                                                                                                                                                                        0x00bc59f2
                                                                                                                                                                                                                                                        0x00bc59fb
                                                                                                                                                                                                                                                        0x00bc5a04
                                                                                                                                                                                                                                                        0x00bc5a0d
                                                                                                                                                                                                                                                        0x00bc5a12
                                                                                                                                                                                                                                                        0x00bc5a20
                                                                                                                                                                                                                                                        0x00bc5a20
                                                                                                                                                                                                                                                        0x00bc5a21
                                                                                                                                                                                                                                                        0x00bc5a25
                                                                                                                                                                                                                                                        0x00bc5a25
                                                                                                                                                                                                                                                        0x00bc5a2d
                                                                                                                                                                                                                                                        0x00bc5a3b
                                                                                                                                                                                                                                                        0x00bc5a40
                                                                                                                                                                                                                                                        0x00bc5a43
                                                                                                                                                                                                                                                        0x00bc5a4a
                                                                                                                                                                                                                                                        0x00bc5a4c
                                                                                                                                                                                                                                                        0x00bc5a57
                                                                                                                                                                                                                                                        0x00bc5a57
                                                                                                                                                                                                                                                        0x00bc5907
                                                                                                                                                                                                                                                        0x00bc590c
                                                                                                                                                                                                                                                        0x00bc5910
                                                                                                                                                                                                                                                        0x00bc5915
                                                                                                                                                                                                                                                        0x00bc5915
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc591f

                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc, xrefs: 00BC5B7B, 00BC5BD9
                                                                                                                                                                                                                                                        • std::wstring::npos == i.first.find(L'\0'), xrefs: 00BC5B53
                                                                                                                                                                                                                                                        • std::wstring::npos == i.second.find(L'\0'), xrefs: 00BC5BB3
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/base/process/environment_internal.cc$std::wstring::npos == i.first.find(L'\0')$std::wstring::npos == i.second.find(L'\0')
                                                                                                                                                                                                                                                        • API String ID: 0-119606527
                                                                                                                                                                                                                                                        • Opcode ID: 40a8a0c34ff66f061018c25bf566ee3c9e9a037f98361f4a1e6e4ad11d5657ad
                                                                                                                                                                                                                                                        • Instruction ID: 68dbbd042b898242daf6d317732632417458cedaf8e6e630c0d6f899fc99d197
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 40a8a0c34ff66f061018c25bf566ee3c9e9a037f98361f4a1e6e4ad11d5657ad
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60919F70608B059BD734DF15C880FAB7BE5FF84350F54899DF88A8B291DB70A985CB92
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BB6C70(signed int __ecx, signed int* __edx, void* __eflags, signed int _a4, int _a8) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				char _v28;
                                                                                                                                                                                                                                                        				int _v32;
                                                                                                                                                                                                                                                        				int _v40;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				int _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				char _v56;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				int _v72;
                                                                                                                                                                                                                                                        				WCHAR* _v76;
                                                                                                                                                                                                                                                        				WCHAR* _v80;
                                                                                                                                                                                                                                                        				char _v88;
                                                                                                                                                                                                                                                        				char _v92;
                                                                                                                                                                                                                                                        				int _v96;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				WCHAR* _v108;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER _v112;
                                                                                                                                                                                                                                                        				signed int* _v116;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				union _LARGE_INTEGER* _t100;
                                                                                                                                                                                                                                                        				signed int _t110;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				signed int _t115;
                                                                                                                                                                                                                                                        				signed int _t120;
                                                                                                                                                                                                                                                        				signed int* _t121;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				short _t123;
                                                                                                                                                                                                                                                        				signed int _t124;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_v116 = __edx;
                                                                                                                                                                                                                                                        				_t119 =  &_v40;
                                                                                                                                                                                                                                                        				_t120 = __ecx;
                                                                                                                                                                                                                                                        				_t83 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v24 = _t83 ^ _t125;
                                                                                                                                                                                                                                                        				E00BB6950(__ecx,  &_v40);
                                                                                                                                                                                                                                                        				if(_v28 != 0) {
                                                                                                                                                                                                                                                        					_t86 = _v32;
                                                                                                                                                                                                                                                        					_t121 = _v116;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x50]");
                                                                                                                                                                                                                                                        					L28:
                                                                                                                                                                                                                                                        					_t121[2] = _t86;
                                                                                                                                                                                                                                                        					asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        					_t121[3] = 1;
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					E00BEECB0(_t86, _v24 ^ _t125, _t119);
                                                                                                                                                                                                                                                        					return _t121;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t89 = GetModuleHandleW(0);
                                                                                                                                                                                                                                                        				_t100 =  &_v80;
                                                                                                                                                                                                                                                        				_t86 = E00BB1EA0(_t100, _t89 & 0xfffffffc);
                                                                                                                                                                                                                                                        				if(_v76 == 0) {
                                                                                                                                                                                                                                                        					_t121 = _v116;
                                                                                                                                                                                                                                                        					_t121[3] = 1;
                                                                                                                                                                                                                                                        					 *_t121 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        					_t121[1] = 0x21;
                                                                                                                                                                                                                                                        					_t121[2] = 0x800700c1;
                                                                                                                                                                                                                                                        					goto L7;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t119 =  &_v56;
                                                                                                                                                                                                                                                        				_t123 = _v76[4];
                                                                                                                                                                                                                                                        				E00BB6F60(_t120,  &_v56);
                                                                                                                                                                                                                                                        				if(_v44 != 0) {
                                                                                                                                                                                                                                                        					_t86 = _v48;
                                                                                                                                                                                                                                                        					_t121 = _v116;
                                                                                                                                                                                                                                                        					asm("movsd xmm0, [esp+0x40]");
                                                                                                                                                                                                                                                        					goto L28;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(_v52 == 0 || _v56 != _t123) {
                                                                                                                                                                                                                                                        					_t119 =  &_v80;
                                                                                                                                                                                                                                                        					E00BB6FB0(_t120,  &_v80, __eflags);
                                                                                                                                                                                                                                                        					__eflags = _v68;
                                                                                                                                                                                                                                                        					if(_v68 != 0) {
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t119 =  &_v104;
                                                                                                                                                                                                                                                        					E00BB7070(_t120,  &_v104, _t123);
                                                                                                                                                                                                                                                        					__eflags = _v92;
                                                                                                                                                                                                                                                        					if(_v92 == 0) {
                                                                                                                                                                                                                                                        						goto L5;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L22;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t124 = _a4;
                                                                                                                                                                                                                                                        					if(_t124 != 1) {
                                                                                                                                                                                                                                                        						_t86 = _v40;
                                                                                                                                                                                                                                                        						__eflags = _t86 - 1;
                                                                                                                                                                                                                                                        						if(_t86 != 1) {
                                                                                                                                                                                                                                                        							__eflags = _t86;
                                                                                                                                                                                                                                                        							if(_t86 != 0) {
                                                                                                                                                                                                                                                        								_t121 = _v116;
                                                                                                                                                                                                                                                        								_t121[3] = 1;
                                                                                                                                                                                                                                                        								 *_t121 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        								_t121[1] = 0xed;
                                                                                                                                                                                                                                                        								_t121[2] = 0x80070507;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_v76 = 0;
                                                                                                                                                                                                                                                        								_v80 = 0;
                                                                                                                                                                                                                                                        								QueryPerformanceCounter(_t100);
                                                                                                                                                                                                                                                        								_t86 = _v80;
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t120 + 4)) = _v76;
                                                                                                                                                                                                                                                        								 *_t120 = _v80;
                                                                                                                                                                                                                                                        								 *(_t120 + 8) = 1;
                                                                                                                                                                                                                                                        								_t121 = _v116;
                                                                                                                                                                                                                                                        								_t121[3] = 0;
                                                                                                                                                                                                                                                        								 *_t121 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L7;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t119 =  &_v80;
                                                                                                                                                                                                                                                        						E00BB70C0(_t120,  &_v80);
                                                                                                                                                                                                                                                        						__eflags = _v64;
                                                                                                                                                                                                                                                        						if(_v64 != 0) {
                                                                                                                                                                                                                                                        							L29:
                                                                                                                                                                                                                                                        							_t86 = _v72;
                                                                                                                                                                                                                                                        							_t121 = _v116;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [esp+0x28]");
                                                                                                                                                                                                                                                        							goto L28;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t119 =  &_v104;
                                                                                                                                                                                                                                                        						_t110 = _t120;
                                                                                                                                                                                                                                                        						E00BB7110(_t110,  &_v104);
                                                                                                                                                                                                                                                        						__eflags = _v88;
                                                                                                                                                                                                                                                        						if(_v88 != 0) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							_t86 = _v96;
                                                                                                                                                                                                                                                        							_t121 = _v116;
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [esp+0x10]");
                                                                                                                                                                                                                                                        							goto L28;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t119 = _v72;
                                                                                                                                                                                                                                                        						_t86 = _a8;
                                                                                                                                                                                                                                                        						_t119 = _v96;
                                                                                                                                                                                                                                                        						__eflags = ((_t110 & 0xffffff00 | _t119 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000) ^ ((_t110 & 0xffffff00 | _t119 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000);
                                                                                                                                                                                                                                                        						if((((_t110 & 0xffffff00 | _t119 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000) ^ ((_t110 & 0xffffff00 | _t119 != 0x00000000) & 0xffffff00 | _v96 != 0x00000000)) != 0) {
                                                                                                                                                                                                                                                        							_t114 = 1;
                                                                                                                                                                                                                                                        							__eflags = _t86 - 1;
                                                                                                                                                                                                                                                        							if(_t86 != 1) {
                                                                                                                                                                                                                                                        								L16:
                                                                                                                                                                                                                                                        								_t124 = _t114;
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								__eflags = _t124;
                                                                                                                                                                                                                                                        								if(_t124 != 0) {
                                                                                                                                                                                                                                                        									__eflags = _t124 - 1;
                                                                                                                                                                                                                                                        									if(_t124 != 1) {
                                                                                                                                                                                                                                                        										_t121 = _v116;
                                                                                                                                                                                                                                                        										_t121[3] = 1;
                                                                                                                                                                                                                                                        										 *_t121 = "/builds/worker/checkouts/gecko/toolkit/xre/LauncherRegistryInfo.cpp";
                                                                                                                                                                                                                                                        										_t121[1] = 0x131;
                                                                                                                                                                                                                                                        										_t121[2] = 0x80070507;
                                                                                                                                                                                                                                                        										goto L7;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									 *(_t120 + 0x14) = 0;
                                                                                                                                                                                                                                                        									 *(_t120 + 0x10) = 0;
                                                                                                                                                                                                                                                        									_t122 = _t120 + 0x18;
                                                                                                                                                                                                                                                        									L19:
                                                                                                                                                                                                                                                        									 *_t122 = 1;
                                                                                                                                                                                                                                                        									_t121 = _v116;
                                                                                                                                                                                                                                                        									_t121[3] = 0;
                                                                                                                                                                                                                                                        									 *_t121 = _t124;
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_v108 = 0;
                                                                                                                                                                                                                                                        								_v112.LowPart = 0;
                                                                                                                                                                                                                                                        								_t86 = QueryPerformanceCounter( &_v112);
                                                                                                                                                                                                                                                        								asm("movsd xmm0, [esp+0x8]");
                                                                                                                                                                                                                                                        								asm("movsd [edi], xmm0");
                                                                                                                                                                                                                                                        								_t122 = _t120 + 8;
                                                                                                                                                                                                                                                        								__eflags = _t122;
                                                                                                                                                                                                                                                        								goto L19;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _t124;
                                                                                                                                                                                                                                                        						_t114 = _t124;
                                                                                                                                                                                                                                                        						if(_t124 == 0) {
                                                                                                                                                                                                                                                        							__eflags = _t119;
                                                                                                                                                                                                                                                        							_t114 = _t124;
                                                                                                                                                                                                                                                        							if(_t119 != 0) {
                                                                                                                                                                                                                                                        								_t115 = _v80;
                                                                                                                                                                                                                                                        								_t119 = _v76;
                                                                                                                                                                                                                                                        								__eflags = _t115 - _v104;
                                                                                                                                                                                                                                                        								asm("sbb edx, [esp+0x14]");
                                                                                                                                                                                                                                                        								_t41 = _t115 - _v104 >= 0;
                                                                                                                                                                                                                                                        								__eflags = _t41;
                                                                                                                                                                                                                                                        								_t114 = (_t115 & 0xffffff00 | _t41) & 0x000000ff;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						__eflags = _t86 - 1;
                                                                                                                                                                                                                                                        						if(_t86 == 1) {
                                                                                                                                                                                                                                                        							goto L17;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_v76 = 0;
                                                                                                                                                                                                                                                        						_v80 = 0;
                                                                                                                                                                                                                                                        						QueryPerformanceCounter(_t100);
                                                                                                                                                                                                                                                        						_t86 = _v80;
                                                                                                                                                                                                                                                        						 *(_t120 + 0x14) = _v76;
                                                                                                                                                                                                                                                        						 *(_t120 + 0x10) = _v80;
                                                                                                                                                                                                                                                        						 *(_t120 + 0x18) = 1;
                                                                                                                                                                                                                                                        						_t121 = _v116;
                                                                                                                                                                                                                                                        						_t121[3] = 0;
                                                                                                                                                                                                                                                        						 *_t121 = 1;
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




































                                                                                                                                                                                                                                                        0x00bb6c7c
                                                                                                                                                                                                                                                        0x00bb6c80
                                                                                                                                                                                                                                                        0x00bb6c84
                                                                                                                                                                                                                                                        0x00bb6c86
                                                                                                                                                                                                                                                        0x00bb6c8d
                                                                                                                                                                                                                                                        0x00bb6c91
                                                                                                                                                                                                                                                        0x00bb6c9b
                                                                                                                                                                                                                                                        0x00bb6e8f
                                                                                                                                                                                                                                                        0x00bb6e93
                                                                                                                                                                                                                                                        0x00bb6e97
                                                                                                                                                                                                                                                        0x00bb6ece
                                                                                                                                                                                                                                                        0x00bb6ece
                                                                                                                                                                                                                                                        0x00bb6ed1
                                                                                                                                                                                                                                                        0x00bb6ed5
                                                                                                                                                                                                                                                        0x00bb6d34
                                                                                                                                                                                                                                                        0x00bb6d3a
                                                                                                                                                                                                                                                        0x00bb6d48
                                                                                                                                                                                                                                                        0x00bb6d48
                                                                                                                                                                                                                                                        0x00bb6ca3
                                                                                                                                                                                                                                                        0x00bb6ca9
                                                                                                                                                                                                                                                        0x00bb6cb3
                                                                                                                                                                                                                                                        0x00bb6cbd
                                                                                                                                                                                                                                                        0x00bb6e9f
                                                                                                                                                                                                                                                        0x00bb6ea3
                                                                                                                                                                                                                                                        0x00bb6ea7
                                                                                                                                                                                                                                                        0x00bb6ead
                                                                                                                                                                                                                                                        0x00bb6eb4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6eb4
                                                                                                                                                                                                                                                        0x00bb6cc7
                                                                                                                                                                                                                                                        0x00bb6ccd
                                                                                                                                                                                                                                                        0x00bb6cd0
                                                                                                                                                                                                                                                        0x00bb6cda
                                                                                                                                                                                                                                                        0x00bb6ec0
                                                                                                                                                                                                                                                        0x00bb6ec4
                                                                                                                                                                                                                                                        0x00bb6ec8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6ec8
                                                                                                                                                                                                                                                        0x00bb6ce5
                                                                                                                                                                                                                                                        0x00bb6e09
                                                                                                                                                                                                                                                        0x00bb6e0f
                                                                                                                                                                                                                                                        0x00bb6e14
                                                                                                                                                                                                                                                        0x00bb6e19
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e1f
                                                                                                                                                                                                                                                        0x00bb6e26
                                                                                                                                                                                                                                                        0x00bb6e2e
                                                                                                                                                                                                                                                        0x00bb6e33
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6cf5
                                                                                                                                                                                                                                                        0x00bb6cf5
                                                                                                                                                                                                                                                        0x00bb6cf5
                                                                                                                                                                                                                                                        0x00bb6cfb
                                                                                                                                                                                                                                                        0x00bb6d49
                                                                                                                                                                                                                                                        0x00bb6d4d
                                                                                                                                                                                                                                                        0x00bb6d50
                                                                                                                                                                                                                                                        0x00bb6e4c
                                                                                                                                                                                                                                                        0x00bb6e4e
                                                                                                                                                                                                                                                        0x00bb6f01
                                                                                                                                                                                                                                                        0x00bb6f05
                                                                                                                                                                                                                                                        0x00bb6f09
                                                                                                                                                                                                                                                        0x00bb6f0f
                                                                                                                                                                                                                                                        0x00bb6f16
                                                                                                                                                                                                                                                        0x00bb6e54
                                                                                                                                                                                                                                                        0x00bb6e54
                                                                                                                                                                                                                                                        0x00bb6e5c
                                                                                                                                                                                                                                                        0x00bb6e65
                                                                                                                                                                                                                                                        0x00bb6e6b
                                                                                                                                                                                                                                                        0x00bb6e73
                                                                                                                                                                                                                                                        0x00bb6e76
                                                                                                                                                                                                                                                        0x00bb6e78
                                                                                                                                                                                                                                                        0x00bb6e7c
                                                                                                                                                                                                                                                        0x00bb6e80
                                                                                                                                                                                                                                                        0x00bb6e84
                                                                                                                                                                                                                                                        0x00bb6e84
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e4e
                                                                                                                                                                                                                                                        0x00bb6d56
                                                                                                                                                                                                                                                        0x00bb6d5c
                                                                                                                                                                                                                                                        0x00bb6d61
                                                                                                                                                                                                                                                        0x00bb6d66
                                                                                                                                                                                                                                                        0x00bb6ede
                                                                                                                                                                                                                                                        0x00bb6ede
                                                                                                                                                                                                                                                        0x00bb6ee2
                                                                                                                                                                                                                                                        0x00bb6ee6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6ee6
                                                                                                                                                                                                                                                        0x00bb6d6c
                                                                                                                                                                                                                                                        0x00bb6d70
                                                                                                                                                                                                                                                        0x00bb6d72
                                                                                                                                                                                                                                                        0x00bb6d77
                                                                                                                                                                                                                                                        0x00bb6d7c
                                                                                                                                                                                                                                                        0x00bb6e39
                                                                                                                                                                                                                                                        0x00bb6e39
                                                                                                                                                                                                                                                        0x00bb6e3d
                                                                                                                                                                                                                                                        0x00bb6e41
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e41
                                                                                                                                                                                                                                                        0x00bb6d82
                                                                                                                                                                                                                                                        0x00bb6d86
                                                                                                                                                                                                                                                        0x00bb6d8e
                                                                                                                                                                                                                                                        0x00bb6d96
                                                                                                                                                                                                                                                        0x00bb6d98
                                                                                                                                                                                                                                                        0x00bb6eee
                                                                                                                                                                                                                                                        0x00bb6ef3
                                                                                                                                                                                                                                                        0x00bb6ef6
                                                                                                                                                                                                                                                        0x00bb6dc5
                                                                                                                                                                                                                                                        0x00bb6dc5
                                                                                                                                                                                                                                                        0x00bb6dc7
                                                                                                                                                                                                                                                        0x00bb6dc7
                                                                                                                                                                                                                                                        0x00bb6dc9
                                                                                                                                                                                                                                                        0x00bb6f22
                                                                                                                                                                                                                                                        0x00bb6f25
                                                                                                                                                                                                                                                        0x00bb6f3d
                                                                                                                                                                                                                                                        0x00bb6f41
                                                                                                                                                                                                                                                        0x00bb6f45
                                                                                                                                                                                                                                                        0x00bb6f4b
                                                                                                                                                                                                                                                        0x00bb6f52
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6f52
                                                                                                                                                                                                                                                        0x00bb6f27
                                                                                                                                                                                                                                                        0x00bb6f2e
                                                                                                                                                                                                                                                        0x00bb6f35
                                                                                                                                                                                                                                                        0x00bb6df7
                                                                                                                                                                                                                                                        0x00bb6df7
                                                                                                                                                                                                                                                        0x00bb6dfa
                                                                                                                                                                                                                                                        0x00bb6dfe
                                                                                                                                                                                                                                                        0x00bb6e02
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6e02
                                                                                                                                                                                                                                                        0x00bb6dd3
                                                                                                                                                                                                                                                        0x00bb6ddb
                                                                                                                                                                                                                                                        0x00bb6de4
                                                                                                                                                                                                                                                        0x00bb6dea
                                                                                                                                                                                                                                                        0x00bb6df0
                                                                                                                                                                                                                                                        0x00bb6df4
                                                                                                                                                                                                                                                        0x00bb6df4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6df4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6efc
                                                                                                                                                                                                                                                        0x00bb6d9e
                                                                                                                                                                                                                                                        0x00bb6da0
                                                                                                                                                                                                                                                        0x00bb6da2
                                                                                                                                                                                                                                                        0x00bb6da4
                                                                                                                                                                                                                                                        0x00bb6da6
                                                                                                                                                                                                                                                        0x00bb6da8
                                                                                                                                                                                                                                                        0x00bb6daa
                                                                                                                                                                                                                                                        0x00bb6dae
                                                                                                                                                                                                                                                        0x00bb6db2
                                                                                                                                                                                                                                                        0x00bb6db6
                                                                                                                                                                                                                                                        0x00bb6dba
                                                                                                                                                                                                                                                        0x00bb6dba
                                                                                                                                                                                                                                                        0x00bb6dbd
                                                                                                                                                                                                                                                        0x00bb6dbd
                                                                                                                                                                                                                                                        0x00bb6da8
                                                                                                                                                                                                                                                        0x00bb6dc0
                                                                                                                                                                                                                                                        0x00bb6dc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6cfd
                                                                                                                                                                                                                                                        0x00bb6cfd
                                                                                                                                                                                                                                                        0x00bb6d05
                                                                                                                                                                                                                                                        0x00bb6d0e
                                                                                                                                                                                                                                                        0x00bb6d14
                                                                                                                                                                                                                                                        0x00bb6d1c
                                                                                                                                                                                                                                                        0x00bb6d1f
                                                                                                                                                                                                                                                        0x00bb6d22
                                                                                                                                                                                                                                                        0x00bb6d26
                                                                                                                                                                                                                                                        0x00bb6d2a
                                                                                                                                                                                                                                                        0x00bb6d2e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb6d2e
                                                                                                                                                                                                                                                        0x00bb6cfb

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BB6950: RegCreateKeyExW.KERNEL32(80000001,SOFTWARE\Mozilla\Firefox\Launcher,00000000,00000000,00000000,000F003F,00000000,?,?,76337E20,?,00BB5A6D), ref: 00BB698C
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000), ref: 00BB6CA3
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BB6D0E
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BB6DE4
                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 00BB6E65
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CounterPerformanceQuery$CreateHandleModule
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 935252311-0
                                                                                                                                                                                                                                                        • Opcode ID: 763a686fbc51d5e17dbcc29eedf10daa2f192b70d966db35786e86daf92ffc71
                                                                                                                                                                                                                                                        • Instruction ID: 86fddbc5dedcc3ae69537345c3944cd8579dc2ee404b930e5edbba7b16a943d7
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 763a686fbc51d5e17dbcc29eedf10daa2f192b70d966db35786e86daf92ffc71
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 858158745087859BD711CF24C0847AAFBE1BF85314F148A8DE8991B381D7F9ED98CB82
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 97%
                                                                                                                                                                                                                                                        			E00BE6B10(signed int __ecx, int* _a4, intOrPtr _a8, signed int _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				signed int* _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v52;
                                                                                                                                                                                                                                                        				intOrPtr _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v60;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				signed int _t79;
                                                                                                                                                                                                                                                        				signed int _t83;
                                                                                                                                                                                                                                                        				void* _t86;
                                                                                                                                                                                                                                                        				signed int _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				signed int _t103;
                                                                                                                                                                                                                                                        				signed int* _t104;
                                                                                                                                                                                                                                                        				int* _t108;
                                                                                                                                                                                                                                                        				int* _t109;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				intOrPtr _t123;
                                                                                                                                                                                                                                                        				intOrPtr _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				void* _t128;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				signed int* _t130;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				intOrPtr _t132;
                                                                                                                                                                                                                                                        				signed int _t135;
                                                                                                                                                                                                                                                        				void* _t136;
                                                                                                                                                                                                                                                        				void* _t138;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t74 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t120 = _a12;
                                                                                                                                                                                                                                                        				_t125 = _a8;
                                                                                                                                                                                                                                                        				_t101 = 0;
                                                                                                                                                                                                                                                        				_t75 = _t74 ^ _t135;
                                                                                                                                                                                                                                                        				_v20 = _t74 ^ _t135;
                                                                                                                                                                                                                                                        				if(_t125 < _t120) {
                                                                                                                                                                                                                                                        					L3:
                                                                                                                                                                                                                                                        					E00BEECB0(_t75, _v20 ^ _t135, _t120);
                                                                                                                                                                                                                                                        					return _t101;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v32 = __ecx;
                                                                                                                                                                                                                                                        				_t75 = _t120 & 0x0000001f;
                                                                                                                                                                                                                                                        				if((_t120 & 0x0000001f) != 0) {
                                                                                                                                                                                                                                                        					goto L3;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t126 = _t125 + 0xfffffff8;
                                                                                                                                                                                                                                                        				_t5 = _t120 + 0x14; // 0x14
                                                                                                                                                                                                                                                        				_t129 = _t5;
                                                                                                                                                                                                                                                        				_t101 = 0;
                                                                                                                                                                                                                                                        				_t79 = _t126;
                                                                                                                                                                                                                                                        				_t75 = _t79 / _t129;
                                                                                                                                                                                                                                                        				_t120 = _t79 % _t129;
                                                                                                                                                                                                                                                        				if(_t129 <= _t126) {
                                                                                                                                                                                                                                                        					_t108 = _a4;
                                                                                                                                                                                                                                                        					_t130 = _v32;
                                                                                                                                                                                                                                                        					_v36 = _t75;
                                                                                                                                                                                                                                                        					_v40 = 8 + (_t75 + _t75 * 4) * 4;
                                                                                                                                                                                                                                                        					 *_t130 = _t108;
                                                                                                                                                                                                                                                        					 *_t108 = 0;
                                                                                                                                                                                                                                                        					_t109 =  *_t130;
                                                                                                                                                                                                                                                        					_v44 =  &(_t130[1]);
                                                                                                                                                                                                                                                        					_t83 = 0;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_v60 = _t101;
                                                                                                                                                                                                                                                        						_v28 = _t109;
                                                                                                                                                                                                                                                        						_v48 = _t83;
                                                                                                                                                                                                                                                        						_push(0x24);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						 *_t83 = 0;
                                                                                                                                                                                                                                                        						 *(_t83 + 4) = 0;
                                                                                                                                                                                                                                                        						_v24 = _t83;
                                                                                                                                                                                                                                                        						_t127 = _t83;
                                                                                                                                                                                                                                                        						_v56 = _t83 + 4;
                                                                                                                                                                                                                                                        						_t86 = E00BE70E0( &_v24, _t101, _v44, _t130[1], _t127,  &_v24);
                                                                                                                                                                                                                                                        						_t138 = _t136 + 8;
                                                                                                                                                                                                                                                        						_t131 = _v24;
                                                                                                                                                                                                                                                        						if(_t131 != 0) {
                                                                                                                                                                                                                                                        							_t32 = _t131 + 4; // 0x404
                                                                                                                                                                                                                                                        							E00BC51B0(E00BC51B0(_t86, _t32), _t131);
                                                                                                                                                                                                                                                        							_push(_t131);
                                                                                                                                                                                                                                                        							L00BEF6C0();
                                                                                                                                                                                                                                                        							_t138 = _t138 + 4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t102 = _v28;
                                                                                                                                                                                                                                                        						_t132 = _v60;
                                                                                                                                                                                                                                                        						_t120 = _t127;
                                                                                                                                                                                                                                                        						_t36 = _t132 + 0x10; // 0x14
                                                                                                                                                                                                                                                        						_t38 = _t132 + 0x14; // 0x18
                                                                                                                                                                                                                                                        						_v52 = _t102 + _t36;
                                                                                                                                                                                                                                                        						_t75 = E00BE6CD0(_v32, _t127, _v56, _v52, _t102 + _t38);
                                                                                                                                                                                                                                                        						_t136 = _t138 + 0xc;
                                                                                                                                                                                                                                                        						if(_t75 == 0) {
                                                                                                                                                                                                                                                        							L11:
                                                                                                                                                                                                                                                        							_t101 = 0;
                                                                                                                                                                                                                                                        							goto L3;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t123 = _v40;
                                                                                                                                                                                                                                                        						_t46 = _t132 + 8; // 0xc
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t102 + _t132 + 8)) = _t123;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t102 + _t132 + 0xc)) = 1;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t127 + 0x10)) = _a4;
                                                                                                                                                                                                                                                        						_t114 = _a12;
                                                                                                                                                                                                                                                        						 *(_t127 + 8) = _t114;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t127 + 0x14)) = _t102 + _t46;
                                                                                                                                                                                                                                                        						_t103 = _v32;
                                                                                                                                                                                                                                                        						_v40 = _t123 + _t114;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t127 + 0xc)) =  *((intOrPtr*)(_t102 + _t132 + 8)) + _a4;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t127 + 0x18)) =  *((intOrPtr*)(_t103 + 0x18));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t127 + 0x1c)) =  *((intOrPtr*)(_t103 + 0x10));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t127 + 0x20)) =  *((intOrPtr*)(_t103 + 0x14));
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t103 + 0xc))))))(_t103,  *_t127, E00BE6D60, _t127);
                                                                                                                                                                                                                                                        						_t109 =  *_t103;
                                                                                                                                                                                                                                                        						_t120 = _t103;
                                                                                                                                                                                                                                                        						_t101 = _t132 + 0x14;
                                                                                                                                                                                                                                                        						_t130 = _t103;
                                                                                                                                                                                                                                                        						_t83 = _v48 + 1;
                                                                                                                                                                                                                                                        					} while (_t83 != _v36);
                                                                                                                                                                                                                                                        					_t104 = _t130;
                                                                                                                                                                                                                                                        					_v28 = _t130[4];
                                                                                                                                                                                                                                                        					_t128 =  *0xbfb6b0; // 0x0
                                                                                                                                                                                                                                                        					if(DuplicateHandle(GetCurrentProcess(), _t128, _v28,  &(_t109[1]), 0x100002, 0, 0) == 0) {
                                                                                                                                                                                                                                                        						goto L11;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t75 =  *_t104;
                                                                                                                                                                                                                                                        					_t101 = 1;
                                                                                                                                                                                                                                                        					 *( *_t104) = _v36;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L3;
                                                                                                                                                                                                                                                        			}







































                                                                                                                                                                                                                                                        0x00be6b19
                                                                                                                                                                                                                                                        0x00be6b1e
                                                                                                                                                                                                                                                        0x00be6b21
                                                                                                                                                                                                                                                        0x00be6b24
                                                                                                                                                                                                                                                        0x00be6b26
                                                                                                                                                                                                                                                        0x00be6b2a
                                                                                                                                                                                                                                                        0x00be6b2d
                                                                                                                                                                                                                                                        0x00be6b4b
                                                                                                                                                                                                                                                        0x00be6b50
                                                                                                                                                                                                                                                        0x00be6b5e
                                                                                                                                                                                                                                                        0x00be6b5e
                                                                                                                                                                                                                                                        0x00be6b31
                                                                                                                                                                                                                                                        0x00be6b34
                                                                                                                                                                                                                                                        0x00be6b37
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6b39
                                                                                                                                                                                                                                                        0x00be6b3c
                                                                                                                                                                                                                                                        0x00be6b3c
                                                                                                                                                                                                                                                        0x00be6b41
                                                                                                                                                                                                                                                        0x00be6b43
                                                                                                                                                                                                                                                        0x00be6b45
                                                                                                                                                                                                                                                        0x00be6b45
                                                                                                                                                                                                                                                        0x00be6b49
                                                                                                                                                                                                                                                        0x00be6b61
                                                                                                                                                                                                                                                        0x00be6b64
                                                                                                                                                                                                                                                        0x00be6b67
                                                                                                                                                                                                                                                        0x00be6b74
                                                                                                                                                                                                                                                        0x00be6b77
                                                                                                                                                                                                                                                        0x00be6b79
                                                                                                                                                                                                                                                        0x00be6b82
                                                                                                                                                                                                                                                        0x00be6b84
                                                                                                                                                                                                                                                        0x00be6b87
                                                                                                                                                                                                                                                        0x00be6b90
                                                                                                                                                                                                                                                        0x00be6b90
                                                                                                                                                                                                                                                        0x00be6b93
                                                                                                                                                                                                                                                        0x00be6b96
                                                                                                                                                                                                                                                        0x00be6b99
                                                                                                                                                                                                                                                        0x00be6b9b
                                                                                                                                                                                                                                                        0x00be6ba3
                                                                                                                                                                                                                                                        0x00be6ba9
                                                                                                                                                                                                                                                        0x00be6bb0
                                                                                                                                                                                                                                                        0x00be6bb6
                                                                                                                                                                                                                                                        0x00be6bbe
                                                                                                                                                                                                                                                        0x00be6bc5
                                                                                                                                                                                                                                                        0x00be6bca
                                                                                                                                                                                                                                                        0x00be6bcd
                                                                                                                                                                                                                                                        0x00be6bd2
                                                                                                                                                                                                                                                        0x00be6bd4
                                                                                                                                                                                                                                                        0x00be6bde
                                                                                                                                                                                                                                                        0x00be6be3
                                                                                                                                                                                                                                                        0x00be6be4
                                                                                                                                                                                                                                                        0x00be6be9
                                                                                                                                                                                                                                                        0x00be6be9
                                                                                                                                                                                                                                                        0x00be6bec
                                                                                                                                                                                                                                                        0x00be6bef
                                                                                                                                                                                                                                                        0x00be6bf2
                                                                                                                                                                                                                                                        0x00be6bf4
                                                                                                                                                                                                                                                        0x00be6bf8
                                                                                                                                                                                                                                                        0x00be6bfc
                                                                                                                                                                                                                                                        0x00be6c09
                                                                                                                                                                                                                                                        0x00be6c0e
                                                                                                                                                                                                                                                        0x00be6c13
                                                                                                                                                                                                                                                        0x00be6cc7
                                                                                                                                                                                                                                                        0x00be6cc7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6cc7
                                                                                                                                                                                                                                                        0x00be6c19
                                                                                                                                                                                                                                                        0x00be6c1f
                                                                                                                                                                                                                                                        0x00be6c23
                                                                                                                                                                                                                                                        0x00be6c27
                                                                                                                                                                                                                                                        0x00be6c2f
                                                                                                                                                                                                                                                        0x00be6c32
                                                                                                                                                                                                                                                        0x00be6c35
                                                                                                                                                                                                                                                        0x00be6c38
                                                                                                                                                                                                                                                        0x00be6c41
                                                                                                                                                                                                                                                        0x00be6c44
                                                                                                                                                                                                                                                        0x00be6c4a
                                                                                                                                                                                                                                                        0x00be6c50
                                                                                                                                                                                                                                                        0x00be6c56
                                                                                                                                                                                                                                                        0x00be6c5c
                                                                                                                                                                                                                                                        0x00be6c6d
                                                                                                                                                                                                                                                        0x00be6c72
                                                                                                                                                                                                                                                        0x00be6c77
                                                                                                                                                                                                                                                        0x00be6c79
                                                                                                                                                                                                                                                        0x00be6c7b
                                                                                                                                                                                                                                                        0x00be6c7d
                                                                                                                                                                                                                                                        0x00be6c7e
                                                                                                                                                                                                                                                        0x00be6c8d
                                                                                                                                                                                                                                                        0x00be6c91
                                                                                                                                                                                                                                                        0x00be6c94
                                                                                                                                                                                                                                                        0x00be6cb7
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6cb9
                                                                                                                                                                                                                                                        0x00be6cbe
                                                                                                                                                                                                                                                        0x00be6cc0
                                                                                                                                                                                                                                                        0x00be6cc0
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000024,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size,?,00000004), ref: 00BE6B9B
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000400,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE6BE4
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?), ref: 00BE6C9A
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,00000004,?,00100002,00000000,00000000,?,?,?,?,?,?,00000000,?,00BE9870), ref: 00BE6CAF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@??3@CurrentDuplicateHandleProcess
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 1210554287-0
                                                                                                                                                                                                                                                        • Opcode ID: 8f2af9c363fe39e2f52b88aa41391082d49400b027adaa09f41d466cd03c2b31
                                                                                                                                                                                                                                                        • Instruction ID: 31adca33ae094fbc8427cae42f6fb3ea864a56e48792547e2d894c821b9098aa
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8f2af9c363fe39e2f52b88aa41391082d49400b027adaa09f41d466cd03c2b31
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1F513AB5E006099FCB14CFA5D881AAEBBF5FF58310F1481A9E919AB351D730E945CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 54%
                                                                                                                                                                                                                                                        			E00BEC920(void __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				void _v32;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				char _v44;
                                                                                                                                                                                                                                                        				void _v48;
                                                                                                                                                                                                                                                        				void _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				void _v60;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				signed int _t77;
                                                                                                                                                                                                                                                        				signed int _t78;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				void _t92;
                                                                                                                                                                                                                                                        				signed int _t93;
                                                                                                                                                                                                                                                        				signed int _t96;
                                                                                                                                                                                                                                                        				intOrPtr _t97;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				void _t105;
                                                                                                                                                                                                                                                        				void _t109;
                                                                                                                                                                                                                                                        				void _t110;
                                                                                                                                                                                                                                                        				void* _t112;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				signed int _t115;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t117 = (_t115 & 0xfffffff8) - 0x30;
                                                                                                                                                                                                                                                        				_t74 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t109 = __ecx;
                                                                                                                                                                                                                                                        				_t108 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t74 ^ _t114;
                                                                                                                                                                                                                                                        				_t76 = E00BECB20( &_v32, __ecx);
                                                                                                                                                                                                                                                        				_t112 =  *0xbfb76c; // 0x0
                                                                                                                                                                                                                                                        				if(_t112 == 0) {
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0xc);
                                                                                                                                                                                                                                                        					_t117 = _t117 + 4;
                                                                                                                                                                                                                                                        					_t112 = _t76;
                                                                                                                                                                                                                                                        					 *(_t76 + 4) = 0;
                                                                                                                                                                                                                                                        					 *(_t76 + 8) = 0;
                                                                                                                                                                                                                                                        					 *_t76 = 0xc;
                                                                                                                                                                                                                                                        					 *0xbfb76c = _t76;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if( *((char*)(_t109 + 8)) != 0) {
                                                                                                                                                                                                                                                        					_t77 =  *(_t112 + 4);
                                                                                                                                                                                                                                                        					_t110 =  *_t112;
                                                                                                                                                                                                                                                        					_v56 = _t77;
                                                                                                                                                                                                                                                        					_t78 = _t77 * 4;
                                                                                                                                                                                                                                                        					_v52 = _t110;
                                                                                                                                                                                                                                                        					__eflags = _t78 + _t78 * 2;
                                                                                                                                                                                                                                                        					if(_t78 + _t78 * 2 <= 0) {
                                                                                                                                                                                                                                                        						goto L19;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t104 = _v56;
                                                                                                                                                                                                                                                        					_t110 = _v52;
                                                                                                                                                                                                                                                        					_v60 = _v32;
                                                                                                                                                                                                                                                        					_v48 = _v28;
                                                                                                                                                                                                                                                        					_t89 = _t104;
                                                                                                                                                                                                                                                        					do {
                                                                                                                                                                                                                                                        						_t108 = _v60;
                                                                                                                                                                                                                                                        						_t90 = _t89 >> 1;
                                                                                                                                                                                                                                                        						_t96 = _t90 + _t90 * 2;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(_t110 + _t96 * 4)) - _v60;
                                                                                                                                                                                                                                                        						if(__eflags < 0) {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_t110 = _t110 + _t96 * 4 + 0xc;
                                                                                                                                                                                                                                                        							_t89 = _t104 +  !_t90;
                                                                                                                                                                                                                                                        							__eflags = _t89;
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							goto L13;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t108 = _v48;
                                                                                                                                                                                                                                                        						__eflags =  *((intOrPtr*)(_t110 + 4 + _t96 * 4)) - _v48;
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t110 + 4 + _t96 * 4)) < _v48) {
                                                                                                                                                                                                                                                        							goto L12;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L13:
                                                                                                                                                                                                                                                        						__eflags = _t89;
                                                                                                                                                                                                                                                        						_t104 = _t89;
                                                                                                                                                                                                                                                        					} while (_t89 > 0);
                                                                                                                                                                                                                                                        					goto L19;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if( *(_t112 + 4) != 0) {
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						_t110 =  *_t112;
                                                                                                                                                                                                                                                        						L9:
                                                                                                                                                                                                                                                        						E00BEECB0(_t76, _v24 ^ _t114, _t108);
                                                                                                                                                                                                                                                        						return  *((intOrPtr*)(_t110 + 8));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t92 = _v32;
                                                                                                                                                                                                                                                        					_t97 = _v28;
                                                                                                                                                                                                                                                        					_v60 = _t92;
                                                                                                                                                                                                                                                        					__imp__moz_xmalloc(0x14);
                                                                                                                                                                                                                                                        					_t117 = _t117 + 4;
                                                                                                                                                                                                                                                        					 *(_t92 + 8) = 0;
                                                                                                                                                                                                                                                        					 *(_t92 + 4) = 0;
                                                                                                                                                                                                                                                        					 *(_t92 + 0x10) = 0;
                                                                                                                                                                                                                                                        					 *(_t92 + 0xc) = 0;
                                                                                                                                                                                                                                                        					_t110 = _t92;
                                                                                                                                                                                                                                                        					_t93 =  *(_t112 + 4);
                                                                                                                                                                                                                                                        					if(_t93 ==  *((intOrPtr*)(_t112 + 8))) {
                                                                                                                                                                                                                                                        						E00BECCD0(_t93, _t112);
                                                                                                                                                                                                                                                        						_t93 =  *(_t112 + 4);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t105 =  *_t112;
                                                                                                                                                                                                                                                        					_t108 = _v60;
                                                                                                                                                                                                                                                        					_t76 = _t93 + _t93 * 2;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t105 + 4 + _t76 * 4)) = _t97;
                                                                                                                                                                                                                                                        					 *(_t105 + _t76 * 4) = _v60;
                                                                                                                                                                                                                                                        					 *(_t105 + 8 + _t76 * 4) = _t110;
                                                                                                                                                                                                                                                        					 *(_t112 + 4) =  *(_t112 + 4) + 1;
                                                                                                                                                                                                                                                        					_t112 =  *0xbfb76c; // 0x0
                                                                                                                                                                                                                                                        					if(_t112 == 0 ||  *(_t112 + 4) == 0) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        						E00BB77D5(0x83, _t108, __eflags);
                                                                                                                                                                                                                                                        						L19:
                                                                                                                                                                                                                                                        						_t82 = _v52 + (_v56 + _v56 * 2) * 4;
                                                                                                                                                                                                                                                        						__eflags = _t110 - _t82;
                                                                                                                                                                                                                                                        						if(_t110 == _t82) {
                                                                                                                                                                                                                                                        							L22:
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [esp+0x20]");
                                                                                                                                                                                                                                                        							asm("movsd [esp+0x14], xmm0");
                                                                                                                                                                                                                                                        							__imp__moz_xmalloc(0x14);
                                                                                                                                                                                                                                                        							 *(_t82 + 8) = 0;
                                                                                                                                                                                                                                                        							 *(_t82 + 4) = 0;
                                                                                                                                                                                                                                                        							 *(_t82 + 0x10) = 0;
                                                                                                                                                                                                                                                        							 *(_t82 + 0xc) = 0;
                                                                                                                                                                                                                                                        							_v36 = _t82;
                                                                                                                                                                                                                                                        							_t108 = _t110;
                                                                                                                                                                                                                                                        							_t110 = E00BECB70(_t112, _t110,  &_v44);
                                                                                                                                                                                                                                                        							_t76 = _v36;
                                                                                                                                                                                                                                                        							_v36 = 0;
                                                                                                                                                                                                                                                        							__eflags = _t76;
                                                                                                                                                                                                                                                        							if(_t76 != 0) {
                                                                                                                                                                                                                                                        								free(_t76);
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t82 =  *_t110;
                                                                                                                                                                                                                                                        						__eflags = _t82 - _v32;
                                                                                                                                                                                                                                                        						if(_t82 > _v32) {
                                                                                                                                                                                                                                                        							goto L22;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t76 =  *(_t110 + 4);
                                                                                                                                                                                                                                                        						__eflags =  *(_t110 + 4) - _v28;
                                                                                                                                                                                                                                                        						if( *(_t110 + 4) >= _v28) {
                                                                                                                                                                                                                                                        							goto L9;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L22;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L8;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}































                                                                                                                                                                                                                                                        0x00bec929
                                                                                                                                                                                                                                                        0x00bec92c
                                                                                                                                                                                                                                                        0x00bec931
                                                                                                                                                                                                                                                        0x00bec937
                                                                                                                                                                                                                                                        0x00bec93b
                                                                                                                                                                                                                                                        0x00bec93f
                                                                                                                                                                                                                                                        0x00bec944
                                                                                                                                                                                                                                                        0x00bec94c
                                                                                                                                                                                                                                                        0x00bec950
                                                                                                                                                                                                                                                        0x00bec956
                                                                                                                                                                                                                                                        0x00bec959
                                                                                                                                                                                                                                                        0x00bec95b
                                                                                                                                                                                                                                                        0x00bec962
                                                                                                                                                                                                                                                        0x00bec969
                                                                                                                                                                                                                                                        0x00bec96f
                                                                                                                                                                                                                                                        0x00bec96f
                                                                                                                                                                                                                                                        0x00bec978
                                                                                                                                                                                                                                                        0x00beca10
                                                                                                                                                                                                                                                        0x00beca13
                                                                                                                                                                                                                                                        0x00beca15
                                                                                                                                                                                                                                                        0x00beca19
                                                                                                                                                                                                                                                        0x00beca20
                                                                                                                                                                                                                                                        0x00beca27
                                                                                                                                                                                                                                                        0x00beca29
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca2f
                                                                                                                                                                                                                                                        0x00beca33
                                                                                                                                                                                                                                                        0x00beca37
                                                                                                                                                                                                                                                        0x00beca3f
                                                                                                                                                                                                                                                        0x00beca43
                                                                                                                                                                                                                                                        0x00beca57
                                                                                                                                                                                                                                                        0x00beca57
                                                                                                                                                                                                                                                        0x00beca5b
                                                                                                                                                                                                                                                        0x00beca5d
                                                                                                                                                                                                                                                        0x00beca60
                                                                                                                                                                                                                                                        0x00beca63
                                                                                                                                                                                                                                                        0x00beca47
                                                                                                                                                                                                                                                        0x00beca4c
                                                                                                                                                                                                                                                        0x00beca4f
                                                                                                                                                                                                                                                        0x00beca4f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca4f
                                                                                                                                                                                                                                                        0x00beca65
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca67
                                                                                                                                                                                                                                                        0x00beca6b
                                                                                                                                                                                                                                                        0x00beca6f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca51
                                                                                                                                                                                                                                                        0x00beca51
                                                                                                                                                                                                                                                        0x00beca53
                                                                                                                                                                                                                                                        0x00beca53
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec97e
                                                                                                                                                                                                                                                        0x00bec982
                                                                                                                                                                                                                                                        0x00bec9f6
                                                                                                                                                                                                                                                        0x00bec9f6
                                                                                                                                                                                                                                                        0x00bec9f8
                                                                                                                                                                                                                                                        0x00beca01
                                                                                                                                                                                                                                                        0x00beca0f
                                                                                                                                                                                                                                                        0x00beca0f
                                                                                                                                                                                                                                                        0x00bec984
                                                                                                                                                                                                                                                        0x00bec988
                                                                                                                                                                                                                                                        0x00bec98c
                                                                                                                                                                                                                                                        0x00bec992
                                                                                                                                                                                                                                                        0x00bec998
                                                                                                                                                                                                                                                        0x00bec99b
                                                                                                                                                                                                                                                        0x00bec9a2
                                                                                                                                                                                                                                                        0x00bec9a9
                                                                                                                                                                                                                                                        0x00bec9b0
                                                                                                                                                                                                                                                        0x00bec9b7
                                                                                                                                                                                                                                                        0x00bec9b9
                                                                                                                                                                                                                                                        0x00bec9bf
                                                                                                                                                                                                                                                        0x00bec9c3
                                                                                                                                                                                                                                                        0x00bec9c8
                                                                                                                                                                                                                                                        0x00bec9c8
                                                                                                                                                                                                                                                        0x00bec9cb
                                                                                                                                                                                                                                                        0x00bec9cd
                                                                                                                                                                                                                                                        0x00bec9d1
                                                                                                                                                                                                                                                        0x00bec9d4
                                                                                                                                                                                                                                                        0x00bec9d8
                                                                                                                                                                                                                                                        0x00bec9db
                                                                                                                                                                                                                                                        0x00bec9df
                                                                                                                                                                                                                                                        0x00bec9e2
                                                                                                                                                                                                                                                        0x00bec9ea
                                                                                                                                                                                                                                                        0x00beca73
                                                                                                                                                                                                                                                        0x00beca79
                                                                                                                                                                                                                                                        0x00beca7e
                                                                                                                                                                                                                                                        0x00beca89
                                                                                                                                                                                                                                                        0x00beca8c
                                                                                                                                                                                                                                                        0x00beca8e
                                                                                                                                                                                                                                                        0x00becaa5
                                                                                                                                                                                                                                                        0x00becaa5
                                                                                                                                                                                                                                                        0x00becaab
                                                                                                                                                                                                                                                        0x00becab3
                                                                                                                                                                                                                                                        0x00becabc
                                                                                                                                                                                                                                                        0x00becac3
                                                                                                                                                                                                                                                        0x00becaca
                                                                                                                                                                                                                                                        0x00becad1
                                                                                                                                                                                                                                                        0x00becad8
                                                                                                                                                                                                                                                        0x00becae2
                                                                                                                                                                                                                                                        0x00becaed
                                                                                                                                                                                                                                                        0x00becaef
                                                                                                                                                                                                                                                        0x00becaf3
                                                                                                                                                                                                                                                        0x00becafb
                                                                                                                                                                                                                                                        0x00becafd
                                                                                                                                                                                                                                                        0x00becb04
                                                                                                                                                                                                                                                        0x00becb0a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00becafd
                                                                                                                                                                                                                                                        0x00beca90
                                                                                                                                                                                                                                                        0x00beca92
                                                                                                                                                                                                                                                        0x00beca96
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00beca98
                                                                                                                                                                                                                                                        0x00beca9b
                                                                                                                                                                                                                                                        0x00beca9f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bec9ea

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(0000000C), ref: 00BEC950
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000014), ref: 00BEC992
                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000014), ref: 00BECAB3
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BECB04
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$free
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3441548216-0
                                                                                                                                                                                                                                                        • Opcode ID: b81194caae34b3ebe8b1936c4bef903eef2c9d867a3a496e5fb77119d2905233
                                                                                                                                                                                                                                                        • Instruction ID: e18ba196bcfd73b4d6957cf28c8761ab0a74bd202fa89671672047bfdfc24a12
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b81194caae34b3ebe8b1936c4bef903eef2c9d867a3a496e5fb77119d2905233
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC5188B46043458FD310CF19C584B2ABBE1FB88714F158AADE8999B361DB35ED16CF82
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 82%
                                                                                                                                                                                                                                                        			E00BD74E0(intOrPtr _a4, char _a8, char _a12, char _a16, char _a20, char _a24, char _a28, char _a32, long _a36) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				char* _v60;
                                                                                                                                                                                                                                                        				intOrPtr _v64;
                                                                                                                                                                                                                                                        				char _v68;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				char _v108;
                                                                                                                                                                                                                                                        				long _v112;
                                                                                                                                                                                                                                                        				long _v120;
                                                                                                                                                                                                                                                        				char _v132;
                                                                                                                                                                                                                                                        				char _v136;
                                                                                                                                                                                                                                                        				char _v140;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t40;
                                                                                                                                                                                                                                                        				long _t42;
                                                                                                                                                                                                                                                        				intOrPtr* _t44;
                                                                                                                                                                                                                                                        				long _t58;
                                                                                                                                                                                                                                                        				long _t59;
                                                                                                                                                                                                                                                        				char _t61;
                                                                                                                                                                                                                                                        				intOrPtr _t70;
                                                                                                                                                                                                                                                        				long _t71;
                                                                                                                                                                                                                                                        				long _t73;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t61 = _a8;
                                                                                                                                                                                                                                                        				_t68 = _a20;
                                                                                                                                                                                                                                                        				_v108 = _a12;
                                                                                                                                                                                                                                                        				_v112 = _a16;
                                                                                                                                                                                                                                                        				_t40 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v24 = _t40 ^ _t74;
                                                                                                                                                                                                                                                        				_t70 = _t61;
                                                                                                                                                                                                                                                        				_t42 = _a4(_t61, _v108, _v112, _a20, _a24, _a28, _a32, _a36);
                                                                                                                                                                                                                                                        				_t73 = _t42;
                                                                                                                                                                                                                                                        				if(_t42 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t58 = _a36;
                                                                                                                                                                                                                                                        					E00BC4600(_t58, _t68, _t70, _t73, "CreateNamedPipeW", _t70);
                                                                                                                                                                                                                                                        					_t44 = E00BE3760();
                                                                                                                                                                                                                                                        					_t68 =  *_t44;
                                                                                                                                                                                                                                                        					_t42 = E00BE9C60( *((intOrPtr*)( *_t44 + 8))(), _t45);
                                                                                                                                                                                                                                                        					_t73 = 0xffffffff;
                                                                                                                                                                                                                                                        					__eflags = _t42;
                                                                                                                                                                                                                                                        					if(_t42 == 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t42 = GetLastError();
                                                                                                                                                                                                                                                        					__eflags = _t58;
                                                                                                                                                                                                                                                        					if(__eflags != 0) {
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t71 = _t42;
                                                                                                                                                                                                                                                        					_t42 = E00BE3830(__eflags);
                                                                                                                                                                                                                                                        					__eflags = _t42;
                                                                                                                                                                                                                                                        					if(_t42 == 0) {
                                                                                                                                                                                                                                                        						L6:
                                                                                                                                                                                                                                                        						SetLastError(_t71);
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t59 = _t42;
                                                                                                                                                                                                                                                        					_v68 = 1;
                                                                                                                                                                                                                                                        					_v64 = 1;
                                                                                                                                                                                                                                                        					_v60 =  &_a8;
                                                                                                                                                                                                                                                        					_t42 = E00BD95D0(_t68, 8,  &_v68);
                                                                                                                                                                                                                                                        					__eflags = _t42;
                                                                                                                                                                                                                                                        					if(_t42 != 0) {
                                                                                                                                                                                                                                                        						E00BE67D0( &_v136, _t59);
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v84 = 0;
                                                                                                                                                                                                                                                        						_t68 =  &_a8;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x30], xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x20], xmm0");
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						_t42 = E00BD7650( &_v140,  &_a8, __eflags,  &_a12,  &_a16,  &_a20,  &_a24,  &_a28,  &_a32,  &_v132);
                                                                                                                                                                                                                                                        						__eflags = _t42;
                                                                                                                                                                                                                                                        						if(_t42 != 0) {
                                                                                                                                                                                                                                                        							goto L6;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						SetLastError(_v120);
                                                                                                                                                                                                                                                        						__eflags = _v120;
                                                                                                                                                                                                                                                        						_t73 = 0xffffffff;
                                                                                                                                                                                                                                                        						if(_v120 == 0) {
                                                                                                                                                                                                                                                        							_t42 = E00BC4830( &_a8, "CreateNamedPipeW", _a8);
                                                                                                                                                                                                                                                        							_t73 = _v112;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L1;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L1:
                                                                                                                                                                                                                                                        				E00BEECB0(_t42, _v56 ^ _t74, _t68);
                                                                                                                                                                                                                                                        				return _t73;
                                                                                                                                                                                                                                                        			}





























                                                                                                                                                                                                                                                        0x00bd74ef
                                                                                                                                                                                                                                                        0x00bd74f2
                                                                                                                                                                                                                                                        0x00bd74fe
                                                                                                                                                                                                                                                        0x00bd7505
                                                                                                                                                                                                                                                        0x00bd7508
                                                                                                                                                                                                                                                        0x00bd750f
                                                                                                                                                                                                                                                        0x00bd7517
                                                                                                                                                                                                                                                        0x00bd7525
                                                                                                                                                                                                                                                        0x00bd7528
                                                                                                                                                                                                                                                        0x00bd752d
                                                                                                                                                                                                                                                        0x00bd7546
                                                                                                                                                                                                                                                        0x00bd754f
                                                                                                                                                                                                                                                        0x00bd7557
                                                                                                                                                                                                                                                        0x00bd755c
                                                                                                                                                                                                                                                        0x00bd7565
                                                                                                                                                                                                                                                        0x00bd756a
                                                                                                                                                                                                                                                        0x00bd756f
                                                                                                                                                                                                                                                        0x00bd7571
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7573
                                                                                                                                                                                                                                                        0x00bd7579
                                                                                                                                                                                                                                                        0x00bd757b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd757d
                                                                                                                                                                                                                                                        0x00bd757f
                                                                                                                                                                                                                                                        0x00bd7584
                                                                                                                                                                                                                                                        0x00bd7586
                                                                                                                                                                                                                                                        0x00bd75b4
                                                                                                                                                                                                                                                        0x00bd75b5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd75b5
                                                                                                                                                                                                                                                        0x00bd7588
                                                                                                                                                                                                                                                        0x00bd758d
                                                                                                                                                                                                                                                        0x00bd7595
                                                                                                                                                                                                                                                        0x00bd759d
                                                                                                                                                                                                                                                        0x00bd75a8
                                                                                                                                                                                                                                                        0x00bd75b0
                                                                                                                                                                                                                                                        0x00bd75b2
                                                                                                                                                                                                                                                        0x00bd75c5
                                                                                                                                                                                                                                                        0x00bd75ca
                                                                                                                                                                                                                                                        0x00bd75d1
                                                                                                                                                                                                                                                        0x00bd75dc
                                                                                                                                                                                                                                                        0x00bd75e3
                                                                                                                                                                                                                                                        0x00bd75e8
                                                                                                                                                                                                                                                        0x00bd75ed
                                                                                                                                                                                                                                                        0x00bd7608
                                                                                                                                                                                                                                                        0x00bd7610
                                                                                                                                                                                                                                                        0x00bd7612
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7618
                                                                                                                                                                                                                                                        0x00bd761e
                                                                                                                                                                                                                                                        0x00bd7623
                                                                                                                                                                                                                                                        0x00bd7628
                                                                                                                                                                                                                                                        0x00bd7636
                                                                                                                                                                                                                                                        0x00bd763e
                                                                                                                                                                                                                                                        0x00bd763e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd7628
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd75b2
                                                                                                                                                                                                                                                        0x00bd752f
                                                                                                                                                                                                                                                        0x00bd7535
                                                                                                                                                                                                                                                        0x00bd7543

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00BD7573
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00BD75B5
                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(?,?,?,?,?,?,?,00000000), ref: 00BD7618
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorLast
                                                                                                                                                                                                                                                        • String ID: CreateNamedPipeW
                                                                                                                                                                                                                                                        • API String ID: 1452528299-2502196537
                                                                                                                                                                                                                                                        • Opcode ID: 0c65a71aa1ebabaad0f237cc8fbfb98bd5bfdf5349f6c994c137631efcf33e01
                                                                                                                                                                                                                                                        • Instruction ID: 3ca1810f1c6a3a27de37b20735ca0d90e517c4f3904af75be99f101ad722d015
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0c65a71aa1ebabaad0f237cc8fbfb98bd5bfdf5349f6c994c137631efcf33e01
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DE4182755042489BCB00DF64E845AEBB7E8EF98368F004699FD5593291FB31DA44CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 29%
                                                                                                                                                                                                                                                        			E00BC2380(intOrPtr* _a4, intOrPtr _a8, signed int _a12) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v28;
                                                                                                                                                                                                                                                        				signed int _t44;
                                                                                                                                                                                                                                                        				signed int _t49;
                                                                                                                                                                                                                                                        				intOrPtr _t58;
                                                                                                                                                                                                                                                        				intOrPtr _t64;
                                                                                                                                                                                                                                                        				char _t67;
                                                                                                                                                                                                                                                        				char _t68;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				intOrPtr* _t80;
                                                                                                                                                                                                                                                        				signed int _t88;
                                                                                                                                                                                                                                                        				signed int _t89;
                                                                                                                                                                                                                                                        				intOrPtr* _t90;
                                                                                                                                                                                                                                                        				signed int _t91;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t44 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t90 = _a4;
                                                                                                                                                                                                                                                        				_t70 = _a12;
                                                                                                                                                                                                                                                        				_t89 = 0;
                                                                                                                                                                                                                                                        				_v20 = _t44 ^ _t91;
                                                                                                                                                                                                                                                        				_t88 =  *(_t90 +  *((intOrPtr*)( *_t90 + 4)) + 0x20);
                                                                                                                                                                                                                                                        				_t49 =  <  ? 0 : _t88 - _t70;
                                                                                                                                                                                                                                                        				asm("sbb ecx, 0x0");
                                                                                                                                                                                                                                                        				if(_t88 >= 1) {
                                                                                                                                                                                                                                                        					_t89 = _t49;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BBD780( &_v28, _t90);
                                                                                                                                                                                                                                                        				if(_v24 == 0) {
                                                                                                                                                                                                                                                        					_t71 = 4;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t58 =  *((intOrPtr*)( *_t90 + 4));
                                                                                                                                                                                                                                                        					if((0x000001c0 &  *(_t90 + _t58 + 0x14)) == 0x40) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						_push(0);
                                                                                                                                                                                                                                                        						_push(_t70);
                                                                                                                                                                                                                                                        						_push(_a8);
                                                                                                                                                                                                                                                        						if(( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t90 + _t58 + 0x38)))) + 0x24))() ^ _t70 | _t88) != 0) {
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t71 = 0;
                                                                                                                                                                                                                                                        							if(_t89 != 0) {
                                                                                                                                                                                                                                                        								goto L17;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_t89 != 0) {
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t68 =  *((char*)(_t90 + _t58 + 0x40));
                                                                                                                                                                                                                                                        								__imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z(_t68);
                                                                                                                                                                                                                                                        								if(_t68 == 0xffffffff) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t89 = _t89 - 1;
                                                                                                                                                                                                                                                        								_t58 =  *((intOrPtr*)( *_t90 + 4));
                                                                                                                                                                                                                                                        								if(_t89 == 0) {
                                                                                                                                                                                                                                                        									goto L4;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								L21:
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t71 = 4;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								L17:
                                                                                                                                                                                                                                                        								_t67 =  *((char*)(_t90 +  *((intOrPtr*)( *_t90 + 4)) + 0x40));
                                                                                                                                                                                                                                                        								__imp__?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z(_t67);
                                                                                                                                                                                                                                                        								if(_t67 == 0xffffffff) {
                                                                                                                                                                                                                                                        									break;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t89 = _t89 - 1;
                                                                                                                                                                                                                                                        								if(_t89 == 0) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									continue;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L21;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							L20:
                                                                                                                                                                                                                                                        							_t71 = 4;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							_t89 = 0;
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L7:
                                                                                                                                                                                                                                                        					_t64 =  *((intOrPtr*)( *_t90 + 4));
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t90 + _t64 + 0x24)) = 0;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t90 + _t64 + 0x20)) = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z(_t71 |  *(_t90 +  *((intOrPtr*)( *_t90 + 4)) + 0xc), 0);
                                                                                                                                                                                                                                                        				__imp__?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ();
                                                                                                                                                                                                                                                        				_t80 =  *((intOrPtr*)(_v28 +  *((intOrPtr*)( *_v28 + 4)) + 0x38));
                                                                                                                                                                                                                                                        				if(_t80 != 0) {
                                                                                                                                                                                                                                                        					_t53 =  *((intOrPtr*)( *_t80 + 8))();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t53, _v20 ^ _t91, _t88);
                                                                                                                                                                                                                                                        				return _t90;
                                                                                                                                                                                                                                                        				goto L21;
                                                                                                                                                                                                                                                        			}



















                                                                                                                                                                                                                                                        0x00bc2389
                                                                                                                                                                                                                                                        0x00bc238e
                                                                                                                                                                                                                                                        0x00bc2391
                                                                                                                                                                                                                                                        0x00bc2394
                                                                                                                                                                                                                                                        0x00bc2398
                                                                                                                                                                                                                                                        0x00bc23a0
                                                                                                                                                                                                                                                        0x00bc23ac
                                                                                                                                                                                                                                                        0x00bc23b2
                                                                                                                                                                                                                                                        0x00bc23b5
                                                                                                                                                                                                                                                        0x00bc246a
                                                                                                                                                                                                                                                        0x00bc246a
                                                                                                                                                                                                                                                        0x00bc23bf
                                                                                                                                                                                                                                                        0x00bc23c8
                                                                                                                                                                                                                                                        0x00bc2471
                                                                                                                                                                                                                                                        0x00bc23ce
                                                                                                                                                                                                                                                        0x00bc23d5
                                                                                                                                                                                                                                                        0x00bc23df
                                                                                                                                                                                                                                                        0x00bc23eb
                                                                                                                                                                                                                                                        0x00bc23f1
                                                                                                                                                                                                                                                        0x00bc23f3
                                                                                                                                                                                                                                                        0x00bc23f4
                                                                                                                                                                                                                                                        0x00bc23fe
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2404
                                                                                                                                                                                                                                                        0x00bc2404
                                                                                                                                                                                                                                                        0x00bc2408
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2408
                                                                                                                                                                                                                                                        0x00bc23e1
                                                                                                                                                                                                                                                        0x00bc23e3
                                                                                                                                                                                                                                                        0x00bc2478
                                                                                                                                                                                                                                                        0x00bc247c
                                                                                                                                                                                                                                                        0x00bc2482
                                                                                                                                                                                                                                                        0x00bc248b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc248f
                                                                                                                                                                                                                                                        0x00bc2490
                                                                                                                                                                                                                                                        0x00bc2493
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2499
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2499
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc2493
                                                                                                                                                                                                                                                        0x00bc249b
                                                                                                                                                                                                                                                        0x00bc24a0
                                                                                                                                                                                                                                                        0x00bc24a0
                                                                                                                                                                                                                                                        0x00bc24a9
                                                                                                                                                                                                                                                        0x00bc24af
                                                                                                                                                                                                                                                        0x00bc24b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24ba
                                                                                                                                                                                                                                                        0x00bc24bb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24c1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24c1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc24bb
                                                                                                                                                                                                                                                        0x00bc24c3
                                                                                                                                                                                                                                                        0x00bc24c3
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc23e9
                                                                                                                                                                                                                                                        0x00bc23e3
                                                                                                                                                                                                                                                        0x00bc240e
                                                                                                                                                                                                                                                        0x00bc2410
                                                                                                                                                                                                                                                        0x00bc2413
                                                                                                                                                                                                                                                        0x00bc241b
                                                                                                                                                                                                                                                        0x00bc241b
                                                                                                                                                                                                                                                        0x00bc2432
                                                                                                                                                                                                                                                        0x00bc243b
                                                                                                                                                                                                                                                        0x00bc2449
                                                                                                                                                                                                                                                        0x00bc244f
                                                                                                                                                                                                                                                        0x00bc2453
                                                                                                                                                                                                                                                        0x00bc2453
                                                                                                                                                                                                                                                        0x00bc245b
                                                                                                                                                                                                                                                        0x00bc2469
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000), ref: 00BC2432
                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140 ref: 00BC243B
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(00000000), ref: 00BC2482
                                                                                                                                                                                                                                                        • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z.MSVCP140(00000000), ref: 00BC24AF
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?sputc@?$basic_streambuf@$?clear@?$basic_ios@Osfx@?$basic_ostream@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2262293658-0
                                                                                                                                                                                                                                                        • Opcode ID: 5dd5c6fcd26aafa9f3971b382ecddb26564dfa6558a3c313d33e21be02f97eea
                                                                                                                                                                                                                                                        • Instruction ID: 63b9da179cf16bd25d41fe670ee2d0e78c99c8c85d72498928afa00be29bbd20
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5dd5c6fcd26aafa9f3971b382ecddb26564dfa6558a3c313d33e21be02f97eea
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 31410B742006009FD729CF69C994F7ABBE5EF88314F54459CEA968B3A1CB35EC45CB50
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                                                                                                                        			E00BC3200(void* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				unsigned int _v20;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				void* _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				intOrPtr _v84;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* _t93;
                                                                                                                                                                                                                                                        				void* _t96;
                                                                                                                                                                                                                                                        				signed int _t99;
                                                                                                                                                                                                                                                        				void _t109;
                                                                                                                                                                                                                                                        				intOrPtr _t112;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				signed int _t123;
                                                                                                                                                                                                                                                        				signed int _t125;
                                                                                                                                                                                                                                                        				signed int _t129;
                                                                                                                                                                                                                                                        				void* _t130;
                                                                                                                                                                                                                                                        				void* _t131;
                                                                                                                                                                                                                                                        				signed int _t134;
                                                                                                                                                                                                                                                        				signed int _t140;
                                                                                                                                                                                                                                                        				void* _t142;
                                                                                                                                                                                                                                                        				void _t147;
                                                                                                                                                                                                                                                        				signed int _t150;
                                                                                                                                                                                                                                                        				unsigned int _t155;
                                                                                                                                                                                                                                                        				signed int _t156;
                                                                                                                                                                                                                                                        				signed int _t157;
                                                                                                                                                                                                                                                        				unsigned int _t160;
                                                                                                                                                                                                                                                        				intOrPtr _t161;
                                                                                                                                                                                                                                                        				void* _t162;
                                                                                                                                                                                                                                                        				void _t166;
                                                                                                                                                                                                                                                        				void _t167;
                                                                                                                                                                                                                                                        				signed int _t170;
                                                                                                                                                                                                                                                        				intOrPtr _t173;
                                                                                                                                                                                                                                                        				void* _t174;
                                                                                                                                                                                                                                                        				void* _t175;
                                                                                                                                                                                                                                                        				signed int _t176;
                                                                                                                                                                                                                                                        				signed int _t177;
                                                                                                                                                                                                                                                        				signed int _t178;
                                                                                                                                                                                                                                                        				signed int _t179;
                                                                                                                                                                                                                                                        				signed int _t180;
                                                                                                                                                                                                                                                        				void* _t181;
                                                                                                                                                                                                                                                        				void** _t182;
                                                                                                                                                                                                                                                        				signed int _t183;
                                                                                                                                                                                                                                                        				void* _t184;
                                                                                                                                                                                                                                                        				unsigned int _t185;
                                                                                                                                                                                                                                                        				unsigned int _t187;
                                                                                                                                                                                                                                                        				void* _t188;
                                                                                                                                                                                                                                                        				signed int _t192;
                                                                                                                                                                                                                                                        				unsigned int _t193;
                                                                                                                                                                                                                                                        				signed int _t195;
                                                                                                                                                                                                                                                        				void* _t196;
                                                                                                                                                                                                                                                        				void* _t198;
                                                                                                                                                                                                                                                        				void* _t199;
                                                                                                                                                                                                                                                        				signed int _t200;
                                                                                                                                                                                                                                                        				void* _t203;
                                                                                                                                                                                                                                                        				void* _t206;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t135 = __ecx;
                                                                                                                                                                                                                                                        				_t199 = _t198 - 0x10;
                                                                                                                                                                                                                                                        				_t157 =  *(__ecx + 0x10);
                                                                                                                                                                                                                                                        				_t173 = _a4;
                                                                                                                                                                                                                                                        				_t129 = 0x7ffffffe;
                                                                                                                                                                                                                                                        				if(0x7ffffffe - _t157 < _t173) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t180 = _t173 + _t157;
                                                                                                                                                                                                                                                        					_v28 = _t157;
                                                                                                                                                                                                                                                        					_v32 = __ecx;
                                                                                                                                                                                                                                                        					_v20 =  *((intOrPtr*)(__ecx + 0x14));
                                                                                                                                                                                                                                                        					_t123 = _t180 | 0x00000007;
                                                                                                                                                                                                                                                        					if(_t123 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        						_t193 = _v20;
                                                                                                                                                                                                                                                        						_t129 = 0x7ffffffe;
                                                                                                                                                                                                                                                        						_t155 = _t193 >> 1;
                                                                                                                                                                                                                                                        						_t157 = 0x7ffffffe - _t155;
                                                                                                                                                                                                                                                        						_t156 = _t155 + _t193;
                                                                                                                                                                                                                                                        						if(_t123 >= _t156) {
                                                                                                                                                                                                                                                        							_t156 = _t123;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_v20 <= _t157) {
                                                                                                                                                                                                                                                        							_t129 = _t156;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t181 = _v32;
                                                                                                                                                                                                                                                        					_t10 = _t129 + 1; // 0x7fffffff
                                                                                                                                                                                                                                                        					_t135 = _t181;
                                                                                                                                                                                                                                                        					_t125 = E00BBA8A0(_t10);
                                                                                                                                                                                                                                                        					 *(_t181 + 0x10) = _t180;
                                                                                                                                                                                                                                                        					 *(_t181 + 0x14) = _t129;
                                                                                                                                                                                                                                                        					_t129 = _v20;
                                                                                                                                                                                                                                                        					_v24 = _t125;
                                                                                                                                                                                                                                                        					if(_t129 >= 8) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_t174 =  *_t181;
                                                                                                                                                                                                                                                        						memcpy(_v24, _t174, _v28 + _v28 + 2);
                                                                                                                                                                                                                                                        						_t200 = _t199 + 0xc;
                                                                                                                                                                                                                                                        						_t25 = _t129 + 2; // 0x80000000
                                                                                                                                                                                                                                                        						_t93 = _t129 + _t25;
                                                                                                                                                                                                                                                        						if(_t93 < 0x1000) {
                                                                                                                                                                                                                                                        							L13:
                                                                                                                                                                                                                                                        							_push(_t93);
                                                                                                                                                                                                                                                        							_push(_t174);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t182 = _v32;
                                                                                                                                                                                                                                                        							goto L8;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t96 = _t174;
                                                                                                                                                                                                                                                        							_t174 =  *(_t174 - 4);
                                                                                                                                                                                                                                                        							if(_t96 + 0xfffffffc - _t174 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t195 = _t200;
                                                                                                                                                                                                                                                        								_push(_t129);
                                                                                                                                                                                                                                                        								_push(_t174);
                                                                                                                                                                                                                                                        								_push(_t181);
                                                                                                                                                                                                                                                        								_t203 = _t200 - 8;
                                                                                                                                                                                                                                                        								_t99 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        								_t130 = _t157 + _t157;
                                                                                                                                                                                                                                                        								_t183 = _t157;
                                                                                                                                                                                                                                                        								_t175 = _t135;
                                                                                                                                                                                                                                                        								_v48 = _t99 ^ _t195;
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t135 + 0x14)) -  *((intOrPtr*)(_t135 + 0xc)) >> 2 >= _t130) {
                                                                                                                                                                                                                                                        									L18:
                                                                                                                                                                                                                                                        									_v28 =  *((intOrPtr*)(_t175 + 4));
                                                                                                                                                                                                                                                        									_push( &_v28);
                                                                                                                                                                                                                                                        									L20();
                                                                                                                                                                                                                                                        									_t38 = _t183 - 1; // 0x7
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t175 + 0x18)) = _t38;
                                                                                                                                                                                                                                                        									 *(_t175 + 0x1c) = _t183;
                                                                                                                                                                                                                                                        									return E00BEECB0(_t38, _v24 ^ _t195, _t130);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t130 >= 0x40000000) {
                                                                                                                                                                                                                                                        										E00BC14B0(_t130, _t135);
                                                                                                                                                                                                                                                        										_push(_t195);
                                                                                                                                                                                                                                                        										_t196 = _t203;
                                                                                                                                                                                                                                                        										_push(_t130);
                                                                                                                                                                                                                                                        										_push(_t175);
                                                                                                                                                                                                                                                        										_push(_t183);
                                                                                                                                                                                                                                                        										_t206 = _t203 - 8;
                                                                                                                                                                                                                                                        										_t184 = _t135;
                                                                                                                                                                                                                                                        										_t109 =  *_t135;
                                                                                                                                                                                                                                                        										_t131 = _v40;
                                                                                                                                                                                                                                                        										_t176 = _t157;
                                                                                                                                                                                                                                                        										_t140 =  *((intOrPtr*)(_t135 + 8)) - _t109;
                                                                                                                                                                                                                                                        										_t160 = _t140 >> 2;
                                                                                                                                                                                                                                                        										if(_t160 < _t176) {
                                                                                                                                                                                                                                                        											_v32 = _t184;
                                                                                                                                                                                                                                                        											if(_t176 >= 0x40000000) {
                                                                                                                                                                                                                                                        												_t110 = E00BC14B0(_t131, _t140);
                                                                                                                                                                                                                                                        												goto L53;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_v28 = 0x3fffffff;
                                                                                                                                                                                                                                                        												_t187 = _t160 >> 1;
                                                                                                                                                                                                                                                        												_v28 = _v28 - _t187;
                                                                                                                                                                                                                                                        												_t188 = _t187 + _t160;
                                                                                                                                                                                                                                                        												_t189 =  <  ? _t176 : _t188;
                                                                                                                                                                                                                                                        												_t184 =  >  ? _t176 :  <  ? _t176 : _t188;
                                                                                                                                                                                                                                                        												_v28 = _t184;
                                                                                                                                                                                                                                                        												if(_t109 == 0) {
                                                                                                                                                                                                                                                        													L40:
                                                                                                                                                                                                                                                        													_t184 = _v32;
                                                                                                                                                                                                                                                        													E00BC3620(_t131, _t184, _v28);
                                                                                                                                                                                                                                                        													_t147 =  *_t184;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														_t109 =  *_t131;
                                                                                                                                                                                                                                                        														 *_t147 = _t109;
                                                                                                                                                                                                                                                        														_t147 = _t147 + 4;
                                                                                                                                                                                                                                                        														_t176 = _t176 - 1;
                                                                                                                                                                                                                                                        													} while (_t176 != 0);
                                                                                                                                                                                                                                                        													goto L27;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													if(_t140 < 0x1000) {
                                                                                                                                                                                                                                                        														_t166 = _t109;
                                                                                                                                                                                                                                                        														goto L39;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t160 =  *(_t109 - 4);
                                                                                                                                                                                                                                                        														_t110 = _t109 + 0xfffffffc - _t160;
                                                                                                                                                                                                                                                        														if(_t109 + 0xfffffffc - _t160 >= 0x20) {
                                                                                                                                                                                                                                                        															L53:
                                                                                                                                                                                                                                                        															__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															_push(_t196);
                                                                                                                                                                                                                                                        															_push(_t131);
                                                                                                                                                                                                                                                        															_push(_t176);
                                                                                                                                                                                                                                                        															_push(_t184);
                                                                                                                                                                                                                                                        															_t177 = _t140;
                                                                                                                                                                                                                                                        															_t185 = _t160;
                                                                                                                                                                                                                                                        															_t134 =  *((intOrPtr*)(_t140 + 4)) -  *_t140 >> 2;
                                                                                                                                                                                                                                                        															_v84 = E00BC3560(_t110, _t160);
                                                                                                                                                                                                                                                        															_t112 =  *_t177;
                                                                                                                                                                                                                                                        															_t161 =  *((intOrPtr*)(_t177 + 4));
                                                                                                                                                                                                                                                        															if(_t112 != _t161) {
                                                                                                                                                                                                                                                        																_t162 = _t161 - _t112;
                                                                                                                                                                                                                                                        																_t142 = 0;
                                                                                                                                                                                                                                                        																while(1) {
                                                                                                                                                                                                                                                        																	_v32 = _t142;
                                                                                                                                                                                                                                                        																	_v40 = _t162;
                                                                                                                                                                                                                                                        																	_v44 = _t112;
                                                                                                                                                                                                                                                        																	_v32 = _v32 + 4;
                                                                                                                                                                                                                                                        																	 *((intOrPtr*)(_v36 + _v32)) =  *((intOrPtr*)(_t112 + _v32));
                                                                                                                                                                                                                                                        																	_t162 = _v40;
                                                                                                                                                                                                                                                        																	_t112 = _v44;
                                                                                                                                                                                                                                                        																	_t142 = _v32;
                                                                                                                                                                                                                                                        																	if(_t162 == _v32) {
                                                                                                                                                                                                                                                        																		goto L55;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        															L55:
                                                                                                                                                                                                                                                        															return E00BC35C0(_t134, _t177, _v36, _t134, _t185);
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t140 = _t140 + 0x23;
                                                                                                                                                                                                                                                        															L39:
                                                                                                                                                                                                                                                        															_push(_t140);
                                                                                                                                                                                                                                                        															_push(_t166);
                                                                                                                                                                                                                                                        															L00BEF6C6();
                                                                                                                                                                                                                                                        															_t206 = _t206 + 8;
                                                                                                                                                                                                                                                        															goto L40;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t167 =  *(_t184 + 4);
                                                                                                                                                                                                                                                        											_t150 = _t167 - _t109 >> 2;
                                                                                                                                                                                                                                                        											if(_t150 >= _t176) {
                                                                                                                                                                                                                                                        												_t147 = _t109 + _t176 * 4;
                                                                                                                                                                                                                                                        												if(_t176 != 0) {
                                                                                                                                                                                                                                                        													_t178 = _t176 << 2;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														 *_t109 =  *_t131;
                                                                                                                                                                                                                                                        														_t109 = _t109 + 4;
                                                                                                                                                                                                                                                        														_t178 = _t178 + 0xfffffffc;
                                                                                                                                                                                                                                                        													} while (_t178 != 0);
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												if(_t109 != _t167) {
                                                                                                                                                                                                                                                        													_v32 = _t184;
                                                                                                                                                                                                                                                        													do {
                                                                                                                                                                                                                                                        														 *_t109 =  *_t131;
                                                                                                                                                                                                                                                        														_t109 = _t109 + 4;
                                                                                                                                                                                                                                                        													} while (_t167 != _t109);
                                                                                                                                                                                                                                                        													_t184 = _v32;
                                                                                                                                                                                                                                                        													_t109 =  *(_t184 + 4);
                                                                                                                                                                                                                                                        													_t179 = _t176 - _t150;
                                                                                                                                                                                                                                                        													if(_t179 != 0) {
                                                                                                                                                                                                                                                        														goto L24;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L50;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t179 = _t176 - _t150;
                                                                                                                                                                                                                                                        													if(_t179 == 0) {
                                                                                                                                                                                                                                                        														L50:
                                                                                                                                                                                                                                                        														_t147 = _t109;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														L24:
                                                                                                                                                                                                                                                        														if(_t179 >= 8) {
                                                                                                                                                                                                                                                        															_t46 = _t131 + 1; // 0xbc334e
                                                                                                                                                                                                                                                        															if(_t46 <= _t109 || _t109 + _t179 * 4 <= _t131) {
                                                                                                                                                                                                                                                        																asm("movd xmm0, dword [ebx]");
                                                                                                                                                                                                                                                        																_v32 = _t184;
                                                                                                                                                                                                                                                        																_t192 = _t179 & 0xfffffff8;
                                                                                                                                                                                                                                                        																_t147 = _t109 + _t192 * 4;
                                                                                                                                                                                                                                                        																_t170 = _t179 - _t192;
                                                                                                                                                                                                                                                        																_t117 = _t109 + 0x10;
                                                                                                                                                                                                                                                        																_v28 = _t192;
                                                                                                                                                                                                                                                        																asm("pshufd xmm0, xmm0, 0x0");
                                                                                                                                                                                                                                                        																asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        																do {
                                                                                                                                                                                                                                                        																	asm("movdqu [eax-0x10], xmm0");
                                                                                                                                                                                                                                                        																	asm("movdqu [eax], xmm0");
                                                                                                                                                                                                                                                        																	_t117 = _t117 + 0x20;
                                                                                                                                                                                                                                                        																	_t192 = _t192 + 0xfffffff8;
                                                                                                                                                                                                                                                        																} while (_t192 != 0);
                                                                                                                                                                                                                                                        																_t184 = _v32;
                                                                                                                                                                                                                                                        																if(_t179 != _v28) {
                                                                                                                                                                                                                                                        																	goto L26;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																goto L25;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															L25:
                                                                                                                                                                                                                                                        															_t170 = _t179;
                                                                                                                                                                                                                                                        															_t147 = _t109;
                                                                                                                                                                                                                                                        															do {
                                                                                                                                                                                                                                                        																L26:
                                                                                                                                                                                                                                                        																_t109 =  *_t131;
                                                                                                                                                                                                                                                        																 *_t147 = _t109;
                                                                                                                                                                                                                                                        																_t147 = _t147 + 4;
                                                                                                                                                                                                                                                        																_t170 = _t170 - 1;
                                                                                                                                                                                                                                                        															} while (_t170 != 0);
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											L27:
                                                                                                                                                                                                                                                        											 *(_t184 + 4) = _t147;
                                                                                                                                                                                                                                                        											return _t109;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L54();
                                                                                                                                                                                                                                                        										goto L18;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t93 = _v20 + _v20 + 0x25;
                                                                                                                                                                                                                                                        								goto L13;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						memcpy(_v24, _t181, _v28 + _v28 + 2);
                                                                                                                                                                                                                                                        						L8:
                                                                                                                                                                                                                                                        						 *_t182 = _v24;
                                                                                                                                                                                                                                                        						return _t182;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}






























































                                                                                                                                                                                                                                                        0x00bc3200
                                                                                                                                                                                                                                                        0x00bc3206
                                                                                                                                                                                                                                                        0x00bc3209
                                                                                                                                                                                                                                                        0x00bc320c
                                                                                                                                                                                                                                                        0x00bc3214
                                                                                                                                                                                                                                                        0x00bc321d
                                                                                                                                                                                                                                                        0x00bc32a5
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3223
                                                                                                                                                                                                                                                        0x00bc3228
                                                                                                                                                                                                                                                        0x00bc322a
                                                                                                                                                                                                                                                        0x00bc322d
                                                                                                                                                                                                                                                        0x00bc3230
                                                                                                                                                                                                                                                        0x00bc3235
                                                                                                                                                                                                                                                        0x00bc323d
                                                                                                                                                                                                                                                        0x00bc323f
                                                                                                                                                                                                                                                        0x00bc3247
                                                                                                                                                                                                                                                        0x00bc324e
                                                                                                                                                                                                                                                        0x00bc3250
                                                                                                                                                                                                                                                        0x00bc3252
                                                                                                                                                                                                                                                        0x00bc3256
                                                                                                                                                                                                                                                        0x00bc3258
                                                                                                                                                                                                                                                        0x00bc3258
                                                                                                                                                                                                                                                        0x00bc325d
                                                                                                                                                                                                                                                        0x00bc325f
                                                                                                                                                                                                                                                        0x00bc325f
                                                                                                                                                                                                                                                        0x00bc325d
                                                                                                                                                                                                                                                        0x00bc3261
                                                                                                                                                                                                                                                        0x00bc3264
                                                                                                                                                                                                                                                        0x00bc3267
                                                                                                                                                                                                                                                        0x00bc326a
                                                                                                                                                                                                                                                        0x00bc326f
                                                                                                                                                                                                                                                        0x00bc3272
                                                                                                                                                                                                                                                        0x00bc3275
                                                                                                                                                                                                                                                        0x00bc3278
                                                                                                                                                                                                                                                        0x00bc327e
                                                                                                                                                                                                                                                        0x00bc32aa
                                                                                                                                                                                                                                                        0x00bc32ad
                                                                                                                                                                                                                                                        0x00bc32b8
                                                                                                                                                                                                                                                        0x00bc32bd
                                                                                                                                                                                                                                                        0x00bc32c0
                                                                                                                                                                                                                                                        0x00bc32c0
                                                                                                                                                                                                                                                        0x00bc32c9
                                                                                                                                                                                                                                                        0x00bc32e2
                                                                                                                                                                                                                                                        0x00bc32e2
                                                                                                                                                                                                                                                        0x00bc32e3
                                                                                                                                                                                                                                                        0x00bc32e4
                                                                                                                                                                                                                                                        0x00bc32ec
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc32cb
                                                                                                                                                                                                                                                        0x00bc32cb
                                                                                                                                                                                                                                                        0x00bc32cd
                                                                                                                                                                                                                                                        0x00bc32d8
                                                                                                                                                                                                                                                        0x00bc32f1
                                                                                                                                                                                                                                                        0x00bc32f7
                                                                                                                                                                                                                                                        0x00bc32f8
                                                                                                                                                                                                                                                        0x00bc32f9
                                                                                                                                                                                                                                                        0x00bc32fa
                                                                                                                                                                                                                                                        0x00bc32fb
                                                                                                                                                                                                                                                        0x00bc32fc
                                                                                                                                                                                                                                                        0x00bc32fd
                                                                                                                                                                                                                                                        0x00bc32fe
                                                                                                                                                                                                                                                        0x00bc32ff
                                                                                                                                                                                                                                                        0x00bc3301
                                                                                                                                                                                                                                                        0x00bc3303
                                                                                                                                                                                                                                                        0x00bc3304
                                                                                                                                                                                                                                                        0x00bc3305
                                                                                                                                                                                                                                                        0x00bc3306
                                                                                                                                                                                                                                                        0x00bc3309
                                                                                                                                                                                                                                                        0x00bc330e
                                                                                                                                                                                                                                                        0x00bc3311
                                                                                                                                                                                                                                                        0x00bc3313
                                                                                                                                                                                                                                                        0x00bc3317
                                                                                                                                                                                                                                                        0x00bc3325
                                                                                                                                                                                                                                                        0x00bc3339
                                                                                                                                                                                                                                                        0x00bc3341
                                                                                                                                                                                                                                                        0x00bc3347
                                                                                                                                                                                                                                                        0x00bc3348
                                                                                                                                                                                                                                                        0x00bc3350
                                                                                                                                                                                                                                                        0x00bc3353
                                                                                                                                                                                                                                                        0x00bc3356
                                                                                                                                                                                                                                                        0x00bc336a
                                                                                                                                                                                                                                                        0x00bc3327
                                                                                                                                                                                                                                                        0x00bc332d
                                                                                                                                                                                                                                                        0x00bc336b
                                                                                                                                                                                                                                                        0x00bc3370
                                                                                                                                                                                                                                                        0x00bc3371
                                                                                                                                                                                                                                                        0x00bc3373
                                                                                                                                                                                                                                                        0x00bc3374
                                                                                                                                                                                                                                                        0x00bc3375
                                                                                                                                                                                                                                                        0x00bc3376
                                                                                                                                                                                                                                                        0x00bc3379
                                                                                                                                                                                                                                                        0x00bc337b
                                                                                                                                                                                                                                                        0x00bc3380
                                                                                                                                                                                                                                                        0x00bc3383
                                                                                                                                                                                                                                                        0x00bc3385
                                                                                                                                                                                                                                                        0x00bc3389
                                                                                                                                                                                                                                                        0x00bc338e
                                                                                                                                                                                                                                                        0x00bc3431
                                                                                                                                                                                                                                                        0x00bc3434
                                                                                                                                                                                                                                                        0x00bc34e2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc343a
                                                                                                                                                                                                                                                        0x00bc343c
                                                                                                                                                                                                                                                        0x00bc3443
                                                                                                                                                                                                                                                        0x00bc3445
                                                                                                                                                                                                                                                        0x00bc3448
                                                                                                                                                                                                                                                        0x00bc344c
                                                                                                                                                                                                                                                        0x00bc3452
                                                                                                                                                                                                                                                        0x00bc3457
                                                                                                                                                                                                                                                        0x00bc345a
                                                                                                                                                                                                                                                        0x00bc347e
                                                                                                                                                                                                                                                        0x00bc347e
                                                                                                                                                                                                                                                        0x00bc3486
                                                                                                                                                                                                                                                        0x00bc348b
                                                                                                                                                                                                                                                        0x00bc348d
                                                                                                                                                                                                                                                        0x00bc348d
                                                                                                                                                                                                                                                        0x00bc348f
                                                                                                                                                                                                                                                        0x00bc3491
                                                                                                                                                                                                                                                        0x00bc3494
                                                                                                                                                                                                                                                        0x00bc3494
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc345c
                                                                                                                                                                                                                                                        0x00bc3462
                                                                                                                                                                                                                                                        0x00bc34de
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3464
                                                                                                                                                                                                                                                        0x00bc3464
                                                                                                                                                                                                                                                        0x00bc346a
                                                                                                                                                                                                                                                        0x00bc346f
                                                                                                                                                                                                                                                        0x00bc34e7
                                                                                                                                                                                                                                                        0x00bc34e7
                                                                                                                                                                                                                                                        0x00bc34ed
                                                                                                                                                                                                                                                        0x00bc34ee
                                                                                                                                                                                                                                                        0x00bc34ef
                                                                                                                                                                                                                                                        0x00bc34f0
                                                                                                                                                                                                                                                        0x00bc34f3
                                                                                                                                                                                                                                                        0x00bc34f4
                                                                                                                                                                                                                                                        0x00bc34f5
                                                                                                                                                                                                                                                        0x00bc34fc
                                                                                                                                                                                                                                                        0x00bc34fe
                                                                                                                                                                                                                                                        0x00bc3504
                                                                                                                                                                                                                                                        0x00bc350c
                                                                                                                                                                                                                                                        0x00bc350f
                                                                                                                                                                                                                                                        0x00bc3511
                                                                                                                                                                                                                                                        0x00bc3516
                                                                                                                                                                                                                                                        0x00bc352c
                                                                                                                                                                                                                                                        0x00bc352e
                                                                                                                                                                                                                                                        0x00bc3530
                                                                                                                                                                                                                                                        0x00bc3530
                                                                                                                                                                                                                                                        0x00bc3533
                                                                                                                                                                                                                                                        0x00bc3536
                                                                                                                                                                                                                                                        0x00bc353f
                                                                                                                                                                                                                                                        0x00bc3549
                                                                                                                                                                                                                                                        0x00bc354c
                                                                                                                                                                                                                                                        0x00bc354f
                                                                                                                                                                                                                                                        0x00bc3552
                                                                                                                                                                                                                                                        0x00bc3558
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc355a
                                                                                                                                                                                                                                                        0x00bc3530
                                                                                                                                                                                                                                                        0x00bc3518
                                                                                                                                                                                                                                                        0x00bc352b
                                                                                                                                                                                                                                                        0x00bc3471
                                                                                                                                                                                                                                                        0x00bc3471
                                                                                                                                                                                                                                                        0x00bc3474
                                                                                                                                                                                                                                                        0x00bc3474
                                                                                                                                                                                                                                                        0x00bc3475
                                                                                                                                                                                                                                                        0x00bc3476
                                                                                                                                                                                                                                                        0x00bc347b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc347b
                                                                                                                                                                                                                                                        0x00bc346f
                                                                                                                                                                                                                                                        0x00bc3462
                                                                                                                                                                                                                                                        0x00bc345a
                                                                                                                                                                                                                                                        0x00bc3394
                                                                                                                                                                                                                                                        0x00bc3394
                                                                                                                                                                                                                                                        0x00bc339b
                                                                                                                                                                                                                                                        0x00bc33a0
                                                                                                                                                                                                                                                        0x00bc349c
                                                                                                                                                                                                                                                        0x00bc34a1
                                                                                                                                                                                                                                                        0x00bc34a7
                                                                                                                                                                                                                                                        0x00bc34aa
                                                                                                                                                                                                                                                        0x00bc34ac
                                                                                                                                                                                                                                                        0x00bc34ae
                                                                                                                                                                                                                                                        0x00bc34b1
                                                                                                                                                                                                                                                        0x00bc34b1
                                                                                                                                                                                                                                                        0x00bc34b6
                                                                                                                                                                                                                                                        0x00bc33a6
                                                                                                                                                                                                                                                        0x00bc33a8
                                                                                                                                                                                                                                                        0x00bc34bb
                                                                                                                                                                                                                                                        0x00bc34be
                                                                                                                                                                                                                                                        0x00bc34c0
                                                                                                                                                                                                                                                        0x00bc34c2
                                                                                                                                                                                                                                                        0x00bc34c5
                                                                                                                                                                                                                                                        0x00bc34c9
                                                                                                                                                                                                                                                        0x00bc34cc
                                                                                                                                                                                                                                                        0x00bc34cf
                                                                                                                                                                                                                                                        0x00bc34d1
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc33ae
                                                                                                                                                                                                                                                        0x00bc33ae
                                                                                                                                                                                                                                                        0x00bc33b0
                                                                                                                                                                                                                                                        0x00bc34d7
                                                                                                                                                                                                                                                        0x00bc34d7
                                                                                                                                                                                                                                                        0x00bc33b6
                                                                                                                                                                                                                                                        0x00bc33b6
                                                                                                                                                                                                                                                        0x00bc33b9
                                                                                                                                                                                                                                                        0x00bc33d5
                                                                                                                                                                                                                                                        0x00bc33da
                                                                                                                                                                                                                                                        0x00bc33e3
                                                                                                                                                                                                                                                        0x00bc33e7
                                                                                                                                                                                                                                                        0x00bc33ee
                                                                                                                                                                                                                                                        0x00bc33f1
                                                                                                                                                                                                                                                        0x00bc33f4
                                                                                                                                                                                                                                                        0x00bc33f6
                                                                                                                                                                                                                                                        0x00bc33f9
                                                                                                                                                                                                                                                        0x00bc33fc
                                                                                                                                                                                                                                                        0x00bc3401
                                                                                                                                                                                                                                                        0x00bc3410
                                                                                                                                                                                                                                                        0x00bc3410
                                                                                                                                                                                                                                                        0x00bc3415
                                                                                                                                                                                                                                                        0x00bc3419
                                                                                                                                                                                                                                                        0x00bc341c
                                                                                                                                                                                                                                                        0x00bc341c
                                                                                                                                                                                                                                                        0x00bc3424
                                                                                                                                                                                                                                                        0x00bc3427
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3429
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc33bb
                                                                                                                                                                                                                                                        0x00bc33bb
                                                                                                                                                                                                                                                        0x00bc33bb
                                                                                                                                                                                                                                                        0x00bc33bd
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33c2
                                                                                                                                                                                                                                                        0x00bc33c4
                                                                                                                                                                                                                                                        0x00bc33c7
                                                                                                                                                                                                                                                        0x00bc33c7
                                                                                                                                                                                                                                                        0x00bc33c0
                                                                                                                                                                                                                                                        0x00bc33b9
                                                                                                                                                                                                                                                        0x00bc33b0
                                                                                                                                                                                                                                                        0x00bc33a8
                                                                                                                                                                                                                                                        0x00bc33ca
                                                                                                                                                                                                                                                        0x00bc33ca
                                                                                                                                                                                                                                                        0x00bc33d4
                                                                                                                                                                                                                                                        0x00bc33d4
                                                                                                                                                                                                                                                        0x00bc332f
                                                                                                                                                                                                                                                        0x00bc3334
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc3334
                                                                                                                                                                                                                                                        0x00bc332d
                                                                                                                                                                                                                                                        0x00bc32da
                                                                                                                                                                                                                                                        0x00bc32df
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc32df
                                                                                                                                                                                                                                                        0x00bc32d8
                                                                                                                                                                                                                                                        0x00bc3280
                                                                                                                                                                                                                                                        0x00bc328c
                                                                                                                                                                                                                                                        0x00bc3294
                                                                                                                                                                                                                                                        0x00bc3297
                                                                                                                                                                                                                                                        0x00bc32a2
                                                                                                                                                                                                                                                        0x00bc32a2
                                                                                                                                                                                                                                                        0x00bc327e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(7FFFFFFF,?,?,7FFFFFFF,?,?,?,?,?,?,?,?,?), ref: 00BC328C
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC32B8
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,80000000,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC32E4
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BC32F1
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: c6281c4f4faf131676edb24b99719bfa426bc3ebdbbecb22173705da4602eb0f
                                                                                                                                                                                                                                                        • Instruction ID: 6b292dd462235877e6a41e6c25e78833c325d8166242c6381512768906a89990
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c6281c4f4faf131676edb24b99719bfa426bc3ebdbbecb22173705da4602eb0f
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B0319171A001169FCF14DFA8CC859AFB7F9FF89720B644669E425EB391D730AA4187A0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BEA340(char _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				int _v28;
                                                                                                                                                                                                                                                        				short _v44;
                                                                                                                                                                                                                                                        				void* _v48;
                                                                                                                                                                                                                                                        				int _v52;
                                                                                                                                                                                                                                                        				signed int _t21;
                                                                                                                                                                                                                                                        				int _t23;
                                                                                                                                                                                                                                                        				signed char _t24;
                                                                                                                                                                                                                                                        				long _t27;
                                                                                                                                                                                                                                                        				int _t32;
                                                                                                                                                                                                                                                        				int _t34;
                                                                                                                                                                                                                                                        				void* _t37;
                                                                                                                                                                                                                                                        				signed char _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t47;
                                                                                                                                                                                                                                                        				int _t49;
                                                                                                                                                                                                                                                        				wchar_t* _t50;
                                                                                                                                                                                                                                                        				char* _t51;
                                                                                                                                                                                                                                                        				intOrPtr* _t52;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        				void* _t54;
                                                                                                                                                                                                                                                        				void* _t55;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t21 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t52 =  &_a4;
                                                                                                                                                                                                                                                        				_t37 = 0xffffffb8;
                                                                                                                                                                                                                                                        				_v20 = _t21 ^ _t53;
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t50 =  *(_t37 + L"\\\\.\\");
                                                                                                                                                                                                                                                        					_t23 = wcslen(_t50);
                                                                                                                                                                                                                                                        					_t55 = _t54 + 4;
                                                                                                                                                                                                                                                        					_t41 =  *((intOrPtr*)(_t52 + 0x10));
                                                                                                                                                                                                                                                        					_t49 = _t52;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t52 + 0x14)) >= 8) {
                                                                                                                                                                                                                                                        						_t49 =  *_t52;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t24 = E00BC7470(_t49, _t41, 0, _t50, _t23);
                                                                                                                                                                                                                                                        					_t54 = _t55 + 0x14;
                                                                                                                                                                                                                                                        					if(_t24 == 0) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t37 = _t37 + 8;
                                                                                                                                                                                                                                                        					if(_t37 != 0) {
                                                                                                                                                                                                                                                        						continue;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t39 = 0;
                                                                                                                                                                                                                                                        					L9:
                                                                                                                                                                                                                                                        					E00BEECB0(E00BBDF30(_t24, _t52, _t49), _v20 ^ _t53, _t49);
                                                                                                                                                                                                                                                        					return _t39 & _t24;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__eflags = RegCreateKeyExW( *(_t37 + 0xbf1de8), 0xbf54a2, 0, 0, 0, 0x2000000, 0,  &_v48,  &_v52);
                                                                                                                                                                                                                                                        				if(__eflags == 0) {
                                                                                                                                                                                                                                                        					_t27 = E00BEA450(_t49, __eflags, _v48,  *((intOrPtr*)(_t52 + 0x18)));
                                                                                                                                                                                                                                                        					RegCloseKey(_v48);
                                                                                                                                                                                                                                                        					__eflags = _t27;
                                                                                                                                                                                                                                                        					if(_t27 == 0) {
                                                                                                                                                                                                                                                        						goto L7;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t32 = wcslen(_t50);
                                                                                                                                                                                                                                                        					_t51 =  &_v44;
                                                                                                                                                                                                                                                        					_v24 = 7;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					E00BC30B0(_t51, _t52, _t32, 0xffffffff);
                                                                                                                                                                                                                                                        					_t47 =  *((intOrPtr*)(_t52 + 0x18));
                                                                                                                                                                                                                                                        					_t34 = _v28;
                                                                                                                                                                                                                                                        					__eflags = _v24 - 7;
                                                                                                                                                                                                                                                        					_t49 = _t51;
                                                                                                                                                                                                                                                        					if(_v24 > 7) {
                                                                                                                                                                                                                                                        						_t49 = _v44;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					E00BBDF30(E00BB73B0(_t47, _t49, _t34), _t51, _t49);
                                                                                                                                                                                                                                                        					_t24 = 1;
                                                                                                                                                                                                                                                        					L8:
                                                                                                                                                                                                                                                        					_t39 = 1;
                                                                                                                                                                                                                                                        					goto L9;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L7:
                                                                                                                                                                                                                                                        				_t24 = 0;
                                                                                                                                                                                                                                                        				__eflags = 0;
                                                                                                                                                                                                                                                        				goto L8;
                                                                                                                                                                                                                                                        			}


























                                                                                                                                                                                                                                                        0x00bea349
                                                                                                                                                                                                                                                        0x00bea34e
                                                                                                                                                                                                                                                        0x00bea351
                                                                                                                                                                                                                                                        0x00bea358
                                                                                                                                                                                                                                                        0x00bea360
                                                                                                                                                                                                                                                        0x00bea360
                                                                                                                                                                                                                                                        0x00bea367
                                                                                                                                                                                                                                                        0x00bea36c
                                                                                                                                                                                                                                                        0x00bea36f
                                                                                                                                                                                                                                                        0x00bea376
                                                                                                                                                                                                                                                        0x00bea378
                                                                                                                                                                                                                                                        0x00bea37a
                                                                                                                                                                                                                                                        0x00bea37a
                                                                                                                                                                                                                                                        0x00bea382
                                                                                                                                                                                                                                                        0x00bea387
                                                                                                                                                                                                                                                        0x00bea38c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea38e
                                                                                                                                                                                                                                                        0x00bea391
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea393
                                                                                                                                                                                                                                                        0x00bea3c5
                                                                                                                                                                                                                                                        0x00bea3d3
                                                                                                                                                                                                                                                        0x00bea3e1
                                                                                                                                                                                                                                                        0x00bea3e1
                                                                                                                                                                                                                                                        0x00bea3bd
                                                                                                                                                                                                                                                        0x00bea3bf
                                                                                                                                                                                                                                                        0x00bea3e8
                                                                                                                                                                                                                                                        0x00bea3f5
                                                                                                                                                                                                                                                        0x00bea3fb
                                                                                                                                                                                                                                                        0x00bea3fd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea400
                                                                                                                                                                                                                                                        0x00bea408
                                                                                                                                                                                                                                                        0x00bea40b
                                                                                                                                                                                                                                                        0x00bea412
                                                                                                                                                                                                                                                        0x00bea419
                                                                                                                                                                                                                                                        0x00bea425
                                                                                                                                                                                                                                                        0x00bea42a
                                                                                                                                                                                                                                                        0x00bea42d
                                                                                                                                                                                                                                                        0x00bea430
                                                                                                                                                                                                                                                        0x00bea434
                                                                                                                                                                                                                                                        0x00bea436
                                                                                                                                                                                                                                                        0x00bea438
                                                                                                                                                                                                                                                        0x00bea438
                                                                                                                                                                                                                                                        0x00bea444
                                                                                                                                                                                                                                                        0x00bea449
                                                                                                                                                                                                                                                        0x00bea3c3
                                                                                                                                                                                                                                                        0x00bea3c3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea3c3
                                                                                                                                                                                                                                                        0x00bea3c1
                                                                                                                                                                                                                                                        0x00bea3c1
                                                                                                                                                                                                                                                        0x00bea3c1
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BEA367
                                                                                                                                                                                                                                                        • RegCreateKeyExW.ADVAPI32(?,00BF54A2,00000000,00000000,00000000,02000000,00000000,?,?), ref: 00BEA3B7
                                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?), ref: 00BEA3F5
                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 00BEA400
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: wcslen$CloseCreate
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3159950608-0
                                                                                                                                                                                                                                                        • Opcode ID: b691f5bac26268f87cfe713e42a4499e6de1a0566a0e40eb66741df19f096117
                                                                                                                                                                                                                                                        • Instruction ID: 6972abd2684828978b7d13c39768a16cabf9295907e72fddda4dbf0bd3b790e3
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b691f5bac26268f87cfe713e42a4499e6de1a0566a0e40eb66741df19f096117
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9731ED71A00204ABDB209F61DC82FBF77F9EF84714F140468F9016B281EB71B909D7A5
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                                                                                                                        			E00BC6B70(void* __ecx, signed int _a4, void* _a8, signed int _a12) {
                                                                                                                                                                                                                                                        				signed int _v0;
                                                                                                                                                                                                                                                        				signed int _v4;
                                                                                                                                                                                                                                                        				int _v8;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				void* _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void* _v52;
                                                                                                                                                                                                                                                        				signed int _v56;
                                                                                                                                                                                                                                                        				intOrPtr _v72;
                                                                                                                                                                                                                                                        				void* _v80;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed int _v88;
                                                                                                                                                                                                                                                        				void* _v92;
                                                                                                                                                                                                                                                        				char _v96;
                                                                                                                                                                                                                                                        				signed int _v120;
                                                                                                                                                                                                                                                        				void* _v136;
                                                                                                                                                                                                                                                        				signed int _v144;
                                                                                                                                                                                                                                                        				signed int _v148;
                                                                                                                                                                                                                                                        				intOrPtr _v152;
                                                                                                                                                                                                                                                        				signed int _v156;
                                                                                                                                                                                                                                                        				char _v160;
                                                                                                                                                                                                                                                        				signed int _v164;
                                                                                                                                                                                                                                                        				int _v168;
                                                                                                                                                                                                                                                        				signed int _v192;
                                                                                                                                                                                                                                                        				int _v200;
                                                                                                                                                                                                                                                        				int _v204;
                                                                                                                                                                                                                                                        				char _v208;
                                                                                                                                                                                                                                                        				signed int _t251;
                                                                                                                                                                                                                                                        				signed int _t252;
                                                                                                                                                                                                                                                        				signed int _t254;
                                                                                                                                                                                                                                                        				signed int _t259;
                                                                                                                                                                                                                                                        				signed int _t261;
                                                                                                                                                                                                                                                        				int _t266;
                                                                                                                                                                                                                                                        				signed int _t271;
                                                                                                                                                                                                                                                        				void* _t273;
                                                                                                                                                                                                                                                        				signed int _t277;
                                                                                                                                                                                                                                                        				signed int _t284;
                                                                                                                                                                                                                                                        				void* _t287;
                                                                                                                                                                                                                                                        				void* _t292;
                                                                                                                                                                                                                                                        				signed int _t294;
                                                                                                                                                                                                                                                        				signed int _t299;
                                                                                                                                                                                                                                                        				void _t303;
                                                                                                                                                                                                                                                        				signed int _t304;
                                                                                                                                                                                                                                                        				signed int _t306;
                                                                                                                                                                                                                                                        				void* _t308;
                                                                                                                                                                                                                                                        				signed int _t330;
                                                                                                                                                                                                                                                        				void* _t342;
                                                                                                                                                                                                                                                        				void* _t344;
                                                                                                                                                                                                                                                        				signed int _t345;
                                                                                                                                                                                                                                                        				void* _t349;
                                                                                                                                                                                                                                                        				void _t351;
                                                                                                                                                                                                                                                        				void _t356;
                                                                                                                                                                                                                                                        				signed int _t359;
                                                                                                                                                                                                                                                        				void* _t361;
                                                                                                                                                                                                                                                        				void* _t365;
                                                                                                                                                                                                                                                        				signed int _t367;
                                                                                                                                                                                                                                                        				signed int _t369;
                                                                                                                                                                                                                                                        				intOrPtr _t370;
                                                                                                                                                                                                                                                        				intOrPtr _t371;
                                                                                                                                                                                                                                                        				intOrPtr _t372;
                                                                                                                                                                                                                                                        				void _t373;
                                                                                                                                                                                                                                                        				void* _t375;
                                                                                                                                                                                                                                                        				void* _t377;
                                                                                                                                                                                                                                                        				int _t380;
                                                                                                                                                                                                                                                        				intOrPtr _t381;
                                                                                                                                                                                                                                                        				void* _t382;
                                                                                                                                                                                                                                                        				void* _t384;
                                                                                                                                                                                                                                                        				void* _t389;
                                                                                                                                                                                                                                                        				void* _t391;
                                                                                                                                                                                                                                                        				unsigned int _t393;
                                                                                                                                                                                                                                                        				void* _t394;
                                                                                                                                                                                                                                                        				void* _t397;
                                                                                                                                                                                                                                                        				void* _t399;
                                                                                                                                                                                                                                                        				signed int _t402;
                                                                                                                                                                                                                                                        				void* _t403;
                                                                                                                                                                                                                                                        				void* _t406;
                                                                                                                                                                                                                                                        				signed int _t407;
                                                                                                                                                                                                                                                        				intOrPtr _t409;
                                                                                                                                                                                                                                                        				int _t420;
                                                                                                                                                                                                                                                        				signed int _t425;
                                                                                                                                                                                                                                                        				void* _t426;
                                                                                                                                                                                                                                                        				void* _t429;
                                                                                                                                                                                                                                                        				void* _t431;
                                                                                                                                                                                                                                                        				void* _t442;
                                                                                                                                                                                                                                                        				signed int _t443;
                                                                                                                                                                                                                                                        				signed int _t454;
                                                                                                                                                                                                                                                        				void* _t463;
                                                                                                                                                                                                                                                        				void* _t475;
                                                                                                                                                                                                                                                        				void* _t478;
                                                                                                                                                                                                                                                        				intOrPtr _t480;
                                                                                                                                                                                                                                                        				signed int _t481;
                                                                                                                                                                                                                                                        				signed int _t482;
                                                                                                                                                                                                                                                        				signed int _t484;
                                                                                                                                                                                                                                                        				int _t487;
                                                                                                                                                                                                                                                        				signed int _t490;
                                                                                                                                                                                                                                                        				void* _t491;
                                                                                                                                                                                                                                                        				unsigned int _t494;
                                                                                                                                                                                                                                                        				void _t497;
                                                                                                                                                                                                                                                        				void* _t500;
                                                                                                                                                                                                                                                        				signed int _t504;
                                                                                                                                                                                                                                                        				void* _t511;
                                                                                                                                                                                                                                                        				unsigned int _t512;
                                                                                                                                                                                                                                                        				void _t515;
                                                                                                                                                                                                                                                        				void* _t516;
                                                                                                                                                                                                                                                        				int _t518;
                                                                                                                                                                                                                                                        				unsigned int _t523;
                                                                                                                                                                                                                                                        				void* _t524;
                                                                                                                                                                                                                                                        				void* _t527;
                                                                                                                                                                                                                                                        				intOrPtr _t528;
                                                                                                                                                                                                                                                        				void* _t530;
                                                                                                                                                                                                                                                        				intOrPtr _t531;
                                                                                                                                                                                                                                                        				unsigned int _t533;
                                                                                                                                                                                                                                                        				int _t534;
                                                                                                                                                                                                                                                        				int _t540;
                                                                                                                                                                                                                                                        				int _t541;
                                                                                                                                                                                                                                                        				signed int _t544;
                                                                                                                                                                                                                                                        				signed int _t546;
                                                                                                                                                                                                                                                        				unsigned int _t547;
                                                                                                                                                                                                                                                        				void* _t548;
                                                                                                                                                                                                                                                        				void _t549;
                                                                                                                                                                                                                                                        				void* _t551;
                                                                                                                                                                                                                                                        				void* _t552;
                                                                                                                                                                                                                                                        				signed int _t553;
                                                                                                                                                                                                                                                        				signed int _t554;
                                                                                                                                                                                                                                                        				void* _t559;
                                                                                                                                                                                                                                                        				signed int _t560;
                                                                                                                                                                                                                                                        				intOrPtr _t564;
                                                                                                                                                                                                                                                        				void* _t565;
                                                                                                                                                                                                                                                        				void* _t567;
                                                                                                                                                                                                                                                        				void* _t568;
                                                                                                                                                                                                                                                        				signed int _t570;
                                                                                                                                                                                                                                                        				void* _t573;
                                                                                                                                                                                                                                                        				void _t575;
                                                                                                                                                                                                                                                        				void* _t578;
                                                                                                                                                                                                                                                        				signed int _t579;
                                                                                                                                                                                                                                                        				signed int _t580;
                                                                                                                                                                                                                                                        				void _t584;
                                                                                                                                                                                                                                                        				void* _t585;
                                                                                                                                                                                                                                                        				unsigned int _t587;
                                                                                                                                                                                                                                                        				void* _t588;
                                                                                                                                                                                                                                                        				void* _t589;
                                                                                                                                                                                                                                                        				void* _t591;
                                                                                                                                                                                                                                                        				int _t592;
                                                                                                                                                                                                                                                        				signed int _t593;
                                                                                                                                                                                                                                                        				signed int _t594;
                                                                                                                                                                                                                                                        				signed int _t596;
                                                                                                                                                                                                                                                        				void* _t600;
                                                                                                                                                                                                                                                        				void* _t602;
                                                                                                                                                                                                                                                        				void* _t606;
                                                                                                                                                                                                                                                        				signed int _t607;
                                                                                                                                                                                                                                                        				void* _t608;
                                                                                                                                                                                                                                                        				signed int _t609;
                                                                                                                                                                                                                                                        				void* _t610;
                                                                                                                                                                                                                                                        				signed int _t611;
                                                                                                                                                                                                                                                        				void* _t612;
                                                                                                                                                                                                                                                        				void* _t613;
                                                                                                                                                                                                                                                        				signed int _t614;
                                                                                                                                                                                                                                                        				void* _t616;
                                                                                                                                                                                                                                                        				signed int _t617;
                                                                                                                                                                                                                                                        				void* _t618;
                                                                                                                                                                                                                                                        				signed int _t619;
                                                                                                                                                                                                                                                        				void* _t620;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t405 = __ecx;
                                                                                                                                                                                                                                                        				_push(_t523);
                                                                                                                                                                                                                                                        				_t613 = _t612 - 8;
                                                                                                                                                                                                                                                        				_t480 =  *((intOrPtr*)(__ecx + 0x10));
                                                                                                                                                                                                                                                        				_t367 = _a4;
                                                                                                                                                                                                                                                        				_t564 = 0x7fffffff;
                                                                                                                                                                                                                                                        				if(0x7fffffff - _t480 < _t367) {
                                                                                                                                                                                                                                                        					E00BBA890();
                                                                                                                                                                                                                                                        					goto L11;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t523 =  *(__ecx + 0x14);
                                                                                                                                                                                                                                                        					_t402 = _t367 + _t480;
                                                                                                                                                                                                                                                        					_v24 = _t480;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					_t359 = _t402 | 0x0000000f;
                                                                                                                                                                                                                                                        					if(_t359 >= 0) {
                                                                                                                                                                                                                                                        						_t478 = (_t523 >> 1) + _t523;
                                                                                                                                                                                                                                                        						_t479 =  >=  ? _t359 : _t478;
                                                                                                                                                                                                                                                        						_t564 =  <=  ?  >=  ? _t359 : _t478 : 0x7fffffff;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t7 = _t564 + 1; // 0x80000000
                                                                                                                                                                                                                                                        					_t361 = E00BBD730(_t7);
                                                                                                                                                                                                                                                        					_t475 = _v20;
                                                                                                                                                                                                                                                        					 *(_t475 + 0x10) = _t402;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t475 + 0x14)) = _t564;
                                                                                                                                                                                                                                                        					if(_t523 < 0x10) {
                                                                                                                                                                                                                                                        						_t518 = _v24 + 1;
                                                                                                                                                                                                                                                        						__eflags = _t518;
                                                                                                                                                                                                                                                        						_t600 = _t475;
                                                                                                                                                                                                                                                        						_t403 = _t361;
                                                                                                                                                                                                                                                        						memcpy(_t361, _t475, _t518);
                                                                                                                                                                                                                                                        						goto L9;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t602 =  *_t475;
                                                                                                                                                                                                                                                        						_t403 = _t361;
                                                                                                                                                                                                                                                        						memcpy(_t361, _t602, _v24 + 1);
                                                                                                                                                                                                                                                        						_t613 = _t613 + 0xc;
                                                                                                                                                                                                                                                        						_t405 = _t523 + 1;
                                                                                                                                                                                                                                                        						if(_t405 < 0x1000) {
                                                                                                                                                                                                                                                        							L7:
                                                                                                                                                                                                                                                        							_push(_t405);
                                                                                                                                                                                                                                                        							_push(_t602);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t600 = _v20;
                                                                                                                                                                                                                                                        							L9:
                                                                                                                                                                                                                                                        							 *_t600 = _t403;
                                                                                                                                                                                                                                                        							return _t600;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t365 =  *(_t602 - 4);
                                                                                                                                                                                                                                                        							_t564 = _t602 + 0xfffffffc - _t365;
                                                                                                                                                                                                                                                        							if(_t564 >= 0x20) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_t606 = _t613;
                                                                                                                                                                                                                                                        								_push(_t523);
                                                                                                                                                                                                                                                        								_push(_t564);
                                                                                                                                                                                                                                                        								_t524 =  *_t405;
                                                                                                                                                                                                                                                        								_t565 = _t405;
                                                                                                                                                                                                                                                        								memcpy(_t405, _t524,  *((intOrPtr*)(_t405 + 0x10)) + 1);
                                                                                                                                                                                                                                                        								_t614 = _t613 + 0xc;
                                                                                                                                                                                                                                                        								_t251 =  *(_t565 + 0x14);
                                                                                                                                                                                                                                                        								_t18 = _t251 + 1; // 0x11
                                                                                                                                                                                                                                                        								_t481 = _t18;
                                                                                                                                                                                                                                                        								__eflags = _t481 - 0x1000;
                                                                                                                                                                                                                                                        								if(_t481 < 0x1000) {
                                                                                                                                                                                                                                                        									L15:
                                                                                                                                                                                                                                                        									_push(_t481);
                                                                                                                                                                                                                                                        									_push(_t524);
                                                                                                                                                                                                                                                        									L00BEF6C6();
                                                                                                                                                                                                                                                        									 *(_t565 + 0x14) = 0xf;
                                                                                                                                                                                                                                                        									return _t251;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t406 =  *(_t524 - 4);
                                                                                                                                                                                                                                                        									_t527 = _t524 + 0xfffffffc - _t406;
                                                                                                                                                                                                                                                        									__eflags = _t527 - 0x20;
                                                                                                                                                                                                                                                        									if(_t527 >= 0x20) {
                                                                                                                                                                                                                                                        										__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										asm("int3");
                                                                                                                                                                                                                                                        										_push(_t606);
                                                                                                                                                                                                                                                        										_t607 = _t614;
                                                                                                                                                                                                                                                        										_push(_t367);
                                                                                                                                                                                                                                                        										_push(_t527);
                                                                                                                                                                                                                                                        										_push(_t565);
                                                                                                                                                                                                                                                        										_t616 = _t614 - 0x1c;
                                                                                                                                                                                                                                                        										_t252 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        										_v52 = _t252 ^ _t607;
                                                                                                                                                                                                                                                        										_t254 =  *(_t406 + 0x10);
                                                                                                                                                                                                                                                        										_t369 = _t254 - _v28;
                                                                                                                                                                                                                                                        										__eflags = _t369;
                                                                                                                                                                                                                                                        										if(__eflags < 0) {
                                                                                                                                                                                                                                                        											E00BBDAC0(_t406, __eflags);
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											asm("int3");
                                                                                                                                                                                                                                                        											_push(_t607);
                                                                                                                                                                                                                                                        											_t608 = _t616;
                                                                                                                                                                                                                                                        											_push(_t369);
                                                                                                                                                                                                                                                        											_push(_t527);
                                                                                                                                                                                                                                                        											_push(_t565);
                                                                                                                                                                                                                                                        											_t617 = _t616 - 0xc;
                                                                                                                                                                                                                                                        											_t482 =  *(_t406 + 0x10);
                                                                                                                                                                                                                                                        											_t528 = _v72;
                                                                                                                                                                                                                                                        											_t370 = 0x7ffffffe;
                                                                                                                                                                                                                                                        											__eflags = 0x7ffffffe - _t482 - _t528;
                                                                                                                                                                                                                                                        											if(0x7ffffffe - _t482 < _t528) {
                                                                                                                                                                                                                                                        												E00BBA890();
                                                                                                                                                                                                                                                        												goto L49;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t546 = _t528 + _t482;
                                                                                                                                                                                                                                                        												_t587 =  *(_t406 + 0x14);
                                                                                                                                                                                                                                                        												_v36 = _t482;
                                                                                                                                                                                                                                                        												_v40 = _t406;
                                                                                                                                                                                                                                                        												_v32 = _t546;
                                                                                                                                                                                                                                                        												_t306 = _t546 | 0x00000007;
                                                                                                                                                                                                                                                        												__eflags = _t306 - 0x7ffffffe;
                                                                                                                                                                                                                                                        												if(_t306 <= 0x7ffffffe) {
                                                                                                                                                                                                                                                        													_t393 = _t587 >> 1;
                                                                                                                                                                                                                                                        													_t394 = _t393 + _t587;
                                                                                                                                                                                                                                                        													__eflags = _t306 - _t394;
                                                                                                                                                                                                                                                        													_t395 =  >=  ? _t306 : _t394;
                                                                                                                                                                                                                                                        													__eflags = _t587 - 0x7ffffffe - _t393;
                                                                                                                                                                                                                                                        													_t370 =  >  ? 0x7ffffffe :  >=  ? _t306 : _t394;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_t547 = _t587;
                                                                                                                                                                                                                                                        												_t588 = _v40;
                                                                                                                                                                                                                                                        												_t103 = _t370 + 1; // 0x11
                                                                                                                                                                                                                                                        												_t308 = E00BBA8A0(_t103);
                                                                                                                                                                                                                                                        												__eflags = _t547 - 8;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t588 + 0x10)) = _v32;
                                                                                                                                                                                                                                                        												_t442 = _t588;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t588 + 0x14)) = _t370;
                                                                                                                                                                                                                                                        												if(_t547 < 8) {
                                                                                                                                                                                                                                                        													_t589 = _t442;
                                                                                                                                                                                                                                                        													_t389 = _t308;
                                                                                                                                                                                                                                                        													memcpy(_t308, _t442, _v0 + _v0);
                                                                                                                                                                                                                                                        													_t548 = _t389 + _v0 * 2;
                                                                                                                                                                                                                                                        													memcpy(_t548, _a8, _a12 + _a12);
                                                                                                                                                                                                                                                        													_t443 = _v0;
                                                                                                                                                                                                                                                        													_t504 = _v36 - _a4 + _t443;
                                                                                                                                                                                                                                                        													__eflags = _t504;
                                                                                                                                                                                                                                                        													memcpy(_t548 + _a12 * 2, _t589 + _t443 * 2 + _a4 * 2, _t504 + _t504 + 2);
                                                                                                                                                                                                                                                        													_t549 = _t389;
                                                                                                                                                                                                                                                        													goto L47;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t391 =  *_t442;
                                                                                                                                                                                                                                                        													_t591 = _t308;
                                                                                                                                                                                                                                                        													_v32 = _t547;
                                                                                                                                                                                                                                                        													memcpy(_t308, _t391, _v0 + _v0);
                                                                                                                                                                                                                                                        													_t551 = _t591 + _v0 * 2;
                                                                                                                                                                                                                                                        													memcpy(_t551, _a8, _a12 + _a12);
                                                                                                                                                                                                                                                        													memcpy(_t551 + _a12 * 2, _t391 + _v0 * 2 + _a4 * 2, _v36 - _a4 + _v0 + _v36 - _a4 + _v0 + 2);
                                                                                                                                                                                                                                                        													_t617 = _t617 + 0x24;
                                                                                                                                                                                                                                                        													_t406 = _v32;
                                                                                                                                                                                                                                                        													_t549 = _t591;
                                                                                                                                                                                                                                                        													_t589 = _v40;
                                                                                                                                                                                                                                                        													_t130 = _t406 + 2; // 0x13
                                                                                                                                                                                                                                                        													_t330 = _t406 + _t130;
                                                                                                                                                                                                                                                        													__eflags = _t330 - 0x1000;
                                                                                                                                                                                                                                                        													if(_t330 < 0x1000) {
                                                                                                                                                                                                                                                        														L45:
                                                                                                                                                                                                                                                        														_push(_t330);
                                                                                                                                                                                                                                                        														_push(_t391);
                                                                                                                                                                                                                                                        														L00BEF6C6();
                                                                                                                                                                                                                                                        														L47:
                                                                                                                                                                                                                                                        														 *_t589 = _t549;
                                                                                                                                                                                                                                                        														return _t589;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_t370 =  *((intOrPtr*)(_t391 - 4));
                                                                                                                                                                                                                                                        														__eflags = _t391 + 0xfffffffc - _t370 - 0x20;
                                                                                                                                                                                                                                                        														if(_t391 + 0xfffffffc - _t370 >= 0x20) {
                                                                                                                                                                                                                                                        															L49:
                                                                                                                                                                                                                                                        															__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															asm("int3");
                                                                                                                                                                                                                                                        															_push(_t608);
                                                                                                                                                                                                                                                        															_t609 = _t617;
                                                                                                                                                                                                                                                        															_push(_t370);
                                                                                                                                                                                                                                                        															_push(_t528);
                                                                                                                                                                                                                                                        															_push(_t565);
                                                                                                                                                                                                                                                        															_t618 = _t617 - 0x18;
                                                                                                                                                                                                                                                        															_t259 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        															_t483 = _v96;
                                                                                                                                                                                                                                                        															_v120 = _t259 ^ _t609;
                                                                                                                                                                                                                                                        															_t261 =  *(_t406 + 0x10);
                                                                                                                                                                                                                                                        															_t530 = _t261 - _t483;
                                                                                                                                                                                                                                                        															__eflags = _t530;
                                                                                                                                                                                                                                                        															if(__eflags < 0) {
                                                                                                                                                                                                                                                        																E00BBDAC0(_t406, __eflags);
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																asm("int3");
                                                                                                                                                                                                                                                        																_push(_t609);
                                                                                                                                                                                                                                                        																_t610 = _t618;
                                                                                                                                                                                                                                                        																_push(_t370);
                                                                                                                                                                                                                                                        																_push(_t530);
                                                                                                                                                                                                                                                        																_push(_t565);
                                                                                                                                                                                                                                                        																_t619 = _t618 - 0x14;
                                                                                                                                                                                                                                                        																_t484 =  *(_t406 + 0x10);
                                                                                                                                                                                                                                                        																_t567 = _v136;
                                                                                                                                                                                                                                                        																_t371 = 0x7fffffff;
                                                                                                                                                                                                                                                        																__eflags = 0x7fffffff - _t484 - _t567;
                                                                                                                                                                                                                                                        																if(0x7fffffff - _t484 < _t567) {
                                                                                                                                                                                                                                                        																	E00BBA890();
                                                                                                                                                                                                                                                        																	goto L82;
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	_t533 =  *(_t406 + 0x14);
                                                                                                                                                                                                                                                        																	_t570 = _t567 + _t484;
                                                                                                                                                                                                                                                        																	_v44 = _t484;
                                                                                                                                                                                                                                                        																	_v52 = _t406;
                                                                                                                                                                                                                                                        																	_v56 = _t570;
                                                                                                                                                                                                                                                        																	_t271 = _t570 | 0x0000000f;
                                                                                                                                                                                                                                                        																	__eflags = _t271;
                                                                                                                                                                                                                                                        																	if(_t271 >= 0) {
                                                                                                                                                                                                                                                        																		_t425 = _t533 >> 1;
                                                                                                                                                                                                                                                        																		_t426 = _t425 + _t533;
                                                                                                                                                                                                                                                        																		__eflags = _t271 - _t426;
                                                                                                                                                                                                                                                        																		_t427 =  >=  ? _t271 : _t426;
                                                                                                                                                                                                                                                        																		__eflags = _t533 - (_t425 ^ 0x7fffffff);
                                                                                                                                                                                                                                                        																		_t371 =  <=  ?  >=  ? _t271 : _t426 : 0x7fffffff;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_v48 = _t533;
                                                                                                                                                                                                                                                        																	_t534 = _v8;
                                                                                                                                                                                                                                                        																	_t208 = _t371 + 1; // 0x80000000
                                                                                                                                                                                                                                                        																	_t375 = _v52;
                                                                                                                                                                                                                                                        																	_t273 = E00BBD730(_t208);
                                                                                                                                                                                                                                                        																	__eflags = _v48 - 0x10;
                                                                                                                                                                                                                                                        																	_v40 = _t273;
                                                                                                                                                                                                                                                        																	 *((intOrPtr*)(_t375 + 0x10)) = _v56;
                                                                                                                                                                                                                                                        																	 *((intOrPtr*)(_t375 + 0x14)) = _t371;
                                                                                                                                                                                                                                                        																	if(_v48 < 0x10) {
                                                                                                                                                                                                                                                        																		memcpy(_t273, _t375, _t534);
                                                                                                                                                                                                                                                        																		_t573 = _v40 + _t534;
                                                                                                                                                                                                                                                        																		memcpy(_t573, _v0, _a4);
                                                                                                                                                                                                                                                        																		_t277 = _v4;
                                                                                                                                                                                                                                                        																		_t420 = _v44 - _t277 + _t534 + 1;
                                                                                                                                                                                                                                                        																		__eflags = _t420;
                                                                                                                                                                                                                                                        																		_t575 = _v40;
                                                                                                                                                                                                                                                        																		memcpy(_t573 + _a4, _t375 + _t534 + _t277, _t420);
                                                                                                                                                                                                                                                        																		goto L80;
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		_t377 =  *_t375;
                                                                                                                                                                                                                                                        																		memcpy(_t273, _t377, _t534);
                                                                                                                                                                                                                                                        																		_t578 = _t273 + _t534;
                                                                                                                                                                                                                                                        																		memcpy(_t578, _v0, _a4);
                                                                                                                                                                                                                                                        																		_t284 = _v4;
                                                                                                                                                                                                                                                        																		_t567 = _t578 + _a4;
                                                                                                                                                                                                                                                        																		_t530 = _t377 + _t534 + _t284;
                                                                                                                                                                                                                                                        																		memcpy(_t567, _t530, _v44 - _t284 + _t534 + 1);
                                                                                                                                                                                                                                                        																		_t619 = _t619 + 0x24;
                                                                                                                                                                                                                                                        																		_t490 = _v48;
                                                                                                                                                                                                                                                        																		_t221 = _t490 + 1; // 0x11
                                                                                                                                                                                                                                                        																		_t406 = _t221;
                                                                                                                                                                                                                                                        																		__eflags = _t406 - 0x1000;
                                                                                                                                                                                                                                                        																		if(_t406 < 0x1000) {
                                                                                                                                                                                                                                                        																			L78:
                                                                                                                                                                                                                                                        																			_push(_t406);
                                                                                                                                                                                                                                                        																			_push(_t377);
                                                                                                                                                                                                                                                        																			L00BEF6C6();
                                                                                                                                                                                                                                                        																			_t575 = _v40;
                                                                                                                                                                                                                                                        																			_t375 = _v52;
                                                                                                                                                                                                                                                        																			L80:
                                                                                                                                                                                                                                                        																			 *_t375 = _t575;
                                                                                                                                                                                                                                                        																			return _t375;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_t287 =  *(_t377 - 4);
                                                                                                                                                                                                                                                        																			_t371 = _t377 + 0xfffffffc - _t287;
                                                                                                                                                                                                                                                        																			__eflags = _t371 - 0x20;
                                                                                                                                                                                                                                                        																			if(_t371 >= 0x20) {
                                                                                                                                                                                                                                                        																				L82:
                                                                                                                                                                                                                                                        																				__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				asm("int3");
                                                                                                                                                                                                                                                        																				_push(_t610);
                                                                                                                                                                                                                                                        																				_t611 = _t619;
                                                                                                                                                                                                                                                        																				_push(_t371);
                                                                                                                                                                                                                                                        																				_push(_t530);
                                                                                                                                                                                                                                                        																				_push(_t567);
                                                                                                                                                                                                                                                        																				_t620 = _t619 - 8;
                                                                                                                                                                                                                                                        																				_t568 = _t406;
                                                                                                                                                                                                                                                        																				_t407 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        																				_t266 = _v168;
                                                                                                                                                                                                                                                        																				_v192 = _t407 ^ _t611;
                                                                                                                                                                                                                                                        																				_t372 =  *((intOrPtr*)(_t568 + 0x14));
                                                                                                                                                                                                                                                        																				_t409 =  *((intOrPtr*)(_t568 + 0x10));
                                                                                                                                                                                                                                                        																				__eflags = _t372 - _t409 - _t266;
                                                                                                                                                                                                                                                        																				_t487 = _v164;
                                                                                                                                                                                                                                                        																				if(_t372 - _t409 >= _t266) {
                                                                                                                                                                                                                                                        																					_t531 = _t409 + _t266;
                                                                                                                                                                                                                                                        																					__eflags = _t372 - 0x10;
                                                                                                                                                                                                                                                        																					_t373 = _t568;
                                                                                                                                                                                                                                                        																					 *((intOrPtr*)(_t568 + 0x10)) = _t531;
                                                                                                                                                                                                                                                        																					if(_t372 >= 0x10) {
                                                                                                                                                                                                                                                        																						_t373 =  *_t568;
                                                                                                                                                                                                                                                        																					}
                                                                                                                                                                                                                                                        																					_t267 = memset(_t409 + _t373, _t487, _t266);
                                                                                                                                                                                                                                                        																					 *((char*)(_t373 + _t531)) = 0;
                                                                                                                                                                                                                                                        																				} else {
                                                                                                                                                                                                                                                        																					_v208 = _v48;
                                                                                                                                                                                                                                                        																					_v204 = _t266;
                                                                                                                                                                                                                                                        																					 *(_t620 - 0x10) = _t266;
                                                                                                                                                                                                                                                        																					_v200 = _t487;
                                                                                                                                                                                                                                                        																					_t568 = E00BC7330(_t568);
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																				__eflags = _v44 ^ _t611;
                                                                                                                                                                                                                                                        																				E00BEECB0(_t267, _v44 ^ _t611, _t487);
                                                                                                                                                                                                                                                        																				return _t568;
                                                                                                                                                                                                                                                        																			} else {
                                                                                                                                                                                                                                                        																				_t491 = _t490 + 0x24;
                                                                                                                                                                                                                                                        																				__eflags = _t491;
                                                                                                                                                                                                                                                        																				_t377 = _t287;
                                                                                                                                                                                                                                                        																				_t406 = _t491;
                                                                                                                                                                                                                                                        																				goto L78;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        															} else {
                                                                                                                                                                                                                                                        																_t380 = _v8;
                                                                                                                                                                                                                                                        																_t579 = _v0;
                                                                                                                                                                                                                                                        																__eflags = _t530 - _t380;
                                                                                                                                                                                                                                                        																_t381 =  <  ? _t530 : _t380;
                                                                                                                                                                                                                                                        																__eflags = _t381 - _t579;
                                                                                                                                                                                                                                                        																if(_t381 != _t579) {
                                                                                                                                                                                                                                                        																	_t540 = _t530 - _t381 + 1;
                                                                                                                                                                                                                                                        																	_t580 = _t579 - _t381;
                                                                                                                                                                                                                                                        																	__eflags = _t580;
                                                                                                                                                                                                                                                        																	if(_t580 >= 0) {
                                                                                                                                                                                                                                                        																		_t494 =  *(_t406 + 0x14);
                                                                                                                                                                                                                                                        																		_v44 = _t494;
                                                                                                                                                                                                                                                        																		_t495 = _t494 - _t261;
                                                                                                                                                                                                                                                        																		__eflags = _t580 - _t494 - _t261;
                                                                                                                                                                                                                                                        																		if(_t580 <= _t494 - _t261) {
                                                                                                                                                                                                                                                        																			__eflags = _v44 - 0x10;
                                                                                                                                                                                                                                                        																			 *(_t406 + 0x10) = _t580 + _t261;
                                                                                                                                                                                                                                                        																			_t497 = _t406;
                                                                                                                                                                                                                                                        																			if(_v44 >= 0x10) {
                                                                                                                                                                                                                                                        																				_t497 =  *_t406;
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_v44 = _t406;
                                                                                                                                                                                                                                                        																			_v56 = _t497;
                                                                                                                                                                                                                                                        																			_t429 = _v12 + _t497;
                                                                                                                                                                                                                                                        																			_v52 = _t429;
                                                                                                                                                                                                                                                        																			_t382 = _t381 + _t429;
                                                                                                                                                                                                                                                        																			_t431 = _v4;
                                                                                                                                                                                                                                                        																			__eflags = _v0 + _v4 - _v52;
                                                                                                                                                                                                                                                        																			_t483 = _v0;
                                                                                                                                                                                                                                                        																			_v48 = _v0;
                                                                                                                                                                                                                                                        																			if(_v0 + _v4 > _v52) {
                                                                                                                                                                                                                                                        																				_t500 = _t431;
                                                                                                                                                                                                                                                        																				__eflags = _v56 + _t261 - _t500;
                                                                                                                                                                                                                                                        																				_t431 = _t500;
                                                                                                                                                                                                                                                        																				_t483 = _v0;
                                                                                                                                                                                                                                                        																				_v48 = _v0;
                                                                                                                                                                                                                                                        																				if(_v56 + _t261 >= _t500) {
                                                                                                                                                                                                                                                        																					_t483 = 0;
                                                                                                                                                                                                                                                        																					_t544 = _t382 - _t431;
                                                                                                                                                                                                                                                        																					__eflags = _t544;
                                                                                                                                                                                                                                                        																					_t545 =  <=  ? 0 : _t544;
                                                                                                                                                                                                                                                        																					_v48 =  <=  ? 0 : _t544;
                                                                                                                                                                                                                                                        																				}
                                                                                                                                                                                                                                                        																			}
                                                                                                                                                                                                                                                        																			_t384 = _t431;
                                                                                                                                                                                                                                                        																			memmove(_t382 + _t580, _t382, _t540);
                                                                                                                                                                                                                                                        																			_t541 = _v48;
                                                                                                                                                                                                                                                        																			memmove(_v52, _t384, _t541);
                                                                                                                                                                                                                                                        																			_t618 = _t618 + 0x18;
                                                                                                                                                                                                                                                        																			_t292 = memcpy(_v52 + _t541, _t384 + _t580 + _t541, _v0 - _t541);
                                                                                                                                                                                                                                                        																			goto L56;
                                                                                                                                                                                                                                                        																		} else {
                                                                                                                                                                                                                                                        																			_v160 = _v40;
                                                                                                                                                                                                                                                        																			_v152 = _t381;
                                                                                                                                                                                                                                                        																			_v164 = _t580;
                                                                                                                                                                                                                                                        																			_v144 = _v0;
                                                                                                                                                                                                                                                        																			_v148 = _v4;
                                                                                                                                                                                                                                                        																			_t299 = _v12;
                                                                                                                                                                                                                                                        																			_v156 = _t299;
                                                                                                                                                                                                                                                        																			L71();
                                                                                                                                                                                                                                                        																			E00BEECB0(_t299, _v36 ^ _t609, _t495);
                                                                                                                                                                                                                                                        																			_t294 = _t299;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																	} else {
                                                                                                                                                                                                                                                        																		 *(_t406 + 0x10) = _t580 + _t261;
                                                                                                                                                                                                                                                        																		_t584 = _t406;
                                                                                                                                                                                                                                                        																		__eflags =  *(_t406 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        																		if( *(_t406 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        																			_t584 =  *_t406;
                                                                                                                                                                                                                                                        																		}
                                                                                                                                                                                                                                                        																		_v44 = _t406;
                                                                                                                                                                                                                                                        																		_t585 = _t584 + _t483;
                                                                                                                                                                                                                                                        																		memmove(_t585, _v4, _v0);
                                                                                                                                                                                                                                                        																		_t618 = _t618 + 0xc;
                                                                                                                                                                                                                                                        																		_push(_t540);
                                                                                                                                                                                                                                                        																		_push(_t381 + _t585);
                                                                                                                                                                                                                                                        																		_push(_t585 + _v0);
                                                                                                                                                                                                                                                        																		goto L55;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																} else {
                                                                                                                                                                                                                                                        																	__eflags =  *(_t406 + 0x14) - 0x10;
                                                                                                                                                                                                                                                        																	_t303 = _t406;
                                                                                                                                                                                                                                                        																	if( *(_t406 + 0x14) >= 0x10) {
                                                                                                                                                                                                                                                        																		_t303 =  *_t406;
                                                                                                                                                                                                                                                        																	}
                                                                                                                                                                                                                                                        																	_v44 = _t406;
                                                                                                                                                                                                                                                        																	_t304 = _t303 + _t483;
                                                                                                                                                                                                                                                        																	__eflags = _t304;
                                                                                                                                                                                                                                                        																	_push(_t579);
                                                                                                                                                                                                                                                        																	_push(_v4);
                                                                                                                                                                                                                                                        																	_push(_t304);
                                                                                                                                                                                                                                                        																	L55:
                                                                                                                                                                                                                                                        																	_t292 = memmove();
                                                                                                                                                                                                                                                        																	L56:
                                                                                                                                                                                                                                                        																	__eflags = _v36 ^ _t609;
                                                                                                                                                                                                                                                        																	E00BEECB0(_t292, _v36 ^ _t609, _t483);
                                                                                                                                                                                                                                                        																	_t294 = _v44;
                                                                                                                                                                                                                                                        																}
                                                                                                                                                                                                                                                        																return _t294;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														} else {
                                                                                                                                                                                                                                                        															_t454 = _t406 + _t406 + 0x25;
                                                                                                                                                                                                                                                        															__eflags = _t454;
                                                                                                                                                                                                                                                        															_t330 = _t454;
                                                                                                                                                                                                                                                        															goto L45;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t592 = _v0;
                                                                                                                                                                                                                                                        											_t552 = _a8;
                                                                                                                                                                                                                                                        											_t511 = _a4;
                                                                                                                                                                                                                                                        											__eflags = _t369 - _t592;
                                                                                                                                                                                                                                                        											_t593 =  <  ? _t369 : _t592;
                                                                                                                                                                                                                                                        											__eflags = _t593 - _t552;
                                                                                                                                                                                                                                                        											if(_t593 != _t552) {
                                                                                                                                                                                                                                                        												_t397 = _t369 - _t593 + 1;
                                                                                                                                                                                                                                                        												_t553 = _t552 - _t593;
                                                                                                                                                                                                                                                        												__eflags = _t553;
                                                                                                                                                                                                                                                        												if(_t553 >= 0) {
                                                                                                                                                                                                                                                        													_t512 =  *(_t406 + 0x14);
                                                                                                                                                                                                                                                        													_v36 = _t512;
                                                                                                                                                                                                                                                        													_t513 = _t512 - _t254;
                                                                                                                                                                                                                                                        													__eflags = _t553 - _t512 - _t254;
                                                                                                                                                                                                                                                        													if(_t553 <= _t512 - _t254) {
                                                                                                                                                                                                                                                        														__eflags = _v36 - 8;
                                                                                                                                                                                                                                                        														_v40 = _t553;
                                                                                                                                                                                                                                                        														 *(_t406 + 0x10) = _t553 + _t254;
                                                                                                                                                                                                                                                        														_t515 = _t406;
                                                                                                                                                                                                                                                        														if(_v36 >= 8) {
                                                                                                                                                                                                                                                        															_t515 =  *_t406;
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														_v36 = _t406;
                                                                                                                                                                                                                                                        														_v44 = _t515;
                                                                                                                                                                                                                                                        														_t554 = _a8;
                                                                                                                                                                                                                                                        														_t516 = _t515 + _v4 * 2;
                                                                                                                                                                                                                                                        														_t594 = _a4;
                                                                                                                                                                                                                                                        														_v52 = _t516;
                                                                                                                                                                                                                                                        														_v48 = _t516 + _t593 * 2;
                                                                                                                                                                                                                                                        														__eflags = _t594 + _t554 * 2 - _t516;
                                                                                                                                                                                                                                                        														_t511 = _v48;
                                                                                                                                                                                                                                                        														_t596 = _t554;
                                                                                                                                                                                                                                                        														if(_t594 + _t554 * 2 > _t516) {
                                                                                                                                                                                                                                                        															_t463 = _v44;
                                                                                                                                                                                                                                                        															_t596 = _t554;
                                                                                                                                                                                                                                                        															__eflags = _t463 + _t254 * 2 - _a4;
                                                                                                                                                                                                                                                        															if(_t463 + _t254 * 2 >= _a4) {
                                                                                                                                                                                                                                                        																_t345 = _a4;
                                                                                                                                                                                                                                                        																__eflags = _t511 - _t345;
                                                                                                                                                                                                                                                        																_t596 =  >  ? _t511 - _t345 >> 1 : 0;
                                                                                                                                                                                                                                                        															}
                                                                                                                                                                                                                                                        														}
                                                                                                                                                                                                                                                        														memmove(_t511 + _v40 * 2, _t511, _t397 + _t397);
                                                                                                                                                                                                                                                        														_t399 = _v52;
                                                                                                                                                                                                                                                        														memmove(_t399, _a4, _t596 + _t596);
                                                                                                                                                                                                                                                        														_t616 = _t616 + 0x18;
                                                                                                                                                                                                                                                        														_t342 = memcpy(_t399 + _t596 * 2, _a4 + _v40 * 2 + _t596 * 2, _t554 - _t596 + _t554 - _t596);
                                                                                                                                                                                                                                                        														goto L23;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														_v96 = _v32;
                                                                                                                                                                                                                                                        														_v88 = _t593;
                                                                                                                                                                                                                                                        														 *(_t616 - 0x18) = _t553;
                                                                                                                                                                                                                                                        														_v80 = _a8;
                                                                                                                                                                                                                                                        														_v84 = _a4;
                                                                                                                                                                                                                                                        														_t349 = _v4;
                                                                                                                                                                                                                                                        														_v92 = _t349;
                                                                                                                                                                                                                                                        														L38();
                                                                                                                                                                                                                                                        														E00BEECB0(_t349, _v28 ^ _t607, _t513);
                                                                                                                                                                                                                                                        														_t344 = _t349;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t351 = _t406;
                                                                                                                                                                                                                                                        													 *(_t406 + 0x10) = _t553 + _t254;
                                                                                                                                                                                                                                                        													__eflags =  *(_t406 + 0x14) - 8;
                                                                                                                                                                                                                                                        													if( *(_t406 + 0x14) >= 8) {
                                                                                                                                                                                                                                                        														_t351 =  *_t406;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													_v36 = _t406;
                                                                                                                                                                                                                                                        													_t559 = _t351 + _v4 * 2;
                                                                                                                                                                                                                                                        													memmove(_t559, _t511, _a8 + _a8);
                                                                                                                                                                                                                                                        													_t616 = _t616 + 0xc;
                                                                                                                                                                                                                                                        													_push(_t397 + _t397);
                                                                                                                                                                                                                                                        													_push(_t559 + _t593 * 2);
                                                                                                                                                                                                                                                        													_push(_t559 + _a8 * 2);
                                                                                                                                                                                                                                                        													goto L22;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												__eflags =  *(_t406 + 0x14) - 8;
                                                                                                                                                                                                                                                        												_t356 = _t406;
                                                                                                                                                                                                                                                        												if( *(_t406 + 0x14) >= 8) {
                                                                                                                                                                                                                                                        													_t356 =  *_t406;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												_v36 = _t406;
                                                                                                                                                                                                                                                        												_t560 = _t552 + _t552;
                                                                                                                                                                                                                                                        												__eflags = _t560;
                                                                                                                                                                                                                                                        												_push(_t560);
                                                                                                                                                                                                                                                        												_push(_t511);
                                                                                                                                                                                                                                                        												_push(_t356 + _v4 * 2);
                                                                                                                                                                                                                                                        												L22:
                                                                                                                                                                                                                                                        												_t342 = memmove();
                                                                                                                                                                                                                                                        												L23:
                                                                                                                                                                                                                                                        												__eflags = _v28 ^ _t607;
                                                                                                                                                                                                                                                        												E00BEECB0(_t342, _v28 ^ _t607, _t511);
                                                                                                                                                                                                                                                        												_t344 = _v36;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											return _t344;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t251 = _t251 + 0x24;
                                                                                                                                                                                                                                                        										__eflags = _t251;
                                                                                                                                                                                                                                                        										_t524 = _t406;
                                                                                                                                                                                                                                                        										_t481 = _t251;
                                                                                                                                                                                                                                                        										goto L15;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t602 = _t365;
                                                                                                                                                                                                                                                        								_t405 = _t523 + 0x24;
                                                                                                                                                                                                                                                        								goto L7;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}











































































































































































                                                                                                                                                                                                                                                        0x00bc6b70
                                                                                                                                                                                                                                                        0x00bc6b74
                                                                                                                                                                                                                                                        0x00bc6b76
                                                                                                                                                                                                                                                        0x00bc6b79
                                                                                                                                                                                                                                                        0x00bc6b7c
                                                                                                                                                                                                                                                        0x00bc6b84
                                                                                                                                                                                                                                                        0x00bc6b8d
                                                                                                                                                                                                                                                        0x00bc6c3e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6b93
                                                                                                                                                                                                                                                        0x00bc6b93
                                                                                                                                                                                                                                                        0x00bc6b96
                                                                                                                                                                                                                                                        0x00bc6b98
                                                                                                                                                                                                                                                        0x00bc6b9b
                                                                                                                                                                                                                                                        0x00bc6ba0
                                                                                                                                                                                                                                                        0x00bc6ba3
                                                                                                                                                                                                                                                        0x00bc6bb0
                                                                                                                                                                                                                                                        0x00bc6bba
                                                                                                                                                                                                                                                        0x00bc6bbf
                                                                                                                                                                                                                                                        0x00bc6bbf
                                                                                                                                                                                                                                                        0x00bc6bc5
                                                                                                                                                                                                                                                        0x00bc6bc9
                                                                                                                                                                                                                                                        0x00bc6bce
                                                                                                                                                                                                                                                        0x00bc6bd4
                                                                                                                                                                                                                                                        0x00bc6bd7
                                                                                                                                                                                                                                                        0x00bc6bda
                                                                                                                                                                                                                                                        0x00bc6c20
                                                                                                                                                                                                                                                        0x00bc6c20
                                                                                                                                                                                                                                                        0x00bc6c24
                                                                                                                                                                                                                                                        0x00bc6c26
                                                                                                                                                                                                                                                        0x00bc6c28
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6bdc
                                                                                                                                                                                                                                                        0x00bc6bdf
                                                                                                                                                                                                                                                        0x00bc6be4
                                                                                                                                                                                                                                                        0x00bc6be7
                                                                                                                                                                                                                                                        0x00bc6bec
                                                                                                                                                                                                                                                        0x00bc6bef
                                                                                                                                                                                                                                                        0x00bc6bf8
                                                                                                                                                                                                                                                        0x00bc6c0e
                                                                                                                                                                                                                                                        0x00bc6c0e
                                                                                                                                                                                                                                                        0x00bc6c0f
                                                                                                                                                                                                                                                        0x00bc6c10
                                                                                                                                                                                                                                                        0x00bc6c18
                                                                                                                                                                                                                                                        0x00bc6c30
                                                                                                                                                                                                                                                        0x00bc6c30
                                                                                                                                                                                                                                                        0x00bc6c3b
                                                                                                                                                                                                                                                        0x00bc6bfa
                                                                                                                                                                                                                                                        0x00bc6bfa
                                                                                                                                                                                                                                                        0x00bc6c00
                                                                                                                                                                                                                                                        0x00bc6c05
                                                                                                                                                                                                                                                        0x00bc6c43
                                                                                                                                                                                                                                                        0x00bc6c43
                                                                                                                                                                                                                                                        0x00bc6c49
                                                                                                                                                                                                                                                        0x00bc6c4a
                                                                                                                                                                                                                                                        0x00bc6c4b
                                                                                                                                                                                                                                                        0x00bc6c4c
                                                                                                                                                                                                                                                        0x00bc6c4d
                                                                                                                                                                                                                                                        0x00bc6c4e
                                                                                                                                                                                                                                                        0x00bc6c4f
                                                                                                                                                                                                                                                        0x00bc6c51
                                                                                                                                                                                                                                                        0x00bc6c53
                                                                                                                                                                                                                                                        0x00bc6c54
                                                                                                                                                                                                                                                        0x00bc6c58
                                                                                                                                                                                                                                                        0x00bc6c5a
                                                                                                                                                                                                                                                        0x00bc6c60
                                                                                                                                                                                                                                                        0x00bc6c65
                                                                                                                                                                                                                                                        0x00bc6c68
                                                                                                                                                                                                                                                        0x00bc6c6b
                                                                                                                                                                                                                                                        0x00bc6c6b
                                                                                                                                                                                                                                                        0x00bc6c6e
                                                                                                                                                                                                                                                        0x00bc6c74
                                                                                                                                                                                                                                                        0x00bc6c8a
                                                                                                                                                                                                                                                        0x00bc6c8a
                                                                                                                                                                                                                                                        0x00bc6c8b
                                                                                                                                                                                                                                                        0x00bc6c8c
                                                                                                                                                                                                                                                        0x00bc6c94
                                                                                                                                                                                                                                                        0x00bc6c9e
                                                                                                                                                                                                                                                        0x00bc6c76
                                                                                                                                                                                                                                                        0x00bc6c76
                                                                                                                                                                                                                                                        0x00bc6c7c
                                                                                                                                                                                                                                                        0x00bc6c7e
                                                                                                                                                                                                                                                        0x00bc6c81
                                                                                                                                                                                                                                                        0x00bc6c9f
                                                                                                                                                                                                                                                        0x00bc6ca5
                                                                                                                                                                                                                                                        0x00bc6ca6
                                                                                                                                                                                                                                                        0x00bc6ca7
                                                                                                                                                                                                                                                        0x00bc6ca8
                                                                                                                                                                                                                                                        0x00bc6ca9
                                                                                                                                                                                                                                                        0x00bc6caa
                                                                                                                                                                                                                                                        0x00bc6cab
                                                                                                                                                                                                                                                        0x00bc6cac
                                                                                                                                                                                                                                                        0x00bc6cad
                                                                                                                                                                                                                                                        0x00bc6cae
                                                                                                                                                                                                                                                        0x00bc6caf
                                                                                                                                                                                                                                                        0x00bc6cb0
                                                                                                                                                                                                                                                        0x00bc6cb1
                                                                                                                                                                                                                                                        0x00bc6cb3
                                                                                                                                                                                                                                                        0x00bc6cb4
                                                                                                                                                                                                                                                        0x00bc6cb5
                                                                                                                                                                                                                                                        0x00bc6cb6
                                                                                                                                                                                                                                                        0x00bc6cb9
                                                                                                                                                                                                                                                        0x00bc6cc0
                                                                                                                                                                                                                                                        0x00bc6cc3
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6cc8
                                                                                                                                                                                                                                                        0x00bc6ccb
                                                                                                                                                                                                                                                        0x00bc6e42
                                                                                                                                                                                                                                                        0x00bc6e47
                                                                                                                                                                                                                                                        0x00bc6e48
                                                                                                                                                                                                                                                        0x00bc6e49
                                                                                                                                                                                                                                                        0x00bc6e4a
                                                                                                                                                                                                                                                        0x00bc6e4b
                                                                                                                                                                                                                                                        0x00bc6e4c
                                                                                                                                                                                                                                                        0x00bc6e4d
                                                                                                                                                                                                                                                        0x00bc6e4e
                                                                                                                                                                                                                                                        0x00bc6e4f
                                                                                                                                                                                                                                                        0x00bc6e50
                                                                                                                                                                                                                                                        0x00bc6e51
                                                                                                                                                                                                                                                        0x00bc6e53
                                                                                                                                                                                                                                                        0x00bc6e54
                                                                                                                                                                                                                                                        0x00bc6e55
                                                                                                                                                                                                                                                        0x00bc6e56
                                                                                                                                                                                                                                                        0x00bc6e59
                                                                                                                                                                                                                                                        0x00bc6e5c
                                                                                                                                                                                                                                                        0x00bc6e64
                                                                                                                                                                                                                                                        0x00bc6e6b
                                                                                                                                                                                                                                                        0x00bc6e6d
                                                                                                                                                                                                                                                        0x00bc6fc3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e73
                                                                                                                                                                                                                                                        0x00bc6e75
                                                                                                                                                                                                                                                        0x00bc6e78
                                                                                                                                                                                                                                                        0x00bc6e7b
                                                                                                                                                                                                                                                        0x00bc6e80
                                                                                                                                                                                                                                                        0x00bc6e83
                                                                                                                                                                                                                                                        0x00bc6e86
                                                                                                                                                                                                                                                        0x00bc6e8b
                                                                                                                                                                                                                                                        0x00bc6e99
                                                                                                                                                                                                                                                        0x00bc6e9d
                                                                                                                                                                                                                                                        0x00bc6e9f
                                                                                                                                                                                                                                                        0x00bc6ea1
                                                                                                                                                                                                                                                        0x00bc6ea4
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea6
                                                                                                                                                                                                                                                        0x00bc6ea9
                                                                                                                                                                                                                                                        0x00bc6eab
                                                                                                                                                                                                                                                        0x00bc6eae
                                                                                                                                                                                                                                                        0x00bc6eb4
                                                                                                                                                                                                                                                        0x00bc6ebc
                                                                                                                                                                                                                                                        0x00bc6ebf
                                                                                                                                                                                                                                                        0x00bc6ec2
                                                                                                                                                                                                                                                        0x00bc6ec4
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6f62
                                                                                                                                                                                                                                                        0x00bc6f66
                                                                                                                                                                                                                                                        0x00bc6f68
                                                                                                                                                                                                                                                        0x00bc6f73
                                                                                                                                                                                                                                                        0x00bc6f80
                                                                                                                                                                                                                                                        0x00bc6f8b
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6f93
                                                                                                                                                                                                                                                        0x00bc6fab
                                                                                                                                                                                                                                                        0x00bc6fb3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ecd
                                                                                                                                                                                                                                                        0x00bc6ed7
                                                                                                                                                                                                                                                        0x00bc6ed9
                                                                                                                                                                                                                                                        0x00bc6edc
                                                                                                                                                                                                                                                        0x00bc6ee7
                                                                                                                                                                                                                                                        0x00bc6ef4
                                                                                                                                                                                                                                                        0x00bc6f1f
                                                                                                                                                                                                                                                        0x00bc6f24
                                                                                                                                                                                                                                                        0x00bc6f27
                                                                                                                                                                                                                                                        0x00bc6f2a
                                                                                                                                                                                                                                                        0x00bc6f2c
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f2f
                                                                                                                                                                                                                                                        0x00bc6f33
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f50
                                                                                                                                                                                                                                                        0x00bc6f51
                                                                                                                                                                                                                                                        0x00bc6f52
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fb5
                                                                                                                                                                                                                                                        0x00bc6fc0
                                                                                                                                                                                                                                                        0x00bc6f3a
                                                                                                                                                                                                                                                        0x00bc6f3c
                                                                                                                                                                                                                                                        0x00bc6f44
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fc8
                                                                                                                                                                                                                                                        0x00bc6fce
                                                                                                                                                                                                                                                        0x00bc6fcf
                                                                                                                                                                                                                                                        0x00bc6fd0
                                                                                                                                                                                                                                                        0x00bc6fd1
                                                                                                                                                                                                                                                        0x00bc6fd3
                                                                                                                                                                                                                                                        0x00bc6fd4
                                                                                                                                                                                                                                                        0x00bc6fd5
                                                                                                                                                                                                                                                        0x00bc6fd6
                                                                                                                                                                                                                                                        0x00bc6fd9
                                                                                                                                                                                                                                                        0x00bc6fde
                                                                                                                                                                                                                                                        0x00bc6fe3
                                                                                                                                                                                                                                                        0x00bc6fe6
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6feb
                                                                                                                                                                                                                                                        0x00bc6fed
                                                                                                                                                                                                                                                        0x00bc7147
                                                                                                                                                                                                                                                        0x00bc714c
                                                                                                                                                                                                                                                        0x00bc714d
                                                                                                                                                                                                                                                        0x00bc714e
                                                                                                                                                                                                                                                        0x00bc714f
                                                                                                                                                                                                                                                        0x00bc7150
                                                                                                                                                                                                                                                        0x00bc7151
                                                                                                                                                                                                                                                        0x00bc7153
                                                                                                                                                                                                                                                        0x00bc7154
                                                                                                                                                                                                                                                        0x00bc7155
                                                                                                                                                                                                                                                        0x00bc7156
                                                                                                                                                                                                                                                        0x00bc7159
                                                                                                                                                                                                                                                        0x00bc715c
                                                                                                                                                                                                                                                        0x00bc7164
                                                                                                                                                                                                                                                        0x00bc716b
                                                                                                                                                                                                                                                        0x00bc716d
                                                                                                                                                                                                                                                        0x00bc7291
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7173
                                                                                                                                                                                                                                                        0x00bc7176
                                                                                                                                                                                                                                                        0x00bc7178
                                                                                                                                                                                                                                                        0x00bc717b
                                                                                                                                                                                                                                                        0x00bc7180
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7183
                                                                                                                                                                                                                                                        0x00bc7186
                                                                                                                                                                                                                                                        0x00bc718f
                                                                                                                                                                                                                                                        0x00bc7193
                                                                                                                                                                                                                                                        0x00bc719b
                                                                                                                                                                                                                                                        0x00bc719d
                                                                                                                                                                                                                                                        0x00bc71a0
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a2
                                                                                                                                                                                                                                                        0x00bc71a5
                                                                                                                                                                                                                                                        0x00bc71a8
                                                                                                                                                                                                                                                        0x00bc71ad
                                                                                                                                                                                                                                                        0x00bc71b0
                                                                                                                                                                                                                                                        0x00bc71b6
                                                                                                                                                                                                                                                        0x00bc71be
                                                                                                                                                                                                                                                        0x00bc71c2
                                                                                                                                                                                                                                                        0x00bc71c5
                                                                                                                                                                                                                                                        0x00bc71c8
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc7244
                                                                                                                                                                                                                                                        0x00bc7252
                                                                                                                                                                                                                                                        0x00bc7259
                                                                                                                                                                                                                                                        0x00bc7261
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7274
                                                                                                                                                                                                                                                        0x00bc7278
                                                                                                                                                                                                                                                        0x00bc727b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71cd
                                                                                                                                                                                                                                                        0x00bc71d4
                                                                                                                                                                                                                                                        0x00bc71df
                                                                                                                                                                                                                                                        0x00bc71e6
                                                                                                                                                                                                                                                        0x00bc71ee
                                                                                                                                                                                                                                                        0x00bc71f4
                                                                                                                                                                                                                                                        0x00bc71ff
                                                                                                                                                                                                                                                        0x00bc7205
                                                                                                                                                                                                                                                        0x00bc720a
                                                                                                                                                                                                                                                        0x00bc720d
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7210
                                                                                                                                                                                                                                                        0x00bc7213
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc722f
                                                                                                                                                                                                                                                        0x00bc7230
                                                                                                                                                                                                                                                        0x00bc7231
                                                                                                                                                                                                                                                        0x00bc7239
                                                                                                                                                                                                                                                        0x00bc723c
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc7283
                                                                                                                                                                                                                                                        0x00bc728e
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc721b
                                                                                                                                                                                                                                                        0x00bc7221
                                                                                                                                                                                                                                                        0x00bc7223
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc7296
                                                                                                                                                                                                                                                        0x00bc729c
                                                                                                                                                                                                                                                        0x00bc729d
                                                                                                                                                                                                                                                        0x00bc729e
                                                                                                                                                                                                                                                        0x00bc729f
                                                                                                                                                                                                                                                        0x00bc72a0
                                                                                                                                                                                                                                                        0x00bc72a1
                                                                                                                                                                                                                                                        0x00bc72a3
                                                                                                                                                                                                                                                        0x00bc72a4
                                                                                                                                                                                                                                                        0x00bc72a5
                                                                                                                                                                                                                                                        0x00bc72a6
                                                                                                                                                                                                                                                        0x00bc72a9
                                                                                                                                                                                                                                                        0x00bc72ab
                                                                                                                                                                                                                                                        0x00bc72b1
                                                                                                                                                                                                                                                        0x00bc72b6
                                                                                                                                                                                                                                                        0x00bc72b9
                                                                                                                                                                                                                                                        0x00bc72bc
                                                                                                                                                                                                                                                        0x00bc72c3
                                                                                                                                                                                                                                                        0x00bc72c5
                                                                                                                                                                                                                                                        0x00bc72c8
                                                                                                                                                                                                                                                        0x00bc7301
                                                                                                                                                                                                                                                        0x00bc7304
                                                                                                                                                                                                                                                        0x00bc7307
                                                                                                                                                                                                                                                        0x00bc7309
                                                                                                                                                                                                                                                        0x00bc730c
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc730e
                                                                                                                                                                                                                                                        0x00bc7318
                                                                                                                                                                                                                                                        0x00bc7320
                                                                                                                                                                                                                                                        0x00bc72ca
                                                                                                                                                                                                                                                        0x00bc72d0
                                                                                                                                                                                                                                                        0x00bc72d7
                                                                                                                                                                                                                                                        0x00bc72db
                                                                                                                                                                                                                                                        0x00bc72de
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72e9
                                                                                                                                                                                                                                                        0x00bc72ee
                                                                                                                                                                                                                                                        0x00bc72f0
                                                                                                                                                                                                                                                        0x00bc72fe
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc7228
                                                                                                                                                                                                                                                        0x00bc722b
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc722d
                                                                                                                                                                                                                                                        0x00bc7226
                                                                                                                                                                                                                                                        0x00bc7219
                                                                                                                                                                                                                                                        0x00bc71cb
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff3
                                                                                                                                                                                                                                                        0x00bc6ff6
                                                                                                                                                                                                                                                        0x00bc6ff9
                                                                                                                                                                                                                                                        0x00bc6ffb
                                                                                                                                                                                                                                                        0x00bc6ffe
                                                                                                                                                                                                                                                        0x00bc7000
                                                                                                                                                                                                                                                        0x00bc7037
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc7038
                                                                                                                                                                                                                                                        0x00bc703a
                                                                                                                                                                                                                                                        0x00bc706a
                                                                                                                                                                                                                                                        0x00bc706d
                                                                                                                                                                                                                                                        0x00bc7070
                                                                                                                                                                                                                                                        0x00bc7072
                                                                                                                                                                                                                                                        0x00bc7074
                                                                                                                                                                                                                                                        0x00bc70b4
                                                                                                                                                                                                                                                        0x00bc70bb
                                                                                                                                                                                                                                                        0x00bc70be
                                                                                                                                                                                                                                                        0x00bc70c0
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c2
                                                                                                                                                                                                                                                        0x00bc70c4
                                                                                                                                                                                                                                                        0x00bc70ca
                                                                                                                                                                                                                                                        0x00bc70cd
                                                                                                                                                                                                                                                        0x00bc70d2
                                                                                                                                                                                                                                                        0x00bc70d5
                                                                                                                                                                                                                                                        0x00bc70dc
                                                                                                                                                                                                                                                        0x00bc70df
                                                                                                                                                                                                                                                        0x00bc70e2
                                                                                                                                                                                                                                                        0x00bc70e5
                                                                                                                                                                                                                                                        0x00bc70e8
                                                                                                                                                                                                                                                        0x00bc70ea
                                                                                                                                                                                                                                                        0x00bc70f1
                                                                                                                                                                                                                                                        0x00bc70f3
                                                                                                                                                                                                                                                        0x00bc70f5
                                                                                                                                                                                                                                                        0x00bc70f8
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7101
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7103
                                                                                                                                                                                                                                                        0x00bc7105
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc7108
                                                                                                                                                                                                                                                        0x00bc70fb
                                                                                                                                                                                                                                                        0x00bc7112
                                                                                                                                                                                                                                                        0x00bc7114
                                                                                                                                                                                                                                                        0x00bc711c
                                                                                                                                                                                                                                                        0x00bc7124
                                                                                                                                                                                                                                                        0x00bc7129
                                                                                                                                                                                                                                                        0x00bc713d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7076
                                                                                                                                                                                                                                                        0x00bc707c
                                                                                                                                                                                                                                                        0x00bc7083
                                                                                                                                                                                                                                                        0x00bc7087
                                                                                                                                                                                                                                                        0x00bc708a
                                                                                                                                                                                                                                                        0x00bc7091
                                                                                                                                                                                                                                                        0x00bc7095
                                                                                                                                                                                                                                                        0x00bc7098
                                                                                                                                                                                                                                                        0x00bc709c
                                                                                                                                                                                                                                                        0x00bc70a8
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc70ad
                                                                                                                                                                                                                                                        0x00bc703c
                                                                                                                                                                                                                                                        0x00bc703e
                                                                                                                                                                                                                                                        0x00bc7041
                                                                                                                                                                                                                                                        0x00bc7043
                                                                                                                                                                                                                                                        0x00bc7047
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc7049
                                                                                                                                                                                                                                                        0x00bc704e
                                                                                                                                                                                                                                                        0x00bc7051
                                                                                                                                                                                                                                                        0x00bc7058
                                                                                                                                                                                                                                                        0x00bc705d
                                                                                                                                                                                                                                                        0x00bc7065
                                                                                                                                                                                                                                                        0x00bc7066
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc7067
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7002
                                                                                                                                                                                                                                                        0x00bc7006
                                                                                                                                                                                                                                                        0x00bc7008
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700a
                                                                                                                                                                                                                                                        0x00bc700c
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc700f
                                                                                                                                                                                                                                                        0x00bc7011
                                                                                                                                                                                                                                                        0x00bc7012
                                                                                                                                                                                                                                                        0x00bc7015
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc7016
                                                                                                                                                                                                                                                        0x00bc701b
                                                                                                                                                                                                                                                        0x00bc7021
                                                                                                                                                                                                                                                        0x00bc7023
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7028
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc7032
                                                                                                                                                                                                                                                        0x00bc6f49
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4b
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6f4e
                                                                                                                                                                                                                                                        0x00bc6f47
                                                                                                                                                                                                                                                        0x00bc6f38
                                                                                                                                                                                                                                                        0x00bc6ec7
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd1
                                                                                                                                                                                                                                                        0x00bc6cd4
                                                                                                                                                                                                                                                        0x00bc6cd7
                                                                                                                                                                                                                                                        0x00bc6cda
                                                                                                                                                                                                                                                        0x00bc6cdc
                                                                                                                                                                                                                                                        0x00bc6cdf
                                                                                                                                                                                                                                                        0x00bc6ce1
                                                                                                                                                                                                                                                        0x00bc6d1c
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1d
                                                                                                                                                                                                                                                        0x00bc6d1f
                                                                                                                                                                                                                                                        0x00bc6d5a
                                                                                                                                                                                                                                                        0x00bc6d5d
                                                                                                                                                                                                                                                        0x00bc6d60
                                                                                                                                                                                                                                                        0x00bc6d62
                                                                                                                                                                                                                                                        0x00bc6d64
                                                                                                                                                                                                                                                        0x00bc6da4
                                                                                                                                                                                                                                                        0x00bc6dab
                                                                                                                                                                                                                                                        0x00bc6dae
                                                                                                                                                                                                                                                        0x00bc6db1
                                                                                                                                                                                                                                                        0x00bc6db3
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db5
                                                                                                                                                                                                                                                        0x00bc6db7
                                                                                                                                                                                                                                                        0x00bc6dbd
                                                                                                                                                                                                                                                        0x00bc6dc0
                                                                                                                                                                                                                                                        0x00bc6dc3
                                                                                                                                                                                                                                                        0x00bc6dc9
                                                                                                                                                                                                                                                        0x00bc6dcc
                                                                                                                                                                                                                                                        0x00bc6dcf
                                                                                                                                                                                                                                                        0x00bc6dd5
                                                                                                                                                                                                                                                        0x00bc6dd7
                                                                                                                                                                                                                                                        0x00bc6dda
                                                                                                                                                                                                                                                        0x00bc6ddc
                                                                                                                                                                                                                                                        0x00bc6dde
                                                                                                                                                                                                                                                        0x00bc6de1
                                                                                                                                                                                                                                                        0x00bc6de6
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6deb
                                                                                                                                                                                                                                                        0x00bc6df6
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6df8
                                                                                                                                                                                                                                                        0x00bc6de9
                                                                                                                                                                                                                                                        0x00bc6e06
                                                                                                                                                                                                                                                        0x00bc6e16
                                                                                                                                                                                                                                                        0x00bc6e1a
                                                                                                                                                                                                                                                        0x00bc6e1f
                                                                                                                                                                                                                                                        0x00bc6e38
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d66
                                                                                                                                                                                                                                                        0x00bc6d6c
                                                                                                                                                                                                                                                        0x00bc6d73
                                                                                                                                                                                                                                                        0x00bc6d77
                                                                                                                                                                                                                                                        0x00bc6d7a
                                                                                                                                                                                                                                                        0x00bc6d81
                                                                                                                                                                                                                                                        0x00bc6d85
                                                                                                                                                                                                                                                        0x00bc6d88
                                                                                                                                                                                                                                                        0x00bc6d8c
                                                                                                                                                                                                                                                        0x00bc6d98
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d9d
                                                                                                                                                                                                                                                        0x00bc6d21
                                                                                                                                                                                                                                                        0x00bc6d23
                                                                                                                                                                                                                                                        0x00bc6d25
                                                                                                                                                                                                                                                        0x00bc6d28
                                                                                                                                                                                                                                                        0x00bc6d2c
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d2e
                                                                                                                                                                                                                                                        0x00bc6d30
                                                                                                                                                                                                                                                        0x00bc6d36
                                                                                                                                                                                                                                                        0x00bc6d42
                                                                                                                                                                                                                                                        0x00bc6d47
                                                                                                                                                                                                                                                        0x00bc6d55
                                                                                                                                                                                                                                                        0x00bc6d56
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6d57
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce3
                                                                                                                                                                                                                                                        0x00bc6ce7
                                                                                                                                                                                                                                                        0x00bc6ce9
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ceb
                                                                                                                                                                                                                                                        0x00bc6ced
                                                                                                                                                                                                                                                        0x00bc6cf3
                                                                                                                                                                                                                                                        0x00bc6cf3
                                                                                                                                                                                                                                                        0x00bc6cf8
                                                                                                                                                                                                                                                        0x00bc6cf9
                                                                                                                                                                                                                                                        0x00bc6cfa
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6cfb
                                                                                                                                                                                                                                                        0x00bc6d00
                                                                                                                                                                                                                                                        0x00bc6d06
                                                                                                                                                                                                                                                        0x00bc6d08
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d0d
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6d17
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c83
                                                                                                                                                                                                                                                        0x00bc6c86
                                                                                                                                                                                                                                                        0x00bc6c88
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6c88
                                                                                                                                                                                                                                                        0x00bc6c81
                                                                                                                                                                                                                                                        0x00bc6c07
                                                                                                                                                                                                                                                        0x00bc6c0a
                                                                                                                                                                                                                                                        0x00bc6c0c
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc6c0c
                                                                                                                                                                                                                                                        0x00bc6c05
                                                                                                                                                                                                                                                        0x00bc6bf8
                                                                                                                                                                                                                                                        0x00bc6bda

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,7FFFFFFF,?,80000000,?,00BC6B58,?,?,00BC800E,?), ref: 00BC6BE7
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(7FFFFFFF,?,?,?,80000000,?,00BC6B58,?,?,00BC800E,?), ref: 00BC6C10
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,?,80000000,?,00BC6B58,?,?,00BC800E,?), ref: 00BC6C28
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,00BC6B58,?,?,00BC800E,?), ref: 00BC6C43
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 674017509-0
                                                                                                                                                                                                                                                        • Opcode ID: c699f92655e7ad52f7039987300e005058f1722f9437646cc60d389721bf6773
                                                                                                                                                                                                                                                        • Instruction ID: fc7512d2b207862260ccea7f802dd649e069211123ed0779e26deba4e72acf48
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c699f92655e7ad52f7039987300e005058f1722f9437646cc60d389721bf6773
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CC21E272A00115AFCB18DE68DC8497FB3EAEBC5320724477DE865E7390DA709D4287E1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 39%
                                                                                                                                                                                                                                                        			E00BE61F0(void* __ecx, signed int _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				signed short _v26;
                                                                                                                                                                                                                                                        				void* _v30;
                                                                                                                                                                                                                                                        				char _v31;
                                                                                                                                                                                                                                                        				void _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				void _v44;
                                                                                                                                                                                                                                                        				char _v48;
                                                                                                                                                                                                                                                        				signed int _v52;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				signed short _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				DWORD* _t39;
                                                                                                                                                                                                                                                        				void* _t40;
                                                                                                                                                                                                                                                        				signed int _t41;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t40 = __ecx;
                                                                                                                                                                                                                                                        				_t39 =  &_v40;
                                                                                                                                                                                                                                                        				_v20 = _t26 ^ _t41;
                                                                                                                                                                                                                                                        				_t29 = ReadProcessMemory( *(__ecx + 0x10),  *(__ecx + 4),  &_v36, 0x10, _t39);
                                                                                                                                                                                                                                                        				_t34 = 0;
                                                                                                                                                                                                                                                        				if(_t29 != 0 && _v40 == 0x10 && _v36 == 0xb8) {
                                                                                                                                                                                                                                                        					if(_v31 != 0xba) {
                                                                                                                                                                                                                                                        						L14:
                                                                                                                                                                                                                                                        						_t34 = 0;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t32 = _v26 & 0x0000ffff;
                                                                                                                                                                                                                                                        						_t29 = _t32 & 0x0000ffff;
                                                                                                                                                                                                                                                        						if(_t32 == 0x12ff || _t29 == 0xd2ff) {
                                                                                                                                                                                                                                                        							if(_v24 != 0xc2) {
                                                                                                                                                                                                                                                        								goto L14;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(_t29 != 0xd2ff) {
                                                                                                                                                                                                                                                        									if(ReadProcessMemory( *(_t40 + 0x10), _v30,  &_v44, 4, _t39) == 0 || _v40 != 4) {
                                                                                                                                                                                                                                                        										goto L14;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t29 =  &_v48;
                                                                                                                                                                                                                                                        										__imp__GetModuleHandleExW(6, _v44, _t29);
                                                                                                                                                                                                                                                        										if(_t29 == 0) {
                                                                                                                                                                                                                                                        											goto L14;
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											_t29 =  *(_t40 + 0xc);
                                                                                                                                                                                                                                                        											if(_t29 == 0) {
                                                                                                                                                                                                                                                        												_t29 =  &_v52;
                                                                                                                                                                                                                                                        												__imp__GetModuleHandleExW(6,  *((intOrPtr*)(_t40 + 4)), _t29);
                                                                                                                                                                                                                                                        												if(_t29 == 0) {
                                                                                                                                                                                                                                                        													goto L14;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													_t29 = _v52;
                                                                                                                                                                                                                                                        													if(_v48 != _v52) {
                                                                                                                                                                                                                                                        														goto L14;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L8;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_v52 = _t29;
                                                                                                                                                                                                                                                        												if(_v48 == _t29) {
                                                                                                                                                                                                                                                        													goto L8;
                                                                                                                                                                                                                                                        												} else {
                                                                                                                                                                                                                                                        													goto L14;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L8:
                                                                                                                                                                                                                                                        									_t29 = _a4;
                                                                                                                                                                                                                                                        									asm("movsd xmm0, [ebp-0x20]");
                                                                                                                                                                                                                                                        									asm("movsd xmm1, [ebp-0x18]");
                                                                                                                                                                                                                                                        									_t34 = 1;
                                                                                                                                                                                                                                                        									asm("movsd [eax+0x8], xmm1");
                                                                                                                                                                                                                                                        									asm("movsd [eax], xmm0");
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							goto L14;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t29, _v20 ^ _t41, _t38);
                                                                                                                                                                                                                                                        				return _t34;
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00be61f9
                                                                                                                                                                                                                                                        0x00be61fe
                                                                                                                                                                                                                                                        0x00be6200
                                                                                                                                                                                                                                                        0x00be6205
                                                                                                                                                                                                                                                        0x00be6215
                                                                                                                                                                                                                                                        0x00be621b
                                                                                                                                                                                                                                                        0x00be621f
                                                                                                                                                                                                                                                        0x00be623d
                                                                                                                                                                                                                                                        0x00be62ba
                                                                                                                                                                                                                                                        0x00be62ba
                                                                                                                                                                                                                                                        0x00be623f
                                                                                                                                                                                                                                                        0x00be623f
                                                                                                                                                                                                                                                        0x00be6248
                                                                                                                                                                                                                                                        0x00be624b
                                                                                                                                                                                                                                                        0x00be6258
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be625a
                                                                                                                                                                                                                                                        0x00be625f
                                                                                                                                                                                                                                                        0x00be6290
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be6298
                                                                                                                                                                                                                                                        0x00be6298
                                                                                                                                                                                                                                                        0x00be62a1
                                                                                                                                                                                                                                                        0x00be62a9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62ab
                                                                                                                                                                                                                                                        0x00be62ab
                                                                                                                                                                                                                                                        0x00be62b0
                                                                                                                                                                                                                                                        0x00be62d2
                                                                                                                                                                                                                                                        0x00be62db
                                                                                                                                                                                                                                                        0x00be62e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62e5
                                                                                                                                                                                                                                                        0x00be62e5
                                                                                                                                                                                                                                                        0x00be62eb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62ed
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62ed
                                                                                                                                                                                                                                                        0x00be62eb
                                                                                                                                                                                                                                                        0x00be62b2
                                                                                                                                                                                                                                                        0x00be62b2
                                                                                                                                                                                                                                                        0x00be62b8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be62b8
                                                                                                                                                                                                                                                        0x00be62b0
                                                                                                                                                                                                                                                        0x00be62a9
                                                                                                                                                                                                                                                        0x00be6261
                                                                                                                                                                                                                                                        0x00be6261
                                                                                                                                                                                                                                                        0x00be6261
                                                                                                                                                                                                                                                        0x00be6264
                                                                                                                                                                                                                                                        0x00be6269
                                                                                                                                                                                                                                                        0x00be626e
                                                                                                                                                                                                                                                        0x00be6270
                                                                                                                                                                                                                                                        0x00be6275
                                                                                                                                                                                                                                                        0x00be6275
                                                                                                                                                                                                                                                        0x00be625f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be624b
                                                                                                                                                                                                                                                        0x00be623d
                                                                                                                                                                                                                                                        0x00be62c1
                                                                                                                                                                                                                                                        0x00be62cf

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNEL32(?,?,?,00000010,?), ref: 00BE6215
                                                                                                                                                                                                                                                        • ReadProcessMemory.KERNEL32(?,?,?,00000004,?), ref: 00BE6288
                                                                                                                                                                                                                                                        • GetModuleHandleExW.KERNEL32(00000006,?,?), ref: 00BE62A1
                                                                                                                                                                                                                                                        • GetModuleHandleExW.KERNEL32(00000006,?,?), ref: 00BE62DB
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HandleMemoryModuleProcessRead
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2283701994-0
                                                                                                                                                                                                                                                        • Opcode ID: 4e63df575365f34f7ff0d49e6e3bd016a38bded5a5aeada13e99dc38e502a3b2
                                                                                                                                                                                                                                                        • Instruction ID: b89e5523819945b9d5b5efb71ae021414fe1531e4e9ef2d09db503c843b88fec
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4e63df575365f34f7ff0d49e6e3bd016a38bded5a5aeada13e99dc38e502a3b2
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ED319231A002499ADF20CFE6CC44AFEB7F5FF29390F0041AEE611E6190CB61D844DB60
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 90%
                                                                                                                                                                                                                                                        			E00BD5880(void* __eax) {
                                                                                                                                                                                                                                                        				HANDLE* _v20;
                                                                                                                                                                                                                                                        				void* _t13;
                                                                                                                                                                                                                                                        				signed int _t15;
                                                                                                                                                                                                                                                        				HANDLE* _t16;
                                                                                                                                                                                                                                                        				long _t17;
                                                                                                                                                                                                                                                        				void* _t20;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        				HANDLE* _t24;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				HANDLE* _t29;
                                                                                                                                                                                                                                                        				long _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t13 = E00BCBDD0();
                                                                                                                                                                                                                                                        				_t20 = 0;
                                                                                                                                                                                                                                                        				if(_t13 >= 7) {
                                                                                                                                                                                                                                                        					_t15 = GetProcessHeaps(0, 0);
                                                                                                                                                                                                                                                        					_t31 = _t15;
                                                                                                                                                                                                                                                        					_t16 = _t15 * 4;
                                                                                                                                                                                                                                                        					_t27 =  >=  ? _t16 : 0xffffffff;
                                                                                                                                                                                                                                                        					_push( >=  ? _t16 : 0xffffffff);
                                                                                                                                                                                                                                                        					L00BEF6CC();
                                                                                                                                                                                                                                                        					_t34 = _t32 + 4;
                                                                                                                                                                                                                                                        					_t29 = _t16;
                                                                                                                                                                                                                                                        					_t17 = GetProcessHeaps(_t31, _t16);
                                                                                                                                                                                                                                                        					_t20 = 0;
                                                                                                                                                                                                                                                        					if(_t31 != 0 && _t17 == _t31) {
                                                                                                                                                                                                                                                        						_t28 = 0;
                                                                                                                                                                                                                                                        						_t24 = _t29;
                                                                                                                                                                                                                                                        						_v20 = _t29;
                                                                                                                                                                                                                                                        						asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t22 =  *_t24;
                                                                                                                                                                                                                                                        							if(_t22 == 0 ||  *((intOrPtr*)(_t22 + 8)) != 0xffeeffee ||  *((intOrPtr*)(_t22 + 0x18)) != _t22 ||  *((intOrPtr*)(_t22 + 0x60)) != 0xeeffeeff) {
                                                                                                                                                                                                                                                        								L7:
                                                                                                                                                                                                                                                        								_t20 = _t28;
                                                                                                                                                                                                                                                        								goto L8;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if(( *(_t22 + 0x40) & 0x0000f000) != 0x8000) {
                                                                                                                                                                                                                                                        									_t29 = _v20;
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t29 = _v20;
                                                                                                                                                                                                                                                        									if(_t28 == 0) {
                                                                                                                                                                                                                                                        										goto L8;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t20 = 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L16;
                                                                                                                                                                                                                                                        							L8:
                                                                                                                                                                                                                                                        							_t24 =  &(_t24[1]);
                                                                                                                                                                                                                                                        							_t31 = _t31 - 1;
                                                                                                                                                                                                                                                        							_t28 = _t20;
                                                                                                                                                                                                                                                        						} while (_t31 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					L16:
                                                                                                                                                                                                                                                        					_push(_t29);
                                                                                                                                                                                                                                                        					L00BEF6D2();
                                                                                                                                                                                                                                                        					_t32 = _t34 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t20;
                                                                                                                                                                                                                                                        			}
















                                                                                                                                                                                                                                                        0x00bd5887
                                                                                                                                                                                                                                                        0x00bd588c
                                                                                                                                                                                                                                                        0x00bd5891
                                                                                                                                                                                                                                                        0x00bd58a1
                                                                                                                                                                                                                                                        0x00bd58a8
                                                                                                                                                                                                                                                        0x00bd58aa
                                                                                                                                                                                                                                                        0x00bd58b1
                                                                                                                                                                                                                                                        0x00bd58b4
                                                                                                                                                                                                                                                        0x00bd58b5
                                                                                                                                                                                                                                                        0x00bd58ba
                                                                                                                                                                                                                                                        0x00bd58bd
                                                                                                                                                                                                                                                        0x00bd58c1
                                                                                                                                                                                                                                                        0x00bd58c3
                                                                                                                                                                                                                                                        0x00bd58c7
                                                                                                                                                                                                                                                        0x00bd58cd
                                                                                                                                                                                                                                                        0x00bd58cf
                                                                                                                                                                                                                                                        0x00bd58d1
                                                                                                                                                                                                                                                        0x00bd58d4
                                                                                                                                                                                                                                                        0x00bd58e0
                                                                                                                                                                                                                                                        0x00bd58e0
                                                                                                                                                                                                                                                        0x00bd58e4
                                                                                                                                                                                                                                                        0x00bd58f4
                                                                                                                                                                                                                                                        0x00bd58f4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5909
                                                                                                                                                                                                                                                        0x00bd5918
                                                                                                                                                                                                                                                        0x00bd5923
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd591a
                                                                                                                                                                                                                                                        0x00bd591a
                                                                                                                                                                                                                                                        0x00bd591f
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd5921
                                                                                                                                                                                                                                                        0x00bd5928
                                                                                                                                                                                                                                                        0x00bd5928
                                                                                                                                                                                                                                                        0x00bd591f
                                                                                                                                                                                                                                                        0x00bd5918
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd58f6
                                                                                                                                                                                                                                                        0x00bd58f6
                                                                                                                                                                                                                                                        0x00bd58f9
                                                                                                                                                                                                                                                        0x00bd58fa
                                                                                                                                                                                                                                                        0x00bd58fa
                                                                                                                                                                                                                                                        0x00bd58fe
                                                                                                                                                                                                                                                        0x00bd592a
                                                                                                                                                                                                                                                        0x00bd592a
                                                                                                                                                                                                                                                        0x00bd592b
                                                                                                                                                                                                                                                        0x00bd5930
                                                                                                                                                                                                                                                        0x00bd5930
                                                                                                                                                                                                                                                        0x00bd593c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetProcessHeaps.KERNEL32(00000000,00000000), ref: 00BD58A1
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(FFFFFFFF), ref: 00BD58B5
                                                                                                                                                                                                                                                        • GetProcessHeaps.KERNEL32(00000000,00000000), ref: 00BD58C1
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000), ref: 00BD592B
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: HeapsProcess$??2@??3@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3663680098-0
                                                                                                                                                                                                                                                        • Opcode ID: 9ad0337bb227d42e121af34b3d7f451a7421da56b29dcebe7aaf4e88a53aa6ca
                                                                                                                                                                                                                                                        • Instruction ID: 28b2bb8a9d68c982f2e1947e082b30055c6bda3087ea19347f4f12e775b745b0
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9ad0337bb227d42e121af34b3d7f451a7421da56b29dcebe7aaf4e88a53aa6ca
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E2112672B00A45CBEB3049A59CD177AB2E9EB90330F5800FBEA048B351F6799C00D291
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 68%
                                                                                                                                                                                                                                                        			E00BEA1A0(intOrPtr __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v28;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t26;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				signed int* _t35;
                                                                                                                                                                                                                                                        				signed char _t39;
                                                                                                                                                                                                                                                        				intOrPtr _t42;
                                                                                                                                                                                                                                                        				intOrPtr _t44;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        				void* _t46;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t42 = _a4;
                                                                                                                                                                                                                                                        				if(_t42 == 0) {
                                                                                                                                                                                                                                                        					return 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t26 = __ecx + 0xc;
                                                                                                                                                                                                                                                        				_t44 = __ecx;
                                                                                                                                                                                                                                                        				_v24 = _t26;
                                                                                                                                                                                                                                                        				EnterCriticalSection(_t26);
                                                                                                                                                                                                                                                        				_t35 =  *(_t44 + 4);
                                                                                                                                                                                                                                                        				_t27 =  *_t35;
                                                                                                                                                                                                                                                        				if(_t35 == _t27) {
                                                                                                                                                                                                                                                        					_v20 = 1;
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_v24);
                                                                                                                                                                                                                                                        					return _v20 & 0x00000001;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v28 = _t44;
                                                                                                                                                                                                                                                        				_t33 = _v28;
                                                                                                                                                                                                                                                        				_v20 = 1;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_t27 + 8)) == _t42) {
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					_t45 =  *_t27;
                                                                                                                                                                                                                                                        					 *( *(_t27 + 4)) = _t45;
                                                                                                                                                                                                                                                        					 *( *_t27 + 4) =  *(_t27 + 4);
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t33 + 8)) =  *((intOrPtr*)(_t33 + 8)) - 1;
                                                                                                                                                                                                                                                        					L00BEF6C6();
                                                                                                                                                                                                                                                        					_t46 = _t46 + 8;
                                                                                                                                                                                                                                                        					_t42 = _a4;
                                                                                                                                                                                                                                                        					__imp__UnregisterWaitEx( *((intOrPtr*)(_t27 + 0xc)), 0xffffffff, _t27, 0x10);
                                                                                                                                                                                                                                                        					_t39 = _v20 & (_t27 & 0xffffff00 | _t27 != 0x00000000);
                                                                                                                                                                                                                                                        					_t27 = _t45;
                                                                                                                                                                                                                                                        					_v20 = _t39;
                                                                                                                                                                                                                                                        					_t35 =  *(_t33 + 4);
                                                                                                                                                                                                                                                        					if(_t35 != _t27) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						if( *((intOrPtr*)(_t27 + 8)) != _t42) {
                                                                                                                                                                                                                                                        							L4:
                                                                                                                                                                                                                                                        							_t27 =  *_t27;
                                                                                                                                                                                                                                                        							if(_t35 == _t27) {
                                                                                                                                                                                                                                                        								goto L10;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L5;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L4;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bea1a9
                                                                                                                                                                                                                                                        0x00bea1ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea22f
                                                                                                                                                                                                                                                        0x00bea1b0
                                                                                                                                                                                                                                                        0x00bea1b3
                                                                                                                                                                                                                                                        0x00bea1b5
                                                                                                                                                                                                                                                        0x00bea1b9
                                                                                                                                                                                                                                                        0x00bea1bf
                                                                                                                                                                                                                                                        0x00bea1c2
                                                                                                                                                                                                                                                        0x00bea1c6
                                                                                                                                                                                                                                                        0x00bea235
                                                                                                                                                                                                                                                        0x00bea238
                                                                                                                                                                                                                                                        0x00bea241
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea247
                                                                                                                                                                                                                                                        0x00bea1c8
                                                                                                                                                                                                                                                        0x00bea1cd
                                                                                                                                                                                                                                                        0x00bea1d0
                                                                                                                                                                                                                                                        0x00bea1d6
                                                                                                                                                                                                                                                        0x00bea1eb
                                                                                                                                                                                                                                                        0x00bea1ee
                                                                                                                                                                                                                                                        0x00bea1f3
                                                                                                                                                                                                                                                        0x00bea1fa
                                                                                                                                                                                                                                                        0x00bea1fd
                                                                                                                                                                                                                                                        0x00bea203
                                                                                                                                                                                                                                                        0x00bea208
                                                                                                                                                                                                                                                        0x00bea20e
                                                                                                                                                                                                                                                        0x00bea211
                                                                                                                                                                                                                                                        0x00bea21f
                                                                                                                                                                                                                                                        0x00bea221
                                                                                                                                                                                                                                                        0x00bea223
                                                                                                                                                                                                                                                        0x00bea226
                                                                                                                                                                                                                                                        0x00bea22b
                                                                                                                                                                                                                                                        0x00bea1e6
                                                                                                                                                                                                                                                        0x00bea1e9
                                                                                                                                                                                                                                                        0x00bea1e0
                                                                                                                                                                                                                                                        0x00bea1e0
                                                                                                                                                                                                                                                        0x00bea1e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea1e4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea1e9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bea22d
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 00BEA1B9
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,00000010), ref: 00BEA203
                                                                                                                                                                                                                                                        • UnregisterWaitEx.KERNEL32(?,000000FF), ref: 00BEA211
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 00BEA241
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CriticalSection$??3@EnterLeaveUnregisterWait
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2393515925-0
                                                                                                                                                                                                                                                        • Opcode ID: 531a490d149890035a5073d4ca44e5c535e0afd5db3f3f7ecd86781b61add66c
                                                                                                                                                                                                                                                        • Instruction ID: 32ce39c2e189d5ba6b563ca51eccd04a9ced2a314f702a06fb35fdbb1ca6bb2b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 531a490d149890035a5073d4ca44e5c535e0afd5db3f3f7ecd86781b61add66c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C4218435A00215CFCB00CF55D8849BAB7F9FF4A310B25C1AAE905AB361D772ED45DBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 87%
                                                                                                                                                                                                                                                        			E00BE58B0(void* __eax, void* __ecx, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _t14;
                                                                                                                                                                                                                                                        				void* _t17;
                                                                                                                                                                                                                                                        				intOrPtr* _t18;
                                                                                                                                                                                                                                                        				intOrPtr* _t20;
                                                                                                                                                                                                                                                        				intOrPtr _t24;
                                                                                                                                                                                                                                                        				struct _CRITICAL_SECTION* _t26;
                                                                                                                                                                                                                                                        				intOrPtr* _t27;
                                                                                                                                                                                                                                                        				void* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t28 = __ecx;
                                                                                                                                                                                                                                                        				_t26 = __ecx + 4;
                                                                                                                                                                                                                                                        				EnterCriticalSection(_t26);
                                                                                                                                                                                                                                                        				_t20 =  *((intOrPtr*)(_t28 + 0x1c));
                                                                                                                                                                                                                                                        				_t14 =  *_t20;
                                                                                                                                                                                                                                                        				if(_t20 == _t14) {
                                                                                                                                                                                                                                                        					_t17 = 0;
                                                                                                                                                                                                                                                        					L6:
                                                                                                                                                                                                                                                        					LeaveCriticalSection(_t26);
                                                                                                                                                                                                                                                        					return _t17;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t24 = _a4;
                                                                                                                                                                                                                                                        				_v20 = _t26;
                                                                                                                                                                                                                                                        				asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        				while(1) {
                                                                                                                                                                                                                                                        					_t27 =  *((intOrPtr*)(_t14 + 8));
                                                                                                                                                                                                                                                        					_t18 =  *_t14;
                                                                                                                                                                                                                                                        					if( *((intOrPtr*)(_t27 + 0x1c)) == _t24) {
                                                                                                                                                                                                                                                        						break;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t14 = _t18;
                                                                                                                                                                                                                                                        					if(_t20 != _t18) {
                                                                                                                                                                                                                                                        						continue;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t17 = 0;
                                                                                                                                                                                                                                                        					L5:
                                                                                                                                                                                                                                                        					_t26 = _v20;
                                                                                                                                                                                                                                                        					goto L6;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *((intOrPtr*)(_t14 + 4)))) = _t18;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)( *_t14 + 4)) =  *((intOrPtr*)(_t14 + 4));
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t28 + 0x20)) =  *((intOrPtr*)(_t28 + 0x20)) - 1;
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				_push(_t14);
                                                                                                                                                                                                                                                        				L00BEF6C6();
                                                                                                                                                                                                                                                        				_t29 = _t29 + 8;
                                                                                                                                                                                                                                                        				_t17 = 1;
                                                                                                                                                                                                                                                        				__eflags = _t27;
                                                                                                                                                                                                                                                        				if(__eflags != 0) {
                                                                                                                                                                                                                                                        					E00BE9180(_t27, __eflags);
                                                                                                                                                                                                                                                        					_push(_t27);
                                                                                                                                                                                                                                                        					L00BEF6C0();
                                                                                                                                                                                                                                                        					_t29 = _t29 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				goto L5;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00be58b7
                                                                                                                                                                                                                                                        0x00be58b9
                                                                                                                                                                                                                                                        0x00be58bd
                                                                                                                                                                                                                                                        0x00be58c3
                                                                                                                                                                                                                                                        0x00be58c6
                                                                                                                                                                                                                                                        0x00be58ca
                                                                                                                                                                                                                                                        0x00be5908
                                                                                                                                                                                                                                                        0x00be58f5
                                                                                                                                                                                                                                                        0x00be58f6
                                                                                                                                                                                                                                                        0x00be5905
                                                                                                                                                                                                                                                        0x00be5905
                                                                                                                                                                                                                                                        0x00be58cc
                                                                                                                                                                                                                                                        0x00be58cf
                                                                                                                                                                                                                                                        0x00be58d2
                                                                                                                                                                                                                                                        0x00be58e0
                                                                                                                                                                                                                                                        0x00be58e0
                                                                                                                                                                                                                                                        0x00be58e3
                                                                                                                                                                                                                                                        0x00be58e8
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be58ec
                                                                                                                                                                                                                                                        0x00be58ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be58f0
                                                                                                                                                                                                                                                        0x00be58f2
                                                                                                                                                                                                                                                        0x00be58f2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00be58f2
                                                                                                                                                                                                                                                        0x00be590f
                                                                                                                                                                                                                                                        0x00be5916
                                                                                                                                                                                                                                                        0x00be5919
                                                                                                                                                                                                                                                        0x00be591c
                                                                                                                                                                                                                                                        0x00be591e
                                                                                                                                                                                                                                                        0x00be591f
                                                                                                                                                                                                                                                        0x00be5924
                                                                                                                                                                                                                                                        0x00be5927
                                                                                                                                                                                                                                                        0x00be5929
                                                                                                                                                                                                                                                        0x00be592b
                                                                                                                                                                                                                                                        0x00be592f
                                                                                                                                                                                                                                                        0x00be5934
                                                                                                                                                                                                                                                        0x00be5935
                                                                                                                                                                                                                                                        0x00be593a
                                                                                                                                                                                                                                                        0x00be593a
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,00BCF071,00000000,?,?,00BCCFC5), ref: 00BE58BD
                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?,?,?,00BCF071,00000000,?,?,00BCCFC5), ref: 00BE58F6
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(00000000,0000000C,?,?,00BCF071,00000000,?,?,00BCCFC5), ref: 00BE591F
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?,00BCCFC5), ref: 00BE5935
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@CriticalSection$EnterLeave
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2389133793-0
                                                                                                                                                                                                                                                        • Opcode ID: 70f1025fe5b8e33ea13f3f8a2db8e09048a912135edfbcd1c486f642226e6d5c
                                                                                                                                                                                                                                                        • Instruction ID: 7b9214e0eabf1da3f3e8f0f9252959b2eea08e758996b4f4328571312345a642
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 70f1025fe5b8e33ea13f3f8a2db8e09048a912135edfbcd1c486f642226e6d5c
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B2118276600244DFC7209F56DC8497AB7F5FF8A31475881BEE90A5B311DB31E806DBA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 89%
                                                                                                                                                                                                                                                        			E00BBA460(void** __ecx, void* __eflags) {
                                                                                                                                                                                                                                                        				void* _t7;
                                                                                                                                                                                                                                                        				void* _t8;
                                                                                                                                                                                                                                                        				void* _t9;
                                                                                                                                                                                                                                                        				void* _t10;
                                                                                                                                                                                                                                                        				int _t11;
                                                                                                                                                                                                                                                        				void** _t15;
                                                                                                                                                                                                                                                        				void* _t16;
                                                                                                                                                                                                                                                        				void** _t17;
                                                                                                                                                                                                                                                        				void** _t19;
                                                                                                                                                                                                                                                        				void* _t22;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t17 = __ecx;
                                                                                                                                                                                                                                                        				E00BBA490(__ecx, _t16);
                                                                                                                                                                                                                                                        				_t7 =  *(__ecx + 0x18);
                                                                                                                                                                                                                                                        				if(_t7 != 4) {
                                                                                                                                                                                                                                                        					free(_t7);
                                                                                                                                                                                                                                                        					_t22 = _t22 + 4;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t15 = _t17;
                                                                                                                                                                                                                                                        				_pop(_t18);
                                                                                                                                                                                                                                                        				_pop(_t20);
                                                                                                                                                                                                                                                        				_t8 = _t15[2];
                                                                                                                                                                                                                                                        				_t19 = _t15;
                                                                                                                                                                                                                                                        				if(_t8 != 0) {
                                                                                                                                                                                                                                                        					UnmapViewOfFile(_t8);
                                                                                                                                                                                                                                                        					_t19[2] = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t9 = _t19[1];
                                                                                                                                                                                                                                                        				if(_t9 != 0) {
                                                                                                                                                                                                                                                        					CloseHandle(_t9);
                                                                                                                                                                                                                                                        					_t19[1] = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t10 =  *_t19;
                                                                                                                                                                                                                                                        				if(_t10 != 0) {
                                                                                                                                                                                                                                                        					_t11 = CloseHandle(_t10);
                                                                                                                                                                                                                                                        					 *_t19 = 0;
                                                                                                                                                                                                                                                        					return _t11;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t10;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bba464
                                                                                                                                                                                                                                                        0x00bba466
                                                                                                                                                                                                                                                        0x00bba46b
                                                                                                                                                                                                                                                        0x00bba471
                                                                                                                                                                                                                                                        0x00bba47d
                                                                                                                                                                                                                                                        0x00bba483
                                                                                                                                                                                                                                                        0x00bba483
                                                                                                                                                                                                                                                        0x00bba473
                                                                                                                                                                                                                                                        0x00bba475
                                                                                                                                                                                                                                                        0x00bba476
                                                                                                                                                                                                                                                        0x00bba5f4
                                                                                                                                                                                                                                                        0x00bba5f7
                                                                                                                                                                                                                                                        0x00bba5fb
                                                                                                                                                                                                                                                        0x00bba5fe
                                                                                                                                                                                                                                                        0x00bba604
                                                                                                                                                                                                                                                        0x00bba604
                                                                                                                                                                                                                                                        0x00bba60b
                                                                                                                                                                                                                                                        0x00bba610
                                                                                                                                                                                                                                                        0x00bba613
                                                                                                                                                                                                                                                        0x00bba619
                                                                                                                                                                                                                                                        0x00bba619
                                                                                                                                                                                                                                                        0x00bba620
                                                                                                                                                                                                                                                        0x00bba624
                                                                                                                                                                                                                                                        0x00bba627
                                                                                                                                                                                                                                                        0x00bba62d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bba62d
                                                                                                                                                                                                                                                        0x00bba635

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,00BB79AC,?,?,00BB2A0E), ref: 00BBA47D
                                                                                                                                                                                                                                                        • UnmapViewOfFile.KERNEL32(?,00BB2A0E), ref: 00BBA5FE
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00BB10C6,00BB2A0E), ref: 00BBA613
                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00BB10C6,00BB2A0E), ref: 00BBA627
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: CloseHandle$FileUnmapViewfree
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3433568532-0
                                                                                                                                                                                                                                                        • Opcode ID: 3ee59a30de28b47457fdb0dc436e51c6ee4fe8df07eb3914030e1b72a9c44839
                                                                                                                                                                                                                                                        • Instruction ID: 8d4cd7fe6df654f1feb922a16afef7aad4f9611e41641fa7c9daf160b36c366f
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ee59a30de28b47457fdb0dc436e51c6ee4fe8df07eb3914030e1b72a9c44839
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 34F08C75A003019BD6205F69E848BB2B7ECDF04764F0448A9E846D3640DEB2E840CB95
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 78%
                                                                                                                                                                                                                                                        			E00BDE110(intOrPtr __ecx, intOrPtr _a4, intOrPtr _a8, signed short* _a12, WCHAR* _a16, intOrPtr* _a20, intOrPtr* _a24) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				WCHAR* _v520;
                                                                                                                                                                                                                                                        				WCHAR* _v524;
                                                                                                                                                                                                                                                        				LPWSTR* _v532;
                                                                                                                                                                                                                                                        				short _v536;
                                                                                                                                                                                                                                                        				short _v540;
                                                                                                                                                                                                                                                        				WCHAR* _v544;
                                                                                                                                                                                                                                                        				WCHAR* _v548;
                                                                                                                                                                                                                                                        				WCHAR* _v564;
                                                                                                                                                                                                                                                        				WCHAR* _v568;
                                                                                                                                                                                                                                                        				WCHAR* _v572;
                                                                                                                                                                                                                                                        				WCHAR* _v588;
                                                                                                                                                                                                                                                        				intOrPtr _v592;
                                                                                                                                                                                                                                                        				signed int _t95;
                                                                                                                                                                                                                                                        				WCHAR* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				WCHAR* _t103;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				WCHAR* _t105;
                                                                                                                                                                                                                                                        				intOrPtr _t110;
                                                                                                                                                                                                                                                        				WCHAR* _t111;
                                                                                                                                                                                                                                                        				long _t112;
                                                                                                                                                                                                                                                        				WCHAR* _t115;
                                                                                                                                                                                                                                                        				void* _t117;
                                                                                                                                                                                                                                                        				void* _t119;
                                                                                                                                                                                                                                                        				void* _t122;
                                                                                                                                                                                                                                                        				short _t123;
                                                                                                                                                                                                                                                        				intOrPtr _t124;
                                                                                                                                                                                                                                                        				intOrPtr* _t125;
                                                                                                                                                                                                                                                        				signed short* _t126;
                                                                                                                                                                                                                                                        				signed int _t127;
                                                                                                                                                                                                                                                        				signed short* _t129;
                                                                                                                                                                                                                                                        				signed short* _t130;
                                                                                                                                                                                                                                                        				signed int _t131;
                                                                                                                                                                                                                                                        				long _t133;
                                                                                                                                                                                                                                                        				WCHAR* _t138;
                                                                                                                                                                                                                                                        				WCHAR* _t139;
                                                                                                                                                                                                                                                        				intOrPtr _t140;
                                                                                                                                                                                                                                                        				WCHAR* _t144;
                                                                                                                                                                                                                                                        				signed short* _t147;
                                                                                                                                                                                                                                                        				LPWSTR* _t152;
                                                                                                                                                                                                                                                        				intOrPtr* _t157;
                                                                                                                                                                                                                                                        				signed short* _t159;
                                                                                                                                                                                                                                                        				intOrPtr* _t160;
                                                                                                                                                                                                                                                        				signed int _t163;
                                                                                                                                                                                                                                                        				signed int _t165;
                                                                                                                                                                                                                                                        				void* _t166;
                                                                                                                                                                                                                                                        				void* _t167;
                                                                                                                                                                                                                                                        				void* _t176;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t95 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t157 = _a24;
                                                                                                                                                                                                                                                        				_t96 = _t95 ^ _t165;
                                                                                                                                                                                                                                                        				_v20 = _t95 ^ _t165;
                                                                                                                                                                                                                                                        				if( *_t157 != 0x10) {
                                                                                                                                                                                                                                                        					_t123 = 0;
                                                                                                                                                                                                                                                        					L29:
                                                                                                                                                                                                                                                        					E00BEECB0(_t96, _v20 ^ _t165, _t156);
                                                                                                                                                                                                                                                        					return _t123;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t99 = _a8;
                                                                                                                                                                                                                                                        				_v568 = 7;
                                                                                                                                                                                                                                                        				_v572 = 0;
                                                                                                                                                                                                                                                        				_v588 = 0;
                                                                                                                                                                                                                                                        				_t159 = _a12;
                                                                                                                                                                                                                                                        				_v592 = __ecx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(_a8 + 0x10)) != 0) {
                                                                                                                                                                                                                                                        					E00BDE650( &_v588, _t99);
                                                                                                                                                                                                                                                        					L21:
                                                                                                                                                                                                                                                        					_t101 = _v572;
                                                                                                                                                                                                                                                        					if(_v568 <= 7) {
                                                                                                                                                                                                                                                        						_t138 =  &_v588;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t138 = _v588;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t124 = _a4;
                                                                                                                                                                                                                                                        					_t102 = E00BC7470(_t138, _t101, 0, L"\\\\", 2);
                                                                                                                                                                                                                                                        					_t167 = _t166 + 0x14;
                                                                                                                                                                                                                                                        					if(_t102 != 0) {
                                                                                                                                                                                                                                                        						_t103 = _v572;
                                                                                                                                                                                                                                                        						__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        						if(_v568 <= 7) {
                                                                                                                                                                                                                                                        							_t139 =  &_v588;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t139 = _v588;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t104 = E00BC7470(_t139, _t103, 0, L":\\", 2);
                                                                                                                                                                                                                                                        						_t167 = _t167 + 0x14;
                                                                                                                                                                                                                                                        						__eflags = _t104 - 1;
                                                                                                                                                                                                                                                        						if(_t104 == 1) {
                                                                                                                                                                                                                                                        							goto L25;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_t110 = _a8;
                                                                                                                                                                                                                                                        							__eflags =  *(_t110 + 0x10);
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							if( *(_t110 + 0x10) != 0) {
                                                                                                                                                                                                                                                        								L43:
                                                                                                                                                                                                                                                        								_t111 = _a16;
                                                                                                                                                                                                                                                        								__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        								if(_v568 <= 7) {
                                                                                                                                                                                                                                                        									_t144 =  &_v588;
                                                                                                                                                                                                                                                        									__eflags = _t111[0xa] - 7;
                                                                                                                                                                                                                                                        									if(_t111[0xa] <= 7) {
                                                                                                                                                                                                                                                        										L48:
                                                                                                                                                                                                                                                        										_t156 =  &_v564;
                                                                                                                                                                                                                                                        										_t112 = SearchPathW(_t111, _t144, 0, 0x104,  &_v540,  &_v564);
                                                                                                                                                                                                                                                        										L49:
                                                                                                                                                                                                                                                        										_t109 = _t112 - 1;
                                                                                                                                                                                                                                                        										__eflags = _t112 - 1 - 0x102;
                                                                                                                                                                                                                                                        										if(_t112 - 1 <= 0x102) {
                                                                                                                                                                                                                                                        											E00BBA740( &_v588,  &_v540);
                                                                                                                                                                                                                                                        											goto L25;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *((intOrPtr*)(_t124 + 0x10)) = 2;
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									L47:
                                                                                                                                                                                                                                                        									_t111 =  *_t111;
                                                                                                                                                                                                                                                        									goto L48;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t144 = _v588;
                                                                                                                                                                                                                                                        								__eflags = _t111[0xa] - 7;
                                                                                                                                                                                                                                                        								if(_t111[0xa] > 7) {
                                                                                                                                                                                                                                                        									goto L47;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								goto L48;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							__eflags = _v568 - 7;
                                                                                                                                                                                                                                                        							if(_v568 <= 7) {
                                                                                                                                                                                                                                                        								_t115 =  &_v588;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t115 = _v588;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t156 =  &_v540;
                                                                                                                                                                                                                                                        							_t112 = SearchPathW(0, _t115, 0, 0x104,  &_v540,  &_v564);
                                                                                                                                                                                                                                                        							__eflags = _t112;
                                                                                                                                                                                                                                                        							if(_t112 != 0) {
                                                                                                                                                                                                                                                        								goto L49;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L43;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L25:
                                                                                                                                                                                                                                                        						_t160 = _a20;
                                                                                                                                                                                                                                                        						_t140 = _v592;
                                                                                                                                                                                                                                                        						_t125 = _t157;
                                                                                                                                                                                                                                                        						_t158 =  &_v588;
                                                                                                                                                                                                                                                        						_t105 =  &_v588;
                                                                                                                                                                                                                                                        						if(_v568 > 7) {
                                                                                                                                                                                                                                                        							_t105 = _v588;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_v564 = _t105;
                                                                                                                                                                                                                                                        						_v540 = 1;
                                                                                                                                                                                                                                                        						_v536 = 1;
                                                                                                                                                                                                                                                        						_v532 =  &_v564;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_a4 + 0x10)) = E00BDFA90(_t156, E00BE5950( *((intOrPtr*)(_t140 + 0x10)), 0xd,  &_v540),  *((intOrPtr*)(_a4 + 4)), _t158, _a12, _t160,  *((intOrPtr*)(_t125 + 4)));
                                                                                                                                                                                                                                                        						L28:
                                                                                                                                                                                                                                                        						_t96 = E00BBDF30(_t109,  &_v588, _t156);
                                                                                                                                                                                                                                                        						_t123 = 1;
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_v524 = 0;
                                                                                                                                                                                                                                                        				_t147 = _t159;
                                                                                                                                                                                                                                                        				_v520 = 7;
                                                                                                                                                                                                                                                        				_v540 = 0;
                                                                                                                                                                                                                                                        				_t156 = _t159[8];
                                                                                                                                                                                                                                                        				if(_t159[0xa] > 7) {
                                                                                                                                                                                                                                                        					_t147 =  *_t159;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t163 =  *_t147 & 0x0000ffff;
                                                                                                                                                                                                                                                        				if(_t163 != 0x22) {
                                                                                                                                                                                                                                                        					__eflags = _t156;
                                                                                                                                                                                                                                                        					if(_t156 == 0) {
                                                                                                                                                                                                                                                        						L18:
                                                                                                                                                                                                                                                        						_t117 = E00BDE650( &_v540, _a12);
                                                                                                                                                                                                                                                        						goto L19;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					__eflags = _t163 - 0x20;
                                                                                                                                                                                                                                                        					_t126 = _t147;
                                                                                                                                                                                                                                                        					if(_t163 == 0x20) {
                                                                                                                                                                                                                                                        						L17:
                                                                                                                                                                                                                                                        						_t127 = _t126 - _t147;
                                                                                                                                                                                                                                                        						__eflags = _t127 - 0xfffffffe;
                                                                                                                                                                                                                                                        						if(_t127 != 0xfffffffe) {
                                                                                                                                                                                                                                                        							_t164 =  &_v564;
                                                                                                                                                                                                                                                        							_v544 = 7;
                                                                                                                                                                                                                                                        							_v548 = 0;
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							_t152 =  &_v564;
                                                                                                                                                                                                                                                        							_push(_t127 >> 1);
                                                                                                                                                                                                                                                        							_push(0);
                                                                                                                                                                                                                                                        							goto L39;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L18;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t156 = _t156 - 1;
                                                                                                                                                                                                                                                        					_t129 = _t147;
                                                                                                                                                                                                                                                        					asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						__eflags = _t156;
                                                                                                                                                                                                                                                        						if(_t156 == 0) {
                                                                                                                                                                                                                                                        							goto L18;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t156 = _t156 - 1;
                                                                                                                                                                                                                                                        						__eflags = _t129[1] - 0x20;
                                                                                                                                                                                                                                                        						_t129 =  &(_t129[1]);
                                                                                                                                                                                                                                                        						if(__eflags != 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L17;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L18;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(_t156 < 2) {
                                                                                                                                                                                                                                                        						L10:
                                                                                                                                                                                                                                                        						_v548 = 0;
                                                                                                                                                                                                                                                        						_v544 = 0;
                                                                                                                                                                                                                                                        						_t117 = E00BC1CE0( &_v564, _a12);
                                                                                                                                                                                                                                                        						L20:
                                                                                                                                                                                                                                                        						_t119 = E00BBDF30(E00BBDF30(_t117,  &_v540, _t156),  &_v588, _t156);
                                                                                                                                                                                                                                                        						asm("movsd xmm0, [ebp-0x220]");
                                                                                                                                                                                                                                                        						asm("movsd xmm2, [ebp-0x230]");
                                                                                                                                                                                                                                                        						asm("movsd xmm1, [ebp-0x228]");
                                                                                                                                                                                                                                                        						_v548 = 0;
                                                                                                                                                                                                                                                        						_v544 = 7;
                                                                                                                                                                                                                                                        						_v564 = 0;
                                                                                                                                                                                                                                                        						asm("movsd [ebp-0x238], xmm0");
                                                                                                                                                                                                                                                        						asm("movsd [ebp-0x240], xmm1");
                                                                                                                                                                                                                                                        						asm("movsd [ebp-0x248], xmm2");
                                                                                                                                                                                                                                                        						E00BBDF30(_t119,  &_v564, _t156);
                                                                                                                                                                                                                                                        						goto L21;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t156 = _t156 - 1;
                                                                                                                                                                                                                                                        					_t130 = _t147;
                                                                                                                                                                                                                                                        					asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        					while(_t156 != 0) {
                                                                                                                                                                                                                                                        						_t156 = _t156 - 1;
                                                                                                                                                                                                                                                        						_t176 = _t130[1] - 0x22;
                                                                                                                                                                                                                                                        						_t130 =  &(_t130[1]);
                                                                                                                                                                                                                                                        						if(_t176 != 0) {
                                                                                                                                                                                                                                                        							continue;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						_t131 = _t130 - _t147;
                                                                                                                                                                                                                                                        						if(_t131 != 0xfffffffe) {
                                                                                                                                                                                                                                                        							_t164 =  &_v564;
                                                                                                                                                                                                                                                        							_v544 = 7;
                                                                                                                                                                                                                                                        							_v548 = 0;
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							_t133 = (_t131 >> 1) - 1;
                                                                                                                                                                                                                                                        							__eflags = _t133;
                                                                                                                                                                                                                                                        							_t152 =  &_v564;
                                                                                                                                                                                                                                                        							_push(_t133);
                                                                                                                                                                                                                                                        							_push(1);
                                                                                                                                                                                                                                                        							L39:
                                                                                                                                                                                                                                                        							_push(_a12);
                                                                                                                                                                                                                                                        							_t122 = E00BBDF30(E00BC30B0(_t152),  &_v540, _t156);
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x220]");
                                                                                                                                                                                                                                                        							asm("movsd xmm2, [ebp-0x230]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x228]");
                                                                                                                                                                                                                                                        							_v548 = 0;
                                                                                                                                                                                                                                                        							_v544 = 7;
                                                                                                                                                                                                                                                        							_v564 = 0;
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x208], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x210], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x218], xmm2");
                                                                                                                                                                                                                                                        							_t117 = E00BBDF30(_t122, _t164, _t156);
                                                                                                                                                                                                                                                        							L19:
                                                                                                                                                                                                                                                        							asm("movsd xmm0, [ebp-0x208]");
                                                                                                                                                                                                                                                        							asm("movsd xmm2, [ebp-0x218]");
                                                                                                                                                                                                                                                        							asm("movsd xmm1, [ebp-0x210]");
                                                                                                                                                                                                                                                        							_v524 = 0;
                                                                                                                                                                                                                                                        							_v520 = 7;
                                                                                                                                                                                                                                                        							_v540 = 0;
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x220], xmm0");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x228], xmm1");
                                                                                                                                                                                                                                                        							asm("movsd [ebp-0x230], xmm2");
                                                                                                                                                                                                                                                        							goto L20;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					goto L10;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















































                                                                                                                                                                                                                                                        0x00bde11c
                                                                                                                                                                                                                                                        0x00bde121
                                                                                                                                                                                                                                                        0x00bde124
                                                                                                                                                                                                                                                        0x00bde126
                                                                                                                                                                                                                                                        0x00bde12c
                                                                                                                                                                                                                                                        0x00bde1f1
                                                                                                                                                                                                                                                        0x00bde3b0
                                                                                                                                                                                                                                                        0x00bde3b5
                                                                                                                                                                                                                                                        0x00bde3c6
                                                                                                                                                                                                                                                        0x00bde3c6
                                                                                                                                                                                                                                                        0x00bde132
                                                                                                                                                                                                                                                        0x00bde135
                                                                                                                                                                                                                                                        0x00bde13f
                                                                                                                                                                                                                                                        0x00bde149
                                                                                                                                                                                                                                                        0x00bde152
                                                                                                                                                                                                                                                        0x00bde155
                                                                                                                                                                                                                                                        0x00bde15f
                                                                                                                                                                                                                                                        0x00bde4f3
                                                                                                                                                                                                                                                        0x00bde2f3
                                                                                                                                                                                                                                                        0x00bde2f3
                                                                                                                                                                                                                                                        0x00bde300
                                                                                                                                                                                                                                                        0x00bde30a
                                                                                                                                                                                                                                                        0x00bde302
                                                                                                                                                                                                                                                        0x00bde302
                                                                                                                                                                                                                                                        0x00bde302
                                                                                                                                                                                                                                                        0x00bde310
                                                                                                                                                                                                                                                        0x00bde31e
                                                                                                                                                                                                                                                        0x00bde323
                                                                                                                                                                                                                                                        0x00bde328
                                                                                                                                                                                                                                                        0x00bde3c9
                                                                                                                                                                                                                                                        0x00bde3cf
                                                                                                                                                                                                                                                        0x00bde3d6
                                                                                                                                                                                                                                                        0x00bde3e0
                                                                                                                                                                                                                                                        0x00bde3d8
                                                                                                                                                                                                                                                        0x00bde3d8
                                                                                                                                                                                                                                                        0x00bde3d8
                                                                                                                                                                                                                                                        0x00bde3f1
                                                                                                                                                                                                                                                        0x00bde3f6
                                                                                                                                                                                                                                                        0x00bde3f9
                                                                                                                                                                                                                                                        0x00bde3fc
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde402
                                                                                                                                                                                                                                                        0x00bde402
                                                                                                                                                                                                                                                        0x00bde405
                                                                                                                                                                                                                                                        0x00bde409
                                                                                                                                                                                                                                                        0x00bde413
                                                                                                                                                                                                                                                        0x00bde525
                                                                                                                                                                                                                                                        0x00bde525
                                                                                                                                                                                                                                                        0x00bde528
                                                                                                                                                                                                                                                        0x00bde52f
                                                                                                                                                                                                                                                        0x00bde53f
                                                                                                                                                                                                                                                        0x00bde545
                                                                                                                                                                                                                                                        0x00bde549
                                                                                                                                                                                                                                                        0x00bde54d
                                                                                                                                                                                                                                                        0x00bde54d
                                                                                                                                                                                                                                                        0x00bde564
                                                                                                                                                                                                                                                        0x00bde56a
                                                                                                                                                                                                                                                        0x00bde56a
                                                                                                                                                                                                                                                        0x00bde56b
                                                                                                                                                                                                                                                        0x00bde570
                                                                                                                                                                                                                                                        0x00bde58b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde58b
                                                                                                                                                                                                                                                        0x00bde572
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde572
                                                                                                                                                                                                                                                        0x00bde54b
                                                                                                                                                                                                                                                        0x00bde54b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde54b
                                                                                                                                                                                                                                                        0x00bde531
                                                                                                                                                                                                                                                        0x00bde537
                                                                                                                                                                                                                                                        0x00bde53b
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde53d
                                                                                                                                                                                                                                                        0x00bde419
                                                                                                                                                                                                                                                        0x00bde420
                                                                                                                                                                                                                                                        0x00bde4fd
                                                                                                                                                                                                                                                        0x00bde426
                                                                                                                                                                                                                                                        0x00bde426
                                                                                                                                                                                                                                                        0x00bde426
                                                                                                                                                                                                                                                        0x00bde509
                                                                                                                                                                                                                                                        0x00bde51b
                                                                                                                                                                                                                                                        0x00bde521
                                                                                                                                                                                                                                                        0x00bde523
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde523
                                                                                                                                                                                                                                                        0x00bde32e
                                                                                                                                                                                                                                                        0x00bde32e
                                                                                                                                                                                                                                                        0x00bde32e
                                                                                                                                                                                                                                                        0x00bde338
                                                                                                                                                                                                                                                        0x00bde33e
                                                                                                                                                                                                                                                        0x00bde340
                                                                                                                                                                                                                                                        0x00bde346
                                                                                                                                                                                                                                                        0x00bde348
                                                                                                                                                                                                                                                        0x00bde34a
                                                                                                                                                                                                                                                        0x00bde34a
                                                                                                                                                                                                                                                        0x00bde350
                                                                                                                                                                                                                                                        0x00bde35c
                                                                                                                                                                                                                                                        0x00bde366
                                                                                                                                                                                                                                                        0x00bde370
                                                                                                                                                                                                                                                        0x00bde3a0
                                                                                                                                                                                                                                                        0x00bde3a3
                                                                                                                                                                                                                                                        0x00bde3a9
                                                                                                                                                                                                                                                        0x00bde3ae
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde3ae
                                                                                                                                                                                                                                                        0x00bde328
                                                                                                                                                                                                                                                        0x00bde16a
                                                                                                                                                                                                                                                        0x00bde174
                                                                                                                                                                                                                                                        0x00bde176
                                                                                                                                                                                                                                                        0x00bde17c
                                                                                                                                                                                                                                                        0x00bde185
                                                                                                                                                                                                                                                        0x00bde18c
                                                                                                                                                                                                                                                        0x00bde18e
                                                                                                                                                                                                                                                        0x00bde18e
                                                                                                                                                                                                                                                        0x00bde190
                                                                                                                                                                                                                                                        0x00bde197
                                                                                                                                                                                                                                                        0x00bde1f8
                                                                                                                                                                                                                                                        0x00bde1fa
                                                                                                                                                                                                                                                        0x00bde22a
                                                                                                                                                                                                                                                        0x00bde233
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde233
                                                                                                                                                                                                                                                        0x00bde1fc
                                                                                                                                                                                                                                                        0x00bde200
                                                                                                                                                                                                                                                        0x00bde202
                                                                                                                                                                                                                                                        0x00bde21f
                                                                                                                                                                                                                                                        0x00bde21f
                                                                                                                                                                                                                                                        0x00bde221
                                                                                                                                                                                                                                                        0x00bde224
                                                                                                                                                                                                                                                        0x00bde431
                                                                                                                                                                                                                                                        0x00bde439
                                                                                                                                                                                                                                                        0x00bde43f
                                                                                                                                                                                                                                                        0x00bde449
                                                                                                                                                                                                                                                        0x00bde452
                                                                                                                                                                                                                                                        0x00bde454
                                                                                                                                                                                                                                                        0x00bde455
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde455
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde224
                                                                                                                                                                                                                                                        0x00bde204
                                                                                                                                                                                                                                                        0x00bde205
                                                                                                                                                                                                                                                        0x00bde207
                                                                                                                                                                                                                                                        0x00bde210
                                                                                                                                                                                                                                                        0x00bde210
                                                                                                                                                                                                                                                        0x00bde212
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde214
                                                                                                                                                                                                                                                        0x00bde215
                                                                                                                                                                                                                                                        0x00bde21a
                                                                                                                                                                                                                                                        0x00bde21d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde21d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde199
                                                                                                                                                                                                                                                        0x00bde19c
                                                                                                                                                                                                                                                        0x00bde1ca
                                                                                                                                                                                                                                                        0x00bde1ca
                                                                                                                                                                                                                                                        0x00bde1d4
                                                                                                                                                                                                                                                        0x00bde1e7
                                                                                                                                                                                                                                                        0x00bde285
                                                                                                                                                                                                                                                        0x00bde296
                                                                                                                                                                                                                                                        0x00bde29b
                                                                                                                                                                                                                                                        0x00bde2a3
                                                                                                                                                                                                                                                        0x00bde2ab
                                                                                                                                                                                                                                                        0x00bde2b9
                                                                                                                                                                                                                                                        0x00bde2c3
                                                                                                                                                                                                                                                        0x00bde2cd
                                                                                                                                                                                                                                                        0x00bde2d6
                                                                                                                                                                                                                                                        0x00bde2de
                                                                                                                                                                                                                                                        0x00bde2e6
                                                                                                                                                                                                                                                        0x00bde2ee
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde2ee
                                                                                                                                                                                                                                                        0x00bde19e
                                                                                                                                                                                                                                                        0x00bde19f
                                                                                                                                                                                                                                                        0x00bde1a1
                                                                                                                                                                                                                                                        0x00bde1b0
                                                                                                                                                                                                                                                        0x00bde1b4
                                                                                                                                                                                                                                                        0x00bde1b5
                                                                                                                                                                                                                                                        0x00bde1ba
                                                                                                                                                                                                                                                        0x00bde1bd
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde1bf
                                                                                                                                                                                                                                                        0x00bde1c4
                                                                                                                                                                                                                                                        0x00bde45b
                                                                                                                                                                                                                                                        0x00bde461
                                                                                                                                                                                                                                                        0x00bde467
                                                                                                                                                                                                                                                        0x00bde471
                                                                                                                                                                                                                                                        0x00bde47a
                                                                                                                                                                                                                                                        0x00bde47a
                                                                                                                                                                                                                                                        0x00bde47b
                                                                                                                                                                                                                                                        0x00bde47d
                                                                                                                                                                                                                                                        0x00bde47e
                                                                                                                                                                                                                                                        0x00bde480
                                                                                                                                                                                                                                                        0x00bde480
                                                                                                                                                                                                                                                        0x00bde48e
                                                                                                                                                                                                                                                        0x00bde493
                                                                                                                                                                                                                                                        0x00bde49b
                                                                                                                                                                                                                                                        0x00bde4a3
                                                                                                                                                                                                                                                        0x00bde4ad
                                                                                                                                                                                                                                                        0x00bde4b7
                                                                                                                                                                                                                                                        0x00bde4c1
                                                                                                                                                                                                                                                        0x00bde4ca
                                                                                                                                                                                                                                                        0x00bde4d2
                                                                                                                                                                                                                                                        0x00bde4da
                                                                                                                                                                                                                                                        0x00bde4e2
                                                                                                                                                                                                                                                        0x00bde238
                                                                                                                                                                                                                                                        0x00bde238
                                                                                                                                                                                                                                                        0x00bde240
                                                                                                                                                                                                                                                        0x00bde248
                                                                                                                                                                                                                                                        0x00bde250
                                                                                                                                                                                                                                                        0x00bde25a
                                                                                                                                                                                                                                                        0x00bde264
                                                                                                                                                                                                                                                        0x00bde26d
                                                                                                                                                                                                                                                        0x00bde275
                                                                                                                                                                                                                                                        0x00bde27d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde27d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde1c4
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bde1b0

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • SearchPathW.KERNEL32(00000000,00000000,00000000,00000104,00000000,00000000), ref: 00BDE51B
                                                                                                                                                                                                                                                        • SearchPathW.KERNEL32(00000007,00000000,00000000,00000104,00000000,00000000), ref: 00BDE564
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: PathSearch
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 2203818243-3916222277
                                                                                                                                                                                                                                                        • Opcode ID: a9575a1256e12e18aff170a10264efc733d215f6f92b19f67f28e13794faf9c8
                                                                                                                                                                                                                                                        • Instruction ID: 18df7dc2e93dbbaa61f39e465005c88aab3f53065ad871c78cad6f1dac859d81
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a9575a1256e12e18aff170a10264efc733d215f6f92b19f67f28e13794faf9c8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C1C14A709106289ADB24EF14CC99BEEB3B5FF14318F4046DAE4196B291EB759F84CF90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 79%
                                                                                                                                                                                                                                                        			E00BCF4B0(intOrPtr* __eax, void* __ebx, intOrPtr* __ecx, intOrPtr* __edx, void* __edi, void* __esi, char _a4, intOrPtr* _a8, intOrPtr* _a12) {
                                                                                                                                                                                                                                                        				intOrPtr* _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				intOrPtr* _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _t63;
                                                                                                                                                                                                                                                        				intOrPtr* _t67;
                                                                                                                                                                                                                                                        				intOrPtr* _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t87;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				intOrPtr _t91;
                                                                                                                                                                                                                                                        				intOrPtr _t93;
                                                                                                                                                                                                                                                        				char* _t94;
                                                                                                                                                                                                                                                        				intOrPtr* _t102;
                                                                                                                                                                                                                                                        				intOrPtr _t105;
                                                                                                                                                                                                                                                        				intOrPtr* _t112;
                                                                                                                                                                                                                                                        				intOrPtr* _t115;
                                                                                                                                                                                                                                                        				intOrPtr* _t116;
                                                                                                                                                                                                                                                        				intOrPtr _t118;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t63 = __eax;
                                                                                                                                                                                                                                                        				_v28 = __edx;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 4)) >= 0xccccccb) {
                                                                                                                                                                                                                                                        					_push("map/set<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t90 = __ecx - 1;
                                                                                                                                                                                                                                                        					if(_t90 <= 8) {
                                                                                                                                                                                                                                                        						return  *((intOrPtr*)(__edx + 0x50 + (_t90 + _t90 * 2) * 4));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					return 0;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t115 = _a8;
                                                                                                                                                                                                                                                        					_push(0x14);
                                                                                                                                                                                                                                                        					L00BEF6BA();
                                                                                                                                                                                                                                                        					_t91 =  *__ecx;
                                                                                                                                                                                                                                                        					 *__eax = _t91;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__eax + 8)) = _t91;
                                                                                                                                                                                                                                                        					 *((short*)(__eax + 0xc)) = 0;
                                                                                                                                                                                                                                                        					_t7 = _t63 + 4; // 0x4
                                                                                                                                                                                                                                                        					_t87 = _t7;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__eax + 0x10)) =  *_a12;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) =  *((intOrPtr*)(__ecx + 4)) + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__eax + 4)) = _t115;
                                                                                                                                                                                                                                                        					_v20 = __ecx;
                                                                                                                                                                                                                                                        					if(_t91 == _t115) {
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t115 + 4)) = __eax;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)( *__ecx)) = __eax;
                                                                                                                                                                                                                                                        						_t93 =  *__ecx;
                                                                                                                                                                                                                                                        						goto L6;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						if(_a4 == 0) {
                                                                                                                                                                                                                                                        							 *((intOrPtr*)(_t115 + 8)) = __eax;
                                                                                                                                                                                                                                                        							_t93 =  *__ecx;
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t93 + 8)) == _t115) {
                                                                                                                                                                                                                                                        								L6:
                                                                                                                                                                                                                                                        								 *((intOrPtr*)(_t93 + 8)) = _t63;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							 *_t115 = __eax;
                                                                                                                                                                                                                                                        							_t102 =  *__ecx;
                                                                                                                                                                                                                                                        							if( *_t102 == _t115) {
                                                                                                                                                                                                                                                        								 *_t102 = __eax;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t116 =  *_t87;
                                                                                                                                                                                                                                                        					_v24 = _t63;
                                                                                                                                                                                                                                                        					if( *((char*)(_t116 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        						_t67 = _v24;
                                                                                                                                                                                                                                                        						_t24 = _t116 + 0xc; // 0xd
                                                                                                                                                                                                                                                        						_t94 = _t24;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t112 =  *((intOrPtr*)(_t116 + 4));
                                                                                                                                                                                                                                                        							_t105 =  *_t112;
                                                                                                                                                                                                                                                        							if(_t116 == _t105) {
                                                                                                                                                                                                                                                        								_t105 =  *((intOrPtr*)(_t112 + 8));
                                                                                                                                                                                                                                                        								if( *((char*)(_t105 + 0xc)) == 0) {
                                                                                                                                                                                                                                                        									goto L12;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									if(_t67 ==  *((intOrPtr*)(_t116 + 8))) {
                                                                                                                                                                                                                                                        										E00BCE990(_v20, _t116);
                                                                                                                                                                                                                                                        										_t67 = _t116;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t118 = _t67;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)(_t67 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        									E00BCE9D0(_v20,  *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)));
                                                                                                                                                                                                                                                        									goto L22;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if( *((char*)(_t105 + 0xc)) != 0) {
                                                                                                                                                                                                                                                        									if(_t67 ==  *_t116) {
                                                                                                                                                                                                                                                        										E00BCE9D0(_v20, _t116);
                                                                                                                                                                                                                                                        										_t67 = _t116;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t118 = _t67;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)(_t67 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        									E00BCE990(_v20,  *((intOrPtr*)( *((intOrPtr*)(_t118 + 4)) + 4)));
                                                                                                                                                                                                                                                        									L22:
                                                                                                                                                                                                                                                        									_t67 = _t118;
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									L12:
                                                                                                                                                                                                                                                        									 *_t94 = 1;
                                                                                                                                                                                                                                                        									 *((char*)(_t105 + 0xc)) = 1;
                                                                                                                                                                                                                                                        									 *((char*)( *((intOrPtr*)( *_t87 + 4)) + 0xc)) = 0;
                                                                                                                                                                                                                                                        									_t67 =  *((intOrPtr*)( *_t87 + 4));
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							_t116 =  *((intOrPtr*)(_t67 + 4));
                                                                                                                                                                                                                                                        							_t32 = _t67 + 4; // 0x4
                                                                                                                                                                                                                                                        							_t87 = _t32;
                                                                                                                                                                                                                                                        							_t34 = _t116 + 0xc; // 0xc
                                                                                                                                                                                                                                                        							_t94 = _t34;
                                                                                                                                                                                                                                                        						} while ( *((char*)(_t116 + 0xc)) == 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *((char*)( *((intOrPtr*)( *_v20 + 4)) + 0xc)) = 1;
                                                                                                                                                                                                                                                        					_t84 = _v28;
                                                                                                                                                                                                                                                        					 *_t84 = _v24;
                                                                                                                                                                                                                                                        					return _t84;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00bcf4b0
                                                                                                                                                                                                                                                        0x00bcf4c0
                                                                                                                                                                                                                                                        0x00bcf4c3
                                                                                                                                                                                                                                                        0x00bcf618
                                                                                                                                                                                                                                                        0x00bcf61d
                                                                                                                                                                                                                                                        0x00bcf622
                                                                                                                                                                                                                                                        0x00bcf623
                                                                                                                                                                                                                                                        0x00bcf624
                                                                                                                                                                                                                                                        0x00bcf625
                                                                                                                                                                                                                                                        0x00bcf626
                                                                                                                                                                                                                                                        0x00bcf627
                                                                                                                                                                                                                                                        0x00bcf628
                                                                                                                                                                                                                                                        0x00bcf629
                                                                                                                                                                                                                                                        0x00bcf62a
                                                                                                                                                                                                                                                        0x00bcf62b
                                                                                                                                                                                                                                                        0x00bcf62c
                                                                                                                                                                                                                                                        0x00bcf62d
                                                                                                                                                                                                                                                        0x00bcf62e
                                                                                                                                                                                                                                                        0x00bcf62f
                                                                                                                                                                                                                                                        0x00bcf630
                                                                                                                                                                                                                                                        0x00bcf636
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf63b
                                                                                                                                                                                                                                                        0x00bcf63f
                                                                                                                                                                                                                                                        0x00bcf4c9
                                                                                                                                                                                                                                                        0x00bcf4cc
                                                                                                                                                                                                                                                        0x00bcf4d1
                                                                                                                                                                                                                                                        0x00bcf4d3
                                                                                                                                                                                                                                                        0x00bcf4db
                                                                                                                                                                                                                                                        0x00bcf4dd
                                                                                                                                                                                                                                                        0x00bcf4df
                                                                                                                                                                                                                                                        0x00bcf4e2
                                                                                                                                                                                                                                                        0x00bcf4ea
                                                                                                                                                                                                                                                        0x00bcf4ea
                                                                                                                                                                                                                                                        0x00bcf4ed
                                                                                                                                                                                                                                                        0x00bcf4f0
                                                                                                                                                                                                                                                        0x00bcf4f5
                                                                                                                                                                                                                                                        0x00bcf4f8
                                                                                                                                                                                                                                                        0x00bcf4fb
                                                                                                                                                                                                                                                        0x00bcf513
                                                                                                                                                                                                                                                        0x00bcf518
                                                                                                                                                                                                                                                        0x00bcf51a
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf4fd
                                                                                                                                                                                                                                                        0x00bcf501
                                                                                                                                                                                                                                                        0x00bcf605
                                                                                                                                                                                                                                                        0x00bcf608
                                                                                                                                                                                                                                                        0x00bcf60d
                                                                                                                                                                                                                                                        0x00bcf51c
                                                                                                                                                                                                                                                        0x00bcf51c
                                                                                                                                                                                                                                                        0x00bcf51c
                                                                                                                                                                                                                                                        0x00bcf507
                                                                                                                                                                                                                                                        0x00bcf507
                                                                                                                                                                                                                                                        0x00bcf509
                                                                                                                                                                                                                                                        0x00bcf50d
                                                                                                                                                                                                                                                        0x00bcf50f
                                                                                                                                                                                                                                                        0x00bcf50f
                                                                                                                                                                                                                                                        0x00bcf50d
                                                                                                                                                                                                                                                        0x00bcf501
                                                                                                                                                                                                                                                        0x00bcf51f
                                                                                                                                                                                                                                                        0x00bcf521
                                                                                                                                                                                                                                                        0x00bcf528
                                                                                                                                                                                                                                                        0x00bcf546
                                                                                                                                                                                                                                                        0x00bcf549
                                                                                                                                                                                                                                                        0x00bcf549
                                                                                                                                                                                                                                                        0x00bcf550
                                                                                                                                                                                                                                                        0x00bcf550
                                                                                                                                                                                                                                                        0x00bcf553
                                                                                                                                                                                                                                                        0x00bcf557
                                                                                                                                                                                                                                                        0x00bcf590
                                                                                                                                                                                                                                                        0x00bcf597
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf599
                                                                                                                                                                                                                                                        0x00bcf59c
                                                                                                                                                                                                                                                        0x00bcf5a3
                                                                                                                                                                                                                                                        0x00bcf5a8
                                                                                                                                                                                                                                                        0x00bcf5a8
                                                                                                                                                                                                                                                        0x00bcf5aa
                                                                                                                                                                                                                                                        0x00bcf5b2
                                                                                                                                                                                                                                                        0x00bcf5bc
                                                                                                                                                                                                                                                        0x00bcf5c6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcf5c6
                                                                                                                                                                                                                                                        0x00bcf559
                                                                                                                                                                                                                                                        0x00bcf55d
                                                                                                                                                                                                                                                        0x00bcf5cf
                                                                                                                                                                                                                                                        0x00bcf5d6
                                                                                                                                                                                                                                                        0x00bcf5db
                                                                                                                                                                                                                                                        0x00bcf5db
                                                                                                                                                                                                                                                        0x00bcf5dd
                                                                                                                                                                                                                                                        0x00bcf5e5
                                                                                                                                                                                                                                                        0x00bcf5ef
                                                                                                                                                                                                                                                        0x00bcf5f9
                                                                                                                                                                                                                                                        0x00bcf5fe
                                                                                                                                                                                                                                                        0x00bcf5fe
                                                                                                                                                                                                                                                        0x00bcf55f
                                                                                                                                                                                                                                                        0x00bcf55f
                                                                                                                                                                                                                                                        0x00bcf55f
                                                                                                                                                                                                                                                        0x00bcf562
                                                                                                                                                                                                                                                        0x00bcf56b
                                                                                                                                                                                                                                                        0x00bcf571
                                                                                                                                                                                                                                                        0x00bcf571
                                                                                                                                                                                                                                                        0x00bcf55d
                                                                                                                                                                                                                                                        0x00bcf574
                                                                                                                                                                                                                                                        0x00bcf577
                                                                                                                                                                                                                                                        0x00bcf577
                                                                                                                                                                                                                                                        0x00bcf57e
                                                                                                                                                                                                                                                        0x00bcf57e
                                                                                                                                                                                                                                                        0x00bcf57e
                                                                                                                                                                                                                                                        0x00bcf583
                                                                                                                                                                                                                                                        0x00bcf535
                                                                                                                                                                                                                                                        0x00bcf539
                                                                                                                                                                                                                                                        0x00bcf53c
                                                                                                                                                                                                                                                        0x00bcf545
                                                                                                                                                                                                                                                        0x00bcf545

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000014,00000001,?,?,?,00BCC606,?,?,00BCC58A), ref: 00BCF4D3
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,00000001,?,?,?,00BCC606,?,?,00BCC58A), ref: 00BCF61D
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: map/set<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-1285458680
                                                                                                                                                                                                                                                        • Opcode ID: 1d844e1884a4cc77508d31121a0dea50583ef3536b479f4b87624ac609c7ee7a
                                                                                                                                                                                                                                                        • Instruction ID: 2365ee2dd98fc48a44666829c181fd8e98b7656308412ea58d73bb239170046c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1d844e1884a4cc77508d31121a0dea50583ef3536b479f4b87624ac609c7ee7a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 395133746002568FCB11CF18C088F6ABBE2EB59314F29C4EDD9598B362C771EC41CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 73%
                                                                                                                                                                                                                                                        			E00BE8CB0(char* __edx, void* __eflags, intOrPtr _a4, void** _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20, HANDLE* _a24) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				long _v68;
                                                                                                                                                                                                                                                        				void* _v88;
                                                                                                                                                                                                                                                        				signed int _t27;
                                                                                                                                                                                                                                                        				int _t30;
                                                                                                                                                                                                                                                        				intOrPtr* _t39;
                                                                                                                                                                                                                                                        				void* _t50;
                                                                                                                                                                                                                                                        				int _t51;
                                                                                                                                                                                                                                                        				signed int _t53;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t47 = __edx;
                                                                                                                                                                                                                                                        				_t27 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v24 = _t27 ^ _t53;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_t30 = E00BEB3D0("NtCreateEvent",  &_v28);
                                                                                                                                                                                                                                                        				_t51 = 0;
                                                                                                                                                                                                                                                        				if(_a4 == 3) {
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_t30 = E00BE8A40( &_v32, __edx);
                                                                                                                                                                                                                                                        					_t51 = _t30;
                                                                                                                                                                                                                                                        					if(_t30 == 0) {
                                                                                                                                                                                                                                                        						asm("xorps xmm0, xmm0");
                                                                                                                                                                                                                                                        						_v36 = 0;
                                                                                                                                                                                                                                                        						_v40 = 0;
                                                                                                                                                                                                                                                        						_v44 = 0;
                                                                                                                                                                                                                                                        						_v48 = 0;
                                                                                                                                                                                                                                                        						_t39 =  &_v64;
                                                                                                                                                                                                                                                        						asm("movaps [esp+0x10], xmm0");
                                                                                                                                                                                                                                                        						E00BE5CE0(_a12, 0x40, _v32, _t39,  &_v40, 0);
                                                                                                                                                                                                                                                        						_v68 = 0;
                                                                                                                                                                                                                                                        						_t30 = _v28( &_v68, 0x1f0003, _t39, _a16, 0 | _a20 != 0x00000000);
                                                                                                                                                                                                                                                        						_t50 = _v88;
                                                                                                                                                                                                                                                        						_t51 = _t30;
                                                                                                                                                                                                                                                        						if(_t50 != 0) {
                                                                                                                                                                                                                                                        							_t30 = DuplicateHandle(GetCurrentProcess(), _t50,  *_a8, _a24, 0, 0, 3);
                                                                                                                                                                                                                                                        							_t51 =  ==  ? 0xc0000022 : _t51;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t30, _v24 ^ _t53, _t47);
                                                                                                                                                                                                                                                        				return _t51;
                                                                                                                                                                                                                                                        			}




















                                                                                                                                                                                                                                                        0x00be8cb0
                                                                                                                                                                                                                                                        0x00be8cbc
                                                                                                                                                                                                                                                        0x00be8cc6
                                                                                                                                                                                                                                                        0x00be8cce
                                                                                                                                                                                                                                                        0x00be8cdc
                                                                                                                                                                                                                                                        0x00be8ce4
                                                                                                                                                                                                                                                        0x00be8ce9
                                                                                                                                                                                                                                                        0x00be8d04
                                                                                                                                                                                                                                                        0x00be8d0c
                                                                                                                                                                                                                                                        0x00be8d11
                                                                                                                                                                                                                                                        0x00be8d15
                                                                                                                                                                                                                                                        0x00be8d20
                                                                                                                                                                                                                                                        0x00be8d23
                                                                                                                                                                                                                                                        0x00be8d2b
                                                                                                                                                                                                                                                        0x00be8d33
                                                                                                                                                                                                                                                        0x00be8d3b
                                                                                                                                                                                                                                                        0x00be8d47
                                                                                                                                                                                                                                                        0x00be8d4b
                                                                                                                                                                                                                                                        0x00be8d5b
                                                                                                                                                                                                                                                        0x00be8d67
                                                                                                                                                                                                                                                        0x00be8d7f
                                                                                                                                                                                                                                                        0x00be8d83
                                                                                                                                                                                                                                                        0x00be8d87
                                                                                                                                                                                                                                                        0x00be8d8b
                                                                                                                                                                                                                                                        0x00be8da8
                                                                                                                                                                                                                                                        0x00be8db5
                                                                                                                                                                                                                                                        0x00be8db5
                                                                                                                                                                                                                                                        0x00be8d8b
                                                                                                                                                                                                                                                        0x00be8d15
                                                                                                                                                                                                                                                        0x00be8cf1
                                                                                                                                                                                                                                                        0x00be8cff

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00BE8D96
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000003), ref: 00BE8DA8
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtCreateEvent
                                                                                                                                                                                                                                                        • API String ID: 3554645133-2762184696
                                                                                                                                                                                                                                                        • Opcode ID: 4ff418c092eed7e0ac1da9a60d44e4ed473da1110830e1390e3a1054699e3038
                                                                                                                                                                                                                                                        • Instruction ID: 2c0e3c246764a9153e0815263cf3fc03d5bbea935d58e62f9f49c78af2405de1
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4ff418c092eed7e0ac1da9a60d44e4ed473da1110830e1390e3a1054699e3038
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1131ACB1504345AFD7108F25CC85B6BB7E8EF88764F10091CF959A7380EB70EA14CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 35%
                                                                                                                                                                                                                                                        			E00BC4830(void* __edx, void* _a4, signed short _a8) {
                                                                                                                                                                                                                                                        				intOrPtr _v0;
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				signed int _v16;
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				char _v24;
                                                                                                                                                                                                                                                        				void* _v36;
                                                                                                                                                                                                                                                        				char _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				signed int _v48;
                                                                                                                                                                                                                                                        				void _v64;
                                                                                                                                                                                                                                                        				intOrPtr _v88;
                                                                                                                                                                                                                                                        				intOrPtr _v92;
                                                                                                                                                                                                                                                        				void* _v100;
                                                                                                                                                                                                                                                        				char _v104;
                                                                                                                                                                                                                                                        				void* _v112;
                                                                                                                                                                                                                                                        				signed int _v116;
                                                                                                                                                                                                                                                        				void* __ebx;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				void* __esi;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				signed short _t58;
                                                                                                                                                                                                                                                        				intOrPtr* _t60;
                                                                                                                                                                                                                                                        				signed int _t61;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				signed int _t66;
                                                                                                                                                                                                                                                        				intOrPtr* _t68;
                                                                                                                                                                                                                                                        				intOrPtr _t69;
                                                                                                                                                                                                                                                        				signed int _t70;
                                                                                                                                                                                                                                                        				signed int _t71;
                                                                                                                                                                                                                                                        				void* _t79;
                                                                                                                                                                                                                                                        				void* _t85;
                                                                                                                                                                                                                                                        				signed int _t90;
                                                                                                                                                                                                                                                        				void _t93;
                                                                                                                                                                                                                                                        				void* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t102;
                                                                                                                                                                                                                                                        				void* _t104;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				unsigned int _t107;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				signed int _t109;
                                                                                                                                                                                                                                                        				char* _t113;
                                                                                                                                                                                                                                                        				signed int _t114;
                                                                                                                                                                                                                                                        				signed int _t117;
                                                                                                                                                                                                                                                        				char* _t118;
                                                                                                                                                                                                                                                        				intOrPtr _t119;
                                                                                                                                                                                                                                                        				signed int _t122;
                                                                                                                                                                                                                                                        				signed int _t123;
                                                                                                                                                                                                                                                        				void* _t125;
                                                                                                                                                                                                                                                        				signed int _t126;
                                                                                                                                                                                                                                                        				signed int _t128;
                                                                                                                                                                                                                                                        				signed int* _t130;
                                                                                                                                                                                                                                                        				short _t137;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t106 = __edx;
                                                                                                                                                                                                                                                        				_t126 = _t125 - 0x1c;
                                                                                                                                                                                                                                                        				_t55 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t56 = _t55 ^ _t122;
                                                                                                                                                                                                                                                        				_v12 = _t55 ^ _t122;
                                                                                                                                                                                                                                                        				if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        					L10:
                                                                                                                                                                                                                                                        					return E00BEECB0(_t56, _v12 ^ _t122, _t106);
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t58 = _a8;
                                                                                                                                                                                                                                                        					if(_t58 != 0 &&  *_t58 != 0) {
                                                                                                                                                                                                                                                        						_t105 = 0;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t137 =  *((short*)(_t58 + 2 + _t105 * 2));
                                                                                                                                                                                                                                                        							_t105 = _t105 + 1;
                                                                                                                                                                                                                                                        						} while (_t137 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t113 =  &_v36;
                                                                                                                                                                                                                                                        					E00BC7CE0(_t113, _t58, 0);
                                                                                                                                                                                                                                                        					_t126 = _t126 + 0xc;
                                                                                                                                                                                                                                                        					_t60 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        					if(_t60 != 0) {
                                                                                                                                                                                                                                                        						_t104 = _a4;
                                                                                                                                                                                                                                                        						if(_v16 > 0xf) {
                                                                                                                                                                                                                                                        							_t113 = _v36;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						 *_t60("Broker ALLOWED", _t104, _t113, 0, 0);
                                                                                                                                                                                                                                                        						_t126 = _t126 + 0x14;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t56 = _v16;
                                                                                                                                                                                                                                                        					if(_t56 >= 0x10) {
                                                                                                                                                                                                                                                        						_t85 = _v36;
                                                                                                                                                                                                                                                        						_t114 = _t56 + 1;
                                                                                                                                                                                                                                                        						if(_t114 >= 0x1000) {
                                                                                                                                                                                                                                                        							_t106 =  *((intOrPtr*)(_t85 - 4));
                                                                                                                                                                                                                                                        							if(_t85 + 0xfffffffc - _t106 >= 0x20) {
                                                                                                                                                                                                                                                        								__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								asm("int3");
                                                                                                                                                                                                                                                        								_push(_t122);
                                                                                                                                                                                                                                                        								_t123 = _t126;
                                                                                                                                                                                                                                                        								_push(_t114);
                                                                                                                                                                                                                                                        								_t128 = _t126 - 0x34;
                                                                                                                                                                                                                                                        								_t61 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        								_t62 = _t61 ^ _t123;
                                                                                                                                                                                                                                                        								_v48 = _t61 ^ _t123;
                                                                                                                                                                                                                                                        								if( *0xbfa854 == 0) {
                                                                                                                                                                                                                                                        									L28:
                                                                                                                                                                                                                                                        									return E00BEECB0(_t62, _v16 ^ _t123, _t106);
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t90 = _a8 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t64 = _a4;
                                                                                                                                                                                                                                                        									_v44 = 7;
                                                                                                                                                                                                                                                        									_v48 = 0;
                                                                                                                                                                                                                                                        									_v64 = 0;
                                                                                                                                                                                                                                                        									_t107 = _t90 & 0x0000ffff;
                                                                                                                                                                                                                                                        									_t117 = _t107 >> 1;
                                                                                                                                                                                                                                                        									if(_t107 > 0xf) {
                                                                                                                                                                                                                                                        										_t130 = _t128 - 0xc;
                                                                                                                                                                                                                                                        										_v104 = _v40;
                                                                                                                                                                                                                                                        										_v100 = _t64;
                                                                                                                                                                                                                                                        										 *_t130 = _t117;
                                                                                                                                                                                                                                                        										E00BBA7D0(_t79,  &_v64, _t108, _t117);
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_v48 = _t117;
                                                                                                                                                                                                                                                        										_t106 =  &_v64;
                                                                                                                                                                                                                                                        										memcpy( &_v64, _t64, _t90 & 0x0000fffe);
                                                                                                                                                                                                                                                        										_t130 = _t128 + 0xc;
                                                                                                                                                                                                                                                        										 *((short*)(_t123 + _t117 * 2 - 0x38)) = 0;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t66 = _v48;
                                                                                                                                                                                                                                                        									if(_v44 <= 7) {
                                                                                                                                                                                                                                                        										_t93 =  &_v64;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										_t93 = _v64;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t118 =  &_v40;
                                                                                                                                                                                                                                                        									E00BC7CE0(_t118, _t93, _t66);
                                                                                                                                                                                                                                                        									_t128 =  &(_t130[3]);
                                                                                                                                                                                                                                                        									_t68 =  *0xbfa854; // 0x0
                                                                                                                                                                                                                                                        									if(_t68 != 0) {
                                                                                                                                                                                                                                                        										_t102 = _v0;
                                                                                                                                                                                                                                                        										if(_v20 > 0xf) {
                                                                                                                                                                                                                                                        											_t118 = _v40;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										 *_t68("Broker ALLOWED", _t102, _t118, 0, 0);
                                                                                                                                                                                                                                                        										_t128 = _t128 + 0x14;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        									_t69 = _v20;
                                                                                                                                                                                                                                                        									if(_t69 >= 0x10) {
                                                                                                                                                                                                                                                        										_t94 = _v40;
                                                                                                                                                                                                                                                        										_t119 = _t69 + 1;
                                                                                                                                                                                                                                                        										if(_t119 >= 0x1000) {
                                                                                                                                                                                                                                                        											_t106 =  *((intOrPtr*)(_t94 - 4));
                                                                                                                                                                                                                                                        											if(_t94 + 0xfffffffc - _t106 >= 0x20) {
                                                                                                                                                                                                                                                        												__imp___invalid_parameter_noinfo_noreturn();
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												asm("int3");
                                                                                                                                                                                                                                                        												_push(_t123);
                                                                                                                                                                                                                                                        												_push(_t79);
                                                                                                                                                                                                                                                        												_push(_t108);
                                                                                                                                                                                                                                                        												_push(_t119);
                                                                                                                                                                                                                                                        												_push(_t69);
                                                                                                                                                                                                                                                        												_t70 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        												_t71 = _t70 ^ _t128;
                                                                                                                                                                                                                                                        												_v116 = _t71;
                                                                                                                                                                                                                                                        												_push(_t71);
                                                                                                                                                                                                                                                        												_push(0x18);
                                                                                                                                                                                                                                                        												L00BEF6BA();
                                                                                                                                                                                                                                                        												_t109 = _t71;
                                                                                                                                                                                                                                                        												E00BC4BB0(_t71, E00BC4B80, E00BC4BA0);
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t109 + 0x10)) = _v92;
                                                                                                                                                                                                                                                        												 *_t128 = _t109;
                                                                                                                                                                                                                                                        												 *((intOrPtr*)(_t109 + 0x14)) = _v88;
                                                                                                                                                                                                                                                        												return E00BEECB0(E00BC4BE0(_t128), _v116 ^ _t128, _t106);
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t69 = _t69 + 0x24;
                                                                                                                                                                                                                                                        												_t94 = _t106;
                                                                                                                                                                                                                                                        												_t119 = _t69;
                                                                                                                                                                                                                                                        												goto L30;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        										} else {
                                                                                                                                                                                                                                                        											L30:
                                                                                                                                                                                                                                                        											_push(_t119);
                                                                                                                                                                                                                                                        											_push(_t94);
                                                                                                                                                                                                                                                        											L00BEF6C6();
                                                                                                                                                                                                                                                        											_t128 = _t128 + 8;
                                                                                                                                                                                                                                                        											goto L27;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L27:
                                                                                                                                                                                                                                                        										_v24 = 0;
                                                                                                                                                                                                                                                        										_v20 = 0xf;
                                                                                                                                                                                                                                                        										_v40 = 0;
                                                                                                                                                                                                                                                        										_t62 = E00BBDF30(_t69,  &_v64, _t106);
                                                                                                                                                                                                                                                        										goto L28;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								_t56 = _t56 + 0x24;
                                                                                                                                                                                                                                                        								_t85 = _t106;
                                                                                                                                                                                                                                                        								_t114 = _t56;
                                                                                                                                                                                                                                                        								goto L12;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							L12:
                                                                                                                                                                                                                                                        							_push(_t114);
                                                                                                                                                                                                                                                        							_push(_t85);
                                                                                                                                                                                                                                                        							L00BEF6C6();
                                                                                                                                                                                                                                                        							_t126 = _t126 + 8;
                                                                                                                                                                                                                                                        							goto L10;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						goto L10;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}























































                                                                                                                                                                                                                                                        0x00bc4830
                                                                                                                                                                                                                                                        0x00bc4834
                                                                                                                                                                                                                                                        0x00bc4837
                                                                                                                                                                                                                                                        0x00bc483c
                                                                                                                                                                                                                                                        0x00bc483e
                                                                                                                                                                                                                                                        0x00bc4848
                                                                                                                                                                                                                                                        0x00bc48a6
                                                                                                                                                                                                                                                        0x00bc48b5
                                                                                                                                                                                                                                                        0x00bc484a
                                                                                                                                                                                                                                                        0x00bc484a
                                                                                                                                                                                                                                                        0x00bc4851
                                                                                                                                                                                                                                                        0x00bc4859
                                                                                                                                                                                                                                                        0x00bc4860
                                                                                                                                                                                                                                                        0x00bc4860
                                                                                                                                                                                                                                                        0x00bc4866
                                                                                                                                                                                                                                                        0x00bc4866
                                                                                                                                                                                                                                                        0x00bc4860
                                                                                                                                                                                                                                                        0x00bc486b
                                                                                                                                                                                                                                                        0x00bc4871
                                                                                                                                                                                                                                                        0x00bc4876
                                                                                                                                                                                                                                                        0x00bc4879
                                                                                                                                                                                                                                                        0x00bc4880
                                                                                                                                                                                                                                                        0x00bc4882
                                                                                                                                                                                                                                                        0x00bc4889
                                                                                                                                                                                                                                                        0x00bc488b
                                                                                                                                                                                                                                                        0x00bc488b
                                                                                                                                                                                                                                                        0x00bc4899
                                                                                                                                                                                                                                                        0x00bc489b
                                                                                                                                                                                                                                                        0x00bc489b
                                                                                                                                                                                                                                                        0x00bc489e
                                                                                                                                                                                                                                                        0x00bc48a4
                                                                                                                                                                                                                                                        0x00bc48b6
                                                                                                                                                                                                                                                        0x00bc48b9
                                                                                                                                                                                                                                                        0x00bc48c2
                                                                                                                                                                                                                                                        0x00bc48d0
                                                                                                                                                                                                                                                        0x00bc48db
                                                                                                                                                                                                                                                        0x00bc48e6
                                                                                                                                                                                                                                                        0x00bc48ec
                                                                                                                                                                                                                                                        0x00bc48ed
                                                                                                                                                                                                                                                        0x00bc48ee
                                                                                                                                                                                                                                                        0x00bc48ef
                                                                                                                                                                                                                                                        0x00bc48f0
                                                                                                                                                                                                                                                        0x00bc48f1
                                                                                                                                                                                                                                                        0x00bc48f3
                                                                                                                                                                                                                                                        0x00bc48f4
                                                                                                                                                                                                                                                        0x00bc48f7
                                                                                                                                                                                                                                                        0x00bc48fc
                                                                                                                                                                                                                                                        0x00bc48fe
                                                                                                                                                                                                                                                        0x00bc4908
                                                                                                                                                                                                                                                        0x00bc49be
                                                                                                                                                                                                                                                        0x00bc49cd
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc490e
                                                                                                                                                                                                                                                        0x00bc4912
                                                                                                                                                                                                                                                        0x00bc4915
                                                                                                                                                                                                                                                        0x00bc491c
                                                                                                                                                                                                                                                        0x00bc4923
                                                                                                                                                                                                                                                        0x00bc4929
                                                                                                                                                                                                                                                        0x00bc492e
                                                                                                                                                                                                                                                        0x00bc4934
                                                                                                                                                                                                                                                        0x00bc49e8
                                                                                                                                                                                                                                                        0x00bc49ee
                                                                                                                                                                                                                                                        0x00bc49f5
                                                                                                                                                                                                                                                        0x00bc49f9
                                                                                                                                                                                                                                                        0x00bc49fc
                                                                                                                                                                                                                                                        0x00bc493a
                                                                                                                                                                                                                                                        0x00bc4940
                                                                                                                                                                                                                                                        0x00bc4943
                                                                                                                                                                                                                                                        0x00bc4949
                                                                                                                                                                                                                                                        0x00bc494e
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4951
                                                                                                                                                                                                                                                        0x00bc4958
                                                                                                                                                                                                                                                        0x00bc495f
                                                                                                                                                                                                                                                        0x00bc4966
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4961
                                                                                                                                                                                                                                                        0x00bc4969
                                                                                                                                                                                                                                                        0x00bc496f
                                                                                                                                                                                                                                                        0x00bc4974
                                                                                                                                                                                                                                                        0x00bc4977
                                                                                                                                                                                                                                                        0x00bc497e
                                                                                                                                                                                                                                                        0x00bc4980
                                                                                                                                                                                                                                                        0x00bc4987
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4989
                                                                                                                                                                                                                                                        0x00bc4997
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc4999
                                                                                                                                                                                                                                                        0x00bc499c
                                                                                                                                                                                                                                                        0x00bc49a2
                                                                                                                                                                                                                                                        0x00bc49ce
                                                                                                                                                                                                                                                        0x00bc49d1
                                                                                                                                                                                                                                                        0x00bc49da
                                                                                                                                                                                                                                                        0x00bc4a06
                                                                                                                                                                                                                                                        0x00bc4a11
                                                                                                                                                                                                                                                        0x00bc4a1c
                                                                                                                                                                                                                                                        0x00bc4a22
                                                                                                                                                                                                                                                        0x00bc4a23
                                                                                                                                                                                                                                                        0x00bc4a24
                                                                                                                                                                                                                                                        0x00bc4a25
                                                                                                                                                                                                                                                        0x00bc4a26
                                                                                                                                                                                                                                                        0x00bc4a27
                                                                                                                                                                                                                                                        0x00bc4a28
                                                                                                                                                                                                                                                        0x00bc4a29
                                                                                                                                                                                                                                                        0x00bc4a2a
                                                                                                                                                                                                                                                        0x00bc4a2b
                                                                                                                                                                                                                                                        0x00bc4a2c
                                                                                                                                                                                                                                                        0x00bc4a2d
                                                                                                                                                                                                                                                        0x00bc4a2e
                                                                                                                                                                                                                                                        0x00bc4a2f
                                                                                                                                                                                                                                                        0x00bc4a30
                                                                                                                                                                                                                                                        0x00bc4a33
                                                                                                                                                                                                                                                        0x00bc4a34
                                                                                                                                                                                                                                                        0x00bc4a35
                                                                                                                                                                                                                                                        0x00bc4a36
                                                                                                                                                                                                                                                        0x00bc4a37
                                                                                                                                                                                                                                                        0x00bc4a3f
                                                                                                                                                                                                                                                        0x00bc4a41
                                                                                                                                                                                                                                                        0x00bc4a44
                                                                                                                                                                                                                                                        0x00bc4a47
                                                                                                                                                                                                                                                        0x00bc4a49
                                                                                                                                                                                                                                                        0x00bc4a51
                                                                                                                                                                                                                                                        0x00bc4a5f
                                                                                                                                                                                                                                                        0x00bc4a69
                                                                                                                                                                                                                                                        0x00bc4a6c
                                                                                                                                                                                                                                                        0x00bc4a6e
                                                                                                                                                                                                                                                        0x00bc4a87
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a13
                                                                                                                                                                                                                                                        0x00bc4a16
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4a18
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dc
                                                                                                                                                                                                                                                        0x00bc49dd
                                                                                                                                                                                                                                                        0x00bc49de
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49e3
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a4
                                                                                                                                                                                                                                                        0x00bc49a7
                                                                                                                                                                                                                                                        0x00bc49ae
                                                                                                                                                                                                                                                        0x00bc49b5
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc49b9
                                                                                                                                                                                                                                                        0x00bc49a2
                                                                                                                                                                                                                                                        0x00bc48dd
                                                                                                                                                                                                                                                        0x00bc48dd
                                                                                                                                                                                                                                                        0x00bc48e0
                                                                                                                                                                                                                                                        0x00bc48e2
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc48e2
                                                                                                                                                                                                                                                        0x00bc48c4
                                                                                                                                                                                                                                                        0x00bc48c4
                                                                                                                                                                                                                                                        0x00bc48c4
                                                                                                                                                                                                                                                        0x00bc48c5
                                                                                                                                                                                                                                                        0x00bc48c6
                                                                                                                                                                                                                                                        0x00bc48cb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc48cb
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc48a4

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??3@YAXPAX@Z.MOZGLUE(?,?), ref: 00BC48C6
                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 00BC48E6
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??3@_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                        • String ID: Broker ALLOWED
                                                                                                                                                                                                                                                        • API String ID: 2443766784-3284428901
                                                                                                                                                                                                                                                        • Opcode ID: b4b9b1434d7961e529c08f78bfc8ebd507bf1c8ce0c6a57f000d5d94e17fa66e
                                                                                                                                                                                                                                                        • Instruction ID: aa4798f41ffbe653aa877813419e6c7e018c3319feee907f158a846c40ce6255
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b4b9b1434d7961e529c08f78bfc8ebd507bf1c8ce0c6a57f000d5d94e17fa66e
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AD212031E000549FCB28EB64DC69FBE77E5EF01310F4841ACE40AAB191EB74AA84C7A1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF850(void* __eflags, void** _a4, intOrPtr _a8, char _a12, HANDLE* _a16) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				long _v32;
                                                                                                                                                                                                                                                        				long _v36;
                                                                                                                                                                                                                                                        				long _v40;
                                                                                                                                                                                                                                                        				long _v44;
                                                                                                                                                                                                                                                        				long _v48;
                                                                                                                                                                                                                                                        				char _v52;
                                                                                                                                                                                                                                                        				long _v60;
                                                                                                                                                                                                                                                        				char _v64;
                                                                                                                                                                                                                                                        				long _v68;
                                                                                                                                                                                                                                                        				void* _v84;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				void** _t34;
                                                                                                                                                                                                                                                        				char _t41;
                                                                                                                                                                                                                                                        				void* _t43;
                                                                                                                                                                                                                                                        				signed int _t45;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t26 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t41 = _a12;
                                                                                                                                                                                                                                                        				_t34 = _a4;
                                                                                                                                                                                                                                                        				_v24 = _t26 ^ _t45;
                                                                                                                                                                                                                                                        				 *_a16 = 0;
                                                                                                                                                                                                                                                        				_v28 = 0;
                                                                                                                                                                                                                                                        				_t29 = E00BEB3D0("NtOpenProcess",  &_v28);
                                                                                                                                                                                                                                                        				_t43 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_t34[1] == _t41) {
                                                                                                                                                                                                                                                        					_v60 = 0;
                                                                                                                                                                                                                                                        					_v44 = 0;
                                                                                                                                                                                                                                                        					_v48 = 0;
                                                                                                                                                                                                                                                        					_v36 = 0;
                                                                                                                                                                                                                                                        					_v40 = 0;
                                                                                                                                                                                                                                                        					_v32 = 0;
                                                                                                                                                                                                                                                        					_v52 = 0x18;
                                                                                                                                                                                                                                                        					_v64 = _t41;
                                                                                                                                                                                                                                                        					_v68 = 0;
                                                                                                                                                                                                                                                        					_t40 =  &_v52;
                                                                                                                                                                                                                                                        					_t29 = _v28( &_v68, _a8,  &_v52,  &_v64);
                                                                                                                                                                                                                                                        					_t43 = _t29;
                                                                                                                                                                                                                                                        					if(_t29 >= 0 && DuplicateHandle(GetCurrentProcess(), _v84,  *_t34, _a16, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        						_t43 = 0xc0000022;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t29, _v24 ^ _t45, _t40);
                                                                                                                                                                                                                                                        				return _t43;
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bdf85c
                                                                                                                                                                                                                                                        0x00bdf864
                                                                                                                                                                                                                                                        0x00bdf867
                                                                                                                                                                                                                                                        0x00bdf86c
                                                                                                                                                                                                                                                        0x00bdf874
                                                                                                                                                                                                                                                        0x00bdf87a
                                                                                                                                                                                                                                                        0x00bdf888
                                                                                                                                                                                                                                                        0x00bdf893
                                                                                                                                                                                                                                                        0x00bdf898
                                                                                                                                                                                                                                                        0x00bdf8a9
                                                                                                                                                                                                                                                        0x00bdf8b1
                                                                                                                                                                                                                                                        0x00bdf8b9
                                                                                                                                                                                                                                                        0x00bdf8c1
                                                                                                                                                                                                                                                        0x00bdf8c9
                                                                                                                                                                                                                                                        0x00bdf8d1
                                                                                                                                                                                                                                                        0x00bdf8d9
                                                                                                                                                                                                                                                        0x00bdf8e1
                                                                                                                                                                                                                                                        0x00bdf8e5
                                                                                                                                                                                                                                                        0x00bdf8ed
                                                                                                                                                                                                                                                        0x00bdf8f5
                                                                                                                                                                                                                                                        0x00bdf8f9
                                                                                                                                                                                                                                                        0x00bdf8fd
                                                                                                                                                                                                                                                        0x00bdf921
                                                                                                                                                                                                                                                        0x00bdf921
                                                                                                                                                                                                                                                        0x00bdf8fd
                                                                                                                                                                                                                                                        0x00bdf92c
                                                                                                                                                                                                                                                        0x00bdf93a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDF905
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000000,?,00BDE049,00000000,00000000,00000003), ref: 00BDF917
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenProcess
                                                                                                                                                                                                                                                        • API String ID: 3554645133-3690168757
                                                                                                                                                                                                                                                        • Opcode ID: 5baa060401d788ddd2aa3baedc8276e968f52e84a3118913d45322bb584e6c59
                                                                                                                                                                                                                                                        • Instruction ID: 8b7ce3c0ba21ba84676fd1ac07ce2c0939da291948d0c14d757a41c139970102
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5baa060401d788ddd2aa3baedc8276e968f52e84a3118913d45322bb584e6c59
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 23214AB1508305AFE700CF11D859B5BBBE8EF84718F00895DF9885B390DB74E908CBA2
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF9E0(long* __edx, void* __eflags, void** _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, HANDLE* _a20) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _t16;
                                                                                                                                                                                                                                                        				void** _t26;
                                                                                                                                                                                                                                                        				HANDLE* _t32;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				signed int _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t31 = __edx;
                                                                                                                                                                                                                                                        				_t16 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t32 = _a20;
                                                                                                                                                                                                                                                        				_v20 = _t16 ^ _t34;
                                                                                                                                                                                                                                                        				 *_t32 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_t19 = E00BEB3D0("NtOpenProcessTokenEx",  &_v24);
                                                                                                                                                                                                                                                        				_t33 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_a8 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t26 = _a4;
                                                                                                                                                                                                                                                        					_t31 =  &_v28;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t19 = _v24( *_t26, _a12, _a16,  &_v28);
                                                                                                                                                                                                                                                        					_t33 = _t19;
                                                                                                                                                                                                                                                        					if(_t19 >= 0) {
                                                                                                                                                                                                                                                        						_v32 = _v28;
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _v32,  *_t26, _t32, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        							_t33 = 0xc0000022;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t19, _v20 ^ _t34, _t31);
                                                                                                                                                                                                                                                        				return _t33;
                                                                                                                                                                                                                                                        			}












                                                                                                                                                                                                                                                        0x00bdf9e0
                                                                                                                                                                                                                                                        0x00bdf9e9
                                                                                                                                                                                                                                                        0x00bdf9ee
                                                                                                                                                                                                                                                        0x00bdf9f6
                                                                                                                                                                                                                                                        0x00bdf9fc
                                                                                                                                                                                                                                                        0x00bdfa02
                                                                                                                                                                                                                                                        0x00bdfa0f
                                                                                                                                                                                                                                                        0x00bdfa17
                                                                                                                                                                                                                                                        0x00bdfa1f
                                                                                                                                                                                                                                                        0x00bdfa35
                                                                                                                                                                                                                                                        0x00bdfa3e
                                                                                                                                                                                                                                                        0x00bdfa41
                                                                                                                                                                                                                                                        0x00bdfa4d
                                                                                                                                                                                                                                                        0x00bdfa50
                                                                                                                                                                                                                                                        0x00bdfa54
                                                                                                                                                                                                                                                        0x00bdfa5b
                                                                                                                                                                                                                                                        0x00bdfa78
                                                                                                                                                                                                                                                        0x00bdfa7a
                                                                                                                                                                                                                                                        0x00bdfa7a
                                                                                                                                                                                                                                                        0x00bdfa78
                                                                                                                                                                                                                                                        0x00bdfa54
                                                                                                                                                                                                                                                        0x00bdfa26
                                                                                                                                                                                                                                                        0x00bdfa34

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDFA5E
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000003,?,?,00000000,00000000,00000003), ref: 00BDFA70
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenProcessTokenEx
                                                                                                                                                                                                                                                        • API String ID: 3554645133-2578970931
                                                                                                                                                                                                                                                        • Opcode ID: 29b02774ce9d0464753a2681026e6ae7ad63d0254fb61f7cbf25d43f82fec3d1
                                                                                                                                                                                                                                                        • Instruction ID: 1d1df1f60eb7f7cfa1ed182b9dfc17b8abb533186de55d421c64e843da6cb156
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 29b02774ce9d0464753a2681026e6ae7ad63d0254fb61f7cbf25d43f82fec3d1
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC1130B1A0020AAFDB10DFA5DC89BBF7BB8EF44714F100565F915A7381EB70AD148BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                                                                                                                        			E00BC4130(intOrPtr __eax, void* __ecx, intOrPtr __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed char* _v16;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				intOrPtr _v44;
                                                                                                                                                                                                                                                        				intOrPtr _v48;
                                                                                                                                                                                                                                                        				signed int _t50;
                                                                                                                                                                                                                                                        				intOrPtr _t52;
                                                                                                                                                                                                                                                        				intOrPtr* _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t54;
                                                                                                                                                                                                                                                        				signed int _t57;
                                                                                                                                                                                                                                                        				intOrPtr* _t58;
                                                                                                                                                                                                                                                        				signed char* _t61;
                                                                                                                                                                                                                                                        				short* _t68;
                                                                                                                                                                                                                                                        				intOrPtr _t69;
                                                                                                                                                                                                                                                        				signed char* _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t73;
                                                                                                                                                                                                                                                        				intOrPtr _t75;
                                                                                                                                                                                                                                                        				intOrPtr* _t76;
                                                                                                                                                                                                                                                        				intOrPtr _t78;
                                                                                                                                                                                                                                                        				signed int _t80;
                                                                                                                                                                                                                                                        				signed int _t81;
                                                                                                                                                                                                                                                        				void* _t82;
                                                                                                                                                                                                                                                        				signed int _t84;
                                                                                                                                                                                                                                                        				intOrPtr* _t86;
                                                                                                                                                                                                                                                        				signed int _t87;
                                                                                                                                                                                                                                                        				void* _t89;
                                                                                                                                                                                                                                                        				void* _t90;
                                                                                                                                                                                                                                                        				intOrPtr* _t91;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t73 = __edx;
                                                                                                                                                                                                                                                        				_t58 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0x24);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t90 = _t89 + 4;
                                                                                                                                                                                                                                                        				_t64 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t66 =  ==  ? __eax : _t58;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t58;
                                                                                                                                                                                                                                                        				_t68 =  *_a4;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x18)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x1c)) = 0;
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ecx+0x10]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x18], xmm0");
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ecx]");
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [ecx+0x8]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x10], xmm1");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x8], xmm0");
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t68 + 0x10)) = 0;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(_t68 + 0x14)) = 7;
                                                                                                                                                                                                                                                        				 *_t68 = 0;
                                                                                                                                                                                                                                                        				 *((char*)(__eax + 0x20)) = 0;
                                                                                                                                                                                                                                                        				_t69 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t69 == 0x71c71c6) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t58);
                                                                                                                                                                                                                                                        					_push(__ecx);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_t91 = _t90 - 0x10;
                                                                                                                                                                                                                                                        					_v48 = _t69;
                                                                                                                                                                                                                                                        					_t70 = _v16;
                                                                                                                                                                                                                                                        					_t84 = _t70[0x10];
                                                                                                                                                                                                                                                        					if(_t70[0x14] > 7) {
                                                                                                                                                                                                                                                        						_t70 =  *_t70;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *_t91 = _t73;
                                                                                                                                                                                                                                                        					if((_t84 & 0x7fffffff) != 0) {
                                                                                                                                                                                                                                                        						_t82 = _t84 + _t84;
                                                                                                                                                                                                                                                        						_t57 = 0x811c9dc5;
                                                                                                                                                                                                                                                        						_t61 = _t70;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t87 =  *_t61 & 0x000000ff;
                                                                                                                                                                                                                                                        							_t61 =  &(_t61[1]);
                                                                                                                                                                                                                                                        							_t57 = (_t87 ^ _t57) * 0x1000193;
                                                                                                                                                                                                                                                        							_t82 = _t82 - 1;
                                                                                                                                                                                                                                                        						} while (_t82 != 0);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t78 = _v48;
                                                                                                                                                                                                                                                        					_t50 = 0x811c9dc5 &  *(_t78 + 0x18);
                                                                                                                                                                                                                                                        					_v44 =  *((intOrPtr*)(_t78 + 4));
                                                                                                                                                                                                                                                        					_t75 =  *((intOrPtr*)(_t78 + 0xc));
                                                                                                                                                                                                                                                        					_t86 =  *((intOrPtr*)(_t75 + _t50 * 8));
                                                                                                                                                                                                                                                        					_v48 = _t75;
                                                                                                                                                                                                                                                        					_v40 = _t50 + _t50 + 1;
                                                                                                                                                                                                                                                        					_t76 = _t86;
                                                                                                                                                                                                                                                        					while(1) {
                                                                                                                                                                                                                                                        						_t52 = _t86;
                                                                                                                                                                                                                                                        						if(_t86 != _v44) {
                                                                                                                                                                                                                                                        							_t52 =  *((intOrPtr*)( *((intOrPtr*)(_v48 + _v40 * 4))));
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						if(_t52 == _t76) {
                                                                                                                                                                                                                                                        							L27:
                                                                                                                                                                                                                                                        							_t53 =  *_t91;
                                                                                                                                                                                                                                                        							 *_t53 = _v44;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if( *((intOrPtr*)(_t76 + 0x18)) != _t84) {
                                                                                                                                                                                                                                                        								L11:
                                                                                                                                                                                                                                                        								_t76 =  *_t76;
                                                                                                                                                                                                                                                        								continue;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								if( *((intOrPtr*)(_t76 + 0x1c)) <= 7) {
                                                                                                                                                                                                                                                        									_t54 = _t76 + 8;
                                                                                                                                                                                                                                                        									if(_t84 == 0) {
                                                                                                                                                                                                                                                        										goto L26;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										goto L20;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								} else {
                                                                                                                                                                                                                                                        									_t54 =  *((intOrPtr*)(_t76 + 8));
                                                                                                                                                                                                                                                        									if(_t84 != 0) {
                                                                                                                                                                                                                                                        										L20:
                                                                                                                                                                                                                                                        										_t80 = 0;
                                                                                                                                                                                                                                                        										while(( *(_t54 + _t80 * 2) & 0x0000ffff) ==  *((intOrPtr*)(_t70 + _t80 * 2))) {
                                                                                                                                                                                                                                                        											_t80 = _t80 + 1;
                                                                                                                                                                                                                                                        											if(_t84 != _t80) {
                                                                                                                                                                                                                                                        												continue;
                                                                                                                                                                                                                                                        											} else {
                                                                                                                                                                                                                                                        												_t81 = 0;
                                                                                                                                                                                                                                                        												asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        												while(( *(_t70 + _t81 * 2) & 0x0000ffff) ==  *((intOrPtr*)(_t54 + _t81 * 2))) {
                                                                                                                                                                                                                                                        													_t81 = _t81 + 1;
                                                                                                                                                                                                                                                        													if(_t84 != _t81) {
                                                                                                                                                                                                                                                        														continue;
                                                                                                                                                                                                                                                        													} else {
                                                                                                                                                                                                                                                        														goto L26;
                                                                                                                                                                                                                                                        													}
                                                                                                                                                                                                                                                        													goto L28;
                                                                                                                                                                                                                                                        												}
                                                                                                                                                                                                                                                        												goto L27;
                                                                                                                                                                                                                                                        											}
                                                                                                                                                                                                                                                        											goto L28;
                                                                                                                                                                                                                                                        										}
                                                                                                                                                                                                                                                        										goto L11;
                                                                                                                                                                                                                                                        									} else {
                                                                                                                                                                                                                                                        										L26:
                                                                                                                                                                                                                                                        										_t53 =  *_t91;
                                                                                                                                                                                                                                                        										 *_t53 = _t76;
                                                                                                                                                                                                                                                        									}
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L28:
                                                                                                                                                                                                                                                        						return _t53;
                                                                                                                                                                                                                                                        						goto L29;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t69 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t58 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				L29:
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bc4130
                                                                                                                                                                                                                                                        0x00bc4136
                                                                                                                                                                                                                                                        0x00bc413d
                                                                                                                                                                                                                                                        0x00bc413f
                                                                                                                                                                                                                                                        0x00bc4144
                                                                                                                                                                                                                                                        0x00bc414b
                                                                                                                                                                                                                                                        0x00bc414e
                                                                                                                                                                                                                                                        0x00bc4152
                                                                                                                                                                                                                                                        0x00bc4155
                                                                                                                                                                                                                                                        0x00bc415b
                                                                                                                                                                                                                                                        0x00bc415d
                                                                                                                                                                                                                                                        0x00bc4164
                                                                                                                                                                                                                                                        0x00bc416b
                                                                                                                                                                                                                                                        0x00bc4170
                                                                                                                                                                                                                                                        0x00bc4175
                                                                                                                                                                                                                                                        0x00bc4179
                                                                                                                                                                                                                                                        0x00bc417e
                                                                                                                                                                                                                                                        0x00bc4183
                                                                                                                                                                                                                                                        0x00bc4188
                                                                                                                                                                                                                                                        0x00bc418f
                                                                                                                                                                                                                                                        0x00bc4196
                                                                                                                                                                                                                                                        0x00bc419b
                                                                                                                                                                                                                                                        0x00bc419f
                                                                                                                                                                                                                                                        0x00bc41a8
                                                                                                                                                                                                                                                        0x00bc41b8
                                                                                                                                                                                                                                                        0x00bc41bd
                                                                                                                                                                                                                                                        0x00bc41c2
                                                                                                                                                                                                                                                        0x00bc41c3
                                                                                                                                                                                                                                                        0x00bc41c4
                                                                                                                                                                                                                                                        0x00bc41c5
                                                                                                                                                                                                                                                        0x00bc41c6
                                                                                                                                                                                                                                                        0x00bc41c7
                                                                                                                                                                                                                                                        0x00bc41c8
                                                                                                                                                                                                                                                        0x00bc41c9
                                                                                                                                                                                                                                                        0x00bc41ca
                                                                                                                                                                                                                                                        0x00bc41cb
                                                                                                                                                                                                                                                        0x00bc41cc
                                                                                                                                                                                                                                                        0x00bc41cd
                                                                                                                                                                                                                                                        0x00bc41ce
                                                                                                                                                                                                                                                        0x00bc41cf
                                                                                                                                                                                                                                                        0x00bc41d1
                                                                                                                                                                                                                                                        0x00bc41d2
                                                                                                                                                                                                                                                        0x00bc41d3
                                                                                                                                                                                                                                                        0x00bc41d4
                                                                                                                                                                                                                                                        0x00bc41d7
                                                                                                                                                                                                                                                        0x00bc41db
                                                                                                                                                                                                                                                        0x00bc41df
                                                                                                                                                                                                                                                        0x00bc41e6
                                                                                                                                                                                                                                                        0x00bc41e8
                                                                                                                                                                                                                                                        0x00bc41e8
                                                                                                                                                                                                                                                        0x00bc41f0
                                                                                                                                                                                                                                                        0x00bc41f3
                                                                                                                                                                                                                                                        0x00bc41f5
                                                                                                                                                                                                                                                        0x00bc41f8
                                                                                                                                                                                                                                                        0x00bc41fd
                                                                                                                                                                                                                                                        0x00bc4200
                                                                                                                                                                                                                                                        0x00bc4200
                                                                                                                                                                                                                                                        0x00bc4203
                                                                                                                                                                                                                                                        0x00bc4206
                                                                                                                                                                                                                                                        0x00bc420c
                                                                                                                                                                                                                                                        0x00bc420c
                                                                                                                                                                                                                                                        0x00bc420f
                                                                                                                                                                                                                                                        0x00bc4216
                                                                                                                                                                                                                                                        0x00bc421d
                                                                                                                                                                                                                                                        0x00bc4220
                                                                                                                                                                                                                                                        0x00bc4224
                                                                                                                                                                                                                                                        0x00bc4227
                                                                                                                                                                                                                                                        0x00bc422a
                                                                                                                                                                                                                                                        0x00bc4232
                                                                                                                                                                                                                                                        0x00bc4236
                                                                                                                                                                                                                                                        0x00bc4242
                                                                                                                                                                                                                                                        0x00bc4246
                                                                                                                                                                                                                                                        0x00bc4248
                                                                                                                                                                                                                                                        0x00bc4255
                                                                                                                                                                                                                                                        0x00bc4255
                                                                                                                                                                                                                                                        0x00bc4259
                                                                                                                                                                                                                                                        0x00bc42b6
                                                                                                                                                                                                                                                        0x00bc42b6
                                                                                                                                                                                                                                                        0x00bc42bd
                                                                                                                                                                                                                                                        0x00bc425b
                                                                                                                                                                                                                                                        0x00bc425e
                                                                                                                                                                                                                                                        0x00bc4240
                                                                                                                                                                                                                                                        0x00bc4240
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4260
                                                                                                                                                                                                                                                        0x00bc4264
                                                                                                                                                                                                                                                        0x00bc4270
                                                                                                                                                                                                                                                        0x00bc4275
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc4266
                                                                                                                                                                                                                                                        0x00bc4266
                                                                                                                                                                                                                                                        0x00bc426b
                                                                                                                                                                                                                                                        0x00bc4277
                                                                                                                                                                                                                                                        0x00bc4277
                                                                                                                                                                                                                                                        0x00bc4280
                                                                                                                                                                                                                                                        0x00bc428a
                                                                                                                                                                                                                                                        0x00bc428d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc428f
                                                                                                                                                                                                                                                        0x00bc428f
                                                                                                                                                                                                                                                        0x00bc4291
                                                                                                                                                                                                                                                        0x00bc42a0
                                                                                                                                                                                                                                                        0x00bc42aa
                                                                                                                                                                                                                                                        0x00bc42ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc42ad
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc42a0
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc428d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc426d
                                                                                                                                                                                                                                                        0x00bc42af
                                                                                                                                                                                                                                                        0x00bc42af
                                                                                                                                                                                                                                                        0x00bc42b2
                                                                                                                                                                                                                                                        0x00bc42b2
                                                                                                                                                                                                                                                        0x00bc426b
                                                                                                                                                                                                                                                        0x00bc4264
                                                                                                                                                                                                                                                        0x00bc425e
                                                                                                                                                                                                                                                        0x00bc42bf
                                                                                                                                                                                                                                                        0x00bc42c6
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bc42c6
                                                                                                                                                                                                                                                        0x00bc41aa
                                                                                                                                                                                                                                                        0x00bc41ab
                                                                                                                                                                                                                                                        0x00bc41ae
                                                                                                                                                                                                                                                        0x00bc41b1
                                                                                                                                                                                                                                                        0x00bc41b7
                                                                                                                                                                                                                                                        0x00bc41b7
                                                                                                                                                                                                                                                        0x00000000

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000024,?,?,00000000,?,00BC410B,?,?,?,00000000,00000000), ref: 00BC413F
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?,?,?,00000000,00000000), ref: 00BC41BD
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: a93cd89b59799ce93cdeffb93f185cccec6954bb2a62633a31fee93e4fa4ef0a
                                                                                                                                                                                                                                                        • Instruction ID: 585bb057d6e6d576e3d9d9ce7e6e0a3c26e9a9d24b02e15751af3008a9d0a32c
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a93cd89b59799ce93cdeffb93f185cccec6954bb2a62633a31fee93e4fa4ef0a
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 191139B1500B049FD709CF28D465B22BBE5FF8A718F2182ADE5094F262D7B2D842CB90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 48%
                                                                                                                                                                                                                                                        			E00BCB1E0(intOrPtr __eax, void* __ecx, void* __edx, intOrPtr* _a4) {
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				char _v36;
                                                                                                                                                                                                                                                        				signed int _v40;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        				signed int _t26;
                                                                                                                                                                                                                                                        				intOrPtr* _t28;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t33;
                                                                                                                                                                                                                                                        				intOrPtr _t34;
                                                                                                                                                                                                                                                        				intOrPtr _t45;
                                                                                                                                                                                                                                                        				intOrPtr _t49;
                                                                                                                                                                                                                                                        				intOrPtr* _t54;
                                                                                                                                                                                                                                                        				signed int _t55;
                                                                                                                                                                                                                                                        				intOrPtr* _t58;
                                                                                                                                                                                                                                                        				intOrPtr* _t59;
                                                                                                                                                                                                                                                        				intOrPtr _t60;
                                                                                                                                                                                                                                                        				intOrPtr _t66;
                                                                                                                                                                                                                                                        				intOrPtr _t68;
                                                                                                                                                                                                                                                        				signed int _t74;
                                                                                                                                                                                                                                                        				void* _t75;
                                                                                                                                                                                                                                                        				signed int _t76;
                                                                                                                                                                                                                                                        				void* _t77;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t58 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_t33 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x20);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t54 = _t58;
                                                                                                                                                                                                                                                        				_t76 = _t75 + 4;
                                                                                                                                                                                                                                                        				_t39 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t59 = _a4;
                                                                                                                                                                                                                                                        				_t41 =  ==  ? __eax : _t58;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t58;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 8)) =  *_t59;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 0x1c)) =  *((intOrPtr*)(_t59 + 0x14));
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [edi+0x4]");
                                                                                                                                                                                                                                                        				asm("movsd xmm1, [edi+0xc]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x14], xmm1");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0xc], xmm0");
                                                                                                                                                                                                                                                        				_t45 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t45 == 0x7fffffe) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					asm("movss xmm0, [ecx+0x8]");
                                                                                                                                                                                                                                                        					asm("movsd xmm1, [0xbf0f38]");
                                                                                                                                                                                                                                                        					asm("movss xmm2, [ecx+0x1c]");
                                                                                                                                                                                                                                                        					asm("orpd xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("orpd xmm2, xmm1");
                                                                                                                                                                                                                                                        					asm("subsd xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("subsd xmm2, xmm1");
                                                                                                                                                                                                                                                        					asm("cvtsd2ss xmm0, xmm0");
                                                                                                                                                                                                                                                        					asm("xorps xmm1, xmm1");
                                                                                                                                                                                                                                                        					asm("cvtsd2ss xmm1, xmm2");
                                                                                                                                                                                                                                                        					asm("divss xmm0, xmm1");
                                                                                                                                                                                                                                                        					asm("ucomiss xmm0, [ecx]");
                                                                                                                                                                                                                                                        					if(__eflags <= 0) {
                                                                                                                                                                                                                                                        						return __eax;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t55 =  *(_t45 + 0x1c);
                                                                                                                                                                                                                                                        						_t66 = _t45;
                                                                                                                                                                                                                                                        						__eflags = _t55 - 0x1fffffff;
                                                                                                                                                                                                                                                        						_t24 = 0 | _t55 - 0x1fffffff > 0x00000000;
                                                                                                                                                                                                                                                        						__eflags = _t55 - 0x200;
                                                                                                                                                                                                                                                        						_t47 =  >=  ? _t24 : 3;
                                                                                                                                                                                                                                                        						_t56 = _t55 << ( >=  ? _t24 : 3);
                                                                                                                                                                                                                                                        						E00BC3300(_t66, _t55 << ( >=  ? _t24 : 3));
                                                                                                                                                                                                                                                        						_t49 = _t66;
                                                                                                                                                                                                                                                        						_pop(_t67);
                                                                                                                                                                                                                                                        						_pop(_t73);
                                                                                                                                                                                                                                                        						_t74 = _t76;
                                                                                                                                                                                                                                                        						_push(_t33);
                                                                                                                                                                                                                                                        						_push(_t59);
                                                                                                                                                                                                                                                        						_t77 = _t76 - 0xc;
                                                                                                                                                                                                                                                        						_t26 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        						_v40 = _t26 ^ _t74;
                                                                                                                                                                                                                                                        						_t28 =  *((intOrPtr*)(_t49 + 4));
                                                                                                                                                                                                                                                        						_t60 =  *_t28;
                                                                                                                                                                                                                                                        						__eflags = _t60 - _t28;
                                                                                                                                                                                                                                                        						if(_t60 != _t28) {
                                                                                                                                                                                                                                                        							_t34 =  *((intOrPtr*)(_t28 + 4));
                                                                                                                                                                                                                                                        							_t68 = _t49;
                                                                                                                                                                                                                                                        							_t29 = _t60 + 8;
                                                                                                                                                                                                                                                        							_t56 =  &_v36;
                                                                                                                                                                                                                                                        							while(1) {
                                                                                                                                                                                                                                                        								_t28 = E00BCB0B0(_t49, _t56, _t29, _t60);
                                                                                                                                                                                                                                                        								_t77 = _t77 + 8;
                                                                                                                                                                                                                                                        								__eflags = _t60 - _t34;
                                                                                                                                                                                                                                                        								if(_t60 == _t34) {
                                                                                                                                                                                                                                                        									goto L7;
                                                                                                                                                                                                                                                        								}
                                                                                                                                                                                                                                                        								_t49 = _t68;
                                                                                                                                                                                                                                                        								_t56 =  &_v36;
                                                                                                                                                                                                                                                        								_t60 =  *((intOrPtr*)( *((intOrPtr*)(_t68 + 4))));
                                                                                                                                                                                                                                                        								_t29 = _t60 + 8;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        						L7:
                                                                                                                                                                                                                                                        						__eflags = _v28 ^ _t74;
                                                                                                                                                                                                                                                        						return E00BEECB0(_t28, _v28 ^ _t74, _t56);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t45 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t54 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}

























                                                                                                                                                                                                                                                        0x00bcb1e6
                                                                                                                                                                                                                                                        0x00bcb1eb
                                                                                                                                                                                                                                                        0x00bcb1ed
                                                                                                                                                                                                                                                        0x00bcb1ef
                                                                                                                                                                                                                                                        0x00bcb1f4
                                                                                                                                                                                                                                                        0x00bcb1f6
                                                                                                                                                                                                                                                        0x00bcb1fd
                                                                                                                                                                                                                                                        0x00bcb200
                                                                                                                                                                                                                                                        0x00bcb204
                                                                                                                                                                                                                                                        0x00bcb207
                                                                                                                                                                                                                                                        0x00bcb20a
                                                                                                                                                                                                                                                        0x00bcb20f
                                                                                                                                                                                                                                                        0x00bcb215
                                                                                                                                                                                                                                                        0x00bcb21a
                                                                                                                                                                                                                                                        0x00bcb21f
                                                                                                                                                                                                                                                        0x00bcb224
                                                                                                                                                                                                                                                        0x00bcb229
                                                                                                                                                                                                                                                        0x00bcb22e
                                                                                                                                                                                                                                                        0x00bcb237
                                                                                                                                                                                                                                                        0x00bcb247
                                                                                                                                                                                                                                                        0x00bcb24c
                                                                                                                                                                                                                                                        0x00bcb251
                                                                                                                                                                                                                                                        0x00bcb252
                                                                                                                                                                                                                                                        0x00bcb253
                                                                                                                                                                                                                                                        0x00bcb254
                                                                                                                                                                                                                                                        0x00bcb255
                                                                                                                                                                                                                                                        0x00bcb256
                                                                                                                                                                                                                                                        0x00bcb257
                                                                                                                                                                                                                                                        0x00bcb258
                                                                                                                                                                                                                                                        0x00bcb259
                                                                                                                                                                                                                                                        0x00bcb25a
                                                                                                                                                                                                                                                        0x00bcb25b
                                                                                                                                                                                                                                                        0x00bcb25c
                                                                                                                                                                                                                                                        0x00bcb25d
                                                                                                                                                                                                                                                        0x00bcb25e
                                                                                                                                                                                                                                                        0x00bcb25f
                                                                                                                                                                                                                                                        0x00bcb263
                                                                                                                                                                                                                                                        0x00bcb264
                                                                                                                                                                                                                                                        0x00bcb269
                                                                                                                                                                                                                                                        0x00bcb271
                                                                                                                                                                                                                                                        0x00bcb276
                                                                                                                                                                                                                                                        0x00bcb27a
                                                                                                                                                                                                                                                        0x00bcb27e
                                                                                                                                                                                                                                                        0x00bcb282
                                                                                                                                                                                                                                                        0x00bcb286
                                                                                                                                                                                                                                                        0x00bcb28a
                                                                                                                                                                                                                                                        0x00bcb28d
                                                                                                                                                                                                                                                        0x00bcb291
                                                                                                                                                                                                                                                        0x00bcb295
                                                                                                                                                                                                                                                        0x00bcb298
                                                                                                                                                                                                                                                        0x00bcb2cc
                                                                                                                                                                                                                                                        0x00bcb29a
                                                                                                                                                                                                                                                        0x00bcb29a
                                                                                                                                                                                                                                                        0x00bcb29f
                                                                                                                                                                                                                                                        0x00bcb2a6
                                                                                                                                                                                                                                                        0x00bcb2ac
                                                                                                                                                                                                                                                        0x00bcb2af
                                                                                                                                                                                                                                                        0x00bcb2b5
                                                                                                                                                                                                                                                        0x00bcb2b8
                                                                                                                                                                                                                                                        0x00bcb2bc
                                                                                                                                                                                                                                                        0x00bcb2c1
                                                                                                                                                                                                                                                        0x00bcb2c3
                                                                                                                                                                                                                                                        0x00bcb2c4
                                                                                                                                                                                                                                                        0x00bcb2d1
                                                                                                                                                                                                                                                        0x00bcb2d3
                                                                                                                                                                                                                                                        0x00bcb2d4
                                                                                                                                                                                                                                                        0x00bcb2d6
                                                                                                                                                                                                                                                        0x00bcb2d9
                                                                                                                                                                                                                                                        0x00bcb2e0
                                                                                                                                                                                                                                                        0x00bcb2e3
                                                                                                                                                                                                                                                        0x00bcb2e6
                                                                                                                                                                                                                                                        0x00bcb2e8
                                                                                                                                                                                                                                                        0x00bcb2ea
                                                                                                                                                                                                                                                        0x00bcb2fe
                                                                                                                                                                                                                                                        0x00bcb301
                                                                                                                                                                                                                                                        0x00bcb303
                                                                                                                                                                                                                                                        0x00bcb306
                                                                                                                                                                                                                                                        0x00bcb309
                                                                                                                                                                                                                                                        0x00bcb30b
                                                                                                                                                                                                                                                        0x00bcb310
                                                                                                                                                                                                                                                        0x00bcb313
                                                                                                                                                                                                                                                        0x00bcb315
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bcb31a
                                                                                                                                                                                                                                                        0x00bcb31c
                                                                                                                                                                                                                                                        0x00bcb31f
                                                                                                                                                                                                                                                        0x00bcb321
                                                                                                                                                                                                                                                        0x00bcb321
                                                                                                                                                                                                                                                        0x00bcb309
                                                                                                                                                                                                                                                        0x00bcb2ec
                                                                                                                                                                                                                                                        0x00bcb2ef
                                                                                                                                                                                                                                                        0x00bcb2fd
                                                                                                                                                                                                                                                        0x00bcb2fd
                                                                                                                                                                                                                                                        0x00bcb239
                                                                                                                                                                                                                                                        0x00bcb23a
                                                                                                                                                                                                                                                        0x00bcb23d
                                                                                                                                                                                                                                                        0x00bcb240
                                                                                                                                                                                                                                                        0x00bcb246
                                                                                                                                                                                                                                                        0x00bcb246

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000020,?,?,00000000,?,00BCAE01,?), ref: 00BCB1EF
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?), ref: 00BCB24C
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 86c40797d60711486276fd4439cc062169ecc3392055f109efd1924c2a3f7690
                                                                                                                                                                                                                                                        • Instruction ID: b009d856005ab16400ac5535299bfa9ae21bcaf202a1b5aec99c486b72a5c702
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 86c40797d60711486276fd4439cc062169ecc3392055f109efd1924c2a3f7690
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B4017CB1A00A059FC708CF19D555925FBE6EFC9350719C2AEE90E8B762DB70EC01CBA0
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BDF940(void* __edx, void* __eflags, void** _a4, intOrPtr _a8, intOrPtr _a12, HANDLE* _a16) {
                                                                                                                                                                                                                                                        				signed int _v20;
                                                                                                                                                                                                                                                        				long _v24;
                                                                                                                                                                                                                                                        				long _v28;
                                                                                                                                                                                                                                                        				void* _v32;
                                                                                                                                                                                                                                                        				signed int _t15;
                                                                                                                                                                                                                                                        				void** _t25;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				HANDLE* _t31;
                                                                                                                                                                                                                                                        				void* _t32;
                                                                                                                                                                                                                                                        				signed int _t33;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 = __edx;
                                                                                                                                                                                                                                                        				_t15 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t31 = _a16;
                                                                                                                                                                                                                                                        				_v20 = _t15 ^ _t33;
                                                                                                                                                                                                                                                        				 *_t31 = 0;
                                                                                                                                                                                                                                                        				_v24 = 0;
                                                                                                                                                                                                                                                        				_t18 = E00BEB3D0("NtOpenProcessToken",  &_v24);
                                                                                                                                                                                                                                                        				_t32 = 0xc0000022;
                                                                                                                                                                                                                                                        				if(_a8 == 0xffffffff) {
                                                                                                                                                                                                                                                        					_t25 = _a4;
                                                                                                                                                                                                                                                        					_v28 = 0;
                                                                                                                                                                                                                                                        					_t18 = _v24( *_t25, _a12,  &_v28);
                                                                                                                                                                                                                                                        					_t32 = _t18;
                                                                                                                                                                                                                                                        					if(_t18 >= 0) {
                                                                                                                                                                                                                                                        						_v32 = _v28;
                                                                                                                                                                                                                                                        						if(DuplicateHandle(GetCurrentProcess(), _v32,  *_t25, _t31, 0, 0, 3) == 0) {
                                                                                                                                                                                                                                                        							_t32 = 0xc0000022;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t18, _v20 ^ _t33, _t30);
                                                                                                                                                                                                                                                        				return _t32;
                                                                                                                                                                                                                                                        			}













                                                                                                                                                                                                                                                        0x00bdf940
                                                                                                                                                                                                                                                        0x00bdf949
                                                                                                                                                                                                                                                        0x00bdf94e
                                                                                                                                                                                                                                                        0x00bdf956
                                                                                                                                                                                                                                                        0x00bdf95c
                                                                                                                                                                                                                                                        0x00bdf962
                                                                                                                                                                                                                                                        0x00bdf96f
                                                                                                                                                                                                                                                        0x00bdf977
                                                                                                                                                                                                                                                        0x00bdf97f
                                                                                                                                                                                                                                                        0x00bdf995
                                                                                                                                                                                                                                                        0x00bdf99e
                                                                                                                                                                                                                                                        0x00bdf9a9
                                                                                                                                                                                                                                                        0x00bdf9ac
                                                                                                                                                                                                                                                        0x00bdf9b0
                                                                                                                                                                                                                                                        0x00bdf9b7
                                                                                                                                                                                                                                                        0x00bdf9d4
                                                                                                                                                                                                                                                        0x00bdf9d6
                                                                                                                                                                                                                                                        0x00bdf9d6
                                                                                                                                                                                                                                                        0x00bdf9d4
                                                                                                                                                                                                                                                        0x00bdf9b0
                                                                                                                                                                                                                                                        0x00bdf986
                                                                                                                                                                                                                                                        0x00bdf994

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BEB3D0: GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00BDF9BA
                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,00000003,?,?,00000000,00000000,00000003), ref: 00BDF9CC
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressCurrentDuplicateHandleProcProcess
                                                                                                                                                                                                                                                        • String ID: NtOpenProcessToken
                                                                                                                                                                                                                                                        • API String ID: 3554645133-3329886552
                                                                                                                                                                                                                                                        • Opcode ID: 477945fd10f835f66bacf82f1482a9613b7b2479b341bd3429bd97f37feab042
                                                                                                                                                                                                                                                        • Instruction ID: 2607c3763e546242c2ac362382dc9076192eedda54495294615d6d79213ac992
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 477945fd10f835f66bacf82f1482a9613b7b2479b341bd3429bd97f37feab042
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 631142B1E0420AABDB109F65DC99BBFBBF8EF04314F100455E915A7381EB74AD148BA1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 93%
                                                                                                                                                                                                                                                        			E00BCE4F0(void* __ecx, void* __edx, char _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				signed int _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				signed int _t9;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED** _t19;
                                                                                                                                                                                                                                                        				struct _OVERLAPPED* _t22;
                                                                                                                                                                                                                                                        				void* _t27;
                                                                                                                                                                                                                                                        				void* _t29;
                                                                                                                                                                                                                                                        				void* _t30;
                                                                                                                                                                                                                                                        				signed int _t31;
                                                                                                                                                                                                                                                        				signed int _t32;
                                                                                                                                                                                                                                                        				void* _t34;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t27 = __edx;
                                                                                                                                                                                                                                                        				_t34 = (_t32 & 0xfffffff8) - 0xc0;
                                                                                                                                                                                                                                                        				_t9 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_t29 = __ecx;
                                                                                                                                                                                                                                                        				_t19 =  &_a4;
                                                                                                                                                                                                                                                        				_v24 = _t9 ^ _t31;
                                                                                                                                                                                                                                                        				if( *((intOrPtr*)(__ecx + 0xc)) + 1 <= 1) {
                                                                                                                                                                                                                                                        					_push("job_thread_.IsValid()");
                                                                                                                                                                                                                                                        					E00BC1FF0(_t34, "/builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc", 0x2d3);
                                                                                                                                                                                                                                                        					E00BC20C0();
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				if(PostQueuedCompletionStatus( *(_t29 + 4), 0, 4,  *_t19) == 0) {
                                                                                                                                                                                                                                                        					_t13 =  *((intOrPtr*)( *( *_t19) + 4))(1);
                                                                                                                                                                                                                                                        					_t22 =  *_t19;
                                                                                                                                                                                                                                                        					_t30 = 1;
                                                                                                                                                                                                                                                        					if(_t22 != 0) {
                                                                                                                                                                                                                                                        						_t13 =  *((intOrPtr*)(_t22->Internal + 8))(1);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *_t19 = 0;
                                                                                                                                                                                                                                                        					_t30 = 0;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				E00BEECB0(_t13, _v28 ^ _t31, _t27);
                                                                                                                                                                                                                                                        				return _t30;
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bce4f0
                                                                                                                                                                                                                                                        0x00bce4f9
                                                                                                                                                                                                                                                        0x00bce4ff
                                                                                                                                                                                                                                                        0x00bce504
                                                                                                                                                                                                                                                        0x00bce506
                                                                                                                                                                                                                                                        0x00bce50b
                                                                                                                                                                                                                                                        0x00bce519
                                                                                                                                                                                                                                                        0x00bce51f
                                                                                                                                                                                                                                                        0x00bce52e
                                                                                                                                                                                                                                                        0x00bce535
                                                                                                                                                                                                                                                        0x00bce535
                                                                                                                                                                                                                                                        0x00bce54b
                                                                                                                                                                                                                                                        0x00bce575
                                                                                                                                                                                                                                                        0x00bce578
                                                                                                                                                                                                                                                        0x00bce57a
                                                                                                                                                                                                                                                        0x00bce581
                                                                                                                                                                                                                                                        0x00bce587
                                                                                                                                                                                                                                                        0x00bce587
                                                                                                                                                                                                                                                        0x00bce54d
                                                                                                                                                                                                                                                        0x00bce54d
                                                                                                                                                                                                                                                        0x00bce553
                                                                                                                                                                                                                                                        0x00bce553
                                                                                                                                                                                                                                                        0x00bce55e
                                                                                                                                                                                                                                                        0x00bce56c

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • PostQueuedCompletionStatus.KERNEL32(?,00000000,00000004,?), ref: 00BCE543
                                                                                                                                                                                                                                                          • Part of subcall function 00BC20C0: ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ.MSVCP140(00BF0324,?,?,?,00BCA1FF,/builds/worker/checkouts/gecko/security/sandbox/chromium/base/threading/thread_local_storage.cc,000000EC,00000000), ref: 00BC2108
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • job_thread_.IsValid(), xrefs: 00BCE51F
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc, xrefs: 00BCE529
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??1?$basic_streambuf@CompletionD@std@@@std@@PostQueuedStatusU?$char_traits@
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/security/sandbox/chromium/sandbox/win/src/broker_services.cc$job_thread_.IsValid()
                                                                                                                                                                                                                                                        • API String ID: 2399711458-3255009386
                                                                                                                                                                                                                                                        • Opcode ID: 6acec4094936c90cb865b500b2ee4778d9506614ec9b0954d5ff43174bf00634
                                                                                                                                                                                                                                                        • Instruction ID: 803ee21687cb8fcffee11522c9bafc3644fe8b7a99c4bb9fd20c5b31a1b9600b
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6acec4094936c90cb865b500b2ee4778d9506614ec9b0954d5ff43174bf00634
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CC11E1317002009FD7209B68DC96F6A77E5EF84B14F0444ADE62A8B2D1CF71EC05C792
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00BEACA1,\??\,00000004,00000001,?,00BEACA1,00BCFF01), ref: 00BEA2C7
                                                                                                                                                                                                                                                        • _wcsnicmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00000005), ref: 00BEA312
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: _wcsnicmp
                                                                                                                                                                                                                                                        • String ID: \??\
                                                                                                                                                                                                                                                        • API String ID: 1886669725-3047946824
                                                                                                                                                                                                                                                        • Opcode ID: 1df7411586f941eaeadf43f144c69e5eff6ecb1e61de6aa05b93921292072673
                                                                                                                                                                                                                                                        • Instruction ID: 180514a2dc542b9d6d373b9a37cf0166b83d421a7a1e2a90762dfad8c9a4b60d
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1df7411586f941eaeadf43f144c69e5eff6ecb1e61de6aa05b93921292072673
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9911E570E007049BCB20DF68DC459ABB7F8EF04304F400D6DEA1667240EB30A558CB96
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 65%
                                                                                                                                                                                                                                                        			E00BD6AD0(intOrPtr __eax, void* __ebx, intOrPtr __ecx, void* __edx, void* __edi, void* __esi, intOrPtr _a4) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _t17;
                                                                                                                                                                                                                                                        				intOrPtr _t19;
                                                                                                                                                                                                                                                        				signed int** _t20;
                                                                                                                                                                                                                                                        				signed int* _t21;
                                                                                                                                                                                                                                                        				intOrPtr _t25;
                                                                                                                                                                                                                                                        				intOrPtr _t27;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				signed int* _t34;
                                                                                                                                                                                                                                                        				signed int _t38;
                                                                                                                                                                                                                                                        				intOrPtr* _t40;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t17 = __eax;
                                                                                                                                                                                                                                                        				_t40 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_v20 = __ecx;
                                                                                                                                                                                                                                                        				_push(0x5c);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_v24 = _t40;
                                                                                                                                                                                                                                                        				_t27 = __eax;
                                                                                                                                                                                                                                                        				_t31 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t41 =  ==  ? __eax : _t40;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t5 = _t17 + 8; // 0x8
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t40;
                                                                                                                                                                                                                                                        				E00BD5A10(_t5, _a4);
                                                                                                                                                                                                                                                        				_t33 = _v20;
                                                                                                                                                                                                                                                        				_t19 =  *((intOrPtr*)(_t33 + 4));
                                                                                                                                                                                                                                                        				if(_t19 == 0x2c8590a) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_t20 =  *0xbfb5c0; // 0x0
                                                                                                                                                                                                                                                        					if(_t20 == 0) {
                                                                                                                                                                                                                                                        						_t21 =  *0xbfb5bc; // 0x0
                                                                                                                                                                                                                                                        						if(_t21 == 0) {
                                                                                                                                                                                                                                                        							return 0;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							_push(0);
                                                                                                                                                                                                                                                        							_t20 = E00BE3CE0(8 +  *_t21 * 4, 0);
                                                                                                                                                                                                                                                        							_t34 =  *0xbfb5bc; // 0x0
                                                                                                                                                                                                                                                        							 *0xbfb5c0 = _t20;
                                                                                                                                                                                                                                                        							 *_t20 = _t34;
                                                                                                                                                                                                                                                        							if( *_t34 > 0) {
                                                                                                                                                                                                                                                        								_t38 = 0;
                                                                                                                                                                                                                                                        								asm("o16 nop [cs:eax+eax]");
                                                                                                                                                                                                                                                        								do {
                                                                                                                                                                                                                                                        									 *((intOrPtr*)(_t20 + 4 + _t38 * 4)) = 0;
                                                                                                                                                                                                                                                        									_t38 = _t38 + 1;
                                                                                                                                                                                                                                                        								} while (_t38 <  *_t34);
                                                                                                                                                                                                                                                        								return _t20;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        							goto L4;
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						L4:
                                                                                                                                                                                                                                                        						return _t20;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					_t25 = _t19 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t33 + 4)) = _t25;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = _t27;
                                                                                                                                                                                                                                                        					 *_v24 = _t27;
                                                                                                                                                                                                                                                        					return _t25;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00bd6ad0
                                                                                                                                                                                                                                                        0x00bd6ad9
                                                                                                                                                                                                                                                        0x00bd6ade
                                                                                                                                                                                                                                                        0x00bd6ae1
                                                                                                                                                                                                                                                        0x00bd6ae3
                                                                                                                                                                                                                                                        0x00bd6af2
                                                                                                                                                                                                                                                        0x00bd6af5
                                                                                                                                                                                                                                                        0x00bd6af7
                                                                                                                                                                                                                                                        0x00bd6afa
                                                                                                                                                                                                                                                        0x00bd6afd
                                                                                                                                                                                                                                                        0x00bd6aff
                                                                                                                                                                                                                                                        0x00bd6b02
                                                                                                                                                                                                                                                        0x00bd6b05
                                                                                                                                                                                                                                                        0x00bd6b0a
                                                                                                                                                                                                                                                        0x00bd6b0d
                                                                                                                                                                                                                                                        0x00bd6b15
                                                                                                                                                                                                                                                        0x00bd6b2b
                                                                                                                                                                                                                                                        0x00bd6b30
                                                                                                                                                                                                                                                        0x00bd6b35
                                                                                                                                                                                                                                                        0x00bd6b36
                                                                                                                                                                                                                                                        0x00bd6b37
                                                                                                                                                                                                                                                        0x00bd6b38
                                                                                                                                                                                                                                                        0x00bd6b39
                                                                                                                                                                                                                                                        0x00bd6b3a
                                                                                                                                                                                                                                                        0x00bd6b3b
                                                                                                                                                                                                                                                        0x00bd6b3c
                                                                                                                                                                                                                                                        0x00bd6b3d
                                                                                                                                                                                                                                                        0x00bd6b3e
                                                                                                                                                                                                                                                        0x00bd6b3f
                                                                                                                                                                                                                                                        0x00bd6b43
                                                                                                                                                                                                                                                        0x00bd6b4a
                                                                                                                                                                                                                                                        0x00bd6b4e
                                                                                                                                                                                                                                                        0x00bd6b55
                                                                                                                                                                                                                                                        0x00bd6ba2
                                                                                                                                                                                                                                                        0x00bd6b57
                                                                                                                                                                                                                                                        0x00bd6b60
                                                                                                                                                                                                                                                        0x00bd6b65
                                                                                                                                                                                                                                                        0x00bd6b6d
                                                                                                                                                                                                                                                        0x00bd6b73
                                                                                                                                                                                                                                                        0x00bd6b78
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b7f
                                                                                                                                                                                                                                                        0x00bd6b81
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00bd6b98
                                                                                                                                                                                                                                                        0x00bd6b99
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b90
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd6b7d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b4d
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b17
                                                                                                                                                                                                                                                        0x00bd6b18
                                                                                                                                                                                                                                                        0x00bd6b1e
                                                                                                                                                                                                                                                        0x00bd6b21
                                                                                                                                                                                                                                                        0x00bd6b2a
                                                                                                                                                                                                                                                        0x00bd6b2a

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000005C), ref: 00BD6AE3
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long), ref: 00BD6B30
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: c954d6beecc7593f92b49b0bfda570144601c497877bbf19847343e93e290460
                                                                                                                                                                                                                                                        • Instruction ID: fdba575caccd2247ce3285957d03fd77d643f54ddce82480f60d294213121015
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c954d6beecc7593f92b49b0bfda570144601c497877bbf19847343e93e290460
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8B0181B1A002189FC704EF59C88586AFBF5EF8831075585AAD80D9B311E771AD05CBE1
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 67%
                                                                                                                                                                                                                                                        			E00BD9080(intOrPtr __eax, void* __ecx, intOrPtr* __edx, void* _a4) {
                                                                                                                                                                                                                                                        				intOrPtr* _v0;
                                                                                                                                                                                                                                                        				intOrPtr* _v16;
                                                                                                                                                                                                                                                        				intOrPtr* _v24;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				intOrPtr* _t31;
                                                                                                                                                                                                                                                        				intOrPtr _t33;
                                                                                                                                                                                                                                                        				intOrPtr* _t35;
                                                                                                                                                                                                                                                        				char _t38;
                                                                                                                                                                                                                                                        				intOrPtr _t40;
                                                                                                                                                                                                                                                        				intOrPtr* _t41;
                                                                                                                                                                                                                                                        				intOrPtr* _t42;
                                                                                                                                                                                                                                                        				intOrPtr* _t51;
                                                                                                                                                                                                                                                        				intOrPtr _t53;
                                                                                                                                                                                                                                                        				intOrPtr _t56;
                                                                                                                                                                                                                                                        				intOrPtr _t59;
                                                                                                                                                                                                                                                        				intOrPtr* _t61;
                                                                                                                                                                                                                                                        				void* _t64;
                                                                                                                                                                                                                                                        				void* _t65;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t41 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0x10);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t65 = _t64 + 4;
                                                                                                                                                                                                                                                        				_t47 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t49 =  ==  ? __eax : _t41;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t41;
                                                                                                                                                                                                                                                        				asm("movsd xmm0, [ecx]");
                                                                                                                                                                                                                                                        				asm("movsd [eax+0x8], xmm0");
                                                                                                                                                                                                                                                        				_t51 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                                                                                                                                        				if(_t51 == 0xffffffe) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(_t41);
                                                                                                                                                                                                                                                        					_push(__ecx);
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					_push(__eax);
                                                                                                                                                                                                                                                        					_t59 =  *_t51;
                                                                                                                                                                                                                                                        					_t61 = __edx;
                                                                                                                                                                                                                                                        					_t31 = _v16;
                                                                                                                                                                                                                                                        					_v40 = _t51;
                                                                                                                                                                                                                                                        					_t56 =  *((intOrPtr*)(_t59 + 4));
                                                                                                                                                                                                                                                        					if( *((char*)(_t56 + 0xd)) != 0) {
                                                                                                                                                                                                                                                        						L11:
                                                                                                                                                                                                                                                        						_push(0x1c);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						_t42 = _t31;
                                                                                                                                                                                                                                                        						_t33 =  *_v24;
                                                                                                                                                                                                                                                        						 *_t42 = _t33;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 4)) = _t33;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 8)) = _t33;
                                                                                                                                                                                                                                                        						 *((short*)(_t42 + 0xc)) = 0;
                                                                                                                                                                                                                                                        						_t35 =  *_v0;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x10)) = _t35;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x18)) = 0;
                                                                                                                                                                                                                                                        						_push(0xc);
                                                                                                                                                                                                                                                        						L00BEF6BA();
                                                                                                                                                                                                                                                        						 *_t35 = _t35;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t35 + 4)) = _t35;
                                                                                                                                                                                                                                                        						 *((intOrPtr*)(_t42 + 0x14)) = _t35;
                                                                                                                                                                                                                                                        						_t29 = _t42 + 0x10; // 0x10
                                                                                                                                                                                                                                                        						E00BD9190(_v24, _t61, _t59, _t29, _t42);
                                                                                                                                                                                                                                                        						_t65 = _t65 + 0x14;
                                                                                                                                                                                                                                                        						_t38 = 1;
                                                                                                                                                                                                                                                        					} else {
                                                                                                                                                                                                                                                        						_t53 =  *_t31;
                                                                                                                                                                                                                                                        						_t40 = _t59;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t40 =  >=  ? _t56 : _t40;
                                                                                                                                                                                                                                                        							_t56 =  *((intOrPtr*)(_t56 + (0 |  *((intOrPtr*)(_t56 + 0x10)) - _t53 < 0x00000000) * 8));
                                                                                                                                                                                                                                                        						} while ( *((char*)(_t56 + 0xd)) == 0);
                                                                                                                                                                                                                                                        						if(_t40 == _t59) {
                                                                                                                                                                                                                                                        							goto L11;
                                                                                                                                                                                                                                                        						} else {
                                                                                                                                                                                                                                                        							if(_t53 <  *((intOrPtr*)(_t40 + 0x10))) {
                                                                                                                                                                                                                                                        								_t59 = _t40;
                                                                                                                                                                                                                                                        								goto L11;
                                                                                                                                                                                                                                                        							} else {
                                                                                                                                                                                                                                                        								 *__edx = _t40;
                                                                                                                                                                                                                                                        								_t38 = 0;
                                                                                                                                                                                                                                                        							}
                                                                                                                                                                                                                                                        						}
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *((char*)(_t61 + 4)) = _t38;
                                                                                                                                                                                                                                                        					return _t61;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__ecx + 4)) = _t51 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t41 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}





















                                                                                                                                                                                                                                                        0x00bd9086
                                                                                                                                                                                                                                                        0x00bd908d
                                                                                                                                                                                                                                                        0x00bd908f
                                                                                                                                                                                                                                                        0x00bd9094
                                                                                                                                                                                                                                                        0x00bd909b
                                                                                                                                                                                                                                                        0x00bd909e
                                                                                                                                                                                                                                                        0x00bd90a2
                                                                                                                                                                                                                                                        0x00bd90a5
                                                                                                                                                                                                                                                        0x00bd90ab
                                                                                                                                                                                                                                                        0x00bd90af
                                                                                                                                                                                                                                                        0x00bd90b4
                                                                                                                                                                                                                                                        0x00bd90bd
                                                                                                                                                                                                                                                        0x00bd90cd
                                                                                                                                                                                                                                                        0x00bd90d2
                                                                                                                                                                                                                                                        0x00bd90d7
                                                                                                                                                                                                                                                        0x00bd90d8
                                                                                                                                                                                                                                                        0x00bd90d9
                                                                                                                                                                                                                                                        0x00bd90da
                                                                                                                                                                                                                                                        0x00bd90db
                                                                                                                                                                                                                                                        0x00bd90dc
                                                                                                                                                                                                                                                        0x00bd90dd
                                                                                                                                                                                                                                                        0x00bd90de
                                                                                                                                                                                                                                                        0x00bd90df
                                                                                                                                                                                                                                                        0x00bd90e3
                                                                                                                                                                                                                                                        0x00bd90e4
                                                                                                                                                                                                                                                        0x00bd90e5
                                                                                                                                                                                                                                                        0x00bd90e6
                                                                                                                                                                                                                                                        0x00bd90e7
                                                                                                                                                                                                                                                        0x00bd90e9
                                                                                                                                                                                                                                                        0x00bd90eb
                                                                                                                                                                                                                                                        0x00bd90ee
                                                                                                                                                                                                                                                        0x00bd90f1
                                                                                                                                                                                                                                                        0x00bd90f8
                                                                                                                                                                                                                                                        0x00bd9130
                                                                                                                                                                                                                                                        0x00bd9130
                                                                                                                                                                                                                                                        0x00bd9132
                                                                                                                                                                                                                                                        0x00bd913a
                                                                                                                                                                                                                                                        0x00bd913f
                                                                                                                                                                                                                                                        0x00bd9141
                                                                                                                                                                                                                                                        0x00bd9143
                                                                                                                                                                                                                                                        0x00bd9146
                                                                                                                                                                                                                                                        0x00bd914c
                                                                                                                                                                                                                                                        0x00bd9152
                                                                                                                                                                                                                                                        0x00bd9154
                                                                                                                                                                                                                                                        0x00bd9157
                                                                                                                                                                                                                                                        0x00bd915e
                                                                                                                                                                                                                                                        0x00bd9160
                                                                                                                                                                                                                                                        0x00bd916b
                                                                                                                                                                                                                                                        0x00bd916d
                                                                                                                                                                                                                                                        0x00bd9170
                                                                                                                                                                                                                                                        0x00bd9176
                                                                                                                                                                                                                                                        0x00bd917b
                                                                                                                                                                                                                                                        0x00bd9180
                                                                                                                                                                                                                                                        0x00bd9183
                                                                                                                                                                                                                                                        0x00bd90fa
                                                                                                                                                                                                                                                        0x00bd90fa
                                                                                                                                                                                                                                                        0x00bd90fc
                                                                                                                                                                                                                                                        0x00bd9100
                                                                                                                                                                                                                                                        0x00bd9108
                                                                                                                                                                                                                                                        0x00bd910b
                                                                                                                                                                                                                                                        0x00bd910e
                                                                                                                                                                                                                                                        0x00bd9116
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd9118
                                                                                                                                                                                                                                                        0x00bd911b
                                                                                                                                                                                                                                                        0x00bd912e
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bd911d
                                                                                                                                                                                                                                                        0x00bd911d
                                                                                                                                                                                                                                                        0x00bd911f
                                                                                                                                                                                                                                                        0x00bd911f
                                                                                                                                                                                                                                                        0x00bd911b
                                                                                                                                                                                                                                                        0x00bd9116
                                                                                                                                                                                                                                                        0x00bd9121
                                                                                                                                                                                                                                                        0x00bd912d
                                                                                                                                                                                                                                                        0x00bd90bf
                                                                                                                                                                                                                                                        0x00bd90c0
                                                                                                                                                                                                                                                        0x00bd90c3
                                                                                                                                                                                                                                                        0x00bd90c6
                                                                                                                                                                                                                                                        0x00bd90cc
                                                                                                                                                                                                                                                        0x00bd90cc

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(00000010,?,00000003,00000000,?,00BD83EA,?,?,00000003,00000003,00000003), ref: 00BD908F
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,?,?,00000003,00000003,00000003), ref: 00BD90D2
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: a1cc017f8ffb0ee318e781e5b5e6704ffdefb9a80a05af161caaf644cc2577a8
                                                                                                                                                                                                                                                        • Instruction ID: e19c1fb6ba6f84d0a22b2741b61d6bd75c80477e488237db56feea336a7a35c4
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a1cc017f8ffb0ee318e781e5b5e6704ffdefb9a80a05af161caaf644cc2577a8
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FBF0B4B1600A086FCB0CDF29D495925F7E9FF8971071182BEE91E87362E7709C00C790
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                                                                                                                        			E00BE70E0(intOrPtr __eax, void* __ebx, void* __ecx, void* __edx, void* __edi, void* _a4) {
                                                                                                                                                                                                                                                        				void* _v16;
                                                                                                                                                                                                                                                        				intOrPtr* _t30;
                                                                                                                                                                                                                                                        				void* _t38;
                                                                                                                                                                                                                                                        				void* _t41;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t30 =  *((intOrPtr*)(__edx + 4));
                                                                                                                                                                                                                                                        				_push(0xc);
                                                                                                                                                                                                                                                        				L00BEF6BA();
                                                                                                                                                                                                                                                        				_t41 = _a4;
                                                                                                                                                                                                                                                        				_t34 =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax)) =  ==  ? __eax : __edx;
                                                                                                                                                                                                                                                        				_t36 =  ==  ? __eax : _t30;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__eax + 4)) =  ==  ? __eax : _t30;
                                                                                                                                                                                                                                                        				 *_t41 = 0;
                                                                                                                                                                                                                                                        				 *(__eax + 8) =  *_t41;
                                                                                                                                                                                                                                                        				_t38 =  *(__ecx + 4);
                                                                                                                                                                                                                                                        				if(_t38 == 0x15555554) {
                                                                                                                                                                                                                                                        					_push("list<T> too long");
                                                                                                                                                                                                                                                        					L00BEF798();
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        					_push(__edx);
                                                                                                                                                                                                                                                        					 *(_t38 + 4) = 0;
                                                                                                                                                                                                                                                        					 *_t38 = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0xc) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 8) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x14) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x10) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x1c) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x18) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x24) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x20) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x2c) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x28) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x34) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x30) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x3c) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x38) = 0;
                                                                                                                                                                                                                                                        					 *(_t38 + 0x40) = 0;
                                                                                                                                                                                                                                                        					CopySid(0x44, _t38, _v16);
                                                                                                                                                                                                                                                        					return _t38;
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					 *(__ecx + 4) = _t38 + 1;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(__edx + 4)) = __eax;
                                                                                                                                                                                                                                                        					 *_t30 = __eax;
                                                                                                                                                                                                                                                        					return __eax;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        			}







                                                                                                                                                                                                                                                        0x00be70e6
                                                                                                                                                                                                                                                        0x00be70ed
                                                                                                                                                                                                                                                        0x00be70ef
                                                                                                                                                                                                                                                        0x00be70fb
                                                                                                                                                                                                                                                        0x00be70fe
                                                                                                                                                                                                                                                        0x00be7101
                                                                                                                                                                                                                                                        0x00be7105
                                                                                                                                                                                                                                                        0x00be7108
                                                                                                                                                                                                                                                        0x00be710d
                                                                                                                                                                                                                                                        0x00be7113
                                                                                                                                                                                                                                                        0x00be7116
                                                                                                                                                                                                                                                        0x00be711f
                                                                                                                                                                                                                                                        0x00be712f
                                                                                                                                                                                                                                                        0x00be7134
                                                                                                                                                                                                                                                        0x00be7139
                                                                                                                                                                                                                                                        0x00be713a
                                                                                                                                                                                                                                                        0x00be713b
                                                                                                                                                                                                                                                        0x00be713c
                                                                                                                                                                                                                                                        0x00be713d
                                                                                                                                                                                                                                                        0x00be713e
                                                                                                                                                                                                                                                        0x00be713f
                                                                                                                                                                                                                                                        0x00be7143
                                                                                                                                                                                                                                                        0x00be7149
                                                                                                                                                                                                                                                        0x00be7150
                                                                                                                                                                                                                                                        0x00be7156
                                                                                                                                                                                                                                                        0x00be715d
                                                                                                                                                                                                                                                        0x00be7164
                                                                                                                                                                                                                                                        0x00be716b
                                                                                                                                                                                                                                                        0x00be7172
                                                                                                                                                                                                                                                        0x00be7179
                                                                                                                                                                                                                                                        0x00be7180
                                                                                                                                                                                                                                                        0x00be7187
                                                                                                                                                                                                                                                        0x00be718e
                                                                                                                                                                                                                                                        0x00be7195
                                                                                                                                                                                                                                                        0x00be719c
                                                                                                                                                                                                                                                        0x00be71a3
                                                                                                                                                                                                                                                        0x00be71aa
                                                                                                                                                                                                                                                        0x00be71b1
                                                                                                                                                                                                                                                        0x00be71b8
                                                                                                                                                                                                                                                        0x00be71c3
                                                                                                                                                                                                                                                        0x00be71cd
                                                                                                                                                                                                                                                        0x00be7121
                                                                                                                                                                                                                                                        0x00be7122
                                                                                                                                                                                                                                                        0x00be7125
                                                                                                                                                                                                                                                        0x00be7128
                                                                                                                                                                                                                                                        0x00be712e
                                                                                                                                                                                                                                                        0x00be712e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • ??2@YAPAXI@Z.MOZGLUE(0000000C,?,00000000,00000000,?,00BE6BCA,00000400,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000), ref: 00BE70EF
                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(list<T> too long,00000400,?,?,00000000,?,00BE9870,?,00000004,00000400,00000000,?,?,?,00000004,g_shared_IPC_size), ref: 00BE7134
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ??2@Xlength_error@std@@
                                                                                                                                                                                                                                                        • String ID: list<T> too long
                                                                                                                                                                                                                                                        • API String ID: 373104503-4027344264
                                                                                                                                                                                                                                                        • Opcode ID: 7cee21695a9daaa36c8d7d9e389c30c4f75d6b66a411161637c19dd209291406
                                                                                                                                                                                                                                                        • Instruction ID: b74490a0b7ea5e8c3dc30e195f66e7268c78bf56f227585d8c930df94f610a35
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7cee21695a9daaa36c8d7d9e389c30c4f75d6b66a411161637c19dd209291406
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4AF090B1604204AFD70C9F1DD495A25BBEAEB89310B5181BEE50DCB751D7709C00CB91
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                                                                                                                        			E00BEB3D0(CHAR* _a4, _Unknown_base(*)()** _a8) {
                                                                                                                                                                                                                                                        				signed int _v12;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _v16;
                                                                                                                                                                                                                                                        				char _v20;
                                                                                                                                                                                                                                                        				signed int _t8;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t10;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t11;
                                                                                                                                                                                                                                                        				CHAR* _t14;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()* _t15;
                                                                                                                                                                                                                                                        				struct HINSTANCE__* _t18;
                                                                                                                                                                                                                                                        				void* _t21;
                                                                                                                                                                                                                                                        				_Unknown_base(*)()** _t23;
                                                                                                                                                                                                                                                        				signed int _t24;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t8 =  *0xbfa010; // 0x1b24c8d0
                                                                                                                                                                                                                                                        				_v12 = _t8 ^ _t24;
                                                                                                                                                                                                                                                        				_t10 =  *0xbfb6d8; // 0x0
                                                                                                                                                                                                                                                        				if(_t10 == 0) {
                                                                                                                                                                                                                                                        					_t11 = GetModuleHandleW(L"ntdll.dll");
                                                                                                                                                                                                                                                        					_v20 = 0xbf0f50;
                                                                                                                                                                                                                                                        					_v16 = _t11;
                                                                                                                                                                                                                                                        					if(E00BCAB00( &_v20) == 0) {
                                                                                                                                                                                                                                                        						asm("int3");
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					asm("lock cmpxchg [0xbfb6d8], esi");
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t18 =  *0xbfb6d8; // 0x0
                                                                                                                                                                                                                                                        				_t23 = _a8;
                                                                                                                                                                                                                                                        				_t14 = _a4;
                                                                                                                                                                                                                                                        				if(_t18 == 0) {
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t15 = GetProcAddress( *0xbfb6d8, _t14);
                                                                                                                                                                                                                                                        				 *_t23 = _t15;
                                                                                                                                                                                                                                                        				if(_t15 == 0) {
                                                                                                                                                                                                                                                        					asm("int3");
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return E00BEECB0(_t15, _v12 ^ _t24, _t21);
                                                                                                                                                                                                                                                        			}















                                                                                                                                                                                                                                                        0x00beb3d7
                                                                                                                                                                                                                                                        0x00beb3de
                                                                                                                                                                                                                                                        0x00beb3e1
                                                                                                                                                                                                                                                        0x00beb3e8
                                                                                                                                                                                                                                                        0x00beb424
                                                                                                                                                                                                                                                        0x00beb42d
                                                                                                                                                                                                                                                        0x00beb436
                                                                                                                                                                                                                                                        0x00beb440
                                                                                                                                                                                                                                                        0x00beb442
                                                                                                                                                                                                                                                        0x00beb442
                                                                                                                                                                                                                                                        0x00beb445
                                                                                                                                                                                                                                                        0x00beb445
                                                                                                                                                                                                                                                        0x00beb3ea
                                                                                                                                                                                                                                                        0x00beb3f0
                                                                                                                                                                                                                                                        0x00beb3f3
                                                                                                                                                                                                                                                        0x00beb3f8
                                                                                                                                                                                                                                                        0x00beb3fa
                                                                                                                                                                                                                                                        0x00beb3fa
                                                                                                                                                                                                                                                        0x00beb402
                                                                                                                                                                                                                                                        0x00beb40a
                                                                                                                                                                                                                                                        0x00beb40c
                                                                                                                                                                                                                                                        0x00beb40e
                                                                                                                                                                                                                                                        0x00beb40e
                                                                                                                                                                                                                                                        0x00beb41e

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?), ref: 00BEB402
                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(ntdll.dll,00BE3B27,NtQueryObject,00BFB690), ref: 00BEB424
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                        • String ID: ntdll.dll
                                                                                                                                                                                                                                                        • API String ID: 1646373207-2227199552
                                                                                                                                                                                                                                                        • Opcode ID: 5dbed903086869f8bcdcb7c0ac2eabb7eb93b9eea4708b95a80c3253dfb1327d
                                                                                                                                                                                                                                                        • Instruction ID: a6b23f14a9526e1d189f908dce8f3a19ba6f62b0c7eb4f92c289a725c01b5e99
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5dbed903086869f8bcdcb7c0ac2eabb7eb93b9eea4708b95a80c3253dfb1327d
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 71012874A00218AB8B14EF76EC59EBAB7F4EF08314B1048A9EA59D7351EF309944DB81
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                                                                                                                        			E00BBE000(intOrPtr* __ecx) {
                                                                                                                                                                                                                                                        				long _t8;
                                                                                                                                                                                                                                                        				signed short _t9;
                                                                                                                                                                                                                                                        				char* _t15;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t15 = __ecx;
                                                                                                                                                                                                                                                        				 *((intOrPtr*)(__ecx)) = 1;
                                                                                                                                                                                                                                                        				 *((char*)(__ecx + 0x10)) = 0;
                                                                                                                                                                                                                                                        				_t8 = GetModuleFileNameW(0, __ecx + 0x14, 0x209);
                                                                                                                                                                                                                                                        				if(_t8 == 0x209 || _t8 == 0) {
                                                                                                                                                                                                                                                        					_t9 = GetLastError();
                                                                                                                                                                                                                                                        					 *((char*)(_t15 + 0x10)) = 1;
                                                                                                                                                                                                                                                        					 *(_t15 + 4) = "/builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h";
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t15 + 8)) = 0x29;
                                                                                                                                                                                                                                                        					_t14 =  <=  ? _t9 : _t9 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        					 *((intOrPtr*)(_t15 + 0xc)) =  <=  ? _t9 : _t9 & 0x0000ffff | 0x80070000;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return _t15;
                                                                                                                                                                                                                                                        			}






                                                                                                                                                                                                                                                        0x00bbe004
                                                                                                                                                                                                                                                        0x00bbe009
                                                                                                                                                                                                                                                        0x00bbe00f
                                                                                                                                                                                                                                                        0x00bbe01b
                                                                                                                                                                                                                                                        0x00bbe026
                                                                                                                                                                                                                                                        0x00bbe031
                                                                                                                                                                                                                                                        0x00bbe03a
                                                                                                                                                                                                                                                        0x00bbe03e
                                                                                                                                                                                                                                                        0x00bbe045
                                                                                                                                                                                                                                                        0x00bbe054
                                                                                                                                                                                                                                                        0x00bbe057
                                                                                                                                                                                                                                                        0x00bbe057
                                                                                                                                                                                                                                                        0x00bbe030

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,?,00000209,00000000,?,00BB414F), ref: 00BBE01B
                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00BB414F), ref: 00BBE031
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h, xrefs: 00BBE03E
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: ErrorFileLastModuleName
                                                                                                                                                                                                                                                        • String ID: /builds/worker/checkouts/gecko/browser/app/winlauncher/SameBinary.h
                                                                                                                                                                                                                                                        • API String ID: 2776309574-603462826
                                                                                                                                                                                                                                                        • Opcode ID: 4f60984b91f5d261f2b79fa8ffe6016e28347934db2d6404eec417a323386bee
                                                                                                                                                                                                                                                        • Instruction ID: abbb228b255eefa9c4e042b2f35a3cd0619c43815b5c682713061ad0dda071be
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4f60984b91f5d261f2b79fa8ffe6016e28347934db2d6404eec417a323386bee
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ECF082701043009FE3145B25CC097B27AD8EF04359F6084AED96BCB6A2DBFAE44587A4
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                                                                                                                        			E00BB1920(long __eax, void* __ecx) {
                                                                                                                                                                                                                                                        				long _t1;
                                                                                                                                                                                                                                                        				void* _t6;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t1 = __eax;
                                                                                                                                                                                                                                                        				_t6 = __ecx;
                                                                                                                                                                                                                                                        				if( *0xbfa548 == 0) {
                                                                                                                                                                                                                                                        					_t1 = GetModuleFileNameW(0, "C:\Users\frontdesk\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app", 0x104);
                                                                                                                                                                                                                                                        					if(_t1 == 0) {
                                                                                                                                                                                                                                                        						L5:
                                                                                                                                                                                                                                                        						return 0x80004005;
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					 *0xbfa548 = 1;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				__imp__wcscpy_s(_t6, 0x104, "C:\Users\frontdesk\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app");
                                                                                                                                                                                                                                                        				if(_t1 != 0) {
                                                                                                                                                                                                                                                        					goto L5;
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				return 0;
                                                                                                                                                                                                                                                        			}





                                                                                                                                                                                                                                                        0x00bb1920
                                                                                                                                                                                                                                                        0x00bb192b
                                                                                                                                                                                                                                                        0x00bb192d
                                                                                                                                                                                                                                                        0x00bb195a
                                                                                                                                                                                                                                                        0x00bb1962
                                                                                                                                                                                                                                                        0x00bb196d
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb196d
                                                                                                                                                                                                                                                        0x00bb1964
                                                                                                                                                                                                                                                        0x00bb1964
                                                                                                                                                                                                                                                        0x00bb193a
                                                                                                                                                                                                                                                        0x00bb1949
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00000000
                                                                                                                                                                                                                                                        0x00bb194d

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                        • wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(?,00000104,C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app,?,00BB18E5), ref: 00BB193A
                                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app,00000104,?,?,00BB18E5), ref: 00BB195A
                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                        • C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app, xrefs: 00BB192F, 00BB1953
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: FileModuleNamewcscpy_s
                                                                                                                                                                                                                                                        • String ID: C:\Users\user\AppData\Local\Temp\tlyk2yvt.zzm\firefox-win32\app\flashplayer.app
                                                                                                                                                                                                                                                        • API String ID: 8892744-3752306306
                                                                                                                                                                                                                                                        • Opcode ID: 619d3c083da43f7ba096fa0c79b0a4e1c566a1588f85a13adc727e157b3733f7
                                                                                                                                                                                                                                                        • Instruction ID: 4f1894208f69789c424145971f153734fc7cb8932fda0801d64716c22f803d58
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 619d3c083da43f7ba096fa0c79b0a4e1c566a1588f85a13adc727e157b3733f7
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A6E0D8A138828563E714436C2C76FF536C94B10B16F5404E5FBCAEB1D1DDE0C4859296
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                                                                                                                        			E00BCCB00(intOrPtr* __ecx, intOrPtr _a4, void* _a8) {
                                                                                                                                                                                                                                                        				intOrPtr _v20;
                                                                                                                                                                                                                                                        				intOrPtr _v24;
                                                                                                                                                                                                                                                        				signed int _v28;
                                                                                                                                                                                                                                                        				intOrPtr* _v32;
                                                                                                                                                                                                                                                        				intOrPtr _v36;
                                                                                                                                                                                                                                                        				intOrPtr _v40;
                                                                                                                                                                                                                                                        				void* __edi;
                                                                                                                                                                                                                                                        				intOrPtr _t41;
                                                                                                                                                                                                                                                        				intOrPtr _t46;
                                                                                                                                                                                                                                                        				intOrPtr* _t65;
                                                                                                                                                                                                                                                        				intOrPtr _t66;
                                                                                                                                                                                                                                                        				void* _t67;
                                                                                                                                                                                                                                                        				void* _t68;
                                                                                                                                                                                                                                                        				void* _t70;
                                                                                                                                                                                                                                                        				intOrPtr _t78;
                                                                                                                                                                                                                                                        				void* _t81;
                                                                                                                                                                                                                                                        				void* _t94;
                                                                                                                                                                                                                                                        				intOrPtr _t99;
                                                                                                                                                                                                                                                        				void* _t101;
                                                                                                                                                                                                                                                        				void* _t102;
                                                                                                                                                                                                                                                        				void* _t103;
                                                                                                                                                                                                                                                        				signed int _t105;
                                                                                                                                                                                                                                                        				intOrPtr* _t107;
                                                                                                                                                                                                                                                        				void* _t108;
                                                                                                                                                                                                                                                        				intOrPtr _t109;
                                                                                                                                                                                                                                                        				void* _t110;
                                                                                                                                                                                                                                                        				void* _t111;
                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                        				_t65 = __ecx;
                                                                                                                                                                                                                                                        				_t41 =  *__ecx;
                                                                                                                                                                                                                                                        				_t105 = _a4 - _t41;
                                                                                                                                                                                                                                                        				_t99 = 1 + ( *((intOrPtr*)(__ecx + 4)) - _t41 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        				_v28 = (_t105 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        				_t45 = ( *((intOrPtr*)(__ecx + 8)) - _t41 >> 2) * 0xf0f0f0f1;
                                                                                                                                                                                                                                                        				_v40 = _t99;
                                                                                                                                                                                                                                                        				_t94 = (( *((intOrPtr*)(__ecx + 8)) - _t41 >> 2) * 0xf0f0f0f1 >> 1) + _t45;
                                                                                                                                                                                                                                                        				_t95 =  <  ? _t99 : _t94;
                                                                                                                                                                                                                                                        				_t96 =  >  ? _t99 :  <  ? _t99 : _t94;
                                                                                                                                                                                                                                                        				_t100 = _a8;
                                                                                                                                                                                                                                                        				_v36 =  >  ? _t99 :  <  ? _t99 : _t94;
                                                                                                                                                                                                                                                        				_t46 = E00BCCC60( >  ? _t99 :  <  ? _t99 : _t94);
                                                                                                                                                                                                                                                        				_v24 = _t46;
                                                                                                                                                                                                                                                        				memcpy(_t105 + _t46, _a8, 0x44);
                                                                                                                                                                                                                                                        				_t78 = _a4;
                                                                                                                                                                                                                                                        				_t111 = _t110 + 0xc;
                                                                                                                                                                                                                                                        				_v32 = _t65;
                                                                                                                                                                                                                                                        				_t66 =  *((intOrPtr*)(_t65 + 4));
                                                                                                                                                                                                                                                        				_v20 =  *_t65;
                                                                                                                                                                                                                                                        				if(_t66 == _t78) {
                                                                                                                                                                                                                                                        					if(_v20 != _t78) {
                                                                                                                                                                                                                                                        						_t81 = _t78 - _v20;
                                                                                                                                                                                                                                                        						_t101 = 0;
                                                                                                                                                                                                                                                        						asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							_t67 = _t81;
                                                                                                                                                                                                                                                        							memcpy(_v24 + _t101, _v20 + _t101, 0x44);
                                                                                                                                                                                                                                                        							_t81 = _t67;
                                                                                                                                                                                                                                                        							_t111 = _t111 + 0xc;
                                                                                                                                                                                                                                                        							_t101 = _t101 + 0x44;
                                                                                                                                                                                                                                                        						} while (_t67 != _t101);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				} else {
                                                                                                                                                                                                                                                        					if(_v20 != _t78) {
                                                                                                                                                                                                                                                        						_t109 = _v24;
                                                                                                                                                                                                                                                        						_t103 = 0;
                                                                                                                                                                                                                                                        						_t70 = _t78 - _v20;
                                                                                                                                                                                                                                                        						asm("o16 nop [eax+eax]");
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							memcpy(_t109 + _t103, _v20 + _t103, 0x44);
                                                                                                                                                                                                                                                        							_t111 = _t111 + 0xc;
                                                                                                                                                                                                                                                        							_t103 = _t103 + 0x44;
                                                                                                                                                                                                                                                        						} while (_t70 != _t103);
                                                                                                                                                                                                                                                        						_t78 = _a4;
                                                                                                                                                                                                                                                        						_t66 =  *((intOrPtr*)(_v32 + 4));
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        					_t68 = _t66 - _t78;
                                                                                                                                                                                                                                                        					if(_t68 != 0) {
                                                                                                                                                                                                                                                        						_t84 = _v28;
                                                                                                                                                                                                                                                        						_t102 = 0;
                                                                                                                                                                                                                                                        						_t108 = _v24 + (_v28 << 6) + _t84 * 4 + 0x44;
                                                                                                                                                                                                                                                        						do {
                                                                                                                                                                                                                                                        							memcpy(_t108 + _t102, _a4 + _t102, 0x44);
                                                                                                                                                                                                                                                        							_t111 = _t111 + 0xc;
                                                                                                                                                                                                                                                        							_t102 = _t102 + 0x44;
                                                                                                                                                                                                                                                        						} while (_t68 != _t102);
                                                                                                                                                                                                                                                        					}
                                                                                                                                                                                                                                                        				}
                                                                                                                                                                                                                                                        				_t107 = _v32;
                                                                                                                                                                                                                                                        				E00BCCCC0(_t107, _t100, _v24, _v40, _v36);
                                                                                                                                                                                                                                                        				return (_v28 << 6) + _v28 * 4 +  *_t107;
                                                                                                                                                                                                                                                        			}






























                                                                                                                                                                                                                                                        0x00bccb09
                                                                                                                                                                                                                                                        0x00bccb0b
                                                                                                                                                                                                                                                        0x00bccb16
                                                                                                                                                                                                                                                        0x00bccb38
                                                                                                                                                                                                                                                        0x00bccb39
                                                                                                                                                                                                                                                        0x00bccb3c
                                                                                                                                                                                                                                                        0x00bccb42
                                                                                                                                                                                                                                                        0x00bccb4b
                                                                                                                                                                                                                                                        0x00bccb4f
                                                                                                                                                                                                                                                        0x00bccb56
                                                                                                                                                                                                                                                        0x00bccb59
                                                                                                                                                                                                                                                        0x00bccb5c
                                                                                                                                                                                                                                                        0x00bccb60
                                                                                                                                                                                                                                                        0x00bccb65
                                                                                                                                                                                                                                                        0x00bccb6e
                                                                                                                                                                                                                                                        0x00bccb73
                                                                                                                                                                                                                                                        0x00bccb76
                                                                                                                                                                                                                                                        0x00bccb7b
                                                                                                                                                                                                                                                        0x00bccb7e
                                                                                                                                                                                                                                                        0x00bccb83
                                                                                                                                                                                                                                                        0x00bccb86
                                                                                                                                                                                                                                                        0x00bccc00
                                                                                                                                                                                                                                                        0x00bccc02
                                                                                                                                                                                                                                                        0x00bccc05
                                                                                                                                                                                                                                                        0x00bccc07
                                                                                                                                                                                                                                                        0x00bccc10
                                                                                                                                                                                                                                                        0x00bccc10
                                                                                                                                                                                                                                                        0x00bccc21
                                                                                                                                                                                                                                                        0x00bccc26
                                                                                                                                                                                                                                                        0x00bccc28
                                                                                                                                                                                                                                                        0x00bccc2b
                                                                                                                                                                                                                                                        0x00bccc2e
                                                                                                                                                                                                                                                        0x00bccc10
                                                                                                                                                                                                                                                        0x00bccb88
                                                                                                                                                                                                                                                        0x00bccb8b
                                                                                                                                                                                                                                                        0x00bccb8f
                                                                                                                                                                                                                                                        0x00bccb92
                                                                                                                                                                                                                                                        0x00bccb94
                                                                                                                                                                                                                                                        0x00bccb97
                                                                                                                                                                                                                                                        0x00bccba0
                                                                                                                                                                                                                                                        0x00bccbac
                                                                                                                                                                                                                                                        0x00bccbb1
                                                                                                                                                                                                                                                        0x00bccbb4
                                                                                                                                                                                                                                                        0x00bccbb7
                                                                                                                                                                                                                                                        0x00bccbbe
                                                                                                                                                                                                                                                        0x00bccbc1
                                                                                                                                                                                                                                                        0x00bccbc1
                                                                                                                                                                                                                                                        0x00bccbc4
                                                                                                                                                                                                                                                        0x00bccbc6
                                                                                                                                                                                                                                                        0x00bccbc8
                                                                                                                                                                                                                                                        0x00bccbce
                                                                                                                                                                                                                                                        0x00bccbd8
                                                                                                                                                                                                                                                        0x00bccbe0
                                                                                                                                                                                                                                                        0x00bccbec
                                                                                                                                                                                                                                                        0x00bccbf1
                                                                                                                                                                                                                                                        0x00bccbf4
                                                                                                                                                                                                                                                        0x00bccbf7
                                                                                                                                                                                                                                                        0x00bccbfb
                                                                                                                                                                                                                                                        0x00bccbc6
                                                                                                                                                                                                                                                        0x00bccc32
                                                                                                                                                                                                                                                        0x00bccc40
                                                                                                                                                                                                                                                        0x00bccc59

                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                          • Part of subcall function 00BCCC60: ??2@YAPAXI@Z.MOZGLUE(?,?,00BCF3C0,?,?,-00000010,?,00BCE1D4,00000000,00BCC606,00000000,?,?,?,00BE5D82,00BCC606), ref: 00BCCC8A
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000044,00000000,?,?,?), ref: 00BCCB6E
                                                                                                                                                                                                                                                        • memcpy.NTDLL(00000000,?,00000044,?,?,00000000,?,?,?), ref: 00BCCBAC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,00000000,00000044,?,?,00000000,?,?,?), ref: 00BCCBEC
                                                                                                                                                                                                                                                        • memcpy.NTDLL(?,?,00000044,?,?,00000000,?,?,?), ref: 00BCCC21
                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                        • Source File: 00000011.00000002.337064882.0000000000BB1000.00000020.00020000.sdmp, Offset: 00BB0000, based on PE: true
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337047505.0000000000BB0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337198276.0000000000BF0000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337229493.0000000000BFA000.00000004.00020000.sdmp Download File
                                                                                                                                                                                                                                                        • Associated: 00000011.00000002.337272085.0000000000BFF000.00000002.00020000.sdmp Download File
                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_bb0000_flashplayer.jbxd
                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                        • API ID: memcpy$??2@
                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                        • API String ID: 3700833809-0
                                                                                                                                                                                                                                                        • Opcode ID: 1e335bec47dc170356b994b58b059aef33008274643da625be5eeb6c8dce9745
                                                                                                                                                                                                                                                        • Instruction ID: 20a533614a531aec6c7d148d6e388dafe7a8b1233119e683a149ea0146f5d75a
                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1e335bec47dc170356b994b58b059aef33008274643da625be5eeb6c8dce9745
                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95417271B001099FCF14DFA8C895EBEBBB6EFD4350F19416DE909AB341D630AE45CA90
                                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                                        Uniqueness Score: -1.00%